summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2014-03-11 20:48:48 +0100
committerYves-Alexis Perez <corsac@debian.org>2014-03-11 20:48:48 +0100
commit15fb7904f4431a6e7c305fd08732458f7f885e7e (patch)
treec93b60ee813af70509f00f34e29ebec311762427 /src/libstrongswan
parent5313d2d78ca150515f7f5eb39801c100690b6b29 (diff)
downloadvyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.tar.gz
vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.zip
Imported Upstream version 5.1.2
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Android.mk8
-rw-r--r--src/libstrongswan/Makefile.am17
-rw-r--r--src/libstrongswan/Makefile.in73
-rw-r--r--src/libstrongswan/asn1/asn1.c80
-rw-r--r--src/libstrongswan/asn1/asn1.h7
-rw-r--r--src/libstrongswan/asn1/asn1_parser.c1
-rw-r--r--src/libstrongswan/asn1/oid.c650
-rw-r--r--src/libstrongswan/asn1/oid.h328
-rw-r--r--src/libstrongswan/asn1/oid.txt24
-rw-r--r--src/libstrongswan/collections/array.c151
-rw-r--r--src/libstrongswan/collections/array.h73
-rw-r--r--src/libstrongswan/credentials/credential_manager.c2
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c6
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c8
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.c9
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.h5
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c55
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.h13
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.c324
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.txt8
-rw-r--r--src/libstrongswan/fetcher/fetcher_manager.c2
-rw-r--r--src/libstrongswan/library.c49
-rw-r--r--src/libstrongswan/library.h16
-rw-r--r--src/libstrongswan/networking/host_resolver.c8
-rw-r--r--src/libstrongswan/networking/streams/stream.c17
-rw-r--r--src/libstrongswan/networking/streams/stream.h5
-rw-r--r--src/libstrongswan/networking/tun_device.c8
-rw-r--r--src/libstrongswan/networking/tun_device.h1
-rw-r--r--src/libstrongswan/plugins/aes/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/af_alg/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/agent/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/agent/agent_plugin.c8
-rw-r--r--src/libstrongswan/plugins/agent/agent_private_key.c1
-rw-r--r--src/libstrongswan/plugins/blowfish/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ccm/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/cmac/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/constraints/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ctr/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/curl/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/curl/curl_fetcher.c17
-rw-r--r--src/libstrongswan/plugins/des/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/dnskey/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/fips_prf/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gcm/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gcrypt/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c4
-rw-r--r--src/libstrongswan/plugins/gmp/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/hmac/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/keychain/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ldap/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/md4/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/md5/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/mysql/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/nonce/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/ntru/Makefile.am33
-rw-r--r--src/libstrongswan/plugins/ntru/Makefile.in812
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h235
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c581
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h183
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c1034
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c360
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h167
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c384
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h101
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c242
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h96
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_drbg.c279
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_drbg.h77
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_ke.c396
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_ke.h50
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_mgf1.c182
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_mgf1.h77
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_plugin.c83
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_plugin.h42
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_poly.c416
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_poly.h99
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_trits.c133
-rw-r--r--src/libstrongswan/plugins/ntru/ntru_trits.h61
-rw-r--r--src/libstrongswan/plugins/openssl/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crl.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c7
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_plugin.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_x509.c2
-rw-r--r--src/libstrongswan/plugins/padlock/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pem/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pem/pem_builder.c35
-rw-r--r--src/libstrongswan/plugins/pgp/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs1/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs11/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_dh.c2
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_manager.c8
-rw-r--r--src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c18
-rw-r--r--src/libstrongswan/plugins/pkcs12/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs7/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/pkcs8/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/plugin_loader.c158
-rw-r--r--src/libstrongswan/plugins/plugin_loader.h18
-rw-r--r--src/libstrongswan/plugins/pubkey/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/random/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.c17
-rw-r--r--src/libstrongswan/plugins/random/random_plugin.h5
-rw-r--r--src/libstrongswan/plugins/random/random_rng.c4
-rw-r--r--src/libstrongswan/plugins/rc2/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/rdrand/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/rdrand/rdrand_plugin.c16
-rw-r--r--src/libstrongswan/plugins/revocation/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sha1/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sha2/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/soup/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sqlite/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sshkey/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/sshkey/sshkey_builder.c1
-rw-r--r--src/libstrongswan/plugins/test_vectors/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/unbound/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/unbound/unbound_resolver.c12
-rw-r--r--src/libstrongswan/plugins/x509/Makefile.in12
-rw-r--r--src/libstrongswan/plugins/x509/x509_cert.c6
-rw-r--r--src/libstrongswan/plugins/x509/x509_crl.c2
-rw-r--r--src/libstrongswan/plugins/xcbc/Makefile.in12
-rw-r--r--src/libstrongswan/processing/processor.c2
-rw-r--r--src/libstrongswan/processing/watcher.c2
-rw-r--r--src/libstrongswan/tests/Makefile.am67
-rw-r--r--src/libstrongswan/tests/Makefile.in1302
-rw-r--r--src/libstrongswan/tests/suites/test_array.c (renamed from src/libstrongswan/tests/test_array.c)176
-rw-r--r--src/libstrongswan/tests/suites/test_asn1.c869
-rw-r--r--src/libstrongswan/tests/suites/test_asn1_parser.c291
-rw-r--r--src/libstrongswan/tests/suites/test_bio_reader.c (renamed from src/libstrongswan/tests/test_bio_reader.c)2
-rw-r--r--src/libstrongswan/tests/suites/test_bio_writer.c (renamed from src/libstrongswan/tests/test_bio_writer.c)4
-rw-r--r--src/libstrongswan/tests/suites/test_chunk.c (renamed from src/libstrongswan/tests/test_chunk.c)157
-rw-r--r--src/libstrongswan/tests/suites/test_crypter.c107
-rw-r--r--src/libstrongswan/tests/suites/test_ecdsa.c (renamed from src/libstrongswan/tests/test_ecdsa.c)8
-rw-r--r--src/libstrongswan/tests/suites/test_enum.c (renamed from src/libstrongswan/tests/test_enum.c)0
-rw-r--r--src/libstrongswan/tests/suites/test_enumerator.c (renamed from src/libstrongswan/tests/test_enumerator.c)0
-rw-r--r--src/libstrongswan/tests/suites/test_fetch_http.c273
-rw-r--r--src/libstrongswan/tests/suites/test_hasher.c189
-rw-r--r--src/libstrongswan/tests/suites/test_hashtable.c (renamed from src/libstrongswan/tests/test_hashtable.c)0
-rw-r--r--src/libstrongswan/tests/suites/test_host.c (renamed from src/libstrongswan/tests/test_host.c)0
-rw-r--r--src/libstrongswan/tests/suites/test_identification.c (renamed from src/libstrongswan/tests/test_identification.c)2
-rw-r--r--src/libstrongswan/tests/suites/test_linked_list.c (renamed from src/libstrongswan/tests/test_linked_list.c)28
-rw-r--r--src/libstrongswan/tests/suites/test_linked_list_enumerator.c (renamed from src/libstrongswan/tests/test_linked_list_enumerator.c)0
-rw-r--r--src/libstrongswan/tests/suites/test_ntru.c1042
-rw-r--r--src/libstrongswan/tests/suites/test_pen.c87
-rw-r--r--src/libstrongswan/tests/suites/test_printf.c (renamed from src/libstrongswan/tests/test_printf.c)57
-rw-r--r--src/libstrongswan/tests/suites/test_rsa.c (renamed from src/libstrongswan/tests/test_rsa.c)10
-rw-r--r--src/libstrongswan/tests/suites/test_settings.c920
-rw-r--r--src/libstrongswan/tests/suites/test_stream.c267
-rw-r--r--src/libstrongswan/tests/suites/test_test_rng.c56
-rw-r--r--src/libstrongswan/tests/suites/test_threading.c1466
-rw-r--r--src/libstrongswan/tests/suites/test_utils.c (renamed from src/libstrongswan/tests/test_utils.c)187
-rw-r--r--src/libstrongswan/tests/suites/test_vectors.c (renamed from src/libstrongswan/tests/test_vectors.c)3
-rw-r--r--src/libstrongswan/tests/suites/test_watcher.c214
-rw-r--r--src/libstrongswan/tests/test_runner.c500
-rw-r--r--src/libstrongswan/tests/test_runner.h84
-rw-r--r--src/libstrongswan/tests/test_suite.c277
-rw-r--r--src/libstrongswan/tests/test_suite.h350
-rw-r--r--src/libstrongswan/tests/test_threading.c110
-rw-r--r--src/libstrongswan/tests/tests.c56
-rw-r--r--src/libstrongswan/tests/tests.h43
-rw-r--r--src/libstrongswan/tests/utils/test_rng.c86
-rw-r--r--src/libstrongswan/tests/utils/test_rng.h36
-rw-r--r--src/libstrongswan/threading/thread.h9
-rw-r--r--src/libstrongswan/utils/backtrace.c4
-rw-r--r--src/libstrongswan/utils/backtrace.h4
-rw-r--r--src/libstrongswan/utils/capabilities.h3
-rw-r--r--src/libstrongswan/utils/chunk.c193
-rw-r--r--src/libstrongswan/utils/chunk.h44
-rw-r--r--src/libstrongswan/utils/identification.c7
-rw-r--r--src/libstrongswan/utils/integrity_checker.c37
-rw-r--r--src/libstrongswan/utils/leak_detective.c112
-rw-r--r--src/libstrongswan/utils/leak_detective.h52
-rw-r--r--src/libstrongswan/utils/printf_hook/printf_hook_builtin.c16
-rw-r--r--src/libstrongswan/utils/printf_hook/printf_hook_glibc.c2
-rw-r--r--src/libstrongswan/utils/settings.c486
-rw-r--r--src/libstrongswan/utils/settings.h25
-rw-r--r--src/libstrongswan/utils/test.c50
-rw-r--r--src/libstrongswan/utils/test.h96
-rw-r--r--src/libstrongswan/utils/utils.c220
-rw-r--r--src/libstrongswan/utils/utils.h70
-rw-r--r--src/libstrongswan/utils/utils/strerror.c97
-rw-r--r--src/libstrongswan/utils/utils/strerror.h40
181 files changed, 17706 insertions, 2149 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk
index 1a13fdd71..440913071 100644
--- a/src/libstrongswan/Android.mk
+++ b/src/libstrongswan/Android.mk
@@ -36,7 +36,8 @@ selectors/traffic_selector.c threading/thread.c threading/thread_value.c \
threading/mutex.c threading/semaphore.c threading/rwlock.c threading/spinlock.c \
utils/utils.c utils/chunk.c utils/debug.c utils/enum.c utils/identification.c \
utils/lexparser.c utils/optionsfrom.c utils/capabilities.c utils/backtrace.c \
-utils/printf_hook/printf_hook_vstr.c utils/settings.c
+utils/printf_hook/printf_hook_builtin.c utils/settings.c utils/test.c \
+utils/utils/strerror.c
# adding the plugin source files
@@ -96,9 +97,6 @@ LOCAL_SRC_FILES += $(call add_plugin, xcbc)
# build libstrongswan ----------------------------------------------------------
-LOCAL_C_INCLUDES += \
- $(libvstr_PATH)
-
LOCAL_CFLAGS := $(strongswan_CFLAGS) \
-include $(LOCAL_PATH)/AndroidConfigLocal.h
@@ -110,6 +108,6 @@ LOCAL_ARM_MODE := arm
LOCAL_PRELINK_MODULE := false
-LOCAL_SHARED_LIBRARIES += libdl libvstr
+LOCAL_SHARED_LIBRARIES += libdl
include $(BUILD_SHARED_LIBRARY)
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 3804adb03..b3a4eda99 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -34,7 +34,8 @@ selectors/traffic_selector.c threading/thread.c threading/thread_value.c \
threading/mutex.c threading/semaphore.c threading/rwlock.c threading/spinlock.c \
utils/utils.c utils/chunk.c utils/debug.c utils/enum.c utils/identification.c \
utils/lexparser.c utils/optionsfrom.c utils/capabilities.c utils/backtrace.c \
-utils/settings.c
+utils/settings.c utils/test.c \
+utils/utils/strerror.c
if USE_DEV_HEADERS
strongswan_includedir = ${dev_headers}
@@ -82,7 +83,8 @@ utils/utils.h utils/chunk.h utils/debug.h utils/enum.h utils/identification.h \
utils/lexparser.h utils/optionsfrom.h utils/capabilities.h utils/backtrace.h \
utils/leak_detective.h utils/printf_hook/printf_hook.h \
utils/printf_hook/printf_hook_vstr.h utils/printf_hook/printf_hook_builtin.h \
-utils/settings.h utils/integrity_checker.h
+utils/settings.h utils/test.h utils/integrity_checker.h \
+utils/utils/strerror.h
endif
library.lo : $(top_builddir)/config.status
@@ -481,6 +483,13 @@ if MONOLITHIC
endif
endif
+if USE_NTRU
+ SUBDIRS += plugins/ntru
+if MONOLITHIC
+ libstrongswan_la_LIBADD += plugins/ntru/libstrongswan-ntru.la
+endif
+endif
+
if USE_TEST_VECTORS
SUBDIRS += plugins/test_vectors
if MONOLITHIC
@@ -488,9 +497,7 @@ if MONOLITHIC
endif
endif
-if UNITTESTS
if MONOLITHIC
SUBDIRS += .
endif
- SUBDIRS += tests
-endif
+SUBDIRS += tests
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
index c9718e659..64396b51f 100644
--- a/src/libstrongswan/Makefile.in
+++ b/src/libstrongswan/Makefile.in
@@ -178,10 +178,10 @@ host_triplet = @host@
@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_97 = plugins/ccm/libstrongswan-ccm.la
@USE_GCM_TRUE@am__append_98 = plugins/gcm
@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_99 = plugins/gcm/libstrongswan-gcm.la
-@USE_TEST_VECTORS_TRUE@am__append_100 = plugins/test_vectors
-@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_101 = plugins/test_vectors/libstrongswan-test-vectors.la
-@MONOLITHIC_TRUE@@UNITTESTS_TRUE@am__append_102 = .
-@UNITTESTS_TRUE@am__append_103 = tests
+@USE_NTRU_TRUE@am__append_100 = plugins/ntru
+@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_101 = plugins/ntru/libstrongswan-ntru.la
+@USE_TEST_VECTORS_TRUE@am__append_102 = plugins/test_vectors
+@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_103 = plugins/test_vectors/libstrongswan-test-vectors.la
subdir = src/libstrongswan
DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
$(top_srcdir)/depcomp \
@@ -254,7 +254,7 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
$(am__append_83) $(am__append_85) $(am__append_87) \
$(am__append_89) $(am__append_91) $(am__append_93) \
$(am__append_95) $(am__append_97) $(am__append_99) \
- $(am__append_101)
+ $(am__append_101) $(am__append_103)
am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \
bio/bio_writer.c collections/blocking_queue.c \
@@ -300,8 +300,8 @@ am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \
utils/utils.c utils/chunk.c utils/debug.c utils/enum.c \
utils/identification.c utils/lexparser.c utils/optionsfrom.c \
utils/capabilities.c utils/backtrace.c utils/settings.c \
- utils/leak_detective.c utils/integrity_checker.c \
- utils/printf_hook/printf_hook_vstr.c \
+ utils/test.c utils/utils/strerror.c utils/leak_detective.c \
+ utils/integrity_checker.c utils/printf_hook/printf_hook_vstr.c \
utils/printf_hook/printf_hook_builtin.c \
utils/printf_hook/printf_hook_glibc.c
am__dirstamp = $(am__leading_dot)dirstamp
@@ -355,9 +355,9 @@ am_libstrongswan_la_OBJECTS = library.lo asn1/asn1.lo \
threading/spinlock.lo utils/utils.lo utils/chunk.lo \
utils/debug.lo utils/enum.lo utils/identification.lo \
utils/lexparser.lo utils/optionsfrom.lo utils/capabilities.lo \
- utils/backtrace.lo utils/settings.lo $(am__objects_1) \
- $(am__objects_2) $(am__objects_3) $(am__objects_4) \
- $(am__objects_5)
+ utils/backtrace.lo utils/settings.lo utils/test.lo \
+ utils/utils/strerror.lo $(am__objects_1) $(am__objects_2) \
+ $(am__objects_3) $(am__objects_4) $(am__objects_5)
libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
@@ -468,7 +468,7 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \
utils/printf_hook/printf_hook.h \
utils/printf_hook/printf_hook_vstr.h \
utils/printf_hook/printf_hook_builtin.h utils/settings.h \
- utils/integrity_checker.h
+ utils/test.h utils/integrity_checker.h utils/utils/strerror.h
HEADERS = $(nobase_strongswan_include_HEADERS)
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
@@ -508,7 +508,8 @@ DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \
plugins/soup plugins/ldap plugins/mysql plugins/sqlite \
plugins/padlock plugins/openssl plugins/gcrypt \
plugins/fips_prf plugins/agent plugins/keychain plugins/pkcs11 \
- plugins/ctr plugins/ccm plugins/gcm plugins/test_vectors tests
+ plugins/ctr plugins/ccm plugins/gcm plugins/ntru \
+ plugins/test_vectors tests
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
am__relativize = \
dir0=`pwd`; \
@@ -549,8 +550,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -618,6 +617,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -706,12 +710,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -726,6 +734,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
@@ -781,8 +790,9 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \
utils/utils.c utils/chunk.c utils/debug.c utils/enum.c \
utils/identification.c utils/lexparser.c utils/optionsfrom.c \
utils/capabilities.c utils/backtrace.c utils/settings.c \
- $(am__append_2) $(am__append_5) $(am__append_6) \
- $(am__append_8) $(am__append_10)
+ utils/test.c utils/utils/strerror.c $(am__append_2) \
+ $(am__append_5) $(am__append_6) $(am__append_8) \
+ $(am__append_10)
@USE_DEV_HEADERS_TRUE@strongswan_includedir = ${dev_headers}
@USE_DEV_HEADERS_TRUE@nobase_strongswan_include_HEADERS = \
@USE_DEV_HEADERS_TRUE@library.h \
@@ -828,7 +838,8 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \
@USE_DEV_HEADERS_TRUE@utils/lexparser.h utils/optionsfrom.h utils/capabilities.h utils/backtrace.h \
@USE_DEV_HEADERS_TRUE@utils/leak_detective.h utils/printf_hook/printf_hook.h \
@USE_DEV_HEADERS_TRUE@utils/printf_hook/printf_hook_vstr.h utils/printf_hook/printf_hook_builtin.h \
-@USE_DEV_HEADERS_TRUE@utils/settings.h utils/integrity_checker.h
+@USE_DEV_HEADERS_TRUE@utils/settings.h utils/test.h utils/integrity_checker.h \
+@USE_DEV_HEADERS_TRUE@utils/utils/strerror.h
libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
$(RTLIB) $(BFDLIB) $(UNWINDLIB) $(am__append_7) \
@@ -847,7 +858,7 @@ libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \
$(am__append_81) $(am__append_83) $(am__append_85) \
$(am__append_87) $(am__append_89) $(am__append_91) \
$(am__append_93) $(am__append_95) $(am__append_97) \
- $(am__append_99) $(am__append_101)
+ $(am__append_99) $(am__append_101) $(am__append_103)
AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \
-DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_LIB_DIR=\"${ipseclibdir}\" \
-DPLUGINDIR=\"${plugindir}\" \
@@ -894,8 +905,7 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
@MONOLITHIC_FALSE@ $(am__append_88) $(am__append_90) \
@MONOLITHIC_FALSE@ $(am__append_92) $(am__append_94) \
@MONOLITHIC_FALSE@ $(am__append_96) $(am__append_98) \
-@MONOLITHIC_FALSE@ $(am__append_100) $(am__append_102) \
-@MONOLITHIC_FALSE@ $(am__append_103)
+@MONOLITHIC_FALSE@ $(am__append_100) $(am__append_102) tests
# build plugins with their own Makefile
#######################################
@@ -921,8 +931,7 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c
@MONOLITHIC_TRUE@ $(am__append_88) $(am__append_90) \
@MONOLITHIC_TRUE@ $(am__append_92) $(am__append_94) \
@MONOLITHIC_TRUE@ $(am__append_96) $(am__append_98) \
-@MONOLITHIC_TRUE@ $(am__append_100) $(am__append_102) \
-@MONOLITHIC_TRUE@ $(am__append_103)
+@MONOLITHIC_TRUE@ $(am__append_100) $(am__append_102) . tests
all: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) all-recursive
@@ -1354,6 +1363,15 @@ utils/backtrace.lo: utils/$(am__dirstamp) \
utils/$(DEPDIR)/$(am__dirstamp)
utils/settings.lo: utils/$(am__dirstamp) \
utils/$(DEPDIR)/$(am__dirstamp)
+utils/test.lo: utils/$(am__dirstamp) utils/$(DEPDIR)/$(am__dirstamp)
+utils/utils/$(am__dirstamp):
+ @$(MKDIR_P) utils/utils
+ @: > utils/utils/$(am__dirstamp)
+utils/utils/$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) utils/utils/$(DEPDIR)
+ @: > utils/utils/$(DEPDIR)/$(am__dirstamp)
+utils/utils/strerror.lo: utils/utils/$(am__dirstamp) \
+ utils/utils/$(DEPDIR)/$(am__dirstamp)
utils/leak_detective.lo: utils/$(am__dirstamp) \
utils/$(DEPDIR)/$(am__dirstamp)
utils/integrity_checker.lo: utils/$(am__dirstamp) \
@@ -1443,6 +1461,8 @@ mostlyclean-compile:
-rm -f utils/*.lo
-rm -f utils/printf_hook/*.$(OBJEXT)
-rm -f utils/printf_hook/*.lo
+ -rm -f utils/utils/*.$(OBJEXT)
+ -rm -f utils/utils/*.lo
distclean-compile:
-rm -f *.tab.c
@@ -1536,10 +1556,12 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/lexparser.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/optionsfrom.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/settings.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/test.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/utils.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/printf_hook/$(DEPDIR)/printf_hook_builtin.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/printf_hook/$(DEPDIR)/printf_hook_glibc.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@utils/printf_hook/$(DEPDIR)/printf_hook_vstr.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/utils/$(DEPDIR)/strerror.Plo@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -1602,6 +1624,7 @@ clean-libtool:
-rm -rf threading/.libs threading/_libs
-rm -rf utils/.libs utils/_libs
-rm -rf utils/printf_hook/.libs utils/printf_hook/_libs
+ -rm -rf utils/utils/.libs utils/utils/_libs
install-nobase_strongswan_includeHEADERS: $(nobase_strongswan_include_HEADERS)
@$(NORMAL_INSTALL)
@list='$(nobase_strongswan_include_HEADERS)'; test -n "$(strongswan_includedir)" || list=; \
@@ -1881,6 +1904,8 @@ distclean-generic:
-rm -f utils/$(am__dirstamp)
-rm -f utils/printf_hook/$(DEPDIR)/$(am__dirstamp)
-rm -f utils/printf_hook/$(am__dirstamp)
+ -rm -f utils/utils/$(DEPDIR)/$(am__dirstamp)
+ -rm -f utils/utils/$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@@ -1893,7 +1918,7 @@ clean-am: clean-generic clean-ipseclibLTLIBRARIES clean-libtool \
mostlyclean-am
distclean: distclean-recursive
- -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR)
+ -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -1940,7 +1965,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-recursive
- -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR)
+ -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index d860ad9a2..38a6ad688 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -88,7 +88,7 @@ int asn1_known_oid(chunk_t object)
}
}
}
- return -1;
+ return OID_UNKNOWN;
}
/*
@@ -129,7 +129,8 @@ chunk_t asn1_build_known_oid(int n)
chunk_t asn1_oid_from_string(char *str)
{
enumerator_t *enumerator;
- u_char buf[64];
+ size_t buf_len = 64;
+ u_char buf[buf_len];
char *end;
int i = 0, pos = 0, shift;
u_int val, shifted_val, first = 0;
@@ -138,7 +139,7 @@ chunk_t asn1_oid_from_string(char *str)
while (enumerator->enumerate(enumerator, &str))
{
val = strtoul(str, &end, 10);
- if (end == str || pos > countof(buf))
+ if (end == str || pos > buf_len-4)
{
pos = 0;
break;
@@ -175,8 +176,9 @@ chunk_t asn1_oid_from_string(char *str)
*/
char *asn1_oid_to_string(chunk_t oid)
{
- char buf[64], *pos = buf;
- int len;
+ size_t len = 64;
+ char buf[len], *pos = buf;
+ int written;
u_int val;
if (!oid.len)
@@ -184,13 +186,14 @@ char *asn1_oid_to_string(chunk_t oid)
return NULL;
}
val = oid.ptr[0] / 40;
- len = snprintf(buf, sizeof(buf), "%u.%u", val, oid.ptr[0] - val * 40);
+ written = snprintf(buf, len, "%u.%u", val, oid.ptr[0] - val * 40);
oid = chunk_skip(oid, 1);
- if (len < 0 || len >= sizeof(buf))
+ if (written < 0 || written >= len)
{
return NULL;
}
- pos += len;
+ pos += written;
+ len -= written;
val = 0;
while (oid.len)
@@ -199,12 +202,13 @@ char *asn1_oid_to_string(chunk_t oid)
if (oid.ptr[0] < 128)
{
- len = snprintf(pos, sizeof(buf) + buf - pos, ".%u", val);
- if (len < 0 || len >= sizeof(buf) + buf - pos)
+ written = snprintf(pos, len, ".%u", val);
+ if (written < 0 || written >= len)
{
return NULL;
}
- pos += len;
+ pos += written;
+ len -= written;
val = 0;
}
oid = chunk_skip(oid, 1);
@@ -296,7 +300,7 @@ int asn1_unwrap(chunk_t *blob, chunk_t *inner)
else
{ /* composite length, determine number of length octets */
len &= 0x7f;
- if (len == 0 || len > sizeof(res.len))
+ if (len == 0 || len > blob->len || len > sizeof(res.len))
{
return ASN1_INVALID;
}
@@ -389,8 +393,8 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type)
tm_year += (tm_year < 50) ? 2000 : 1900;
}
- /* prevent large 32 bit integer overflows */
- if (sizeof(time_t) == 4 && tm_year > 2038)
+ /* prevent obvious 32 bit integer overflows */
+ if (sizeof(time_t) == 4 && (tm_year > 2038 || tm_year < 1901))
{
return TIME_32_BIT_SIGNED_MAX;
}
@@ -398,13 +402,24 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type)
/* representation of months as 0..11*/
if (tm_mon < 1 || tm_mon > 12)
{
- return 0; /* error in month format */
+ return 0;
}
tm_mon--;
/* representation of days as 0..30 */
+ if (tm_day < 1 || tm_day > 31)
+ { /* we don't actually validate the day in relation to tm_year/tm_mon */
+ return 0;
+ }
tm_day--;
+ if (tm_hour < 0 || tm_hour > 23 ||
+ tm_min < 0 || tm_min > 59 ||
+ tm_sec < 0 || tm_sec > 60 /* allow leap seconds */)
+ {
+ return 0;
+ }
+
/* number of leap years between last year and 1970? */
tm_leap_4 = (tm_year - 1) / 4;
tm_leap_100 = tm_leap_4 / 25;
@@ -420,8 +435,20 @@ time_t asn1_to_time(const chunk_t *utctime, asn1_t type)
tm_days = 365 * (tm_year - 1970) + days[tm_mon] + tm_day + tm_leap;
tm_secs = 60 * (60 * (24 * tm_days + tm_hour) + tm_min) + tm_sec - tz_offset;
- /* has a 32 bit signed integer overflow occurred? */
- return (tm_secs < 0) ? TIME_32_BIT_SIGNED_MAX : tm_secs;
+ if (sizeof(time_t) == 4)
+ { /* has a 32 bit signed integer overflow occurred? */
+ if (tm_year > 1970 && tm_secs < 0)
+ { /* depending on the time zone, the first days in 1970 may result in
+ * a negative value, but dates after 1970 never will */
+ return TIME_32_BIT_SIGNED_MAX;
+ }
+ if (tm_year < 1969 && tm_secs > 0)
+ { /* similarly, tm_secs is not positive for dates before 1970, except
+ * for the last days in 1969, depending on the time zone */
+ return TIME_32_BIT_SIGNED_MAX;
+ }
+ }
+ return tm_secs;
}
/**
@@ -537,7 +564,7 @@ bool asn1_parse_simple_object(chunk_t *object, asn1_t type, u_int level, const c
len = asn1_length(object);
- if (len == ASN1_INVALID_LENGTH || object->len < len)
+ if (len == ASN1_INVALID_LENGTH)
{
DBG2(DBG_ASN, "L%d - %s: length of ASN.1 object invalid or too large",
level, name);
@@ -675,7 +702,9 @@ bool asn1_is_printablestring(chunk_t str)
for (i = 0; i < str.len; i++)
{
if (strchr(printablestring_charset, str.ptr[i]) == NULL)
+ {
return FALSE;
+ }
}
return TRUE;
}
@@ -781,10 +810,17 @@ chunk_t asn1_integer(const char *mode, chunk_t content)
chunk_t object;
size_t len;
u_char *pos;
+ bool move;
+
if (content.len == 0)
{ /* make sure 0 is encoded properly */
content = chunk_from_chars(0x00);
+ move = FALSE;
+ }
+ else
+ {
+ move = (*mode == 'm');
}
/* ASN.1 integers must be positive numbers in two's complement */
@@ -794,11 +830,9 @@ chunk_t asn1_integer(const char *mode, chunk_t content)
{
*pos++ = 0x00;
}
- if (len)
- {
- memcpy(pos, content.ptr, content.len);
- }
- if (*mode == 'm')
+ memcpy(pos, content.ptr, content.len);
+
+ if (move)
{
free(content.ptr);
}
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index a1d625380..7a48292af 100644
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -191,6 +191,13 @@ void asn1_debug_simple_object(chunk_t object, asn1_t type, bool private);
/**
* Converts an ASN.1 UTCTIME or GENERALIZEDTIME string to time_t
*
+ * On systems where sizeof(time_t) == 4 there will be an overflow
+ * for dates
+ * > Tue, 19 Jan 2038 03:14:07 UTC (0x7fffffff)
+ * and
+ * < Fri, 13 Dec 1901 20:45:52 UTC (0x80000000)
+ * in both cases TIME_32_BIT_SIGNED_MAX is returned.
+ *
* @param utctime body of an ASN.1 coded time object
* @param type ASN1_UTCTIME or ASN1_GENERALIZEDTIME
* @return time_t in UTC
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index c31fb75f0..e7b7a428d 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -160,6 +160,7 @@ METHOD(asn1_parser_t, iterate, bool,
DBG1(DBG_ASN, "L%d - %s: length of ASN.1 object invalid or too large",
level, obj.name);
this->success = FALSE;
+ goto end;
}
blob1->ptr = blob->ptr;
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
index a0e882b2c..6fa8f4e54 100644
--- a/src/libstrongswan/asn1/oid.c
+++ b/src/libstrongswan/asn1/oid.c
@@ -75,7 +75,7 @@ const oid_t oid_names[] = {
{ 0x36, 63, 0, 2, "inhibitAnyPolicy" }, /* 62 */
{ 0x37, 64, 0, 2, "targetInformation" }, /* 63 */
{ 0x38, 0, 0, 2, "noRevAvail" }, /* 64 */
- {0x2A, 188, 1, 0, "" }, /* 65 */
+ {0x2A, 189, 1, 0, "" }, /* 65 */
{ 0x83, 78, 1, 1, "" }, /* 66 */
{ 0x08, 0, 1, 2, "jp" }, /* 67 */
{ 0x8C, 0, 1, 3, "" }, /* 68 */
@@ -90,7 +90,7 @@ const oid_t oid_names[] = {
{ 0x04, 0, 0, 10, "camellia256-cbc" }, /* 77 */
{ 0x86, 0, 1, 1, "" }, /* 78 */
{ 0x48, 0, 1, 2, "us" }, /* 79 */
- { 0x86, 147, 1, 3, "" }, /* 80 */
+ { 0x86, 148, 1, 3, "" }, /* 80 */
{ 0xF6, 86, 1, 4, "" }, /* 81 */
{ 0x7D, 0, 1, 5, "NortelNetworks" }, /* 82 */
{ 0x07, 0, 1, 6, "Entrust" }, /* 83 */
@@ -98,320 +98,344 @@ const oid_t oid_names[] = {
{ 0x00, 0, 0, 8, "entrustVersInfo" }, /* 85 */
{ 0xF7, 0, 1, 4, "" }, /* 86 */
{ 0x0D, 0, 1, 5, "RSADSI" }, /* 87 */
- { 0x01, 142, 1, 6, "PKCS" }, /* 88 */
- { 0x01, 100, 1, 7, "PKCS-1" }, /* 89 */
+ { 0x01, 143, 1, 6, "PKCS" }, /* 88 */
+ { 0x01, 101, 1, 7, "PKCS-1" }, /* 89 */
{ 0x01, 91, 0, 8, "rsaEncryption" }, /* 90 */
{ 0x02, 92, 0, 8, "md2WithRSAEncryption" }, /* 91 */
{ 0x04, 93, 0, 8, "md5WithRSAEncryption" }, /* 92 */
{ 0x05, 94, 0, 8, "sha-1WithRSAEncryption" }, /* 93 */
{ 0x07, 95, 0, 8, "id-RSAES-OAEP" }, /* 94 */
- { 0x09, 96, 0, 8, "id-pSpecified" }, /* 95 */
- { 0x0B, 97, 0, 8, "sha256WithRSAEncryption" }, /* 96 */
- { 0x0C, 98, 0, 8, "sha384WithRSAEncryption" }, /* 97 */
- { 0x0D, 99, 0, 8, "sha512WithRSAEncryption" }, /* 98 */
- { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 99 */
- { 0x05, 105, 1, 7, "PKCS-5" }, /* 100 */
- { 0x03, 102, 0, 8, "pbeWithMD5AndDES-CBC" }, /* 101 */
- { 0x0A, 103, 0, 8, "pbeWithSHA1AndDES-CBC" }, /* 102 */
- { 0x0C, 104, 0, 8, "id-PBKDF2" }, /* 103 */
- { 0x0D, 0, 0, 8, "id-PBES2" }, /* 104 */
- { 0x07, 112, 1, 7, "PKCS-7" }, /* 105 */
- { 0x01, 107, 0, 8, "data" }, /* 106 */
- { 0x02, 108, 0, 8, "signedData" }, /* 107 */
- { 0x03, 109, 0, 8, "envelopedData" }, /* 108 */
- { 0x04, 110, 0, 8, "signedAndEnvelopedData" }, /* 109 */
- { 0x05, 111, 0, 8, "digestedData" }, /* 110 */
- { 0x06, 0, 0, 8, "encryptedData" }, /* 111 */
- { 0x09, 126, 1, 7, "PKCS-9" }, /* 112 */
- { 0x01, 114, 0, 8, "E" }, /* 113 */
- { 0x02, 115, 0, 8, "unstructuredName" }, /* 114 */
- { 0x03, 116, 0, 8, "contentType" }, /* 115 */
- { 0x04, 117, 0, 8, "messageDigest" }, /* 116 */
- { 0x05, 118, 0, 8, "signingTime" }, /* 117 */
- { 0x06, 119, 0, 8, "counterSignature" }, /* 118 */
- { 0x07, 120, 0, 8, "challengePassword" }, /* 119 */
- { 0x08, 121, 0, 8, "unstructuredAddress" }, /* 120 */
- { 0x0E, 122, 0, 8, "extensionRequest" }, /* 121 */
- { 0x0F, 123, 0, 8, "S/MIME Capabilities" }, /* 122 */
- { 0x16, 0, 1, 8, "certTypes" }, /* 123 */
- { 0x01, 125, 0, 9, "X.509" }, /* 124 */
- { 0x02, 0, 0, 9, "SDSI" }, /* 125 */
- { 0x0c, 0, 1, 7, "PKCS-12" }, /* 126 */
- { 0x01, 134, 1, 8, "pbeIds" }, /* 127 */
- { 0x01, 129, 0, 9, "pbeWithSHAAnd128BitRC4" }, /* 128 */
- { 0x02, 130, 0, 9, "pbeWithSHAAnd40BitRC4" }, /* 129 */
- { 0x03, 131, 0, 9, "pbeWithSHAAnd3-KeyTripleDES-CBC"}, /* 130 */
- { 0x04, 132, 0, 9, "pbeWithSHAAnd2-KeyTripleDES-CBC"}, /* 131 */
- { 0x05, 133, 0, 9, "pbeWithSHAAnd128BitRC2-CBC" }, /* 132 */
- { 0x06, 0, 0, 9, "pbeWithSHAAnd40BitRC2-CBC" }, /* 133 */
- { 0x0a, 0, 1, 8, "PKCS-12v1" }, /* 134 */
- { 0x01, 0, 1, 9, "bagIds" }, /* 135 */
- { 0x01, 137, 0, 10, "keyBag" }, /* 136 */
- { 0x02, 138, 0, 10, "pkcs8ShroudedKeyBag" }, /* 137 */
- { 0x03, 139, 0, 10, "certBag" }, /* 138 */
- { 0x04, 140, 0, 10, "crlBag" }, /* 139 */
- { 0x05, 141, 0, 10, "secretBag" }, /* 140 */
- { 0x06, 0, 0, 10, "safeContentsBag" }, /* 141 */
- { 0x02, 145, 1, 6, "digestAlgorithm" }, /* 142 */
- { 0x02, 144, 0, 7, "md2" }, /* 143 */
- { 0x05, 0, 0, 7, "md5" }, /* 144 */
- { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 145 */
- { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 146 */
- { 0xCE, 0, 1, 3, "" }, /* 147 */
- { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 148 */
- { 0x02, 151, 1, 5, "id-publicKeyType" }, /* 149 */
- { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 150 */
- { 0x03, 181, 1, 5, "ellipticCurve" }, /* 151 */
- { 0x00, 173, 1, 6, "c-TwoCurve" }, /* 152 */
- { 0x01, 154, 0, 7, "c2pnb163v1" }, /* 153 */
- { 0x02, 155, 0, 7, "c2pnb163v2" }, /* 154 */
- { 0x03, 156, 0, 7, "c2pnb163v3" }, /* 155 */
- { 0x04, 157, 0, 7, "c2pnb176w1" }, /* 156 */
- { 0x05, 158, 0, 7, "c2tnb191v1" }, /* 157 */
- { 0x06, 159, 0, 7, "c2tnb191v2" }, /* 158 */
- { 0x07, 160, 0, 7, "c2tnb191v3" }, /* 159 */
- { 0x08, 161, 0, 7, "c2onb191v4" }, /* 160 */
- { 0x09, 162, 0, 7, "c2onb191v5" }, /* 161 */
- { 0x0A, 163, 0, 7, "c2pnb208w1" }, /* 162 */
- { 0x0B, 164, 0, 7, "c2tnb239v1" }, /* 163 */
- { 0x0C, 165, 0, 7, "c2tnb239v2" }, /* 164 */
- { 0x0D, 166, 0, 7, "c2tnb239v3" }, /* 165 */
- { 0x0E, 167, 0, 7, "c2onb239v4" }, /* 166 */
- { 0x0F, 168, 0, 7, "c2onb239v5" }, /* 167 */
- { 0x10, 169, 0, 7, "c2pnb272w1" }, /* 168 */
- { 0x11, 170, 0, 7, "c2pnb304w1" }, /* 169 */
- { 0x12, 171, 0, 7, "c2tnb359v1" }, /* 170 */
- { 0x13, 172, 0, 7, "c2pnb368w1" }, /* 171 */
- { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 172 */
- { 0x01, 0, 1, 6, "primeCurve" }, /* 173 */
- { 0x01, 175, 0, 7, "prime192v1" }, /* 174 */
- { 0x02, 176, 0, 7, "prime192v2" }, /* 175 */
- { 0x03, 177, 0, 7, "prime192v3" }, /* 176 */
- { 0x04, 178, 0, 7, "prime239v1" }, /* 177 */
- { 0x05, 179, 0, 7, "prime239v2" }, /* 178 */
- { 0x06, 180, 0, 7, "prime239v3" }, /* 179 */
- { 0x07, 0, 0, 7, "prime256v1" }, /* 180 */
- { 0x04, 0, 1, 5, "id-ecSigType" }, /* 181 */
- { 0x01, 183, 0, 6, "ecdsa-with-SHA1" }, /* 182 */
- { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 183 */
- { 0x01, 185, 0, 7, "ecdsa-with-SHA224" }, /* 184 */
- { 0x02, 186, 0, 7, "ecdsa-with-SHA256" }, /* 185 */
- { 0x03, 187, 0, 7, "ecdsa-with-SHA384" }, /* 186 */
- { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 187 */
- {0x2B, 348, 1, 0, "" }, /* 188 */
- { 0x06, 262, 1, 1, "dod" }, /* 189 */
- { 0x01, 0, 1, 2, "internet" }, /* 190 */
- { 0x04, 213, 1, 3, "private" }, /* 191 */
- { 0x01, 0, 1, 4, "enterprise" }, /* 192 */
- { 0x82, 206, 1, 5, "" }, /* 193 */
- { 0x37, 203, 1, 6, "Microsoft" }, /* 194 */
- { 0x0A, 199, 1, 7, "" }, /* 195 */
- { 0x03, 0, 1, 8, "" }, /* 196 */
- { 0x03, 198, 0, 9, "msSGC" }, /* 197 */
- { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 198 */
- { 0x14, 0, 1, 7, "msEnrollmentInfrastructure" }, /* 199 */
- { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 200 */
- { 0x02, 202, 0, 9, "msSmartcardLogon" }, /* 201 */
- { 0x03, 0, 0, 9, "msUPN" }, /* 202 */
- { 0xA0, 0, 1, 6, "" }, /* 203 */
- { 0x2A, 0, 1, 7, "ITA" }, /* 204 */
- { 0x01, 0, 0, 8, "strongSwan" }, /* 205 */
- { 0x89, 0, 1, 5, "" }, /* 206 */
- { 0x31, 0, 1, 6, "" }, /* 207 */
- { 0x01, 0, 1, 7, "" }, /* 208 */
- { 0x01, 0, 1, 8, "" }, /* 209 */
- { 0x02, 0, 1, 9, "" }, /* 210 */
- { 0x02, 0, 1, 10, "" }, /* 211 */
- { 0x4B, 0, 0, 11, "TCGID" }, /* 212 */
- { 0x05, 0, 1, 3, "security" }, /* 213 */
- { 0x05, 0, 1, 4, "mechanisms" }, /* 214 */
- { 0x07, 259, 1, 5, "id-pkix" }, /* 215 */
- { 0x01, 220, 1, 6, "id-pe" }, /* 216 */
- { 0x01, 218, 0, 7, "authorityInfoAccess" }, /* 217 */
- { 0x03, 219, 0, 7, "qcStatements" }, /* 218 */
- { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 219 */
- { 0x02, 223, 1, 6, "id-qt" }, /* 220 */
- { 0x01, 222, 0, 7, "cps" }, /* 221 */
- { 0x02, 0, 0, 7, "unotice" }, /* 222 */
- { 0x03, 233, 1, 6, "id-kp" }, /* 223 */
- { 0x01, 225, 0, 7, "serverAuth" }, /* 224 */
- { 0x02, 226, 0, 7, "clientAuth" }, /* 225 */
- { 0x03, 227, 0, 7, "codeSigning" }, /* 226 */
- { 0x04, 228, 0, 7, "emailProtection" }, /* 227 */
- { 0x05, 229, 0, 7, "ipsecEndSystem" }, /* 228 */
- { 0x06, 230, 0, 7, "ipsecTunnel" }, /* 229 */
- { 0x07, 231, 0, 7, "ipsecUser" }, /* 230 */
- { 0x08, 232, 0, 7, "timeStamping" }, /* 231 */
- { 0x09, 0, 0, 7, "ocspSigning" }, /* 232 */
- { 0x08, 241, 1, 6, "id-otherNames" }, /* 233 */
- { 0x01, 235, 0, 7, "personalData" }, /* 234 */
- { 0x02, 236, 0, 7, "userGroup" }, /* 235 */
- { 0x03, 237, 0, 7, "id-on-permanentIdentifier" }, /* 236 */
- { 0x04, 238, 0, 7, "id-on-hardwareModuleName" }, /* 237 */
- { 0x05, 239, 0, 7, "xmppAddr" }, /* 238 */
- { 0x06, 240, 0, 7, "id-on-SIM" }, /* 239 */
- { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 240 */
- { 0x0A, 246, 1, 6, "id-aca" }, /* 241 */
- { 0x01, 243, 0, 7, "authenticationInfo" }, /* 242 */
- { 0x02, 244, 0, 7, "accessIdentity" }, /* 243 */
- { 0x03, 245, 0, 7, "chargingIdentity" }, /* 244 */
- { 0x04, 0, 0, 7, "group" }, /* 245 */
- { 0x0B, 247, 0, 6, "subjectInfoAccess" }, /* 246 */
- { 0x30, 0, 1, 6, "id-ad" }, /* 247 */
- { 0x01, 256, 1, 7, "ocsp" }, /* 248 */
- { 0x01, 250, 0, 8, "basic" }, /* 249 */
- { 0x02, 251, 0, 8, "nonce" }, /* 250 */
- { 0x03, 252, 0, 8, "crl" }, /* 251 */
- { 0x04, 253, 0, 8, "response" }, /* 252 */
- { 0x05, 254, 0, 8, "noCheck" }, /* 253 */
- { 0x06, 255, 0, 8, "archiveCutoff" }, /* 254 */
- { 0x07, 0, 0, 8, "serviceLocator" }, /* 255 */
- { 0x02, 257, 0, 7, "caIssuers" }, /* 256 */
- { 0x03, 258, 0, 7, "timeStamping" }, /* 257 */
- { 0x05, 0, 0, 7, "caRepository" }, /* 258 */
- { 0x08, 0, 1, 5, "ipsec" }, /* 259 */
- { 0x02, 0, 1, 6, "certificate" }, /* 260 */
- { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 261 */
- { 0x0E, 268, 1, 1, "oiw" }, /* 262 */
- { 0x03, 0, 1, 2, "secsig" }, /* 263 */
- { 0x02, 0, 1, 3, "algorithms" }, /* 264 */
- { 0x07, 266, 0, 4, "des-cbc" }, /* 265 */
- { 0x1A, 267, 0, 4, "sha-1" }, /* 266 */
- { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 267 */
- { 0x24, 314, 1, 1, "TeleTrusT" }, /* 268 */
- { 0x03, 0, 1, 2, "algorithm" }, /* 269 */
- { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 270 */
- { 0x01, 275, 1, 4, "rsaSignature" }, /* 271 */
- { 0x02, 273, 0, 5, "rsaSigWithripemd160" }, /* 272 */
- { 0x03, 274, 0, 5, "rsaSigWithripemd128" }, /* 273 */
- { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 274 */
- { 0x02, 0, 1, 4, "ecSign" }, /* 275 */
- { 0x01, 277, 0, 5, "ecSignWithsha1" }, /* 276 */
- { 0x02, 278, 0, 5, "ecSignWithripemd160" }, /* 277 */
- { 0x03, 279, 0, 5, "ecSignWithmd2" }, /* 278 */
- { 0x04, 280, 0, 5, "ecSignWithmd5" }, /* 279 */
- { 0x05, 297, 1, 5, "ttt-ecg" }, /* 280 */
- { 0x01, 285, 1, 6, "fieldType" }, /* 281 */
- { 0x01, 0, 1, 7, "characteristictwoField" }, /* 282 */
- { 0x01, 0, 1, 8, "basisType" }, /* 283 */
- { 0x01, 0, 0, 9, "ipBasis" }, /* 284 */
- { 0x02, 287, 1, 6, "keyType" }, /* 285 */
- { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 286 */
- { 0x03, 288, 0, 6, "curve" }, /* 287 */
- { 0x04, 295, 1, 6, "signatures" }, /* 288 */
- { 0x01, 290, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 289 */
- { 0x02, 291, 0, 7, "ecgdsa-with-SHA1" }, /* 290 */
- { 0x03, 292, 0, 7, "ecgdsa-with-SHA224" }, /* 291 */
- { 0x04, 293, 0, 7, "ecgdsa-with-SHA256" }, /* 292 */
- { 0x05, 294, 0, 7, "ecgdsa-with-SHA384" }, /* 293 */
- { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 294 */
- { 0x05, 0, 1, 6, "module" }, /* 295 */
- { 0x01, 0, 0, 7, "1" }, /* 296 */
- { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 297 */
- { 0x01, 0, 1, 6, "ellipticCurve" }, /* 298 */
- { 0x01, 0, 1, 7, "versionOne" }, /* 299 */
- { 0x01, 301, 0, 8, "brainpoolP160r1" }, /* 300 */
- { 0x02, 302, 0, 8, "brainpoolP160t1" }, /* 301 */
- { 0x03, 303, 0, 8, "brainpoolP192r1" }, /* 302 */
- { 0x04, 304, 0, 8, "brainpoolP192t1" }, /* 303 */
- { 0x05, 305, 0, 8, "brainpoolP224r1" }, /* 304 */
- { 0x06, 306, 0, 8, "brainpoolP224t1" }, /* 305 */
- { 0x07, 307, 0, 8, "brainpoolP256r1" }, /* 306 */
- { 0x08, 308, 0, 8, "brainpoolP256t1" }, /* 307 */
- { 0x09, 309, 0, 8, "brainpoolP320r1" }, /* 308 */
- { 0x0A, 310, 0, 8, "brainpoolP320t1" }, /* 309 */
- { 0x0B, 311, 0, 8, "brainpoolP384r1" }, /* 310 */
- { 0x0C, 312, 0, 8, "brainpoolP384t1" }, /* 311 */
- { 0x0D, 313, 0, 8, "brainpoolP512r1" }, /* 312 */
- { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 313 */
- { 0x81, 0, 1, 1, "" }, /* 314 */
- { 0x04, 0, 1, 2, "Certicom" }, /* 315 */
- { 0x00, 0, 1, 3, "curve" }, /* 316 */
- { 0x01, 318, 0, 4, "sect163k1" }, /* 317 */
- { 0x02, 319, 0, 4, "sect163r1" }, /* 318 */
- { 0x03, 320, 0, 4, "sect239k1" }, /* 319 */
- { 0x04, 321, 0, 4, "sect113r1" }, /* 320 */
- { 0x05, 322, 0, 4, "sect113r2" }, /* 321 */
- { 0x06, 323, 0, 4, "secp112r1" }, /* 322 */
- { 0x07, 324, 0, 4, "secp112r2" }, /* 323 */
- { 0x08, 325, 0, 4, "secp160r1" }, /* 324 */
- { 0x09, 326, 0, 4, "secp160k1" }, /* 325 */
- { 0x0A, 327, 0, 4, "secp256k1" }, /* 326 */
- { 0x0F, 328, 0, 4, "sect163r2" }, /* 327 */
- { 0x10, 329, 0, 4, "sect283k1" }, /* 328 */
- { 0x11, 330, 0, 4, "sect283r1" }, /* 329 */
- { 0x16, 331, 0, 4, "sect131r1" }, /* 330 */
- { 0x17, 332, 0, 4, "sect131r2" }, /* 331 */
- { 0x18, 333, 0, 4, "sect193r1" }, /* 332 */
- { 0x19, 334, 0, 4, "sect193r2" }, /* 333 */
- { 0x1A, 335, 0, 4, "sect233k1" }, /* 334 */
- { 0x1B, 336, 0, 4, "sect233r1" }, /* 335 */
- { 0x1C, 337, 0, 4, "secp128r1" }, /* 336 */
- { 0x1D, 338, 0, 4, "secp128r2" }, /* 337 */
- { 0x1E, 339, 0, 4, "secp160r2" }, /* 338 */
- { 0x1F, 340, 0, 4, "secp192k1" }, /* 339 */
- { 0x20, 341, 0, 4, "secp224k1" }, /* 340 */
- { 0x21, 342, 0, 4, "secp224r1" }, /* 341 */
- { 0x22, 343, 0, 4, "secp384r1" }, /* 342 */
- { 0x23, 344, 0, 4, "secp521r1" }, /* 343 */
- { 0x24, 345, 0, 4, "sect409k1" }, /* 344 */
- { 0x25, 346, 0, 4, "sect409r1" }, /* 345 */
- { 0x26, 347, 0, 4, "sect571k1" }, /* 346 */
- { 0x27, 0, 0, 4, "sect571r1" }, /* 347 */
- {0x60, 396, 1, 0, "" }, /* 348 */
- { 0x86, 0, 1, 1, "" }, /* 349 */
- { 0x48, 0, 1, 2, "" }, /* 350 */
- { 0x01, 0, 1, 3, "organization" }, /* 351 */
- { 0x65, 372, 1, 4, "gov" }, /* 352 */
- { 0x03, 0, 1, 5, "csor" }, /* 353 */
- { 0x04, 0, 1, 6, "nistalgorithm" }, /* 354 */
- { 0x01, 365, 1, 7, "aes" }, /* 355 */
- { 0x02, 357, 0, 8, "id-aes128-CBC" }, /* 356 */
- { 0x06, 358, 0, 8, "id-aes128-GCM" }, /* 357 */
- { 0x07, 359, 0, 8, "id-aes128-CCM" }, /* 358 */
- { 0x16, 360, 0, 8, "id-aes192-CBC" }, /* 359 */
- { 0x1A, 361, 0, 8, "id-aes192-GCM" }, /* 360 */
- { 0x1B, 362, 0, 8, "id-aes192-CCM" }, /* 361 */
- { 0x2A, 363, 0, 8, "id-aes256-CBC" }, /* 362 */
- { 0x2E, 364, 0, 8, "id-aes256-GCM" }, /* 363 */
- { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 364 */
- { 0x02, 0, 1, 7, "hashalgs" }, /* 365 */
- { 0x01, 367, 0, 8, "id-SHA-256" }, /* 366 */
- { 0x02, 368, 0, 8, "id-SHA-384" }, /* 367 */
- { 0x03, 369, 0, 8, "id-SHA-512" }, /* 368 */
- { 0x04, 370, 0, 8, "id-SHA-224" }, /* 369 */
- { 0x05, 371, 0, 8, "id-SHA-512-224" }, /* 370 */
- { 0x06, 0, 0, 8, "id-SHA-512-256" }, /* 371 */
- { 0x86, 0, 1, 4, "" }, /* 372 */
- { 0xf8, 0, 1, 5, "" }, /* 373 */
- { 0x42, 386, 1, 6, "netscape" }, /* 374 */
- { 0x01, 381, 1, 7, "" }, /* 375 */
- { 0x01, 377, 0, 8, "nsCertType" }, /* 376 */
- { 0x03, 378, 0, 8, "nsRevocationUrl" }, /* 377 */
- { 0x04, 379, 0, 8, "nsCaRevocationUrl" }, /* 378 */
- { 0x08, 380, 0, 8, "nsCaPolicyUrl" }, /* 379 */
- { 0x0d, 0, 0, 8, "nsComment" }, /* 380 */
- { 0x03, 384, 1, 7, "directory" }, /* 381 */
- { 0x01, 0, 1, 8, "" }, /* 382 */
- { 0x03, 0, 0, 9, "employeeNumber" }, /* 383 */
- { 0x04, 0, 1, 7, "policy" }, /* 384 */
- { 0x01, 0, 0, 8, "nsSGC" }, /* 385 */
- { 0x45, 0, 1, 6, "verisign" }, /* 386 */
- { 0x01, 0, 1, 7, "pki" }, /* 387 */
- { 0x09, 0, 1, 8, "attributes" }, /* 388 */
- { 0x02, 390, 0, 9, "messageType" }, /* 389 */
- { 0x03, 391, 0, 9, "pkiStatus" }, /* 390 */
- { 0x04, 392, 0, 9, "failInfo" }, /* 391 */
- { 0x05, 393, 0, 9, "senderNonce" }, /* 392 */
- { 0x06, 394, 0, 9, "recipientNonce" }, /* 393 */
- { 0x07, 395, 0, 9, "transID" }, /* 394 */
- { 0x08, 0, 0, 9, "extensionReq" }, /* 395 */
- {0x67, 0, 1, 0, "" }, /* 396 */
- { 0x81, 0, 1, 1, "" }, /* 397 */
- { 0x05, 0, 1, 2, "" }, /* 398 */
- { 0x02, 0, 1, 3, "tcg-attribute" }, /* 399 */
- { 0x01, 401, 0, 4, "tcg-at-tpmManufacturer" }, /* 400 */
- { 0x02, 402, 0, 4, "tcg-at-tpmModel" }, /* 401 */
- { 0x03, 403, 0, 4, "tcg-at-tpmVersion" }, /* 402 */
- { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 403 */
+ { 0x08, 96, 0, 8, "id-mgf1" }, /* 95 */
+ { 0x09, 97, 0, 8, "id-pSpecified" }, /* 96 */
+ { 0x0B, 98, 0, 8, "sha256WithRSAEncryption" }, /* 97 */
+ { 0x0C, 99, 0, 8, "sha384WithRSAEncryption" }, /* 98 */
+ { 0x0D, 100, 0, 8, "sha512WithRSAEncryption" }, /* 99 */
+ { 0x0E, 0, 0, 8, "sha224WithRSAEncryption" }, /* 100 */
+ { 0x05, 106, 1, 7, "PKCS-5" }, /* 101 */
+ { 0x03, 103, 0, 8, "pbeWithMD5AndDES-CBC" }, /* 102 */
+ { 0x0A, 104, 0, 8, "pbeWithSHA1AndDES-CBC" }, /* 103 */
+ { 0x0C, 105, 0, 8, "id-PBKDF2" }, /* 104 */
+ { 0x0D, 0, 0, 8, "id-PBES2" }, /* 105 */
+ { 0x07, 113, 1, 7, "PKCS-7" }, /* 106 */
+ { 0x01, 108, 0, 8, "data" }, /* 107 */
+ { 0x02, 109, 0, 8, "signedData" }, /* 108 */
+ { 0x03, 110, 0, 8, "envelopedData" }, /* 109 */
+ { 0x04, 111, 0, 8, "signedAndEnvelopedData" }, /* 110 */
+ { 0x05, 112, 0, 8, "digestedData" }, /* 111 */
+ { 0x06, 0, 0, 8, "encryptedData" }, /* 112 */
+ { 0x09, 127, 1, 7, "PKCS-9" }, /* 113 */
+ { 0x01, 115, 0, 8, "E" }, /* 114 */
+ { 0x02, 116, 0, 8, "unstructuredName" }, /* 115 */
+ { 0x03, 117, 0, 8, "contentType" }, /* 116 */
+ { 0x04, 118, 0, 8, "messageDigest" }, /* 117 */
+ { 0x05, 119, 0, 8, "signingTime" }, /* 118 */
+ { 0x06, 120, 0, 8, "counterSignature" }, /* 119 */
+ { 0x07, 121, 0, 8, "challengePassword" }, /* 120 */
+ { 0x08, 122, 0, 8, "unstructuredAddress" }, /* 121 */
+ { 0x0E, 123, 0, 8, "extensionRequest" }, /* 122 */
+ { 0x0F, 124, 0, 8, "S/MIME Capabilities" }, /* 123 */
+ { 0x16, 0, 1, 8, "certTypes" }, /* 124 */
+ { 0x01, 126, 0, 9, "X.509" }, /* 125 */
+ { 0x02, 0, 0, 9, "SDSI" }, /* 126 */
+ { 0x0c, 0, 1, 7, "PKCS-12" }, /* 127 */
+ { 0x01, 135, 1, 8, "pbeIds" }, /* 128 */
+ { 0x01, 130, 0, 9, "pbeWithSHAAnd128BitRC4" }, /* 129 */
+ { 0x02, 131, 0, 9, "pbeWithSHAAnd40BitRC4" }, /* 130 */
+ { 0x03, 132, 0, 9, "pbeWithSHAAnd3-KeyTripleDES-CBC"}, /* 131 */
+ { 0x04, 133, 0, 9, "pbeWithSHAAnd2-KeyTripleDES-CBC"}, /* 132 */
+ { 0x05, 134, 0, 9, "pbeWithSHAAnd128BitRC2-CBC" }, /* 133 */
+ { 0x06, 0, 0, 9, "pbeWithSHAAnd40BitRC2-CBC" }, /* 134 */
+ { 0x0a, 0, 1, 8, "PKCS-12v1" }, /* 135 */
+ { 0x01, 0, 1, 9, "bagIds" }, /* 136 */
+ { 0x01, 138, 0, 10, "keyBag" }, /* 137 */
+ { 0x02, 139, 0, 10, "pkcs8ShroudedKeyBag" }, /* 138 */
+ { 0x03, 140, 0, 10, "certBag" }, /* 139 */
+ { 0x04, 141, 0, 10, "crlBag" }, /* 140 */
+ { 0x05, 142, 0, 10, "secretBag" }, /* 141 */
+ { 0x06, 0, 0, 10, "safeContentsBag" }, /* 142 */
+ { 0x02, 146, 1, 6, "digestAlgorithm" }, /* 143 */
+ { 0x02, 145, 0, 7, "md2" }, /* 144 */
+ { 0x05, 0, 0, 7, "md5" }, /* 145 */
+ { 0x03, 0, 1, 6, "encryptionAlgorithm" }, /* 146 */
+ { 0x07, 0, 0, 7, "3des-ede-cbc" }, /* 147 */
+ { 0xCE, 0, 1, 3, "" }, /* 148 */
+ { 0x3D, 0, 1, 4, "ansi-X9-62" }, /* 149 */
+ { 0x02, 152, 1, 5, "id-publicKeyType" }, /* 150 */
+ { 0x01, 0, 0, 6, "id-ecPublicKey" }, /* 151 */
+ { 0x03, 182, 1, 5, "ellipticCurve" }, /* 152 */
+ { 0x00, 174, 1, 6, "c-TwoCurve" }, /* 153 */
+ { 0x01, 155, 0, 7, "c2pnb163v1" }, /* 154 */
+ { 0x02, 156, 0, 7, "c2pnb163v2" }, /* 155 */
+ { 0x03, 157, 0, 7, "c2pnb163v3" }, /* 156 */
+ { 0x04, 158, 0, 7, "c2pnb176w1" }, /* 157 */
+ { 0x05, 159, 0, 7, "c2tnb191v1" }, /* 158 */
+ { 0x06, 160, 0, 7, "c2tnb191v2" }, /* 159 */
+ { 0x07, 161, 0, 7, "c2tnb191v3" }, /* 160 */
+ { 0x08, 162, 0, 7, "c2onb191v4" }, /* 161 */
+ { 0x09, 163, 0, 7, "c2onb191v5" }, /* 162 */
+ { 0x0A, 164, 0, 7, "c2pnb208w1" }, /* 163 */
+ { 0x0B, 165, 0, 7, "c2tnb239v1" }, /* 164 */
+ { 0x0C, 166, 0, 7, "c2tnb239v2" }, /* 165 */
+ { 0x0D, 167, 0, 7, "c2tnb239v3" }, /* 166 */
+ { 0x0E, 168, 0, 7, "c2onb239v4" }, /* 167 */
+ { 0x0F, 169, 0, 7, "c2onb239v5" }, /* 168 */
+ { 0x10, 170, 0, 7, "c2pnb272w1" }, /* 169 */
+ { 0x11, 171, 0, 7, "c2pnb304w1" }, /* 170 */
+ { 0x12, 172, 0, 7, "c2tnb359v1" }, /* 171 */
+ { 0x13, 173, 0, 7, "c2pnb368w1" }, /* 172 */
+ { 0x14, 0, 0, 7, "c2tnb431r1" }, /* 173 */
+ { 0x01, 0, 1, 6, "primeCurve" }, /* 174 */
+ { 0x01, 176, 0, 7, "prime192v1" }, /* 175 */
+ { 0x02, 177, 0, 7, "prime192v2" }, /* 176 */
+ { 0x03, 178, 0, 7, "prime192v3" }, /* 177 */
+ { 0x04, 179, 0, 7, "prime239v1" }, /* 178 */
+ { 0x05, 180, 0, 7, "prime239v2" }, /* 179 */
+ { 0x06, 181, 0, 7, "prime239v3" }, /* 180 */
+ { 0x07, 0, 0, 7, "prime256v1" }, /* 181 */
+ { 0x04, 0, 1, 5, "id-ecSigType" }, /* 182 */
+ { 0x01, 184, 0, 6, "ecdsa-with-SHA1" }, /* 183 */
+ { 0x03, 0, 1, 6, "ecdsa-with-Specified" }, /* 184 */
+ { 0x01, 186, 0, 7, "ecdsa-with-SHA224" }, /* 185 */
+ { 0x02, 187, 0, 7, "ecdsa-with-SHA256" }, /* 186 */
+ { 0x03, 188, 0, 7, "ecdsa-with-SHA384" }, /* 187 */
+ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 188 */
+ {0x2B, 372, 1, 0, "" }, /* 189 */
+ { 0x06, 286, 1, 1, "dod" }, /* 190 */
+ { 0x01, 0, 1, 2, "internet" }, /* 191 */
+ { 0x04, 237, 1, 3, "private" }, /* 192 */
+ { 0x01, 0, 1, 4, "enterprise" }, /* 193 */
+ { 0x82, 207, 1, 5, "" }, /* 194 */
+ { 0x37, 204, 1, 6, "Microsoft" }, /* 195 */
+ { 0x0A, 200, 1, 7, "" }, /* 196 */
+ { 0x03, 0, 1, 8, "" }, /* 197 */
+ { 0x03, 199, 0, 9, "msSGC" }, /* 198 */
+ { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 199 */
+ { 0x14, 0, 1, 7, "msEnrollmentInfrastructure" }, /* 200 */
+ { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 201 */
+ { 0x02, 203, 0, 9, "msSmartcardLogon" }, /* 202 */
+ { 0x03, 0, 0, 9, "msUPN" }, /* 203 */
+ { 0xA0, 0, 1, 6, "" }, /* 204 */
+ { 0x2A, 0, 1, 7, "ITA" }, /* 205 */
+ { 0x01, 0, 0, 8, "strongSwan" }, /* 206 */
+ { 0x89, 214, 1, 5, "" }, /* 207 */
+ { 0x31, 0, 1, 6, "" }, /* 208 */
+ { 0x01, 0, 1, 7, "" }, /* 209 */
+ { 0x01, 0, 1, 8, "" }, /* 210 */
+ { 0x02, 0, 1, 9, "" }, /* 211 */
+ { 0x02, 0, 1, 10, "" }, /* 212 */
+ { 0x4B, 0, 0, 11, "TCGID" }, /* 213 */
+ { 0xc1, 0, 1, 5, "" }, /* 214 */
+ { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 215 */
+ { 0x01, 0, 1, 7, "eess" }, /* 216 */
+ { 0x01, 0, 1, 8, "eess1" }, /* 217 */
+ { 0x01, 222, 1, 9, "eess1-algs" }, /* 218 */
+ { 0x01, 220, 0, 10, "ntru-EESS1v1-SVES" }, /* 219 */
+ { 0x02, 221, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 220 */
+ { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 221 */
+ { 0x02, 236, 1, 9, "eess1-params" }, /* 222 */
+ { 0x01, 224, 0, 10, "ees251ep1" }, /* 223 */
+ { 0x02, 225, 0, 10, "ees347ep1" }, /* 224 */
+ { 0x03, 226, 0, 10, "ees503ep1" }, /* 225 */
+ { 0x07, 227, 0, 10, "ees251sp2" }, /* 226 */
+ { 0x0C, 228, 0, 10, "ees251ep4" }, /* 227 */
+ { 0x0D, 229, 0, 10, "ees251ep5" }, /* 228 */
+ { 0x0E, 230, 0, 10, "ees251sp3" }, /* 229 */
+ { 0x0F, 231, 0, 10, "ees251sp4" }, /* 230 */
+ { 0x10, 232, 0, 10, "ees251sp5" }, /* 231 */
+ { 0x11, 233, 0, 10, "ees251sp6" }, /* 232 */
+ { 0x12, 234, 0, 10, "ees251sp7" }, /* 233 */
+ { 0x13, 235, 0, 10, "ees251sp8" }, /* 234 */
+ { 0x14, 0, 0, 10, "ees251sp9" }, /* 235 */
+ { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 236 */
+ { 0x05, 0, 1, 3, "security" }, /* 237 */
+ { 0x05, 0, 1, 4, "mechanisms" }, /* 238 */
+ { 0x07, 283, 1, 5, "id-pkix" }, /* 239 */
+ { 0x01, 244, 1, 6, "id-pe" }, /* 240 */
+ { 0x01, 242, 0, 7, "authorityInfoAccess" }, /* 241 */
+ { 0x03, 243, 0, 7, "qcStatements" }, /* 242 */
+ { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 243 */
+ { 0x02, 247, 1, 6, "id-qt" }, /* 244 */
+ { 0x01, 246, 0, 7, "cps" }, /* 245 */
+ { 0x02, 0, 0, 7, "unotice" }, /* 246 */
+ { 0x03, 257, 1, 6, "id-kp" }, /* 247 */
+ { 0x01, 249, 0, 7, "serverAuth" }, /* 248 */
+ { 0x02, 250, 0, 7, "clientAuth" }, /* 249 */
+ { 0x03, 251, 0, 7, "codeSigning" }, /* 250 */
+ { 0x04, 252, 0, 7, "emailProtection" }, /* 251 */
+ { 0x05, 253, 0, 7, "ipsecEndSystem" }, /* 252 */
+ { 0x06, 254, 0, 7, "ipsecTunnel" }, /* 253 */
+ { 0x07, 255, 0, 7, "ipsecUser" }, /* 254 */
+ { 0x08, 256, 0, 7, "timeStamping" }, /* 255 */
+ { 0x09, 0, 0, 7, "ocspSigning" }, /* 256 */
+ { 0x08, 265, 1, 6, "id-otherNames" }, /* 257 */
+ { 0x01, 259, 0, 7, "personalData" }, /* 258 */
+ { 0x02, 260, 0, 7, "userGroup" }, /* 259 */
+ { 0x03, 261, 0, 7, "id-on-permanentIdentifier" }, /* 260 */
+ { 0x04, 262, 0, 7, "id-on-hardwareModuleName" }, /* 261 */
+ { 0x05, 263, 0, 7, "xmppAddr" }, /* 262 */
+ { 0x06, 264, 0, 7, "id-on-SIM" }, /* 263 */
+ { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 264 */
+ { 0x0A, 270, 1, 6, "id-aca" }, /* 265 */
+ { 0x01, 267, 0, 7, "authenticationInfo" }, /* 266 */
+ { 0x02, 268, 0, 7, "accessIdentity" }, /* 267 */
+ { 0x03, 269, 0, 7, "chargingIdentity" }, /* 268 */
+ { 0x04, 0, 0, 7, "group" }, /* 269 */
+ { 0x0B, 271, 0, 6, "subjectInfoAccess" }, /* 270 */
+ { 0x30, 0, 1, 6, "id-ad" }, /* 271 */
+ { 0x01, 280, 1, 7, "ocsp" }, /* 272 */
+ { 0x01, 274, 0, 8, "basic" }, /* 273 */
+ { 0x02, 275, 0, 8, "nonce" }, /* 274 */
+ { 0x03, 276, 0, 8, "crl" }, /* 275 */
+ { 0x04, 277, 0, 8, "response" }, /* 276 */
+ { 0x05, 278, 0, 8, "noCheck" }, /* 277 */
+ { 0x06, 279, 0, 8, "archiveCutoff" }, /* 278 */
+ { 0x07, 0, 0, 8, "serviceLocator" }, /* 279 */
+ { 0x02, 281, 0, 7, "caIssuers" }, /* 280 */
+ { 0x03, 282, 0, 7, "timeStamping" }, /* 281 */
+ { 0x05, 0, 0, 7, "caRepository" }, /* 282 */
+ { 0x08, 0, 1, 5, "ipsec" }, /* 283 */
+ { 0x02, 0, 1, 6, "certificate" }, /* 284 */
+ { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 285 */
+ { 0x0E, 292, 1, 1, "oiw" }, /* 286 */
+ { 0x03, 0, 1, 2, "secsig" }, /* 287 */
+ { 0x02, 0, 1, 3, "algorithms" }, /* 288 */
+ { 0x07, 290, 0, 4, "des-cbc" }, /* 289 */
+ { 0x1A, 291, 0, 4, "sha-1" }, /* 290 */
+ { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 291 */
+ { 0x24, 338, 1, 1, "TeleTrusT" }, /* 292 */
+ { 0x03, 0, 1, 2, "algorithm" }, /* 293 */
+ { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 294 */
+ { 0x01, 299, 1, 4, "rsaSignature" }, /* 295 */
+ { 0x02, 297, 0, 5, "rsaSigWithripemd160" }, /* 296 */
+ { 0x03, 298, 0, 5, "rsaSigWithripemd128" }, /* 297 */
+ { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 298 */
+ { 0x02, 0, 1, 4, "ecSign" }, /* 299 */
+ { 0x01, 301, 0, 5, "ecSignWithsha1" }, /* 300 */
+ { 0x02, 302, 0, 5, "ecSignWithripemd160" }, /* 301 */
+ { 0x03, 303, 0, 5, "ecSignWithmd2" }, /* 302 */
+ { 0x04, 304, 0, 5, "ecSignWithmd5" }, /* 303 */
+ { 0x05, 321, 1, 5, "ttt-ecg" }, /* 304 */
+ { 0x01, 309, 1, 6, "fieldType" }, /* 305 */
+ { 0x01, 0, 1, 7, "characteristictwoField" }, /* 306 */
+ { 0x01, 0, 1, 8, "basisType" }, /* 307 */
+ { 0x01, 0, 0, 9, "ipBasis" }, /* 308 */
+ { 0x02, 311, 1, 6, "keyType" }, /* 309 */
+ { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 310 */
+ { 0x03, 312, 0, 6, "curve" }, /* 311 */
+ { 0x04, 319, 1, 6, "signatures" }, /* 312 */
+ { 0x01, 314, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 313 */
+ { 0x02, 315, 0, 7, "ecgdsa-with-SHA1" }, /* 314 */
+ { 0x03, 316, 0, 7, "ecgdsa-with-SHA224" }, /* 315 */
+ { 0x04, 317, 0, 7, "ecgdsa-with-SHA256" }, /* 316 */
+ { 0x05, 318, 0, 7, "ecgdsa-with-SHA384" }, /* 317 */
+ { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 318 */
+ { 0x05, 0, 1, 6, "module" }, /* 319 */
+ { 0x01, 0, 0, 7, "1" }, /* 320 */
+ { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 321 */
+ { 0x01, 0, 1, 6, "ellipticCurve" }, /* 322 */
+ { 0x01, 0, 1, 7, "versionOne" }, /* 323 */
+ { 0x01, 325, 0, 8, "brainpoolP160r1" }, /* 324 */
+ { 0x02, 326, 0, 8, "brainpoolP160t1" }, /* 325 */
+ { 0x03, 327, 0, 8, "brainpoolP192r1" }, /* 326 */
+ { 0x04, 328, 0, 8, "brainpoolP192t1" }, /* 327 */
+ { 0x05, 329, 0, 8, "brainpoolP224r1" }, /* 328 */
+ { 0x06, 330, 0, 8, "brainpoolP224t1" }, /* 329 */
+ { 0x07, 331, 0, 8, "brainpoolP256r1" }, /* 330 */
+ { 0x08, 332, 0, 8, "brainpoolP256t1" }, /* 331 */
+ { 0x09, 333, 0, 8, "brainpoolP320r1" }, /* 332 */
+ { 0x0A, 334, 0, 8, "brainpoolP320t1" }, /* 333 */
+ { 0x0B, 335, 0, 8, "brainpoolP384r1" }, /* 334 */
+ { 0x0C, 336, 0, 8, "brainpoolP384t1" }, /* 335 */
+ { 0x0D, 337, 0, 8, "brainpoolP512r1" }, /* 336 */
+ { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 337 */
+ { 0x81, 0, 1, 1, "" }, /* 338 */
+ { 0x04, 0, 1, 2, "Certicom" }, /* 339 */
+ { 0x00, 0, 1, 3, "curve" }, /* 340 */
+ { 0x01, 342, 0, 4, "sect163k1" }, /* 341 */
+ { 0x02, 343, 0, 4, "sect163r1" }, /* 342 */
+ { 0x03, 344, 0, 4, "sect239k1" }, /* 343 */
+ { 0x04, 345, 0, 4, "sect113r1" }, /* 344 */
+ { 0x05, 346, 0, 4, "sect113r2" }, /* 345 */
+ { 0x06, 347, 0, 4, "secp112r1" }, /* 346 */
+ { 0x07, 348, 0, 4, "secp112r2" }, /* 347 */
+ { 0x08, 349, 0, 4, "secp160r1" }, /* 348 */
+ { 0x09, 350, 0, 4, "secp160k1" }, /* 349 */
+ { 0x0A, 351, 0, 4, "secp256k1" }, /* 350 */
+ { 0x0F, 352, 0, 4, "sect163r2" }, /* 351 */
+ { 0x10, 353, 0, 4, "sect283k1" }, /* 352 */
+ { 0x11, 354, 0, 4, "sect283r1" }, /* 353 */
+ { 0x16, 355, 0, 4, "sect131r1" }, /* 354 */
+ { 0x17, 356, 0, 4, "sect131r2" }, /* 355 */
+ { 0x18, 357, 0, 4, "sect193r1" }, /* 356 */
+ { 0x19, 358, 0, 4, "sect193r2" }, /* 357 */
+ { 0x1A, 359, 0, 4, "sect233k1" }, /* 358 */
+ { 0x1B, 360, 0, 4, "sect233r1" }, /* 359 */
+ { 0x1C, 361, 0, 4, "secp128r1" }, /* 360 */
+ { 0x1D, 362, 0, 4, "secp128r2" }, /* 361 */
+ { 0x1E, 363, 0, 4, "secp160r2" }, /* 362 */
+ { 0x1F, 364, 0, 4, "secp192k1" }, /* 363 */
+ { 0x20, 365, 0, 4, "secp224k1" }, /* 364 */
+ { 0x21, 366, 0, 4, "secp224r1" }, /* 365 */
+ { 0x22, 367, 0, 4, "secp384r1" }, /* 366 */
+ { 0x23, 368, 0, 4, "secp521r1" }, /* 367 */
+ { 0x24, 369, 0, 4, "sect409k1" }, /* 368 */
+ { 0x25, 370, 0, 4, "sect409r1" }, /* 369 */
+ { 0x26, 371, 0, 4, "sect571k1" }, /* 370 */
+ { 0x27, 0, 0, 4, "sect571r1" }, /* 371 */
+ {0x60, 420, 1, 0, "" }, /* 372 */
+ { 0x86, 0, 1, 1, "" }, /* 373 */
+ { 0x48, 0, 1, 2, "" }, /* 374 */
+ { 0x01, 0, 1, 3, "organization" }, /* 375 */
+ { 0x65, 396, 1, 4, "gov" }, /* 376 */
+ { 0x03, 0, 1, 5, "csor" }, /* 377 */
+ { 0x04, 0, 1, 6, "nistalgorithm" }, /* 378 */
+ { 0x01, 389, 1, 7, "aes" }, /* 379 */
+ { 0x02, 381, 0, 8, "id-aes128-CBC" }, /* 380 */
+ { 0x06, 382, 0, 8, "id-aes128-GCM" }, /* 381 */
+ { 0x07, 383, 0, 8, "id-aes128-CCM" }, /* 382 */
+ { 0x16, 384, 0, 8, "id-aes192-CBC" }, /* 383 */
+ { 0x1A, 385, 0, 8, "id-aes192-GCM" }, /* 384 */
+ { 0x1B, 386, 0, 8, "id-aes192-CCM" }, /* 385 */
+ { 0x2A, 387, 0, 8, "id-aes256-CBC" }, /* 386 */
+ { 0x2E, 388, 0, 8, "id-aes256-GCM" }, /* 387 */
+ { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 388 */
+ { 0x02, 0, 1, 7, "hashalgs" }, /* 389 */
+ { 0x01, 391, 0, 8, "id-SHA-256" }, /* 390 */
+ { 0x02, 392, 0, 8, "id-SHA-384" }, /* 391 */
+ { 0x03, 393, 0, 8, "id-SHA-512" }, /* 392 */
+ { 0x04, 394, 0, 8, "id-SHA-224" }, /* 393 */
+ { 0x05, 395, 0, 8, "id-SHA-512-224" }, /* 394 */
+ { 0x06, 0, 0, 8, "id-SHA-512-256" }, /* 395 */
+ { 0x86, 0, 1, 4, "" }, /* 396 */
+ { 0xf8, 0, 1, 5, "" }, /* 397 */
+ { 0x42, 410, 1, 6, "netscape" }, /* 398 */
+ { 0x01, 405, 1, 7, "" }, /* 399 */
+ { 0x01, 401, 0, 8, "nsCertType" }, /* 400 */
+ { 0x03, 402, 0, 8, "nsRevocationUrl" }, /* 401 */
+ { 0x04, 403, 0, 8, "nsCaRevocationUrl" }, /* 402 */
+ { 0x08, 404, 0, 8, "nsCaPolicyUrl" }, /* 403 */
+ { 0x0d, 0, 0, 8, "nsComment" }, /* 404 */
+ { 0x03, 408, 1, 7, "directory" }, /* 405 */
+ { 0x01, 0, 1, 8, "" }, /* 406 */
+ { 0x03, 0, 0, 9, "employeeNumber" }, /* 407 */
+ { 0x04, 0, 1, 7, "policy" }, /* 408 */
+ { 0x01, 0, 0, 8, "nsSGC" }, /* 409 */
+ { 0x45, 0, 1, 6, "verisign" }, /* 410 */
+ { 0x01, 0, 1, 7, "pki" }, /* 411 */
+ { 0x09, 0, 1, 8, "attributes" }, /* 412 */
+ { 0x02, 414, 0, 9, "messageType" }, /* 413 */
+ { 0x03, 415, 0, 9, "pkiStatus" }, /* 414 */
+ { 0x04, 416, 0, 9, "failInfo" }, /* 415 */
+ { 0x05, 417, 0, 9, "senderNonce" }, /* 416 */
+ { 0x06, 418, 0, 9, "recipientNonce" }, /* 417 */
+ { 0x07, 419, 0, 9, "transID" }, /* 418 */
+ { 0x08, 0, 0, 9, "extensionReq" }, /* 419 */
+ {0x67, 0, 1, 0, "" }, /* 420 */
+ { 0x81, 0, 1, 1, "" }, /* 421 */
+ { 0x05, 0, 1, 2, "" }, /* 422 */
+ { 0x02, 0, 1, 3, "tcg-attribute" }, /* 423 */
+ { 0x01, 425, 0, 4, "tcg-at-tpmManufacturer" }, /* 424 */
+ { 0x02, 426, 0, 4, "tcg-at-tpmModel" }, /* 425 */
+ { 0x03, 427, 0, 4, "tcg-at-tpmVersion" }, /* 426 */
+ { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 427 */
};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
index 236c86737..14f774adb 100644
--- a/src/libstrongswan/asn1/oid.h
+++ b/src/libstrongswan/asn1/oid.h
@@ -69,170 +69,170 @@ extern const oid_t oid_names[];
#define OID_MD5_WITH_RSA 92
#define OID_SHA1_WITH_RSA 93
#define OID_RSAES_OAEP 94
-#define OID_SHA256_WITH_RSA 96
-#define OID_SHA384_WITH_RSA 97
-#define OID_SHA512_WITH_RSA 98
-#define OID_SHA224_WITH_RSA 99
-#define OID_PBE_MD5_DES_CBC 101
-#define OID_PBE_SHA1_DES_CBC 102
-#define OID_PBKDF2 103
-#define OID_PBES2 104
-#define OID_PKCS7_DATA 106
-#define OID_PKCS7_SIGNED_DATA 107
-#define OID_PKCS7_ENVELOPED_DATA 108
-#define OID_PKCS7_SIGNED_ENVELOPED_DATA 109
-#define OID_PKCS7_DIGESTED_DATA 110
-#define OID_PKCS7_ENCRYPTED_DATA 111
-#define OID_EMAIL_ADDRESS 113
-#define OID_UNSTRUCTURED_NAME 114
-#define OID_PKCS9_CONTENT_TYPE 115
-#define OID_PKCS9_MESSAGE_DIGEST 116
-#define OID_PKCS9_SIGNING_TIME 117
-#define OID_CHALLENGE_PASSWORD 119
-#define OID_UNSTRUCTURED_ADDRESS 120
-#define OID_EXTENSION_REQUEST 121
-#define OID_X509_CERTIFICATE 124
-#define OID_PBE_SHA1_RC4_128 128
-#define OID_PBE_SHA1_RC4_40 129
-#define OID_PBE_SHA1_3DES_CBC 130
-#define OID_PBE_SHA1_3DES_2KEY_CBC 131
-#define OID_PBE_SHA1_RC2_CBC_128 132
-#define OID_PBE_SHA1_RC2_CBC_40 133
-#define OID_P12_KEY_BAG 136
-#define OID_P12_PKCS8_KEY_BAG 137
-#define OID_P12_CERT_BAG 138
-#define OID_P12_CRL_BAG 139
-#define OID_MD2 143
-#define OID_MD5 144
-#define OID_3DES_EDE_CBC 146
-#define OID_EC_PUBLICKEY 150
-#define OID_C2PNB163V1 153
-#define OID_C2PNB163V2 154
-#define OID_C2PNB163V3 155
-#define OID_C2PNB176W1 156
-#define OID_C2PNB191V1 157
-#define OID_C2PNB191V2 158
-#define OID_C2PNB191V3 159
-#define OID_C2PNB191V4 160
-#define OID_C2PNB191V5 161
-#define OID_C2PNB208W1 162
-#define OID_C2PNB239V1 163
-#define OID_C2PNB239V2 164
-#define OID_C2PNB239V3 165
-#define OID_C2PNB239V4 166
-#define OID_C2PNB239V5 167
-#define OID_C2PNB272W1 168
-#define OID_C2PNB304W1 169
-#define OID_C2PNB359V1 170
-#define OID_C2PNB368W1 171
-#define OID_C2PNB431R1 172
-#define OID_PRIME192V1 174
-#define OID_PRIME192V2 175
-#define OID_PRIME192V3 176
-#define OID_PRIME239V1 177
-#define OID_PRIME239V2 178
-#define OID_PRIME239V3 179
-#define OID_PRIME256V1 180
-#define OID_ECDSA_WITH_SHA1 182
-#define OID_ECDSA_WITH_SHA224 184
-#define OID_ECDSA_WITH_SHA256 185
-#define OID_ECDSA_WITH_SHA384 186
-#define OID_ECDSA_WITH_SHA512 187
-#define OID_USER_PRINCIPAL_NAME 202
-#define OID_STRONGSWAN 205
-#define OID_TCGID 212
-#define OID_AUTHORITY_INFO_ACCESS 217
-#define OID_IP_ADDR_BLOCKS 219
-#define OID_POLICY_QUALIFIER_CPS 221
-#define OID_POLICY_QUALIFIER_UNOTICE 222
-#define OID_SERVER_AUTH 224
-#define OID_CLIENT_AUTH 225
-#define OID_OCSP_SIGNING 232
-#define OID_XMPP_ADDR 238
-#define OID_AUTHENTICATION_INFO 242
-#define OID_ACCESS_IDENTITY 243
-#define OID_CHARGING_IDENTITY 244
-#define OID_GROUP 245
-#define OID_OCSP 248
-#define OID_BASIC 249
-#define OID_NONCE 250
-#define OID_CRL 251
-#define OID_RESPONSE 252
-#define OID_NO_CHECK 253
-#define OID_ARCHIVE_CUTOFF 254
-#define OID_SERVICE_LOCATOR 255
-#define OID_CA_ISSUERS 256
-#define OID_IKE_INTERMEDIATE 261
-#define OID_DES_CBC 265
-#define OID_SHA1 266
-#define OID_SHA1_WITH_RSA_OIW 267
-#define OID_ECGDSA_PUBKEY 286
-#define OID_ECGDSA_SIG_WITH_RIPEMD160 289
-#define OID_ECGDSA_SIG_WITH_SHA1 290
-#define OID_ECGDSA_SIG_WITH_SHA224 291
-#define OID_ECGDSA_SIG_WITH_SHA256 292
-#define OID_ECGDSA_SIG_WITH_SHA384 293
-#define OID_ECGDSA_SIG_WITH_SHA512 294
-#define OID_SECT163K1 317
-#define OID_SECT163R1 318
-#define OID_SECT239K1 319
-#define OID_SECT113R1 320
-#define OID_SECT113R2 321
-#define OID_SECT112R1 322
-#define OID_SECT112R2 323
-#define OID_SECT160R1 324
-#define OID_SECT160K1 325
-#define OID_SECT256K1 326
-#define OID_SECT163R2 327
-#define OID_SECT283K1 328
-#define OID_SECT283R1 329
-#define OID_SECT131R1 330
-#define OID_SECT131R2 331
-#define OID_SECT193R1 332
-#define OID_SECT193R2 333
-#define OID_SECT233K1 334
-#define OID_SECT233R1 335
-#define OID_SECT128R1 336
-#define OID_SECT128R2 337
-#define OID_SECT160R2 338
-#define OID_SECT192K1 339
-#define OID_SECT224K1 340
-#define OID_SECT224R1 341
-#define OID_SECT384R1 342
-#define OID_SECT521R1 343
-#define OID_SECT409K1 344
-#define OID_SECT409R1 345
-#define OID_SECT571K1 346
-#define OID_SECT571R1 347
-#define OID_AES128_CBC 356
-#define OID_AES128_GCM 357
-#define OID_AES128_CCM 358
-#define OID_AES192_CBC 359
-#define OID_AES192_GCM 360
-#define OID_AES192_CCM 361
-#define OID_AES256_CBC 362
-#define OID_AES256_GCM 363
-#define OID_AES256_CCM 364
-#define OID_SHA256 366
-#define OID_SHA384 367
-#define OID_SHA512 368
-#define OID_SHA224 369
-#define OID_NS_REVOCATION_URL 377
-#define OID_NS_CA_REVOCATION_URL 378
-#define OID_NS_CA_POLICY_URL 379
-#define OID_NS_COMMENT 380
-#define OID_EMPLOYEE_NUMBER 383
-#define OID_PKI_MESSAGE_TYPE 389
-#define OID_PKI_STATUS 390
-#define OID_PKI_FAIL_INFO 391
-#define OID_PKI_SENDER_NONCE 392
-#define OID_PKI_RECIPIENT_NONCE 393
-#define OID_PKI_TRANS_ID 394
-#define OID_TPM_MANUFACTURER 400
-#define OID_TPM_MODEL 401
-#define OID_TPM_VERSION 402
-#define OID_TPM_ID_LABEL 403
+#define OID_SHA256_WITH_RSA 97
+#define OID_SHA384_WITH_RSA 98
+#define OID_SHA512_WITH_RSA 99
+#define OID_SHA224_WITH_RSA 100
+#define OID_PBE_MD5_DES_CBC 102
+#define OID_PBE_SHA1_DES_CBC 103
+#define OID_PBKDF2 104
+#define OID_PBES2 105
+#define OID_PKCS7_DATA 107
+#define OID_PKCS7_SIGNED_DATA 108
+#define OID_PKCS7_ENVELOPED_DATA 109
+#define OID_PKCS7_SIGNED_ENVELOPED_DATA 110
+#define OID_PKCS7_DIGESTED_DATA 111
+#define OID_PKCS7_ENCRYPTED_DATA 112
+#define OID_EMAIL_ADDRESS 114
+#define OID_UNSTRUCTURED_NAME 115
+#define OID_PKCS9_CONTENT_TYPE 116
+#define OID_PKCS9_MESSAGE_DIGEST 117
+#define OID_PKCS9_SIGNING_TIME 118
+#define OID_CHALLENGE_PASSWORD 120
+#define OID_UNSTRUCTURED_ADDRESS 121
+#define OID_EXTENSION_REQUEST 122
+#define OID_X509_CERTIFICATE 125
+#define OID_PBE_SHA1_RC4_128 129
+#define OID_PBE_SHA1_RC4_40 130
+#define OID_PBE_SHA1_3DES_CBC 131
+#define OID_PBE_SHA1_3DES_2KEY_CBC 132
+#define OID_PBE_SHA1_RC2_CBC_128 133
+#define OID_PBE_SHA1_RC2_CBC_40 134
+#define OID_P12_KEY_BAG 137
+#define OID_P12_PKCS8_KEY_BAG 138
+#define OID_P12_CERT_BAG 139
+#define OID_P12_CRL_BAG 140
+#define OID_MD2 144
+#define OID_MD5 145
+#define OID_3DES_EDE_CBC 147
+#define OID_EC_PUBLICKEY 151
+#define OID_C2PNB163V1 154
+#define OID_C2PNB163V2 155
+#define OID_C2PNB163V3 156
+#define OID_C2PNB176W1 157
+#define OID_C2PNB191V1 158
+#define OID_C2PNB191V2 159
+#define OID_C2PNB191V3 160
+#define OID_C2PNB191V4 161
+#define OID_C2PNB191V5 162
+#define OID_C2PNB208W1 163
+#define OID_C2PNB239V1 164
+#define OID_C2PNB239V2 165
+#define OID_C2PNB239V3 166
+#define OID_C2PNB239V4 167
+#define OID_C2PNB239V5 168
+#define OID_C2PNB272W1 169
+#define OID_C2PNB304W1 170
+#define OID_C2PNB359V1 171
+#define OID_C2PNB368W1 172
+#define OID_C2PNB431R1 173
+#define OID_PRIME192V1 175
+#define OID_PRIME192V2 176
+#define OID_PRIME192V3 177
+#define OID_PRIME239V1 178
+#define OID_PRIME239V2 179
+#define OID_PRIME239V3 180
+#define OID_PRIME256V1 181
+#define OID_ECDSA_WITH_SHA1 183
+#define OID_ECDSA_WITH_SHA224 185
+#define OID_ECDSA_WITH_SHA256 186
+#define OID_ECDSA_WITH_SHA384 187
+#define OID_ECDSA_WITH_SHA512 188
+#define OID_USER_PRINCIPAL_NAME 203
+#define OID_STRONGSWAN 206
+#define OID_TCGID 213
+#define OID_AUTHORITY_INFO_ACCESS 241
+#define OID_IP_ADDR_BLOCKS 243
+#define OID_POLICY_QUALIFIER_CPS 245
+#define OID_POLICY_QUALIFIER_UNOTICE 246
+#define OID_SERVER_AUTH 248
+#define OID_CLIENT_AUTH 249
+#define OID_OCSP_SIGNING 256
+#define OID_XMPP_ADDR 262
+#define OID_AUTHENTICATION_INFO 266
+#define OID_ACCESS_IDENTITY 267
+#define OID_CHARGING_IDENTITY 268
+#define OID_GROUP 269
+#define OID_OCSP 272
+#define OID_BASIC 273
+#define OID_NONCE 274
+#define OID_CRL 275
+#define OID_RESPONSE 276
+#define OID_NO_CHECK 277
+#define OID_ARCHIVE_CUTOFF 278
+#define OID_SERVICE_LOCATOR 279
+#define OID_CA_ISSUERS 280
+#define OID_IKE_INTERMEDIATE 285
+#define OID_DES_CBC 289
+#define OID_SHA1 290
+#define OID_SHA1_WITH_RSA_OIW 291
+#define OID_ECGDSA_PUBKEY 310
+#define OID_ECGDSA_SIG_WITH_RIPEMD160 313
+#define OID_ECGDSA_SIG_WITH_SHA1 314
+#define OID_ECGDSA_SIG_WITH_SHA224 315
+#define OID_ECGDSA_SIG_WITH_SHA256 316
+#define OID_ECGDSA_SIG_WITH_SHA384 317
+#define OID_ECGDSA_SIG_WITH_SHA512 318
+#define OID_SECT163K1 341
+#define OID_SECT163R1 342
+#define OID_SECT239K1 343
+#define OID_SECT113R1 344
+#define OID_SECT113R2 345
+#define OID_SECT112R1 346
+#define OID_SECT112R2 347
+#define OID_SECT160R1 348
+#define OID_SECT160K1 349
+#define OID_SECT256K1 350
+#define OID_SECT163R2 351
+#define OID_SECT283K1 352
+#define OID_SECT283R1 353
+#define OID_SECT131R1 354
+#define OID_SECT131R2 355
+#define OID_SECT193R1 356
+#define OID_SECT193R2 357
+#define OID_SECT233K1 358
+#define OID_SECT233R1 359
+#define OID_SECT128R1 360
+#define OID_SECT128R2 361
+#define OID_SECT160R2 362
+#define OID_SECT192K1 363
+#define OID_SECT224K1 364
+#define OID_SECT224R1 365
+#define OID_SECT384R1 366
+#define OID_SECT521R1 367
+#define OID_SECT409K1 368
+#define OID_SECT409R1 369
+#define OID_SECT571K1 370
+#define OID_SECT571R1 371
+#define OID_AES128_CBC 380
+#define OID_AES128_GCM 381
+#define OID_AES128_CCM 382
+#define OID_AES192_CBC 383
+#define OID_AES192_GCM 384
+#define OID_AES192_CCM 385
+#define OID_AES256_CBC 386
+#define OID_AES256_GCM 387
+#define OID_AES256_CCM 388
+#define OID_SHA256 390
+#define OID_SHA384 391
+#define OID_SHA512 392
+#define OID_SHA224 393
+#define OID_NS_REVOCATION_URL 401
+#define OID_NS_CA_REVOCATION_URL 402
+#define OID_NS_CA_POLICY_URL 403
+#define OID_NS_COMMENT 404
+#define OID_EMPLOYEE_NUMBER 407
+#define OID_PKI_MESSAGE_TYPE 413
+#define OID_PKI_STATUS 414
+#define OID_PKI_FAIL_INFO 415
+#define OID_PKI_SENDER_NONCE 416
+#define OID_PKI_RECIPIENT_NONCE 417
+#define OID_PKI_TRANS_ID 418
+#define OID_TPM_MANUFACTURER 424
+#define OID_TPM_MODEL 425
+#define OID_TPM_VERSION 426
+#define OID_TPM_ID_LABEL 427
-#define OID_MAX 404
+#define OID_MAX 428
#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
index 740dc5073..c15a1cc2a 100644
--- a/src/libstrongswan/asn1/oid.txt
+++ b/src/libstrongswan/asn1/oid.txt
@@ -93,6 +93,7 @@
0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA
0x05 "sha-1WithRSAEncryption" OID_SHA1_WITH_RSA
0x07 "id-RSAES-OAEP" OID_RSAES_OAEP
+ 0x08 "id-mgf1"
0x09 "id-pSpecified"
0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA
0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA
@@ -211,6 +212,29 @@
0x02 ""
0x02 ""
0x4B "TCGID" OID_TCGID
+ 0xc1 ""
+ 0x16 "ntruCryptosystems"
+ 0x01 "eess"
+ 0x01 "eess1"
+ 0x01 "eess1-algs"
+ 0x01 "ntru-EESS1v1-SVES"
+ 0x02 "ntru-EESS1v1-SVSSA"
+ 0x03 "ntru-EESS1v1-NTRUSign"
+ 0x02 "eess1-params"
+ 0x01 "ees251ep1"
+ 0x02 "ees347ep1"
+ 0x03 "ees503ep1"
+ 0x07 "ees251sp2"
+ 0x0C "ees251ep4"
+ 0x0D "ees251ep5"
+ 0x0E "ees251sp3"
+ 0x0F "ees251sp4"
+ 0x10 "ees251sp5"
+ 0x11 "ees251sp6"
+ 0x12 "ees251sp7"
+ 0x13 "ees251sp8"
+ 0x14 "ees251sp9"
+ 0x03 "eess1-encodingMethods"
0x05 "security"
0x05 "mechanisms"
0x07 "id-pkix"
diff --git a/src/libstrongswan/collections/array.c b/src/libstrongswan/collections/array.c
index 387e2a57d..314e8e916 100644
--- a/src/libstrongswan/collections/array.c
+++ b/src/libstrongswan/collections/array.c
@@ -1,4 +1,7 @@
/*
+ * Copyright (C) 2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2013 Martin Willi
* Copyright (C) 2013 revosec AG
*
@@ -13,8 +16,15 @@
* for more details.
*/
+#define _GNU_SOURCE /* for qsort_r() */
+#include <stdlib.h>
+
#include "array.h"
+#ifndef HAVE_QSORT_R
+#include <threading/thread_value.h>
+#endif
+
/**
* Data is an allocated block, with potentially unused head and tail:
*
@@ -43,6 +53,11 @@ struct array_t {
void *data;
};
+#ifndef HAVE_QSORT_R
+ /* store data to replicate qsort_r in thread local storage */
+ static thread_value_t *sort_data;
+#endif
+
/** maximum number of unused head/tail elements before cleanup */
#define ARRAY_MAX_UNUSED 32
@@ -314,7 +329,7 @@ void array_insert(array_t *array, int idx, void *data)
}
}
-bool array_remove(array_t *array, int idx, void *data)
+bool array_get(array_t *array, int idx, void *data)
{
if (!array)
{
@@ -337,12 +352,25 @@ bool array_remove(array_t *array, int idx, void *data)
memcpy(data, array->data + get_size(array, array->head + idx),
get_size(array, 1));
}
+ return TRUE;
+}
+
+bool array_remove(array_t *array, int idx, void *data)
+{
+ if (!array_get(array, idx, data))
+ {
+ return FALSE;
+ }
if (idx > array_count(array) / 2)
{
remove_tail(array, idx);
}
else
{
+ if (idx < 0)
+ {
+ idx = array_count(array) - 1;
+ }
remove_head(array, idx);
}
if (array->head + array->tail > ARRAY_MAX_UNUSED)
@@ -352,6 +380,113 @@ bool array_remove(array_t *array, int idx, void *data)
return TRUE;
}
+typedef struct {
+ /** the array */
+ array_t *array;
+ /** comparison function */
+ int (*cmp)(const void*,const void*,void*);
+ /** optional user arg */
+ void *arg;
+} sort_data_t;
+
+#ifdef HAVE_QSORT_R_GNU
+static int compare_elements(const void *a, const void *b, void *arg)
+#elif defined(HAVE_QSORT_R_BSD)
+static int compare_elements(void *arg, const void *a, const void *b)
+#else /* !HAVE_QSORT_R */
+static int compare_elements(const void *a, const void *b)
+#endif
+{
+#ifdef HAVE_QSORT_R
+ sort_data_t *data = (sort_data_t*)arg;
+#else
+ sort_data_t *data = sort_data->get(sort_data);
+#endif
+
+ if (data->array->esize)
+ {
+ return data->cmp(a, b, data->arg);
+ }
+ return data->cmp(*(void**)a, *(void**)b, data->arg);
+}
+
+void array_sort(array_t *array, int (*cmp)(const void*,const void*,void*),
+ void *user)
+{
+ if (array)
+ {
+ sort_data_t data = {
+ .array = array,
+ .cmp = cmp,
+ .arg = user,
+ };
+ void *start;
+
+ start = array->data + get_size(array, array->head);
+
+#ifdef HAVE_QSORT_R_GNU
+ qsort_r(start, array->count, get_size(array, 1), compare_elements,
+ &data);
+#elif defined(HAVE_QSORT_R_BSD)
+ qsort_r(start, array->count, get_size(array, 1), &data,
+ compare_elements);
+#else /* !HAVE_QSORT_R */
+ sort_data->set(sort_data, &data);
+ qsort(start, array->count, get_size(array, 1), compare_elements);
+#endif
+ }
+}
+
+typedef struct {
+ /** the array */
+ array_t *array;
+ /** the key */
+ const void *key;
+ /** comparison function */
+ int (*cmp)(const void*,const void*);
+} bsearch_data_t;
+
+static int search_elements(const void *a, const void *b)
+{
+ bsearch_data_t *data = (bsearch_data_t*)a;
+
+ if (data->array->esize)
+ {
+ return data->cmp(data->key, b);
+ }
+ return data->cmp(data->key, *(void**)b);
+}
+
+int array_bsearch(array_t *array, const void *key,
+ int (*cmp)(const void*,const void*), void *out)
+{
+ int idx = -1;
+
+ if (array)
+ {
+ bsearch_data_t data = {
+ .array = array,
+ .key = key,
+ .cmp = cmp,
+ };
+ void *start, *item;
+
+ start = array->data + get_size(array, array->head);
+
+ item = bsearch(&data, start, array->count, get_size(array, 1),
+ search_elements);
+ if (item)
+ {
+ if (out)
+ {
+ memcpy(out, item, get_size(array, 1));
+ }
+ idx = (item - start) / get_size(array, 1);
+ }
+ }
+ return idx;
+}
+
void array_invoke(array_t *array, array_callback_t cb, void *user)
{
if (array)
@@ -414,3 +549,17 @@ void array_destroy_offset(array_t *array, size_t offset)
array_invoke_offset(array, offset);
array_destroy(array);
}
+
+void arrays_init()
+{
+#ifndef HAVE_QSORT_R
+ sort_data = thread_value_create(NULL);
+#endif
+}
+
+void arrays_deinit()
+{
+#ifndef HAVE_QSORT_R
+ sort_data->destroy(sort_data);
+#endif
+}
diff --git a/src/libstrongswan/collections/array.h b/src/libstrongswan/collections/array.h
index 0dc7b2250..ce702ebfa 100644
--- a/src/libstrongswan/collections/array.h
+++ b/src/libstrongswan/collections/array.h
@@ -1,4 +1,7 @@
/*
+ * Copyright (C) 2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2013 Martin Willi
* Copyright (C) 2013 revosec AG
*
@@ -87,7 +90,7 @@ void array_compress(array_t *array);
* The enumerater enumerates directly over the array element (pass a pointer to
* element types), unless the array is pointer based. If zero is passed as
* element size during construction, the enumerator enumerates over the
- * deferenced pointer values.
+ * dereferenced pointer values.
*
* @param array array to create enumerator for, or NULL
* @return enumerator, over elements or pointers
@@ -140,6 +143,18 @@ void array_insert_create(array_t **array, int idx, void *ptr);
void array_insert_enumerator(array_t *array, int idx, enumerator_t *enumerator);
/**
+ * Get an element from the array.
+ *
+ * If data is given, the element is copied to that position.
+ *
+ * @param array array to get element from, or NULL
+ * @param idx index of the item to get
+ * @param data data to copy element to, or NULL
+ * @return TRUE if idx valid and item returned
+ */
+bool array_get(array_t *array, int idx, void *data);
+
+/**
* Remove an element from the array.
*
* If data is given, the element is copied to that position.
@@ -152,6 +167,50 @@ void array_insert_enumerator(array_t *array, int idx, enumerator_t *enumerator);
bool array_remove(array_t *array, int idx, void *data);
/**
+ * Sort the array.
+ *
+ * The comparison function must return an integer less than, equal to, or
+ * greater than zero if the first argument is considered to be respectively less
+ * than, equal to, or greater than the second. If two elements compare as
+ * equal, their order in the sorted array is undefined.
+ *
+ * The comparison function receives pointers to the array elements (esize != 0)
+ * or the actual pointers (esize = 0). The third argument is the user data
+ * supplied to this function.
+ *
+ * @param array array to sort, or NULL
+ * @param cmp comparison function
+ * @param user user data to pass to comparison function
+ */
+void array_sort(array_t *array, int (*cmp)(const void*,const void*,void*),
+ void *user);
+
+/**
+ * Binary search of a sorted array.
+ *
+ * The array should be sorted in ascending order according to the given
+ * comparison function.
+ *
+ * The comparison function must return an integer less than, equal to, or
+ * greater than zero if the first argument (the key) is considered to be
+ * respectively less than, equal to, or greater than the second.
+ *
+ * If there are multiple elements that match the key it is not specified which
+ * element is returned.
+ *
+ * The comparison function receives the key object and a pointer to an array
+ * element (esize != 0) or an actual pointer (esize = 0).
+ *
+ * @param array array to search, or NULL
+ * @param key key to search for
+ * @param cmp comparison function
+ * @param data data to copy element to, or NULL
+ * @return index of the element if found, -1 if not
+ */
+int array_bsearch(array_t *array, const void *key,
+ int (*cmp)(const void*,const void*), void *data);
+
+/**
* Invoke a callback for all array members.
*
* @param array array to traverse, or NULL
@@ -192,4 +251,16 @@ void array_destroy_function(array_t *array, array_callback_t cb, void *user);
*/
void array_destroy_offset(array_t *array, size_t offset);
+
+/**
+ * Required on some platforms to initialize thread local value to implement
+ * array_sort().
+ */
+void arrays_init();
+
+/**
+ * Destroys the thread local value if required.
+ */
+void arrays_deinit();
+
#endif /** ARRAY_H_ @}*/
diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c
index de19c8d96..3ec0714b6 100644
--- a/src/libstrongswan/credentials/credential_manager.c
+++ b/src/libstrongswan/credentials/credential_manager.c
@@ -1349,7 +1349,7 @@ credential_manager_t *credential_manager_create()
this->local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
this->exclusive_local_sets = thread_value_create((thread_cleanup_t)this->sets->destroy);
- if (lib->settings->get_bool(lib->settings, "libstrongswan.cert_cache", TRUE))
+ if (lib->settings->get_bool(lib->settings, "%s.cert_cache", TRUE, lib->ns))
{
this->cache = cert_cache_create();
this->sets->insert_first(this->sets, this->cache);
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index edcabfe58..dba3f6f6d 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -967,11 +967,11 @@ crypto_factory_t *crypto_factory_create()
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
.tester = crypto_tester_create(),
.test_on_add = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.on_add", FALSE),
+ "%s.crypto_test.on_add", FALSE, lib->ns),
.test_on_create = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.on_create", FALSE),
+ "%s.crypto_test.on_create", FALSE, lib->ns),
.bench = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.bench", FALSE),
+ "%s.crypto_test.bench", FALSE, lib->ns),
);
return &this->public;
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 5a0dccced..30724b16d 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -1207,13 +1207,13 @@ crypto_tester_t *crypto_tester_create()
.rng = linked_list_create(),
.required = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.required", FALSE),
+ "%s.crypto_test.required", FALSE, lib->ns),
.rng_true = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.rng_true", FALSE),
+ "%s.crypto_test.rng_true", FALSE, lib->ns),
.bench_time = lib->settings->get_int(lib->settings,
- "libstrongswan.crypto_test.bench_time", 50),
+ "%s.crypto_test.bench_time", 50, lib->ns),
.bench_size = lib->settings->get_int(lib->settings,
- "libstrongswan.crypto_test.bench_size", 1024),
+ "%s.crypto_test.bench_size", 1024, lib->ns),
);
/* enforce a block size of 16, should be fine for all algorithms */
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 3d319d2d4..5c1d08de2 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -45,7 +45,12 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP,
"MODP_NULL",
"MODP_CUSTOM");
-ENUM_END(diffie_hellman_group_names, MODP_CUSTOM);
+ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM,
+ "NTRU_112",
+ "NTRU_128",
+ "NTRU_192",
+ "NTRU_256");
+ENUM_END(diffie_hellman_group_names, NTRU_256_BIT);
/**
@@ -439,7 +444,7 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group)
{
if (!dh_params[i].public.subgroup.len &&
lib->settings->get_int(lib->settings,
- "libstrongswan.dh_exponent_ansi_x9_42", TRUE))
+ "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns))
{
dh_params[i].public.exp_len = dh_params[i].public.prime.len;
}
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index edf6bbd6d..00d700314 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -64,6 +64,11 @@ enum diffie_hellman_group_t {
MODP_NULL = 1024,
/** MODP group with custom generator/prime */
MODP_CUSTOM = 1025,
+ /** Parameters defined by IEEE 1363.1, in PRIVATE USE */
+ NTRU_112_BIT = 1030,
+ NTRU_128_BIT = 1031,
+ NTRU_192_BIT = 1032,
+ NTRU_256_BIT = 1033
};
/**
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index 4db504eb0..bbb97d088 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -56,6 +56,11 @@ struct private_proposal_keywords_t {
linked_list_t * tokens;
/**
+ * registered algname parsers, as proposal_algname_parser_t
+ */
+ linked_list_t *parsers;
+
+ /**
* rwlock to lock access to modules
*/
rwlock_t *lock;
@@ -85,11 +90,46 @@ static const proposal_token_t* find_token(private_proposal_keywords_t *this,
return found;
}
+/**
+ * Parse the given algorithm into a token with user defined parser functions.
+ */
+static const proposal_token_t* parse_token(private_proposal_keywords_t *this,
+ const char *str)
+{
+ proposal_algname_parser_t parser;
+ enumerator_t *enumerator;
+ proposal_token_t *found = NULL;
+
+ this->lock->read_lock(this->lock);
+ enumerator = this->parsers->create_enumerator(this->parsers);
+ while (enumerator->enumerate(enumerator, &parser))
+ {
+ found = parser(str);
+ if (found)
+ {
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ this->lock->unlock(this->lock);
+ return found;
+}
+
METHOD(proposal_keywords_t, get_token, const proposal_token_t*,
private_proposal_keywords_t *this, const char *str)
{
- const proposal_token_t *token = proposal_get_token_static(str, strlen(str));
- return token ?: find_token(this, str);
+ const proposal_token_t *token;
+
+ token = proposal_get_token_static(str, strlen(str));
+ if (!token)
+ {
+ token = find_token(this, str);
+ }
+ if (!token)
+ {
+ token = parse_token(this, str);
+ }
+ return token;
}
METHOD(proposal_keywords_t, register_token, void,
@@ -110,6 +150,14 @@ METHOD(proposal_keywords_t, register_token, void,
this->lock->unlock(this->lock);
}
+METHOD(proposal_keywords_t, register_algname_parser, void,
+ private_proposal_keywords_t *this, proposal_algname_parser_t parser)
+{
+ this->lock->write_lock(this->lock);
+ this->tokens->insert_first(this->parsers, parser);
+ this->lock->unlock(this->lock);
+}
+
METHOD(proposal_keywords_t, destroy, void,
private_proposal_keywords_t *this)
{
@@ -121,6 +169,7 @@ METHOD(proposal_keywords_t, destroy, void,
free(token);
}
this->tokens->destroy(this->tokens);
+ this->parsers->destroy(this->parsers);
this->lock->destroy(this->lock);
free(this);
}
@@ -136,9 +185,11 @@ proposal_keywords_t *proposal_keywords_create()
.public = {
.get_token = _get_token,
.register_token = _register_token,
+ .register_algname_parser = _register_algname_parser,
.destroy = _destroy,
},
.tokens = linked_list_create(),
+ .parsers = linked_list_create(),
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
);
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h
index d6107abc0..5cdbafc51 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.h
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h
@@ -46,6 +46,8 @@
typedef struct proposal_token_t proposal_token_t;
typedef struct proposal_keywords_t proposal_keywords_t;
+typedef proposal_token_t*(*proposal_algname_parser_t)(const char *algname);
+
#include <library.h>
#include <crypto/transform.h>
@@ -102,6 +104,17 @@ struct proposal_keywords_t {
u_int16_t keysize);
/**
+ * Register an algorithm name parser.
+ *
+ * It is meant to parse an algorithm name into a proposal token in a
+ * generic, user defined way.
+ *
+ * @param parser a pointer to the parser function
+ */
+ void (*register_algname_parser)(proposal_keywords_t *this,
+ proposal_algname_parser_t parser);
+
+ /**
* Destroy a proposal_keywords_t instance.
*/
void (*destroy)(proposal_keywords_t *this);
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
index a238f640e..1da1421f4 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
@@ -1,6 +1,6 @@
/* C code produced by gperf version 3.0.4 */
/* Command-line: /usr/bin/gperf -N proposal_get_token_static -m 10 -C -G -c -t -D */
-/* Computed positions: -k'1,5,7,10,15,$' */
+/* Computed positions: -k'1,5-7,10,15,$' */
#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
&& ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
@@ -31,8 +31,8 @@ error "gperf generated tables don't work with this execution character set. Plea
/*
- * Copyright (C) 2009 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
+ * Copyright (C) 2009-2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil, Switzerland
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -59,12 +59,12 @@ struct proposal_token {
u_int16_t keysize;
};
-#define TOTAL_KEYWORDS 134
+#define TOTAL_KEYWORDS 138
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
-#define MIN_HASH_VALUE 4
-#define MAX_HASH_VALUE 215
-/* maximum key range = 212, duplicates = 0 */
+#define MIN_HASH_VALUE 20
+#define MAX_HASH_VALUE 295
+/* maximum key range = 276, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -78,34 +78,34 @@ hash (str, len)
register const char *str;
register unsigned int len;
{
- static const unsigned char asso_values[] =
+ static const unsigned short asso_values[] =
{
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 0, 4,
- 1, 21, 15, 13, 9, 16, 2, 0, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 76, 216, 2, 28, 16,
- 0, 39, 112, 42, 31, 0, 216, 216, 0, 9,
- 100, 0, 7, 20, 95, 12, 44, 55, 216, 216,
- 1, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 47, 6,
+ 15, 8, 64, 24, 12, 14, 7, 5, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 120, 296, 9, 5, 22,
+ 48, 114, 28, 76, 6, 5, 296, 296, 5, 20,
+ 7, 14, 82, 7, 81, 98, 10, 86, 296, 296,
+ 5, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296
};
register int hval = len;
@@ -127,6 +127,8 @@ hash (str, len)
hval += asso_values[(unsigned char)str[6]];
/*FALLTHROUGH*/
case 6:
+ hval += asso_values[(unsigned char)str[5]];
+ /*FALLTHROUGH*/
case 5:
hval += asso_values[(unsigned char)str[4]];
/*FALLTHROUGH*/
@@ -142,166 +144,178 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
+ {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
{"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
- {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
- {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
- {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
- {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
- {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
- {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
- {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
- {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
- {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
- {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
- {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
- {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
- {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
- {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
+ {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
+ {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
{"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
- {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
- {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
- {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
+ {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
+ {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
+ {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
{"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
+ {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0},
+ {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
{"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
+ {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
+ {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0},
+ {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0},
+ {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
{"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
{"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
{"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
- {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
- {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
{"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
{"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
+ {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
+ {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
+ {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0},
+ {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
{"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
- {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
{"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
+ {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
{"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
+ {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
+ {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
+ {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
+ {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
+ {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
+ {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
+ {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
+ {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
+ {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
+ {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
+ {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
+ {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
+ {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
+ {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
{"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
{"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
{"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
- {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
{"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
+ {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
+ {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
+ {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
+ {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
{"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
- {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
{"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
+ {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
+ {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
{"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
- {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
- {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
- {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
+ {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
+ {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
+ {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
{"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
{"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
- {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
- {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
- {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
- {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0},
- {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
- {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
- {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
- {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
- {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
- {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
- {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
- {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
+ {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
+ {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
+ {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
{"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
- {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
+ {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
{"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
+ {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
+ {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
{"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
- {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
- {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
- {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
- {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
{"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
- {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0},
+ {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
+ {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0},
- {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
- {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
+ {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
- {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
- {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0}
+ {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0},
+ {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
+ {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
+ {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
+ {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
+ {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0}
};
static const short lookup[] =
{
- -1, -1, -1, -1, 0, -1, -1, -1, -1, -1,
- 1, -1, 2, -1, 3, 4, -1, -1, -1, 5,
- 6, 7, 8, 9, 10, 11, 12, -1, -1, 13,
- 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
- 24, 25, 26, 27, 28, -1, -1, -1, -1, 29,
- -1, -1, 30, 31, 32, 33, 34, -1, 35, 36,
- 37, 38, 39, 40, 41, 42, 43, 44, 45, 46,
- 47, 48, 49, 50, 51, 52, 53, 54, -1, 55,
- 56, 57, -1, 58, 59, 60, 61, 62, 63, 64,
- 65, 66, 67, -1, 68, 69, 70, 71, 72, 73,
- 74, 75, 76, 77, -1, 78, 79, 80, 81, 82,
- 83, 84, 85, 86, 87, 88, 89, 90, 91, 92,
- -1, 93, 94, 95, 96, 97, 98, 99, 100, -1,
- -1, -1, 101, 102, 103, 104, -1, 105, 106, 107,
- 108, 109, 110, -1, 111, 112, 113, 114, 115, 116,
- 117, 118, 119, 120, 121, 122, 123, 124, -1, 125,
- -1, 126, -1, -1, -1, -1, -1, -1, 127, -1,
- -1, -1, -1, 128, -1, -1, -1, -1, 129, 130,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, 131, -1, -1, 132, -1,
- -1, -1, -1, -1, -1, 133
+ 0, -1, 1, 2, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, 3, 4, -1, -1, -1, 5, -1,
+ 6, 7, -1, -1, -1, -1, 8, -1, 9, 10,
+ -1, -1, 11, -1, 12, -1, 13, -1, 14, 15,
+ -1, 16, 17, 18, 19, 20, -1, -1, -1, 21,
+ 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
+ 32, 33, 34, 35, 36, 37, -1, 38, 39, -1,
+ 40, 41, 42, -1, 43, 44, 45, 46, 47, 48,
+ -1, 49, 50, 51, -1, 52, 53, 54, 55, 56,
+ 57, 58, 59, -1, -1, 60, 61, 62, 63, 64,
+ 65, 66, -1, -1, 67, 68, 69, 70, 71, 72,
+ 73, 74, 75, 76, 77, 78, 79, 80, -1, 81,
+ 82, 83, 84, 85, 86, 87, 88, 89, 90, 91,
+ 92, 93, -1, 94, -1, 95, -1, 96, 97, 98,
+ 99, 100, -1, 101, -1, 102, 103, 104, -1, 105,
+ 106, 107, 108, 109, -1, 110, -1, 111, -1, 112,
+ -1, 113, 114, 115, 116, -1, 117, 118, 119, 120,
+ 121, -1, -1, -1, 122, -1, -1, 123, -1, -1,
+ 124, -1, 125, 126, 127, -1, -1, -1, 128, -1,
+ -1, -1, -1, -1, 129, 130, -1, 131, -1, 132,
+ -1, -1, -1, -1, 133, -1, -1, -1, -1, 134,
+ -1, -1, -1, -1, -1, 135, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, 136, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, 137
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
index c484320ca..70e79157a 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
@@ -1,7 +1,7 @@
%{
/*
- * Copyright (C) 2009 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
+ * Copyright (C) 2009-2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil, Switzerland
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -161,5 +161,9 @@ ecp224bp, DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0
ecp256bp, DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0
ecp384bp, DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0
ecp512bp, DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0
+ntru112, DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0
+ntru128, DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0
+ntru192, DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0
+ntru256, DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0
noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0
esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0
diff --git a/src/libstrongswan/fetcher/fetcher_manager.c b/src/libstrongswan/fetcher/fetcher_manager.c
index 21cd1aff4..2fad486e0 100644
--- a/src/libstrongswan/fetcher/fetcher_manager.c
+++ b/src/libstrongswan/fetcher/fetcher_manager.c
@@ -43,7 +43,7 @@ struct private_fetcher_manager_t {
};
typedef struct {
- /** assocaited fetcher construction function */
+ /** associated fetcher construction function */
fetcher_constructor_t create;
/** URL this fetcher support */
char *url;
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
index f2fa3e0aa..8472c30a5 100644
--- a/src/libstrongswan/library.c
+++ b/src/libstrongswan/library.c
@@ -22,6 +22,7 @@
#include <threading/thread.h>
#include <utils/identification.h>
#include <networking/host.h>
+#include <collections/array.h>
#include <collections/hashtable.h>
#include <utils/backtrace.h>
#include <selectors/traffic_selector.h>
@@ -61,6 +62,39 @@ struct private_library_t {
*/
library_t *lib = NULL;
+#ifdef LEAK_DETECTIVE
+/**
+ * Default leak report callback
+ */
+static void report_leaks(void *user, int count, size_t bytes,
+ backtrace_t *bt, bool detailed)
+{
+ fprintf(stderr, "%zu bytes total, %d allocations, %zu bytes average:\n",
+ bytes, count, bytes / count);
+ bt->log(bt, stderr, detailed);
+}
+
+/**
+ * Default leak report summary callback
+ */
+static void sum_leaks(void* user, int count, size_t bytes, int whitelisted)
+{
+ switch (count)
+ {
+ case 0:
+ fprintf(stderr, "No leaks detected");
+ break;
+ case 1:
+ fprintf(stderr, "One leak detected");
+ break;
+ default:
+ fprintf(stderr, "%d leaks detected, %zu bytes", count, bytes);
+ break;
+ }
+ fprintf(stderr, ", %d suppressed by whitelist\n", whitelisted);
+}
+#endif /* LEAK_DETECTIVE */
+
/**
* Deinitialize library
*/
@@ -75,7 +109,7 @@ void library_deinit()
}
detailed = lib->settings->get_bool(lib->settings,
- "libstrongswan.leak_detective.detailed", TRUE);
+ "%s.leak_detective.detailed", TRUE, lib->ns);
/* make sure the cache is clear before unloading plugins */
lib->credmgr->flush_cache(lib->credmgr, CERT_ANY);
@@ -109,9 +143,11 @@ void library_deinit()
lib->leak_detective->destroy(lib->leak_detective);
}
+ arrays_deinit();
threads_deinit();
backtrace_deinit();
+ free((void*)this->public.ns);
free(this);
lib = NULL;
}
@@ -201,7 +237,7 @@ static bool check_memwipe()
/*
* see header file
*/
-bool library_init(char *settings)
+bool library_init(char *settings, const char *namespace)
{
private_library_t *this;
printf_hook_t *pfh;
@@ -217,6 +253,7 @@ bool library_init(char *settings)
.public = {
.get = _get,
.set = _set,
+ .ns = strdup(namespace ?: "libstrongswan"),
},
.ref = 1,
);
@@ -224,9 +261,12 @@ bool library_init(char *settings)
backtrace_init();
threads_init();
+ arrays_init();
#ifdef LEAK_DETECTIVE
lib->leak_detective = leak_detective_create();
+ lib->leak_detective->set_report_cb(lib->leak_detective,
+ report_leaks, sum_leaks, NULL);
#endif /* LEAK_DETECTIVE */
pfh = printf_hook_create();
@@ -256,6 +296,9 @@ bool library_init(char *settings)
this->objects = hashtable_create((hashtable_hash_t)hash,
(hashtable_equals_t)equals, 4);
this->public.settings = settings_create(settings);
+ /* all namespace settings may fall back to libstrongswan */
+ lib->settings->add_fallback(lib->settings, lib->ns, "libstrongswan");
+
this->public.hosts = host_resolver_create();
this->public.proposal = proposal_keywords_create();
this->public.caps = capabilities_create();
@@ -278,7 +321,7 @@ bool library_init(char *settings)
}
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.integrity_test", FALSE))
+ "%s.integrity_test", FALSE, lib->ns))
{
#ifdef INTEGRITY_TEST
this->public.integrity = integrity_checker_create(CHECKSUM_LIBRARY);
diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h
index e53cf09e2..4125328b7 100644
--- a/src/libstrongswan/library.h
+++ b/src/libstrongswan/library.h
@@ -1,4 +1,5 @@
/*
+ * Copyright (C) 2010-2014 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -140,6 +141,12 @@ struct library_t {
bool (*set)(library_t *this, char *name, void *object);
/**
+ * Namespace used for settings etc. (i.e. the name of the binary that uses
+ * the library)
+ */
+ const char *ns;
+
+ /**
* Printf hook registering facility
*/
printf_hook_t *printf_hook;
@@ -239,12 +246,17 @@ struct library_t {
* Initialize library, creates "lib" instance.
*
* library_init() may be called multiple times in a single process, but each
- * caller should call library_deinit() for each call to library_init().
+ * caller must call library_deinit() for each call to library_init().
+ *
+ * The settings and namespace arguments are only used on the first call.
*
* @param settings file to read settings from, may be NULL for default
+ * @param namespace name of the binary that uses the library, determines
+ * the first section name when reading config options.
+ * Defaults to libstrongswan if NULL.
* @return FALSE if integrity check failed
*/
-bool library_init(char *settings);
+bool library_init(char *settings, const char *namespace);
/**
* Deinitialize library, destroys "lib" instance.
diff --git a/src/libstrongswan/networking/host_resolver.c b/src/libstrongswan/networking/host_resolver.c
index 99a17d17c..10af11a7f 100644
--- a/src/libstrongswan/networking/host_resolver.c
+++ b/src/libstrongswan/networking/host_resolver.c
@@ -355,11 +355,11 @@ host_resolver_t *host_resolver_create()
);
this->min_threads = max(0, lib->settings->get_int(lib->settings,
- "libstrongswan.host_resolver.min_threads",
- MIN_THREADS_DEFAULT));
+ "%s.host_resolver.min_threads",
+ MIN_THREADS_DEFAULT, lib->ns));
this->max_threads = max(this->min_threads ?: 1,
lib->settings->get_int(lib->settings,
- "libstrongswan.host_resolver.max_threads",
- MAX_THREADS_DEFAULT));
+ "%s.host_resolver.max_threads",
+ MAX_THREADS_DEFAULT, lib->ns));
return &this->public;
}
diff --git a/src/libstrongswan/networking/streams/stream.c b/src/libstrongswan/networking/streams/stream.c
index 8ecb89fc9..f6fec0b4a 100644
--- a/src/libstrongswan/networking/streams/stream.c
+++ b/src/libstrongswan/networking/streams/stream.c
@@ -159,17 +159,6 @@ METHOD(stream_t, write_all, bool,
}
/**
- * Remove a registered watcher
- */
-static void remove_watcher(private_stream_t *this)
-{
- if (this->read_cb || this->write_cb)
- {
- lib->watcher->remove(lib->watcher, this->fd);
- }
-}
-
-/**
* Watcher callback
*/
static bool watch(private_stream_t *this, int fd, watcher_event_t event)
@@ -228,7 +217,7 @@ static void add_watcher(private_stream_t *this)
METHOD(stream_t, on_read, void,
private_stream_t *this, stream_cb_t cb, void *data)
{
- remove_watcher(this);
+ lib->watcher->remove(lib->watcher, this->fd);
this->read_cb = cb;
this->read_data = data;
@@ -239,7 +228,7 @@ METHOD(stream_t, on_read, void,
METHOD(stream_t, on_write, void,
private_stream_t *this, stream_cb_t cb, void *data)
{
- remove_watcher(this);
+ lib->watcher->remove(lib->watcher, this->fd);
this->write_cb = cb;
this->write_data = data;
@@ -270,7 +259,7 @@ METHOD(stream_t, get_file, FILE*,
METHOD(stream_t, destroy, void,
private_stream_t *this)
{
- remove_watcher(this);
+ lib->watcher->remove(lib->watcher, this->fd);
close(this->fd);
free(this);
}
diff --git a/src/libstrongswan/networking/streams/stream.h b/src/libstrongswan/networking/streams/stream.h
index 810514da9..3516d9186 100644
--- a/src/libstrongswan/networking/streams/stream.h
+++ b/src/libstrongswan/networking/streams/stream.h
@@ -39,9 +39,8 @@ typedef stream_t*(*stream_constructor_t)(char *uri);
/**
* Callback function prototype, called when stream is ready.
*
- * It is allowed to destroy the stream during the callback, but only if it has
- * no other active on_read()/on_write() callback and returns FALSE. It is not
- * allowed to to call on_read()/on_write/() during the callback.
+ * It is not allowed to destroy the stream nor to call on_read()/on_write/()
+ * during the callback.
*
* As select() may return even if a read()/write() would actually block, it is
* recommended to use the non-blocking calls and handle return values
diff --git a/src/libstrongswan/networking/tun_device.c b/src/libstrongswan/networking/tun_device.c
index 65268d242..ecefdc233 100644
--- a/src/libstrongswan/networking/tun_device.c
+++ b/src/libstrongswan/networking/tun_device.c
@@ -27,9 +27,11 @@
#include <unistd.h>
#include <net/if.h>
+#if !defined(__APPLE__) && !defined(__linux__) && !defined(HAVE_NET_IF_TUN_H)
+
#include "tun_device.h"
-#if !defined(__APPLE__) && !defined(__linux__) && !defined(HAVE_NET_IF_TUN_H)
+#include <utils/debug.h>
#warning TUN devices are not supported!
@@ -46,12 +48,14 @@ tun_device_t *tun_device_create(const char *name_tmpl)
#include <netinet/in_var.h>
#include <sys/kern_control.h>
#elif defined(__linux__)
+#include <linux/types.h>
#include <linux/if_tun.h>
#else
#include <net/if_tun.h>
#endif
-#include <library.h>
+#include "tun_device.h"
+
#include <utils/debug.h>
#include <threading/thread.h>
diff --git a/src/libstrongswan/networking/tun_device.h b/src/libstrongswan/networking/tun_device.h
index 1d330f133..543125beb 100644
--- a/src/libstrongswan/networking/tun_device.h
+++ b/src/libstrongswan/networking/tun_device.h
@@ -23,7 +23,6 @@
#ifndef TUN_DEVICE_H_
#define TUN_DEVICE_H_
-#include <library.h>
#include <networking/host.h>
typedef struct tun_device_t tun_device_t;
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in
index 5ae5537ad..9e91e8671 100644
--- a/src/libstrongswan/plugins/aes/Makefile.in
+++ b/src/libstrongswan/plugins/aes/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in
index cdecc5b06..4ea1e8f36 100644
--- a/src/libstrongswan/plugins/af_alg/Makefile.in
+++ b/src/libstrongswan/plugins/af_alg/Makefile.in
@@ -219,8 +219,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in
index b840d0e03..150e8d4d4 100644
--- a/src/libstrongswan/plugins/agent/Makefile.in
+++ b/src/libstrongswan/plugins/agent/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c
index 322ded48c..dc6adc457 100644
--- a/src/libstrongswan/plugins/agent/agent_plugin.c
+++ b/src/libstrongswan/plugins/agent/agent_plugin.c
@@ -63,6 +63,13 @@ plugin_t *agent_plugin_create()
{
private_agent_plugin_t *this;
+ /* required to connect to ssh-agent socket */
+ if (!lib->caps->keep(lib->caps, CAP_DAC_OVERRIDE))
+ {
+ DBG1(DBG_DMN, "agent plugin requires CAP_DAC_OVERRIDE capability");
+ return NULL;
+ }
+
INIT(this,
.public = {
.plugin = {
@@ -75,4 +82,3 @@ plugin_t *agent_plugin_create()
return &this->public.plugin;
}
-
diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index 8a3fb150a..c2e82a9f1 100644
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -442,4 +442,3 @@ agent_private_key_t *agent_private_key_open(key_type_t type, va_list args)
}
return &this->public;
}
-
diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in
index 8b2f7431f..f13a96421 100644
--- a/src/libstrongswan/plugins/blowfish/Makefile.in
+++ b/src/libstrongswan/plugins/blowfish/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index 486af34ed..ed3f05681 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/cmac/Makefile.in b/src/libstrongswan/plugins/cmac/Makefile.in
index b8fe6de06..620d8359f 100644
--- a/src/libstrongswan/plugins/cmac/Makefile.in
+++ b/src/libstrongswan/plugins/cmac/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in
index 1f791208e..060287d1c 100644
--- a/src/libstrongswan/plugins/constraints/Makefile.in
+++ b/src/libstrongswan/plugins/constraints/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in
index 3d4f71176..ff34435a2 100644
--- a/src/libstrongswan/plugins/ctr/Makefile.in
+++ b/src/libstrongswan/plugins/ctr/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in
index f6625dd48..a756a0a7e 100644
--- a/src/libstrongswan/plugins/curl/Makefile.in
+++ b/src/libstrongswan/plugins/curl/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c
index a8cca98da..644f27709 100644
--- a/src/libstrongswan/plugins/curl/curl_fetcher.c
+++ b/src/libstrongswan/plugins/curl/curl_fetcher.c
@@ -80,7 +80,7 @@ static size_t curl_cb(void *ptr, size_t size, size_t nmemb, cb_data_t *data)
METHOD(fetcher_t, fetch, status_t,
private_curl_fetcher_t *this, char *uri, void *userdata)
{
- char error[CURL_ERROR_SIZE];
+ char error[CURL_ERROR_SIZE], *enc_uri;
status_t status;
cb_data_t data = {
.cb = this->cb,
@@ -92,9 +92,14 @@ METHOD(fetcher_t, fetch, status_t,
*(chunk_t*)userdata = chunk_empty;
}
- if (curl_easy_setopt(this->curl, CURLOPT_URL, uri) != CURLE_OK)
+ /* the URI has to be URL-encoded, we only replace spaces as replacing other
+ * characters (e.g. '/' or ':') would render the URI invalid */
+ enc_uri = strreplace(uri, " ", "%20");
+
+ if (curl_easy_setopt(this->curl, CURLOPT_URL, enc_uri) != CURLE_OK)
{ /* URL type not supported by curl */
- return NOT_SUPPORTED;
+ status = NOT_SUPPORTED;
+ goto out;
}
curl_easy_setopt(this->curl, CURLOPT_ERRORBUFFER, error);
curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE);
@@ -125,6 +130,12 @@ METHOD(fetcher_t, fetch, status_t,
status = FAILED;
break;
}
+
+out:
+ if (enc_uri != uri)
+ {
+ free(enc_uri);
+ }
return status;
}
diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in
index 81e91bca0..ca79430c9 100644
--- a/src/libstrongswan/plugins/des/Makefile.in
+++ b/src/libstrongswan/plugins/des/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in
index a012700c0..b94b644c0 100644
--- a/src/libstrongswan/plugins/dnskey/Makefile.in
+++ b/src/libstrongswan/plugins/dnskey/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in
index 06d9129c7..3bb540d90 100644
--- a/src/libstrongswan/plugins/fips_prf/Makefile.in
+++ b/src/libstrongswan/plugins/fips_prf/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index e499ae1a0..7bce3c983 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in
index 766340548..4ce3cf919 100644
--- a/src/libstrongswan/plugins/gcrypt/Makefile.in
+++ b/src/libstrongswan/plugins/gcrypt/Makefile.in
@@ -219,8 +219,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
index 160db042b..44f3f84b1 100644
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
@@ -194,8 +194,8 @@ plugin_t *gcrypt_plugin_create()
/* we currently do not use secure memory */
gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
- if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.gcrypt.quick_random", FALSE))
+ if (lib->settings->get_bool(lib->settings, "%s.plugins.gcrypt.quick_random",
+ FALSE, lib->ns))
{
gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
}
diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index f12827fd5..73e0645b0 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in
index f1956a9d2..f5e38fa90 100644
--- a/src/libstrongswan/plugins/hmac/Makefile.in
+++ b/src/libstrongswan/plugins/hmac/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/keychain/Makefile.in b/src/libstrongswan/plugins/keychain/Makefile.in
index 5f7291ca4..42093e413 100644
--- a/src/libstrongswan/plugins/keychain/Makefile.in
+++ b/src/libstrongswan/plugins/keychain/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in
index 35af7034a..7f14fbf8e 100644
--- a/src/libstrongswan/plugins/ldap/Makefile.in
+++ b/src/libstrongswan/plugins/ldap/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in
index 812d98628..bdd446cd3 100644
--- a/src/libstrongswan/plugins/md4/Makefile.in
+++ b/src/libstrongswan/plugins/md4/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in
index 082aebc51..32aac7bfa 100644
--- a/src/libstrongswan/plugins/md5/Makefile.in
+++ b/src/libstrongswan/plugins/md5/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in
index 2daf01c1d..a35f8051b 100644
--- a/src/libstrongswan/plugins/mysql/Makefile.in
+++ b/src/libstrongswan/plugins/mysql/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/nonce/Makefile.in b/src/libstrongswan/plugins/nonce/Makefile.in
index 408848366..25437bdb8 100644
--- a/src/libstrongswan/plugins/nonce/Makefile.in
+++ b/src/libstrongswan/plugins/nonce/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/ntru/Makefile.am b/src/libstrongswan/plugins/ntru/Makefile.am
new file mode 100644
index 000000000..b33cbc8c9
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/Makefile.am
@@ -0,0 +1,33 @@
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = \
+ -rdynamic @COVERAGE_CFLAGS@
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-ntru.la
+else
+plugin_LTLIBRARIES = libstrongswan-ntru.la
+endif
+
+libstrongswan_ntru_la_SOURCES = \
+ ntru_plugin.h ntru_plugin.c \
+ ntru_drbg.h ntru_drbg.c \
+ ntru_ke.h ntru_ke.c \
+ ntru_mgf1.h ntru_mgf1.c \
+ ntru_poly.h ntru_poly.c \
+ ntru_trits.h ntru_trits.c \
+ ntru_crypto/ntru_crypto.h \
+ ntru_crypto/ntru_crypto_ntru_convert.h \
+ ntru_crypto/ntru_crypto_ntru_convert.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt_key.h \
+ ntru_crypto/ntru_crypto_ntru_encrypt_key.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \
+ ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \
+ ntru_crypto/ntru_crypto_ntru_poly.h \
+ ntru_crypto/ntru_crypto_ntru_poly.c
+
+libstrongswan_ntru_la_LDFLAGS = -module -avoid-version
+
+
diff --git a/src/libstrongswan/plugins/ntru/Makefile.in b/src/libstrongswan/plugins/ntru/Makefile.in
new file mode 100644
index 000000000..af192d203
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/Makefile.in
@@ -0,0 +1,812 @@
+# Makefile.in generated by automake 1.13.3 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+VPATH = @srcdir@
+am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__make_running_with_option = \
+ case $${target_option-} in \
+ ?) ;; \
+ *) echo "am__make_running_with_option: internal error: invalid" \
+ "target option '$${target_option-}' specified" >&2; \
+ exit 1;; \
+ esac; \
+ has_opt=no; \
+ sane_makeflags=$$MAKEFLAGS; \
+ if $(am__is_gnu_make); then \
+ sane_makeflags=$$MFLAGS; \
+ else \
+ case $$MAKEFLAGS in \
+ *\\[\ \ ]*) \
+ bs=\\; \
+ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \
+ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \
+ esac; \
+ fi; \
+ skip_next=no; \
+ strip_trailopt () \
+ { \
+ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \
+ }; \
+ for flg in $$sane_makeflags; do \
+ test $$skip_next = yes && { skip_next=no; continue; }; \
+ case $$flg in \
+ *=*|--*) continue;; \
+ -*I) strip_trailopt 'I'; skip_next=yes;; \
+ -*I?*) strip_trailopt 'I';; \
+ -*O) strip_trailopt 'O'; skip_next=yes;; \
+ -*O?*) strip_trailopt 'O';; \
+ -*l) strip_trailopt 'l'; skip_next=yes;; \
+ -*l?*) strip_trailopt 'l';; \
+ -[dEDm]) skip_next=yes;; \
+ -[JT]) skip_next=yes;; \
+ esac; \
+ case $$flg in \
+ *$$target_option*) has_opt=yes; break;; \
+ esac; \
+ done; \
+ test $$has_opt = yes
+am__make_dryrun = (target_option=n; $(am__make_running_with_option))
+am__make_keepgoing = (target_option=k; $(am__make_running_with_option))
+pkgdatadir = $(datadir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkglibexecdir = $(libexecdir)/@PACKAGE@
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+subdir = src/libstrongswan/plugins/ntru
+DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
+ $(top_srcdir)/depcomp
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
+ $(top_srcdir)/m4/config/ltoptions.m4 \
+ $(top_srcdir)/m4/config/ltsugar.m4 \
+ $(top_srcdir)/m4/config/ltversion.m4 \
+ $(top_srcdir)/m4/config/lt~obsolete.m4 \
+ $(top_srcdir)/m4/macros/split-package-version.m4 \
+ $(top_srcdir)/m4/macros/with.m4 \
+ $(top_srcdir)/m4/macros/enable-disable.m4 \
+ $(top_srcdir)/m4/macros/add-plugin.m4 \
+ $(top_srcdir)/configure.ac
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
+CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_VPATH_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
+am__install_max = 40
+am__nobase_strip_setup = \
+ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
+am__nobase_strip = \
+ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
+am__nobase_list = $(am__nobase_strip_setup); \
+ for p in $$list; do echo "$$p $$p"; done | \
+ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
+ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
+ if (++n[$$2] == $(am__install_max)) \
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
+ END { for (dir in files) print dir, files[dir] }'
+am__base_list = \
+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
+ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
+am__uninstall_files_from_dir = { \
+ test -z "$$files" \
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
+ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
+ $(am__cd) "$$dir" && rm -f $$files; }; \
+ }
+am__installdirs = "$(DESTDIR)$(plugindir)"
+LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES)
+libstrongswan_ntru_la_LIBADD =
+am__dirstamp = $(am__leading_dot)dirstamp
+am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_drbg.lo \
+ ntru_ke.lo ntru_mgf1.lo ntru_poly.lo ntru_trits.lo \
+ ntru_crypto/ntru_crypto_ntru_convert.lo \
+ ntru_crypto/ntru_crypto_ntru_encrypt.lo \
+ ntru_crypto/ntru_crypto_ntru_encrypt_key.lo \
+ ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo \
+ ntru_crypto/ntru_crypto_ntru_poly.lo
+libstrongswan_ntru_la_OBJECTS = $(am_libstrongswan_ntru_la_OBJECTS)
+AM_V_lt = $(am__v_lt_@AM_V@)
+am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
+am__v_lt_0 = --silent
+am__v_lt_1 =
+libstrongswan_ntru_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+ $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_ntru_la_LDFLAGS) \
+ $(LDFLAGS) -o $@
+@MONOLITHIC_FALSE@am_libstrongswan_ntru_la_rpath = -rpath $(plugindir)
+@MONOLITHIC_TRUE@am_libstrongswan_ntru_la_rpath =
+AM_V_P = $(am__v_P_@AM_V@)
+am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
+am__v_P_0 = false
+am__v_P_1 = :
+AM_V_GEN = $(am__v_GEN_@AM_V@)
+am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@)
+am__v_GEN_0 = @echo " GEN " $@;
+am__v_GEN_1 =
+AM_V_at = $(am__v_at_@AM_V@)
+am__v_at_ = $(am__v_at_@AM_DEFAULT_V@)
+am__v_at_0 = @
+am__v_at_1 =
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+am__mv = mv -f
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+AM_V_CC = $(am__v_CC_@AM_V@)
+am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@)
+am__v_CC_0 = @echo " CC " $@;
+am__v_CC_1 =
+CCLD = $(CC)
+LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+AM_V_CCLD = $(am__v_CCLD_@AM_V@)
+am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
+am__v_CCLD_0 = @echo " CCLD " $@;
+am__v_CCLD_1 =
+SOURCES = $(libstrongswan_ntru_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_ntru_la_SOURCES)
+am__can_run_installinfo = \
+ case $$AM_UPDATE_INFO_DIR in \
+ n|no|NO) false;; \
+ *) (install-info --version) >/dev/null 2>&1;; \
+ esac
+am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
+# Read a list of newline-separated strings from the standard input,
+# and print each of them once, without duplicates. Input order is
+# *not* preserved.
+am__uniquify_input = $(AWK) '\
+ BEGIN { nonempty = 0; } \
+ { items[$$0] = 1; nonempty = 1; } \
+ END { if (nonempty) { for (i in items) print i; }; } \
+'
+# Make sure the list of sources is unique. This is necessary because,
+# e.g., the same source file might be shared among _SOURCES variables
+# for different programs/libraries.
+am__define_uniq_tagged_files = \
+ list='$(am__tagged_files)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | $(am__uniquify_input)`
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMTAR = @AMTAR@
+AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BFDLIB = @BFDLIB@
+BTLIB = @BTLIB@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
+COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DLLIB = @DLLIB@
+DLLTOOL = @DLLTOOL@
+DSYMUTIL = @DSYMUTIL@
+DUMPBIN = @DUMPBIN@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+FGREP = @FGREP@
+GENHTML = @GENHTML@
+GPERF = @GPERF@
+GPRBUILD = @GPRBUILD@
+GREP = @GREP@
+INSTALL = @INSTALL@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LCOV = @LCOV@
+LD = @LD@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LIPO = @LIPO@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+MANIFEST_TOOL = @MANIFEST_TOOL@
+MKDIR_P = @MKDIR_P@
+MYSQLCFLAG = @MYSQLCFLAG@
+MYSQLCONFIG = @MYSQLCONFIG@
+MYSQLLIB = @MYSQLLIB@
+NM = @NM@
+NMEDIT = @NMEDIT@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+OTOOL = @OTOOL@
+OTOOL64 = @OTOOL64@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_URL = @PACKAGE_URL@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@
+PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@
+PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@
+PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
+PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
+RANLIB = @RANLIB@
+RTLIB = @RTLIB@
+RUBY = @RUBY@
+RUBYINCLUDE = @RUBYINCLUDE@
+RUBYLIB = @RUBYLIB@
+SED = @SED@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+SOCKLIB = @SOCKLIB@
+STRIP = @STRIP@
+UNWINDLIB = @UNWINDLIB@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+abs_builddir = @abs_builddir@
+abs_srcdir = @abs_srcdir@
+abs_top_builddir = @abs_top_builddir@
+abs_top_srcdir = @abs_top_srcdir@
+ac_ct_AR = @ac_ct_AR@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_DUMPBIN = @ac_ct_DUMPBIN@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+attest_plugins = @attest_plugins@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+builddir = @builddir@
+c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
+clearsilver_LIBS = @clearsilver_LIBS@
+cmd_plugins = @cmd_plugins@
+datadir = @datadir@
+datarootdir = @datarootdir@
+dbusservicedir = @dbusservicedir@
+dev_headers = @dev_headers@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+fips_mode = @fips_mode@
+gtk_CFLAGS = @gtk_CFLAGS@
+gtk_LIBS = @gtk_LIBS@
+h_plugins = @h_plugins@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+imcvdir = @imcvdir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
+ipsecdir = @ipsecdir@
+ipsecgroup = @ipsecgroup@
+ipseclibdir = @ipseclibdir@
+ipsecuser = @ipsecuser@
+libdir = @libdir@
+libexecdir = @libexecdir@
+linux_headers = @linux_headers@
+localedir = @localedir@
+localstatedir = @localstatedir@
+maemo_CFLAGS = @maemo_CFLAGS@
+maemo_LIBS = @maemo_LIBS@
+manager_plugins = @manager_plugins@
+mandir = @mandir@
+medsrv_plugins = @medsrv_plugins@
+mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
+nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
+oldincludedir = @oldincludedir@
+openac_plugins = @openac_plugins@
+pcsclite_CFLAGS = @pcsclite_CFLAGS@
+pcsclite_LIBS = @pcsclite_LIBS@
+pdfdir = @pdfdir@
+piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
+pki_plugins = @pki_plugins@
+plugindir = @plugindir@
+pool_plugins = @pool_plugins@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
+random_device = @random_device@
+resolv_conf = @resolv_conf@
+routing_table = @routing_table@
+routing_table_prio = @routing_table_prio@
+s_plugins = @s_plugins@
+sbindir = @sbindir@
+scepclient_plugins = @scepclient_plugins@
+scripts_plugins = @scripts_plugins@
+sharedstatedir = @sharedstatedir@
+soup_CFLAGS = @soup_CFLAGS@
+soup_LIBS = @soup_LIBS@
+srcdir = @srcdir@
+starter_plugins = @starter_plugins@
+strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
+sysconfdir = @sysconfdir@
+systemdsystemunitdir = @systemdsystemunitdir@
+t_plugins = @t_plugins@
+target_alias = @target_alias@
+top_build_prefix = @top_build_prefix@
+top_builddir = @top_builddir@
+top_srcdir = @top_srcdir@
+urandom_device = @urandom_device@
+xml_CFLAGS = @xml_CFLAGS@
+xml_LIBS = @xml_LIBS@
+AM_CPPFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = \
+ -rdynamic @COVERAGE_CFLAGS@
+
+@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-ntru.la
+@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-ntru.la
+libstrongswan_ntru_la_SOURCES = \
+ ntru_plugin.h ntru_plugin.c \
+ ntru_drbg.h ntru_drbg.c \
+ ntru_ke.h ntru_ke.c \
+ ntru_mgf1.h ntru_mgf1.c \
+ ntru_poly.h ntru_poly.c \
+ ntru_trits.h ntru_trits.c \
+ ntru_crypto/ntru_crypto.h \
+ ntru_crypto/ntru_crypto_ntru_convert.h \
+ ntru_crypto/ntru_crypto_ntru_convert.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt_key.h \
+ ntru_crypto/ntru_crypto_ntru_encrypt_key.c \
+ ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \
+ ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \
+ ntru_crypto/ntru_crypto_ntru_poly.h \
+ ntru_crypto/ntru_crypto_ntru_poly.c
+
+libstrongswan_ntru_la_LDFLAGS = -module -avoid-version
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
+ && { if test -f $@; then exit 0; else break; fi; }; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/ntru/Makefile'; \
+ $(am__cd) $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libstrongswan/plugins/ntru/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(am__aclocal_m4_deps):
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+ @list='$(noinst_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+
+install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ list2=; for p in $$list; do \
+ if test -f $$p; then \
+ list2="$$list2 $$p"; \
+ else :; fi; \
+ done; \
+ test -z "$$list2" || { \
+ echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \
+ $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \
+ }
+
+uninstall-pluginLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \
+ for p in $$list; do \
+ $(am__strip_dir) \
+ echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \
+ $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \
+ done
+
+clean-pluginLTLIBRARIES:
+ -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES)
+ @list='$(plugin_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+ntru_crypto/$(am__dirstamp):
+ @$(MKDIR_P) ntru_crypto
+ @: > ntru_crypto/$(am__dirstamp)
+ntru_crypto/$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) ntru_crypto/$(DEPDIR)
+ @: > ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ntru_crypto/ntru_crypto_ntru_convert.lo: ntru_crypto/$(am__dirstamp) \
+ ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ntru_crypto/ntru_crypto_ntru_encrypt.lo: ntru_crypto/$(am__dirstamp) \
+ ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ntru_crypto/ntru_crypto_ntru_encrypt_key.lo: \
+ ntru_crypto/$(am__dirstamp) \
+ ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo: \
+ ntru_crypto/$(am__dirstamp) \
+ ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ntru_crypto/ntru_crypto_ntru_poly.lo: ntru_crypto/$(am__dirstamp) \
+ ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+
+libstrongswan-ntru.la: $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_DEPENDENCIES) $(EXTRA_libstrongswan_ntru_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libstrongswan_ntru_la_LINK) $(am_libstrongswan_ntru_la_rpath) $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+ -rm -f ntru_crypto/*.$(OBJEXT)
+ -rm -f ntru_crypto/*.lo
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_drbg.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_ke.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_mgf1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_poly.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_trits.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_convert.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_param_sets.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_poly.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\
+@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\
+@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\
+@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+ -rm -rf ntru_crypto/.libs ntru_crypto/_libs
+
+ID: $(am__tagged_files)
+ $(am__define_uniq_tagged_files); mkid -fID $$unique
+tags: tags-am
+TAGS: tags
+
+tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ set x; \
+ here=`pwd`; \
+ $(am__define_uniq_tagged_files); \
+ shift; \
+ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ if test $$# -gt 0; then \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ "$$@" $$unique; \
+ else \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$unique; \
+ fi; \
+ fi
+ctags: ctags-am
+
+CTAGS: ctags
+ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files)
+ $(am__define_uniq_tagged_files); \
+ test -z "$(CTAGS_ARGS)$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && $(am__cd) $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) "$$here"
+cscopelist: cscopelist-am
+
+cscopelist-am: $(am__tagged_files)
+ list='$(am__tagged_files)'; \
+ case "$(srcdir)" in \
+ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \
+ *) sdir=$(subdir)/$(srcdir) ;; \
+ esac; \
+ for i in $$list; do \
+ if test -f "$$i"; then \
+ echo "$(subdir)/$$i"; \
+ else \
+ echo "$$sdir/$$i"; \
+ fi; \
+ done >> $(top_builddir)/cscope.files
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
+ list='$(DISTFILES)'; \
+ dist_files=`for file in $$list; do echo $$file; done | \
+ sed -e "s|^$$srcdirstrip/||;t" \
+ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
+ case $$dist_files in \
+ */*) $(MKDIR_P) `echo "$$dist_files" | \
+ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
+ sort -u` ;; \
+ esac; \
+ for file in $$dist_files; do \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ if test -d $$d/$$file; then \
+ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test -d "$(distdir)/$$file"; then \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
+ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
+ fi; \
+ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
+ else \
+ test -f "$(distdir)/$$file" \
+ || cp -p $$d/$$file "$(distdir)/$$file" \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(plugindir)"; do \
+ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ if test -z '$(STRIP)'; then \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ install; \
+ else \
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
+ fi
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f ntru_crypto/$(DEPDIR)/$(am__dirstamp)
+ -rm -f ntru_crypto/$(am__dirstamp)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \
+ clean-pluginLTLIBRARIES mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+html-am:
+
+info: info-am
+
+info-am:
+
+install-data-am: install-pluginLTLIBRARIES
+
+install-dvi: install-dvi-am
+
+install-dvi-am:
+
+install-exec-am:
+
+install-html: install-html-am
+
+install-html-am:
+
+install-info: install-info-am
+
+install-info-am:
+
+install-man:
+
+install-pdf: install-pdf-am
+
+install-pdf-am:
+
+install-ps: install-ps-am
+
+install-ps-am:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-pluginLTLIBRARIES
+
+.MAKE: install-am install-strip
+
+.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \
+ clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \
+ cscopelist-am ctags ctags-am distclean distclean-compile \
+ distclean-generic distclean-libtool distclean-tags distdir dvi \
+ dvi-am html html-am info info-am install install-am \
+ install-data install-data-am install-dvi install-dvi-am \
+ install-exec install-exec-am install-html install-html-am \
+ install-info install-info-am install-man install-pdf \
+ install-pdf-am install-pluginLTLIBRARIES install-ps \
+ install-ps-am install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \
+ uninstall-am uninstall-pluginLTLIBRARIES
+
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h
new file mode 100644
index 000000000..72f47035e
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h
@@ -0,0 +1,235 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto.h is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+
+/******************************************************************************
+ *
+ * File: ntru_crypto.h
+ *
+ * Contents: Public header file for NTRUEncrypt.
+ *
+ *****************************************************************************/
+
+#ifndef NTRU_CRYPTO_H
+#define NTRU_CRYPTO_H
+
+#include <library.h>
+
+#include "ntru_drbg.h"
+
+#if !defined( NTRUCALL )
+ #if !defined(WIN32) || defined (NTRUCRYPTO_STATIC)
+ // Linux, or a Win32 static library
+ #define NTRUCALL extern uint32_t
+ #elif defined (NTRUCRYPTO_EXPORTS)
+ // Win32 DLL build
+ #define NTRUCALL extern __declspec(dllexport) uint32_t
+ #else
+ // Win32 DLL import
+ #define NTRUCALL extern __declspec(dllimport) uint32_t
+ #endif
+#endif /* NTRUCALL */
+
+/* parameter set ID list */
+
+typedef enum _NTRU_ENCRYPT_PARAM_SET_ID {
+ NTRU_EES401EP1,
+ NTRU_EES449EP1,
+ NTRU_EES677EP1,
+ NTRU_EES1087EP2,
+ NTRU_EES541EP1,
+ NTRU_EES613EP1,
+ NTRU_EES887EP1,
+ NTRU_EES1171EP1,
+ NTRU_EES659EP1,
+ NTRU_EES761EP1,
+ NTRU_EES1087EP1,
+ NTRU_EES1499EP1,
+ NTRU_EES401EP2,
+ NTRU_EES439EP1,
+ NTRU_EES593EP1,
+ NTRU_EES743EP1,
+} NTRU_ENCRYPT_PARAM_SET_ID;
+
+
+/* error codes */
+
+#define NTRU_OK 0
+#define NTRU_FAIL 1
+#define NTRU_BAD_PARAMETER 2
+#define NTRU_BAD_LENGTH 3
+#define NTRU_BUFFER_TOO_SMALL 4
+#define NTRU_INVALID_PARAMETER_SET 5
+#define NTRU_BAD_PUBLIC_KEY 6
+#define NTRU_BAD_PRIVATE_KEY 7
+#define NTRU_OUT_OF_MEMORY 8
+#define NTRU_BAD_ENCODING 9
+#define NTRU_OID_NOT_RECOGNIZED 10
+#define NTRU_DRBG_FAIL 11
+#define NTRU_MGF1_FAIL 12
+
+/* function declarations */
+
+/* ntru_crypto_ntru_encrypt
+ *
+ * Implements NTRU encryption (SVES) for the parameter set specified in
+ * the public key blob.
+ *
+ * Before invoking this function, a DRBG must be instantiated using
+ * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
+ * instantiation the requested security strength must be at least as large
+ * as the security strength of the NTRU parameter set being used.
+ * Failure to instantiate the DRBG with the proper security strength will
+ * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH.
+ *
+ * The required minimum size of the output ciphertext buffer (ct) may be
+ * queried by invoking this function with ct = NULL. In this case, no
+ * encryption is performed, NTRU_OK is returned, and the required minimum
+ * size for ct is returned in ct_len.
+ *
+ * When ct != NULL, at invocation *ct_len must be the size of the ct buffer.
+ * Upon return it is the actual size of the ciphertext.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL.
+ * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is
+ * zero, or if pt_len exceeds the maximum plaintext length for the parameter set.
+ * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid
+ * (unknown format, corrupt, bad length).
+ * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ */
+
+NTRUCALL
+ntru_crypto_ntru_encrypt(
+ ntru_drbg_t *drbg , /* in - handle for DRBG */
+ uint16_t pubkey_blob_len, /* in - no. of octets in public key
+ blob */
+ uint8_t const *pubkey_blob, /* in - pointer to public key */
+ uint16_t pt_len, /* in - no. of octets in plaintext */
+ uint8_t const *pt, /* in - pointer to plaintext */
+ uint16_t *ct_len, /* in/out - no. of octets in ct, addr for
+ no. of octets in ciphertext */
+ uint8_t *ct); /* out - address for ciphertext */
+
+
+/* ntru_crypto_ntru_decrypt
+ *
+ * Implements NTRU decryption (SVES) for the parameter set specified in
+ * the private key blob.
+ *
+ * The maximum size of the output plaintext may be queried by invoking
+ * this function with pt = NULL. In this case, no decryption is performed,
+ * NTRU_OK is returned, and the maximum size the plaintext could be is
+ * returned in pt_len.
+ * Note that until the decryption is performed successfully, the actual size
+ * of the resulting plaintext cannot be known.
+ *
+ * When pt != NULL, at invocation *pt_len must be the size of the pt buffer.
+ * Upon return it is the actual size of the plaintext.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL.
+ * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if
+ * ct_len is invalid for the parameter set.
+ * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid
+ * (unknown format, corrupt, bad length).
+ * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ * Returns NTRU_FAIL if a decryption error occurs.
+ */
+
+NTRUCALL
+ntru_crypto_ntru_decrypt(
+ uint16_t privkey_blob_len, /* in - no. of octets in private key
+ blob */
+ uint8_t const *privkey_blob, /* in - pointer to private key */
+ uint16_t ct_len, /* in - no. of octets in ciphertext */
+ uint8_t const *ct, /* in - pointer to ciphertext */
+ uint16_t *pt_len, /* in/out - no. of octets in pt, addr for
+ no. of octets in plaintext */
+ uint8_t *pt); /* out - address for plaintext */
+
+
+/* ntru_crypto_ntru_encrypt_keygen
+ *
+ * Implements key generation for NTRUEncrypt for the parameter set specified.
+ *
+ * Before invoking this function, a DRBG must be instantiated using
+ * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
+ * instantiation the requested security strength must be at least as large
+ * as the security strength of the NTRU parameter set being used.
+ * Failure to instantiate the DRBG with the proper security strength will
+ * result in this function returning NTRU_DRBG_FAIL.
+ *
+ * The required minimum size of the output public-key buffer (pubkey_blob)
+ * may be queried by invoking this function with pubkey_blob = NULL.
+ * In this case, no key generation is performed, NTRU_OK is returned, and
+ * the required minimum size for pubkey_blob is returned in pubkey_blob_len.
+ *
+ * The required minimum size of the output private-key buffer (privkey_blob)
+ * may be queried by invoking this function with privkey_blob = NULL.
+ * In this case, no key generation is performed, NTRU_OK is returned, and
+ * the required minimum size for privkey_blob is returned in privkey_blob_len.
+ *
+ * The required minimum sizes of both pubkey_blob and privkey_blob may be
+ * queried as described above, in a single invocation of this function.
+ *
+ * When pubkey_blob != NULL and privkey_blob != NULL, at invocation
+ * *pubkey_blob_len must be the size of the pubkey_blob buffer and
+ * *privkey_blob_len must be the size of the privkey_blob buffer.
+ * Upon return, *pubkey_blob_len is the actual size of the public-key blob
+ * and *privkey_blob_len is the actual size of the private-key blob.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob
+ * or privkey_blob) is NULL.
+ * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid.
+ * Returns NTRU_BAD_LENGTH if a length argument is invalid.
+ * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the
+ * privkey_blob buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ * Returns NTRU_FAIL if the polynomial generated for f is not invertible in
+ * (Z/qZ)[X]/(X^N - 1), which is extremely unlikely.
+ * Should this occur, this function should simply be invoked again.
+ */
+
+NTRUCALL
+ntru_crypto_ntru_encrypt_keygen(
+ ntru_drbg_t *drbg, /* in - handle of DRBG */
+ NTRU_ENCRYPT_PARAM_SET_ID param_set_id, /* in - parameter set ID */
+ uint16_t *pubkey_blob_len, /* in/out - no. of octets in
+ pubkey_blob, addr
+ for no. of octets
+ in pubkey_blob */
+ uint8_t *pubkey_blob, /* out - address for
+ public key blob */
+ uint16_t *privkey_blob_len, /* in/out - no. of octets in
+ privkey_blob, addr
+ for no. of octets
+ in privkey_blob */
+ uint8_t *privkey_blob); /* out - address for
+ private key blob */
+#endif /* NTRU_CRYPTO_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c
new file mode 100644
index 000000000..3d6dfde41
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c
@@ -0,0 +1,581 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_convert.c is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_convert.c
+ *
+ * Contents: Conversion routines for NTRUEncrypt, including packing, unpacking,
+ * and others.
+ *
+ *****************************************************************************/
+
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "ntru_crypto_ntru_convert.h"
+
+
+/* 3-bit to 2-trit conversion tables: 2 represents -1 */
+
+static uint8_t const bits_2_trit1[] = {0, 0, 0, 1, 1, 1, 2, 2};
+static uint8_t const bits_2_trit2[] = {0, 1, 2, 0, 1, 2, 0, 1};
+
+
+/* ntru_bits_2_trits
+ *
+ * Each 3 bits in an array of octets is converted to 2 trits in an array
+ * of trits.
+ *
+ * The octet array may overlap the end of the trit array.
+ */
+
+void
+ntru_bits_2_trits(
+ uint8_t const *octets, /* in - pointer to array of octets */
+ uint16_t num_trits, /* in - number of trits to produce */
+ uint8_t *trits) /* out - address for array of trits */
+{
+ uint32_t bits24;
+ uint32_t bits3;
+ uint32_t shift;
+
+ assert(octets);
+ assert(trits);
+
+ while (num_trits >= 16) {
+
+ /* get next three octets */
+
+ bits24 = ((uint32_t)(*octets++)) << 16;
+ bits24 |= ((uint32_t)(*octets++)) << 8;
+ bits24 |= (uint32_t)(*octets++);
+
+ /* for each 3 bits in the three octets, output 2 trits */
+
+ bits3 = (bits24 >> 21) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 18) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 15) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 12) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 9) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 6) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = (bits24 >> 3) & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ bits3 = bits24 & 0x7;
+ *trits++ = bits_2_trit1[bits3];
+ *trits++ = bits_2_trit2[bits3];
+
+ num_trits -= 16;
+ }
+ if (num_trits == 0)
+ return;
+
+ /* get three octets */
+
+ bits24 = ((uint32_t)(*octets++)) << 16;
+ bits24 |= ((uint32_t)(*octets++)) << 8;
+ bits24 |= (uint32_t)(*octets++);
+
+ shift = 21;
+ while (num_trits) {
+
+ /* for each 3 bits in the three octets, output up to 2 trits
+ * until all trits needed are produced
+ */
+
+ bits3 = (bits24 >> shift) & 0x7;
+ shift -= 3;
+ *trits++ = bits_2_trit1[bits3];
+ if (--num_trits) {
+ *trits++ = bits_2_trit2[bits3];
+ --num_trits;
+ }
+ }
+}
+
+
+/* ntru_trits_2_bits
+ *
+ * Each 2 trits in an array of trits is converted to 3 bits, and the bits
+ * are packed in an array of octets. A multiple of 3 octets is output.
+ * Any bits in the final octets not derived from trits are zero.
+ *
+ * Returns TRUE if all trits were valid.
+ * Returns FALSE if invalid trits were found.
+ */
+
+bool
+ntru_trits_2_bits(
+ uint8_t const *trits, /* in - pointer to array of trits */
+ uint32_t num_trits, /* in - number of trits to convert */
+ uint8_t *octets) /* out - address for array of octets */
+{
+ bool all_trits_valid = TRUE;
+ uint32_t bits24;
+ uint32_t bits3;
+ uint32_t shift;
+
+ assert(octets);
+ assert(trits);
+
+ while (num_trits >= 16) {
+
+ /* convert each 2 trits to 3 bits and pack */
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 = (bits3 << 21);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 18);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 15);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 12);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 9);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 6);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << 3);
+
+ bits3 = *trits++ * 3;
+ bits3 += *trits++;
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= bits3;
+
+ num_trits -= 16;
+
+ /* output three octets */
+
+ *octets++ = (uint8_t)((bits24 >> 16) & 0xff);
+ *octets++ = (uint8_t)((bits24 >> 8) & 0xff);
+ *octets++ = (uint8_t)(bits24 & 0xff);
+ }
+
+ bits24 = 0;
+ shift = 21;
+ while (num_trits) {
+
+ /* convert each 2 trits to 3 bits and pack */
+
+ bits3 = *trits++ * 3;
+ if (--num_trits) {
+ bits3 += *trits++;
+ --num_trits;
+ }
+ if (bits3 > 7) {
+ bits3 = 7;
+ all_trits_valid = FALSE;
+ }
+ bits24 |= (bits3 << shift);
+ shift -= 3;
+ }
+
+ /* output three octets */
+
+ *octets++ = (uint8_t)((bits24 >> 16) & 0xff);
+ *octets++ = (uint8_t)((bits24 >> 8) & 0xff);
+ *octets++ = (uint8_t)(bits24 & 0xff);
+
+ return all_trits_valid;
+}
+
+
+/* ntru_coeffs_mod4_2_octets
+ *
+ * Takes an array of ring element coefficients mod 4 and packs the
+ * results into an octet string.
+ */
+
+void
+ntru_coeffs_mod4_2_octets(
+ uint16_t num_coeffs, /* in - number of coefficients */
+ uint16_t const *coeffs, /* in - pointer to coefficients */
+ uint8_t *octets) /* out - address for octets */
+{
+ uint8_t bits2;
+ int shift;
+ uint16_t i;
+
+ assert(coeffs);
+ assert(octets);
+
+ *octets = 0;
+ shift = 6;
+ for (i = 0; i < num_coeffs; i++) {
+ bits2 = (uint8_t)(coeffs[i] & 0x3);
+ *octets |= bits2 << shift;
+ shift -= 2;
+ if (shift < 0) {
+ ++octets;
+ *octets = 0;
+ shift = 6;
+ }
+ }
+}
+
+
+/* ntru_trits_2_octet
+ *
+ * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1).
+ */
+
+void
+ntru_trits_2_octet(
+ uint8_t const *trits, /* in - pointer to trits */
+ uint8_t *octet) /* out - address for octet */
+{
+ int i;
+
+ assert(trits);
+ assert(octet);
+
+ *octet = 0;
+ for (i = 4; i >= 0; i--) {
+ *octet = (*octet * 3) + trits[i];
+ }
+}
+
+
+/* ntru_octet_2_trits
+ *
+ * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1).
+ */
+
+void
+ntru_octet_2_trits(
+ uint8_t octet, /* in - octet to be unpacked */
+ uint8_t *trits) /* out - address for trits */
+{
+ int i;
+
+ assert(trits);
+
+ for (i = 0; i < 5; i++) {
+ trits[i] = octet % 3;
+ octet = (octet - trits[i]) / 3;
+ }
+}
+
+
+/* ntru_indices_2_trits
+ *
+ * Converts a list of the nonzero indices of a polynomial into an array of
+ * trits.
+ */
+
+void
+ntru_indices_2_trits(
+ uint16_t in_len, /* in - no. of indices */
+ uint16_t const *in, /* in - pointer to list of indices */
+ bool plus1, /* in - if list is +1 cofficients */
+ uint8_t *out) /* out - address of output polynomial */
+{
+ uint8_t trit = plus1 ? 1 : 2;
+ uint16_t i;
+
+ assert(in);
+ assert(out);
+
+ for (i = 0; i < in_len; i++) {
+ out[in[i]] = trit;
+ }
+}
+
+
+/* ntru_packed_trits_2_indices
+ *
+ * Unpacks an array of N trits and creates a list of array indices
+ * corresponding to trits = +1, and list of array indices corresponding to
+ * trits = -1.
+ */
+
+void
+ntru_packed_trits_2_indices(
+ uint8_t const *in, /* in - pointer to packed-trit octets */
+ uint16_t num_trits, /* in - no. of packed trits */
+ uint16_t *indices_plus1, /* out - address for indices of +1 trits */
+ uint16_t *indices_minus1) /* out - address for indices of -1 trits */
+{
+ uint8_t trits[5];
+ uint16_t i = 0;
+ int j;
+
+ assert(in);
+ assert(indices_plus1);
+ assert(indices_minus1);
+
+ while (num_trits >= 5) {
+ ntru_octet_2_trits(*in++, trits);
+ num_trits -= 5;
+ for (j = 0; j < 5; j++, i++) {
+ if (trits[j] == 1) {
+ *indices_plus1 = i;
+ ++indices_plus1;
+ } else if (trits[j] == 2) {
+ *indices_minus1 = i;
+ ++indices_minus1;
+ }
+ }
+ }
+ if (num_trits) {
+ ntru_octet_2_trits(*in, trits);
+ for (j = 0; num_trits && (j < 5); j++, i++) {
+ if (trits[j] == 1) {
+ *indices_plus1 = i;
+ ++indices_plus1;
+ } else if (trits[j] == 2) {
+ *indices_minus1 = i;
+ ++indices_minus1;
+ }
+ --num_trits;
+ }
+ }
+}
+
+
+/* ntru_indices_2_packed_trits
+ *
+ * Takes a list of array indices corresponding to elements whose values
+ * are +1 or -1, and packs the N-element array of trits described by these
+ * lists into octets, 5 trits per octet.
+ */
+
+void
+ntru_indices_2_packed_trits(
+ uint16_t const *indices, /* in - pointer to indices */
+ uint16_t num_plus1, /* in - no. of indices for +1 trits */
+ uint16_t num_minus1, /* in - no. of indices for -1 trits */
+ uint16_t num_trits, /* in - N, no. of trits in array */
+ uint8_t *buf, /* in - temp buf, N octets */
+ uint8_t *out) /* out - address for packed octets */
+{
+ assert(indices);
+ assert(buf);
+ assert(out);
+
+ /* convert indices to an array of trits */
+
+ memset(buf, 0, num_trits);
+ ntru_indices_2_trits(num_plus1, indices, TRUE, buf);
+ ntru_indices_2_trits(num_minus1, indices + num_plus1, FALSE, buf);
+
+ /* pack the array of trits */
+
+ while (num_trits >= 5) {
+ ntru_trits_2_octet(buf, out);
+ num_trits -= 5;
+ buf += 5;
+ ++out;
+ }
+ if (num_trits) {
+ uint8_t trits[5];
+
+ memcpy(trits, buf, num_trits);
+ memset(trits + num_trits, 0, sizeof(trits) - num_trits);
+ ntru_trits_2_octet(trits, out);
+ }
+}
+
+
+/* ntru_elements_2_octets
+ *
+ * Packs an array of n-bit elements into an array of
+ * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16.
+ */
+
+void
+ntru_elements_2_octets(
+ uint16_t in_len, /* in - no. of elements to be packed */
+ uint16_t const *in, /* in - ptr to elements to be packed */
+ uint8_t n_bits, /* in - no. of bits in input element */
+ uint8_t *out) /* out - addr for output octets */
+{
+ uint16_t temp;
+ int shift;
+ uint16_t i;
+
+ assert(in_len);
+ assert(in);
+ assert((n_bits > 8) && (n_bits < 16));
+ assert(out);
+
+ /* pack */
+
+ temp = 0;
+ shift = n_bits - 8;
+ i = 0;
+ while (i < in_len) {
+
+ /* add bits to temp to fill an octet and output the octet */
+
+ temp |= in[i] >> shift;
+ *out++ = (uint8_t)(temp & 0xff);
+ shift = 8 - shift;
+ if (shift < 1) {
+
+ /* next full octet is in current input word */
+
+ shift += n_bits;
+ temp = 0;
+
+ } else {
+
+ /* put remaining bits of input word in temp as partial octet,
+ * and increment index to next input word
+ */
+ temp = in[i] << (uint16_t)shift;
+
+ ++i;
+ }
+ shift = n_bits - shift;
+ }
+
+ /* output any bits remaining in last input word */
+
+ if (shift != n_bits - 8) {
+ *out++ = (uint8_t)(temp & 0xff);
+ }
+}
+
+
+/* ntru_octets_2_elements
+ *
+ * Unpacks an octet string into an array of ((in_len * 8) / n_bits)
+ * n-bit elements, 8 < n_bits < 16. Any extra bits are discarded.
+ */
+
+void
+ntru_octets_2_elements(
+ uint16_t in_len, /* in - no. of octets to be unpacked */
+ uint8_t const *in, /* in - ptr to octets to be unpacked */
+ uint8_t n_bits, /* in - no. of bits in output element */
+ uint16_t *out) /* out - addr for output elements */
+{
+ uint16_t temp;
+ uint16_t mask = (1 << n_bits) - 1;
+ int shift;
+ uint16_t i;
+
+ assert(in_len > 1);
+ assert(in);
+ assert((n_bits > 8) && (n_bits < 16));
+ assert(out);
+
+ /* unpack */
+
+ temp = 0;
+ shift = n_bits;
+ i = 0;
+ while (i < in_len) {
+ shift = 8 - shift;
+ if (shift < 0) {
+
+ /* the current octet will not fill the current element */
+
+ shift += n_bits;
+
+ } else {
+
+ /* add bits from the current octet to fill the current element and
+ * output the element
+ */
+
+ temp |= ((uint16_t)in[i]) >> shift;
+ *out++ = temp & mask;
+ temp = 0;
+ }
+
+ /* add the remaining bits of the current octet to start an element */
+
+ shift = n_bits - shift;
+ temp |= ((uint16_t)in[i]) << shift;
+ ++i;
+ }
+}
+
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h
new file mode 100644
index 000000000..1c4b35b24
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h
@@ -0,0 +1,183 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_convert.h is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_convert.h
+ *
+ * Contents: Definitions and declarations for conversion routines
+ * for NTRUEncrypt, including packing, unpacking and others.
+ *
+ *****************************************************************************/
+
+#ifndef NTRU_CRYPTO_NTRU_CONVERT_H
+#define NTRU_CRYPTO_NTRU_CONVERT_H
+
+#include "ntru_crypto.h"
+
+
+/* function declarations */
+
+/* ntru_bits_2_trits
+ *
+ * Each 3 bits in an array of octets is converted to 2 trits in an array
+ * of trits.
+ */
+
+extern void
+ntru_bits_2_trits(
+ uint8_t const *octets, /* in - pointer to array of octets */
+ uint16_t num_trits, /* in - number of trits to produce */
+ uint8_t *trits); /* out - address for array of trits */
+
+
+/* ntru_trits_2_bits
+ *
+ * Each 2 trits in an array of trits is converted to 3 bits, and the bits
+ * are packed in an array of octets. A multiple of 3 octets is output.
+ * Any bits in the final octets not derived from trits are zero.
+ *
+ * Returns TRUE if all trits were valid.
+ * Returns FALSE if invalid trits were found.
+ */
+
+extern bool
+ntru_trits_2_bits(
+ uint8_t const *trits, /* in - pointer to array of trits */
+ uint32_t num_trits, /* in - number of trits to convert */
+ uint8_t *octets); /* out - address for array of octets */
+
+
+/* ntru_coeffs_mod4_2_octets
+ *
+ * Takes an array of coefficients mod 4 and packs the results into an
+ * octet string.
+ */
+
+extern void
+ntru_coeffs_mod4_2_octets(
+ uint16_t num_coeffs, /* in - number of coefficients */
+ uint16_t const *coeffs, /* in - pointer to coefficients */
+ uint8_t *octets); /* out - address for octets */
+
+
+/* ntru_trits_2_octet
+ *
+ * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1).
+ */
+
+extern void
+ntru_trits_2_octet(
+ uint8_t const *trits, /* in - pointer to trits */
+ uint8_t *octet); /* out - address for octet */
+
+
+/* ntru_octet_2_trits
+ *
+ * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1).
+ */
+
+extern void
+ntru_octet_2_trits(
+ uint8_t octet, /* in - octet to be unpacked */
+ uint8_t *trits); /* out - address for trits */
+
+
+/* ntru_indices_2_trits
+ *
+ * Converts a list of the nonzero indices of a polynomial into an array of
+ * trits.
+ */
+
+extern void
+ntru_indices_2_trits(
+ uint16_t in_len, /* in - no. of indices */
+ uint16_t const *in, /* in - pointer to list of indices */
+ bool plus1, /* in - if list is +1 coefficients */
+ uint8_t *out); /* out - address of output polynomial */
+
+
+/* ntru_packed_trits_2_indices
+ *
+ * Unpacks an array of N trits and creates a list of array indices
+ * corresponding to trits = +1, and list of array indices corresponding to
+ * trits = -1.
+ */
+
+extern void
+ntru_packed_trits_2_indices(
+ uint8_t const *in, /* in - pointer to packed-trit octets */
+ uint16_t num_trits, /* in - no. of packed trits */
+ uint16_t *indices_plus1, /* out - address for indices of +1 trits */
+ uint16_t *indices_minus1); /* out - address for indices of -1 trits */
+
+
+/* ntru_indices_2_packed_trits
+ *
+ * Takes a list of array indices corresponding to elements whose values
+ * are +1 or -1, and packs the N-element array of trits described by these
+ * lists into octets, 5 trits per octet.
+ */
+
+extern void
+ntru_indices_2_packed_trits(
+ uint16_t const *indices, /* in - pointer to indices */
+ uint16_t num_plus1, /* in - no. of indices for +1 trits */
+ uint16_t num_minus1, /* in - no. of indices for -1 trits */
+ uint16_t num_trits, /* in - N, no. of trits in array */
+ uint8_t *buf, /* in - temp buf, N octets */
+ uint8_t *out); /* out - address for packed octets */
+
+
+/* ntru_elements_2_octets
+ *
+ * Packs an array of n-bit elements into an array of
+ * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16.
+ */
+
+extern void
+ntru_elements_2_octets(
+ uint16_t in_len, /* in - no. of elements to be packed */
+ uint16_t const *in, /* in - ptr to elements to be packed */
+ uint8_t n_bits, /* in - no. of bits in input element */
+ uint8_t *out); /* out - addr for output octets */
+
+
+/* ntru_octets_2_elements
+ *
+ * Unpacks an octet string into an array of ((in_len * 8) / n_bits)
+ * n-bit elements, 8 < n < 16. Any extra bits are discarded.
+ */
+
+extern void
+ntru_octets_2_elements(
+ uint16_t in_len, /* in - no. of octets to be unpacked */
+ uint8_t const *in, /* in - ptr to octets to be unpacked */
+ uint8_t n_bits, /* in - no. of bits in output element */
+ uint16_t *out); /* out - addr for output elements */
+
+
+#endif /* NTRU_CRYPTO_NTRU_CONVERT_H */
+
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c
new file mode 100644
index 000000000..dba81915a
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c
@@ -0,0 +1,1034 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_encrypt.c is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_encrypt.c
+ *
+ * Contents: Routines implementing NTRUEncrypt encryption and decryption and
+ * key generation.
+ *
+ *****************************************************************************/
+
+
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "ntru_crypto.h"
+#include "ntru_crypto_ntru_encrypt_param_sets.h"
+#include "ntru_crypto_ntru_encrypt_key.h"
+#include "ntru_crypto_ntru_convert.h"
+#include "ntru_crypto_ntru_poly.h"
+#
+#include "ntru_trits.h"
+#include "ntru_poly.h"
+
+/* ntru_crypto_ntru_encrypt
+ *
+ * Implements NTRU encryption (SVES) for the parameter set specified in
+ * the public key blob.
+ *
+ * Before invoking this function, a DRBG must be instantiated using
+ * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that
+ * instantiation the requested security strength must be at least as large
+ * as the security strength of the NTRU parameter set being used.
+ * Failure to instantiate the DRBG with the proper security strength will
+ * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH.
+ *
+ * The required minimum size of the output ciphertext buffer (ct) may be
+ * queried by invoking this function with ct = NULL. In this case, no
+ * encryption is performed, NTRU_OK is returned, and the required minimum
+ * size for ct is returned in ct_len.
+ *
+ * When ct != NULL, at invocation *ct_len must be the size of the ct buffer.
+ * Upon return it is the actual size of the ciphertext.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL.
+ * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is
+ * zero, or if pt_len exceeds the maximum plaintext length for the parameter set.
+ * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid
+ * (unknown format, corrupt, bad length).
+ * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ */
+
+uint32_t
+ntru_crypto_ntru_encrypt(
+ ntru_drbg_t *drbg, /* in - handle of DRBG */
+ uint16_t pubkey_blob_len, /* in - no. of octets in public key
+ blob */
+ uint8_t const *pubkey_blob, /* in - pointer to public key */
+ uint16_t pt_len, /* in - no. of octets in plaintext */
+ uint8_t const *pt, /* in - pointer to plaintext */
+ uint16_t *ct_len, /* in/out - no. of octets in ct, addr for
+ no. of octets in ciphertext */
+ uint8_t *ct) /* out - address for ciphertext */
+{
+ NTRU_ENCRYPT_PARAM_SET *params = NULL;
+ uint8_t const *pubkey_packed = NULL;
+ uint8_t pubkey_pack_type = 0x00;
+ uint16_t packed_ct_len;
+ size_t scratch_buf_len;
+ uint32_t dr;
+ uint32_t dr1 = 0;
+ uint32_t dr2 = 0;
+ uint32_t dr3 = 0;
+ uint16_t ring_mult_tmp_len;
+ int16_t m1 = 0;
+ uint16_t *scratch_buf = NULL;
+ uint16_t *ringel_buf = NULL;
+ uint8_t *b_buf = NULL;
+ uint8_t *tmp_buf = NULL;
+ bool msg_rep_good = FALSE;
+ hash_algorithm_t hash_algid;
+ uint16_t mprime_len = 0;
+ uint16_t mod_q_mask;
+ uint32_t result = NTRU_OK;
+ ntru_trits_t *mask;
+ uint8_t *mask_trits;
+ chunk_t seed;
+ ntru_poly_t *r_poly;
+
+ /* check for bad parameters */
+
+ if (!pubkey_blob || !pt || !ct_len)
+ {
+ return NTRU_BAD_PARAMETER;
+ }
+ if ((pubkey_blob_len == 0) || (pt_len == 0))
+ {
+ return NTRU_BAD_LENGTH;
+ }
+
+ /* get a pointer to the parameter-set parameters, the packing type for
+ * the public key, and a pointer to the packed public key
+ */
+
+ if (!ntru_crypto_ntru_encrypt_key_parse(TRUE /* pubkey */, pubkey_blob_len,
+ pubkey_blob, &pubkey_pack_type,
+ NULL, &params, &pubkey_packed,
+ NULL))
+ {
+ return NTRU_BAD_PUBLIC_KEY;
+ }
+
+ /* return the ciphertext size if requested */
+
+ packed_ct_len = (params->N * params->q_bits + 7) >> 3;
+ if (!ct)
+ {
+ *ct_len = packed_ct_len;
+ return NTRU_OK;
+ }
+
+ /* check the ciphertext buffer size */
+
+ if (*ct_len < packed_ct_len)
+ {
+ return NTRU_BUFFER_TOO_SMALL;
+ }
+
+ /* check the plaintext length */
+
+ if (pt_len > params->m_len_max)
+ {
+ return NTRU_BAD_LENGTH;
+ }
+
+ /* allocate memory for all operations */
+
+ if (params->is_product_form)
+ {
+ ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */
+ dr1 = params->dF_r & 0xff;
+ dr2 = (params->dF_r >> 8) & 0xff;
+ dr3 = (params->dF_r >> 16) & 0xff;
+ dr = dr1 + dr2 + dr3;
+ }
+ else
+ {
+ ring_mult_tmp_len = params->N; /* N 16-bit word buffer */
+ dr = params->dF_r;
+ }
+ scratch_buf_len = (ring_mult_tmp_len << 1) +
+ /* X-byte temp buf for ring mult and
+ other intermediate results */
+ (params->N << 1) + /* 2N-byte buffer for ring elements
+ and overflow from temp buffer */
+ (dr << 2) + /* buffer for r indices */
+ params->sec_strength_len;
+ /* buffer for b */
+ scratch_buf = malloc(scratch_buf_len);
+ if (!scratch_buf)
+ {
+ return NTRU_OUT_OF_MEMORY;
+ }
+ ringel_buf = scratch_buf + ring_mult_tmp_len;
+ b_buf = (uint8_t *)(ringel_buf + params->N);
+ tmp_buf = (uint8_t *)scratch_buf;
+
+ /* set hash algorithm based on security strength */
+ hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256;
+
+ /* set constants */
+ mod_q_mask = params->q - 1;
+
+ /* loop until a message representative with proper weight is achieved */
+
+ do {
+ uint8_t *ptr = tmp_buf;
+
+ /* get b */
+ if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
+ params->sec_strength_len, b_buf))
+ {
+ result = NTRU_OK;
+ }
+ else
+ {
+ result = NTRU_FAIL;
+ }
+
+ if (result == NTRU_OK)
+ {
+
+ /* form sData (OID || m || b || hTrunc) */
+ memcpy(ptr, params->OID, 3);
+ ptr += 3;
+ memcpy(ptr, pt, pt_len);
+ ptr += pt_len;
+ memcpy(ptr, b_buf, params->sec_strength_len);
+ ptr += params->sec_strength_len;
+ memcpy(ptr, pubkey_packed, params->sec_strength_len);
+ ptr += params->sec_strength_len;
+
+ DBG2(DBG_LIB, "generate polynomial r");
+
+ seed = chunk_create(tmp_buf, ptr - tmp_buf);
+ r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+ params->N, params->q,
+ params->dF_r, params->dF_r,
+ params->is_product_form);
+ if (!r_poly)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ uint16_t pubkey_packed_len;
+
+ /* unpack the public key */
+ assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS);
+ pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
+ ntru_octets_2_elements(pubkey_packed_len, pubkey_packed,
+ params->q_bits, ringel_buf);
+
+ /* form R = h * r */
+ r_poly->ring_mult(r_poly, ringel_buf, ringel_buf);
+ r_poly->destroy(r_poly);
+
+ /* form R mod 4 */
+ ntru_coeffs_mod4_2_octets(params->N, ringel_buf, tmp_buf);
+
+ /* form mask */
+ seed = chunk_create(tmp_buf, (params->N + 3)/4);
+ mask = ntru_trits_create(params->N, hash_algid, seed);
+ if (!mask)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ uint8_t *Mtrin_buf = tmp_buf + params->N;
+ uint8_t *M_buf = Mtrin_buf + params->N -
+ (params->sec_strength_len + params->m_len_len +
+ params->m_len_max + 2);
+ uint16_t i;
+
+ /* form the padded message M */
+ ptr = M_buf;
+ memcpy(ptr, b_buf, params->sec_strength_len);
+ ptr += params->sec_strength_len;
+ if (params->m_len_len == 2)
+ *ptr++ = (uint8_t)((pt_len >> 8) & 0xff);
+ *ptr++ = (uint8_t)(pt_len & 0xff);
+ memcpy(ptr, pt, pt_len);
+ ptr += pt_len;
+
+ /* add an extra zero byte in case without it the bit string
+ * is not a multiple of 3 bits and therefore might not be
+ * able to produce enough trits
+ */
+
+ memset(ptr, 0, params->m_len_max - pt_len + 2);
+
+ /* convert M to trits (Mbin to Mtrin) */
+ mprime_len = params->N;
+ if (params->is_product_form)
+ {
+ --mprime_len;
+ }
+
+ ntru_bits_2_trits(M_buf, mprime_len, Mtrin_buf);
+ mask_trits = mask->get_trits(mask);
+
+ /* form the msg representative m' by adding Mtrin to mask, mod p */
+ if (params->is_product_form)
+ {
+ for (i = 0; i < mprime_len; i++)
+ {
+ tmp_buf[i] = mask_trits[i] + Mtrin_buf[i];
+ if (tmp_buf[i] >= 3)
+ {
+ tmp_buf[i] -= 3;
+ }
+ if (tmp_buf[i] == 1)
+ {
+ ++m1;
+ }
+ else if (tmp_buf[i] == 2)
+ {
+ --m1;
+ }
+ }
+ }
+ else
+ {
+ for (i = 0; i < mprime_len; i++)
+ {
+ tmp_buf[i] = mask_trits[i] + Mtrin_buf[i];
+ if (tmp_buf[i] >= 3)
+ {
+ tmp_buf[i] -= 3;
+ }
+ }
+ }
+ mask->destroy(mask);
+
+ /* check that message representative meets minimum weight
+ * requirements
+ */
+
+ if (params->is_product_form)
+ msg_rep_good = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) :
+ (bool)( m1 <= params->min_msg_rep_wt);
+ else
+ msg_rep_good = ntru_poly_check_min_weight(mprime_len, tmp_buf,
+ params->min_msg_rep_wt);
+ msg_rep_good = TRUE;
+ }
+ } while ((result == NTRU_OK) && !msg_rep_good);
+
+ if (result == NTRU_OK)
+ {
+ uint16_t i;
+
+ /* form ciphertext e by adding m' to R mod q */
+
+ for (i = 0; i < mprime_len; i++) {
+ if (tmp_buf[i] == 1)
+ ringel_buf[i] = (ringel_buf[i] + 1) & mod_q_mask;
+ else if (tmp_buf[i] == 2)
+ ringel_buf[i] = (ringel_buf[i] - 1) & mod_q_mask;
+ }
+ if (params->is_product_form)
+ ringel_buf[i] = (ringel_buf[i] - m1) & mod_q_mask;
+
+ /* pack ciphertext */
+ ntru_elements_2_octets(params->N, ringel_buf, params->q_bits, ct);
+ *ct_len = packed_ct_len;
+ }
+
+ /* cleanup */
+ memset(scratch_buf, 0, scratch_buf_len);
+ free(scratch_buf);
+
+ return result;
+}
+
+
+/* ntru_crypto_ntru_decrypt
+ *
+ * Implements NTRU decryption (SVES) for the parameter set specified in
+ * the private key blob.
+ *
+ * The maximum size of the output plaintext may be queried by invoking
+ * this function with pt = NULL. In this case, no decryption is performed,
+ * NTRU_OK is returned, and the maximum size the plaintext could be is
+ * returned in pt_len.
+ * Note that until the decryption is performed successfully, the actual size
+ * of the resulting plaintext cannot be known.
+ *
+ * When pt != NULL, at invocation *pt_len must be the size of the pt buffer.
+ * Upon return it is the actual size of the plaintext.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL.
+ * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if
+ * ct_len is invalid for the parameter set.
+ * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid
+ * (unknown format, corrupt, bad length).
+ * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ * Returns NTRU_FAIL if a decryption error occurs.
+ */
+
+uint32_t
+ntru_crypto_ntru_decrypt(
+ uint16_t privkey_blob_len, /* in - no. of octets in private key
+ blob */
+ uint8_t const *privkey_blob, /* in - pointer to private key */
+ uint16_t ct_len, /* in - no. of octets in ciphertext */
+ uint8_t const *ct, /* in - pointer to ciphertext */
+ uint16_t *pt_len, /* in/out - no. of octets in pt, addr for
+ no. of octets in plaintext */
+ uint8_t *pt) /* out - address for plaintext */
+{
+ NTRU_ENCRYPT_PARAM_SET *params = NULL;
+ uint8_t const *privkey_packed = NULL;
+ uint8_t const *pubkey_packed = NULL;
+ uint8_t privkey_pack_type = 0x00;
+ uint8_t pubkey_pack_type = 0x00;
+ size_t scratch_buf_len;
+ uint32_t dF_r;
+ uint32_t dF_r1 = 0;
+ uint32_t dF_r2 = 0;
+ uint32_t dF_r3 = 0;
+ uint16_t ring_mult_tmp_len;
+ int16_t m1 = 0;
+ uint16_t *scratch_buf = NULL;
+ uint16_t *ringel_buf1 = NULL;
+ uint16_t *ringel_buf2 = NULL;
+ uint16_t *i_buf = NULL;
+ uint8_t *m_buf = NULL;
+ uint8_t *tmp_buf = NULL;
+ uint8_t *Mtrin_buf = NULL;
+ uint8_t *M_buf = NULL;
+ uint8_t *ptr = NULL;
+ hash_algorithm_t hash_algid;
+ uint16_t cmprime_len;
+ uint16_t mod_q_mask;
+ uint16_t q_mod_p;
+ uint16_t cm_len = 0;
+ uint16_t num_zeros;
+ uint16_t i;
+ bool decryption_ok = TRUE;
+ uint32_t result = NTRU_OK;
+ ntru_trits_t *mask;
+ uint8_t *mask_trits;
+ chunk_t seed;
+ ntru_poly_t *F_poly, *r_poly;
+
+ /* check for bad parameters */
+ if (!privkey_blob || !ct || !pt_len)
+ {
+ return NTRU_BAD_PARAMETER;
+ }
+ if ((privkey_blob_len == 0) || (ct_len == 0))
+ {
+ return NTRU_BAD_LENGTH;
+ }
+
+ /* get a pointer to the parameter-set parameters, the packing types for
+ * the public and private keys, and pointers to the packed public and
+ * private keys
+ */
+
+ if (!ntru_crypto_ntru_encrypt_key_parse(FALSE /* privkey */,
+ privkey_blob_len,
+ privkey_blob, &pubkey_pack_type,
+ &privkey_pack_type, &params,
+ &pubkey_packed, &privkey_packed))
+ {
+ return NTRU_BAD_PRIVATE_KEY;
+ }
+
+ /* return the max plaintext size if requested */
+
+ if (!pt)
+ {
+ *pt_len = params->m_len_max;
+ return NTRU_OK;
+ }
+
+ /* cannot check the plaintext buffer size until after the plaintext
+ * is derived, if we allow plaintext buffers only as large as the
+ * actual plaintext
+ */
+
+ /* check the ciphertext length */
+
+ if (ct_len != (params->N * params->q_bits + 7) >> 3)
+ {
+ return NTRU_BAD_LENGTH;
+ }
+
+ /* allocate memory for all operations */
+
+ if (params->is_product_form)
+ {
+ ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */
+ dF_r1 = params->dF_r & 0xff;
+ dF_r2 = (params->dF_r >> 8) & 0xff;
+ dF_r3 = (params->dF_r >> 16) & 0xff;
+ dF_r = dF_r1 + dF_r2 + dF_r3;
+ } else {
+ ring_mult_tmp_len = params->N; /* N 16-bit word buffer */
+ dF_r = params->dF_r;
+ }
+ scratch_buf_len = (ring_mult_tmp_len << 1) +
+ /* X-byte temp buf for ring mult and
+ other intermediate results */
+ (params->N << 2) + /* 2 2N-byte bufs for ring elements
+ and overflow from temp buffer */
+ (dF_r << 2) + /* buffer for F, r indices */
+ params->m_len_max; /* buffer for plaintext */
+ scratch_buf = malloc(scratch_buf_len);
+ if (!scratch_buf)
+ {
+ return NTRU_OUT_OF_MEMORY;
+ }
+ ringel_buf1 = scratch_buf + ring_mult_tmp_len;
+ ringel_buf2 = ringel_buf1 + params->N;
+ i_buf = ringel_buf2 + params->N;
+ m_buf = (uint8_t *)(i_buf + (dF_r << 1));
+ tmp_buf = (uint8_t *)scratch_buf;
+ Mtrin_buf = (uint8_t *)ringel_buf1;
+ M_buf = Mtrin_buf + params->N;
+
+ /* set hash algorithm based on security strength */
+ hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256;
+
+ /* set constants */
+ mod_q_mask = params->q - 1;
+ q_mod_p = params->q % 3;
+
+ /* unpack the ciphertext */
+ ntru_octets_2_elements(ct_len, ct, params->q_bits, ringel_buf2);
+
+ /* unpack the private key */
+ if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS)
+ {
+ ntru_packed_trits_2_indices(privkey_packed, params->N, i_buf,
+ i_buf + dF_r);
+
+ }
+ else if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_INDICES)
+ {
+ ntru_octets_2_elements(
+ (((uint16_t)dF_r << 1) * params->N_bits + 7) >> 3,
+ privkey_packed, params->N_bits, i_buf);
+
+ }
+ else
+ {
+ assert(FALSE);
+ }
+
+ /* form cm':
+ * F * e
+ * A = e * (1 + pF) mod q = e + pFe mod q
+ * a = A in the range [-q/2, q/2)
+ * cm' = a mod p
+ */
+ F_poly = ntru_poly_create_from_data(i_buf, params->N, params->q,
+ params->dF_r, params->dF_r,
+ params->is_product_form);
+ F_poly->ring_mult(F_poly, ringel_buf2, ringel_buf1);
+ F_poly->destroy(F_poly);
+
+ cmprime_len = params->N;
+ if (params->is_product_form)
+ {
+ --cmprime_len;
+ for (i = 0; i < cmprime_len; i++)
+ {
+ ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask;
+ if (ringel_buf1[i] >= (params->q >> 1))
+ {
+ ringel_buf1[i] = ringel_buf1[i] - q_mod_p;
+ }
+ Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3);
+ if (Mtrin_buf[i] == 1)
+ {
+ ++m1;
+ }
+ else if (Mtrin_buf[i] == 2)
+ {
+ --m1;
+ }
+ }
+ }
+ else
+ {
+ for (i = 0; i < cmprime_len; i++)
+ {
+ ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask;
+ if (ringel_buf1[i] >= (params->q >> 1))
+ {
+ ringel_buf1[i] = ringel_buf1[i] - q_mod_p;
+ }
+ Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3);
+ }
+ }
+
+ /* check that the candidate message representative meets minimum weight
+ * requirements
+ */
+
+ if (params->is_product_form)
+ {
+ decryption_ok = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) :
+ (bool)( m1 <= params->min_msg_rep_wt);
+ }
+ else
+ {
+ decryption_ok = ntru_poly_check_min_weight(cmprime_len, Mtrin_buf,
+ params->min_msg_rep_wt);
+ }
+
+ /* form cR = e - cm' mod q */
+ for (i = 0; i < cmprime_len; i++)
+ {
+ if (Mtrin_buf[i] == 1)
+ {
+ ringel_buf2[i] = (ringel_buf2[i] - 1) & mod_q_mask;
+ }
+ else if (Mtrin_buf[i] == 2)
+ {
+ ringel_buf2[i] = (ringel_buf2[i] + 1) & mod_q_mask;
+ }
+ }
+ if (params->is_product_form)
+ {
+ ringel_buf2[i] = (ringel_buf2[i] + m1) & mod_q_mask;
+ }
+
+ /* form cR mod 4 */
+ ntru_coeffs_mod4_2_octets(params->N, ringel_buf2, tmp_buf);
+
+ /* form mask */
+ seed = chunk_create(tmp_buf, (params->N + 3)/4);
+ mask = ntru_trits_create(params->N, hash_algid, seed);
+ if (!mask)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ else
+ {
+ mask_trits = mask->get_trits(mask);
+
+ /* form cMtrin by subtracting mask from cm', mod p */
+ for (i = 0; i < cmprime_len; i++)
+ {
+ Mtrin_buf[i] = Mtrin_buf[i] - mask_trits[i];
+ if (Mtrin_buf[i] >= 3)
+ {
+ Mtrin_buf[i] += 3;
+ }
+ }
+ mask->destroy(mask);
+
+ if (params->is_product_form)
+
+ /* set the last trit to zero since that's what it was, and
+ * because it can't be calculated from (cm' - mask) since
+ * we don't have the correct value for the last cm' trit
+ */
+
+ Mtrin_buf[i] = 0;
+
+ /* convert cMtrin to cM (Mtrin to Mbin) */
+
+ if (!ntru_trits_2_bits(Mtrin_buf, params->N, M_buf))
+ decryption_ok = FALSE;
+
+ /* validate the padded message cM and copy cm to m_buf */
+
+ ptr = M_buf + params->sec_strength_len;
+ if (params->m_len_len == 2)
+ cm_len = (uint16_t)(*ptr++) << 16;
+ cm_len |= (uint16_t)(*ptr++);
+ if (cm_len > params->m_len_max) {
+ cm_len = params->m_len_max;
+ decryption_ok = FALSE;
+ }
+ memcpy(m_buf, ptr, cm_len);
+ ptr += cm_len;
+ num_zeros = params->m_len_max - cm_len + 1;
+ for (i = 0; i < num_zeros; i++) {
+ if (ptr[i] != 0)
+ decryption_ok = FALSE;
+ }
+
+ /* form sData (OID || m || b || hTrunc) */
+
+ ptr = tmp_buf;
+ memcpy(ptr, params->OID, 3);
+ ptr += 3;
+ memcpy(ptr, m_buf, cm_len);
+ ptr += cm_len;
+ memcpy(ptr, M_buf, params->sec_strength_len);
+ ptr += params->sec_strength_len;
+ memcpy(ptr, pubkey_packed, params->sec_strength_len);
+ ptr += params->sec_strength_len;
+
+ /* generate cr */
+ DBG2(DBG_LIB, "generate polynomial r");
+
+ seed = chunk_create(tmp_buf, ptr - tmp_buf);
+ r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+ params->N, params->q,
+ params->dF_r, params->dF_r,
+ params->is_product_form);
+ if (!r_poly)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ /* unpack the public key */
+ {
+ uint16_t pubkey_packed_len;
+
+ assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS);
+ pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
+ ntru_octets_2_elements(pubkey_packed_len, pubkey_packed,
+ params->q_bits, ringel_buf1);
+ }
+
+ /* form cR' = h * cr */
+ r_poly->ring_mult(r_poly, ringel_buf1, ringel_buf1);
+ r_poly->destroy(r_poly);
+
+ /* compare cR' to cR */
+ for (i = 0; i < params->N; i++)
+ {
+ if (ringel_buf1[i] != ringel_buf2[i])
+ {
+ decryption_ok = FALSE;
+ }
+ }
+
+ /* output plaintext and plaintext length */
+ if (decryption_ok)
+ {
+ if (*pt_len < cm_len)
+ {
+ return NTRU_BUFFER_TOO_SMALL;
+ }
+ memcpy(pt, m_buf, cm_len);
+ *pt_len = cm_len;
+ }
+ }
+
+ /* cleanup */
+ memset(scratch_buf, 0, scratch_buf_len);
+ free(scratch_buf);
+
+ if (!decryption_ok)
+ {
+ return NTRU_FAIL;
+ }
+
+ return result;
+}
+
+
+/* ntru_crypto_ntru_encrypt_keygen
+ *
+ * Implements key generation for NTRUEncrypt for the parameter set specified.
+ *
+ * The required minimum size of the output public-key buffer (pubkey_blob)
+ * may be queried by invoking this function with pubkey_blob = NULL.
+ * In this case, no key generation is performed, NTRU_OK is returned, and
+ * the required minimum size for pubkey_blob is returned in pubkey_blob_len.
+ *
+ * The required minimum size of the output private-key buffer (privkey_blob)
+ * may be queried by invoking this function with privkey_blob = NULL.
+ * In this case, no key generation is performed, NTRU_OK is returned, and
+ * the required minimum size for privkey_blob is returned in privkey_blob_len.
+ *
+ * The required minimum sizes of both pubkey_blob and privkey_blob may be
+ * queried as described above, in a single invocation of this function.
+ *
+ * When pubkey_blob != NULL and privkey_blob != NULL, at invocation
+ * *pubkey_blob_len must be the size of the pubkey_blob buffer and
+ * *privkey_blob_len must be the size of the privkey_blob buffer.
+ * Upon return, *pubkey_blob_len is the actual size of the public-key blob
+ * and *privkey_blob_len is the actual size of the private-key blob.
+ *
+ * Returns NTRU_OK if successful.
+ * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob or
+ * privkey_blob) is NULL.
+ * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid.
+ * Returns NTRU_BAD_LENGTH if a length argument is invalid.
+ * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the
+ * privkey_blob buffer is too small.
+ * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap.
+ * Returns NTRU_FAIL if the polynomial generated for f is not invertible in
+ * (Z/qZ)[X]/(X^N - 1), which is extremely unlikely.
+ * Should this occur, this function should simply be invoked again.
+ */
+
+uint32_t
+ntru_crypto_ntru_encrypt_keygen(
+ ntru_drbg_t *drbg, /* in - handle of DRBG */
+ NTRU_ENCRYPT_PARAM_SET_ID param_set_id, /* in - parameter set ID */
+ uint16_t *pubkey_blob_len, /* in/out - no. of octets in
+ pubkey_blob, addr
+ for no. of octets
+ in pubkey_blob */
+ uint8_t *pubkey_blob, /* out - address for
+ public key blob */
+ uint16_t *privkey_blob_len, /* in/out - no. of octets in
+ privkey_blob, addr
+ for no. of octets
+ in privkey_blob */
+ uint8_t *privkey_blob) /* out - address for
+ private key blob */
+{
+ NTRU_ENCRYPT_PARAM_SET *params = NULL;
+ uint16_t public_key_blob_len;
+ uint16_t private_key_blob_len;
+ uint8_t pubkey_pack_type;
+ uint8_t privkey_pack_type;
+ size_t scratch_buf_len;
+ uint32_t dF;
+ uint32_t dF1 = 0;
+ uint32_t dF2 = 0;
+ uint32_t dF3 = 0;
+ uint16_t *scratch_buf = NULL;
+ uint16_t *ringel_buf1 = NULL;
+ uint16_t *ringel_buf2 = NULL;
+ uint8_t *tmp_buf = NULL;
+ uint16_t mod_q_mask;
+ hash_algorithm_t hash_algid;
+ uint16_t seed_len;
+ chunk_t seed;
+ uint32_t result = NTRU_OK;
+ ntru_poly_t *F_poly = NULL;
+ ntru_poly_t *g_poly = NULL;
+ uint16_t *F_indices;
+
+ /* get a pointer to the parameter-set parameters */
+
+ if ((params = ntru_encrypt_get_params_with_id(param_set_id)) == NULL)
+ {
+ return NTRU_INVALID_PARAMETER_SET;
+ }
+
+ /* check for bad parameters */
+
+ if (!pubkey_blob_len || !privkey_blob_len)
+ {
+ return NTRU_BAD_PARAMETER;
+ }
+
+ /* get public and private key packing types and blob lengths */
+
+ ntru_crypto_ntru_encrypt_key_get_blob_params(params, &pubkey_pack_type,
+ &public_key_blob_len,
+ &privkey_pack_type,
+ &private_key_blob_len);
+
+ /* return the pubkey_blob size and/or privkey_blob size if requested */
+
+ if (!pubkey_blob || !privkey_blob)
+ {
+ if (!pubkey_blob)
+ *pubkey_blob_len = public_key_blob_len;
+ if (!privkey_blob)
+ *privkey_blob_len = private_key_blob_len;
+ return NTRU_OK;
+ }
+
+ /* check size of output buffers */
+
+ if ((*pubkey_blob_len < public_key_blob_len) ||
+ (*privkey_blob_len < private_key_blob_len))
+ {
+ return NTRU_BUFFER_TOO_SMALL;
+ }
+
+ /* allocate memory for all operations */
+ if (params->is_product_form) {
+ dF1 = params->dF_r & 0xff;
+ dF2 = (params->dF_r >> 8) & 0xff;
+ dF3 = (params->dF_r >> 16) & 0xff;
+ dF = dF1 + dF2 + dF3;
+ } else {
+ dF = params->dF_r;
+ }
+
+ scratch_buf_len = (params->N * 8) + /* 4N-byte temp buffer for ring inv
+ and other intermediate results,
+ 2N-byte buffer for f, g indices
+ and overflow from temp buffer,
+ 2N-byte buffer for f^-1 */
+ (dF << 2); /* buffer for F indices */
+ scratch_buf = malloc(scratch_buf_len);
+ if (!scratch_buf)
+ {
+ return NTRU_OUT_OF_MEMORY;
+ }
+ ringel_buf1 = scratch_buf + (params->N << 1);
+ ringel_buf2 = ringel_buf1 + params->N;
+ tmp_buf = (uint8_t *)scratch_buf;
+
+ /* set hash algorithm and seed length based on security strength */
+ if (params->sec_strength_len <= 20)
+ {
+ hash_algid = HASH_SHA1;
+ }
+ else
+ {
+ hash_algid = HASH_SHA256;
+ }
+ seed_len = params->sec_strength_len + 8;
+
+ /* set constants */
+
+ mod_q_mask = params->q - 1;
+
+ /* get random bytes for seed for generating trinary F
+ * as a list of indices
+ */
+
+ if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
+ seed_len, tmp_buf))
+ {
+ result = NTRU_OK;
+ }
+ else
+ {
+ result = NTRU_DRBG_FAIL;
+ }
+
+ if (result == NTRU_OK)
+ {
+ DBG2(DBG_LIB, "generate polynomial F");
+
+ seed = chunk_create(tmp_buf, seed_len);
+ F_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+ params->N, params->q,
+ params->dF_r, params->dF_r,
+ params->is_product_form);
+ if (!F_poly)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ int i;
+
+ F_poly->get_array(F_poly, ringel_buf1);
+
+ /* form f = 1 + pF */
+ for (i = 0; i < params->N; i++)
+ {
+ ringel_buf1[i] = (ringel_buf1[i] * 3) & mod_q_mask;
+ }
+ ringel_buf1[0] = (ringel_buf1[0] + 1) & mod_q_mask;
+
+ /* find f^-1 in (Z/qZ)[X]/(X^N - 1) */
+ if (!ntru_ring_inv(ringel_buf1, params->N, params->q,
+ scratch_buf, ringel_buf2))
+ {
+ result = NTRU_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+
+ /* get random bytes for seed for generating trinary polynomial g
+ * as a list of indices
+ */
+ if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE,
+ seed_len, tmp_buf))
+ {
+ result = NTRU_DRBG_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ DBG2(DBG_LIB, "generate polynomial g");
+
+ seed = chunk_create(tmp_buf, seed_len);
+ g_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits,
+ params->N, params->q,
+ params->dg + 1, params->dg, FALSE);
+ if (!g_poly)
+ {
+ result = NTRU_MGF1_FAIL;
+ }
+ }
+
+ if (result == NTRU_OK)
+ {
+ uint16_t i;
+
+ /* compute h = p * (f^-1 * g) mod q */
+ g_poly->ring_mult(g_poly, ringel_buf2, ringel_buf2);
+ g_poly->destroy(g_poly);
+
+ for (i = 0; i < params->N; i++)
+ {
+ ringel_buf2[i] = (ringel_buf2[i] * 3) & mod_q_mask;
+ }
+
+ /* create public key blob */
+ ntru_crypto_ntru_encrypt_key_create_pubkey_blob(params, ringel_buf2,
+ pubkey_pack_type,
+ pubkey_blob);
+ *pubkey_blob_len = public_key_blob_len;
+
+ /* create private key blob */
+ F_indices = F_poly->get_indices(F_poly);
+ ntru_crypto_ntru_encrypt_key_create_privkey_blob(params, ringel_buf2,
+ F_indices,
+ privkey_pack_type,
+ tmp_buf, privkey_blob);
+ *privkey_blob_len = private_key_blob_len;
+ }
+
+ /* cleanup */
+ DESTROY_IF(F_poly);
+ memset(scratch_buf, 0, scratch_buf_len);
+ free(scratch_buf);
+
+ return result;
+}
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c
new file mode 100644
index 000000000..90baaadf3
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c
@@ -0,0 +1,360 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_encrypt_key.c is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_encrypt_key.c
+ *
+ * Contents: Routines for exporting and importing public and private keys
+ * for NTRUEncrypt.
+ *
+ *****************************************************************************/
+
+
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+#include "ntru_crypto_ntru_encrypt_key.h"
+
+
+/* ntru_crypto_ntru_encrypt_key_parse
+ *
+ * Parses an NTRUEncrypt key blob.
+ * If the blob is not corrupt, returns packing types for public and private
+ * keys, a pointer to the parameter set, a pointer to the public key, and
+ * a pointer to the private key if it exists.
+ *
+ * Returns TRUE if successful.
+ * Returns FALSE if the blob is invalid.
+ */
+
+bool
+ntru_crypto_ntru_encrypt_key_parse(
+ bool pubkey_parse, /* in - if parsing pubkey
+ blob */
+ uint16_t key_blob_len, /* in - no. octets in key
+ blob */
+ uint8_t const *key_blob, /* in - pointer to key blob */
+ uint8_t *pubkey_pack_type, /* out - addr for pubkey
+ packing type */
+ uint8_t *privkey_pack_type, /* out - addr for privkey
+ packing type */
+ NTRU_ENCRYPT_PARAM_SET **params, /* out - addr for ptr to
+ parameter set */
+ uint8_t const **pubkey, /* out - addr for ptr to
+ packed pubkey */
+ uint8_t const **privkey) /* out - addr for ptr to
+ packed privkey */
+{
+ uint8_t tag;
+
+ assert(key_blob_len);
+ assert(key_blob);
+ assert(pubkey_pack_type);
+ assert(params);
+ assert(pubkey);
+
+ /* parse key blob based on tag */
+
+ tag = key_blob[0];
+ switch (tag) {
+ case NTRU_ENCRYPT_PUBKEY_TAG:
+ if (!pubkey_parse)
+ return FALSE;
+ break;
+ case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG:
+ case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG:
+ case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG:
+ assert(privkey_pack_type);
+ assert(privkey);
+ if (pubkey_parse)
+ return FALSE;
+ break;
+ default:
+ return FALSE;
+ }
+
+ switch (tag) {
+ case NTRU_ENCRYPT_PUBKEY_TAG:
+ case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG:
+ case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG:
+ case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG:
+
+ /* Version 0:
+ * byte 0: tag
+ * byte 1: no. of octets in OID
+ * bytes 2-4: OID
+ * bytes 5- : packed pubkey
+ * [packed privkey]
+ */
+
+ {
+ NTRU_ENCRYPT_PARAM_SET *p = NULL;
+ uint16_t pubkey_packed_len;
+
+ /* check OID length and minimum blob length for tag and OID */
+
+ if ((key_blob_len < 5) || (key_blob[1] != 3))
+ return FALSE;
+
+ /* get a pointer to the parameter set corresponding to the OID */
+
+ if ((p = ntru_encrypt_get_params_with_OID(key_blob + 2)) == NULL)
+ return FALSE;
+
+ /* check blob length and assign pointers to blob fields */
+
+ pubkey_packed_len = (p->N * p->q_bits + 7) / 8;
+ if (pubkey_parse) { /* public-key parsing */
+ if (key_blob_len != 5 + pubkey_packed_len)
+ return FALSE;
+
+ *pubkey = key_blob + 5;
+
+ } else { /* private-key parsing */
+ uint16_t privkey_packed_len;
+ uint16_t privkey_packed_trits_len = (p->N + 4) / 5;
+ uint16_t privkey_packed_indices_len;
+ uint16_t dF;
+
+ /* check packing type for product-form private keys */
+
+ if (p->is_product_form &&
+ (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG))
+ return FALSE;
+
+ /* set packed-key length for packed indices */
+
+ if (p->is_product_form)
+ dF = (uint16_t)( (p->dF_r & 0xff) + /* df1 */
+ ((p->dF_r >> 8) & 0xff) + /* df2 */
+ ((p->dF_r >> 16) & 0xff)); /* df3 */
+ else
+ dF = (uint16_t)p->dF_r;
+ privkey_packed_indices_len = ((dF << 1) * p->N_bits + 7) >> 3;
+
+ /* set private-key packing type if defaulted */
+
+ if (tag == NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG) {
+ if (p->is_product_form ||
+ (privkey_packed_indices_len <=
+ privkey_packed_trits_len))
+ tag = NTRU_ENCRYPT_PRIVKEY_INDICES_TAG;
+ else
+ tag = NTRU_ENCRYPT_PRIVKEY_TRITS_TAG;
+ }
+
+ if (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG)
+ privkey_packed_len = privkey_packed_trits_len;
+ else
+ privkey_packed_len = privkey_packed_indices_len;
+
+ if (key_blob_len != 5 + pubkey_packed_len + privkey_packed_len)
+ return FALSE;
+
+ *pubkey = key_blob + 5;
+ *privkey = *pubkey + pubkey_packed_len;
+ *privkey_pack_type = (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG) ?
+ NTRU_ENCRYPT_KEY_PACKED_TRITS :
+ NTRU_ENCRYPT_KEY_PACKED_INDICES;
+ }
+
+ /* return parameter set pointer */
+
+ *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS;
+ *params = p;
+ }
+ default:
+ break; /* can't get here */
+ }
+ return TRUE;
+}
+
+
+/* ntru_crypto_ntru_encrypt_key_get_blob_params
+ *
+ * Returns public and private key packing types and blob lengths given
+ * a packing format. For now, only a default packing format exists.
+ *
+ * Only public-key params may be returned by setting privkey_pack_type
+ * and privkey_blob_len to NULL.
+ */
+
+void
+ntru_crypto_ntru_encrypt_key_get_blob_params(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint8_t *pubkey_pack_type, /* out - addr for pubkey
+ packing type */
+ uint16_t *pubkey_blob_len, /* out - addr for no. of
+ bytes in
+ pubkey blob */
+ uint8_t *privkey_pack_type, /* out - addr for privkey
+ packing type */
+ uint16_t *privkey_blob_len) /* out - addr for no. of
+ bytes in
+ privkey blob */
+{
+ uint16_t pubkey_packed_len = (params->N * params->q_bits + 7) >> 3;
+
+ assert(params);
+ assert(pubkey_pack_type);
+ assert(pubkey_blob_len);
+
+ *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS;
+ *pubkey_blob_len = 5 + pubkey_packed_len;
+
+ if (privkey_pack_type && privkey_blob_len) {
+ uint16_t privkey_packed_trits_len = (params->N + 4) / 5;
+ uint16_t privkey_packed_indices_len;
+ uint16_t dF;
+
+ if (params->is_product_form)
+ dF = (uint16_t)( (params->dF_r & 0xff) + /* df1 */
+ ((params->dF_r >> 8) & 0xff) + /* df2 */
+ ((params->dF_r >> 16) & 0xff)); /* df3 */
+ else
+ dF = (uint16_t)params->dF_r;
+ privkey_packed_indices_len = ((dF << 1) * params->N_bits + 7) >> 3;
+
+ if (params->is_product_form ||
+ (privkey_packed_indices_len <= privkey_packed_trits_len)) {
+ *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_INDICES;
+ *privkey_blob_len =
+ 5 + pubkey_packed_len + privkey_packed_indices_len;
+ } else {
+ *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_TRITS;
+ *privkey_blob_len =
+ 5 + pubkey_packed_len + privkey_packed_trits_len;
+ }
+ }
+}
+
+
+/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob
+ *
+ * Returns a public key blob, packed according to the packing type provided.
+ */
+
+void
+ntru_crypto_ntru_encrypt_key_create_pubkey_blob(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint16_t const *pubkey, /* in - pointer to the
+ coefficients
+ of the pubkey */
+ uint8_t pubkey_pack_type, /* out - pubkey packing
+ type */
+ uint8_t *pubkey_blob) /* out - addr for the
+ pubkey blob */
+{
+ assert(params);
+ assert(pubkey);
+ assert(pubkey_blob);
+
+ switch (pubkey_pack_type) {
+ case NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS:
+ *pubkey_blob++ = NTRU_ENCRYPT_PUBKEY_TAG;
+ *pubkey_blob++ = (uint8_t)sizeof(params->OID);
+ memcpy(pubkey_blob, params->OID, sizeof(params->OID));
+ pubkey_blob += sizeof(params->OID);
+ ntru_elements_2_octets(params->N, pubkey, params->q_bits,
+ pubkey_blob);
+ break;
+ default:
+ assert(FALSE);
+ }
+}
+
+
+/* ntru_crypto_ntru_encrypt_key_create_privkey_blob
+ *
+ * Returns a private key blob, packed according to the packing type provided.
+ */
+
+void
+ntru_crypto_ntru_encrypt_key_create_privkey_blob(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint16_t const *pubkey, /* in - pointer to the
+ coefficients
+ of the pubkey */
+ uint16_t const *privkey, /* in - pointer to the
+ indices of the
+ privkey */
+ uint8_t privkey_pack_type, /* in - privkey packing
+ type */
+ uint8_t *buf, /* in - temp, N bytes */
+ uint8_t *privkey_blob) /* out - addr for the
+ privkey blob */
+{
+ assert(params);
+ assert(pubkey);
+ assert(privkey);
+ assert(privkey_blob);
+
+ switch (privkey_pack_type) {
+ case NTRU_ENCRYPT_KEY_PACKED_TRITS:
+ case NTRU_ENCRYPT_KEY_PACKED_INDICES:
+
+ /* format header and packed public key */
+
+ *privkey_blob++ = NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG;
+ *privkey_blob++ = (uint8_t)sizeof(params->OID);
+ memcpy(privkey_blob, params->OID, sizeof(params->OID));
+ privkey_blob += sizeof(params->OID);
+ ntru_elements_2_octets(params->N, pubkey, params->q_bits,
+ privkey_blob);
+ privkey_blob += (params->N * params->q_bits + 7) >> 3;
+
+ /* add packed private key */
+
+ if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS) {
+ ntru_indices_2_packed_trits(privkey, (uint16_t)params->dF_r,
+ (uint16_t)params->dF_r,
+ params->N, buf, privkey_blob);
+ } else {
+ uint32_t dF;
+
+ if (params->is_product_form) {
+ dF = (params->dF_r & 0xff) +
+ ((params->dF_r >> 8) & 0xff) +
+ ((params->dF_r >> 16) & 0xff);
+ } else {
+ dF = params->dF_r;
+ }
+ ntru_elements_2_octets((uint16_t)dF << 1, privkey,
+ params->N_bits, privkey_blob);
+ }
+ break;
+ default:
+ assert(FALSE);
+ break;
+ }
+}
+
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h
new file mode 100644
index 000000000..6734f2a4c
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h
@@ -0,0 +1,167 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_cencrypt_key.h is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+
+#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H
+#define NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H
+
+#include "ntru_crypto_ntru_convert.h"
+#include "ntru_crypto_ntru_encrypt_param_sets.h"
+
+
+/* key-blob definitions */
+
+#define NTRU_ENCRYPT_PUBKEY_TAG 0x01
+#define NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG 0x02
+#define NTRU_ENCRYPT_PRIVKEY_TRITS_TAG 0xfe
+#define NTRU_ENCRYPT_PRIVKEY_INDICES_TAG 0xff
+
+/* packing types */
+
+#define NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS 0x01
+#define NTRU_ENCRYPT_KEY_PACKED_INDICES 0x02
+#define NTRU_ENCRYPT_KEY_PACKED_TRITS 0x03
+
+/* function declarations */
+
+
+/* ntru_crypto_ntru_encrypt_key_parse
+ *
+ * Parses an NTRUEncrypt key blob.
+ * If the blob is not corrupt, returns packing types for public and private
+ * keys, a pointer to the parameter set, a pointer to the public key, and
+ * a pointer to the private key if it exists.
+ *
+ * Returns TRUE if successful.
+ * Returns FALSE if the blob is invalid.
+ */
+
+extern bool
+ntru_crypto_ntru_encrypt_key_parse(
+ bool pubkey_parse, /* in - if parsing pubkey
+ blob */
+ uint16_t key_blob_len, /* in - no. octets in key
+ blob */
+ uint8_t const *key_blob, /* in - pointer to key blob */
+ uint8_t *pubkey_pack_type, /* out - addr for pubkey
+ packing type */
+ uint8_t *privkey_pack_type, /* out - addr for privkey
+ packing type */
+ NTRU_ENCRYPT_PARAM_SET **params, /* out - addr for ptr to
+ parameter set */
+ uint8_t const **pubkey, /* out - addr for ptr to
+ packed pubkey */
+ uint8_t const **privkey); /* out - addr for ptr to
+ packed privkey */
+
+
+/* ntru_crypto_ntru_encrypt_key_get_blob_params
+ *
+ * Returns public and private key packing types and blob lengths given
+ * a packing format. For now, only a default packing format exists.
+ *
+ * Only public-key params may be returned by setting privkey_pack_type
+ * and privkey_blob_len to NULL.
+ */
+
+extern void
+ntru_crypto_ntru_encrypt_key_get_blob_params(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint8_t *pubkey_pack_type, /* out - addr for pubkey
+ packing type */
+ uint16_t *pubkey_blob_len, /* out - addr for no. of
+ bytes in
+ pubkey blob */
+ uint8_t *privkey_pack_type, /* out - addr for privkey
+ packing type */
+ uint16_t *privkey_blob_len); /* out - addr for no. of
+ bytes in
+ privkey blob */
+
+
+/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob
+ *
+ * Returns a public key blob, packed according to the packing type provided.
+ */
+
+extern void
+ntru_crypto_ntru_encrypt_key_create_pubkey_blob(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint16_t const *pubkey, /* in - pointer to the
+ coefficients
+ of the pubkey */
+ uint8_t pubkey_pack_type, /* out - addr for pubkey
+ packing type */
+ uint8_t *pubkey_blob); /* out - addr for the
+ pubkey blob */
+
+
+/* ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob
+ *
+ * Returns a public key blob, recreated from an already-packed public key.
+ */
+
+extern void
+ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint16_t packed_pubkey_len, /* in - no. octets in
+ packed pubkey */
+ uint8_t const *packed_pubkey, /* in - pointer to the
+ packed pubkey */
+ uint8_t pubkey_pack_type, /* out - pubkey packing
+ type */
+ uint8_t *pubkey_blob); /* out - addr for the
+ pubkey blob */
+
+
+/* ntru_crypto_ntru_encrypt_key_create_privkey_blob
+ *
+ * Returns a privlic key blob, packed according to the packing type provided.
+ */
+
+extern void
+ntru_crypto_ntru_encrypt_key_create_privkey_blob(
+ NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to
+ param set
+ parameters */
+ uint16_t const *pubkey, /* in - pointer to the
+ coefficients
+ of the pubkey */
+ uint16_t const *privkey, /* in - pointer to the
+ indices of the
+ privkey */
+ uint8_t privkey_pack_type, /* in - privkey packing
+ type */
+ uint8_t *buf, /* in - temp, N bytes */
+ uint8_t *privkey_blob); /* out - addr for the
+ privkey blob */
+
+
+#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c
new file mode 100644
index 000000000..5ddf91d2a
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c
@@ -0,0 +1,384 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_param_sets.c is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_encrypt_param_sets.c
+ *
+ * Contents: Defines the NTRUEncrypt parameter sets.
+ *
+ *****************************************************************************/
+
+#include <stdlib.h>
+#include <string.h>
+#include "ntru_crypto_ntru_encrypt_param_sets.h"
+
+
+/* parameter sets */
+
+static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = {
+
+ {
+ NTRU_EES401EP1, /* parameter-set id */
+ {0x00, 0x02, 0x04}, /* OID */
+ 0x22, /* DER id */
+ 9, /* no. of bits in N (i.e., in an index) */
+ 401, /* N */
+ 14, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 113, /* df, dr */
+ 133, /* dg */
+ 60, /* maxMsgLenBytes */
+ 113, /* dm0 */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES449EP1, /* parameter-set id */
+ {0x00, 0x03, 0x03}, /* OID */
+ 0x23, /* DER id */
+ 9, /* no. of bits in N (i.e., in an index) */
+ 449, /* N */
+ 16, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 134, /* df, dr */
+ 149, /* dg */
+ 67, /* maxMsgLenBytes */
+ 134, /* dm0 */
+ 9, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES677EP1, /* parameter-set id */
+ {0x00, 0x05, 0x03}, /* OID */
+ 0x24, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 677, /* N */
+ 24, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 157, /* df, dr */
+ 225, /* dg */
+ 101, /* maxMsgLenBytes */
+ 157, /* dm0 */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES1087EP2, /* parameter-set id */
+ {0x00, 0x06, 0x03}, /* OID */
+ 0x25, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 1087, /* N */
+ 32, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 120, /* df, dr */
+ 362, /* dg */
+ 170, /* maxMsgLenBytes */
+ 120, /* dm0 */
+ 13, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES541EP1, /* parameter-set id */
+ {0x00, 0x02, 0x05}, /* OID */
+ 0x26, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 541, /* N */
+ 14, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 49, /* df, dr */
+ 180, /* dg */
+ 86, /* maxMsgLenBytes */
+ 49, /* dm0 */
+ 12, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES613EP1, /* parameter-set id */
+ {0x00, 0x03, 0x04}, /* OID */
+ 0x27, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 613, /* N */
+ 16, /* securuity strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 55, /* df, dr */
+ 204, /* dg */
+ 97, /* maxMsgLenBytes */
+ 55, /* dm0 */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES887EP1, /* parameter-set id */
+ {0x00, 0x05, 0x04}, /* OID */
+ 0x28, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 887, /* N */
+ 24, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 81, /* df, dr */
+ 295, /* dg */
+ 141, /* maxMsgLenBytes */
+ 81, /* dm0 */
+ 10, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES1171EP1, /* parameter-set id */
+ {0x00, 0x06, 0x04}, /* OID */
+ 0x29, /* DER id */
+ 11, /* no. of bits in N (i.e., in an index) */
+ 1171, /* N */
+ 32, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 106, /* df, dr */
+ 390, /* dg */
+ 186, /* maxMsgLenBytes */
+ 106, /* dm0 */
+ 12, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES659EP1, /* parameter-set id */
+ {0x00, 0x02, 0x06}, /* OID */
+ 0x2a, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 659, /* N */
+ 14, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 38, /* df, dr */
+ 219, /* dg */
+ 108, /* maxMsgLenBytes */
+ 38, /* dm0 */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES761EP1, /* parameter-set id */
+ {0x00, 0x03, 0x05}, /* OID */
+ 0x2b, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 761, /* N */
+ 16, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 42, /* df, dr */
+ 253, /* dg */
+ 125, /* maxMsgLenBytes */
+ 42, /* dm0 */
+ 12, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES1087EP1, /* parameter-set id */
+ {0x00, 0x05, 0x05}, /* OID */
+ 0x2c, /* DER id */
+ 11, /* no. of bits in N (i.e., in an index) */
+ 1087, /* N */
+ 24, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 63, /* df, dr */
+ 362, /* dg */
+ 178, /* maxMsgLenBytes */
+ 63, /* dm0 */
+ 13, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES1499EP1, /* parameter-set id */
+ {0x00, 0x06, 0x05}, /* OID */
+ 0x2d, /* DER id */
+ 11, /* no. of bits in N (i.e., in an index) */
+ 1499, /* N */
+ 32, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ FALSE, /* product form */
+ 79, /* df, dr */
+ 499, /* dg */
+ 247, /* maxMsgLenBytes */
+ 79, /* dm0 */
+ 13, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES401EP2, /* parameter-set id */
+ {0x00, 0x02, 0x10}, /* OID */
+ 0x2e, /* DER id */
+ 9, /* no. of bits in N (i.e., in an index) */
+ 401, /* N */
+ 14, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ TRUE, /* product form */
+ 8 + (8 << 8) + (6 << 16), /* df, dr */
+ 133, /* dg */
+ 60, /* maxMsgLenBytes */
+ 136, /* m(1)_max */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES439EP1, /* parameter-set id */
+ {0x00, 0x03, 0x10}, /* OID */
+ 0x2f, /* DER id */
+ 9, /* no. of bits in N (i.e., in an index) */
+ 439, /* N */
+ 16, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ TRUE, /* product form */
+ 9 + (8 << 8) + (5 << 16), /* df, dr */
+ 146, /* dg */
+ 65, /* maxMsgLenBytes */
+ 126, /* m(1)_max */
+ 9, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES593EP1, /* parameter-set id */
+ {0x00, 0x05, 0x10}, /* OID */
+ 0x30, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 593, /* N */
+ 24, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ TRUE, /* product form */
+ 10 + (10 << 8) + (8 << 16), /* df, dr */
+ 197, /* dg */
+ 86, /* maxMsgLenBytes */
+ 90, /* m(1)_max */
+ 11, /* c */
+ 1, /* lLen */
+ },
+
+ {
+ NTRU_EES743EP1, /* parameter-set id */
+ {0x00, 0x06, 0x10}, /* OID */
+ 0x31, /* DER id */
+ 10, /* no. of bits in N (i.e., in an index) */
+ 743, /* N */
+ 32, /* security strength in octets */
+ 2048, /* q */
+ 11, /* no. of bits in q (i.e., in a coeff) */
+ TRUE, /* product form */
+ 11 + (11 << 8) + (15 << 16), /* df, dr */
+ 247, /* dg */
+ 106, /* maxMsgLenBytes */
+ 60, /* m(1)_max */
+ 13, /* c */
+ 1, /* lLen */
+ },
+
+};
+
+static size_t numParamSets =
+ sizeof(ntruParamSets)/sizeof(NTRU_ENCRYPT_PARAM_SET);
+
+
+/* functions */
+
+/* ntru_encrypt_get_params_with_id
+ *
+ * Looks up a set of NTRUEncrypt parameters based on the id of the
+ * parameter set.
+ *
+ * Returns a pointer to the parameter set parameters if successful.
+ * Returns NULL if the parameter set cannot be found.
+ */
+
+NTRU_ENCRYPT_PARAM_SET *
+ntru_encrypt_get_params_with_id(
+ NTRU_ENCRYPT_PARAM_SET_ID id) /* in - parameter-set id */
+{
+ size_t i;
+
+ for (i = 0; i < numParamSets; i++) {
+ if (ntruParamSets[i].id == id) {
+ return &(ntruParamSets[i]);
+ }
+ }
+ return NULL;
+}
+
+
+/* ntru_encrypt_get_params_with_OID
+ *
+ * Looks up a set of NTRUEncrypt parameters based on the OID of the
+ * parameter set.
+ *
+ * Returns a pointer to the parameter set parameters if successful.
+ * Returns NULL if the parameter set cannot be found.
+ */
+
+NTRU_ENCRYPT_PARAM_SET *
+ntru_encrypt_get_params_with_OID(
+ uint8_t const *oid) /* in - pointer to parameter-set OID */
+{
+ size_t i;
+
+ for (i = 0; i < numParamSets; i++) {
+ if (!memcmp(ntruParamSets[i].OID, oid, 3)) {
+ return &(ntruParamSets[i]);
+ }
+ }
+ return NULL;
+}
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h
new file mode 100644
index 000000000..e5e977a0e
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h
@@ -0,0 +1,101 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_encrypt_param_sets.h is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_encrypt_param_sets.h
+ *
+ * Contents: Definitions and declarations for the NTRUEncrypt parameter sets.
+ *
+ *****************************************************************************/
+
+#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H
+#define NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H
+
+#include "ntru_crypto.h"
+
+/* structures */
+
+typedef struct _NTRU_ENCRYPT_PARAM_SET {
+ NTRU_ENCRYPT_PARAM_SET_ID id; /* parameter-set ID */
+ uint8_t const OID[3]; /* pointer to OID */
+ uint8_t der_id; /* parameter-set DER id */
+ uint8_t N_bits; /* no. of bits in N (i.e. in
+ an index */
+ uint16_t N; /* ring dimension */
+ uint16_t sec_strength_len; /* no. of octets of
+ security strength */
+ uint16_t q; /* big modulus */
+ uint8_t q_bits; /* no. of bits in q (i.e. in
+ a coefficient */
+ bool is_product_form; /* if product form used */
+ uint32_t dF_r; /* no. of 1 or -1 coefficients
+ in ring elements F, r */
+ uint16_t dg; /* no. - 1 of 1 coefficients
+ or no. of -1 coefficients
+ in ring element g */
+ uint16_t m_len_max; /* max no. of plaintext
+ octets */
+ uint16_t min_msg_rep_wt; /* min. message
+ representative weight */
+ uint8_t c_bits; /* no. bits in candidate for
+ deriving an index in
+ IGF-2 */
+ uint8_t m_len_len; /* no. of octets to hold
+ mLenOctets */
+} NTRU_ENCRYPT_PARAM_SET;
+
+
+
+/* function declarations */
+
+/* ntru_encrypt_get_params_with_id
+ *
+ * Looks up a set of NTRU Encrypt parameters based on the id of the
+ * parameter set.
+ *
+ * Returns a pointer to the parameter set parameters if successful.
+ * Returns NULL if the parameter set cannot be found.
+ */
+
+extern NTRU_ENCRYPT_PARAM_SET *
+ntru_encrypt_get_params_with_id(
+ NTRU_ENCRYPT_PARAM_SET_ID id); /* in - parameter-set id */
+
+
+/* ntru_encrypt_get_params_with_OID
+ *
+ * Looks up a set of NTRU Encrypt parameters based on the OID of the
+ * parameter set.
+ *
+ * Returns a pointer to the parameter set parameters if successful.
+ * Returns NULL if the parameter set cannot be found.
+ */
+
+extern NTRU_ENCRYPT_PARAM_SET *
+ntru_encrypt_get_params_with_OID(
+ uint8_t const *oid); /* in - pointer to parameter-set OID */
+
+#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H */
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
new file mode 100644
index 000000000..8e4eede87
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c
@@ -0,0 +1,242 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_poly.c is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+#include <stdlib.h>
+#include <string.h>
+#include "ntru_crypto_ntru_poly.h"
+
+/* ntru_poly_check_min_weight
+ *
+ * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed
+ * a minimum weight.
+ */
+
+bool
+ntru_poly_check_min_weight(
+ uint16_t num_els, /* in - degree of polynomial */
+ uint8_t *ringels, /* in - pointer to trinary ring elements */
+ uint16_t min_wt) /* in - minimum weight */
+{
+ uint16_t wt[3];
+ uint16_t i;
+
+ wt[0] = wt[1] = wt[2] = 0;
+ for (i = 0; i < num_els; i++) {
+ ++wt[ringels[i]];
+ }
+ if ((wt[0] < min_wt) || (wt[1] < min_wt) || (wt[2] < min_wt)) {
+ return FALSE;
+ }
+ return TRUE;
+}
+
+/* ntru_ring_mult_coefficients
+ *
+ * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b"
+ * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1).
+ * This is a convolution operation.
+ *
+ * Ring element "b" has coefficients in the range [0,N).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum
+ * beyond 16 bits does not matter.
+ */
+
+void
+ntru_ring_mult_coefficients(
+ uint16_t const *a, /* in - pointer to polynomial a */
+ uint16_t const *b, /* in - pointer to polynomial b */
+ uint16_t N, /* in - no. of coefficients in a, b, c */
+ uint16_t q, /* in - large modulus */
+ uint16_t *c) /* out - address for polynomial c */
+{
+ uint16_t const *bptr = b;
+ uint16_t mod_q_mask = q - 1;
+ uint16_t i, k;
+
+ /* c[k] = sum(a[i] * b[k-i]) mod q */
+ memset(c, 0, N * sizeof(uint16_t));
+ for (k = 0; k < N; k++) {
+ i = 0;
+ while (i <= k)
+ c[k] += a[i++] * *bptr--;
+ bptr += N;
+ while (i < N)
+ c[k] += a[i++] * *bptr--;
+ c[k] &= mod_q_mask;
+ ++bptr;
+ }
+}
+
+
+/* ntru_ring_inv
+ *
+ * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that operations mod q can
+ * wait until the end, and only 16-bit arrays need to be used.
+ */
+
+bool
+ntru_ring_inv(
+ uint16_t *a, /* in - pointer to polynomial a */
+ uint16_t N, /* in - no. of coefficients in a */
+ uint16_t q, /* in - large modulus */
+ uint16_t *t, /* in - temp buffer of 2N elements */
+ uint16_t *a_inv) /* out - address for polynomial a^-1 */
+{
+ uint8_t *b = (uint8_t *)t; /* b cannot be in a_inv since it must be
+ rotated and copied there as a^-1 mod 2 */
+ uint8_t *c = b + N; /* c cannot be in a_inv since it exchanges
+ with b, and b cannot be in a_inv */
+ uint8_t *f = c + N;
+ uint8_t *g = (uint8_t *)a_inv; /* g needs N + 1 bytes */
+ uint16_t *t2 = t + N;
+ uint16_t deg_b;
+ uint16_t deg_c;
+ uint16_t deg_f;
+ uint16_t deg_g;
+ uint16_t k = 0;
+ bool done = FALSE;
+ uint16_t i, j;
+
+ /* form a^-1 in (Z/2Z)[X]/X^N - 1) */
+ memset(b, 0, (N << 1)); /* clear to init b, c */
+
+ /* b(X) = 1 */
+ b[0] = 1;
+ deg_b = 0;
+
+ /* c(X) = 0 (cleared above) */
+ deg_c = 0;
+
+ /* f(X) = a(X) mod 2 */
+ for (i = 0; i < N; i++)
+ f[i] = (uint8_t)(a[i] & 1);
+ deg_f = N - 1;
+
+ /* g(X) = X^N - 1 */
+ g[0] = 1;
+ memset(g + 1, 0, N - 1);
+ g[N] = 1;
+ deg_g = N;
+
+ /* until f(X) = 1 */
+
+ while (!done)
+ {
+
+ /* while f[0] = 0, f(X) /= X, c(X) *= X, k++ */
+
+ for (i = 0; (i <= deg_f) && (f[i] == 0); ++i);
+ if (i > deg_f)
+ return FALSE;
+ if (i) {
+ f = f + i;
+ deg_f = deg_f - i;
+ deg_c = deg_c + i;
+ for (j = deg_c; j >= i; j--)
+ c[j] = c[j-i];
+ for (j = 0; j < i; j++)
+ c[j] = 0;
+ k = k + i;
+ }
+
+ /* adjust degree of f(X) if the highest coefficients are zero
+ * Note: f[0] = 1 from above so the loop will terminate.
+ */
+
+ while (f[deg_f] == 0)
+ --deg_f;
+
+ /* if f(X) = 1, done
+ * Note: f[0] = 1 from above, so only check the x term and up
+ */
+
+ for (i = 1; (i <= deg_f) && (f[i] == 0); ++i);
+ if (i > deg_f) {
+ done = TRUE;
+ break;
+ }
+
+ /* if deg_f < deg_g, f <-> g, b <-> c */
+
+ if (deg_f < deg_g) {
+ uint8_t *x;
+
+ x = f;
+ f = g;
+ g = x;
+ deg_f ^= deg_g;
+ deg_g ^= deg_f;
+ deg_f ^= deg_g;
+ x = b;
+ b = c;
+ c = x;
+ deg_b ^= deg_c;
+ deg_c ^= deg_b;
+ deg_b ^= deg_c;
+ }
+
+ /* f(X) += g(X), b(X) += c(X) */
+
+ for (i = 0; i <= deg_g; i++)
+ f[i] ^= g[i];
+
+ if (deg_c > deg_b)
+ deg_b = deg_c;
+ for (i = 0; i <= deg_c; i++)
+ b[i] ^= c[i];
+ }
+
+ /* a^-1 in (Z/2Z)[X]/(X^N - 1) = b(X) shifted left k coefficients */
+
+ j = 0;
+ if (k >= N)
+ k = k - N;
+ for (i = k; i < N; i++)
+ a_inv[j++] = (uint16_t)(b[i]);
+ for (i = 0; i < k; i++)
+ a_inv[j++] = (uint16_t)(b[i]);
+
+ /* lift a^-1 in (Z/2Z)[X]/(X^N - 1) to a^-1 in (Z/qZ)[X]/(X^N -1) */
+
+ for (j = 0; j < 4; ++j) { /* assumes 256 < q <= 65536 */
+
+ /* a^-1 = a^-1 * (2 - a * a^-1) mod q */
+
+ memcpy(t2, a_inv, N * sizeof(uint16_t));
+ ntru_ring_mult_coefficients(a, t2, N, q, t);
+ for (i = 0; i < N; ++i)
+ t[i] = q - t[i];
+ t[0] = t[0] + 2;
+ ntru_ring_mult_coefficients(t2, t, N, q, a_inv);
+ }
+
+ return TRUE;
+
+
+}
+
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h
new file mode 100644
index 000000000..1e9d467ed
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h
@@ -0,0 +1,96 @@
+/******************************************************************************
+ * NTRU Cryptography Reference Source Code
+ * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved.
+ *
+ * ntru_crypto_ntru_poly.h is a component of ntru-crypto.
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ *****************************************************************************/
+
+/******************************************************************************
+ *
+ * File: ntru_crypto_ntru_poly.h
+ *
+ * Contents: Public header file for generating and operating on polynomials
+ * in the NTRU algorithm.
+ *
+ *****************************************************************************/
+
+
+#ifndef NTRU_CRYPTO_NTRU_POLY_H
+#define NTRU_CRYPTO_NTRU_POLY_H
+
+
+#include "ntru_crypto.h"
+
+#include <crypto/hashers/hasher.h>
+
+
+/* function declarations */
+
+/* ntru_poly_check_min_weight
+ *
+ * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed
+ * a minimum weight.
+ */
+
+extern bool
+ntru_poly_check_min_weight(
+ uint16_t num_els, /* in - degree of polynomial */
+ uint8_t *ringels, /* in - pointer to trinary ring elements */
+ uint16_t min_wt); /* in - minimum weight */
+
+/* ntru_ring_mult_coefficients
+ *
+ * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b"
+ * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1).
+ * This is a convolution operation.
+ *
+ * Ring element "b" has coefficients in the range [0,N).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum
+ * beyond 16 bits does not matter.
+ */
+
+extern void
+ntru_ring_mult_coefficients(
+ uint16_t const *a, /* in - pointer to polynomial a */
+ uint16_t const *b, /* in - pointer to polynomial b */
+ uint16_t N, /* in - no. of coefficients in a, b, c */
+ uint16_t q, /* in - large modulus */
+ uint16_t *c); /* out - address for polynomial c */
+
+
+/* ntru_ring_inv
+ *
+ * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1).
+ *
+ * This assumes q is 2^r where 8 < r < 16, so that operations mod q can
+ * wait until the end, and only 16-bit arrays need to be used.
+ */
+
+extern bool
+ntru_ring_inv(
+ uint16_t *a, /* in - pointer to polynomial a */
+ uint16_t N, /* in - no. of coefficients in a */
+ uint16_t q, /* in - large modulus */
+ uint16_t *t, /* in - temp buffer of 2N elements */
+ uint16_t *a_inv); /* out - address for polynomial a^-1 */
+
+
+#endif /* NTRU_CRYPTO_NTRU_POLY_H */
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.c b/src/libstrongswan/plugins/ntru/ntru_drbg.c
new file mode 100644
index 000000000..181a58939
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.c
@@ -0,0 +1,279 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_drbg.h"
+
+#include <utils/debug.h>
+#include <utils/test.h>
+
+#define MAX_STRENGTH_BITS 256
+#define MAX_DRBG_REQUESTS 0xfffffffe
+
+typedef struct private_ntru_drbg_t private_ntru_drbg_t;
+
+/**
+ * Private data of an ntru_drbg_t object.
+ */
+struct private_ntru_drbg_t {
+ /**
+ * Public ntru_drbg_t interface.
+ */
+ ntru_drbg_t public;
+
+ /**
+ * Security strength in bits of the DRBG
+ */
+ u_int32_t strength;
+
+ /**
+ * Number of requests for pseudorandom bits
+ */
+ u_int32_t reseed_counter;
+
+ /**
+ * Maximum number of requests for pseudorandom bits
+ */
+ u_int32_t max_requests;
+
+ /**
+ * True entropy source
+ */
+ rng_t *entropy;
+
+ /**
+ * HMAC-SHA256
+ */
+ signer_t *hmac;
+
+ /**
+ * Internal state of HMAC-SHA256: key
+ */
+ chunk_t key;
+
+ /**
+ * Internal state of HMAC-SHA256: value
+ */
+ chunk_t value;
+
+};
+
+/**
+ * Update the internal state of the HMAC_DRBG
+ */
+static bool update(private_ntru_drbg_t *this, chunk_t data)
+{
+ chunk_t ch_00 = chunk_from_chars(0x00);
+ chunk_t ch_01 = chunk_from_chars(0x01);
+
+ if (!this->hmac->set_key(this->hmac, this->key) ||
+ !this->hmac->get_signature(this->hmac, this->value, NULL) ||
+ !this->hmac->get_signature(this->hmac, ch_00, NULL) ||
+ !this->hmac->get_signature(this->hmac, data, this->key.ptr) ||
+ !this->hmac->set_key(this->hmac, this->key) ||
+ !this->hmac->get_signature(this->hmac, this->value,
+ this->value.ptr))
+ {
+ return FALSE;
+ }
+
+ if (data.len > 0)
+ {
+ if (!this->hmac->set_key(this->hmac, this->key) ||
+ !this->hmac->get_signature(this->hmac, this->value, NULL) ||
+ !this->hmac->get_signature(this->hmac, ch_01, NULL) ||
+ !this->hmac->get_signature(this->hmac, data, this->key.ptr) ||
+ !this->hmac->set_key(this->hmac, this->key) ||
+ !this->hmac->get_signature(this->hmac, this->value,
+ this->value.ptr))
+ {
+ return FALSE;
+ }
+ }
+ DBG4(DBG_LIB, "HMAC_DRBG V: %B", &this->value);
+ DBG4(DBG_LIB, "HMAC_DRBG K: %B", &this->key);
+
+ return TRUE;
+}
+
+METHOD(ntru_drbg_t, get_strength, u_int32_t,
+ private_ntru_drbg_t *this)
+{
+ return this->strength;
+}
+
+METHOD(ntru_drbg_t, reseed, bool,
+ private_ntru_drbg_t *this)
+{
+ chunk_t seed;
+
+ seed = chunk_alloc(this->strength / BITS_PER_BYTE);
+ DBG2(DBG_LIB, "DRBG requests %u bytes of entropy", seed.len);
+
+ if (!this->entropy->get_bytes(this->entropy, seed.len, seed.ptr))
+ {
+ chunk_free(&seed);
+ return FALSE;
+ }
+ if (!update(this, seed))
+ {
+ chunk_free(&seed);
+ return FALSE;
+ }
+ chunk_clear(&seed);
+ this->reseed_counter = 1;
+
+ return TRUE;
+}
+
+METHOD(ntru_drbg_t, generate, bool,
+ private_ntru_drbg_t *this, u_int32_t strength, u_int32_t len, u_int8_t *out)
+{
+ size_t delta;
+ chunk_t output;
+
+ DBG2(DBG_LIB, "DRBG generates %u pseudorandom bytes", len);
+ if (!out || len == 0)
+ {
+ return FALSE;
+ }
+ output = chunk_create(out, len);
+
+ if (this->reseed_counter > this->max_requests)
+ {
+ if (!reseed(this))
+ {
+ return FALSE;
+ }
+ }
+ while (len)
+ {
+ if (!this->hmac->get_signature(this->hmac, this->value,
+ this->value.ptr))
+ {
+ return FALSE;
+ }
+ delta = min(len, this->value.len);
+ memcpy(out, this->value.ptr, delta);
+ len -= delta;
+ out += delta;
+ }
+ DBG4(DBG_LIB, "HMAC_DRBG Out: %B", &output);
+
+ if (!update(this, chunk_empty))
+ {
+ return FALSE;
+ }
+ this->reseed_counter++;
+
+ return TRUE;
+}
+
+METHOD(ntru_drbg_t, destroy, void,
+ private_ntru_drbg_t *this)
+{
+ this->hmac->destroy(this->hmac);
+ chunk_clear(&this->key);
+ chunk_clear(&this->value);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
+ rng_t *entropy)
+{
+ private_ntru_drbg_t *this;
+ chunk_t seed;
+ signer_t *hmac;
+ size_t entropy_len;
+ u_int32_t max_requests;
+
+ if (strength > MAX_STRENGTH_BITS)
+ {
+ return NULL;
+ }
+ if (strength <= 112)
+ {
+ strength = 112;
+ }
+ else if (strength <= 128)
+ {
+ strength = 128;
+ }
+ else if (strength <= 192)
+ {
+ strength = 192;
+ }
+ else
+ {
+ strength = 256;
+ }
+
+ hmac = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA2_256_256);
+ if (!hmac)
+ {
+ DBG1(DBG_LIB, "could not instantiate HMAC-SHA256");
+ return NULL;
+ }
+
+ max_requests = lib->settings->get_int(lib->settings,
+ "%s.plugins.ntru.max_drbg_requests",
+ MAX_DRBG_REQUESTS, lib->ns);
+
+ INIT(this,
+ .public = {
+ .get_strength = _get_strength,
+ .reseed = _reseed,
+ .generate = _generate,
+ .destroy = _destroy,
+ },
+ .strength = strength,
+ .entropy = entropy,
+ .hmac = hmac,
+ .key = chunk_alloc(hmac->get_key_size(hmac)),
+ .value = chunk_alloc(hmac->get_block_size(hmac)),
+ .max_requests = max_requests,
+ .reseed_counter = 1,
+ );
+
+ memset(this->key.ptr, 0x00, this->key.len);
+ memset(this->value.ptr, 0x01, this->value.len);
+
+ entropy_len = (strength + strength/2) / BITS_PER_BYTE;
+ seed = chunk_alloc(entropy_len + pers_str.len);
+ DBG2(DBG_LIB, "DRBG requests %u bytes of entropy", entropy_len);
+
+ if (!this->entropy->get_bytes(this->entropy, entropy_len, seed.ptr))
+ {
+ chunk_free(&seed);
+ destroy(this);
+ return NULL;
+ }
+ memcpy(seed.ptr + entropy_len, pers_str.ptr, pers_str.len);
+ DBG4(DBG_LIB, "seed: %B", &seed);
+
+ if (!update(this, seed))
+ {
+ chunk_free(&seed);
+ destroy(this);
+ return NULL;
+ }
+ chunk_clear(&seed);
+
+ return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_drbg_create);
diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.h b/src/libstrongswan/plugins/ntru/ntru_drbg.h
new file mode 100644
index 000000000..38ac718ae
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_drbg.h
@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_drbg ntru_drbg
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_DRBG_H_
+#define NTRU_DRBG_H_
+
+typedef struct ntru_drbg_t ntru_drbg_t;
+
+#include <library.h>
+
+/**
+ * Implements a HMAC Deterministic Random Bit Generator (HMAC_DRBG)
+ * compliant with NIST SP 800-90A
+ */
+struct ntru_drbg_t {
+
+ /**
+ * Reseed the instantiated DRBG
+ *
+ * @return configured security strength in bits
+ */
+ u_int32_t (*get_strength)(ntru_drbg_t *this);
+
+ /**
+ * Reseed the instantiated DRBG
+ *
+ * @return TRUE if successful
+ */
+ bool (*reseed)(ntru_drbg_t *this);
+
+ /**
+ * Generate pseudorandom bytes.
+ * If the maximum number of requests has been reached, reseeding occurs
+ *
+ * @param strength requested security strength in bits
+ * @param len number of octets to generate
+ * @param out address of output buffer
+ * @return TRUE if successful
+ */
+ bool (*generate)(ntru_drbg_t *this, u_int32_t strength, u_int32_t len,
+ u_int8_t *out);
+
+ /**
+ * Uninstantiate and destroy the DRBG object
+ */
+ void (*destroy)(ntru_drbg_t *this);
+};
+
+/**
+ * Create and instantiate a new DRBG objet.
+ *
+ * @param strength security strength in bits
+ * @param pers_str personalization string
+ * @param entropy entropy source to use
+ */
+ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str,
+ rng_t *entropy);
+
+#endif /** NTRU_DRBG_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c
new file mode 100644
index 000000000..39fb261cd
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c
@@ -0,0 +1,396 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_ke.h"
+#include "ntru_drbg.h"
+
+#include "ntru_crypto/ntru_crypto.h"
+
+#include <crypto/diffie_hellman.h>
+#include <utils/debug.h>
+
+typedef struct private_ntru_ke_t private_ntru_ke_t;
+typedef struct param_set_t param_set_t;
+
+/**
+ * Defines an NTRU parameter set by ID or OID
+ */
+struct param_set_t {
+ NTRU_ENCRYPT_PARAM_SET_ID id;
+ char oid[3];
+ char *name;
+};
+
+/* Best bandwidth and speed, no X9.98 compatibility */
+static param_set_t param_sets_optimum[] = {
+ { NTRU_EES401EP2, {0x00, 0x02, 0x10}, "ees401ep2" },
+ { NTRU_EES439EP1, {0x00, 0x03, 0x10}, "ees439ep1" },
+ { NTRU_EES593EP1, {0x00, 0x05, 0x10}, "ees593ep1" },
+ { NTRU_EES743EP1, {0x00, 0x06, 0x10}, "ees743ep1" }
+};
+
+/* X9.98/IEEE 1363.1 parameter sets for best speed */
+static param_set_t param_sets_x9_98_speed[] = {
+ { NTRU_EES659EP1, {0x00, 0x02, 0x06}, "ees659ep1" },
+ { NTRU_EES761EP1, {0x00, 0x03, 0x05}, "ees761ep1" },
+ { NTRU_EES1087EP1, {0x00, 0x05, 0x05}, "ees1087ep1" },
+ { NTRU_EES1499EP1, {0x00, 0x06, 0x05}, "ees1499ep1" }
+};
+
+/* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */
+static param_set_t param_sets_x9_98_bandwidth[] = {
+ { NTRU_EES401EP1, {0x00, 0x02, 0x04}, "ees401ep1" },
+ { NTRU_EES449EP1, {0x00, 0x03, 0x03}, "ees449ep1" },
+ { NTRU_EES677EP1, {0x00, 0x05, 0x03}, "ees677ep1" },
+ { NTRU_EES1087EP2, {0x00, 0x06, 0x03}, "ees1087ep2" }
+};
+
+/* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */
+static param_set_t param_sets_x9_98_balance[] = {
+ { NTRU_EES541EP1, {0x00, 0x02, 0x05}, "ees541ep1" },
+ { NTRU_EES613EP1, {0x00, 0x03, 0x04}, "ees613ep1" },
+ { NTRU_EES887EP1, {0x00, 0x05, 0x04}, "ees887ep1" },
+ { NTRU_EES1171EP1, {0x00, 0x06, 0x04}, "ees1171ep1" }
+};
+
+/**
+ * Private data of an ntru_ke_t object.
+ */
+struct private_ntru_ke_t {
+ /**
+ * Public ntru_ke_t interface.
+ */
+ ntru_ke_t public;
+
+ /**
+ * Diffie Hellman group number.
+ */
+ u_int16_t group;
+
+ /**
+ * NTRU Parameter Set
+ */
+ param_set_t *param_set;
+
+ /**
+ * Cryptographical strength in bits of the NTRU Parameter Set
+ */
+ u_int32_t strength;
+
+ /**
+ * NTRU Public Key
+ */
+ chunk_t pub_key;
+
+ /**
+ * NTRU Private Key
+ */
+ chunk_t priv_key;
+
+ /**
+ * NTRU encrypted shared secret
+ */
+ chunk_t ciphertext;
+
+ /**
+ * Shared secret
+ */
+ chunk_t shared_secret;
+
+ /**
+ * True if peer is responder
+ */
+ bool responder;
+
+ /**
+ * True if shared secret is computed
+ */
+ bool computed;
+
+ /**
+ * True Random Generator
+ */
+ rng_t *entropy;
+
+ /**
+ * Deterministic Random Bit Generator
+ */
+ ntru_drbg_t *drbg;
+};
+
+METHOD(diffie_hellman_t, get_my_public_value, void,
+ private_ntru_ke_t *this, chunk_t *value)
+{
+ uint16_t pub_key_len, priv_key_len;
+
+ *value = chunk_empty;
+
+ if (this->responder)
+ {
+ if (this->ciphertext.len)
+ {
+ *value = chunk_clone(this->ciphertext);
+ }
+ }
+ else
+ {
+ if (this->pub_key.len == 0)
+ {
+ /* determine the NTRU public and private key sizes */
+ if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id,
+ &pub_key_len, NULL,
+ &priv_key_len, NULL) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "error determining NTRU public and private key "
+ "sizes");
+ return;
+ }
+ this->pub_key = chunk_alloc(pub_key_len);
+ this->priv_key = chunk_alloc(priv_key_len);
+
+ /* generate a random NTRU public/private key pair */
+ if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id,
+ &pub_key_len, this->pub_key.ptr,
+ &priv_key_len, this->priv_key.ptr) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "NTRU keypair generation failed");
+ chunk_free(&this->priv_key);
+ chunk_free(&this->pub_key);
+ return;
+ }
+ DBG3(DBG_LIB, "NTRU public key: %B", &this->pub_key);
+ DBG4(DBG_LIB, "NTRU private key: %B", &this->priv_key);
+ }
+ *value = chunk_clone(this->pub_key);
+ }
+}
+
+METHOD(diffie_hellman_t, get_shared_secret, status_t,
+ private_ntru_ke_t *this, chunk_t *secret)
+{
+ if (!this->computed || !this->shared_secret.len)
+ {
+ *secret = chunk_empty;
+ return FAILED;
+ }
+ *secret = chunk_clone(this->shared_secret);
+
+ return SUCCESS;
+}
+
+
+METHOD(diffie_hellman_t, set_other_public_value, void,
+ private_ntru_ke_t *this, chunk_t value)
+{
+ u_int16_t plaintext_len, ciphertext_len;
+
+ if (this->priv_key.len)
+ {
+ /* initiator decrypting shared secret */
+ if (value.len == 0)
+ {
+ DBG1(DBG_LIB, "empty NTRU ciphertext");
+ return;
+ }
+ this->ciphertext = chunk_clone(value);
+ DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext);
+
+ /* determine the size of the maximum plaintext */
+ if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr,
+ this->ciphertext.len, this->ciphertext.ptr,
+ &plaintext_len, NULL) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "error determining maximum plaintext size");
+ return;
+ }
+ this->shared_secret = chunk_alloc(plaintext_len);
+
+ /* decrypt the shared secret */
+ if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr,
+ this->ciphertext.len, this->ciphertext.ptr,
+ &plaintext_len, this->shared_secret.ptr) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "NTRU decryption of shared secret failed");
+ chunk_free(&this->shared_secret);
+ return;
+ }
+ this->shared_secret.len = plaintext_len;
+ this->computed = TRUE;
+ }
+ else
+ {
+ /* responder generating and encrypting the shared secret */
+ this->responder = TRUE;
+
+ /* check the NTRU public key format */
+ if (value.len < 5 || value.ptr[0] != 1 || value.ptr[1] != 3)
+ {
+ DBG1(DBG_LIB, "received NTRU public key with invalid header");
+ return;
+ }
+ if (!memeq(value.ptr + 2, this->param_set->oid, 3))
+ {
+ DBG1(DBG_LIB, "received NTRU public key with wrong OID");
+ return;
+ }
+ this->pub_key = chunk_clone(value);
+
+ /* shared secret size is chosen as twice the cryptographical strength */
+ this->shared_secret = chunk_alloc(2 * this->strength / BITS_PER_BYTE);
+
+ /* generate the random shared secret */
+ if (!this->drbg->generate(this->drbg, this->strength,
+ this->shared_secret.len, this->shared_secret.ptr))
+ {
+ DBG1(DBG_LIB, "generation of shared secret failed");
+ chunk_free(&this->shared_secret);
+ return;
+ }
+ this->computed = TRUE;
+
+ /* determine the size of the ciphertext */
+ if (ntru_crypto_ntru_encrypt(this->drbg,
+ this->pub_key.len, this->pub_key.ptr,
+ this->shared_secret.len, this->shared_secret.ptr,
+ &ciphertext_len, NULL) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "error determining ciphertext size");
+ return;
+ }
+ this->ciphertext = chunk_alloc(ciphertext_len);
+
+ /* encrypt the shared secret */
+ if (ntru_crypto_ntru_encrypt(this->drbg,
+ this->pub_key.len, this->pub_key.ptr,
+ this->shared_secret.len, this->shared_secret.ptr,
+ &ciphertext_len, this->ciphertext.ptr) != NTRU_OK)
+ {
+ DBG1(DBG_LIB, "NTRU encryption of shared secret failed");
+ chunk_free(&this->ciphertext);
+ return;
+ }
+ DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext);
+ }
+}
+
+METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
+ private_ntru_ke_t *this)
+{
+ return this->group;
+}
+
+METHOD(diffie_hellman_t, destroy, void,
+ private_ntru_ke_t *this)
+{
+ this->drbg->destroy(this->drbg);
+ this->entropy->destroy(this->entropy);
+ chunk_free(&this->pub_key);
+ chunk_free(&this->ciphertext);
+ chunk_clear(&this->priv_key);
+ chunk_clear(&this->shared_secret);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p)
+{
+ private_ntru_ke_t *this;
+ param_set_t *param_sets, *param_set;
+ rng_t *entropy;
+ ntru_drbg_t *drbg;
+ char *parameter_set;
+ u_int32_t strength;
+
+ parameter_set = lib->settings->get_str(lib->settings,
+ "%s.plugins.ntru.parameter_set", "optimum", lib->ns);
+
+ if (streq(parameter_set, "x9_98_speed"))
+ {
+ param_sets = param_sets_x9_98_speed;
+ }
+ else if (streq(parameter_set, "x9_98_bandwidth"))
+ {
+ param_sets = param_sets_x9_98_bandwidth;
+ }
+ else if (streq(parameter_set, "x9_98_balance"))
+ {
+ param_sets = param_sets_x9_98_balance;
+ }
+ else
+ {
+ param_sets = param_sets_optimum;
+ }
+
+ switch (group)
+ {
+ case NTRU_112_BIT:
+ strength = 112;
+ param_set = &param_sets[0];
+ break;
+ case NTRU_128_BIT:
+ strength = 128;
+ param_set = &param_sets[1];
+ break;
+ case NTRU_192_BIT:
+ strength = 192;
+ param_set = &param_sets[2];
+ break;
+ case NTRU_256_BIT:
+ strength = 256;
+ param_set = &param_sets[3];
+ break;
+ default:
+ return NULL;
+ }
+ DBG1(DBG_LIB, "%u bit %s NTRU parameter set %s selected", strength,
+ parameter_set, param_set->name);
+
+ entropy = lib->crypto->create_rng(lib->crypto, RNG_TRUE);
+ if (!entropy)
+ {
+ DBG1(DBG_LIB, "could not attach entropy source for DRBG");
+ return NULL;
+ }
+
+ drbg = ntru_drbg_create(strength, chunk_from_str("IKE NTRU-KE"), entropy);
+ if (!drbg)
+ {
+ DBG1(DBG_LIB, "could not instantiate DRBG at %u bit security", strength);
+ entropy->destroy(entropy);
+ return NULL;
+ }
+
+ INIT(this,
+ .public = {
+ .dh = {
+ .get_shared_secret = _get_shared_secret,
+ .set_other_public_value = _set_other_public_value,
+ .get_my_public_value = _get_my_public_value,
+ .get_dh_group = _get_dh_group,
+ .destroy = _destroy,
+ },
+ },
+ .group = group,
+ .param_set = param_set,
+ .strength = strength,
+ .entropy = entropy,
+ .drbg = drbg,
+ );
+
+ return &this->public;
+}
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.h b/src/libstrongswan/plugins/ntru/ntru_ke.h
new file mode 100644
index 000000000..b8bbf5e54
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_ke.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_ke ntru_ke
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_KE_H_
+#define NTRU_KE_H_
+
+typedef struct ntru_ke_t ntru_ke_t;
+
+#include <library.h>
+
+/**
+ * Implementation of a key exchange algorithm using NTRU encryption
+ */
+struct ntru_ke_t {
+
+ /**
+ * Implements diffie_hellman_t interface.
+ */
+ diffie_hellman_t dh;
+};
+
+/**
+ * Creates a new ntru_ke_t object.
+ *
+ * @param group NTRU group number to use
+ * @param g not used
+ * @param p not used
+ * @return ntru_ke_t object, NULL if not supported
+ */
+ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p);
+
+#endif /** NTRU_KE_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_mgf1.c b/src/libstrongswan/plugins/ntru/ntru_mgf1.c
new file mode 100644
index 000000000..2338db208
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_mgf1.c
@@ -0,0 +1,182 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_mgf1.h"
+
+#include <crypto/hashers/hasher.h>
+#include <utils/debug.h>
+#include <utils/test.h>
+
+typedef struct private_ntru_mgf1_t private_ntru_mgf1_t;
+
+/**
+ * Private data of an ntru_mgf1_t object.
+ */
+struct private_ntru_mgf1_t {
+
+ /**
+ * Public ntru_mgf1_t interface.
+ */
+ ntru_mgf1_t public;
+
+ /**
+ * Hasher the MGF1 Mask Generation Function is based on
+ */
+ hasher_t *hasher;
+
+ /**
+ * Counter
+ */
+ u_int32_t counter;
+
+ /**
+ * Set if counter has reached 2^32
+ */
+ bool overflow;
+
+ /**
+ * Current state to be hashed
+ */
+ chunk_t state;
+
+ /**
+ * Position of the 4 octet counter string
+ */
+ u_char *ctr_str;
+
+};
+
+METHOD(ntru_mgf1_t, get_hash_size, size_t,
+ private_ntru_mgf1_t *this)
+{
+ return this->hasher->get_hash_size(this->hasher);
+}
+
+METHOD(ntru_mgf1_t, get_mask, bool,
+ private_ntru_mgf1_t *this, size_t mask_len, u_char *mask)
+{
+ u_char buf[HASH_SIZE_SHA512];
+ size_t hash_len;
+
+ hash_len = this->hasher->get_hash_size(this->hasher);
+
+ while (mask_len > 0)
+ {
+ /* detect overflow, set counter string and increment counter */
+ if (this->overflow)
+ {
+ return FALSE;
+ }
+ htoun32(this->ctr_str, this->counter++);
+ if (this->counter == 0)
+ {
+ this->overflow = TRUE;
+ }
+
+ /* get the next or final mask block from the hash function */
+ if (!this->hasher->get_hash(this->hasher, this->state,
+ (mask_len < hash_len) ? buf : mask))
+ {
+ return FALSE;
+ }
+ if (mask_len < hash_len)
+ {
+ memcpy(mask, buf, mask_len);
+ return TRUE;
+ }
+ mask_len -= hash_len;
+ mask += hash_len;
+ }
+ return TRUE;
+}
+
+METHOD(ntru_mgf1_t, allocate_mask, bool,
+ private_ntru_mgf1_t *this, size_t mask_len, chunk_t *mask)
+{
+ if (mask_len == 0)
+ {
+ *mask = chunk_empty;
+ return TRUE;
+ }
+ *mask = chunk_alloc(mask_len);
+
+ return get_mask(this, mask_len, mask->ptr);
+}
+
+METHOD(ntru_mgf1_t, destroy, void,
+ private_ntru_mgf1_t *this)
+{
+ this->hasher->destroy(this->hasher);
+ chunk_clear(&this->state);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+ntru_mgf1_t *ntru_mgf1_create(hash_algorithm_t alg, chunk_t seed,
+ bool hash_seed)
+{
+ private_ntru_mgf1_t *this;
+ hasher_t *hasher;
+ size_t state_len;
+
+ if (seed.len == 0)
+ {
+ DBG1(DBG_LIB, "empty seed for MGF1");
+ return NULL;
+ }
+
+ hasher = lib->crypto->create_hasher(lib->crypto, alg);
+ if (!hasher)
+ {
+ DBG1(DBG_LIB, "failed to create %N hasher for MGF1",
+ hash_algorithm_names, alg);
+ return NULL;
+ }
+ state_len = (hash_seed ? hasher->get_hash_size(hasher) : seed.len) + 4;
+
+ INIT(this,
+ .public = {
+ .get_hash_size = _get_hash_size,
+ .allocate_mask = _allocate_mask,
+ .get_mask = _get_mask,
+ .destroy = _destroy,
+ },
+ .hasher = hasher,
+ .state = chunk_alloc(state_len),
+ );
+
+ /* determine position of the 4 octet counter string */
+ this->ctr_str = this->state.ptr + state_len - 4;
+
+ if (hash_seed)
+ {
+ if (!hasher->get_hash(hasher, seed, this->state.ptr))
+ {
+ DBG1(DBG_LIB, "failed to hash seed for MGF1");
+ destroy(this);
+ return NULL;
+ }
+ }
+ else
+ {
+ memcpy(this->state.ptr, seed.ptr, seed.len);
+ }
+
+ return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_mgf1_create);
diff --git a/src/libstrongswan/plugins/ntru/ntru_mgf1.h b/src/libstrongswan/plugins/ntru/ntru_mgf1.h
new file mode 100644
index 000000000..53e90412a
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_mgf1.h
@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_mgf1 ntru_mgf1
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_MGF1_H_
+#define NTRU_MGF1_H_
+
+typedef struct ntru_mgf1_t ntru_mgf1_t;
+
+#include <library.h>
+
+/**
+ * Implements the PKCS#1 MGF1 Mask Generation Function based on a hash function
+ * defined in section 10.2.1 of RFC 2437
+ */
+struct ntru_mgf1_t {
+
+ /**
+ * Get the hash size of the underlying hash function
+ *
+ * @return hash size in bytes
+ */
+ size_t (*get_hash_size)(ntru_mgf1_t *this);
+
+ /**
+ * Generate a mask pattern and copy it to an output buffer
+ * If the maximum number of requests has been reached, reseeding occurs
+ *
+ * @param mask_len number of mask bytes to generate
+ * @param mask output buffer of minimum size mask_len
+ * @return TRUE if successful
+ */
+ bool (*get_mask)(ntru_mgf1_t *this, size_t mask_len, u_char *mask);
+
+ /**
+ * Generate a mask pattern and return it in an allocated chunk
+ *
+ * @param mask_len number of mask bytes to generate
+ * @param mask chunk containing generated mask
+ * @return TRUE if successful
+ */
+ bool (*allocate_mask)(ntru_mgf1_t *this, size_t mask_len, chunk_t *mask);
+
+ /**
+ * Destroy the MGF1 object
+ */
+ void (*destroy)(ntru_mgf1_t *this);
+};
+
+/**
+ * Create an MGF1 object
+ *
+ * @param alg hash algorithm to be used by MGF1
+ * @param seed seed used by MGF1 to generate mask from
+ * @param hash_seed hash seed before using it as a seed from MGF1
+ */
+ntru_mgf1_t *ntru_mgf1_create(hash_algorithm_t alg, chunk_t seed,
+ bool hash_seed);
+
+#endif /** NTRU_MGF1_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_plugin.c b/src/libstrongswan/plugins/ntru/ntru_plugin.c
new file mode 100644
index 000000000..66be7c75b
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_plugin.c
@@ -0,0 +1,83 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_plugin.h"
+#include "ntru_ke.h"
+
+#include <library.h>
+
+typedef struct private_ntru_plugin_t private_ntru_plugin_t;
+
+/**
+ * private data of ntru_plugin
+ */
+struct private_ntru_plugin_t {
+
+ /**
+ * public functions
+ */
+ ntru_plugin_t public;
+};
+
+METHOD(plugin_t, get_name, char*,
+ private_ntru_plugin_t *this)
+{
+ return "ntru";
+}
+
+METHOD(plugin_t, get_features, int,
+ private_ntru_plugin_t *this, plugin_feature_t *features[])
+{
+ static plugin_feature_t f[] = {
+ PLUGIN_REGISTER(DH, ntru_ke_create),
+ PLUGIN_PROVIDE(DH, NTRU_112_BIT),
+ PLUGIN_PROVIDE(DH, NTRU_128_BIT),
+ PLUGIN_PROVIDE(DH, NTRU_192_BIT),
+ PLUGIN_PROVIDE(DH, NTRU_256_BIT),
+ PLUGIN_DEPENDS(RNG, RNG_TRUE),
+ PLUGIN_DEPENDS(SIGNER, AUTH_HMAC_SHA2_256_256),
+ PLUGIN_DEPENDS(HASHER, HASH_SHA256),
+ PLUGIN_SDEPEND(HASHER, HASH_SHA1)
+ };
+ *features = f;
+
+ return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+ private_ntru_plugin_t *this)
+{
+ free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *ntru_plugin_create()
+{
+ private_ntru_plugin_t *this;
+
+ INIT(this,
+ .public = {
+ .plugin = {
+ .get_name = _get_name,
+ .get_features = _get_features,
+ .destroy = _destroy,
+ },
+ },
+ );
+
+ return &this->public.plugin;
+}
diff --git a/src/libstrongswan/plugins/ntru/ntru_plugin.h b/src/libstrongswan/plugins/ntru/ntru_plugin.h
new file mode 100644
index 000000000..187b83445
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_p ntru
+ * @ingroup plugins
+ *
+ * @defgroup ntru_plugin ntru_plugin
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_PLUGIN_H_
+#define NTRU_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct ntru_plugin_t ntru_plugin_t;
+
+/**
+ * Plugin implementing NTRU-base key exchange
+ */
+struct ntru_plugin_t {
+
+ /**
+ * implements plugin interface
+ */
+ plugin_t plugin;
+};
+
+#endif /** NTRU_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/ntru/ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_poly.c
new file mode 100644
index 000000000..3f754f2a0
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_poly.c
@@ -0,0 +1,416 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Copyright (C) 2009-2013 Security Innovation
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_poly.h"
+#include "ntru_mgf1.h"
+
+#include <utils/debug.h>
+#include <utils/test.h>
+
+typedef struct private_ntru_poly_t private_ntru_poly_t;
+typedef struct indices_len_t indices_len_t;
+
+/**
+ * Stores number of +1 and -1 coefficients
+ */
+struct indices_len_t {
+ int p;
+ int m;
+};
+
+/**
+ * Private data of an ntru_poly_t object.
+ */
+struct private_ntru_poly_t {
+
+ /**
+ * Public ntru_poly_t interface.
+ */
+ ntru_poly_t public;
+
+ /**
+ * Ring dimension equal to the number of polynomial coefficients
+ */
+ uint16_t N;
+
+ /**
+ * Large modulus
+ */
+ uint16_t q;
+
+ /**
+ * Array containing the indices of the non-zero coefficients
+ */
+ uint16_t *indices;
+
+ /**
+ * Number of indices of the non-zero coefficients
+ */
+ size_t num_indices;
+
+ /**
+ * Number of sparse polynomials
+ */
+ int num_polynomials;
+
+ /**
+ * Number of nonzero coefficients for up to 3 sparse polynomials
+ */
+ indices_len_t indices_len[3];
+
+};
+
+METHOD(ntru_poly_t, get_size, size_t,
+ private_ntru_poly_t *this)
+{
+ return this->num_indices;
+}
+
+METHOD(ntru_poly_t, get_indices, uint16_t*,
+ private_ntru_poly_t *this)
+{
+ return this->indices;
+}
+
+/**
+ * Multiplication of polynomial a with a sparse polynomial b given by
+ * the indices of its +1 and -1 coefficients results in polynomial c.
+ * This is a convolution operation
+ */
+static void ring_mult_i(uint16_t *a, indices_len_t len, uint16_t *indices,
+ uint16_t N, uint16_t mod_q_mask, uint16_t *t,
+ uint16_t *c)
+{
+ int i, j, k;
+
+ /* initialize temporary array t */
+ for (k = 0; k < N; k++)
+ {
+ t[k] = 0;
+ }
+
+ /* t[(i+k)%N] = sum i=0 through N-1 of a[i], for b[k] = -1 */
+ for (j = len.p; j < len.p + len.m; j++)
+ {
+ k = indices[j];
+ for (i = 0; k < N; ++i, ++k)
+ {
+ t[k] += a[i];
+ }
+ for (k = 0; i < N; ++i, ++k)
+ {
+ t[k] += a[i];
+ }
+ }
+
+ /* t[(i+k)%N] = -(sum i=0 through N-1 of a[i] for b[k] = -1) */
+ for (k = 0; k < N; k++)
+ {
+ t[k] = -t[k];
+ }
+
+ /* t[(i+k)%N] += sum i=0 through N-1 of a[i] for b[k] = +1 */
+ for (j = 0; j < len.p; j++)
+ {
+ k = indices[j];
+ for (i = 0; k < N; ++i, ++k)
+ {
+ t[k] += a[i];
+ }
+ for (k = 0; i < N; ++i, ++k)
+ {
+ t[k] += a[i];
+ }
+ }
+
+ /* c = (a * b) mod q */
+ for (k = 0; k < N; k++)
+ {
+ c[k] = t[k] & mod_q_mask;
+ }
+}
+
+METHOD(ntru_poly_t, get_array, void,
+ private_ntru_poly_t *this, uint16_t *array)
+{
+ uint16_t *t, *bi;
+ uint16_t mod_q_mask = this->q - 1;
+ indices_len_t len;
+ int i;
+
+ /* form polynomial F or F1 */
+ memset(array, 0x00, this->N * sizeof(uint16_t));
+ bi = this->indices;
+ len = this->indices_len[0];
+ for (i = 0; i < len.p + len.m; i++)
+ {
+ array[bi[i]] = (i < len.p) ? 1 : mod_q_mask;
+ }
+
+ if (this->num_polynomials == 3)
+ {
+ /* allocate temporary array t */
+ t = malloc(this->N * sizeof(uint16_t));
+
+ /* form F1 * F2 */
+ bi += len.p + len.m;
+ len = this->indices_len[1];
+ ring_mult_i(array, len, bi, this->N, mod_q_mask, t, array);
+
+ /* form (F1 * F2) + F3 */
+ bi += len.p + len.m;
+ len = this->indices_len[2];
+ for (i = 0; i < len.p + len.m; i++)
+ {
+ if (i < len.p)
+ {
+ array[bi[i]] += 1;
+ }
+ else
+ {
+ array[bi[i]] -= 1;
+ }
+ array[bi[i]] &= mod_q_mask;
+ }
+ free(t);
+ }
+}
+
+METHOD(ntru_poly_t, ring_mult, void,
+ private_ntru_poly_t *this, uint16_t *a, uint16_t *c)
+{
+ uint16_t *t1, *t2;
+ uint16_t *bi = this->indices;
+ uint16_t mod_q_mask = this->q - 1;
+ int i;
+
+ /* allocate temporary array t1 */
+ t1 = malloc(this->N * sizeof(uint16_t));
+
+ if (this->num_polynomials == 1)
+ {
+ ring_mult_i(a, this->indices_len[0], bi, this->N, mod_q_mask, t1, c);
+ }
+ else
+ {
+ /* allocate temporary array t2 */
+ t2 = malloc(this->N * sizeof(uint16_t));
+
+ /* t1 = a * b1 */
+ ring_mult_i(a, this->indices_len[0], bi, this->N, mod_q_mask, t1, t1);
+
+ /* t1 = (a * b1) * b2 */
+ bi += this->indices_len[0].p + this->indices_len[0].m;
+ ring_mult_i(t1, this->indices_len[1], bi, this->N, mod_q_mask, t2, t1);
+
+ /* t2 = a * b3 */
+ bi += this->indices_len[1].p + this->indices_len[1].m;
+ ring_mult_i(a, this->indices_len[2], bi, this->N, mod_q_mask, t2, t2);
+
+ /* c = (a * b1 * b2) + (a * b3) */
+ for (i = 0; i < this->N; i++)
+ {
+ c[i] = (t1[i] + t2[i]) & mod_q_mask;
+ }
+ free(t2);
+ }
+ free(t1);
+}
+
+METHOD(ntru_poly_t, destroy, void,
+ private_ntru_poly_t *this)
+{
+ memwipe(this->indices, sizeof(uint16_t) * get_size(this));
+ free(this->indices);
+ free(this);
+}
+
+static void init_indices(private_ntru_poly_t *this, bool is_product_form,
+ uint32_t indices_len_p, uint32_t indices_len_m)
+{
+ int n;
+
+ if (is_product_form)
+ {
+ this->num_polynomials = 3;
+ for (n = 0; n < 3; n++)
+ {
+ this->indices_len[n].p = 0xff & indices_len_p;
+ this->indices_len[n].m = 0xff & indices_len_m;
+ this->num_indices += this->indices_len[n].p +
+ this->indices_len[n].m;
+ indices_len_p >>= 8;
+ indices_len_m >>= 8;
+ }
+ }
+ else
+ {
+ this->num_polynomials = 1;
+ this->indices_len[0].p = indices_len_p;
+ this->indices_len[0].m = indices_len_m;
+ this->num_indices = indices_len_p + indices_len_m;
+ }
+ this->indices = malloc(sizeof(uint16_t) * this->num_indices);
+}
+
+/*
+ * Described in header.
+ */
+ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed,
+ uint8_t c_bits, uint16_t N, uint16_t q,
+ uint32_t indices_len_p,
+ uint32_t indices_len_m,
+ bool is_product_form)
+{
+ private_ntru_poly_t *this;
+ size_t hash_len, octet_count = 0, i;
+ uint8_t octets[HASH_SIZE_SHA512], *used, num_left = 0, num_needed;
+ uint16_t index, limit, left = 0;
+ int n, num_indices, index_i = 0;
+ ntru_mgf1_t *mgf1;
+
+ DBG2(DBG_LIB, "MGF1 is seeded with %u bytes", seed.len);
+ mgf1 = ntru_mgf1_create(alg, seed, TRUE);
+ if (!mgf1)
+ {
+ return NULL;
+ }
+ i = hash_len = mgf1->get_hash_size(mgf1);
+
+ INIT(this,
+ .public = {
+ .get_size = _get_size,
+ .get_indices = _get_indices,
+ .get_array = _get_array,
+ .ring_mult = _ring_mult,
+ .destroy = _destroy,
+ },
+ .N = N,
+ .q = q,
+ );
+
+ init_indices(this, is_product_form, indices_len_p, indices_len_m);
+ used = malloc(N);
+ limit = N * ((1 << c_bits) / N);
+
+ /* generate indices for all polynomials */
+ for (n = 0; n < this->num_polynomials; n++)
+ {
+ memset(used, 0, N);
+ num_indices = this->indices_len[n].p + this->indices_len[n].m;
+
+ /* generate indices for a single polynomial */
+ while (num_indices)
+ {
+ /* generate a random candidate index with a size of c_bits */
+ do
+ {
+ /* use any leftover bits first */
+ index = num_left ? left << (c_bits - num_left) : 0;
+
+ /* get the rest of the bits needed from new octets */
+ num_needed = c_bits - num_left;
+
+ while (num_needed)
+ {
+ if (i == hash_len)
+ {
+ /* get another block from MGF1 */
+ if (!mgf1->get_mask(mgf1, hash_len, octets))
+ {
+ mgf1->destroy(mgf1);
+ destroy(this);
+ free(used);
+ return NULL;
+ }
+ octet_count += hash_len;
+ i = 0;
+ }
+ left = octets[i++];
+
+ if (num_needed <= 8)
+ {
+ /* all bits needed to fill the index are in this octet */
+ index |= left >> (8 - num_needed);
+ num_left = 8 - num_needed;
+ num_needed = 0;
+ left &= 0xff >> (8 - num_left);
+ }
+ else
+ {
+ /* more than one octet will be needed */
+ index |= left << (num_needed - 8);
+ num_needed -= 8;
+ }
+ }
+ }
+ while (index >= limit);
+
+ /* form index and check if unique */
+ index %= N;
+ if (!used[index])
+ {
+ used[index] = 1;
+ this->indices[index_i++] = index;
+ num_indices--;
+ }
+ }
+ }
+
+ DBG2(DBG_LIB, "MGF1 generates %u octets to derive %u indices",
+ octet_count, this->num_indices);
+ mgf1->destroy(mgf1);
+ free(used);
+
+ return &this->public;
+}
+
+/*
+ * Described in header.
+ */
+ntru_poly_t *ntru_poly_create_from_data(uint16_t *data, uint16_t N, uint16_t q,
+ uint32_t indices_len_p,
+ uint32_t indices_len_m,
+ bool is_product_form)
+{
+ private_ntru_poly_t *this;
+ int i;
+
+ INIT(this,
+ .public = {
+ .get_size = _get_size,
+ .get_indices = _get_indices,
+ .get_array = _get_array,
+ .ring_mult = _ring_mult,
+ .destroy = _destroy,
+ },
+ .N = N,
+ .q = q,
+ );
+
+ init_indices(this, is_product_form, indices_len_p, indices_len_m);
+ for (i = 0; i < this->num_indices; i++)
+ {
+ this->indices[i] = data[i];
+ }
+
+ return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_seed);
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data);
diff --git a/src/libstrongswan/plugins/ntru/ntru_poly.h b/src/libstrongswan/plugins/ntru/ntru_poly.h
new file mode 100644
index 000000000..87c77103c
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_poly.h
@@ -0,0 +1,99 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_poly ntru_poly
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_POLY_H_
+#define NTRU_POLY_H_
+
+typedef struct ntru_poly_t ntru_poly_t;
+
+#include <library.h>
+
+/**
+ * Implements a trinary polynomial storing the indices of non-zero coefficients
+ */
+struct ntru_poly_t {
+
+ /**
+ * Get the size of the indices array
+ *
+ * @return number of indices
+ */
+ size_t (*get_size)(ntru_poly_t *this);
+
+ /**
+ * @return array containing the indices of the non-zero coefficients
+ */
+ uint16_t* (*get_indices)(ntru_poly_t *this);
+
+ /**
+ * @param array array containing all N coefficients of the polynomial
+ */
+ void (*get_array)(ntru_poly_t *this, uint16_t *array);
+
+ /**
+ * Multiply polynomial a with ntru_poly_t object b having sparse coeffients
+ * to form result polynomial c = a * b
+ *
+ * @param a input polynomial a
+ * @param b output polynomial c
+ */
+ void (*ring_mult)(ntru_poly_t *this, uint16_t *a, uint16_t *c);
+
+ /**
+ * Destroy ntru_poly_t object
+ */
+ void (*destroy)(ntru_poly_t *this);
+};
+
+/**
+ * Create a trits polynomial from a seed using MGF1 with a base hash function
+ *
+ * @param alg hash algorithm to be used by MGF1
+ * @param seed seed used by MGF1 to generate trits from
+ * @param N ring dimension, number of polynomial coefficients
+ * @param q large modulus
+ * @param c_bits number of bits for candidate index
+ * @param indices_len_p number of indices for +1 coefficients
+ * @param indices_len_m number of indices for -1 coefficients
+ * @param is_product_form generate multiple polynomials
+ */
+ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed,
+ uint8_t c_bits, uint16_t N, uint16_t q,
+ uint32_t indices_len_p,
+ uint32_t indices_len_m,
+ bool is_product_form);
+
+/**
+ * Create a trits polynomial from an array of indices of non-zero coefficients
+ *
+ * @param data array of indices of non-zero coefficients
+ * @param N ring dimension, number of polynomial coefficients
+ * @param q large modulus
+ * @param indices_len_p number of indices for +1 coefficients
+ * @param indices_len_m number of indices for -1 coefficients
+ * @param is_product_form generate multiple polynomials
+ */
+ntru_poly_t *ntru_poly_create_from_data(uint16_t *data, uint16_t N, uint16_t q,
+ uint32_t indices_len_p,
+ uint32_t indices_len_m,
+ bool is_product_form);
+
+#endif /** NTRU_POLY_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/ntru/ntru_trits.c b/src/libstrongswan/plugins/ntru/ntru_trits.c
new file mode 100644
index 000000000..f82501629
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_trits.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "ntru_trits.h"
+#include "ntru_mgf1.h"
+
+#include "ntru_crypto/ntru_crypto_ntru_convert.h"
+
+#include <utils/debug.h>
+#include <utils/test.h>
+
+typedef struct private_ntru_trits_t private_ntru_trits_t;
+
+/**
+ * Private data of an ntru_trits_t object.
+ */
+struct private_ntru_trits_t {
+
+ /**
+ * Public ntru_trits_t interface.
+ */
+ ntru_trits_t public;
+
+ /**
+ * Size of the trits array
+ */
+ size_t trits_len;
+
+ /**
+ * Array containing a trit per octet
+ */
+ uint8_t *trits;
+
+};
+
+METHOD(ntru_trits_t, get_size, size_t,
+ private_ntru_trits_t *this)
+{
+ return this->trits_len;
+}
+
+METHOD(ntru_trits_t, get_trits, uint8_t*,
+ private_ntru_trits_t *this)
+{
+ return this->trits;
+}
+
+METHOD(ntru_trits_t, destroy, void,
+ private_ntru_trits_t *this)
+{
+ memwipe(this->trits, this->trits_len);
+ free(this->trits);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+ntru_trits_t *ntru_trits_create(size_t len, hash_algorithm_t alg, chunk_t seed)
+{
+ private_ntru_trits_t *this;
+ uint8_t octets[HASH_SIZE_SHA512], buf[5], *trits;
+ size_t hash_len, octet_count = 0, trits_needed, i;
+ ntru_mgf1_t *mgf1;
+
+ DBG2(DBG_LIB, "MGF1 is seeded with %u bytes", seed.len);
+ mgf1 = ntru_mgf1_create(alg, seed, TRUE);
+ if (!mgf1)
+ {
+ return NULL;
+ }
+ i = hash_len = mgf1->get_hash_size(mgf1);
+
+ INIT(this,
+ .public = {
+ .get_size = _get_size,
+ .get_trits = _get_trits,
+ .destroy = _destroy,
+ },
+ .trits_len = len,
+ .trits = malloc(len),
+ );
+
+ trits = this->trits;
+ trits_needed = this->trits_len;
+
+ while (trits_needed > 0)
+ {
+ if (i == hash_len)
+ {
+ /* get another block from MGF1 */
+ if (!mgf1->get_mask(mgf1, hash_len, octets))
+ {
+ mgf1->destroy(mgf1);
+ destroy(this);
+ return NULL;
+ }
+ octet_count += hash_len;
+ i = 0;
+ }
+ if (octets[i] < 243) /* 243 = 3^5 */
+ {
+ ntru_octet_2_trits(octets[i], (trits_needed < 5) ? buf : trits);
+ if (trits_needed < 5)
+ {
+ memcpy(trits, buf, trits_needed);
+ break;
+ }
+ trits += 5;
+ trits_needed -= 5;
+ }
+ i++;
+ }
+ DBG2(DBG_LIB, "MGF1 generates %u octets to extract %u trits",
+ octet_count, len);
+ mgf1->destroy(mgf1);
+
+ return &this->public;
+}
+
+EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_trits_create);
diff --git a/src/libstrongswan/plugins/ntru/ntru_trits.h b/src/libstrongswan/plugins/ntru/ntru_trits.h
new file mode 100644
index 000000000..524c51bac
--- /dev/null
+++ b/src/libstrongswan/plugins/ntru/ntru_trits.h
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup ntru_trits ntru_trits
+ * @{ @ingroup ntru_p
+ */
+
+#ifndef NTRU_TRITS_H_
+#define NTRU_TRITS_H_
+
+typedef struct ntru_trits_t ntru_trits_t;
+
+#include <library.h>
+
+/**
+ * Implements an array of trinary elements (trits)
+ */
+struct ntru_trits_t {
+
+ /**
+ * Get the size of the trits array
+ *
+ * @return number of trinary elements
+ */
+ size_t (*get_size)(ntru_trits_t *this);
+
+ /**
+ * @return octet array containing a trit per octet
+ */
+ uint8_t* (*get_trits)(ntru_trits_t *this);
+
+ /**
+ * Destroy ntru_trits_t object
+ */
+ void (*destroy)(ntru_trits_t *this);
+};
+
+/**
+ * Create a trits array from a seed using MGF1 with a base hash function
+ *
+ * @param size size of the trits array
+ * @param alg hash algorithm to be used by MGF1
+ * @param seed seed used by MGF1 to generate trits from
+ */
+ntru_trits_t *ntru_trits_create(size_t size, hash_algorithm_t alg, chunk_t seed);
+
+#endif /** NTRU_TRITS_H_ @}*/
+
diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in
index 53ff2eb4c..f0735294b 100644
--- a/src/libstrongswan/plugins/openssl/Makefile.in
+++ b/src/libstrongswan/plugins/openssl/Makefile.in
@@ -224,8 +224,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -293,6 +291,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -381,12 +384,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -401,6 +408,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/openssl/openssl_crl.c b/src/libstrongswan/plugins/openssl/openssl_crl.c
index 18aa5ceca..cb02c663c 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crl.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crl.c
@@ -471,7 +471,7 @@ static bool parse_extensions(private_openssl_crl_t *this)
default:
ok = X509_EXTENSION_get_critical(ext) == 0 ||
!lib->settings->get_bool(lib->settings,
- "libstrongswan.x509.enforce_critical", TRUE);
+ "%s.x509.enforce_critical", TRUE, lib->ns);
if (!ok)
{
DBG1(DBG_LIB, "found unsupported critical X.509 "
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index c43fe455a..b487d59a5 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -102,6 +102,11 @@ static bool chunk2ecp(const EC_GROUP *group, chunk_t chunk, EC_POINT *point)
goto error;
}
+ if (!EC_POINT_is_on_curve(group, point, ctx))
+ {
+ goto error;
+ }
+
ret = TRUE;
error:
BN_CTX_end(ctx);
@@ -196,7 +201,7 @@ static bool compute_shared_key(private_openssl_ec_diffie_hellman_t *this,
* http://www.rfc-editor.org/errata_search.php?eid=9
*/
x_coordinate_only = lib->settings->get_bool(lib->settings,
- "libstrongswan.ecp_x_coordinate_only", TRUE);
+ "%s.ecp_x_coordinate_only", TRUE, lib->ns);
if (!ecp2chunk(this->ec_group, secret, shared_secret, x_coordinate_only))
{
goto error;
diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
index ff2508609..f4aef8200 100644
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@@ -522,7 +522,7 @@ plugin_t *openssl_plugin_create()
int fips_mode;
fips_mode = lib->settings->get_int(lib->settings,
- "libstrongswan.plugins.openssl.fips_mode", FIPS_MODE);
+ "%s.plugins.openssl.fips_mode", FIPS_MODE, lib->ns);
#ifdef OPENSSL_FIPS
if (fips_mode)
{
diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 036f53d23..10a35c1fd 100644
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -558,7 +558,7 @@ openssl_rsa_private_key_t *openssl_rsa_private_key_connect(key_type_t type,
if (!engine_id)
{
engine_id = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.openssl.engine_id", "pkcs11");
+ "%s.plugins.openssl.engine_id", "pkcs11", lib->ns);
}
engine = ENGINE_by_id(engine_id);
if (!engine)
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 24b12d50c..7a5b206dd 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -1012,7 +1012,7 @@ static bool parse_extensions(private_openssl_x509_t *this)
default:
ok = X509_EXTENSION_get_critical(ext) == 0 ||
!lib->settings->get_bool(lib->settings,
- "libstrongswan.x509.enforce_critical", TRUE);
+ "%s.x509.enforce_critical", TRUE, lib->ns);
if (!ok)
{
char buf[80] = "";
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in
index 5c3ce2a42..55c0271ce 100644
--- a/src/libstrongswan/plugins/padlock/Makefile.in
+++ b/src/libstrongswan/plugins/padlock/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in
index 060799dc8..22c33b0c8 100644
--- a/src/libstrongswan/plugins/pem/Makefile.in
+++ b/src/libstrongswan/plugins/pem/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c
index 254b1951b..62780c384 100644
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -25,7 +25,6 @@
#include <stddef.h>
#include <fcntl.h>
#include <sys/types.h>
-#include <sys/mman.h>
#include <sys/stat.h>
#include <utils/debug.h>
@@ -418,39 +417,17 @@ static void *load_from_blob(chunk_t blob, credential_type_t type, int subtype,
static void *load_from_file(char *file, credential_type_t type, int subtype,
identification_t *subject, x509_flag_t flags)
{
- void *cred = NULL;
- struct stat sb;
- void *addr;
- int fd;
+ void *cred;
+ chunk_t *chunk;
- fd = open(file, O_RDONLY);
- if (fd == -1)
+ chunk = chunk_map(file, FALSE);
+ if (!chunk)
{
DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
return NULL;
}
-
- if (fstat(fd, &sb) == -1)
- {
- DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file,
- strerror(errno));
- close(fd);
- return NULL;
- }
-
- addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
- if (addr == MAP_FAILED)
- {
- DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno));
- close(fd);
- return NULL;
- }
-
- cred = load_from_blob(chunk_create(addr, sb.st_size), type, subtype,
- subject, flags);
-
- munmap(addr, sb.st_size);
- close(fd);
+ cred = load_from_blob(*chunk, type, subtype, subject, flags);
+ chunk_unmap(chunk);
return cred;
}
diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in
index 05319bb87..e2491f5a4 100644
--- a/src/libstrongswan/plugins/pgp/Makefile.in
+++ b/src/libstrongswan/plugins/pgp/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in
index 2befd0949..d3f3fdf49 100644
--- a/src/libstrongswan/plugins/pkcs1/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs1/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in
index 186d90ac6..c8cec3771 100644
--- a/src/libstrongswan/plugins/pkcs11/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs11/Makefile.in
@@ -220,8 +220,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -289,6 +287,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -377,12 +380,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -397,6 +404,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
index 2e5af95ff..36cc284bf 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
@@ -135,7 +135,7 @@ METHOD(diffie_hellman_t, set_other_public_value, void,
};
if (!lib->settings->get_bool(lib->settings,
- "libstrongswan.ecp_x_coordinate_only", TRUE))
+ "%s.ecp_x_coordinate_only", TRUE, lib->ns))
{ /* we only get the x coordinate back */
return;
}
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
index 8bda5b66f..96c4a180d 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_manager.c
@@ -338,7 +338,7 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
);
enumerator = lib->settings->create_section_enumerator(lib->settings,
- "libstrongswan.plugins.pkcs11.modules");
+ "%s.plugins.pkcs11.modules", lib->ns);
while (enumerator->enumerate(enumerator, &module))
{
INIT(entry,
@@ -346,7 +346,7 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
);
entry->path = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.pkcs11.modules.%s.path", NULL, module);
+ "%s.plugins.pkcs11.modules.%s.path", NULL, lib->ns, module);
if (!entry->path)
{
DBG1(DBG_CFG, "PKCS11 module '%s' lacks library path", module);
@@ -355,8 +355,8 @@ pkcs11_manager_t *pkcs11_manager_create(pkcs11_manager_token_event_t cb,
}
entry->lib = pkcs11_library_create(module, entry->path,
lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.modules.%s.os_locking",
- FALSE, module));
+ "%s.plugins.pkcs11.modules.%s.os_locking",
+ FALSE, lib->ns, module));
if (!entry->lib)
{
free(entry);
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
index 3faa59cae..bd2a2c114 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_plugin.c
@@ -83,8 +83,8 @@ static void token_event_cb(private_pkcs11_plugin_t *this, pkcs11_library_t *p11,
if (add && this->handle_events)
{
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.modules.%s.load_certs",
- TRUE, p11->get_name(p11)))
+ "%s.plugins.pkcs11.modules.%s.load_certs",
+ TRUE, lib->ns, p11->get_name(p11)))
{
creds = pkcs11_creds_create(p11, slot);
if (creds)
@@ -174,8 +174,8 @@ static bool handle_certs(private_pkcs11_plugin_t *this,
METHOD(plugin_t, reload, bool,
private_pkcs11_plugin_t *this)
{
- if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.reload_certs", FALSE))
+ if (lib->settings->get_bool(lib->settings, "%s.plugins.pkcs11.reload_certs",
+ FALSE, lib->ns))
{
DBG1(DBG_CFG, "reloading certificates from PKCS#11 tokens");
handle_certs(this, NULL, FALSE, NULL);
@@ -247,28 +247,28 @@ METHOD(plugin_t, get_features, int,
if (!count)
{ /* initialize only once */
bool use_ecc = lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.use_ecc", FALSE);
+ "%s.plugins.pkcs11.use_ecc", FALSE, lib->ns);
plugin_features_add(f, f_manager, countof(f_manager), &count);
/* private key handling for EC keys is not disabled by use_ecc */
plugin_features_add(f, f_privkey, countof(f_privkey), &count);
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.use_pubkey", FALSE))
+ "%s.plugins.pkcs11.use_pubkey", FALSE, lib->ns))
{
plugin_features_add(f, f_pubkey, countof(f_pubkey) - (use_ecc ? 0 : 1),
&count);
}
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.use_hasher", FALSE))
+ "%s.plugins.pkcs11.use_hasher", FALSE, lib->ns))
{
plugin_features_add(f, f_hash, countof(f_hash), &count);
}
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.use_rng", FALSE))
+ "%s.plugins.pkcs11.use_rng", FALSE, lib->ns))
{
plugin_features_add(f, f_rng, countof(f_rng), &count);
}
if (lib->settings->get_bool(lib->settings,
- "libstrongswan.plugins.pkcs11.use_dh", FALSE))
+ "%s.plugins.pkcs11.use_dh", FALSE, lib->ns))
{
plugin_features_add(f, f_dh, countof(f_dh), &count);
if (use_ecc)
diff --git a/src/libstrongswan/plugins/pkcs12/Makefile.in b/src/libstrongswan/plugins/pkcs12/Makefile.in
index 1972f33b3..67b1f4f57 100644
--- a/src/libstrongswan/plugins/pkcs12/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs12/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.in b/src/libstrongswan/plugins/pkcs7/Makefile.in
index 300212173..feff6e5b0 100644
--- a/src/libstrongswan/plugins/pkcs7/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs7/Makefile.in
@@ -219,8 +219,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -288,6 +286,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -376,12 +379,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -396,6 +403,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/pkcs8/Makefile.in b/src/libstrongswan/plugins/pkcs8/Makefile.in
index e2ccb326d..35a5c9a35 100644
--- a/src/libstrongswan/plugins/pkcs8/Makefile.in
+++ b/src/libstrongswan/plugins/pkcs8/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c
index 5ed0a9b0f..08a8442ea 100644
--- a/src/libstrongswan/plugins/plugin_loader.c
+++ b/src/libstrongswan/plugins/plugin_loader.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010-2013 Tobias Brunner
+ * Copyright (C) 2010-2014 Tobias Brunner
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -28,6 +28,7 @@
#include <utils/debug.h>
#include <library.h>
#include <collections/hashtable.h>
+#include <collections/array.h>
#include <collections/linked_list.h>
#include <plugins/plugin.h>
#include <utils/integrity_checker.h>
@@ -936,18 +937,146 @@ static bool find_plugin(char *path, char *name, char *buf, char **file)
return FALSE;
}
+/**
+ * Used to sort plugins by priority
+ */
+typedef struct {
+ /* name of the plugin */
+ char *name;
+ /* the plugins priority */
+ int prio;
+ /* default priority */
+ int def;
+} plugin_priority_t;
+
+static void plugin_priority_free(const plugin_priority_t *this, int idx,
+ void *user)
+{
+ free(this->name);
+}
+
+/**
+ * Sort plugins and their priority by name
+ */
+static int plugin_priority_cmp_name(const plugin_priority_t *a,
+ const plugin_priority_t *b)
+{
+ return strcmp(a->name, b->name);
+}
+
+/**
+ * Sort plugins by decreasing priority or default priority then by name
+ */
+static int plugin_priority_cmp(const plugin_priority_t *a,
+ const plugin_priority_t *b, void *user)
+{
+ int diff;
+
+ diff = b->prio - a->prio;
+ if (!diff)
+ { /* the same priority, use default order */
+ diff = b->def - a->def;
+ if (!diff)
+ { /* same default priority (i.e. both were not found in that list) */
+ return strcmp(a->name, b->name);
+ }
+ }
+ return diff;
+}
+
+
+/**
+ * Determine the list of plugins to load via load option in each plugin's
+ * config section.
+ */
+static char *modular_pluginlist(char *list)
+{
+ enumerator_t *enumerator;
+ array_t *given, *final;
+ plugin_priority_t item, *current, found;
+ char *plugin, *plugins = NULL;
+ int i = 0, max_prio;
+
+ if (!lib->settings->get_bool(lib->settings, "%s.load_modular", FALSE,
+ lib->ns))
+ {
+ return list;
+ }
+
+ given = array_create(sizeof(plugin_priority_t), 0);
+ final = array_create(sizeof(plugin_priority_t), 0);
+
+ enumerator = enumerator_create_token(list, " ", " ");
+ while (enumerator->enumerate(enumerator, &plugin))
+ {
+ item.name = strdup(plugin);
+ item.prio = i++;
+ array_insert(given, ARRAY_TAIL, &item);
+ }
+ enumerator->destroy(enumerator);
+ array_sort(given, (void*)plugin_priority_cmp_name, NULL);
+ /* the maximum priority used for plugins not found in this list */
+ max_prio = i + 1;
+
+ enumerator = lib->settings->create_section_enumerator(lib->settings,
+ "%s.plugins", lib->ns);
+ while (enumerator->enumerate(enumerator, &plugin))
+ {
+ item.prio = lib->settings->get_int(lib->settings,
+ "%s.plugins.%s.load", 0, lib->ns, plugin);
+ if (!item.prio)
+ {
+ if (!lib->settings->get_bool(lib->settings,
+ "%s.plugins.%s.load", FALSE, lib->ns, plugin))
+ {
+ continue;
+ }
+ item.prio = 1;
+ }
+ item.name = plugin;
+ item.def = max_prio;
+ if (array_bsearch(given, &item, (void*)plugin_priority_cmp_name,
+ &found) != -1)
+ {
+ item.def = max_prio - found.prio;
+ }
+ array_insert(final, ARRAY_TAIL, &item);
+ }
+ enumerator->destroy(enumerator);
+ array_destroy_function(given, (void*)plugin_priority_free, NULL);
+
+ array_sort(final, (void*)plugin_priority_cmp, NULL);
+
+ enumerator = array_create_enumerator(final);
+ while (enumerator->enumerate(enumerator, &current))
+ {
+ char *prev = plugins;
+ if (asprintf(&plugins, "%s %s", plugins ?: "", current->name) < 0)
+ {
+ plugins = prev;
+ break;
+ }
+ free(prev);
+ }
+ enumerator->destroy(enumerator);
+ array_destroy(final);
+ return plugins;
+}
+
METHOD(plugin_loader_t, load_plugins, bool,
private_plugin_loader_t *this, char *list)
{
enumerator_t *enumerator;
- char *default_path = NULL, *token;
+ char *default_path = NULL, *plugins, *token;
bool critical_failed = FALSE;
#ifdef PLUGINDIR
default_path = PLUGINDIR;
#endif /* PLUGINDIR */
- enumerator = enumerator_create_token(list, " ", " ");
+ plugins = modular_pluginlist(list);
+
+ enumerator = enumerator_create_token(plugins, " ", " ");
while (!critical_failed && enumerator->enumerate(enumerator, &token))
{
plugin_entry_t *entry;
@@ -1006,6 +1135,10 @@ METHOD(plugin_loader_t, load_plugins, bool,
free(this->loaded_plugins);
this->loaded_plugins = loaded_plugins_list(this);
}
+ if (plugins != list)
+ {
+ free(plugins);
+ }
return !critical_failed;
}
@@ -1170,3 +1303,22 @@ plugin_loader_t *plugin_loader_create()
return &this->public;
}
+
+/*
+ * See header
+ */
+void plugin_loader_add_plugindirs(char *basedir, char *plugins)
+{
+ enumerator_t *enumerator;
+ char *name, path[PATH_MAX], dir[64];
+
+ enumerator = enumerator_create_token(plugins, " ", "");
+ while (enumerator->enumerate(enumerator, &name))
+ {
+ snprintf(dir, sizeof(dir), "%s", name);
+ translate(dir, "-", "_");
+ snprintf(path, sizeof(path), "%s/%s/.libs", basedir, dir);
+ lib->plugins->add_path(lib->plugins, path);
+ }
+ enumerator->destroy(enumerator);
+}
diff --git a/src/libstrongswan/plugins/plugin_loader.h b/src/libstrongswan/plugins/plugin_loader.h
index 285b33910..fec57ce98 100644
--- a/src/libstrongswan/plugins/plugin_loader.h
+++ b/src/libstrongswan/plugins/plugin_loader.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2013 Tobias Brunner
+ * Copyright (C) 2012-2014 Tobias Brunner
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -67,6 +67,13 @@ struct plugin_loader_t {
* for the plugins first, in the order they were added, then the default
* path follows.
*
+ * If \<ns>.load_modular is enabled (where \<ns> is lib->ns) the plugins to
+ * load are determined via a load option in their respective plugin config
+ * section e.g. \<ns>.plugins.\<plugin>.load = <priority|bool>.
+ * The oder is determined by the configured priority. If two plugins have
+ * the same priority the order as seen in list is preserved. Plugins not
+ * found in list are loaded first, in alphabetical order.
+ *
* @note Even though this method could be called multiple times this is
* currently not really supported in regards to plugin features and their
* dependencies (in particular soft dependencies).
@@ -146,4 +153,13 @@ struct plugin_loader_t {
*/
plugin_loader_t *plugin_loader_create();
+/**
+ * Convenience function to add plugin directories for the given plugins within
+ * the given base directory according to the conventions in the src/build tree.
+ *
+ * @param basedir base directory
+ * @param plugins space separated list of plugins
+ */
+void plugin_loader_add_plugindirs(char *basedir, char *plugins);
+
#endif /** PLUGIN_LOADER_H_ @}*/
diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in
index c5b3bad05..803eeab44 100644
--- a/src/libstrongswan/plugins/pubkey/Makefile.in
+++ b/src/libstrongswan/plugins/pubkey/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in
index 492bc31ac..0efe24cb7 100644
--- a/src/libstrongswan/plugins/random/Makefile.in
+++ b/src/libstrongswan/plugins/random/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c
index 24c711a69..1f1079240 100644
--- a/src/libstrongswan/plugins/random/random_plugin.c
+++ b/src/libstrongswan/plugins/random/random_plugin.c
@@ -51,6 +51,9 @@ static int dev_random = -1;
/** /dev/urandom file descriptor */
static int dev_urandom = -1;
+/** Is strong randomness equivalent to true randomness? */
+static bool strong_equals_true = FALSE;
+
/**
* See header.
*/
@@ -68,6 +71,14 @@ int random_plugin_get_dev_urandom()
}
/**
+ * See header.
+ */
+bool random_plugin_get_strong_equals_true()
+{
+ return strong_equals_true;
+}
+
+/**
* Open a random device file
*/
static bool open_dev(char *file, int *fd)
@@ -131,10 +142,12 @@ plugin_t *random_plugin_create()
},
);
+ strong_equals_true = lib->settings->get_bool(lib->settings,
+ "%s.plugins.random.strong_equals_true", FALSE, lib->ns);
urandom_file = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.random.urandom", DEV_URANDOM);
+ "%s.plugins.random.urandom", DEV_URANDOM, lib->ns);
random_file = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.random.random", DEV_RANDOM);
+ "%s.plugins.random.random", DEV_RANDOM, lib->ns);
if (!open_dev(urandom_file, &dev_urandom) ||
!open_dev(random_file, &dev_random))
{
diff --git a/src/libstrongswan/plugins/random/random_plugin.h b/src/libstrongswan/plugins/random/random_plugin.h
index c34fa8196..ff79bef0c 100644
--- a/src/libstrongswan/plugins/random/random_plugin.h
+++ b/src/libstrongswan/plugins/random/random_plugin.h
@@ -49,4 +49,9 @@ int random_plugin_get_dev_random();
*/
int random_plugin_get_dev_urandom();
+/**
+ * Must strong randomness be equivalent to true randomness?
+ */
+bool random_plugin_get_strong_equals_true();
+
#endif /** RANDOM_PLUGIN_H_ @}*/
diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c
index 568844899..36d5446b8 100644
--- a/src/libstrongswan/plugins/random/random_rng.c
+++ b/src/libstrongswan/plugins/random/random_rng.c
@@ -99,6 +99,10 @@ random_rng_t *random_rng_create(rng_quality_t quality)
this->fd = random_plugin_get_dev_random();
break;
case RNG_STRONG:
+ this->fd = random_plugin_get_strong_equals_true() ?
+ random_plugin_get_dev_random() :
+ random_plugin_get_dev_urandom();
+ break;
case RNG_WEAK:
default:
this->fd = random_plugin_get_dev_urandom();
diff --git a/src/libstrongswan/plugins/rc2/Makefile.in b/src/libstrongswan/plugins/rc2/Makefile.in
index e2cdbac7a..afcbc07eb 100644
--- a/src/libstrongswan/plugins/rc2/Makefile.in
+++ b/src/libstrongswan/plugins/rc2/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/rdrand/Makefile.in b/src/libstrongswan/plugins/rdrand/Makefile.in
index 0a3063f04..88b283e87 100644
--- a/src/libstrongswan/plugins/rdrand/Makefile.in
+++ b/src/libstrongswan/plugins/rdrand/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/rdrand/rdrand_plugin.c b/src/libstrongswan/plugins/rdrand/rdrand_plugin.c
index 4bdfc258e..b416c872f 100644
--- a/src/libstrongswan/plugins/rdrand/rdrand_plugin.c
+++ b/src/libstrongswan/plugins/rdrand/rdrand_plugin.c
@@ -77,11 +77,11 @@ static bool have_rdrand()
cpuid(1, &a, &b, &c, &d);
if (c & CPUID_RDRAND)
{
- DBG1(DBG_LIB, "detected RDRAND support on %s CPU", vendor);
+ DBG2(DBG_LIB, "detected RDRAND support on %s CPU", vendor);
return TRUE;
}
}
- DBG1(DBG_LIB, "no RDRAND support on %s CPU, disabled", vendor);
+ DBG2(DBG_LIB, "no RDRAND support on %s CPU, disabled", vendor);
return FALSE;
}
@@ -102,7 +102,11 @@ METHOD(plugin_t, get_features, int,
PLUGIN_DEPENDS(CRYPTER, ENCR_AES_CBC, 16),
};
*features = f;
- return countof(f);
+ if (have_rdrand())
+ {
+ return countof(f);
+ }
+ return 0;
}
METHOD(plugin_t, destroy, void,
@@ -122,16 +126,12 @@ plugin_t *rdrand_plugin_create()
.public = {
.plugin = {
.get_name = _get_name,
+ .get_features = _get_features,
.reload = (void*)return_false,
.destroy = _destroy,
},
},
);
- if (have_rdrand())
- {
- this->public.plugin.get_features = _get_features;
- }
-
return &this->public.plugin;
}
diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in
index fe9aa16e7..745ee83e7 100644
--- a/src/libstrongswan/plugins/revocation/Makefile.in
+++ b/src/libstrongswan/plugins/revocation/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index 2095dbdb7..e57eb78ab 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in
index 2eb572f70..c044178b9 100644
--- a/src/libstrongswan/plugins/sha2/Makefile.in
+++ b/src/libstrongswan/plugins/sha2/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in
index 5483bf91f..cc16ef5cb 100644
--- a/src/libstrongswan/plugins/soup/Makefile.in
+++ b/src/libstrongswan/plugins/soup/Makefile.in
@@ -216,8 +216,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -285,6 +283,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -373,12 +376,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -393,6 +400,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in
index 13c0bf86d..c428b883f 100644
--- a/src/libstrongswan/plugins/sqlite/Makefile.in
+++ b/src/libstrongswan/plugins/sqlite/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/sshkey/Makefile.in b/src/libstrongswan/plugins/sshkey/Makefile.in
index a62d22a5b..3c9926acc 100644
--- a/src/libstrongswan/plugins/sshkey/Makefile.in
+++ b/src/libstrongswan/plugins/sshkey/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/sshkey/sshkey_builder.c b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
index 569b0b738..652663108 100644
--- a/src/libstrongswan/plugins/sshkey/sshkey_builder.c
+++ b/src/libstrongswan/plugins/sshkey/sshkey_builder.c
@@ -13,6 +13,7 @@
* for more details.
*/
+#define _GNU_SOURCE /* for fmemopen() */
#include <unistd.h>
#include <stdio.h>
#include <errno.h>
diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in
index d4cbde107..a1439f6ea 100644
--- a/src/libstrongswan/plugins/test_vectors/Makefile.in
+++ b/src/libstrongswan/plugins/test_vectors/Makefile.in
@@ -232,8 +232,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -301,6 +299,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -389,12 +392,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -409,6 +416,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/unbound/Makefile.in b/src/libstrongswan/plugins/unbound/Makefile.in
index d79803189..961311eb0 100644
--- a/src/libstrongswan/plugins/unbound/Makefile.in
+++ b/src/libstrongswan/plugins/unbound/Makefile.in
@@ -218,8 +218,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -287,6 +285,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -375,12 +378,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -395,6 +402,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/unbound/unbound_resolver.c b/src/libstrongswan/plugins/unbound/unbound_resolver.c
index 42cdbc6cc..745e59d5b 100644
--- a/src/libstrongswan/plugins/unbound/unbound_resolver.c
+++ b/src/libstrongswan/plugins/unbound/unbound_resolver.c
@@ -97,14 +97,14 @@ resolver_t *unbound_resolver_create(void)
char *resolv_conf, *trust_anchors, *dlv_anchors;
resolv_conf = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.unbound.resolv_conf",
- RESOLV_CONF_FILE);
+ "%s.plugins.unbound.resolv_conf",
+ RESOLV_CONF_FILE, lib->ns);
trust_anchors = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.unbound.trust_anchors",
- TRUST_ANCHOR_FILE);
+ "%s.plugins.unbound.trust_anchors",
+ TRUST_ANCHOR_FILE, lib->ns);
dlv_anchors = lib->settings->get_str(lib->settings,
- "libstrongswan.plugins.unbound.dlv_anchors",
- NULL);
+ "%s.plugins.unbound.dlv_anchors",
+ NULL, lib->ns);
INIT(this,
.public = {
diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in
index 09d300255..74552e00b 100644
--- a/src/libstrongswan/plugins/x509/Makefile.in
+++ b/src/libstrongswan/plugins/x509/Makefile.in
@@ -217,8 +217,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -286,6 +284,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -374,12 +377,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -394,6 +401,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 85c481552..ed850e8f5 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -20,14 +20,14 @@
#define _GNU_SOURCE
-#include "x509_cert.h"
-
#include <sys/stat.h>
#include <time.h>
#include <unistd.h>
#include <string.h>
#include <stdio.h>
+#include "x509_cert.h"
+
#include <library.h>
#include <utils/debug.h>
#include <asn1/oid.h>
@@ -1446,7 +1446,7 @@ static bool parse_certificate(private_x509_cert_t *this)
break;
default:
if (critical && lib->settings->get_bool(lib->settings,
- "libstrongswan.x509.enforce_critical", TRUE))
+ "%s.x509.enforce_critical", TRUE, lib->ns))
{
DBG1(DBG_ASN, "critical '%s' extension not supported",
(extn_oid == OID_UNKNOWN) ? "unknown" :
diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c
index efb70c94c..d6057c30f 100644
--- a/src/libstrongswan/plugins/x509/x509_crl.c
+++ b/src/libstrongswan/plugins/x509/x509_crl.c
@@ -325,7 +325,7 @@ static bool parse(private_x509_crl_t *this)
break;
default:
if (critical && lib->settings->get_bool(lib->settings,
- "libstrongswan.x509.enforce_critical", TRUE))
+ "%s.x509.enforce_critical", TRUE, lib->ns))
{
DBG1(DBG_ASN, "critical '%s' extension not supported",
(extn_oid == OID_UNKNOWN) ? "unknown" :
diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in
index 59ee48377..c8f886c60 100644
--- a/src/libstrongswan/plugins/xcbc/Makefile.in
+++ b/src/libstrongswan/plugins/xcbc/Makefile.in
@@ -215,8 +215,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -284,6 +282,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -372,12 +375,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -392,6 +399,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
diff --git a/src/libstrongswan/processing/processor.c b/src/libstrongswan/processing/processor.c
index adbd95685..012b169e3 100644
--- a/src/libstrongswan/processing/processor.c
+++ b/src/libstrongswan/processing/processor.c
@@ -545,7 +545,7 @@ processor_t *processor_create()
{
this->jobs[i] = linked_list_create();
this->prio_threads[i] = lib->settings->get_int(lib->settings,
- "libstrongswan.processor.priority_threads.%N", 0,
+ "%s.processor.priority_threads.%N", 0, lib->ns,
job_priority_names, i);
}
diff --git a/src/libstrongswan/processing/watcher.c b/src/libstrongswan/processing/watcher.c
index 9773e7601..cc3c3a788 100644
--- a/src/libstrongswan/processing/watcher.c
+++ b/src/libstrongswan/processing/watcher.c
@@ -340,7 +340,7 @@ static job_requeue_t watch(private_watcher_t *this)
}
else
{
- if (!this->pending)
+ if (!this->pending && errno != EINTR)
{ /* complain only if no pending updates */
DBG1(DBG_JOB, "watcher select() error: %s", strerror(errno));
}
diff --git a/src/libstrongswan/tests/Makefile.am b/src/libstrongswan/tests/Makefile.am
index c3d41a1cd..331a5480d 100644
--- a/src/libstrongswan/tests/Makefile.am
+++ b/src/libstrongswan/tests/Makefile.am
@@ -1,23 +1,62 @@
-TESTS = test_runner
+check_LTLIBRARIES = libtest.la
+
+libtest_la_SOURCES = \
+ test_suite.c test_suite.h \
+ test_runner.c test_runner.h \
+ utils/test_rng.c utils/test_rng.h
+
+libtest_la_CFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan \
+ @COVERAGE_CFLAGS@
+
+libtest_la_LDFLAGS = @COVERAGE_LDFLAGS@
+libtest_la_LIBADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(PTHREADLIB)
+
+
+TESTS = tests
check_PROGRAMS = $(TESTS)
-test_runner_SOURCES = \
- test_runner.c test_runner.h test_suite.h \
- test_linked_list.c test_enumerator.c test_linked_list_enumerator.c \
- test_bio_reader.c test_bio_writer.c test_chunk.c test_enum.c test_hashtable.c \
- test_identification.c test_threading.c test_utils.c test_vectors.c \
- test_array.c test_ecdsa.c test_rsa.c test_host.c test_printf.c
+tests_SOURCES = tests.h tests.c \
+ suites/test_linked_list.c \
+ suites/test_enumerator.c \
+ suites/test_linked_list_enumerator.c \
+ suites/test_bio_reader.c \
+ suites/test_bio_writer.c \
+ suites/test_chunk.c \
+ suites/test_enum.c \
+ suites/test_hashtable.c \
+ suites/test_identification.c \
+ suites/test_threading.c \
+ suites/test_watcher.c \
+ suites/test_stream.c \
+ suites/test_fetch_http.c \
+ suites/test_utils.c \
+ suites/test_settings.c \
+ suites/test_vectors.c \
+ suites/test_array.c \
+ suites/test_ecdsa.c \
+ suites/test_rsa.c \
+ suites/test_host.c \
+ suites/test_hasher.c \
+ suites/test_crypter.c \
+ suites/test_pen.c \
+ suites/test_asn1.c \
+ suites/test_asn1_parser.c \
+ suites/test_printf.c \
+ suites/test_test_rng.c \
+ suites/test_ntru.c
-test_runner_CFLAGS = \
+tests_CFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libstrongswan/tests \
-DPLUGINDIR=\""$(top_builddir)/src/libstrongswan/plugins\"" \
-DPLUGINS=\""${s_plugins}\"" \
- @COVERAGE_CFLAGS@ \
- @CHECK_CFLAGS@
+ @COVERAGE_CFLAGS@
-test_runner_LDFLAGS = @COVERAGE_LDFLAGS@
-test_runner_LDADD = \
+tests_LDFLAGS = @COVERAGE_LDFLAGS@
+tests_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) \
- @CHECK_LIBS@
+ libtest.la
diff --git a/src/libstrongswan/tests/Makefile.in b/src/libstrongswan/tests/Makefile.in
index adeae1a81..656be4efb 100644
--- a/src/libstrongswan/tests/Makefile.in
+++ b/src/libstrongswan/tests/Makefile.in
@@ -77,11 +77,11 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
-TESTS = test_runner$(EXEEXT)
+TESTS = tests$(EXEEXT)
check_PROGRAMS = $(am__EXEEXT_1)
subdir = src/libstrongswan/tests
DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/depcomp $(top_srcdir)/test-driver
+ $(top_srcdir)/depcomp
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
$(top_srcdir)/m4/config/ltoptions.m4 \
@@ -99,36 +99,57 @@ mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
CONFIG_CLEAN_VPATH_FILES =
-am__EXEEXT_1 = test_runner$(EXEEXT)
-am_test_runner_OBJECTS = test_runner-test_runner.$(OBJEXT) \
- test_runner-test_linked_list.$(OBJEXT) \
- test_runner-test_enumerator.$(OBJEXT) \
- test_runner-test_linked_list_enumerator.$(OBJEXT) \
- test_runner-test_bio_reader.$(OBJEXT) \
- test_runner-test_bio_writer.$(OBJEXT) \
- test_runner-test_chunk.$(OBJEXT) \
- test_runner-test_enum.$(OBJEXT) \
- test_runner-test_hashtable.$(OBJEXT) \
- test_runner-test_identification.$(OBJEXT) \
- test_runner-test_threading.$(OBJEXT) \
- test_runner-test_utils.$(OBJEXT) \
- test_runner-test_vectors.$(OBJEXT) \
- test_runner-test_array.$(OBJEXT) \
- test_runner-test_ecdsa.$(OBJEXT) \
- test_runner-test_rsa.$(OBJEXT) test_runner-test_host.$(OBJEXT) \
- test_runner-test_printf.$(OBJEXT)
-test_runner_OBJECTS = $(am_test_runner_OBJECTS)
am__DEPENDENCIES_1 =
-test_runner_DEPENDENCIES = \
+libtest_la_DEPENDENCIES = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
$(am__DEPENDENCIES_1)
+am__dirstamp = $(am__leading_dot)dirstamp
+am_libtest_la_OBJECTS = libtest_la-test_suite.lo \
+ libtest_la-test_runner.lo utils/libtest_la-test_rng.lo
+libtest_la_OBJECTS = $(am_libtest_la_OBJECTS)
AM_V_lt = $(am__v_lt_@AM_V@)
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
am__v_lt_0 = --silent
am__v_lt_1 =
-test_runner_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
- $(LIBTOOLFLAGS) --mode=link $(CCLD) $(test_runner_CFLAGS) \
- $(CFLAGS) $(test_runner_LDFLAGS) $(LDFLAGS) -o $@
+libtest_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(libtest_la_CFLAGS) \
+ $(CFLAGS) $(libtest_la_LDFLAGS) $(LDFLAGS) -o $@
+am__EXEEXT_1 = tests$(EXEEXT)
+am_tests_OBJECTS = tests-tests.$(OBJEXT) \
+ suites/tests-test_linked_list.$(OBJEXT) \
+ suites/tests-test_enumerator.$(OBJEXT) \
+ suites/tests-test_linked_list_enumerator.$(OBJEXT) \
+ suites/tests-test_bio_reader.$(OBJEXT) \
+ suites/tests-test_bio_writer.$(OBJEXT) \
+ suites/tests-test_chunk.$(OBJEXT) \
+ suites/tests-test_enum.$(OBJEXT) \
+ suites/tests-test_hashtable.$(OBJEXT) \
+ suites/tests-test_identification.$(OBJEXT) \
+ suites/tests-test_threading.$(OBJEXT) \
+ suites/tests-test_watcher.$(OBJEXT) \
+ suites/tests-test_stream.$(OBJEXT) \
+ suites/tests-test_fetch_http.$(OBJEXT) \
+ suites/tests-test_utils.$(OBJEXT) \
+ suites/tests-test_settings.$(OBJEXT) \
+ suites/tests-test_vectors.$(OBJEXT) \
+ suites/tests-test_array.$(OBJEXT) \
+ suites/tests-test_ecdsa.$(OBJEXT) \
+ suites/tests-test_rsa.$(OBJEXT) \
+ suites/tests-test_host.$(OBJEXT) \
+ suites/tests-test_hasher.$(OBJEXT) \
+ suites/tests-test_crypter.$(OBJEXT) \
+ suites/tests-test_pen.$(OBJEXT) \
+ suites/tests-test_asn1.$(OBJEXT) \
+ suites/tests-test_asn1_parser.$(OBJEXT) \
+ suites/tests-test_printf.$(OBJEXT) \
+ suites/tests-test_test_rng.$(OBJEXT) \
+ suites/tests-test_ntru.$(OBJEXT)
+tests_OBJECTS = $(am_tests_OBJECTS)
+tests_DEPENDENCIES = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la libtest.la
+tests_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \
+ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(tests_CFLAGS) $(CFLAGS) \
+ $(tests_LDFLAGS) $(LDFLAGS) -o $@
AM_V_P = $(am__v_P_@AM_V@)
am__v_P_ = $(am__v_P_@AM_DEFAULT_V@)
am__v_P_0 = false
@@ -163,8 +184,8 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
am__v_CCLD_0 = @echo " CCLD " $@;
am__v_CCLD_1 =
-SOURCES = $(test_runner_SOURCES)
-DIST_SOURCES = $(test_runner_SOURCES)
+SOURCES = $(libtest_la_SOURCES) $(tests_SOURCES)
+DIST_SOURCES = $(libtest_la_SOURCES) $(tests_SOURCES)
am__can_run_installinfo = \
case $$AM_UPDATE_INFO_DIR in \
n|no|NO) false;; \
@@ -211,188 +232,6 @@ am__tty_colors = { \
std=''; \
fi; \
}
-am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
-am__vpath_adj = case $$p in \
- $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
- *) f=$$p;; \
- esac;
-am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
-am__install_max = 40
-am__nobase_strip_setup = \
- srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
-am__nobase_strip = \
- for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
-am__nobase_list = $(am__nobase_strip_setup); \
- for p in $$list; do echo "$$p $$p"; done | \
- sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
- $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
- if (++n[$$2] == $(am__install_max)) \
- { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
- END { for (dir in files) print dir, files[dir] }'
-am__base_list = \
- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
-am__uninstall_files_from_dir = { \
- test -z "$$files" \
- || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \
- || { echo " ( cd '$$dir' && rm -f" $$files ")"; \
- $(am__cd) "$$dir" && rm -f $$files; }; \
- }
-am__recheck_rx = ^[ ]*:recheck:[ ]*
-am__global_test_result_rx = ^[ ]*:global-test-result:[ ]*
-am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]*
-# A command that, given a newline-separated list of test names on the
-# standard input, print the name of the tests that are to be re-run
-# upon "make recheck".
-am__list_recheck_tests = $(AWK) '{ \
- recheck = 1; \
- while ((rc = (getline line < ($$0 ".trs"))) != 0) \
- { \
- if (rc < 0) \
- { \
- if ((getline line2 < ($$0 ".log")) < 0) \
- recheck = 0; \
- break; \
- } \
- else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \
- { \
- recheck = 0; \
- break; \
- } \
- else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \
- { \
- break; \
- } \
- }; \
- if (recheck) \
- print $$0; \
- close ($$0 ".trs"); \
- close ($$0 ".log"); \
-}'
-# A command that, given a newline-separated list of test names on the
-# standard input, create the global log from their .trs and .log files.
-am__create_global_log = $(AWK) ' \
-function fatal(msg) \
-{ \
- print "fatal: making $@: " msg | "cat >&2"; \
- exit 1; \
-} \
-function rst_section(header) \
-{ \
- print header; \
- len = length(header); \
- for (i = 1; i <= len; i = i + 1) \
- printf "="; \
- printf "\n\n"; \
-} \
-{ \
- copy_in_global_log = 1; \
- global_test_result = "RUN"; \
- while ((rc = (getline line < ($$0 ".trs"))) != 0) \
- { \
- if (rc < 0) \
- fatal("failed to read from " $$0 ".trs"); \
- if (line ~ /$(am__global_test_result_rx)/) \
- { \
- sub("$(am__global_test_result_rx)", "", line); \
- sub("[ ]*$$", "", line); \
- global_test_result = line; \
- } \
- else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \
- copy_in_global_log = 0; \
- }; \
- if (copy_in_global_log) \
- { \
- rst_section(global_test_result ": " $$0); \
- while ((rc = (getline line < ($$0 ".log"))) != 0) \
- { \
- if (rc < 0) \
- fatal("failed to read from " $$0 ".log"); \
- print line; \
- }; \
- printf "\n"; \
- }; \
- close ($$0 ".trs"); \
- close ($$0 ".log"); \
-}'
-# Restructured Text title.
-am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; }
-# Solaris 10 'make', and several other traditional 'make' implementations,
-# pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it
-# by disabling -e (using the XSI extension "set +e") if it's set.
-am__sh_e_setup = case $$- in *e*) set +e;; esac
-# Default flags passed to test drivers.
-am__common_driver_flags = \
- --color-tests "$$am__color_tests" \
- --enable-hard-errors "$$am__enable_hard_errors" \
- --expect-failure "$$am__expect_failure"
-# To be inserted before the command running the test. Creates the
-# directory for the log if needed. Stores in $dir the directory
-# containing $f, in $tst the test, in $log the log. Executes the
-# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and
-# passes TESTS_ENVIRONMENT. Set up options for the wrapper that
-# will run the test scripts (or their associated LOG_COMPILER, if
-# thy have one).
-am__check_pre = \
-$(am__sh_e_setup); \
-$(am__vpath_adj_setup) $(am__vpath_adj) \
-$(am__tty_colors); \
-srcdir=$(srcdir); export srcdir; \
-case "$@" in \
- */*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \
- *) am__odir=.;; \
-esac; \
-test "x$$am__odir" = x"." || test -d "$$am__odir" \
- || $(MKDIR_P) "$$am__odir" || exit $$?; \
-if test -f "./$$f"; then dir=./; \
-elif test -f "$$f"; then dir=; \
-else dir="$(srcdir)/"; fi; \
-tst=$$dir$$f; log='$@'; \
-if test -n '$(DISABLE_HARD_ERRORS)'; then \
- am__enable_hard_errors=no; \
-else \
- am__enable_hard_errors=yes; \
-fi; \
-case " $(XFAIL_TESTS) " in \
- *[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \
- am__expect_failure=yes;; \
- *) \
- am__expect_failure=no;; \
-esac; \
-$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT)
-# A shell command to get the names of the tests scripts with any registered
-# extension removed (i.e., equivalently, the names of the test logs, with
-# the '.log' extension removed). The result is saved in the shell variable
-# '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly,
-# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)",
-# since that might cause problem with VPATH rewrites for suffix-less tests.
-# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'.
-am__set_TESTS_bases = \
- bases='$(TEST_LOGS)'; \
- bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \
- bases=`echo $$bases`
-RECHECK_LOGS = $(TEST_LOGS)
-AM_RECURSIVE_TARGETS = check recheck
-TEST_SUITE_LOG = test-suite.log
-TEST_EXTENSIONS = @EXEEXT@ .test
-LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
-LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS)
-am__set_b = \
- case '$@' in \
- */*) \
- case '$*' in \
- */*) b='$*';; \
- *) b=`echo '$@' | sed 's/\.log$$//'`; \
- esac;; \
- *) \
- b='$*';; \
- esac
-am__test_logs1 = $(TESTS:=.log)
-am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log)
-TEST_LOGS = $(am__test_logs2:.test.log=.log)
-TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/test-driver
-TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
- $(TEST_LOG_FLAGS)
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
ALLOCA = @ALLOCA@
@@ -408,8 +247,6 @@ BTLIB = @BTLIB@
CC = @CC@
CCDEPMODE = @CCDEPMODE@
CFLAGS = @CFLAGS@
-CHECK_CFLAGS = @CHECK_CFLAGS@
-CHECK_LIBS = @CHECK_LIBS@
COVERAGE_CFLAGS = @COVERAGE_CFLAGS@
COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@
CPP = @CPP@
@@ -477,6 +314,11 @@ PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
PTHREADLIB = @PTHREADLIB@
+PYTHON = @PYTHON@
+PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
+PYTHON_PLATFORM = @PYTHON_PLATFORM@
+PYTHON_PREFIX = @PYTHON_PREFIX@
+PYTHON_VERSION = @PYTHON_VERSION@
RANLIB = @RANLIB@
RTLIB = @RTLIB@
RUBY = @RUBY@
@@ -565,12 +407,16 @@ pcsclite_CFLAGS = @pcsclite_CFLAGS@
pcsclite_LIBS = @pcsclite_LIBS@
pdfdir = @pdfdir@
piddir = @piddir@
+pkgpyexecdir = @pkgpyexecdir@
+pkgpythondir = @pkgpythondir@
pki_plugins = @pki_plugins@
plugindir = @plugindir@
pool_plugins = @pool_plugins@
prefix = @prefix@
program_transform_name = @program_transform_name@
psdir = @psdir@
+pyexecdir = @pyexecdir@
+pythondir = @pythondir@
random_device = @random_device@
resolv_conf = @resolv_conf@
routing_table = @routing_table@
@@ -585,6 +431,7 @@ soup_LIBS = @soup_LIBS@
srcdir = @srcdir@
starter_plugins = @starter_plugins@
strongswan_conf = @strongswan_conf@
+strongswan_options = @strongswan_options@
sysconfdir = @sysconfdir@
systemdsystemunitdir = @systemdsystemunitdir@
t_plugins = @t_plugins@
@@ -595,30 +442,67 @@ top_srcdir = @top_srcdir@
urandom_device = @urandom_device@
xml_CFLAGS = @xml_CFLAGS@
xml_LIBS = @xml_LIBS@
-test_runner_SOURCES = \
- test_runner.c test_runner.h test_suite.h \
- test_linked_list.c test_enumerator.c test_linked_list_enumerator.c \
- test_bio_reader.c test_bio_writer.c test_chunk.c test_enum.c test_hashtable.c \
- test_identification.c test_threading.c test_utils.c test_vectors.c \
- test_array.c test_ecdsa.c test_rsa.c test_host.c test_printf.c
-
-test_runner_CFLAGS = \
+check_LTLIBRARIES = libtest.la
+libtest_la_SOURCES = \
+ test_suite.c test_suite.h \
+ test_runner.c test_runner.h \
+ utils/test_rng.c utils/test_rng.h
+
+libtest_la_CFLAGS = \
+ -I$(top_srcdir)/src/libstrongswan \
+ @COVERAGE_CFLAGS@
+
+libtest_la_LDFLAGS = @COVERAGE_LDFLAGS@
+libtest_la_LIBADD = \
+ $(top_builddir)/src/libstrongswan/libstrongswan.la \
+ $(PTHREADLIB)
+
+tests_SOURCES = tests.h tests.c \
+ suites/test_linked_list.c \
+ suites/test_enumerator.c \
+ suites/test_linked_list_enumerator.c \
+ suites/test_bio_reader.c \
+ suites/test_bio_writer.c \
+ suites/test_chunk.c \
+ suites/test_enum.c \
+ suites/test_hashtable.c \
+ suites/test_identification.c \
+ suites/test_threading.c \
+ suites/test_watcher.c \
+ suites/test_stream.c \
+ suites/test_fetch_http.c \
+ suites/test_utils.c \
+ suites/test_settings.c \
+ suites/test_vectors.c \
+ suites/test_array.c \
+ suites/test_ecdsa.c \
+ suites/test_rsa.c \
+ suites/test_host.c \
+ suites/test_hasher.c \
+ suites/test_crypter.c \
+ suites/test_pen.c \
+ suites/test_asn1.c \
+ suites/test_asn1_parser.c \
+ suites/test_printf.c \
+ suites/test_test_rng.c \
+ suites/test_ntru.c
+
+tests_CFLAGS = \
-I$(top_srcdir)/src/libstrongswan \
+ -I$(top_srcdir)/src/libstrongswan/tests \
-DPLUGINDIR=\""$(top_builddir)/src/libstrongswan/plugins\"" \
-DPLUGINS=\""${s_plugins}\"" \
- @COVERAGE_CFLAGS@ \
- @CHECK_CFLAGS@
+ @COVERAGE_CFLAGS@
-test_runner_LDFLAGS = @COVERAGE_LDFLAGS@
-test_runner_LDADD = \
+tests_LDFLAGS = @COVERAGE_LDFLAGS@
+tests_LDADD = \
$(top_builddir)/src/libstrongswan/libstrongswan.la \
- $(PTHREADLIB) \
- @CHECK_LIBS@
+ libtest.la
all: all-am
.SUFFIXES:
-.SUFFIXES: .c .lo .log .o .obj .test .test$(EXEEXT) .trs
+.SUFFIXES: .c .lo .o .obj
$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
@for dep in $?; do \
case '$(am__configure_deps)' in \
@@ -650,6 +534,28 @@ $(ACLOCAL_M4): $(am__aclocal_m4_deps)
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
$(am__aclocal_m4_deps):
+clean-checkLTLIBRARIES:
+ -test -z "$(check_LTLIBRARIES)" || rm -f $(check_LTLIBRARIES)
+ @list='$(check_LTLIBRARIES)'; \
+ locs=`for p in $$list; do echo $$p; done | \
+ sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \
+ sort -u`; \
+ test -z "$$locs" || { \
+ echo rm -f $${locs}; \
+ rm -f $${locs}; \
+ }
+utils/$(am__dirstamp):
+ @$(MKDIR_P) utils
+ @: > utils/$(am__dirstamp)
+utils/$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) utils/$(DEPDIR)
+ @: > utils/$(DEPDIR)/$(am__dirstamp)
+utils/libtest_la-test_rng.lo: utils/$(am__dirstamp) \
+ utils/$(DEPDIR)/$(am__dirstamp)
+
+libtest.la: $(libtest_la_OBJECTS) $(libtest_la_DEPENDENCIES) $(EXTRA_libtest_la_DEPENDENCIES)
+ $(AM_V_CCLD)$(libtest_la_LINK) $(libtest_la_OBJECTS) $(libtest_la_LIBADD) $(LIBS)
+
clean-checkPROGRAMS:
@list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \
echo " rm -f" $$list; \
@@ -658,35 +564,114 @@ clean-checkPROGRAMS:
list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
echo " rm -f" $$list; \
rm -f $$list
-
-test_runner$(EXEEXT): $(test_runner_OBJECTS) $(test_runner_DEPENDENCIES) $(EXTRA_test_runner_DEPENDENCIES)
- @rm -f test_runner$(EXEEXT)
- $(AM_V_CCLD)$(test_runner_LINK) $(test_runner_OBJECTS) $(test_runner_LDADD) $(LIBS)
+suites/$(am__dirstamp):
+ @$(MKDIR_P) suites
+ @: > suites/$(am__dirstamp)
+suites/$(DEPDIR)/$(am__dirstamp):
+ @$(MKDIR_P) suites/$(DEPDIR)
+ @: > suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_linked_list.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_enumerator.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_linked_list_enumerator.$(OBJEXT): \
+ suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_bio_reader.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_bio_writer.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_chunk.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_enum.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_hashtable.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_identification.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_threading.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_watcher.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_stream.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_fetch_http.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_utils.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_settings.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_vectors.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_array.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_ecdsa.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_rsa.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_host.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_hasher.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_crypter.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_pen.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_asn1.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_asn1_parser.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_printf.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_test_rng.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+suites/tests-test_ntru.$(OBJEXT): suites/$(am__dirstamp) \
+ suites/$(DEPDIR)/$(am__dirstamp)
+
+tests$(EXEEXT): $(tests_OBJECTS) $(tests_DEPENDENCIES) $(EXTRA_tests_DEPENDENCIES)
+ @rm -f tests$(EXEEXT)
+ $(AM_V_CCLD)$(tests_LINK) $(tests_OBJECTS) $(tests_LDADD) $(LIBS)
mostlyclean-compile:
-rm -f *.$(OBJEXT)
+ -rm -f suites/*.$(OBJEXT)
+ -rm -f utils/*.$(OBJEXT)
+ -rm -f utils/*.lo
distclean-compile:
-rm -f *.tab.c
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_array.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_bio_reader.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_bio_writer.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_chunk.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_ecdsa.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_enum.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_enumerator.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_hashtable.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_host.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_identification.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_linked_list.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_linked_list_enumerator.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_printf.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_rsa.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_runner.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_threading.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_utils.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_runner-test_vectors.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-test_runner.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtest_la-test_suite.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tests-tests.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_array.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_asn1.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_asn1_parser.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_bio_reader.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_bio_writer.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_chunk.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_crypter.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_ecdsa.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_enum.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_enumerator.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_fetch_http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_hasher.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_hashtable.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_host.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_identification.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_linked_list.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_linked_list_enumerator.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_ntru.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_pen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_printf.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_rsa.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_settings.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_stream.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_test_rng.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_threading.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_utils.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_vectors.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/tests-test_watcher.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@utils/$(DEPDIR)/libtest_la-test_rng.Plo@am__quote@
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -712,263 +697,439 @@ distclean-compile:
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
-test_runner-test_runner.o: test_runner.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_runner.o -MD -MP -MF $(DEPDIR)/test_runner-test_runner.Tpo -c -o test_runner-test_runner.o `test -f 'test_runner.c' || echo '$(srcdir)/'`test_runner.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_runner.Tpo $(DEPDIR)/test_runner-test_runner.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_runner.c' object='test_runner-test_runner.o' libtool=no @AMDEPBACKSLASH@
+libtest_la-test_suite.lo: test_suite.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-test_suite.lo -MD -MP -MF $(DEPDIR)/libtest_la-test_suite.Tpo -c -o libtest_la-test_suite.lo `test -f 'test_suite.c' || echo '$(srcdir)/'`test_suite.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtest_la-test_suite.Tpo $(DEPDIR)/libtest_la-test_suite.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_suite.c' object='libtest_la-test_suite.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-test_suite.lo `test -f 'test_suite.c' || echo '$(srcdir)/'`test_suite.c
+
+libtest_la-test_runner.lo: test_runner.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT libtest_la-test_runner.lo -MD -MP -MF $(DEPDIR)/libtest_la-test_runner.Tpo -c -o libtest_la-test_runner.lo `test -f 'test_runner.c' || echo '$(srcdir)/'`test_runner.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtest_la-test_runner.Tpo $(DEPDIR)/libtest_la-test_runner.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_runner.c' object='libtest_la-test_runner.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o libtest_la-test_runner.lo `test -f 'test_runner.c' || echo '$(srcdir)/'`test_runner.c
+
+utils/libtest_la-test_rng.lo: utils/test_rng.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -MT utils/libtest_la-test_rng.lo -MD -MP -MF utils/$(DEPDIR)/libtest_la-test_rng.Tpo -c -o utils/libtest_la-test_rng.lo `test -f 'utils/test_rng.c' || echo '$(srcdir)/'`utils/test_rng.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) utils/$(DEPDIR)/libtest_la-test_rng.Tpo utils/$(DEPDIR)/libtest_la-test_rng.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='utils/test_rng.c' object='utils/libtest_la-test_rng.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libtest_la_CFLAGS) $(CFLAGS) -c -o utils/libtest_la-test_rng.lo `test -f 'utils/test_rng.c' || echo '$(srcdir)/'`utils/test_rng.c
+
+tests-tests.o: tests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT tests-tests.o -MD -MP -MF $(DEPDIR)/tests-tests.Tpo -c -o tests-tests.o `test -f 'tests.c' || echo '$(srcdir)/'`tests.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/tests-tests.Tpo $(DEPDIR)/tests-tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests.c' object='tests-tests.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o tests-tests.o `test -f 'tests.c' || echo '$(srcdir)/'`tests.c
+
+tests-tests.obj: tests.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT tests-tests.obj -MD -MP -MF $(DEPDIR)/tests-tests.Tpo -c -o tests-tests.obj `if test -f 'tests.c'; then $(CYGPATH_W) 'tests.c'; else $(CYGPATH_W) '$(srcdir)/tests.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/tests-tests.Tpo $(DEPDIR)/tests-tests.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests.c' object='tests-tests.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o tests-tests.obj `if test -f 'tests.c'; then $(CYGPATH_W) 'tests.c'; else $(CYGPATH_W) '$(srcdir)/tests.c'; fi`
+
+suites/tests-test_linked_list.o: suites/test_linked_list.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_linked_list.o -MD -MP -MF suites/$(DEPDIR)/tests-test_linked_list.Tpo -c -o suites/tests-test_linked_list.o `test -f 'suites/test_linked_list.c' || echo '$(srcdir)/'`suites/test_linked_list.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_linked_list.Tpo suites/$(DEPDIR)/tests-test_linked_list.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_linked_list.c' object='suites/tests-test_linked_list.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_linked_list.o `test -f 'suites/test_linked_list.c' || echo '$(srcdir)/'`suites/test_linked_list.c
+
+suites/tests-test_linked_list.obj: suites/test_linked_list.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_linked_list.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_linked_list.Tpo -c -o suites/tests-test_linked_list.obj `if test -f 'suites/test_linked_list.c'; then $(CYGPATH_W) 'suites/test_linked_list.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_linked_list.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_linked_list.Tpo suites/$(DEPDIR)/tests-test_linked_list.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_linked_list.c' object='suites/tests-test_linked_list.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_linked_list.obj `if test -f 'suites/test_linked_list.c'; then $(CYGPATH_W) 'suites/test_linked_list.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_linked_list.c'; fi`
+
+suites/tests-test_enumerator.o: suites/test_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_enumerator.o -MD -MP -MF suites/$(DEPDIR)/tests-test_enumerator.Tpo -c -o suites/tests-test_enumerator.o `test -f 'suites/test_enumerator.c' || echo '$(srcdir)/'`suites/test_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_enumerator.Tpo suites/$(DEPDIR)/tests-test_enumerator.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_enumerator.c' object='suites/tests-test_enumerator.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_enumerator.o `test -f 'suites/test_enumerator.c' || echo '$(srcdir)/'`suites/test_enumerator.c
+
+suites/tests-test_enumerator.obj: suites/test_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_enumerator.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_enumerator.Tpo -c -o suites/tests-test_enumerator.obj `if test -f 'suites/test_enumerator.c'; then $(CYGPATH_W) 'suites/test_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_enumerator.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_enumerator.Tpo suites/$(DEPDIR)/tests-test_enumerator.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_enumerator.c' object='suites/tests-test_enumerator.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_enumerator.obj `if test -f 'suites/test_enumerator.c'; then $(CYGPATH_W) 'suites/test_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_enumerator.c'; fi`
+
+suites/tests-test_linked_list_enumerator.o: suites/test_linked_list_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_linked_list_enumerator.o -MD -MP -MF suites/$(DEPDIR)/tests-test_linked_list_enumerator.Tpo -c -o suites/tests-test_linked_list_enumerator.o `test -f 'suites/test_linked_list_enumerator.c' || echo '$(srcdir)/'`suites/test_linked_list_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_linked_list_enumerator.Tpo suites/$(DEPDIR)/tests-test_linked_list_enumerator.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_linked_list_enumerator.c' object='suites/tests-test_linked_list_enumerator.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_linked_list_enumerator.o `test -f 'suites/test_linked_list_enumerator.c' || echo '$(srcdir)/'`suites/test_linked_list_enumerator.c
+
+suites/tests-test_linked_list_enumerator.obj: suites/test_linked_list_enumerator.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_linked_list_enumerator.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_linked_list_enumerator.Tpo -c -o suites/tests-test_linked_list_enumerator.obj `if test -f 'suites/test_linked_list_enumerator.c'; then $(CYGPATH_W) 'suites/test_linked_list_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_linked_list_enumerator.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_linked_list_enumerator.Tpo suites/$(DEPDIR)/tests-test_linked_list_enumerator.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_linked_list_enumerator.c' object='suites/tests-test_linked_list_enumerator.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_linked_list_enumerator.obj `if test -f 'suites/test_linked_list_enumerator.c'; then $(CYGPATH_W) 'suites/test_linked_list_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_linked_list_enumerator.c'; fi`
+
+suites/tests-test_bio_reader.o: suites/test_bio_reader.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_bio_reader.o -MD -MP -MF suites/$(DEPDIR)/tests-test_bio_reader.Tpo -c -o suites/tests-test_bio_reader.o `test -f 'suites/test_bio_reader.c' || echo '$(srcdir)/'`suites/test_bio_reader.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_bio_reader.Tpo suites/$(DEPDIR)/tests-test_bio_reader.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_bio_reader.c' object='suites/tests-test_bio_reader.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_bio_reader.o `test -f 'suites/test_bio_reader.c' || echo '$(srcdir)/'`suites/test_bio_reader.c
+
+suites/tests-test_bio_reader.obj: suites/test_bio_reader.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_bio_reader.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_bio_reader.Tpo -c -o suites/tests-test_bio_reader.obj `if test -f 'suites/test_bio_reader.c'; then $(CYGPATH_W) 'suites/test_bio_reader.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_bio_reader.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_bio_reader.Tpo suites/$(DEPDIR)/tests-test_bio_reader.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_bio_reader.c' object='suites/tests-test_bio_reader.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_bio_reader.obj `if test -f 'suites/test_bio_reader.c'; then $(CYGPATH_W) 'suites/test_bio_reader.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_bio_reader.c'; fi`
+
+suites/tests-test_bio_writer.o: suites/test_bio_writer.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_bio_writer.o -MD -MP -MF suites/$(DEPDIR)/tests-test_bio_writer.Tpo -c -o suites/tests-test_bio_writer.o `test -f 'suites/test_bio_writer.c' || echo '$(srcdir)/'`suites/test_bio_writer.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_bio_writer.Tpo suites/$(DEPDIR)/tests-test_bio_writer.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_bio_writer.c' object='suites/tests-test_bio_writer.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_bio_writer.o `test -f 'suites/test_bio_writer.c' || echo '$(srcdir)/'`suites/test_bio_writer.c
+
+suites/tests-test_bio_writer.obj: suites/test_bio_writer.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_bio_writer.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_bio_writer.Tpo -c -o suites/tests-test_bio_writer.obj `if test -f 'suites/test_bio_writer.c'; then $(CYGPATH_W) 'suites/test_bio_writer.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_bio_writer.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_bio_writer.Tpo suites/$(DEPDIR)/tests-test_bio_writer.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_bio_writer.c' object='suites/tests-test_bio_writer.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_bio_writer.obj `if test -f 'suites/test_bio_writer.c'; then $(CYGPATH_W) 'suites/test_bio_writer.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_bio_writer.c'; fi`
+
+suites/tests-test_chunk.o: suites/test_chunk.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_chunk.o -MD -MP -MF suites/$(DEPDIR)/tests-test_chunk.Tpo -c -o suites/tests-test_chunk.o `test -f 'suites/test_chunk.c' || echo '$(srcdir)/'`suites/test_chunk.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_chunk.Tpo suites/$(DEPDIR)/tests-test_chunk.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_chunk.c' object='suites/tests-test_chunk.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_runner.o `test -f 'test_runner.c' || echo '$(srcdir)/'`test_runner.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_chunk.o `test -f 'suites/test_chunk.c' || echo '$(srcdir)/'`suites/test_chunk.c
-test_runner-test_runner.obj: test_runner.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_runner.obj -MD -MP -MF $(DEPDIR)/test_runner-test_runner.Tpo -c -o test_runner-test_runner.obj `if test -f 'test_runner.c'; then $(CYGPATH_W) 'test_runner.c'; else $(CYGPATH_W) '$(srcdir)/test_runner.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_runner.Tpo $(DEPDIR)/test_runner-test_runner.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_runner.c' object='test_runner-test_runner.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_chunk.obj: suites/test_chunk.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_chunk.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_chunk.Tpo -c -o suites/tests-test_chunk.obj `if test -f 'suites/test_chunk.c'; then $(CYGPATH_W) 'suites/test_chunk.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_chunk.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_chunk.Tpo suites/$(DEPDIR)/tests-test_chunk.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_chunk.c' object='suites/tests-test_chunk.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_runner.obj `if test -f 'test_runner.c'; then $(CYGPATH_W) 'test_runner.c'; else $(CYGPATH_W) '$(srcdir)/test_runner.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_chunk.obj `if test -f 'suites/test_chunk.c'; then $(CYGPATH_W) 'suites/test_chunk.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_chunk.c'; fi`
-test_runner-test_linked_list.o: test_linked_list.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_linked_list.o -MD -MP -MF $(DEPDIR)/test_runner-test_linked_list.Tpo -c -o test_runner-test_linked_list.o `test -f 'test_linked_list.c' || echo '$(srcdir)/'`test_linked_list.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_linked_list.Tpo $(DEPDIR)/test_runner-test_linked_list.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_linked_list.c' object='test_runner-test_linked_list.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_enum.o: suites/test_enum.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_enum.o -MD -MP -MF suites/$(DEPDIR)/tests-test_enum.Tpo -c -o suites/tests-test_enum.o `test -f 'suites/test_enum.c' || echo '$(srcdir)/'`suites/test_enum.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_enum.Tpo suites/$(DEPDIR)/tests-test_enum.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_enum.c' object='suites/tests-test_enum.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_linked_list.o `test -f 'test_linked_list.c' || echo '$(srcdir)/'`test_linked_list.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_enum.o `test -f 'suites/test_enum.c' || echo '$(srcdir)/'`suites/test_enum.c
-test_runner-test_linked_list.obj: test_linked_list.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_linked_list.obj -MD -MP -MF $(DEPDIR)/test_runner-test_linked_list.Tpo -c -o test_runner-test_linked_list.obj `if test -f 'test_linked_list.c'; then $(CYGPATH_W) 'test_linked_list.c'; else $(CYGPATH_W) '$(srcdir)/test_linked_list.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_linked_list.Tpo $(DEPDIR)/test_runner-test_linked_list.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_linked_list.c' object='test_runner-test_linked_list.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_enum.obj: suites/test_enum.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_enum.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_enum.Tpo -c -o suites/tests-test_enum.obj `if test -f 'suites/test_enum.c'; then $(CYGPATH_W) 'suites/test_enum.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_enum.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_enum.Tpo suites/$(DEPDIR)/tests-test_enum.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_enum.c' object='suites/tests-test_enum.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_linked_list.obj `if test -f 'test_linked_list.c'; then $(CYGPATH_W) 'test_linked_list.c'; else $(CYGPATH_W) '$(srcdir)/test_linked_list.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_enum.obj `if test -f 'suites/test_enum.c'; then $(CYGPATH_W) 'suites/test_enum.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_enum.c'; fi`
-test_runner-test_enumerator.o: test_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_enumerator.o -MD -MP -MF $(DEPDIR)/test_runner-test_enumerator.Tpo -c -o test_runner-test_enumerator.o `test -f 'test_enumerator.c' || echo '$(srcdir)/'`test_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_enumerator.Tpo $(DEPDIR)/test_runner-test_enumerator.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_enumerator.c' object='test_runner-test_enumerator.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_hashtable.o: suites/test_hashtable.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_hashtable.o -MD -MP -MF suites/$(DEPDIR)/tests-test_hashtable.Tpo -c -o suites/tests-test_hashtable.o `test -f 'suites/test_hashtable.c' || echo '$(srcdir)/'`suites/test_hashtable.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_hashtable.Tpo suites/$(DEPDIR)/tests-test_hashtable.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_hashtable.c' object='suites/tests-test_hashtable.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_enumerator.o `test -f 'test_enumerator.c' || echo '$(srcdir)/'`test_enumerator.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_hashtable.o `test -f 'suites/test_hashtable.c' || echo '$(srcdir)/'`suites/test_hashtable.c
-test_runner-test_enumerator.obj: test_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_enumerator.obj -MD -MP -MF $(DEPDIR)/test_runner-test_enumerator.Tpo -c -o test_runner-test_enumerator.obj `if test -f 'test_enumerator.c'; then $(CYGPATH_W) 'test_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/test_enumerator.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_enumerator.Tpo $(DEPDIR)/test_runner-test_enumerator.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_enumerator.c' object='test_runner-test_enumerator.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_hashtable.obj: suites/test_hashtable.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_hashtable.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_hashtable.Tpo -c -o suites/tests-test_hashtable.obj `if test -f 'suites/test_hashtable.c'; then $(CYGPATH_W) 'suites/test_hashtable.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_hashtable.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_hashtable.Tpo suites/$(DEPDIR)/tests-test_hashtable.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_hashtable.c' object='suites/tests-test_hashtable.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_enumerator.obj `if test -f 'test_enumerator.c'; then $(CYGPATH_W) 'test_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/test_enumerator.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_hashtable.obj `if test -f 'suites/test_hashtable.c'; then $(CYGPATH_W) 'suites/test_hashtable.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_hashtable.c'; fi`
-test_runner-test_linked_list_enumerator.o: test_linked_list_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_linked_list_enumerator.o -MD -MP -MF $(DEPDIR)/test_runner-test_linked_list_enumerator.Tpo -c -o test_runner-test_linked_list_enumerator.o `test -f 'test_linked_list_enumerator.c' || echo '$(srcdir)/'`test_linked_list_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_linked_list_enumerator.Tpo $(DEPDIR)/test_runner-test_linked_list_enumerator.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_linked_list_enumerator.c' object='test_runner-test_linked_list_enumerator.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_identification.o: suites/test_identification.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_identification.o -MD -MP -MF suites/$(DEPDIR)/tests-test_identification.Tpo -c -o suites/tests-test_identification.o `test -f 'suites/test_identification.c' || echo '$(srcdir)/'`suites/test_identification.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_identification.Tpo suites/$(DEPDIR)/tests-test_identification.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_identification.c' object='suites/tests-test_identification.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_linked_list_enumerator.o `test -f 'test_linked_list_enumerator.c' || echo '$(srcdir)/'`test_linked_list_enumerator.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_identification.o `test -f 'suites/test_identification.c' || echo '$(srcdir)/'`suites/test_identification.c
-test_runner-test_linked_list_enumerator.obj: test_linked_list_enumerator.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_linked_list_enumerator.obj -MD -MP -MF $(DEPDIR)/test_runner-test_linked_list_enumerator.Tpo -c -o test_runner-test_linked_list_enumerator.obj `if test -f 'test_linked_list_enumerator.c'; then $(CYGPATH_W) 'test_linked_list_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/test_linked_list_enumerator.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_linked_list_enumerator.Tpo $(DEPDIR)/test_runner-test_linked_list_enumerator.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_linked_list_enumerator.c' object='test_runner-test_linked_list_enumerator.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_identification.obj: suites/test_identification.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_identification.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_identification.Tpo -c -o suites/tests-test_identification.obj `if test -f 'suites/test_identification.c'; then $(CYGPATH_W) 'suites/test_identification.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_identification.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_identification.Tpo suites/$(DEPDIR)/tests-test_identification.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_identification.c' object='suites/tests-test_identification.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_linked_list_enumerator.obj `if test -f 'test_linked_list_enumerator.c'; then $(CYGPATH_W) 'test_linked_list_enumerator.c'; else $(CYGPATH_W) '$(srcdir)/test_linked_list_enumerator.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_identification.obj `if test -f 'suites/test_identification.c'; then $(CYGPATH_W) 'suites/test_identification.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_identification.c'; fi`
-test_runner-test_bio_reader.o: test_bio_reader.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_bio_reader.o -MD -MP -MF $(DEPDIR)/test_runner-test_bio_reader.Tpo -c -o test_runner-test_bio_reader.o `test -f 'test_bio_reader.c' || echo '$(srcdir)/'`test_bio_reader.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_bio_reader.Tpo $(DEPDIR)/test_runner-test_bio_reader.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_bio_reader.c' object='test_runner-test_bio_reader.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_threading.o: suites/test_threading.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_threading.o -MD -MP -MF suites/$(DEPDIR)/tests-test_threading.Tpo -c -o suites/tests-test_threading.o `test -f 'suites/test_threading.c' || echo '$(srcdir)/'`suites/test_threading.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_threading.Tpo suites/$(DEPDIR)/tests-test_threading.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_threading.c' object='suites/tests-test_threading.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_bio_reader.o `test -f 'test_bio_reader.c' || echo '$(srcdir)/'`test_bio_reader.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_threading.o `test -f 'suites/test_threading.c' || echo '$(srcdir)/'`suites/test_threading.c
-test_runner-test_bio_reader.obj: test_bio_reader.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_bio_reader.obj -MD -MP -MF $(DEPDIR)/test_runner-test_bio_reader.Tpo -c -o test_runner-test_bio_reader.obj `if test -f 'test_bio_reader.c'; then $(CYGPATH_W) 'test_bio_reader.c'; else $(CYGPATH_W) '$(srcdir)/test_bio_reader.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_bio_reader.Tpo $(DEPDIR)/test_runner-test_bio_reader.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_bio_reader.c' object='test_runner-test_bio_reader.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_threading.obj: suites/test_threading.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_threading.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_threading.Tpo -c -o suites/tests-test_threading.obj `if test -f 'suites/test_threading.c'; then $(CYGPATH_W) 'suites/test_threading.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_threading.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_threading.Tpo suites/$(DEPDIR)/tests-test_threading.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_threading.c' object='suites/tests-test_threading.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_bio_reader.obj `if test -f 'test_bio_reader.c'; then $(CYGPATH_W) 'test_bio_reader.c'; else $(CYGPATH_W) '$(srcdir)/test_bio_reader.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_threading.obj `if test -f 'suites/test_threading.c'; then $(CYGPATH_W) 'suites/test_threading.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_threading.c'; fi`
-test_runner-test_bio_writer.o: test_bio_writer.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_bio_writer.o -MD -MP -MF $(DEPDIR)/test_runner-test_bio_writer.Tpo -c -o test_runner-test_bio_writer.o `test -f 'test_bio_writer.c' || echo '$(srcdir)/'`test_bio_writer.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_bio_writer.Tpo $(DEPDIR)/test_runner-test_bio_writer.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_bio_writer.c' object='test_runner-test_bio_writer.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_watcher.o: suites/test_watcher.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_watcher.o -MD -MP -MF suites/$(DEPDIR)/tests-test_watcher.Tpo -c -o suites/tests-test_watcher.o `test -f 'suites/test_watcher.c' || echo '$(srcdir)/'`suites/test_watcher.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_watcher.Tpo suites/$(DEPDIR)/tests-test_watcher.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_watcher.c' object='suites/tests-test_watcher.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_bio_writer.o `test -f 'test_bio_writer.c' || echo '$(srcdir)/'`test_bio_writer.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_watcher.o `test -f 'suites/test_watcher.c' || echo '$(srcdir)/'`suites/test_watcher.c
-test_runner-test_bio_writer.obj: test_bio_writer.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_bio_writer.obj -MD -MP -MF $(DEPDIR)/test_runner-test_bio_writer.Tpo -c -o test_runner-test_bio_writer.obj `if test -f 'test_bio_writer.c'; then $(CYGPATH_W) 'test_bio_writer.c'; else $(CYGPATH_W) '$(srcdir)/test_bio_writer.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_bio_writer.Tpo $(DEPDIR)/test_runner-test_bio_writer.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_bio_writer.c' object='test_runner-test_bio_writer.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_watcher.obj: suites/test_watcher.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_watcher.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_watcher.Tpo -c -o suites/tests-test_watcher.obj `if test -f 'suites/test_watcher.c'; then $(CYGPATH_W) 'suites/test_watcher.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_watcher.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_watcher.Tpo suites/$(DEPDIR)/tests-test_watcher.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_watcher.c' object='suites/tests-test_watcher.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_bio_writer.obj `if test -f 'test_bio_writer.c'; then $(CYGPATH_W) 'test_bio_writer.c'; else $(CYGPATH_W) '$(srcdir)/test_bio_writer.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_watcher.obj `if test -f 'suites/test_watcher.c'; then $(CYGPATH_W) 'suites/test_watcher.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_watcher.c'; fi`
-test_runner-test_chunk.o: test_chunk.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_chunk.o -MD -MP -MF $(DEPDIR)/test_runner-test_chunk.Tpo -c -o test_runner-test_chunk.o `test -f 'test_chunk.c' || echo '$(srcdir)/'`test_chunk.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_chunk.Tpo $(DEPDIR)/test_runner-test_chunk.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_chunk.c' object='test_runner-test_chunk.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_stream.o: suites/test_stream.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_stream.o -MD -MP -MF suites/$(DEPDIR)/tests-test_stream.Tpo -c -o suites/tests-test_stream.o `test -f 'suites/test_stream.c' || echo '$(srcdir)/'`suites/test_stream.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_stream.Tpo suites/$(DEPDIR)/tests-test_stream.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_stream.c' object='suites/tests-test_stream.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_chunk.o `test -f 'test_chunk.c' || echo '$(srcdir)/'`test_chunk.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_stream.o `test -f 'suites/test_stream.c' || echo '$(srcdir)/'`suites/test_stream.c
-test_runner-test_chunk.obj: test_chunk.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_chunk.obj -MD -MP -MF $(DEPDIR)/test_runner-test_chunk.Tpo -c -o test_runner-test_chunk.obj `if test -f 'test_chunk.c'; then $(CYGPATH_W) 'test_chunk.c'; else $(CYGPATH_W) '$(srcdir)/test_chunk.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_chunk.Tpo $(DEPDIR)/test_runner-test_chunk.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_chunk.c' object='test_runner-test_chunk.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_stream.obj: suites/test_stream.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_stream.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_stream.Tpo -c -o suites/tests-test_stream.obj `if test -f 'suites/test_stream.c'; then $(CYGPATH_W) 'suites/test_stream.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_stream.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_stream.Tpo suites/$(DEPDIR)/tests-test_stream.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_stream.c' object='suites/tests-test_stream.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_chunk.obj `if test -f 'test_chunk.c'; then $(CYGPATH_W) 'test_chunk.c'; else $(CYGPATH_W) '$(srcdir)/test_chunk.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_stream.obj `if test -f 'suites/test_stream.c'; then $(CYGPATH_W) 'suites/test_stream.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_stream.c'; fi`
-test_runner-test_enum.o: test_enum.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_enum.o -MD -MP -MF $(DEPDIR)/test_runner-test_enum.Tpo -c -o test_runner-test_enum.o `test -f 'test_enum.c' || echo '$(srcdir)/'`test_enum.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_enum.Tpo $(DEPDIR)/test_runner-test_enum.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_enum.c' object='test_runner-test_enum.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_fetch_http.o: suites/test_fetch_http.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_fetch_http.o -MD -MP -MF suites/$(DEPDIR)/tests-test_fetch_http.Tpo -c -o suites/tests-test_fetch_http.o `test -f 'suites/test_fetch_http.c' || echo '$(srcdir)/'`suites/test_fetch_http.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_fetch_http.Tpo suites/$(DEPDIR)/tests-test_fetch_http.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_fetch_http.c' object='suites/tests-test_fetch_http.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_enum.o `test -f 'test_enum.c' || echo '$(srcdir)/'`test_enum.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_fetch_http.o `test -f 'suites/test_fetch_http.c' || echo '$(srcdir)/'`suites/test_fetch_http.c
-test_runner-test_enum.obj: test_enum.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_enum.obj -MD -MP -MF $(DEPDIR)/test_runner-test_enum.Tpo -c -o test_runner-test_enum.obj `if test -f 'test_enum.c'; then $(CYGPATH_W) 'test_enum.c'; else $(CYGPATH_W) '$(srcdir)/test_enum.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_enum.Tpo $(DEPDIR)/test_runner-test_enum.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_enum.c' object='test_runner-test_enum.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_fetch_http.obj: suites/test_fetch_http.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_fetch_http.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_fetch_http.Tpo -c -o suites/tests-test_fetch_http.obj `if test -f 'suites/test_fetch_http.c'; then $(CYGPATH_W) 'suites/test_fetch_http.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_fetch_http.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_fetch_http.Tpo suites/$(DEPDIR)/tests-test_fetch_http.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_fetch_http.c' object='suites/tests-test_fetch_http.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_enum.obj `if test -f 'test_enum.c'; then $(CYGPATH_W) 'test_enum.c'; else $(CYGPATH_W) '$(srcdir)/test_enum.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_fetch_http.obj `if test -f 'suites/test_fetch_http.c'; then $(CYGPATH_W) 'suites/test_fetch_http.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_fetch_http.c'; fi`
-test_runner-test_hashtable.o: test_hashtable.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_hashtable.o -MD -MP -MF $(DEPDIR)/test_runner-test_hashtable.Tpo -c -o test_runner-test_hashtable.o `test -f 'test_hashtable.c' || echo '$(srcdir)/'`test_hashtable.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_hashtable.Tpo $(DEPDIR)/test_runner-test_hashtable.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_hashtable.c' object='test_runner-test_hashtable.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_utils.o: suites/test_utils.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_utils.o -MD -MP -MF suites/$(DEPDIR)/tests-test_utils.Tpo -c -o suites/tests-test_utils.o `test -f 'suites/test_utils.c' || echo '$(srcdir)/'`suites/test_utils.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_utils.Tpo suites/$(DEPDIR)/tests-test_utils.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_utils.c' object='suites/tests-test_utils.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_hashtable.o `test -f 'test_hashtable.c' || echo '$(srcdir)/'`test_hashtable.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_utils.o `test -f 'suites/test_utils.c' || echo '$(srcdir)/'`suites/test_utils.c
-test_runner-test_hashtable.obj: test_hashtable.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_hashtable.obj -MD -MP -MF $(DEPDIR)/test_runner-test_hashtable.Tpo -c -o test_runner-test_hashtable.obj `if test -f 'test_hashtable.c'; then $(CYGPATH_W) 'test_hashtable.c'; else $(CYGPATH_W) '$(srcdir)/test_hashtable.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_hashtable.Tpo $(DEPDIR)/test_runner-test_hashtable.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_hashtable.c' object='test_runner-test_hashtable.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_utils.obj: suites/test_utils.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_utils.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_utils.Tpo -c -o suites/tests-test_utils.obj `if test -f 'suites/test_utils.c'; then $(CYGPATH_W) 'suites/test_utils.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_utils.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_utils.Tpo suites/$(DEPDIR)/tests-test_utils.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_utils.c' object='suites/tests-test_utils.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_hashtable.obj `if test -f 'test_hashtable.c'; then $(CYGPATH_W) 'test_hashtable.c'; else $(CYGPATH_W) '$(srcdir)/test_hashtable.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_utils.obj `if test -f 'suites/test_utils.c'; then $(CYGPATH_W) 'suites/test_utils.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_utils.c'; fi`
-test_runner-test_identification.o: test_identification.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_identification.o -MD -MP -MF $(DEPDIR)/test_runner-test_identification.Tpo -c -o test_runner-test_identification.o `test -f 'test_identification.c' || echo '$(srcdir)/'`test_identification.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_identification.Tpo $(DEPDIR)/test_runner-test_identification.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_identification.c' object='test_runner-test_identification.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_settings.o: suites/test_settings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_settings.o -MD -MP -MF suites/$(DEPDIR)/tests-test_settings.Tpo -c -o suites/tests-test_settings.o `test -f 'suites/test_settings.c' || echo '$(srcdir)/'`suites/test_settings.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_settings.Tpo suites/$(DEPDIR)/tests-test_settings.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_settings.c' object='suites/tests-test_settings.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_identification.o `test -f 'test_identification.c' || echo '$(srcdir)/'`test_identification.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_settings.o `test -f 'suites/test_settings.c' || echo '$(srcdir)/'`suites/test_settings.c
-test_runner-test_identification.obj: test_identification.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_identification.obj -MD -MP -MF $(DEPDIR)/test_runner-test_identification.Tpo -c -o test_runner-test_identification.obj `if test -f 'test_identification.c'; then $(CYGPATH_W) 'test_identification.c'; else $(CYGPATH_W) '$(srcdir)/test_identification.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_identification.Tpo $(DEPDIR)/test_runner-test_identification.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_identification.c' object='test_runner-test_identification.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_settings.obj: suites/test_settings.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_settings.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_settings.Tpo -c -o suites/tests-test_settings.obj `if test -f 'suites/test_settings.c'; then $(CYGPATH_W) 'suites/test_settings.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_settings.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_settings.Tpo suites/$(DEPDIR)/tests-test_settings.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_settings.c' object='suites/tests-test_settings.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_identification.obj `if test -f 'test_identification.c'; then $(CYGPATH_W) 'test_identification.c'; else $(CYGPATH_W) '$(srcdir)/test_identification.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_settings.obj `if test -f 'suites/test_settings.c'; then $(CYGPATH_W) 'suites/test_settings.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_settings.c'; fi`
-test_runner-test_threading.o: test_threading.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_threading.o -MD -MP -MF $(DEPDIR)/test_runner-test_threading.Tpo -c -o test_runner-test_threading.o `test -f 'test_threading.c' || echo '$(srcdir)/'`test_threading.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_threading.Tpo $(DEPDIR)/test_runner-test_threading.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_threading.c' object='test_runner-test_threading.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_vectors.o: suites/test_vectors.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_vectors.o -MD -MP -MF suites/$(DEPDIR)/tests-test_vectors.Tpo -c -o suites/tests-test_vectors.o `test -f 'suites/test_vectors.c' || echo '$(srcdir)/'`suites/test_vectors.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_vectors.Tpo suites/$(DEPDIR)/tests-test_vectors.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_vectors.c' object='suites/tests-test_vectors.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_threading.o `test -f 'test_threading.c' || echo '$(srcdir)/'`test_threading.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_vectors.o `test -f 'suites/test_vectors.c' || echo '$(srcdir)/'`suites/test_vectors.c
-test_runner-test_threading.obj: test_threading.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_threading.obj -MD -MP -MF $(DEPDIR)/test_runner-test_threading.Tpo -c -o test_runner-test_threading.obj `if test -f 'test_threading.c'; then $(CYGPATH_W) 'test_threading.c'; else $(CYGPATH_W) '$(srcdir)/test_threading.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_threading.Tpo $(DEPDIR)/test_runner-test_threading.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_threading.c' object='test_runner-test_threading.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_vectors.obj: suites/test_vectors.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_vectors.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_vectors.Tpo -c -o suites/tests-test_vectors.obj `if test -f 'suites/test_vectors.c'; then $(CYGPATH_W) 'suites/test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_vectors.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_vectors.Tpo suites/$(DEPDIR)/tests-test_vectors.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_vectors.c' object='suites/tests-test_vectors.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_threading.obj `if test -f 'test_threading.c'; then $(CYGPATH_W) 'test_threading.c'; else $(CYGPATH_W) '$(srcdir)/test_threading.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_vectors.obj `if test -f 'suites/test_vectors.c'; then $(CYGPATH_W) 'suites/test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_vectors.c'; fi`
-test_runner-test_utils.o: test_utils.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_utils.o -MD -MP -MF $(DEPDIR)/test_runner-test_utils.Tpo -c -o test_runner-test_utils.o `test -f 'test_utils.c' || echo '$(srcdir)/'`test_utils.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_utils.Tpo $(DEPDIR)/test_runner-test_utils.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_utils.c' object='test_runner-test_utils.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_array.o: suites/test_array.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_array.o -MD -MP -MF suites/$(DEPDIR)/tests-test_array.Tpo -c -o suites/tests-test_array.o `test -f 'suites/test_array.c' || echo '$(srcdir)/'`suites/test_array.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_array.Tpo suites/$(DEPDIR)/tests-test_array.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_array.c' object='suites/tests-test_array.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_utils.o `test -f 'test_utils.c' || echo '$(srcdir)/'`test_utils.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_array.o `test -f 'suites/test_array.c' || echo '$(srcdir)/'`suites/test_array.c
-test_runner-test_utils.obj: test_utils.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_utils.obj -MD -MP -MF $(DEPDIR)/test_runner-test_utils.Tpo -c -o test_runner-test_utils.obj `if test -f 'test_utils.c'; then $(CYGPATH_W) 'test_utils.c'; else $(CYGPATH_W) '$(srcdir)/test_utils.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_utils.Tpo $(DEPDIR)/test_runner-test_utils.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_utils.c' object='test_runner-test_utils.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_array.obj: suites/test_array.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_array.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_array.Tpo -c -o suites/tests-test_array.obj `if test -f 'suites/test_array.c'; then $(CYGPATH_W) 'suites/test_array.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_array.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_array.Tpo suites/$(DEPDIR)/tests-test_array.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_array.c' object='suites/tests-test_array.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_utils.obj `if test -f 'test_utils.c'; then $(CYGPATH_W) 'test_utils.c'; else $(CYGPATH_W) '$(srcdir)/test_utils.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_array.obj `if test -f 'suites/test_array.c'; then $(CYGPATH_W) 'suites/test_array.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_array.c'; fi`
-test_runner-test_vectors.o: test_vectors.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_vectors.o -MD -MP -MF $(DEPDIR)/test_runner-test_vectors.Tpo -c -o test_runner-test_vectors.o `test -f 'test_vectors.c' || echo '$(srcdir)/'`test_vectors.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_vectors.Tpo $(DEPDIR)/test_runner-test_vectors.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_vectors.c' object='test_runner-test_vectors.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_ecdsa.o: suites/test_ecdsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_ecdsa.o -MD -MP -MF suites/$(DEPDIR)/tests-test_ecdsa.Tpo -c -o suites/tests-test_ecdsa.o `test -f 'suites/test_ecdsa.c' || echo '$(srcdir)/'`suites/test_ecdsa.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_ecdsa.Tpo suites/$(DEPDIR)/tests-test_ecdsa.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ecdsa.c' object='suites/tests-test_ecdsa.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_vectors.o `test -f 'test_vectors.c' || echo '$(srcdir)/'`test_vectors.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_ecdsa.o `test -f 'suites/test_ecdsa.c' || echo '$(srcdir)/'`suites/test_ecdsa.c
-test_runner-test_vectors.obj: test_vectors.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_vectors.obj -MD -MP -MF $(DEPDIR)/test_runner-test_vectors.Tpo -c -o test_runner-test_vectors.obj `if test -f 'test_vectors.c'; then $(CYGPATH_W) 'test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/test_vectors.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_vectors.Tpo $(DEPDIR)/test_runner-test_vectors.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_vectors.c' object='test_runner-test_vectors.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_ecdsa.obj: suites/test_ecdsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_ecdsa.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_ecdsa.Tpo -c -o suites/tests-test_ecdsa.obj `if test -f 'suites/test_ecdsa.c'; then $(CYGPATH_W) 'suites/test_ecdsa.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ecdsa.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_ecdsa.Tpo suites/$(DEPDIR)/tests-test_ecdsa.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ecdsa.c' object='suites/tests-test_ecdsa.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_vectors.obj `if test -f 'test_vectors.c'; then $(CYGPATH_W) 'test_vectors.c'; else $(CYGPATH_W) '$(srcdir)/test_vectors.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_ecdsa.obj `if test -f 'suites/test_ecdsa.c'; then $(CYGPATH_W) 'suites/test_ecdsa.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ecdsa.c'; fi`
-test_runner-test_array.o: test_array.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_array.o -MD -MP -MF $(DEPDIR)/test_runner-test_array.Tpo -c -o test_runner-test_array.o `test -f 'test_array.c' || echo '$(srcdir)/'`test_array.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_array.Tpo $(DEPDIR)/test_runner-test_array.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_array.c' object='test_runner-test_array.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_rsa.o: suites/test_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_rsa.o -MD -MP -MF suites/$(DEPDIR)/tests-test_rsa.Tpo -c -o suites/tests-test_rsa.o `test -f 'suites/test_rsa.c' || echo '$(srcdir)/'`suites/test_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_rsa.Tpo suites/$(DEPDIR)/tests-test_rsa.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_rsa.c' object='suites/tests-test_rsa.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_array.o `test -f 'test_array.c' || echo '$(srcdir)/'`test_array.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_rsa.o `test -f 'suites/test_rsa.c' || echo '$(srcdir)/'`suites/test_rsa.c
-test_runner-test_array.obj: test_array.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_array.obj -MD -MP -MF $(DEPDIR)/test_runner-test_array.Tpo -c -o test_runner-test_array.obj `if test -f 'test_array.c'; then $(CYGPATH_W) 'test_array.c'; else $(CYGPATH_W) '$(srcdir)/test_array.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_array.Tpo $(DEPDIR)/test_runner-test_array.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_array.c' object='test_runner-test_array.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_rsa.obj: suites/test_rsa.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_rsa.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_rsa.Tpo -c -o suites/tests-test_rsa.obj `if test -f 'suites/test_rsa.c'; then $(CYGPATH_W) 'suites/test_rsa.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_rsa.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_rsa.Tpo suites/$(DEPDIR)/tests-test_rsa.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_rsa.c' object='suites/tests-test_rsa.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_array.obj `if test -f 'test_array.c'; then $(CYGPATH_W) 'test_array.c'; else $(CYGPATH_W) '$(srcdir)/test_array.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_rsa.obj `if test -f 'suites/test_rsa.c'; then $(CYGPATH_W) 'suites/test_rsa.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_rsa.c'; fi`
-test_runner-test_ecdsa.o: test_ecdsa.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_ecdsa.o -MD -MP -MF $(DEPDIR)/test_runner-test_ecdsa.Tpo -c -o test_runner-test_ecdsa.o `test -f 'test_ecdsa.c' || echo '$(srcdir)/'`test_ecdsa.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_ecdsa.Tpo $(DEPDIR)/test_runner-test_ecdsa.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_ecdsa.c' object='test_runner-test_ecdsa.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_host.o: suites/test_host.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_host.o -MD -MP -MF suites/$(DEPDIR)/tests-test_host.Tpo -c -o suites/tests-test_host.o `test -f 'suites/test_host.c' || echo '$(srcdir)/'`suites/test_host.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_host.Tpo suites/$(DEPDIR)/tests-test_host.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_host.c' object='suites/tests-test_host.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_ecdsa.o `test -f 'test_ecdsa.c' || echo '$(srcdir)/'`test_ecdsa.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_host.o `test -f 'suites/test_host.c' || echo '$(srcdir)/'`suites/test_host.c
-test_runner-test_ecdsa.obj: test_ecdsa.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_ecdsa.obj -MD -MP -MF $(DEPDIR)/test_runner-test_ecdsa.Tpo -c -o test_runner-test_ecdsa.obj `if test -f 'test_ecdsa.c'; then $(CYGPATH_W) 'test_ecdsa.c'; else $(CYGPATH_W) '$(srcdir)/test_ecdsa.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_ecdsa.Tpo $(DEPDIR)/test_runner-test_ecdsa.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_ecdsa.c' object='test_runner-test_ecdsa.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_host.obj: suites/test_host.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_host.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_host.Tpo -c -o suites/tests-test_host.obj `if test -f 'suites/test_host.c'; then $(CYGPATH_W) 'suites/test_host.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_host.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_host.Tpo suites/$(DEPDIR)/tests-test_host.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_host.c' object='suites/tests-test_host.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_ecdsa.obj `if test -f 'test_ecdsa.c'; then $(CYGPATH_W) 'test_ecdsa.c'; else $(CYGPATH_W) '$(srcdir)/test_ecdsa.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_host.obj `if test -f 'suites/test_host.c'; then $(CYGPATH_W) 'suites/test_host.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_host.c'; fi`
-test_runner-test_rsa.o: test_rsa.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_rsa.o -MD -MP -MF $(DEPDIR)/test_runner-test_rsa.Tpo -c -o test_runner-test_rsa.o `test -f 'test_rsa.c' || echo '$(srcdir)/'`test_rsa.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_rsa.Tpo $(DEPDIR)/test_runner-test_rsa.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_rsa.c' object='test_runner-test_rsa.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_hasher.o: suites/test_hasher.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_hasher.o -MD -MP -MF suites/$(DEPDIR)/tests-test_hasher.Tpo -c -o suites/tests-test_hasher.o `test -f 'suites/test_hasher.c' || echo '$(srcdir)/'`suites/test_hasher.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_hasher.Tpo suites/$(DEPDIR)/tests-test_hasher.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_hasher.c' object='suites/tests-test_hasher.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_rsa.o `test -f 'test_rsa.c' || echo '$(srcdir)/'`test_rsa.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_hasher.o `test -f 'suites/test_hasher.c' || echo '$(srcdir)/'`suites/test_hasher.c
-test_runner-test_rsa.obj: test_rsa.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_rsa.obj -MD -MP -MF $(DEPDIR)/test_runner-test_rsa.Tpo -c -o test_runner-test_rsa.obj `if test -f 'test_rsa.c'; then $(CYGPATH_W) 'test_rsa.c'; else $(CYGPATH_W) '$(srcdir)/test_rsa.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_rsa.Tpo $(DEPDIR)/test_runner-test_rsa.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_rsa.c' object='test_runner-test_rsa.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_hasher.obj: suites/test_hasher.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_hasher.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_hasher.Tpo -c -o suites/tests-test_hasher.obj `if test -f 'suites/test_hasher.c'; then $(CYGPATH_W) 'suites/test_hasher.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_hasher.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_hasher.Tpo suites/$(DEPDIR)/tests-test_hasher.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_hasher.c' object='suites/tests-test_hasher.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_rsa.obj `if test -f 'test_rsa.c'; then $(CYGPATH_W) 'test_rsa.c'; else $(CYGPATH_W) '$(srcdir)/test_rsa.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_hasher.obj `if test -f 'suites/test_hasher.c'; then $(CYGPATH_W) 'suites/test_hasher.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_hasher.c'; fi`
-test_runner-test_host.o: test_host.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_host.o -MD -MP -MF $(DEPDIR)/test_runner-test_host.Tpo -c -o test_runner-test_host.o `test -f 'test_host.c' || echo '$(srcdir)/'`test_host.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_host.Tpo $(DEPDIR)/test_runner-test_host.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_host.c' object='test_runner-test_host.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_crypter.o: suites/test_crypter.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_crypter.o -MD -MP -MF suites/$(DEPDIR)/tests-test_crypter.Tpo -c -o suites/tests-test_crypter.o `test -f 'suites/test_crypter.c' || echo '$(srcdir)/'`suites/test_crypter.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_crypter.Tpo suites/$(DEPDIR)/tests-test_crypter.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_crypter.c' object='suites/tests-test_crypter.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_host.o `test -f 'test_host.c' || echo '$(srcdir)/'`test_host.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_crypter.o `test -f 'suites/test_crypter.c' || echo '$(srcdir)/'`suites/test_crypter.c
-test_runner-test_host.obj: test_host.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_host.obj -MD -MP -MF $(DEPDIR)/test_runner-test_host.Tpo -c -o test_runner-test_host.obj `if test -f 'test_host.c'; then $(CYGPATH_W) 'test_host.c'; else $(CYGPATH_W) '$(srcdir)/test_host.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_host.Tpo $(DEPDIR)/test_runner-test_host.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_host.c' object='test_runner-test_host.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_crypter.obj: suites/test_crypter.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_crypter.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_crypter.Tpo -c -o suites/tests-test_crypter.obj `if test -f 'suites/test_crypter.c'; then $(CYGPATH_W) 'suites/test_crypter.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_crypter.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_crypter.Tpo suites/$(DEPDIR)/tests-test_crypter.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_crypter.c' object='suites/tests-test_crypter.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_host.obj `if test -f 'test_host.c'; then $(CYGPATH_W) 'test_host.c'; else $(CYGPATH_W) '$(srcdir)/test_host.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_crypter.obj `if test -f 'suites/test_crypter.c'; then $(CYGPATH_W) 'suites/test_crypter.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_crypter.c'; fi`
-test_runner-test_printf.o: test_printf.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_printf.o -MD -MP -MF $(DEPDIR)/test_runner-test_printf.Tpo -c -o test_runner-test_printf.o `test -f 'test_printf.c' || echo '$(srcdir)/'`test_printf.c
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_printf.Tpo $(DEPDIR)/test_runner-test_printf.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_printf.c' object='test_runner-test_printf.o' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_pen.o: suites/test_pen.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_pen.o -MD -MP -MF suites/$(DEPDIR)/tests-test_pen.Tpo -c -o suites/tests-test_pen.o `test -f 'suites/test_pen.c' || echo '$(srcdir)/'`suites/test_pen.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_pen.Tpo suites/$(DEPDIR)/tests-test_pen.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_pen.c' object='suites/tests-test_pen.o' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_printf.o `test -f 'test_printf.c' || echo '$(srcdir)/'`test_printf.c
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_pen.o `test -f 'suites/test_pen.c' || echo '$(srcdir)/'`suites/test_pen.c
-test_runner-test_printf.obj: test_printf.c
-@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -MT test_runner-test_printf.obj -MD -MP -MF $(DEPDIR)/test_runner-test_printf.Tpo -c -o test_runner-test_printf.obj `if test -f 'test_printf.c'; then $(CYGPATH_W) 'test_printf.c'; else $(CYGPATH_W) '$(srcdir)/test_printf.c'; fi`
-@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/test_runner-test_printf.Tpo $(DEPDIR)/test_runner-test_printf.Po
-@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='test_printf.c' object='test_runner-test_printf.obj' libtool=no @AMDEPBACKSLASH@
+suites/tests-test_pen.obj: suites/test_pen.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_pen.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_pen.Tpo -c -o suites/tests-test_pen.obj `if test -f 'suites/test_pen.c'; then $(CYGPATH_W) 'suites/test_pen.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_pen.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_pen.Tpo suites/$(DEPDIR)/tests-test_pen.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_pen.c' object='suites/tests-test_pen.obj' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(test_runner_CFLAGS) $(CFLAGS) -c -o test_runner-test_printf.obj `if test -f 'test_printf.c'; then $(CYGPATH_W) 'test_printf.c'; else $(CYGPATH_W) '$(srcdir)/test_printf.c'; fi`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_pen.obj `if test -f 'suites/test_pen.c'; then $(CYGPATH_W) 'suites/test_pen.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_pen.c'; fi`
+
+suites/tests-test_asn1.o: suites/test_asn1.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_asn1.o -MD -MP -MF suites/$(DEPDIR)/tests-test_asn1.Tpo -c -o suites/tests-test_asn1.o `test -f 'suites/test_asn1.c' || echo '$(srcdir)/'`suites/test_asn1.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_asn1.Tpo suites/$(DEPDIR)/tests-test_asn1.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_asn1.c' object='suites/tests-test_asn1.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_asn1.o `test -f 'suites/test_asn1.c' || echo '$(srcdir)/'`suites/test_asn1.c
+
+suites/tests-test_asn1.obj: suites/test_asn1.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_asn1.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_asn1.Tpo -c -o suites/tests-test_asn1.obj `if test -f 'suites/test_asn1.c'; then $(CYGPATH_W) 'suites/test_asn1.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_asn1.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_asn1.Tpo suites/$(DEPDIR)/tests-test_asn1.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_asn1.c' object='suites/tests-test_asn1.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_asn1.obj `if test -f 'suites/test_asn1.c'; then $(CYGPATH_W) 'suites/test_asn1.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_asn1.c'; fi`
+
+suites/tests-test_asn1_parser.o: suites/test_asn1_parser.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_asn1_parser.o -MD -MP -MF suites/$(DEPDIR)/tests-test_asn1_parser.Tpo -c -o suites/tests-test_asn1_parser.o `test -f 'suites/test_asn1_parser.c' || echo '$(srcdir)/'`suites/test_asn1_parser.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_asn1_parser.Tpo suites/$(DEPDIR)/tests-test_asn1_parser.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_asn1_parser.c' object='suites/tests-test_asn1_parser.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_asn1_parser.o `test -f 'suites/test_asn1_parser.c' || echo '$(srcdir)/'`suites/test_asn1_parser.c
+
+suites/tests-test_asn1_parser.obj: suites/test_asn1_parser.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_asn1_parser.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_asn1_parser.Tpo -c -o suites/tests-test_asn1_parser.obj `if test -f 'suites/test_asn1_parser.c'; then $(CYGPATH_W) 'suites/test_asn1_parser.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_asn1_parser.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_asn1_parser.Tpo suites/$(DEPDIR)/tests-test_asn1_parser.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_asn1_parser.c' object='suites/tests-test_asn1_parser.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_asn1_parser.obj `if test -f 'suites/test_asn1_parser.c'; then $(CYGPATH_W) 'suites/test_asn1_parser.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_asn1_parser.c'; fi`
+
+suites/tests-test_printf.o: suites/test_printf.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_printf.o -MD -MP -MF suites/$(DEPDIR)/tests-test_printf.Tpo -c -o suites/tests-test_printf.o `test -f 'suites/test_printf.c' || echo '$(srcdir)/'`suites/test_printf.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_printf.Tpo suites/$(DEPDIR)/tests-test_printf.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_printf.c' object='suites/tests-test_printf.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_printf.o `test -f 'suites/test_printf.c' || echo '$(srcdir)/'`suites/test_printf.c
+
+suites/tests-test_printf.obj: suites/test_printf.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_printf.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_printf.Tpo -c -o suites/tests-test_printf.obj `if test -f 'suites/test_printf.c'; then $(CYGPATH_W) 'suites/test_printf.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_printf.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_printf.Tpo suites/$(DEPDIR)/tests-test_printf.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_printf.c' object='suites/tests-test_printf.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_printf.obj `if test -f 'suites/test_printf.c'; then $(CYGPATH_W) 'suites/test_printf.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_printf.c'; fi`
+
+suites/tests-test_test_rng.o: suites/test_test_rng.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_test_rng.o -MD -MP -MF suites/$(DEPDIR)/tests-test_test_rng.Tpo -c -o suites/tests-test_test_rng.o `test -f 'suites/test_test_rng.c' || echo '$(srcdir)/'`suites/test_test_rng.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_test_rng.Tpo suites/$(DEPDIR)/tests-test_test_rng.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_test_rng.c' object='suites/tests-test_test_rng.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_test_rng.o `test -f 'suites/test_test_rng.c' || echo '$(srcdir)/'`suites/test_test_rng.c
+
+suites/tests-test_test_rng.obj: suites/test_test_rng.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_test_rng.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_test_rng.Tpo -c -o suites/tests-test_test_rng.obj `if test -f 'suites/test_test_rng.c'; then $(CYGPATH_W) 'suites/test_test_rng.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_test_rng.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_test_rng.Tpo suites/$(DEPDIR)/tests-test_test_rng.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_test_rng.c' object='suites/tests-test_test_rng.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_test_rng.obj `if test -f 'suites/test_test_rng.c'; then $(CYGPATH_W) 'suites/test_test_rng.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_test_rng.c'; fi`
+
+suites/tests-test_ntru.o: suites/test_ntru.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_ntru.o -MD -MP -MF suites/$(DEPDIR)/tests-test_ntru.Tpo -c -o suites/tests-test_ntru.o `test -f 'suites/test_ntru.c' || echo '$(srcdir)/'`suites/test_ntru.c
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_ntru.Tpo suites/$(DEPDIR)/tests-test_ntru.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ntru.c' object='suites/tests-test_ntru.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_ntru.o `test -f 'suites/test_ntru.c' || echo '$(srcdir)/'`suites/test_ntru.c
+
+suites/tests-test_ntru.obj: suites/test_ntru.c
+@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -MT suites/tests-test_ntru.obj -MD -MP -MF suites/$(DEPDIR)/tests-test_ntru.Tpo -c -o suites/tests-test_ntru.obj `if test -f 'suites/test_ntru.c'; then $(CYGPATH_W) 'suites/test_ntru.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ntru.c'; fi`
+@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) suites/$(DEPDIR)/tests-test_ntru.Tpo suites/$(DEPDIR)/tests-test_ntru.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='suites/test_ntru.c' object='suites/tests-test_ntru.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_CFLAGS) $(CFLAGS) -c -o suites/tests-test_ntru.obj `if test -f 'suites/test_ntru.c'; then $(CYGPATH_W) 'suites/test_ntru.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ntru.c'; fi`
mostlyclean-libtool:
-rm -f *.lo
clean-libtool:
-rm -rf .libs _libs
+ -rm -rf utils/.libs utils/_libs
ID: $(am__tagged_files)
$(am__define_uniq_tagged_files); mkid -fID $$unique
@@ -1022,168 +1183,98 @@ cscopelist-am: $(am__tagged_files)
distclean-tags:
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
-# Recover from deleted '.trs' file; this should ensure that
-# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create
-# both 'foo.log' and 'foo.trs'. Break the recipe in two subshells
-# to avoid problems with "make -n".
-.log.trs:
- rm -f $< $@
- $(MAKE) $(AM_MAKEFLAGS) $<
-
-# Leading 'am--fnord' is there to ensure the list of targets does not
-# expand to empty, as could happen e.g. with make check TESTS=''.
-am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck)
-am--force-recheck:
- @:
-
-$(TEST_SUITE_LOG): $(TEST_LOGS)
- @$(am__set_TESTS_bases); \
- am__f_ok () { test -f "$$1" && test -r "$$1"; }; \
- redo_bases=`for i in $$bases; do \
- am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \
- done`; \
- if test -n "$$redo_bases"; then \
- redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \
- redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \
- if $(am__make_dryrun); then :; else \
- rm -f $$redo_logs && rm -f $$redo_results || exit 1; \
- fi; \
- fi; \
- if test -n "$$am__remaking_logs"; then \
- echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \
- "recursion detected" >&2; \
- else \
- am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \
- fi; \
- if $(am__make_dryrun); then :; else \
- st=0; \
- errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \
- for i in $$redo_bases; do \
- test -f $$i.trs && test -r $$i.trs \
- || { echo "$$errmsg $$i.trs" >&2; st=1; }; \
- test -f $$i.log && test -r $$i.log \
- || { echo "$$errmsg $$i.log" >&2; st=1; }; \
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; skip=0; \
+ srcdir=$(srcdir); export srcdir; \
+ list=' $(TESTS) '; \
+ $(am__tty_colors); \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst $(AM_TESTS_FD_REDIRECT); then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *[\ \ ]$$tst[\ \ ]*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ col=$$red; res=XPASS; \
+ ;; \
+ *) \
+ col=$$grn; res=PASS; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *[\ \ ]$$tst[\ \ ]*) \
+ xfail=`expr $$xfail + 1`; \
+ col=$$lgn; res=XFAIL; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ col=$$red; res=FAIL; \
+ ;; \
+ esac; \
+ else \
+ skip=`expr $$skip + 1`; \
+ col=$$blu; res=SKIP; \
+ fi; \
+ echo "$${col}$$res$${std}: $$tst"; \
done; \
- test $$st -eq 0 || exit 1; \
- fi
- @$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \
- ws='[ ]'; \
- results=`for b in $$bases; do echo $$b.trs; done`; \
- test -n "$$results" || results=/dev/null; \
- all=` grep "^$$ws*:test-result:" $$results | wc -l`; \
- pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \
- fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \
- skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \
- xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \
- xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \
- error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \
- if test `expr $$fail + $$xpass + $$error` -eq 0; then \
- success=true; \
- else \
- success=false; \
- fi; \
- br='==================='; br=$$br$$br$$br$$br; \
- result_count () \
- { \
- if test x"$$1" = x"--maybe-color"; then \
- maybe_colorize=yes; \
- elif test x"$$1" = x"--no-color"; then \
- maybe_colorize=no; \
+ if test "$$all" -eq 1; then \
+ tests="test"; \
+ All=""; \
+ else \
+ tests="tests"; \
+ All="All "; \
+ fi; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="$$All$$all $$tests passed"; \
else \
- echo "$@: invalid 'result_count' usage" >&2; exit 4; \
+ if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \
+ banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \
fi; \
- shift; \
- desc=$$1 count=$$2; \
- if test $$maybe_colorize = yes && test $$count -gt 0; then \
- color_start=$$3 color_end=$$std; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all $$tests failed"; \
+ else \
+ if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \
+ banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \
+ fi; \
+ fi; \
+ dashes="$$banner"; \
+ skipped=""; \
+ if test "$$skip" -ne 0; then \
+ if test "$$skip" -eq 1; then \
+ skipped="($$skip test was not run)"; \
else \
- color_start= color_end=; \
+ skipped="($$skip tests were not run)"; \
fi; \
- echo "$${color_start}# $$desc $$count$${color_end}"; \
- }; \
- create_testsuite_report () \
- { \
- result_count $$1 "TOTAL:" $$all "$$brg"; \
- result_count $$1 "PASS: " $$pass "$$grn"; \
- result_count $$1 "SKIP: " $$skip "$$blu"; \
- result_count $$1 "XFAIL:" $$xfail "$$lgn"; \
- result_count $$1 "FAIL: " $$fail "$$red"; \
- result_count $$1 "XPASS:" $$xpass "$$red"; \
- result_count $$1 "ERROR:" $$error "$$mgn"; \
- }; \
- { \
- echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \
- $(am__rst_title); \
- create_testsuite_report --no-color; \
- echo; \
- echo ".. contents:: :depth: 2"; \
- echo; \
- for b in $$bases; do echo $$b; done \
- | $(am__create_global_log); \
- } >$(TEST_SUITE_LOG).tmp || exit 1; \
- mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \
- if $$success; then \
- col="$$grn"; \
- else \
- col="$$red"; \
- test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \
- fi; \
- echo "$${col}$$br$${std}"; \
- echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \
- echo "$${col}$$br$${std}"; \
- create_testsuite_report --maybe-color; \
- echo "$$col$$br$$std"; \
- if $$success; then :; else \
- echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \
- if test -n "$(PACKAGE_BUGREPORT)"; then \
- echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \
- fi; \
- echo "$$col$$br$$std"; \
- fi; \
- $$success || exit 1
-
-check-TESTS:
- @list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list
- @list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list
- @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
- @set +e; $(am__set_TESTS_bases); \
- log_list=`for i in $$bases; do echo $$i.log; done`; \
- trs_list=`for i in $$bases; do echo $$i.trs; done`; \
- log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \
- $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \
- exit $$?;
-recheck: all $(check_PROGRAMS)
- @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
- @set +e; $(am__set_TESTS_bases); \
- bases=`for i in $$bases; do echo $$i; done \
- | $(am__list_recheck_tests)` || exit 1; \
- log_list=`for i in $$bases; do echo $$i.log; done`; \
- log_list=`echo $$log_list`; \
- $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \
- am__force_recheck=am--force-recheck \
- TEST_LOGS="$$log_list"; \
- exit $$?
-test_runner.log: test_runner$(EXEEXT)
- @p='test_runner$(EXEEXT)'; \
- b='test_runner'; \
- $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
- --log-file $$b.log --trs-file $$b.trs \
- $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
- "$$tst" $(AM_TESTS_FD_REDIRECT)
-.test.log:
- @p='$<'; \
- $(am__set_b); \
- $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
- --log-file $$b.log --trs-file $$b.trs \
- $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
- "$$tst" $(AM_TESTS_FD_REDIRECT)
-@am__EXEEXT_TRUE@.test$(EXEEXT).log:
-@am__EXEEXT_TRUE@ @p='$<'; \
-@am__EXEEXT_TRUE@ $(am__set_b); \
-@am__EXEEXT_TRUE@ $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \
-@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \
-@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
-@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
+ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$skipped"; \
+ fi; \
+ report=""; \
+ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \
+ report="Please report to $(PACKAGE_BUGREPORT)"; \
+ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \
+ dashes="$$report"; \
+ fi; \
+ dashes=`echo "$$dashes" | sed s/./=/g`; \
+ if test "$$failed" -eq 0; then \
+ col="$$grn"; \
+ else \
+ col="$$red"; \
+ fi; \
+ echo "$${col}$$dashes$${std}"; \
+ echo "$${col}$$banner$${std}"; \
+ test -z "$$skipped" || echo "$${col}$$skipped$${std}"; \
+ test -z "$$report" || echo "$${col}$$report$${std}"; \
+ echo "$${col}$$dashes$${std}"; \
+ test "$$failed" -eq 0; \
+ else :; fi
distdir: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
@@ -1216,7 +1307,7 @@ distdir: $(DISTFILES)
fi; \
done
check-am: all-am
- $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
+ $(MAKE) $(AM_MAKEFLAGS) $(check_LTLIBRARIES) $(check_PROGRAMS)
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
all-am: Makefile
@@ -1241,26 +1332,27 @@ install-strip:
"INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \
fi
mostlyclean-generic:
- -test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS)
- -test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs)
- -test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
clean-generic:
distclean-generic:
-test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
-test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
+ -rm -f suites/$(DEPDIR)/$(am__dirstamp)
+ -rm -f suites/$(am__dirstamp)
+ -rm -f utils/$(DEPDIR)/$(am__dirstamp)
+ -rm -f utils/$(am__dirstamp)
maintainer-clean-generic:
@echo "This command is intended for maintainers to use"
@echo "it deletes files that may require special tools to rebuild."
clean: clean-am
-clean-am: clean-checkPROGRAMS clean-generic clean-libtool \
- mostlyclean-am
+clean-am: clean-checkLTLIBRARIES clean-checkPROGRAMS clean-generic \
+ clean-libtool mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ./$(DEPDIR) suites/$(DEPDIR) utils/$(DEPDIR)
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -1306,7 +1398,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -rf ./$(DEPDIR) suites/$(DEPDIR) utils/$(DEPDIR)
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -1328,18 +1420,18 @@ uninstall-am:
.MAKE: check-am install-am install-strip
.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
- clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \
- ctags ctags-am distclean distclean-compile distclean-generic \
- distclean-libtool distclean-tags distdir dvi dvi-am html \
- html-am info info-am install install-am install-data \
- install-data-am install-dvi install-dvi-am install-exec \
- install-exec-am install-html install-html-am install-info \
- install-info-am install-man install-pdf install-pdf-am \
- install-ps install-ps-am install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- recheck tags tags-am uninstall uninstall-am
+ clean-checkLTLIBRARIES clean-checkPROGRAMS clean-generic \
+ clean-libtool cscopelist-am ctags ctags-am distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-pdf install-pdf-am install-ps install-ps-am \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/src/libstrongswan/tests/test_array.c b/src/libstrongswan/tests/suites/test_array.c
index 2220d5a2b..ba2aff460 100644
--- a/src/libstrongswan/tests/test_array.c
+++ b/src/libstrongswan/tests/suites/test_array.c
@@ -1,4 +1,7 @@
/*
+ * Copyright (C) 2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
* Copyright (C) 2013 Martin Willi
* Copyright (C) 2013 revosec AG
*
@@ -35,6 +38,14 @@ START_TEST(test_append_ptr)
/* 3, 4 */
+ ck_assert(array_get(array, ARRAY_HEAD, &x));
+ ck_assert_int_eq(x, 3);
+ ck_assert(array_get(array, 1, &x));
+ ck_assert_int_eq(x, 4);
+ ck_assert(array_get(array, ARRAY_TAIL, &x));
+ ck_assert_int_eq(x, 4);
+ ck_assert(!array_get(array, 3, &x));
+
array_insert(array, ARRAY_HEAD, (void*)(uintptr_t)1);
array_insert(array, 1, (void*)(uintptr_t)2);
ck_assert_int_eq(array_count(array), 4);
@@ -108,6 +119,14 @@ START_TEST(test_append_obj)
/* 3, 4 */
+ ck_assert(array_get(array, ARRAY_HEAD, &x));
+ ck_assert_int_eq(x, 3);
+ ck_assert(array_get(array, 1, &x));
+ ck_assert_int_eq(x, 4);
+ ck_assert(array_get(array, ARRAY_TAIL, &x));
+ ck_assert_int_eq(x, 4);
+ ck_assert(!array_get(array, 3, &x));
+
array_insert(array, ARRAY_HEAD, &y[1]);
array_insert(array, 1, &y[2]);
ck_assert_int_eq(array_count(array), 4);
@@ -258,6 +277,149 @@ START_TEST(test_enumerate)
}
END_TEST
+static int comp_obj(const void *a, const void *b, void *arg)
+{
+ ck_assert_str_eq(arg, "arg");
+ return *(int*)a - *(int*)b;
+}
+
+START_TEST(test_sort_obj)
+{
+ array_t *array;
+ int x[][3] = {
+ {1, 2, 3},
+ {1, 3, 2},
+ {2, 1, 3},
+ {2, 3, 1},
+ {3, 1, 2},
+ {3, 2, 1},
+ };
+ char *arg = "arg";
+ int i, v;
+
+ for (i = 0; i < countof(x); i++)
+ {
+ array = array_create(sizeof(x[i][0]), 0);
+ array_insert(array, ARRAY_TAIL, &x[i][0]);
+ array_insert(array, ARRAY_TAIL, &x[i][1]);
+ array_insert(array, ARRAY_TAIL, &x[i][2]);
+
+ array_sort(array, comp_obj, arg);
+
+ ck_assert(array_get(array, 0, &v));
+ ck_assert_int_eq(v, 1);
+ ck_assert(array_get(array, 1, &v));
+ ck_assert_int_eq(v, 2);
+ ck_assert(array_get(array, 2, &v));
+ ck_assert_int_eq(v, 3);
+
+ array_destroy(array);
+ }
+}
+END_TEST
+
+static int comp_ptr(const void *a, const void *b, void *arg)
+{
+ ck_assert_str_eq(arg, "arg");
+ return strcmp(a, b);
+}
+
+START_TEST(test_sort_ptr)
+{
+ array_t *array;
+ char *x[][3] = {
+ {"a", "b", "c"},
+ {"a", "c", "b"},
+ {"b", "a", "c"},
+ {"b", "c", "a"},
+ {"c", "a", "b"},
+ {"c", "b", "a"},
+ };
+ char *v, *arg = "arg";
+ int i;
+
+ for (i = 0; i < countof(x); i++)
+ {
+ array = array_create(0, 0);
+ array_insert(array, ARRAY_TAIL, x[i][0]);
+ array_insert(array, ARRAY_TAIL, x[i][1]);
+ array_insert(array, ARRAY_TAIL, x[i][2]);
+
+ array_sort(array, comp_ptr, arg);
+
+ ck_assert(array_get(array, 0, &v));
+ ck_assert_str_eq(v, "a");
+ ck_assert(array_get(array, 1, &v));
+ ck_assert_str_eq(v, "b");
+ ck_assert(array_get(array, 2, &v));
+ ck_assert_str_eq(v, "c");
+
+ array_destroy(array);
+ }
+}
+END_TEST
+
+static int comp_search_obj(const void *a, const void *b)
+{
+ return *(int*)a - *(int*)b;
+}
+
+START_TEST(test_bsearch_obj)
+{
+ array_t *array;
+ int x[] = { 3, 2, 1 };
+ int k, v;
+
+ array = array_create(sizeof(x[0]), 0);
+ array_insert(array, ARRAY_TAIL, &x[0]);
+ array_insert(array, ARRAY_TAIL, &x[1]);
+ array_insert(array, ARRAY_TAIL, &x[2]);
+
+ array_sort(array, (void*)comp_search_obj, NULL);
+
+ k = 0;
+ ck_assert_int_eq(array_bsearch(array, &k, comp_search_obj, &v), -1);
+ for (k = 1; k < 4; k++)
+ {
+ ck_assert_int_eq(array_bsearch(array, &k, comp_search_obj, &v), k-1);
+ ck_assert_int_eq(v, k);
+ }
+ k = 4;
+ ck_assert_int_eq(array_bsearch(array, &k, comp_search_obj, &v), -1);
+ array_destroy(array);
+}
+END_TEST
+
+static int comp_search_ptr(const void *a, const void *b)
+{
+ return strcmp(a, b);
+}
+
+START_TEST(test_bsearch_ptr)
+{
+ array_t *array;
+ char *x[] = {"c", "b", "a"};
+ char *v;
+
+ array = array_create(0, 0);
+ array_insert(array, ARRAY_TAIL, x[0]);
+ array_insert(array, ARRAY_TAIL, x[1]);
+ array_insert(array, ARRAY_TAIL, x[2]);
+
+ array_sort(array, (void*)comp_search_ptr, NULL);
+
+ ck_assert_int_eq(array_bsearch(array, "abc", comp_search_ptr, &v), -1);
+ ck_assert_int_eq(array_bsearch(array, "a", comp_search_ptr, &v), 0);
+ ck_assert_str_eq(v, "a");
+ ck_assert_int_eq(array_bsearch(array, "b", comp_search_ptr, &v), 1);
+ ck_assert_str_eq(v, "b");
+ ck_assert_int_eq(array_bsearch(array, "c", comp_search_ptr, &v), 2);
+ ck_assert_str_eq(v, "c");
+
+ array_destroy(array);
+}
+END_TEST
+
static void invoke(void *data, int idx, void *user)
{
int *y = user, *x = data;
@@ -336,11 +498,11 @@ Suite *array_suite_create()
s = suite_create("array");
- tc = tcase_create("add/remove ptr");
+ tc = tcase_create("add/get/remove ptr");
tcase_add_test(tc, test_append_ptr);
suite_add_tcase(s, tc);
- tc = tcase_create("add/remove obj");
+ tc = tcase_create("add/get/remove obj");
tcase_add_test(tc, test_append_obj);
suite_add_tcase(s, tc);
@@ -348,6 +510,16 @@ Suite *array_suite_create()
tcase_add_test(tc, test_enumerate);
suite_add_tcase(s, tc);
+ tc = tcase_create("sort");
+ tcase_add_test(tc, test_sort_obj);
+ tcase_add_test(tc, test_sort_ptr);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("bsearch");
+ tcase_add_test(tc, test_bsearch_obj);
+ tcase_add_test(tc, test_bsearch_ptr);
+ suite_add_tcase(s, tc);
+
tc = tcase_create("invoke");
tcase_add_test(tc, test_invoke);
suite_add_tcase(s, tc);
diff --git a/src/libstrongswan/tests/suites/test_asn1.c b/src/libstrongswan/tests/suites/test_asn1.c
new file mode 100644
index 000000000..d0cd7e6e4
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_asn1.c
@@ -0,0 +1,869 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "test_suite.h"
+
+#include <asn1/asn1.h>
+#include <asn1/oid.h>
+#include <utils/chunk.h>
+
+/*******************************************************************************
+ * algorithm_identifier
+ */
+
+START_TEST(test_asn1_algorithmIdentifier)
+{
+ typedef struct {
+ int n;
+ chunk_t algid;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { OID_ECDSA_WITH_SHA1, chunk_from_chars(0x30, 0x09, 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01) },
+ { OID_SHA1_WITH_RSA, chunk_from_chars(0x30, 0x0d, 0x06, 0x09,
+ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00) },
+ };
+
+ chunk_t algid;
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ algid = asn1_algorithmIdentifier(test[i].n);
+ ck_assert(chunk_equals(algid, test[i].algid));
+ free(algid.ptr);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * parse_algorithm_identifier
+ */
+
+START_TEST(test_asn1_parse_algorithmIdentifier)
+{
+ typedef struct {
+ int alg;
+ bool empty;
+ chunk_t parameters;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { OID_ECDSA_WITH_SHA1, TRUE, chunk_empty },
+ { OID_SHA1_WITH_RSA, TRUE, chunk_from_chars(0x05, 0x00) },
+ { OID_3DES_EDE_CBC, FALSE, chunk_from_chars(0x04, 0x01, 0xaa) },
+ { OID_PBKDF2, FALSE, chunk_from_chars(0x30, 0x01, 0xaa) }
+ };
+
+ chunk_t algid, parameters;
+ int i, alg;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ algid = asn1_wrap(ASN1_SEQUENCE, "mc",
+ asn1_build_known_oid(test[i].alg), test[i].parameters);
+ parameters = chunk_empty;
+ if (i == 2)
+ {
+ alg = asn1_parse_algorithmIdentifier(algid, 0, NULL);
+ }
+ else
+ {
+ alg = asn1_parse_algorithmIdentifier(algid, 0, &parameters);
+ if (test[i].empty)
+ {
+ ck_assert(parameters.len == 0 && parameters.ptr == NULL);
+ }
+ else
+ {
+ ck_assert(chunk_equals(parameters, test[i].parameters));
+ }
+ }
+ ck_assert(alg == test[i].alg);
+ chunk_free(&algid);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * known_oid
+ */
+
+START_TEST(test_asn1_known_oid)
+{
+ typedef struct {
+ int n;
+ chunk_t oid;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { OID_UNKNOWN, chunk_empty },
+ { OID_UNKNOWN, chunk_from_chars(0x55, 0x04, 0x02) },
+ { OID_COUNTRY, chunk_from_chars(0x55, 0x04, 0x06) },
+ { OID_STRONGSWAN, chunk_from_chars(0x2b, 0x06, 0x01, 0x04, 0x01,
+ 0x82, 0xa0, 0x2a, 0x01) }
+ };
+
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ ck_assert(asn1_known_oid(test[i].oid) == test[i].n);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * build_known_oid
+ */
+
+START_TEST(test_asn1_build_known_oid)
+{
+ typedef struct {
+ int n;
+ chunk_t oid;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { OID_UNKNOWN, chunk_empty },
+ { OID_MAX, chunk_empty },
+ { OID_COUNTRY, chunk_from_chars(0x06, 0x03, 0x55, 0x04, 0x06) },
+ { OID_STRONGSWAN, chunk_from_chars(0x06, 0x09, 0x2b, 0x06, 0x01, 0x04,
+ 0x01, 0x82, 0xa0, 0x2a, 0x01) }
+ };
+
+ int i;
+ chunk_t oid = chunk_empty;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ oid = asn1_build_known_oid(test[i].n);
+ if (test[i].oid.len == 0)
+ {
+ ck_assert(oid.len == 0 && oid.ptr == NULL);
+ }
+ else
+ {
+ ck_assert(chunk_equals(oid, test[i].oid));
+ chunk_free(&oid);
+ }
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * oid_from_string
+ */
+
+START_TEST(test_asn1_oid_from_string)
+{
+ typedef struct {
+ char *string;
+ chunk_t oid;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { "", chunk_empty },
+ { " ", chunk_empty },
+ { "0.2.262.1", chunk_from_chars(
+ 0x02, 0x82, 0x06, 0x01) },
+ { "1.2.840.10045.4.1", chunk_from_chars(
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01) },
+ { "1.3.6.1.4.1.36906.1", chunk_from_chars(
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa0, 0x2a, 0x01) },
+ { "2.16.840.1.101.3.4.2.1", chunk_from_chars(
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01) },
+ { "0.10.100.1000.10000.100000.1000000.10000000.100000000.268435455",
+ chunk_from_chars(0x0a,0x64, 0x87, 0x68, 0xce, 0x10, 0x86, 0x8d,
+ 0x20, 0xbd, 0x84, 0x40, 0x84, 0xe2, 0xad, 0x00,
+ 0xaf, 0xd7, 0xc2, 0x00, 0xff, 0xff, 0xff, 0x7f) },
+ { "0.1.2.3.4.5.6.7.8.9.10.128.129.130.131.132.133.134.135.136.137."
+ "256.257.258.259.260.261.262.263.264.265.384.385.386.387.388."
+ "2097153", chunk_from_chars(
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
+ 0x81, 0x00, 0x81, 0x01, 0x81, 0x02, 0x81, 0x03, 0x81, 0x04,
+ 0x81, 0x05, 0x81, 0x06, 0x81, 0x07, 0x81, 0x08, 0x81, 0x09,
+ 0x82, 0x00, 0x82, 0x01, 0x82, 0x02, 0x82, 0x03, 0x82, 0x04,
+ 0x82, 0x05, 0x82, 0x06, 0x82, 0x07, 0x82, 0x08, 0x82, 0x09,
+ 0x83, 0x00, 0x83, 0x01, 0x83, 0x02, 0x83, 0x03, 0x83, 0x04,
+ 0x81, 0x80, 0x80, 0x01) },
+ { "0.1.2.3.4.5.6.7.8.9.10.128.129.130.131.132.133.134.135.136.137."
+ "256.257.258.259.260.261.262.263.264.265.384.385.386.387.388."
+ "1.2097153", chunk_empty },
+ { "1.a.2.b.3", chunk_empty }
+ };
+
+ int i;
+ chunk_t oid = chunk_empty;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ oid = asn1_oid_from_string(test[i].string);
+ if (test[i].oid.len == 0)
+ {
+ ck_assert(oid.len == 0 && oid.ptr == NULL);
+ }
+ else
+ {
+ ck_assert(chunk_equals(oid, test[i].oid));
+ chunk_free(&oid);
+ }
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * oid_to_string
+ */
+
+START_TEST(test_asn1_oid_to_string)
+{
+ typedef struct {
+ char *string;
+ chunk_t oid;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { NULL, chunk_empty },
+ { "0.2.262.1", chunk_from_chars(
+ 0x02, 0x82, 0x06, 0x01) },
+ { "1.2.840.10045.4.1", chunk_from_chars(
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01) },
+ { "1.3.6.1.4.1.36906.1", chunk_from_chars(
+ 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0xa0, 0x2a, 0x01) },
+ { "2.16.840.1.101.3.4.2.1", chunk_from_chars(
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01) },
+ { "0.10.100.1000.10000.100000.1000000.10000000.100000000.268435455",
+ chunk_from_chars( 0x0a, 0x64, 0x87, 0x68, 0xce, 0x10, 0x86, 0x8d,
+ 0x20, 0xbd, 0x84, 0x40, 0x84, 0xe2, 0xad, 0x00,
+ 0xaf, 0xd7, 0xc2, 0x00, 0xff, 0xff, 0xff, 0x7f) },
+ { NULL, chunk_from_chars(
+ 0x0a, 0x02, 0x64, 0x87, 0x68, 0xce, 0x10, 0x86, 0x8d, 0x20,
+ 0xbd, 0x84, 0x40, 0x84, 0xe2, 0xad, 0x00, 0xaf, 0xd7, 0xc2, 0x00,
+ 0xff, 0xff, 0xff, 0x7f) },
+ { NULL, chunk_from_chars(0x0a, 0x87) }
+ };
+
+ int i;
+ char *string = NULL;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ string = asn1_oid_to_string(test[i].oid);
+ if (test[i].string == NULL)
+ {
+ ck_assert(string == NULL);
+ }
+ else
+ {
+ ck_assert(streq(string, test[i].string));
+ free(string);
+ }
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * length
+ */
+
+START_TEST(test_asn1_length)
+{
+ chunk_t a;
+
+ a = chunk_empty;
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04);
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04, 0x00);
+ ck_assert(asn1_length(&a) == 0);
+
+ a = chunk_from_chars(0x04, 0x01);
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04, 0x01, 0xaa);
+ ck_assert(asn1_length(&a) == 1);
+
+ a = chunk_from_chars(0x04, 0x7f, 0xaa);
+ a.len = 2 + 127;
+ ck_assert(asn1_length(&a) == 127);
+
+ a = chunk_from_chars(0x04, 0x80, 0xaa);
+ a.len = 2 + 128;
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04, 0x81);
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04, 0x81, 0x00);
+ ck_assert(asn1_length(&a) == 0);
+
+ a = chunk_from_chars(0x04, 0x81, 0x80, 0xaa);
+ ck_assert(asn1_length(&a) == ASN1_INVALID_LENGTH);
+
+ a = chunk_from_chars(0x04, 0x81, 0x80, 0xaa);
+ a.len = 3 + 128;
+ ck_assert(asn1_length(&a) == 128);
+
+ a = chunk_from_chars(0x04, 0x82, 0x01, 0x02, 0xaa);
+ a.len = 4 + 258;
+ ck_assert(asn1_length(&a) == 258);
+
+ a = chunk_from_chars(0x04, 0x83, 0x01, 0x02, 0x03, 0xaa);
+ a.len = 5 + 66051;
+ ck_assert(asn1_length(&a) == 66051);
+
+ a = chunk_from_chars(0x04, 0x84, 0x01, 0x02, 0x03, 0x04, 0xaa);
+ a.len = 6 + 16909060;
+ ck_assert(asn1_length(&a) == 16909060);
+
+ /* largest chunk on 32 bit system */
+ a = chunk_from_chars(0x04, 0x84, 0xff, 0xff, 0xff, 0xf9, 0xaa);
+ a.len = 4294967295;
+ ck_assert(asn1_length(&a) == 4294967289);
+
+}
+END_TEST
+
+/*******************************************************************************
+ * unwrap
+ */
+
+START_TEST(test_asn1_unwrap)
+{
+ chunk_t c0 = chunk_from_chars(0x30);
+ chunk_t c1 = chunk_from_chars(0x30, 0x01, 0xaa);
+ chunk_t c2 = chunk_from_chars(0x30, 0x80);
+ chunk_t c3 = chunk_from_chars(0x30, 0x81);
+ chunk_t c4 = chunk_from_chars(0x30, 0x81, 0x01, 0xaa);
+ chunk_t c5 = chunk_from_chars(0x30, 0x81, 0x02, 0xaa);
+
+ chunk_t inner;
+ chunk_t inner_ref = chunk_from_chars(0xaa);
+
+ ck_assert(asn1_unwrap(&c0, &inner) == ASN1_INVALID);
+
+ ck_assert(asn1_unwrap(&c1, &inner) == ASN1_SEQUENCE);
+
+ ck_assert(chunk_equals(inner, inner_ref));
+
+ ck_assert(asn1_unwrap(&c2, &inner) == ASN1_INVALID);
+
+ ck_assert(asn1_unwrap(&c3, &inner) == ASN1_INVALID);
+
+ ck_assert(asn1_unwrap(&c4, &inner) == ASN1_SEQUENCE);
+
+ ck_assert(chunk_equals(inner, inner_ref));
+
+ ck_assert(asn1_unwrap(&c5, &inner) == ASN1_INVALID);
+}
+END_TEST
+
+/*******************************************************************************
+ * is_asn1
+ */
+
+START_TEST(test_is_asn1)
+{
+ typedef struct {
+ bool asn1;
+ chunk_t chunk;
+ } testdata_t;
+
+ u_char buf[8];
+ chunk_t chunk_zero = { buf, 0 };
+ chunk_t chunk_mean = { 0, 1 };
+
+ testdata_t test[] = {
+ { FALSE, chunk_zero },
+ { FALSE, chunk_empty },
+ { FALSE, chunk_mean },
+ { TRUE, chunk_from_chars(0x30, 0x00) },
+ { TRUE, chunk_from_chars(0x31, 0x00) },
+ { TRUE, chunk_from_chars(0x04, 0x00) },
+ { FALSE, chunk_from_chars(0x02, 0x00) },
+ { FALSE, chunk_from_chars(0x30, 0x01) },
+ { FALSE, chunk_from_chars(0x30, 0x80) },
+ { TRUE, chunk_from_chars(0x30, 0x01, 0xa1) },
+ { FALSE, chunk_from_chars(0x30, 0x01, 0xa1, 0xa2) },
+ { TRUE, chunk_from_chars(0x30, 0x01, 0xa1, 0x0a) },
+ { FALSE, chunk_from_chars(0x30, 0x01, 0xa1, 0xa2, 0x0a) },
+ };
+
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ ck_assert(is_asn1(test[i].chunk) == test[i].asn1);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * is_printablestring
+ */
+
+START_TEST(test_asn1_is_printablestring)
+{
+ typedef struct {
+ bool printable;
+ char *string;
+ } testdata_t;
+
+
+ testdata_t test[] = {
+ { TRUE, "" },
+ { TRUE, "Z" },
+ { FALSE, "Z#" },
+ { FALSE, "&Z" },
+ { FALSE, "Z@z" },
+ { FALSE, "!" }, { FALSE, "*" }, { FALSE, "$" }, { FALSE, "%" },
+ { FALSE, "[" }, { FALSE, "]" }, { FALSE, "{" }, { FALSE, "}" },
+ { FALSE, "|" }, { FALSE, "~" }, { FALSE, "^" }, { FALSE, "_" },
+ { FALSE, "\"" }, { FALSE, "\\" }, { FALSE, "ä" }, { FALSE, "à" },
+ { TRUE, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
+ "0123456789 '()+,-./:=?" },
+ };
+
+ chunk_t chunk;
+ int i;
+
+ ck_assert(asn1_is_printablestring(chunk_empty));
+
+ for (i = 0; i < countof(test); i++)
+ {
+ chunk = chunk_from_str(test[i].string);
+ ck_assert(asn1_is_printablestring(chunk) == test[i].printable);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * to_time
+ */
+
+START_TEST(test_asn1_to_time)
+{
+ typedef struct {
+ time_t time;
+ u_int8_t type;
+ char *string;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { 352980, 0x18, "197001050203Z" },
+ { 352984, 0x18, "19700105020304Z" },
+ { 352980, 0x17, "7001050203Z" },
+ { 347580, 0x17, "7001050203+0130" },
+ { 358380, 0x17, "7001050203-0130" },
+ { 352984, 0x17, "700105020304Z" },
+ { 347584, 0x17, "700105020304+0130" },
+ { 358384, 0x17, "700105020304-0130" },
+ { 0, 0x17, "700105020304+01" },
+ { 0, 0x17, "700105020304-01" },
+ { 0, 0x17, "700105020304" },
+ { 0, 0x17, "70010502Z" },
+ { 0, 0x17, "7001050203xxZ" },
+ { 0, 0x17, "7000050203Z" },
+ { 0, 0x17, "7013050203Z" },
+ { 0, 0x17, "7001004203Z" },
+ { 0, 0x17, "7001320203Z" },
+ { 0, 0x17, "700101-103Z" },
+ { 0, 0x17, "7001016003Z" },
+ { 0, 0x17, "70010102-1Z" },
+ { 0, 0x17, "7001010260Z" },
+ { 0, 0x17, "7001010203-1Z" },
+ { 0, 0x17, "700101020361Z" },
+ { -631152000, 0x17, "500101000000Z" }, /* UTCTime min */
+ { 59, 0x17, "691231235959-0001" },
+ { -1, 0x17, "691231235959Z" },
+ { 0, 0x17, "700101000000Z" },
+ { -60, 0x17, "700101000000+0001" },
+ { 2524607999UL, 0x17, "491231235959Z" }, /* UTCTime max */
+ { 5097600, 0x17, "7003010000Z" },
+ { 68256000, 0x17, "7203010000Z" },
+ { 951868800, 0x17, "0003010000Z" },
+ { 4107542400UL, 0x18, "210003010000Z" }
+ };
+
+ int i;
+ chunk_t chunk;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ if (sizeof(time_t) == 4 && test[i].time < 0)
+ {
+ continue;
+ }
+ chunk = chunk_from_str(test[i].string);
+ ck_assert(asn1_to_time(&chunk, test[i].type) == test[i].time);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * from_time
+ */
+
+START_TEST(test_asn1_from_time)
+{
+ typedef struct {
+ time_t time;
+ u_int8_t type;
+ chunk_t chunk;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { 352984, 0x18, chunk_from_chars(
+ 0x18, 0x0f, 0x31, 0x39, 0x37, 0x30, 0x30, 0x31, 0x30, 0x35,
+ 0x30, 0x32, 0x30, 0x33, 0x30, 0x34, 0x5a) },
+ { 352984, 0x17, chunk_from_chars(
+ 0x17, 0x0d, 0x37, 0x30, 0x30, 0x31, 0x30, 0x35,
+ 0x30, 0x32, 0x30, 0x33, 0x30, 0x34, 0x5a) },
+ { 1078099200, 0x17, chunk_from_chars(
+ 0x17, 0x0d, 0x30, 0x34, 0x30, 0x33, 0x30, 0x31,
+ 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a) },
+ { 4107542400UL, 0x18, chunk_from_chars(
+ 0x18, 0x0f, 0x32, 0x31, 0x30, 0x30, 0x30, 0x33, 0x30, 0x31,
+ 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5a) }
+ };
+
+ int i;
+ chunk_t chunk;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ if (sizeof(time_t) == 4 && test[i].time < 0)
+ {
+ continue;
+ }
+ chunk = asn1_from_time(&test[i].time, test[i].type);
+ ck_assert(chunk_equals(chunk, test[i].chunk));
+ free(chunk.ptr);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * parse_time
+ */
+
+START_TEST(test_asn1_parse_time)
+{
+ typedef struct {
+ time_t time;
+ chunk_t chunk;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { 352984, chunk_from_chars(
+ 0x18, 0x0f, 0x31, 0x39, 0x37, 0x30, 0x30, 0x31, 0x30, 0x35,
+ 0x30, 0x32, 0x30, 0x33, 0x30, 0x34, 0x5a) },
+ { 352984, chunk_from_chars(
+ 0x17, 0x0d, 0x37, 0x30, 0x30, 0x31, 0x30, 0x35,
+ 0x30, 0x32, 0x30, 0x33, 0x30, 0x34, 0x5a) },
+ { 0, chunk_from_chars(0x05, 0x00) }
+ };
+
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ ck_assert(asn1_parse_time(test[i].chunk, 0) == test[i].time);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * build_object
+ */
+
+START_TEST(test_asn1_build_object)
+{
+ typedef struct {
+ size_t len;
+ size_t size;
+ u_char *b;
+ } testdata_t;
+
+ u_char b0[] = { 0x05, 0x00 };
+ u_char b1[] = { 0x04, 0x7f };
+ u_char b2[] = { 0x04, 0x81, 0x80 };
+ u_char b3[] = { 0x04, 0x81, 0xff };
+ u_char b4[] = { 0x04, 0x82, 0x01, 0x00 };
+ u_char b5[] = { 0x04, 0x82, 0xff, 0xff };
+ u_char b6[] = { 0x04, 0x83, 0x01, 0x00, 0x00 };
+
+ testdata_t test[] = {
+ { 0, sizeof(b0), b0 },
+ { 127, sizeof(b1), b1 },
+ { 128, sizeof(b2), b2 },
+ { 255, sizeof(b3), b3 },
+ { 256, sizeof(b4), b4 },
+ { 65535, sizeof(b5), b5 },
+ { 65536, sizeof(b6), b6 }
+ };
+
+ chunk_t a = chunk_empty;
+ u_char *pos;
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ pos = asn1_build_object(&a, test[i].b[0], test[i].len);
+ ck_assert(pos == (a.ptr + test[i].size));
+ ck_assert(a.len == test[i].size + test[i].len);
+ ck_assert(memeq(a.ptr, test[i].b, test[i].size));
+ chunk_free(&a);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * simple_object
+ */
+
+START_TEST(test_asn1_simple_object)
+{
+ chunk_t a = chunk_empty;
+ chunk_t b = chunk_from_chars(0x04, 0x05, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5);
+ chunk_t c = chunk_from_chars(0xa1, 0xa2, 0xa3, 0xa4, 0xa5);
+
+ a = asn1_simple_object(0x04, c);
+ ck_assert(chunk_equals(a, b));
+ chunk_free(&a);
+}
+END_TEST
+
+/*******************************************************************************
+ * parse_simple_object
+ */
+
+START_TEST(test_asn1_parse_simple_object)
+{
+ typedef struct {
+ bool res;
+ int type;
+ chunk_t chunk;
+ } testdata_t;
+
+ testdata_t test[] = {
+ { FALSE, 0x04, chunk_from_chars(0x04) },
+ { FALSE, 0x04, chunk_from_chars(0x02, 0x01, 0x55) },
+ { FALSE, 0x04, chunk_from_chars(0x04, 0x01) },
+ { TRUE, 0x04, chunk_from_chars(0x04, 0x01, 0x55) },
+ { TRUE, 0x06, chunk_from_chars(0x06, 0x02, 0x55, 0x03) },
+ { TRUE, 0x06, chunk_from_chars(0x06, 0x00) },
+ { TRUE, 0x13, chunk_from_chars(0x13, 0x01, 0x55), }
+ };
+
+ int i;
+ bool res;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ res = asn1_parse_simple_object(&test[i].chunk, test[i].type, 0, "test");
+ ck_assert(res == test[i].res);
+ if (res && test[i].chunk.len)
+ {
+ ck_assert(*test[i].chunk.ptr == 0x55);
+ }
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * bitstring
+ */
+
+START_TEST(test_asn1_bitstring)
+{
+ chunk_t a = chunk_empty;
+ chunk_t b = chunk_from_chars(0x03, 0x05, 0x00, 0xa1, 0xa2, 0xa3, 0xa4);
+ chunk_t c = chunk_from_chars(0xa1, 0xa2, 0xa3, 0xa4);
+ chunk_t d = chunk_clone(c);
+
+ a = asn1_bitstring("c", c);
+ ck_assert(chunk_equals(a, b));
+ chunk_free(&a);
+
+ a = asn1_bitstring("m", d);
+ ck_assert(chunk_equals(a, b));
+ chunk_free(&a);
+}
+END_TEST
+
+/*******************************************************************************
+ * integer
+ */
+
+START_TEST(test_asn1_integer)
+{
+ typedef struct {
+ chunk_t b;
+ chunk_t c;
+ } testdata_t;
+
+ chunk_t b0 = chunk_from_chars(0x02, 0x01, 0x00);
+ chunk_t b1 = chunk_from_chars(0x02, 0x01, 0x7f);
+ chunk_t b2 = chunk_from_chars(0x02, 0x02, 0x00, 0x80);
+
+ chunk_t c0 = chunk_empty;
+ chunk_t c1 = chunk_from_chars(0x7f);
+ chunk_t c2 = chunk_from_chars(0x80);
+ chunk_t c3 = chunk_from_chars(0x00, 0x80);
+
+ testdata_t test[] = {
+ { b0, c0 },
+ { b1, c1 },
+ { b2, c2 },
+ { b2, c3 }
+ };
+
+ chunk_t a = chunk_empty;
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ a = asn1_integer("c", test[i].c);
+ ck_assert(chunk_equals(a, test[i].b));
+ chunk_free(&a);
+
+ a = asn1_integer("m", chunk_clone(test[i].c));
+ ck_assert(chunk_equals(a, test[i].b));
+ chunk_free(&a);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * parse_integer_uint64
+ */
+
+START_TEST(test_asn1_parse_integer_uint64)
+{
+ typedef struct {
+ u_int64_t n;
+ chunk_t chunk;
+ } testdata_t;
+
+
+ testdata_t test[] = {
+ { 67305985ULL, chunk_from_chars(
+ 0x04, 0x03, 0x02, 0x01) },
+ { 578437695752307201ULL, chunk_from_chars(
+ 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01) },
+ { 18446744073709551615ULL, chunk_from_chars(
+ 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff) }
+ };
+
+ int i;
+
+ for (i = 0; i < countof(test); i++)
+ {
+ ck_assert(asn1_parse_integer_uint64(test[i].chunk) == test[i].n);
+ }
+}
+END_TEST
+
+Suite *asn1_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("asn1");
+
+ tc = tcase_create("algorithmIdentifier");
+ tcase_add_test(tc, test_asn1_algorithmIdentifier);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("parse_algorithmIdentifier");
+ tcase_add_test(tc, test_asn1_parse_algorithmIdentifier);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("known_oid");
+ tcase_add_test(tc, test_asn1_known_oid);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("build_known_oid");
+ tcase_add_test(tc, test_asn1_build_known_oid);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("oid_from_string");
+ tcase_add_test(tc, test_asn1_oid_from_string);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("oid_to_string");
+ tcase_add_test(tc, test_asn1_oid_to_string);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("length");
+ tcase_add_test(tc, test_asn1_length);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("unwrap");
+ tcase_add_test(tc, test_asn1_unwrap);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("is_asn1");
+ tcase_add_test(tc, test_is_asn1);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("is_printablestring");
+ tcase_add_test(tc, test_asn1_is_printablestring);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("to_time");
+ tcase_add_test(tc, test_asn1_to_time);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("from_time");
+ tcase_add_test(tc, test_asn1_from_time);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("parse_time");
+ tcase_add_test(tc, test_asn1_parse_time);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("build_object");
+ tcase_add_test(tc, test_asn1_build_object);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("simple_object");
+ tcase_add_test(tc, test_asn1_simple_object);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("parse_simple_object");
+ tcase_add_test(tc, test_asn1_parse_simple_object);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("bitstring");
+ tcase_add_test(tc, test_asn1_bitstring);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("integer");
+ tcase_add_test(tc, test_asn1_integer);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("parse_integer_uint64");
+ tcase_add_test(tc, test_asn1_parse_integer_uint64);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_asn1_parser.c b/src/libstrongswan/tests/suites/test_asn1_parser.c
new file mode 100644
index 000000000..973562bff
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_asn1_parser.c
@@ -0,0 +1,291 @@
+/*
+ * Copyright (C) 2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <asn1/asn1_parser.h>
+#include <utils/chunk.h>
+
+/*******************************************************************************
+ * utilities
+ */
+
+typedef struct {
+ bool success;
+ int count;
+ chunk_t blob;
+} asn1_test_t;
+
+static void run_parser_test(const asn1Object_t *objects, int id,
+ asn1_test_t *test)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, count = 0;
+ bool success;
+
+ parser = asn1_parser_create(objects, test->blob);
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ if (objectID == id)
+ {
+ count++;
+ }
+ }
+ success = parser->success(parser);
+ parser->destroy(parser);
+
+ ck_assert(success == test->success && count == test->count);
+}
+
+/*******************************************************************************
+ * length
+ */
+
+static const asn1Object_t octetStringObjects[] = {
+ { 0, "octetString", ASN1_OCTET_STRING, ASN1_BODY }, /* 0 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+
+asn1_test_t length_tests[] = {
+ { FALSE, 0, { NULL, 0 } },
+ { FALSE, 0, chunk_from_chars(0x04) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x00) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x01, 0xaa) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x7f) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x80) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x81) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x81, 0x00) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x81, 0x01) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x81, 0x01, 0xaa) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x82, 0x00, 0x01) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x82, 0x00, 0x01, 0xaa) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x83, 0x00, 0x00, 0x01) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x83, 0x00, 0x00, 0x01, 0xaa) },
+ { FALSE, 0, chunk_from_chars(0x04, 0x84, 0x00, 0x00, 0x00, 0x01) },
+ { TRUE, 1, chunk_from_chars(0x04, 0x84, 0x00, 0x00, 0x00, 0x01, 0xaa) },
+};
+
+START_TEST(test_asn1_parser_length)
+{
+ run_parser_test(octetStringObjects, 0, &length_tests[_i]);
+}
+END_TEST
+
+/*******************************************************************************
+ * loop
+ */
+
+static const asn1Object_t loopObjects[] = {
+ { 0, "loopObjects", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "octetString", ASN1_OCTET_STRING, ASN1_BODY }, /* 1 */
+ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+
+asn1_test_t loop_tests[] = {
+ { TRUE, 0, chunk_from_chars(0x30, 0x00) },
+ { FALSE, 0, chunk_from_chars(0x30, 0x02, 0x04, 0x01) },
+ { TRUE, 1, chunk_from_chars(0x30, 0x03, 0x04, 0x01, 0xaa) },
+ { TRUE, 2, chunk_from_chars(0x30, 0x05, 0x04, 0x01, 0xaa, 0x04, 0x00) },
+ { FALSE, 1, chunk_from_chars(0x30, 0x05, 0x04, 0x01, 0xaa, 0x05, 0x00) },
+ { TRUE, 3, chunk_from_chars(0x30, 0x09, 0x04, 0x01, 0xaa, 0x04, 0x00,
+ 0x04, 0x02, 0xbb, 0xcc) },
+};
+
+START_TEST(test_asn1_parser_loop)
+{
+ run_parser_test(loopObjects, 1, &loop_tests[_i]);
+}
+END_TEST
+
+/*******************************************************************************
+ * default
+ */
+
+typedef struct {
+ int i1, i2, i3;
+ chunk_t blob;
+} default_opt_test_t;
+
+static const asn1Object_t defaultObjects[] = {
+ { 0, "defaultObjects", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
+ { 1, "explicit int1", ASN1_CONTEXT_C_1, ASN1_DEF }, /* 1 */
+ { 2, "int1", ASN1_INTEGER, ASN1_BODY }, /* 2 */
+ { 1, "int2", ASN1_INTEGER, ASN1_DEF|ASN1_BODY }, /* 3 */
+ { 1, "implicit int3", ASN1_CONTEXT_S_3, ASN1_DEF|ASN1_BODY }, /* 4 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+
+default_opt_test_t default_tests[] = {
+ { -1, -2, -3, chunk_from_chars(0x30, 0x00) },
+ { 1, -2, -3, chunk_from_chars(0x30, 0x05, 0xa1, 0x03, 0x02, 0x01, 0x01) },
+ { -1, 2, -3, chunk_from_chars(0x30, 0x03, 0x02, 0x01, 0x02) },
+ { -1, -2, 3, chunk_from_chars(0x30, 0x03, 0x83, 0x01, 0x03) },
+ { 1, 2, -3, chunk_from_chars(0x30, 0x08, 0xa1, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x01, 0x02) },
+ { 1, -2, 3, chunk_from_chars(0x30, 0x08, 0xa1, 0x03, 0x02, 0x01, 0x01,
+ 0x83, 0x01, 0x03) },
+ { -1, 2, 3, chunk_from_chars(0x30, 0x06, 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 1, 2, 3, chunk_from_chars(0x30, 0x0b, 0xa1, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 0, 0, 0, chunk_from_chars(0x30, 0x0b, 0xa1, 0x03, 0x04, 0x01, 0xaa,
+ 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 1, 0, 0, chunk_from_chars(0x30, 0x0b, 0xa1, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x05, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 1, 2, 0, chunk_from_chars(0x30, 0x0b, 0xa1, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x01, 0x02,
+ 0x83, 0x02, 0x03) },
+};
+
+START_TEST(test_asn1_parser_default)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, i1 = 0, i2 = 0, i3 = 0;
+ bool success;
+
+ parser = asn1_parser_create(defaultObjects, default_tests[_i].blob);
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ switch (objectID)
+ {
+ case 2:
+ i1 = object.len ? *object.ptr : -1;
+ break;
+ case 3:
+ i2 = object.len ? *object.ptr : -2;
+ break;
+ case 4:
+ i3 = object.len ? *object.ptr : -3;
+ break;
+ default:
+ break;
+ }
+ }
+ success = parser->success(parser);
+ parser->destroy(parser);
+
+ ck_assert(success == (default_tests[_i].i1 &&
+ default_tests[_i].i2 &&
+ default_tests[_i].i3));
+
+ ck_assert(i1 == default_tests[_i].i1 &&
+ i2 == default_tests[_i].i2 &&
+ i3 == default_tests[_i].i3);
+}
+END_TEST
+
+/*******************************************************************************
+ * option
+ */
+
+static const asn1Object_t optionObjects[] = {
+ { 0, "optionalObjects", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
+ { 1, "sequence int1", ASN1_SEQUENCE, ASN1_OPT }, /* 1 */
+ { 2, "int1", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
+ { 1, "int2", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 5 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
+ { 1, "implicit int3", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 7 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 8 */
+ { 0, "exit", ASN1_EOC, ASN1_EXIT }
+};
+
+default_opt_test_t option_tests[] = {
+ { 0, 0, 0, chunk_from_chars(0x30, 0x00) },
+ { 1, 0, 0, chunk_from_chars(0x30, 0x05, 0x30, 0x03, 0x02, 0x01, 0x01) },
+ { 0, 2, 0, chunk_from_chars(0x30, 0x03, 0x02, 0x01, 0x02) },
+ { 0, 0, 3, chunk_from_chars(0x30, 0x03, 0x83, 0x01, 0x03) },
+ { 1, 2, 0, chunk_from_chars(0x30, 0x08, 0x30, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x01, 0x02) },
+ { 1, 0, 3, chunk_from_chars(0x30, 0x08, 0x30, 0x03, 0x02, 0x01, 0x01,
+ 0x83, 0x01, 0x03) },
+ { 0, 2, 3, chunk_from_chars(0x30, 0x06, 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 1, 2, 3, chunk_from_chars(0x30, 0x0b, 0x30, 0x03, 0x02, 0x01, 0x01,
+ 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+ { 0, 2, 3, chunk_from_chars(0x30, 0x08, 0x30, 0x00,
+ 0x02, 0x01, 0x02,
+ 0x83, 0x01, 0x03) },
+};
+
+START_TEST(test_asn1_parser_option)
+{
+ asn1_parser_t *parser;
+ chunk_t object;
+ int objectID, i1 = 0, i2 = 0, i3 = 0;
+ bool success;
+
+ parser = asn1_parser_create(optionObjects, option_tests[_i].blob);
+ while (parser->iterate(parser, &objectID, &object))
+ {
+ switch (objectID)
+ {
+ case 2:
+ i1 = *object.ptr;
+ break;
+ case 5:
+ i2 = *object.ptr;
+ break;
+ case 7:
+ i3 = *object.ptr;
+ break;
+ default:
+ break;
+ }
+ }
+ success = parser->success(parser);
+ parser->destroy(parser);
+
+ ck_assert(success);
+
+ ck_assert(i1 == option_tests[_i].i1 &&
+ i2 == option_tests[_i].i2 &&
+ i3 == option_tests[_i].i3);
+}
+END_TEST
+
+Suite *asn1_parser_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("asn1_parser");
+
+ tc = tcase_create("length");
+ tcase_add_loop_test(tc, test_asn1_parser_length, 0, countof(length_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("loop");
+ tcase_add_loop_test(tc, test_asn1_parser_loop, 0, countof(loop_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("default");
+ tcase_add_loop_test(tc, test_asn1_parser_default, 0, countof(default_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("option");
+ tcase_add_loop_test(tc, test_asn1_parser_option, 0, countof(option_tests));
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_bio_reader.c b/src/libstrongswan/tests/suites/test_bio_reader.c
index 45b20db00..6a9743d62 100644
--- a/src/libstrongswan/tests/test_bio_reader.c
+++ b/src/libstrongswan/tests/suites/test_bio_reader.c
@@ -329,7 +329,7 @@ END_TEST
*/
#define assert_read_data_len(bits) ({ \
- bio_reader_t *reader; \
+ bio_reader_t *reader; \
chunk_t read, data; \
int i, len = bits / 8; \
data = chunk_empty; \
diff --git a/src/libstrongswan/tests/test_bio_writer.c b/src/libstrongswan/tests/suites/test_bio_writer.c
index 665cd2d7c..e74288eb7 100644
--- a/src/libstrongswan/tests/test_bio_writer.c
+++ b/src/libstrongswan/tests/suites/test_bio_writer.c
@@ -181,7 +181,7 @@ END_TEST
*/
#define assert_write_data_len(init, bits) ({ \
- bio_writer_t *writer; \
+ bio_writer_t *writer; \
chunk_t buf, data; \
int i, len = bits / 8; \
writer = bio_writer_create(init); \
@@ -240,7 +240,7 @@ END_TEST
*/
#define assert_wrap_data(init, bits) ({ \
- bio_writer_t *writer; \
+ bio_writer_t *writer; \
chunk_t buf, data; \
int i, len = bits / 8; \
writer = bio_writer_create(init); \
diff --git a/src/libstrongswan/tests/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c
index 8e29971c1..e373fbdb6 100644
--- a/src/libstrongswan/tests/test_chunk.c
+++ b/src/libstrongswan/tests/suites/test_chunk.c
@@ -14,10 +14,16 @@
* for more details.
*/
-
#include "test_suite.h"
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+
#include <utils/chunk.h>
+#include <threading/thread.h>
/*******************************************************************************
* utilities
@@ -672,6 +678,31 @@ static const u_char sip_vectors[64][8] =
{ 0x72, 0x45, 0x06, 0xeb, 0x4c, 0x32, 0x8a, 0x95, }
};
+/**
+ * Our SipHash-2-4 implementation returns the result in host order, which
+ * doesn't matter for practical purposes and even avoids a byte swap. But
+ * because the test vectors are in little-endian we have to account for this
+ * with this custom comparison function.
+ */
+static inline bool sipeq(const void *a, const void *b, size_t n)
+{
+ u_char *ap = (u_char*)a, *bp = (u_char*)b;
+ int i;
+
+ for (i = 0; i < n; i++)
+ {
+#ifdef WORDS_BIGENDIAN
+ if (ap[i] != bp[n - i - 1])
+#else
+ if (ap[i] != bp[i])
+#endif
+ {
+ return FALSE;
+ }
+ }
+ return TRUE;
+}
+
START_TEST(test_chunk_mac)
{
chunk_t in;
@@ -692,7 +723,7 @@ START_TEST(test_chunk_mac)
in.ptr[i] = i;
in.len = i;
out = chunk_mac(in, key);
- fail_unless(memeq(&out, sip_vectors[i], 8),
+ fail_unless(sipeq(&out, sip_vectors[i], 8),
"test vector failed for %d bytes", i);
}
}
@@ -739,7 +770,7 @@ START_TEST(test_chunk_hash_static)
in.len = i;
/* compared to chunk_mac() we only get half the value back */
out = chunk_hash_static(in);
- fail_unless(memeq(&out, sip_vectors[i], 4),
+ fail_unless(sipeq(&out, sip_vectors[i], 4),
"test vector failed for %d bytes", i);
}
hash_a = chunk_hash_static_inc(in, out);
@@ -750,6 +781,116 @@ START_TEST(test_chunk_hash_static)
END_TEST
/*******************************************************************************
+ * test for chunk_map and friends
+ */
+
+START_TEST(test_chunk_map)
+{
+ chunk_t *map, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05);
+ char *path = "/tmp/strongswan-chunk-map-test";
+
+ ck_assert(chunk_write(contents, path, 022, TRUE));
+
+ /* read */
+ map = chunk_map(path, FALSE);
+ ck_assert(map != NULL);
+ ck_assert_msg(chunk_equals(*map, contents), "%B", map);
+ /* altering mapped chunk should not hurt */
+ *map = chunk_empty;
+ ck_assert(chunk_unmap(map));
+
+ /* write */
+ map = chunk_map(path, TRUE);
+ ck_assert(map != NULL);
+ ck_assert_msg(chunk_equals(*map, contents), "%B", map);
+ map->ptr[0] = 0x06;
+ ck_assert(chunk_unmap(map));
+
+ /* verify write */
+ contents.ptr[0] = 0x06;
+ map = chunk_map(path, FALSE);
+ ck_assert(map != NULL);
+ ck_assert_msg(chunk_equals(*map, contents), "%B", map);
+ ck_assert(chunk_unmap(map));
+
+ unlink(path);
+}
+END_TEST
+
+/*******************************************************************************
+ * test for chunk_from_fd
+ */
+
+START_TEST(test_chunk_from_fd_file)
+{
+ chunk_t in, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05);
+ char *path = "/tmp/strongswan-chunk-fd-test";
+ int fd;
+
+ ck_assert(chunk_write(contents, path, 022, TRUE));
+
+ fd = open(path, O_RDONLY);
+ ck_assert(fd != -1);
+
+ ck_assert(chunk_from_fd(fd, &in));
+ close(fd);
+ ck_assert_msg(chunk_equals(in, contents), "%B", &in);
+ unlink(path);
+ free(in.ptr);
+}
+END_TEST
+
+START_TEST(test_chunk_from_fd_skt)
+{
+ chunk_t in, contents = chunk_from_chars(0x01,0x02,0x03,0x04,0x05);
+ int s[2];
+
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, s) == 0);
+ ck_assert(write(s[1], contents.ptr, contents.len) == contents.len);
+ close(s[1]);
+ ck_assert_msg(chunk_from_fd(s[0], &in), "%s", strerror(errno));
+ close(s[0]);
+ ck_assert_msg(chunk_equals(in, contents), "%B", &in);
+ free(in.ptr);
+}
+END_TEST
+
+#define FROM_FD_COUNT 8192
+
+void *chunk_from_fd_run(void *data)
+{
+ int i, fd = (uintptr_t)data;
+
+ for (i = 0; i < FROM_FD_COUNT; i++)
+ {
+ ck_assert(write(fd, &i, sizeof(i)) == sizeof(i));
+ }
+ close(fd);
+ return NULL;
+}
+
+START_TEST(test_chunk_from_fd_huge)
+{
+ thread_t *thread;
+ chunk_t in;
+ int s[2], i;
+
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, s) == 0);
+
+ thread = thread_create(chunk_from_fd_run, (void*)(uintptr_t)s[1]);
+ ck_assert_msg(chunk_from_fd(s[0], &in), "%s", strerror(errno));
+ ck_assert_int_eq(in.len, FROM_FD_COUNT * sizeof(i));
+ for (i = 0; i < FROM_FD_COUNT; i++)
+ {
+ ck_assert_int_eq(((int*)in.ptr)[i], i);
+ }
+ thread->join(thread);
+ close(s[0]);
+ free(in.ptr);
+}
+END_TEST
+
+/*******************************************************************************
* printf_hook tests
*/
@@ -866,6 +1007,16 @@ Suite *chunk_suite_create()
tcase_add_test(tc, test_chunk_hash_static);
suite_add_tcase(s, tc);
+ tc = tcase_create("chunk_map");
+ tcase_add_test(tc, test_chunk_map);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("chunk_from_fd");
+ tcase_add_test(tc, test_chunk_from_fd_file);
+ tcase_add_test(tc, test_chunk_from_fd_skt);
+ tcase_add_test(tc, test_chunk_from_fd_huge);
+ suite_add_tcase(s, tc);
+
tc = tcase_create("printf_hook");
tcase_add_loop_test(tc, test_printf_hook_hash, 0, countof(printf_hook_data));
tcase_add_loop_test(tc, test_printf_hook_plus, 0, countof(printf_hook_data));
diff --git a/src/libstrongswan/tests/suites/test_crypter.c b/src/libstrongswan/tests/suites/test_crypter.c
new file mode 100644
index 000000000..4e7550aee
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_crypter.c
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <crypto/crypters/crypter.h>
+#include <asn1/oid.h>
+#include <utils/test.h>
+
+typedef struct {
+ int oid;
+ encryption_algorithm_t alg;
+ size_t key_size;
+}crypter_oid_t;
+
+static crypter_oid_t oids[] = {
+ { OID_UNKNOWN, ENCR_AES_CBC, 0 },
+ { OID_UNKNOWN, ENCR_CAMELLIA_CBC, 0 },
+ { OID_UNKNOWN, ENCR_UNDEFINED, 0 },
+ { OID_DES_CBC, ENCR_DES, 0 },
+ { OID_3DES_EDE_CBC, ENCR_3DES, 0 },
+ { OID_AES128_CBC, ENCR_AES_CBC, 128 },
+ { OID_AES192_CBC, ENCR_AES_CBC, 192 },
+ { OID_AES256_CBC, ENCR_AES_CBC, 256 },
+ { OID_CAMELLIA128_CBC, ENCR_CAMELLIA_CBC, 128 },
+ { OID_CAMELLIA192_CBC, ENCR_CAMELLIA_CBC, 192 },
+ { OID_CAMELLIA256_CBC, ENCR_CAMELLIA_CBC, 256 }
+};
+
+START_TEST(test_crypter_from_oid)
+{
+ size_t key_size;
+
+ ck_assert(encryption_algorithm_from_oid(oids[_i].oid, NULL) ==
+ oids[_i].alg);
+ ck_assert(encryption_algorithm_from_oid(oids[_i].oid, &key_size) ==
+ oids[_i].alg);
+ ck_assert(key_size == oids[_i].key_size);
+}
+END_TEST
+
+START_TEST(test_crypter_to_oid)
+{
+ ck_assert(encryption_algorithm_to_oid(oids[_i].alg,
+ oids[_i].key_size) == oids[_i].oid);
+}
+END_TEST
+
+typedef struct {
+ encryption_algorithm_t alg;
+ bool is_aead;
+}crypter_aead_t;
+
+static crypter_aead_t aead[] = {
+ { ENCR_AES_CCM_ICV8, TRUE },
+ { ENCR_AES_CCM_ICV12, TRUE },
+ { ENCR_AES_CCM_ICV16, TRUE },
+ { ENCR_AES_GCM_ICV8, TRUE },
+ { ENCR_AES_GCM_ICV12, TRUE },
+ { ENCR_AES_GCM_ICV16, TRUE },
+ { ENCR_NULL_AUTH_AES_GMAC, TRUE },
+ { ENCR_CAMELLIA_CCM_ICV8, TRUE },
+ { ENCR_CAMELLIA_CCM_ICV12, TRUE },
+ { ENCR_CAMELLIA_CCM_ICV16, TRUE },
+ { ENCR_AES_CBC, FALSE },
+ { ENCR_CAMELLIA_CBC, FALSE }
+};
+
+START_TEST(test_crypter_is_aead)
+{
+ ck_assert(encryption_algorithm_is_aead(aead[_i].alg) == aead[_i].is_aead);
+}
+END_TEST
+
+Suite *crypter_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("crypter");
+
+ tc = tcase_create("from_oid");
+ tcase_add_loop_test(tc, test_crypter_from_oid, 2, countof(oids));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("to_oid");
+ tcase_add_loop_test(tc, test_crypter_to_oid, 0, countof(oids));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("is_aead");
+ tcase_add_loop_test(tc, test_crypter_is_aead, 0, countof(aead));
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_ecdsa.c b/src/libstrongswan/tests/suites/test_ecdsa.c
index 2955bae2f..3c842996d 100644
--- a/src/libstrongswan/tests/test_ecdsa.c
+++ b/src/libstrongswan/tests/suites/test_ecdsa.c
@@ -222,11 +222,17 @@ Suite *ecdsa_suite_create()
{
Suite *s;
TCase *tc;
+ int gen_count = countof(key_sizes);
s = suite_create("ecdsa");
+ if (getenv("TESTS_REDUCED_KEYLENGTHS") != NULL)
+ {
+ gen_count = min(1, gen_count);
+ }
+
tc = tcase_create("generate");
- tcase_add_loop_test(tc, test_gen, 0, countof(key_sizes));
+ tcase_add_loop_test(tc, test_gen, 0, gen_count);
suite_add_tcase(s, tc);
tc = tcase_create("load");
diff --git a/src/libstrongswan/tests/test_enum.c b/src/libstrongswan/tests/suites/test_enum.c
index 990d9cfad..990d9cfad 100644
--- a/src/libstrongswan/tests/test_enum.c
+++ b/src/libstrongswan/tests/suites/test_enum.c
diff --git a/src/libstrongswan/tests/test_enumerator.c b/src/libstrongswan/tests/suites/test_enumerator.c
index b5dde4650..b5dde4650 100644
--- a/src/libstrongswan/tests/test_enumerator.c
+++ b/src/libstrongswan/tests/suites/test_enumerator.c
diff --git a/src/libstrongswan/tests/suites/test_fetch_http.c b/src/libstrongswan/tests/suites/test_fetch_http.c
new file mode 100644
index 000000000..8749ff375
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_fetch_http.c
@@ -0,0 +1,273 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <unistd.h>
+#include <time.h>
+
+/**
+ * HTTP test definition
+ */
+typedef struct {
+ /* HTTP Method */
+ char *meth;
+ /* HTTP 1.x minor version */
+ int minor;
+ /* host to connect to */
+ char *host;
+ /* HTTP service port */
+ int port;
+ /* path on host to fetch from */
+ char *path;
+ /* request Content-Type, if any */
+ char *type;
+ /* request data, if any */
+ void *req;
+ /* length of request data */
+ int req_len;
+ /* response data, if any */
+ void *res;
+ /* length of response data */
+ int res_len;
+} test_service_t;
+
+static char large[] = {
+ 0x88,0x3e,0xa3,0xe3,0x95,0x67,0x53,0x93,0xc8,0xce,0x5c,0xcd,0x8c,0x03,0x0c,0xa8,
+ 0x94,0xaf,0x49,0xf6,0xc6,0x50,0xad,0xb8,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
+ 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
+ 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
+ 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
+ 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
+ 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
+ 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
+ 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
+ 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
+ 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
+ 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
+ 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
+ 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
+ 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
+ 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
+ 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
+ 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
+ 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
+ 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
+ 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
+ 0xf3,0x15,0xbb,0x5b,0xb8,0x35,0xd8,0x17,0xad,0xcf,0x6b,0x07,0x63,0x61,0x2e,0x2f,
+ 0xa5,0xc9,0x1d,0xa7,0xac,0xaa,0x4d,0xde,0x71,0x65,0x95,0x87,0x66,0x50,0xa2,0xa6,
+ 0x28,0xef,0x49,0x5c,0x53,0xa3,0x87,0xad,0x42,0xc3,0x41,0xd8,0xfa,0x92,0xd8,0x32,
+ 0xce,0x7c,0xf2,0x72,0x2f,0x51,0x27,0x71,0xe3,0x78,0x59,0xf9,0x46,0x23,0xf3,0xa7,
+ 0x38,0x12,0x05,0xbb,0x1a,0xb0,0xe0,0x12,0xae,0x97,0xa1,0x0f,0xd4,0x34,0xe0,0x15,
+ 0xb4,0xa3,0x15,0x08,0xbe,0xff,0x4d,0x31,0x81,0x39,0x62,0x29,0xf0,0x90,0x79,0x02,
+ 0x4d,0x0c,0xf4,0x9e,0xe5,0xd4,0xdc,0xca,0xea,0xb8,0x85,0x8a,0xde,0x92,0xe1,0xbc,
+};
+
+static bool servicing(void *data, stream_t *stream)
+{
+ test_service_t *test = (test_service_t*)data;
+ char buf[1024], hdr[256], *start, *end = NULL, *body = NULL, *type = NULL;
+ struct tm tm;
+ time_t t;
+ ssize_t len, tot = 0;
+ int nr = 0;
+
+ start = buf;
+
+ /* parse method and headers */
+ while (end != start)
+ {
+ len = stream->read(stream, buf + tot, sizeof(buf) - tot, TRUE);
+ ck_assert(len > 0);
+ tot += len;
+
+ while (TRUE)
+ {
+ end = memchr(start, '\n', tot);
+ if (!end)
+ {
+ break;
+ }
+ *end = '\0';
+ ck_assert(end > buf);
+ ck_assert(*(--end) == '\r');
+ *end = '\0';
+ if (end == start)
+ {
+ body = end + strlen("\r\n");
+ break;
+ }
+ switch (nr++)
+ {
+ case 0:
+ snprintf(hdr, sizeof(hdr), "%s %s HTTP/1.%u",
+ test->meth, test->path, test->minor);
+ ck_assert_str_eq(hdr, start);
+ break;
+ default:
+ if (strcasepfx(start, "Content-Length: "))
+ {
+ ck_assert_int_eq(
+ atoi(start + strlen("Content-Length: ")),
+ test->req_len);
+ }
+ if (strcasepfx(start, "Content-Type: "))
+ {
+ type = start + strlen("Content-Type: ");
+ }
+ break;
+ }
+ start = end + strlen("\r\n");
+ }
+ }
+
+ if (test->type)
+ {
+ ck_assert(type);
+ ck_assert_str_eq(type, test->type);
+ }
+
+ /* request body */
+ if (test->req_len)
+ {
+ ck_assert(stream->read_all(stream, buf + tot,
+ test->req_len - (tot - (body - buf))));
+ ck_assert(memeq(body, test->req, test->req_len));
+ }
+
+ /* response headers */
+ snprintf(buf, sizeof(buf), "HTTP/1.%u 200 OK\r\n", test->minor);
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+ t = time(NULL);
+ gmtime_r(&t, &tm);
+ strftime(buf, sizeof(buf), "%a, %d %b %Y %T %z", &tm);
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+ snprintf(buf, sizeof(buf), "Server: strongSwan unit test\r\n");
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+
+ /* rest of response headers */
+ snprintf(buf, sizeof(buf), "Content-Type: text/plain\r\n");
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+ snprintf(buf, sizeof(buf), "Content-Length: %u\r\n", test->res_len);
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+ snprintf(buf, sizeof(buf), "Connection: close\r\n");
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+ snprintf(buf, sizeof(buf), "\r\n");
+ ck_assert(stream->write_all(stream, buf, strlen(buf)));
+
+ /* response body */
+ ck_assert(stream->write_all(stream, test->res, test->res_len));
+ return FALSE;
+}
+
+static test_service_t gtests[] = {
+ { "GET", 1, "127.0.0.1", 6543, "/a/test/?b=c", NULL,
+ NULL, 0, "\x12\x34", 2 },
+ { "GET", 0, "localhost", 6543, "/", NULL,
+ NULL, 0, NULL, 0 },
+ { "GET", 0, "127.0.0.1", 6543, "/largefile", NULL,
+ NULL, 0, large, sizeof(large) },
+ { "GET", 1, "[::1]", 6543, "/ipv6-url", NULL,
+ NULL, 0, "\x00\r\n\r\x00testdatablabla", 20 },
+};
+
+START_TEST(test_get)
+{
+ stream_service_t *service;
+ status_t status;
+ chunk_t data, expected;
+ char uri[256];
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ snprintf(uri, sizeof(uri), "tcp://%s:%u", gtests[_i].host, gtests[_i].port);
+ service = lib->streams->create_service(lib->streams, uri, 1);
+ ck_assert(service != NULL);
+ service->on_accept(service, servicing, &gtests[_i], JOB_PRIO_HIGH, 0);
+
+ snprintf(uri, sizeof(uri), "http://%s:%u%s",
+ gtests[_i].host, gtests[_i].port, gtests[_i].path);
+ status = lib->fetcher->fetch(lib->fetcher, uri, &data,
+ !gtests[_i].minor ? FETCH_HTTP_VERSION_1_0 : FETCH_END,
+ FETCH_END);
+ ck_assert_int_eq(status, SUCCESS);
+ expected = chunk_create(gtests[_i].res, gtests[_i].res_len);
+ ck_assert_msg(chunk_compare(expected, data) == 0,
+ "exp %B\ngot %B\n", &expected, &data);
+ free(data.ptr);
+
+ service->destroy(service);
+}
+END_TEST
+
+
+static test_service_t ptests[] = {
+ { "POST", 1, "127.0.0.1", 6543, "/a/test/?b=c", "application/binary",
+ "\x23\x45", 2, "\x12\x34", 2 },
+ { "POST", 0, "localhost", 6543, "/largefile", "application/x-large",
+ large, sizeof(large), large, sizeof(large) },
+ { "POST", 1, "[::1]", 6543, "/ipv6-url", "text/plain",
+ "\x00\r\n\r\x00testdatablabla", 20, "\x00\r\n\r\x00testdatablabla", 20 },
+};
+
+START_TEST(test_post)
+{
+ stream_service_t *service;
+ status_t status;
+ chunk_t data, expected;
+ char uri[256];
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ snprintf(uri, sizeof(uri), "tcp://%s:%u", ptests[_i].host, ptests[_i].port);
+ service = lib->streams->create_service(lib->streams, uri, 1);
+ ck_assert(service != NULL);
+ service->on_accept(service, servicing, &ptests[_i], JOB_PRIO_HIGH, 0);
+
+ snprintf(uri, sizeof(uri), "http://%s:%u%s",
+ ptests[_i].host, ptests[_i].port, ptests[_i].path);
+ status = lib->fetcher->fetch(lib->fetcher, uri, &data,
+ FETCH_REQUEST_TYPE, ptests[_i].type,
+ FETCH_REQUEST_DATA,
+ chunk_create(ptests[_i].req, ptests[_i].req_len),
+ !ptests[_i].minor ? FETCH_HTTP_VERSION_1_0 : FETCH_END,
+ FETCH_END);
+ ck_assert_int_eq(status, SUCCESS);
+ expected = chunk_create(ptests[_i].res, ptests[_i].res_len);
+ ck_assert_msg(chunk_compare(expected, data) == 0,
+ "exp %B\ngot %B\n", &expected, &data);
+ free(data.ptr);
+
+ service->destroy(service);
+}
+END_TEST
+
+Suite *fetch_http_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("http fetcher");
+
+ tc = tcase_create("GET");
+ tcase_add_loop_test(tc, test_get, 0, countof(gtests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("POST");
+ tcase_add_loop_test(tc, test_post, 0, countof(ptests));
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_hasher.c b/src/libstrongswan/tests/suites/test_hasher.c
new file mode 100644
index 000000000..41a9d64ef
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_hasher.c
@@ -0,0 +1,189 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <crypto/hashers/hasher.h>
+#include <crypto/prfs/prf.h>
+#include <crypto/signers/signer.h>
+#include <asn1/oid.h>
+#include <utils/test.h>
+
+typedef struct {
+ int oid;
+ hash_algorithm_t alg;
+ key_type_t key;
+}hasher_oid_t;
+
+static hasher_oid_t oids[] = {
+ { OID_MD2, HASH_MD2, KEY_ANY },
+ { OID_MD5, HASH_MD5, KEY_ANY },
+ { OID_SHA1, HASH_SHA1, KEY_ANY },
+ { OID_SHA224, HASH_SHA224, KEY_ANY },
+ { OID_SHA256, HASH_SHA256, KEY_ANY },
+ { OID_SHA384, HASH_SHA384, KEY_ANY },
+ { OID_SHA512, HASH_SHA512, KEY_ANY },
+ { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },
+ { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },
+ { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },
+ { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },
+ { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },
+ { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },
+ { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },
+ { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },
+ { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },
+ { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },
+ { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },
+ { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },
+ { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },
+ { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }
+};
+
+START_TEST(test_hasher_from_oid)
+{
+ ck_assert(hasher_algorithm_from_oid(oids[_i].oid) == oids[_i].alg);
+}
+END_TEST
+
+START_TEST(test_hasher_to_oid)
+{
+ ck_assert(hasher_algorithm_to_oid(oids[_i].alg) == oids[_i].oid);
+}
+END_TEST
+
+START_TEST(test_hasher_sig_to_oid)
+{
+ ck_assert(hasher_signature_algorithm_to_oid(oids[_i].alg,
+ oids[_i].key) == oids[_i].oid);
+}
+END_TEST
+
+typedef struct {
+ pseudo_random_function_t prf;
+ hash_algorithm_t alg;
+}hasher_prf_t;
+
+static hasher_prf_t prfs[] = {
+ { PRF_HMAC_MD5, HASH_MD5 },
+ { PRF_HMAC_SHA1, HASH_SHA1 },
+ { PRF_FIPS_SHA1_160, HASH_SHA1 },
+ { PRF_KEYED_SHA1, HASH_SHA1 },
+ { PRF_HMAC_SHA2_256, HASH_SHA256 },
+ { PRF_HMAC_SHA2_384, HASH_SHA384 },
+ { PRF_HMAC_SHA2_512, HASH_SHA512 },
+ { PRF_HMAC_TIGER, HASH_UNKNOWN },
+ { PRF_AES128_XCBC, HASH_UNKNOWN },
+ { PRF_AES128_CMAC, HASH_UNKNOWN },
+ { PRF_FIPS_DES, HASH_UNKNOWN },
+ { PRF_CAMELLIA128_XCBC, HASH_UNKNOWN },
+ { PRF_UNDEFINED, HASH_UNKNOWN },
+ { 0, HASH_UNKNOWN }
+};
+
+START_TEST(test_hasher_from_prf)
+{
+ ck_assert(hasher_algorithm_from_prf(prfs[_i].prf) == prfs[_i].alg);
+}
+END_TEST
+
+typedef struct {
+ integrity_algorithm_t auth;
+ hash_algorithm_t alg;
+ size_t length;
+}hasher_auth_t;
+
+static hasher_auth_t auths[] = {
+ { AUTH_UNDEFINED, HASH_MD2, 0 },
+ { AUTH_UNDEFINED, HASH_MD4, 0 },
+ { AUTH_UNDEFINED, HASH_SHA224, 0 },
+ { AUTH_UNDEFINED, 9, 0 },
+ { AUTH_UNDEFINED, HASH_UNKNOWN, 0 },
+ { AUTH_HMAC_MD5_96, HASH_MD5, 12 },
+ { AUTH_HMAC_SHA1_96, HASH_SHA1, 12 },
+ { AUTH_HMAC_SHA2_256_96, HASH_SHA256, 12 },
+ { AUTH_HMAC_MD5_128, HASH_MD5, 16 },
+ { AUTH_HMAC_SHA1_128, HASH_SHA1, 16 },
+ { AUTH_HMAC_SHA2_256_128, HASH_SHA256, 16 },
+ { AUTH_HMAC_SHA1_160, HASH_SHA1, 20 },
+ { AUTH_HMAC_SHA2_384_192, HASH_SHA384, 24 },
+ { AUTH_HMAC_SHA2_256_256, HASH_SHA256, 32 },
+ { AUTH_HMAC_SHA2_512_256, HASH_SHA512, 32 },
+ { AUTH_HMAC_SHA2_384_384, HASH_SHA384, 48 },
+ { AUTH_HMAC_SHA2_512_512, HASH_SHA512, 64 },
+ { AUTH_AES_CMAC_96, HASH_UNKNOWN, 0 },
+ { AUTH_AES_128_GMAC, HASH_UNKNOWN, 0 },
+ { AUTH_AES_192_GMAC, HASH_UNKNOWN, 0 },
+ { AUTH_AES_256_GMAC, HASH_UNKNOWN, 0 },
+ { AUTH_AES_XCBC_96, HASH_UNKNOWN, 0 },
+ { AUTH_DES_MAC, HASH_UNKNOWN, 0 },
+ { AUTH_CAMELLIA_XCBC_96, HASH_UNKNOWN, 0 },
+ { 0, HASH_UNKNOWN, 0 }
+};
+
+START_TEST(test_hasher_from_integrity)
+{
+ size_t length;
+
+ length = 0;
+ ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) ==
+ auths[_i].alg);
+ ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) ==
+ auths[_i].alg);
+ ck_assert(length == auths[_i].length);
+}
+END_TEST
+
+START_TEST(test_hasher_to_integrity)
+{
+ ck_assert(hasher_algorithm_to_integrity(
+ auths[_i].alg, auths[_i].length) == auths[_i].auth);
+ ck_assert(hasher_algorithm_to_integrity(
+ auths[_i].alg, 0) == AUTH_UNDEFINED);
+}
+END_TEST
+
+Suite *hasher_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("hasher");
+
+ tc = tcase_create("from_oid");
+ tcase_add_loop_test(tc, test_hasher_from_oid, 0, 15);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("to_oid");
+ tcase_add_loop_test(tc, test_hasher_to_oid, 0, 8);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("sig_to_oid");
+ tcase_add_loop_test(tc, test_hasher_sig_to_oid, 7, countof(oids));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("from_prf");
+ tcase_add_loop_test(tc, test_hasher_from_prf, 0, countof(prfs));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("from_integrity");
+ tcase_add_loop_test(tc, test_hasher_from_integrity, 4, countof(auths));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("to_integrity");
+ tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_hashtable.c b/src/libstrongswan/tests/suites/test_hashtable.c
index 8cc7bfe42..8cc7bfe42 100644
--- a/src/libstrongswan/tests/test_hashtable.c
+++ b/src/libstrongswan/tests/suites/test_hashtable.c
diff --git a/src/libstrongswan/tests/test_host.c b/src/libstrongswan/tests/suites/test_host.c
index 30b9eb940..30b9eb940 100644
--- a/src/libstrongswan/tests/test_host.c
+++ b/src/libstrongswan/tests/suites/test_host.c
diff --git a/src/libstrongswan/tests/test_identification.c b/src/libstrongswan/tests/suites/test_identification.c
index 1dc6776d1..edf53f0fd 100644
--- a/src/libstrongswan/tests/test_identification.c
+++ b/src/libstrongswan/tests/suites/test_identification.c
@@ -179,7 +179,7 @@ static struct {
START_TEST(test_from_string)
{
identification_t *a;
- chunk_t encoding, expected;
+ chunk_t encoding, expected = chunk_empty;
char *id;
id = string_data[_i].id;
diff --git a/src/libstrongswan/tests/test_linked_list.c b/src/libstrongswan/tests/suites/test_linked_list.c
index 9e85c58d8..922f954e3 100644
--- a/src/libstrongswan/tests/test_linked_list.c
+++ b/src/libstrongswan/tests/suites/test_linked_list.c
@@ -246,10 +246,10 @@ struct invoke_t {
static void invoke(intptr_t item, void *a, void *b, void *c, void *d, int *sum)
{
- ck_assert(a == (void*)1);
- ck_assert(b == (void*)2);
- ck_assert(c == (void*)3);
- ck_assert(d == (void*)4);
+ ck_assert_int_eq((uintptr_t)a, 1);
+ ck_assert_int_eq((uintptr_t)b, 2);
+ ck_assert_int_eq((uintptr_t)c, 3);
+ ck_assert_int_eq((uintptr_t)d, 4);
*sum += item;
}
@@ -267,7 +267,9 @@ START_TEST(test_invoke_function)
list->insert_last(list, (void*)3);
list->insert_last(list, (void*)4);
list->insert_last(list, (void*)5);
- list->invoke_function(list, (linked_list_invoke_t)invoke, 1, 2, 3, 4, &sum);
+ list->invoke_function(list, (linked_list_invoke_t)invoke,
+ (uintptr_t)1, (uintptr_t)2,
+ (uintptr_t)3, (uintptr_t)4, &sum);
ck_assert_int_eq(sum, 15);
}
END_TEST
@@ -287,7 +289,9 @@ START_TEST(test_invoke_offset)
{
list->insert_last(list, &items[i]);
}
- list->invoke_offset(list, offsetof(invoke_t, invoke), 1, 2, 3, 4, &sum);
+ list->invoke_offset(list, offsetof(invoke_t, invoke),
+ (uintptr_t)1, (uintptr_t)2,
+ (uintptr_t)3, (uintptr_t)4, &sum);
ck_assert_int_eq(sum, 15);
}
END_TEST
@@ -303,7 +307,7 @@ struct clone_t {
void *(*clone)(clone_t *item);
};
-static void *clone(clone_t *item)
+static void *clonefn(clone_t *item)
{
return item->val;
}
@@ -326,11 +330,11 @@ START_TEST(test_clone_offset)
{
linked_list_t *other;
clone_t items[] = {
- { .val = (void*)1, .clone = clone, },
- { .val = (void*)2, .clone = clone, },
- { .val = (void*)3, .clone = clone, },
- { .val = (void*)4, .clone = clone, },
- { .val = (void*)5, .clone = clone, },
+ { .val = (void*)1, .clone = clonefn, },
+ { .val = (void*)2, .clone = clonefn, },
+ { .val = (void*)3, .clone = clonefn, },
+ { .val = (void*)4, .clone = clonefn, },
+ { .val = (void*)5, .clone = clonefn, },
};
int i;
diff --git a/src/libstrongswan/tests/test_linked_list_enumerator.c b/src/libstrongswan/tests/suites/test_linked_list_enumerator.c
index 48d6f40e6..48d6f40e6 100644
--- a/src/libstrongswan/tests/test_linked_list_enumerator.c
+++ b/src/libstrongswan/tests/suites/test_linked_list_enumerator.c
diff --git a/src/libstrongswan/tests/suites/test_ntru.c b/src/libstrongswan/tests/suites/test_ntru.c
new file mode 100644
index 000000000..a46f5742c
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_ntru.c
@@ -0,0 +1,1042 @@
+/*
+ * Copyright (C) 2013-2014 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <tests/utils/test_rng.h>
+#include <plugins/ntru/ntru_drbg.h>
+#include <plugins/ntru/ntru_mgf1.h>
+#include <plugins/ntru/ntru_trits.h>
+#include <plugins/ntru/ntru_poly.h>
+#include <utils/test.h>
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_drbg_create, ntru_drbg_t*,
+ u_int32_t strength, chunk_t pers_str, rng_t *entropy)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_mgf1_create, ntru_mgf1_t*,
+ hash_algorithm_t alg, chunk_t seed, bool hash_seed)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_trits_create, ntru_trits_t*,
+ size_t len, hash_algorithm_t alg, chunk_t seed)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_seed, ntru_poly_t*,
+ hash_algorithm_t alg, chunk_t seed, uint8_t c_bits,
+ uint16_t N, uint16_t q, uint32_t indices_len_p,
+ uint32_t indices_len_m, bool is_product_form)
+
+IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data, ntru_poly_t*,
+ u_int16_t *data, uint16_t N, uint16_t q,
+ uint32_t indices_len_p, uint32_t indices_len_m,
+ bool is_product_form)
+
+/**
+ * NTRU parameter sets to test
+ */
+static struct {
+ diffie_hellman_group_t group;
+ char *group_name;
+} params[] = {
+ { NTRU_112_BIT, "NTRU_112" },
+ { NTRU_128_BIT, "NTRU_128" },
+ { NTRU_192_BIT, "NTRU_192" },
+ { NTRU_256_BIT, "NTRU_256" }
+};
+
+/**
+ * NTRU parameter set selection
+ */
+char *parameter_sets[] = {
+ "x9_98_speed", "x9_98_bandwidth", "x9_98_balance", "optimum"
+};
+
+typedef struct {
+ u_int32_t requested;
+ u_int32_t standard;
+}strength_t;
+
+strength_t strengths[] = {
+ { 80, 112 },
+ { 112, 112 },
+ { 120, 128 },
+ { 128, 128 },
+ { 150, 192 },
+ { 192, 192 },
+ { 200, 256 },
+ { 256, 256 },
+ { 512, 0 }
+};
+
+START_TEST(test_ntru_drbg_strength)
+{
+ ntru_drbg_t *drbg;
+ rng_t *entropy;
+
+ entropy = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
+ ck_assert(entropy != NULL);
+
+ drbg = ntru_drbg_create(strengths[_i].requested, chunk_empty, entropy);
+ if (strengths[_i].standard)
+ {
+ ck_assert(drbg != NULL);
+ ck_assert(drbg->get_strength(drbg) == strengths[_i].standard);
+ drbg->destroy(drbg);
+ }
+ else
+ {
+ ck_assert(drbg == NULL);
+ }
+ entropy->destroy(entropy);
+}
+END_TEST
+
+typedef struct {
+ chunk_t pers_str;
+ chunk_t entropy;
+ chunk_t out;
+} drbg_test_t;
+
+/**
+ * NIST SP 800-90A Deterministic Random Generator Validation System (DRBGVS)
+ */
+drbg_test_t drbg_tests[] = {
+ /* SHA-256 test case 1 - count 0 */
+ { { NULL, 0 },
+ chunk_from_chars(0x06, 0x03, 0x2c, 0xd5, 0xee, 0xd3, 0x3f, 0x39,
+ 0x26, 0x5f, 0x49, 0xec, 0xb1, 0x42, 0xc5, 0x11,
+ 0xda, 0x9a, 0xff, 0x2a, 0xf7, 0x12, 0x03, 0xbf,
+ 0xfa, 0xf3, 0x4a, 0x9c, 0xa5, 0xbd, 0x9c, 0x0d,
+ 0x0e, 0x66, 0xf7, 0x1e, 0xdc, 0x43, 0xe4, 0x2a,
+ 0x45, 0xad, 0x3c, 0x6f, 0xc6, 0xcd, 0xc4, 0xdf,
+ 0x01, 0x92, 0x0a, 0x4e, 0x66, 0x9e, 0xd3, 0xa8,
+ 0x5a, 0xe8, 0xa3, 0x3b, 0x35, 0xa7, 0x4a, 0xd7,
+ 0xfb, 0x2a, 0x6b, 0xb4, 0xcf, 0x39, 0x5c, 0xe0,
+ 0x03, 0x34, 0xa9, 0xc9, 0xa5, 0xa5, 0xd5, 0x52),
+ chunk_from_chars(0x76, 0xfc, 0x79, 0xfe, 0x9b, 0x50, 0xbe, 0xcc,
+ 0xc9, 0x91, 0xa1, 0x1b, 0x56, 0x35, 0x78, 0x3a,
+ 0x83, 0x53, 0x6a, 0xdd, 0x03, 0xc1, 0x57, 0xfb,
+ 0x30, 0x64, 0x5e, 0x61, 0x1c, 0x28, 0x98, 0xbb,
+ 0x2b, 0x1b, 0xc2, 0x15, 0x00, 0x02, 0x09, 0x20,
+ 0x8c, 0xd5, 0x06, 0xcb, 0x28, 0xda, 0x2a, 0x51,
+ 0xbd, 0xb0, 0x38, 0x26, 0xaa, 0xf2, 0xbd, 0x23,
+ 0x35, 0xd5, 0x76, 0xd5, 0x19, 0x16, 0x08, 0x42,
+ 0xe7, 0x15, 0x8a, 0xd0, 0x94, 0x9d, 0x1a, 0x9e,
+ 0xc3, 0xe6, 0x6e, 0xa1, 0xb1, 0xa0, 0x64, 0xb0,
+ 0x05, 0xde, 0x91, 0x4e, 0xac, 0x2e, 0x9d, 0x4f,
+ 0x2d, 0x72, 0xa8, 0x61, 0x6a, 0x80, 0x22, 0x54,
+ 0x22, 0x91, 0x82, 0x50, 0xff, 0x66, 0xa4, 0x1b,
+ 0xd2, 0xf8, 0x64, 0xa6, 0xa3, 0x8c, 0xc5, 0xb6,
+ 0x49, 0x9d, 0xc4, 0x3f, 0x7f, 0x2b, 0xd0, 0x9e,
+ 0x1e, 0x0f, 0x8f, 0x58, 0x85, 0x93, 0x51, 0x24)
+ },
+ /* SHA-256 test case 3 - count 0 */
+ { chunk_from_chars(0xf2, 0xe5, 0x8f, 0xe6, 0x0a, 0x3a, 0xfc, 0x59,
+ 0xda, 0xd3, 0x75, 0x95, 0x41, 0x5f, 0xfd, 0x31,
+ 0x8c, 0xcf, 0x69, 0xd6, 0x77, 0x80, 0xf6, 0xfa,
+ 0x07, 0x97, 0xdc, 0x9a, 0xa4, 0x3e, 0x14, 0x4c),
+ chunk_from_chars(0xfa, 0x0e, 0xe1, 0xfe, 0x39, 0xc7, 0xc3, 0x90,
+ 0xaa, 0x94, 0x15, 0x9d, 0x0d, 0xe9, 0x75, 0x64,
+ 0x34, 0x2b, 0x59, 0x17, 0x77, 0xf3, 0xe5, 0xf6,
+ 0xa4, 0xba, 0x2a, 0xea, 0x34, 0x2e, 0xc8, 0x40,
+ 0xdd, 0x08, 0x20, 0x65, 0x5c, 0xb2, 0xff, 0xdb,
+ 0x0d, 0xa9, 0xe9, 0x31, 0x0a, 0x67, 0xc9, 0xe5,
+ 0xe0, 0x62, 0x9b, 0x6d, 0x79, 0x75, 0xdd, 0xfa,
+ 0x96, 0xa3, 0x99, 0x64, 0x87, 0x40, 0xe6, 0x0f,
+ 0x1f, 0x95, 0x57, 0xdc, 0x58, 0xb3, 0xd7, 0x41,
+ 0x5f, 0x9b, 0xa9, 0xd4, 0xdb, 0xb5, 0x01, 0xf6),
+ chunk_from_chars(0xf9, 0x2d, 0x4c, 0xf9, 0x9a, 0x53, 0x5b, 0x20,
+ 0x22, 0x2a, 0x52, 0xa6, 0x8d, 0xb0, 0x4c, 0x5a,
+ 0xf6, 0xf5, 0xff, 0xc7, 0xb6, 0x6a, 0x47, 0x3a,
+ 0x37, 0xa2, 0x56, 0xbd, 0x8d, 0x29, 0x8f, 0x9b,
+ 0x4a, 0xa4, 0xaf, 0x7e, 0x8d, 0x18, 0x1e, 0x02,
+ 0x36, 0x79, 0x03, 0xf9, 0x3b, 0xdb, 0x74, 0x4c,
+ 0x6c, 0x2f, 0x3f, 0x34, 0x72, 0x62, 0x6b, 0x40,
+ 0xce, 0x9b, 0xd6, 0xa7, 0x0e, 0x7b, 0x8f, 0x93,
+ 0x99, 0x2a, 0x16, 0xa7, 0x6f, 0xab, 0x6b, 0x5f,
+ 0x16, 0x25, 0x68, 0xe0, 0x8e, 0xe6, 0xc3, 0xe8,
+ 0x04, 0xae, 0xfd, 0x95, 0x2d, 0xdd, 0x3a, 0xcb,
+ 0x79, 0x1c, 0x50, 0xf2, 0xad, 0x69, 0xe9, 0xa0,
+ 0x40, 0x28, 0xa0, 0x6a, 0x9c, 0x01, 0xd3, 0xa6,
+ 0x2a, 0xca, 0x2a, 0xaf, 0x6e, 0xfe, 0x69, 0xed,
+ 0x97, 0xa0, 0x16, 0x21, 0x3a, 0x2d, 0xd6, 0x42,
+ 0xb4, 0x88, 0x67, 0x64, 0x07, 0x2d, 0x9c, 0xbe)
+ },
+ /* SHA-256 test case 5 - count 0 */
+ { { NULL, 0 },
+ chunk_from_chars(0xff, 0x0c, 0xdd, 0x55, 0x5c, 0x60, 0x46, 0x47,
+ 0x60, 0xb2, 0x89, 0xb7, 0xbc, 0x1f, 0x81, 0x1a,
+ 0x41, 0xff, 0xf7, 0x2d, 0xe5, 0x90, 0x83, 0x85,
+ 0x8c, 0x02, 0x0a, 0x10, 0x53, 0xbd, 0xc7, 0x4a,
+ 0x7b, 0xc0, 0x99, 0x28, 0x5a, 0xd5, 0x62, 0x19,
+ 0x93, 0xb6, 0x39, 0xc4, 0xa9, 0x4c, 0x37, 0x6b,
+ 0x14, 0xfc, 0x6c, 0x9b, 0x17, 0x8d, 0xb6, 0x44,
+ 0xa8, 0xcd, 0x71, 0x30, 0xa4, 0xcf, 0x05, 0x16,
+ 0x78, 0xc8, 0xf4, 0xfa, 0x8f, 0x24, 0xc2, 0x7b,
+ 0x0a, 0x53, 0x13, 0x38, 0xa5, 0xce, 0x85, 0x89),
+ chunk_from_chars(0x2f, 0x26, 0x20, 0x34, 0x7b, 0xdd, 0xca, 0xa2,
+ 0x94, 0x36, 0x85, 0x34, 0x6b, 0xbf, 0x31, 0xc4,
+ 0x40, 0x81, 0xf8, 0x66, 0x5f, 0x3d, 0xdb, 0x2b,
+ 0x42, 0xae, 0x14, 0x16, 0xa7, 0x4c, 0x4b, 0x77,
+ 0xfa, 0xb3, 0xfa, 0x19, 0xae, 0xec, 0xc5, 0x47,
+ 0xe7, 0x6c, 0x8c, 0xbe, 0x6a, 0xd1, 0xf1, 0x00,
+ 0xa3, 0xfc, 0x8b, 0x2c, 0xe2, 0xa1, 0xea, 0x3a,
+ 0x3d, 0xd7, 0xcf, 0xad, 0x46, 0xc1, 0xb2, 0x78,
+ 0x30, 0xb9, 0x40, 0xba, 0x18, 0xd0, 0x9e, 0x9b,
+ 0x7f, 0xa9, 0x02, 0xbb, 0x76, 0x06, 0x69, 0xb1,
+ 0x73, 0x5c, 0xc7, 0xb7, 0xbd, 0x39, 0x05, 0x2d,
+ 0xa7, 0xf2, 0x62, 0x6f, 0xa8, 0x70, 0x00, 0xcf,
+ 0xfa, 0xda, 0x41, 0x00, 0x19, 0xd0, 0x53, 0x38,
+ 0x6a, 0xd8, 0x08, 0xbd, 0x3c, 0x0c, 0xfc, 0xf5,
+ 0x6b, 0x91, 0x87, 0x9e, 0xb8, 0xd3, 0xf9, 0x32,
+ 0xee, 0x2d, 0x18, 0x5e, 0x54, 0xf3, 0x1b, 0x74)
+ },
+ /* SHA-256 test case 7 - count 0 */
+ { chunk_from_chars(0x40, 0x93, 0x3f, 0xdc, 0xce, 0x41, 0x59, 0xb0,
+ 0x95, 0x51, 0x11, 0xf8, 0x44, 0x47, 0x1b, 0x0d,
+ 0xb8, 0x5b, 0x73, 0xbd, 0xd2, 0xb7, 0x8c, 0x46,
+ 0x8d, 0xd3, 0x9e, 0x2a, 0x9b, 0x29, 0xae, 0xf2),
+ chunk_from_chars(0x28, 0xba, 0x1a, 0x66, 0x16, 0x32, 0xef, 0xc8,
+ 0xec, 0xce, 0xd5, 0xf5, 0x1b, 0x79, 0x13, 0x00,
+ 0xfb, 0x3b, 0x55, 0xb0, 0x5d, 0x04, 0x17, 0x08,
+ 0x63, 0x8d, 0xe4, 0xbe, 0xb7, 0x57, 0xa9, 0xe5,
+ 0x76, 0x82, 0x87, 0x96, 0xaf, 0xf0, 0x7f, 0x55,
+ 0x79, 0x5c, 0xb5, 0x47, 0x13, 0xc7, 0x7e, 0xd4,
+ 0xa5, 0xf5, 0x42, 0xb0, 0x4a, 0xaa, 0x5d, 0xbc,
+ 0x93, 0x1e, 0x47, 0x01, 0x9f, 0xeb, 0x38, 0x96,
+ 0x26, 0x16, 0xc5, 0x7a, 0xf0, 0x9b, 0x7c, 0x1d,
+ 0xf8, 0x3f, 0x2b, 0x86, 0x0f, 0xf7, 0x65, 0x86),
+ chunk_from_chars(0x65, 0xe5, 0xaa, 0x47, 0xb3, 0x85, 0xf1, 0xea,
+ 0x42, 0xb2, 0x31, 0xb9, 0xfe, 0x74, 0x42, 0x53,
+ 0xb8, 0x59, 0x88, 0x59, 0xd7, 0x01, 0x1e, 0x52,
+ 0x5f, 0x5a, 0x2a, 0x1a, 0xd3, 0x2a, 0x97, 0x2a,
+ 0x85, 0x08, 0x02, 0xc6, 0x0a, 0x2b, 0xe1, 0x9b,
+ 0xe2, 0x70, 0x06, 0x3a, 0x3c, 0xfb, 0xea, 0xae,
+ 0x95, 0x4f, 0x10, 0xb1, 0x22, 0x35, 0x2d, 0xe6,
+ 0xa0, 0x8a, 0xc4, 0x10, 0xe0, 0x99, 0x16, 0x53,
+ 0xaa, 0xb2, 0x71, 0xb3, 0x60, 0xfe, 0x91, 0x91,
+ 0xcf, 0x5a, 0xdd, 0xcc, 0xcc, 0xed, 0x8c, 0x4a,
+ 0xcf, 0xb6, 0x14, 0x57, 0x04, 0x99, 0x92, 0x98,
+ 0x8f, 0xd7, 0xa9, 0xac, 0xca, 0x1f, 0x1b, 0xca,
+ 0x35, 0xf1, 0x47, 0x58, 0x13, 0x69, 0x4a, 0x39,
+ 0x98, 0x8e, 0x5f, 0xac, 0x9f, 0x4a, 0xc0, 0x57,
+ 0x22, 0x86, 0xbc, 0x46, 0x25, 0x82, 0xad, 0x0a,
+ 0xf7, 0x8a, 0xb3, 0xb8, 0x5e, 0xc1, 0x7a, 0x25)
+ }
+};
+
+START_TEST(test_ntru_drbg)
+{
+ ntru_drbg_t *drbg;
+ rng_t *entropy;
+ chunk_t out;
+
+ out = chunk_alloc(128);
+ entropy = test_rng_create(drbg_tests[_i].entropy);
+ drbg = ntru_drbg_create(256, drbg_tests[_i].pers_str, entropy);
+ ck_assert(drbg != NULL);
+ ck_assert(drbg->reseed(drbg));
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+ ck_assert(chunk_equals(out, drbg_tests[_i].out));
+ drbg->destroy(drbg);
+ entropy->destroy(entropy);
+ chunk_free(&out);
+}
+END_TEST
+
+START_TEST(test_ntru_drbg_reseed)
+{
+ ntru_drbg_t *drbg;
+ rng_t *entropy;
+ chunk_t out;
+
+ lib->settings->set_int(lib->settings,
+ "libstrongswan.plugins.ntru.max_drbg_requests", 2);
+ out = chunk_alloc(128);
+ entropy = test_rng_create(drbg_tests[0].entropy);
+ drbg = ntru_drbg_create(256, chunk_empty, entropy);
+
+ /* bad output parameters */
+ ck_assert(!drbg->generate(drbg, 256, 0, out.ptr));
+ ck_assert(!drbg->generate(drbg, 256, 128, NULL));
+
+ /* no reseeding occurs */
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+
+ /* consuming remaining entropy */
+ ck_assert(entropy->get_bytes(entropy, 32, out.ptr));
+
+ /* no entropy available for automatic reseeding */
+ ck_assert(!drbg->generate(drbg, 256, 128, out.ptr));
+ drbg->destroy(drbg);
+
+ /* no entropy available for DRBG instantiation */
+ drbg = ntru_drbg_create(256, chunk_empty, entropy);
+ ck_assert(drbg == NULL);
+ entropy->destroy(entropy);
+
+ /* one automatic reseeding occurs */
+ entropy = test_rng_create(drbg_tests[0].entropy);
+ drbg = ntru_drbg_create(256, chunk_empty, entropy);
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+ ck_assert(drbg->generate(drbg, 256, 128, out.ptr));
+
+ /* no entropy left */
+ ck_assert(!entropy->get_bytes(entropy, 32, out.ptr));
+
+ drbg->destroy(drbg);
+ entropy->destroy(entropy);
+ chunk_free(&out);
+ lib->settings->set_int(lib->settings,
+ "libstrongswan.plugins.ntru.max_drbg_requests", 2000);
+}
+END_TEST
+
+typedef struct {
+ uint8_t c_bits;
+ uint16_t N;
+ uint16_t q;
+ bool is_product_form;
+ uint32_t indices_len;
+ uint32_t indices_size;
+ uint16_t *indices;
+} poly_test_t;
+
+typedef struct {
+ hash_algorithm_t alg;
+ size_t hash_size;
+ size_t ml1, ml2, ml3, seed_len;
+ chunk_t seed;
+ chunk_t hashed_seed;
+ chunk_t mask;
+ chunk_t trits;
+ poly_test_t poly_test[2];
+} mgf1_test_t;
+
+uint16_t indices_ees439ep1[] = {
+ 367, 413, 16, 214, 114, 128, 42, 268, 346, 329, 119, 303, 208, 287, 150,
+ 3, 45, 321, 110, 109, 272, 430, 80, 305, 51, 381, 322, 140, 207, 315,
+ 206, 186, 56, 5, 273, 177, 44, 100, 205, 210, 98, 191, 8, 336
+};
+
+uint16_t indices_ees613ep1[] = {
+ 245, 391, 251, 428, 301, 2, 176, 296, 461, 224, 590, 215, 250, 91, 395,
+ 363, 58, 537, 278, 291, 247, 33, 140, 447, 172, 514, 424, 412, 95, 94,
+ 281, 159, 196, 302, 277, 63, 404, 150, 608, 315, 195, 334, 207, 376, 398,
+ 0, 309, 486, 516, 86, 267, 139, 130, 38, 141, 258, 21, 341, 526, 388,
+ 194, 116, 138, 524, 547, 383, 542, 406, 270, 438, 240, 445, 527, 168, 320,
+ 186, 327, 212, 543, 82, 606, 131, 294, 392, 477, 430, 583, 142, 253, 434,
+ 134, 458, 559, 414, 162, 407, 580, 577, 191, 109, 554, 523, 32, 62, 297,
+ 283, 268, 54, 539, 5
+};
+
+uint16_t indices_ees743ep1[] = {
+ 285, 62, 136, 655, 460, 35, 450, 208, 340, 212, 61, 234, 454, 52, 520,
+ 399, 315, 616, 496, 88, 280, 543, 508, 237, 553, 39, 214, 253, 720, 291,
+ 586, 615, 635, 596, 62, 499, 301, 176, 271, 659, 372, 185, 621, 350, 683,
+ 180, 717, 509, 641, 738, 666, 171, 639, 606, 353, 706, 237, 358, 410, 423,
+ 197, 501, 261, 654, 658, 701, 377, 182, 548, 287, 700, 403, 248, 137
+};
+
+uint16_t indices_ees1171ep1[] = {
+ 514, 702, 760, 505, 262, 486, 695, 783, 533, 74, 403, 847, 170,1019, 568,
+ 676,1057, 277,1021, 238, 203, 884, 124, 87, 65, 93, 131, 881,1102, 133,
+ 459, 462, 92, 40, 5,1152,1158, 297, 599, 299, 7, 458, 347, 343, 173,
+ 1044, 264, 871, 819, 679, 328, 438, 990, 982, 308,1135, 423, 470, 254, 295,
+ 1029, 892, 759, 789, 123, 939, 749, 353,1062, 145, 562, 337, 550, 102, 549,
+ 821,1098, 823, 96, 365, 135,1110, 334, 391, 638, 963, 962,1002,1069, 993,
+ 983, 649,1056, 399, 385, 715, 582, 799, 161, 512, 629, 979, 250, 37, 213,
+ 929, 413, 566, 336, 727, 160, 616,1170, 748, 282,1115, 325, 994, 189, 500,
+ 913, 332,1118, 753, 946, 775, 59, 809, 782, 612, 909,1090, 223, 777, 940,
+ 866,1032, 471, 298, 969, 192, 411, 721, 476, 910,1045,1027, 812, 352, 487,
+ 215, 625, 808, 230, 602, 457, 900, 416, 985, 850, 908, 155, 670, 669,1054,
+ 400,1126, 733, 647, 786, 195, 148, 362,1094, 389,1086,1166, 231, 436, 210,
+ 333, 824, 785, 826, 658, 472, 639,1046,1028, 519, 422, 80, 924,1089, 547,
+ 1157, 579, 2, 508,1040, 998, 902,1058, 600, 220, 805, 945, 140,1117, 179,
+ 536, 191
+};
+
+/**
+ * MGF1 Mask Generation Function Test Vectors
+ */
+mgf1_test_t mgf1_tests[] = {
+ { HASH_SHA1, 20, 60, 20, 15, 24,
+ chunk_from_chars(
+ 0xED, 0xA5, 0xC3, 0xBC, 0xAF, 0xB3, 0x20, 0x7D,
+ 0x14, 0xA1, 0x54, 0xF7, 0x8B, 0x37, 0xF2, 0x8D,
+ 0x8C, 0x9B, 0xD5, 0x63, 0x57, 0x38, 0x11, 0xC2,
+ 0xB5, 0xCA, 0xBF, 0x06, 0x43, 0x45, 0x19, 0xD5,
+ 0xE7, 0x36, 0xD0, 0x29, 0x21, 0xDA, 0x02, 0x20,
+ 0x45, 0xF6, 0x5F, 0x0F, 0x10, 0x04, 0x2A, 0xE3,
+ 0x6A, 0x1D, 0xD5, 0x9F, 0x1D, 0x66, 0x44, 0x8F,
+ 0xFA, 0xC6, 0xCA, 0xA4, 0x6E, 0x3B, 0x00, 0x66,
+ 0xA6, 0xC9, 0x80, 0x5C, 0xF5, 0x2D, 0xD7, 0x72,
+ 0xC6, 0xD4, 0x4F, 0x30, 0x72, 0xA2, 0xAD, 0xE0,
+ 0x33, 0xE8, 0x55, 0xD5, 0xE6, 0xD6, 0x00, 0x1D,
+ 0xA8, 0x68, 0xFF, 0x97, 0x36, 0x8A, 0xF4, 0xD6,
+ 0xF1, 0xB6, 0x7E, 0x1F, 0x06, 0xCB, 0x57, 0xCB,
+ 0x35, 0x38, 0xF2, 0x2D, 0xF6, 0x20),
+ chunk_from_chars(
+ 0xF3, 0x9B, 0x0B, 0xB4, 0x97, 0x50, 0xB5, 0xA7,
+ 0xE6, 0xBD, 0xDA, 0xD0, 0x9A, 0x52, 0xBE, 0xA0,
+ 0x21, 0xC4, 0x90, 0xB6),
+ chunk_from_chars(
+ 0x10, 0x43, 0x76, 0x72, 0x6C, 0xDE, 0xA0, 0x0E,
+ 0x77, 0x51, 0xFB, 0x58, 0x39, 0x8A, 0x36, 0xE1,
+ 0x63, 0x2B, 0xC9, 0x17, 0x56, 0x0C, 0x4B, 0x46,
+ 0xA4, 0x07, 0xA4, 0x3B, 0x8E, 0x33, 0x4D, 0xD1,
+ 0x65, 0xF1, 0xAC, 0xC8, 0x59, 0x21, 0x32, 0x16,
+ 0x44, 0x2B, 0x7F, 0xB2, 0xA8, 0xA7, 0x26, 0x5D,
+ 0xE8, 0x02, 0xBE, 0x8E, 0xDC, 0x34, 0xEB, 0x10,
+ 0x76, 0x16, 0x8C, 0xDD, 0x90, 0x92, 0x3D, 0x29,
+ 0x90, 0x98, 0x46, 0x11, 0x73, 0x53, 0x47, 0xB1,
+ 0x2C, 0xD4, 0x83, 0x78, 0x9B, 0x93, 0x2F, 0x5B,
+ 0xFC, 0x26, 0xFF, 0x42, 0x08, 0x1F, 0x70, 0x66,
+ 0x40, 0x4B, 0xE7, 0x22, 0x3A, 0x56, 0x10, 0x6D,
+ 0x4D, 0x29, 0x0B, 0xCE, 0xA6, 0x21, 0xB5, 0x5C,
+ 0x71, 0x66, 0x2F, 0x70, 0x35, 0xD8, 0x8A, 0x92,
+ 0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14),
+ chunk_from_chars(
+ 1, 2, 1, 0, 0, 1, 1, 1, 2, 0, 1, 0, 1, 1, 1, 0, 2, 0, 1, 1,
+ 0, 0, 0, 1, 1, 0, 2, 0, 2, 2, 1, 2, 2, 2, 1, 2, 1, 1, 0, 0,
+ 2, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 2, 0, 0, 1, 0, 1, 0, 2, 0,
+ 0, 1, 0, 2, 1, 0, 0, 0, 2, 0, 0, 0, 1, 2, 2, 0, 0, 2, 0, 1,
+ 1, 2, 1, 1, 0, 0, 1, 1, 1, 2, 2, 1, 2, 0, 0, 2, 1, 0, 0, 1,
+ 0, 1, 1, 0, 0, 0, 1, 2, 2, 0, 1, 2, 1, 2, 0, 2, 0, 0, 0, 2,
+ 1, 2, 0, 0, 0, 2, 0, 0, 0, 2, 2, 1, 0, 2, 0, 1, 2, 0, 2, 1,
+ 0, 2, 2, 1, 0, 2, 1, 2, 2, 0, 2, 0, 2, 1, 2, 2, 0, 2, 0, 1,
+ 1, 2, 2, 2, 2, 1, 0, 1, 0, 2, 2, 0, 1, 1, 2, 2, 2, 0, 0, 1,
+ 0, 2, 0, 1, 0, 2, 1, 2, 1, 0, 1, 1, 2, 0, 0, 2, 1, 1, 2, 0,
+ 1, 2, 1, 1, 0, 1, 0, 2, 1, 1, 1, 2, 1, 0, 2, 0, 2, 0, 0, 2,
+ 2, 1, 0, 0, 2, 2, 0, 1, 1, 0, 0, 1, 1, 0, 1, 1, 2, 1, 2, 2,
+ 2, 0, 0, 0, 0, 1, 0, 0, 1, 2, 1, 2, 0, 2, 1, 1, 1, 0, 2, 2,
+ 1, 2, 2, 1, 0, 1, 0, 2, 2, 2, 1, 2, 1, 0, 0, 1, 0, 1, 1, 1,
+ 1, 1, 2, 0, 0, 2, 1, 0, 2, 1, 2, 1, 0, 2, 2, 0, 0, 1, 2, 1,
+ 2, 0, 1, 2, 1, 1, 2, 0, 2, 0, 2, 1, 1, 1, 0, 0, 0, 1, 2, 1,
+ 2, 2, 1, 2, 1, 1, 2, 1, 2, 0, 2, 2, 1, 0, 0, 1, 2, 0, 1, 1,
+ 2, 0, 0, 0, 1, 2, 2, 1, 2, 0, 0, 2, 1, 0, 2, 2, 2, 1, 1, 0,
+ 2, 1, 2, 1, 2, 2, 1, 2, 1, 1, 0, 1, 1, 1, 1, 2, 0, 2, 2, 1,
+ 0, 1, 1, 2, 1, 2, 0, 2, 1, 0, 1, 0, 1, 0, 1, 2, 0, 1, 1, 0,
+ 0, 1, 1, 2, 0, 2, 2, 0, 0, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1,
+ 0, 1, 2, 0, 1, 1, 0, 1, 2, 0, 0, 1, 2, 2, 0, 0, 2, 1, 2),
+ {
+ { 9, 439, 2048, TRUE, 9 + (8 << 8) + (5 << 16),
+ countof(indices_ees439ep1), indices_ees439ep1
+ },
+ { 11, 613, 2048, FALSE, 55,
+ countof(indices_ees613ep1), indices_ees613ep1
+ }
+ }
+ },
+ { HASH_SHA256, 32, 64, 32, 33, 40,
+ chunk_from_chars(
+ 0x52, 0xC5, 0xDD, 0x1E, 0xEF, 0x76, 0x1B, 0x53,
+ 0x08, 0xE4, 0x86, 0x3F, 0x91, 0x12, 0x98, 0x69,
+ 0xC5, 0x9D, 0xDE, 0xF6, 0xFC, 0xFA, 0x93, 0xCE,
+ 0x32, 0x52, 0x66, 0xF9, 0xC9, 0x97, 0xF6, 0x42,
+ 0x00, 0x2C, 0x64, 0xED, 0x1A, 0x6B, 0x14, 0x0A,
+ 0x4B, 0x04, 0xCF, 0x6D, 0x2D, 0x82, 0x0A, 0x07,
+ 0xA2, 0x3B, 0xDE, 0xCE, 0x19, 0x8A, 0x39, 0x43,
+ 0x16, 0x61, 0x29, 0x98, 0x68, 0xEA, 0xE5, 0xCC,
+ 0x0A, 0xF8, 0xE9, 0x71, 0x26, 0xF1, 0x07, 0x36,
+ 0x2C, 0x07, 0x1E, 0xEB, 0xE4, 0x28, 0xA2, 0xF4,
+ 0xA8, 0x12, 0xC0, 0xC8, 0x20, 0x37, 0xF8, 0xF2,
+ 0x6C, 0xAF, 0xDC, 0x6F, 0x2E, 0xD0, 0x62, 0x58,
+ 0xD2, 0x37, 0x03, 0x6D, 0xFA, 0x6E, 0x1A, 0xAC,
+ 0x9F, 0xCA, 0x56, 0xC6, 0xA4, 0x52, 0x41, 0xE8,
+ 0x0F, 0x1B, 0x0C, 0xB9, 0xE6, 0xBA, 0xDE, 0xE1,
+ 0x03, 0x5E, 0xC2, 0xE5, 0xF8, 0xF4, 0xF3, 0x46,
+ 0x3A, 0x12, 0xC0, 0x1F, 0x3A, 0x00, 0xD0, 0x91,
+ 0x18, 0xDD, 0x53, 0xE4, 0x22, 0xF5, 0x26, 0xA4,
+ 0x54, 0xEE, 0x20, 0xF0, 0x80),
+ chunk_from_chars(
+ 0x76, 0x89, 0x8B, 0x1B, 0x60, 0xEC, 0x10, 0x9D,
+ 0x8F, 0x13, 0xF2, 0xFE, 0xD9, 0x85, 0xC1, 0xAB,
+ 0x7E, 0xEE, 0xB1, 0x31, 0xDD, 0xF7, 0x7F, 0x0C,
+ 0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28),
+ chunk_from_chars(
+ 0xF1, 0x19, 0x02, 0x4F, 0xDA, 0x58, 0x05, 0x9A,
+ 0x07, 0xDF, 0x61, 0x81, 0x22, 0x0E, 0x15, 0x46,
+ 0xCB, 0x35, 0x3C, 0xDC, 0xAD, 0x20, 0xD9, 0x3F,
+ 0x0D, 0xD1, 0xAA, 0x64, 0x66, 0x5C, 0xFA, 0x4A,
+ 0xFE, 0xD6, 0x8F, 0x55, 0x57, 0x15, 0xB2, 0xA6,
+ 0xA0, 0xE6, 0xA8, 0xC6, 0xBD, 0x28, 0xB4, 0xD5,
+ 0x6E, 0x5B, 0x4B, 0xB0, 0x97, 0x09, 0xF5, 0xAC,
+ 0x57, 0x65, 0x13, 0x97, 0x71, 0x2C, 0x45, 0x13,
+ 0x3D, 0xEE, 0xFB, 0xBF, 0xFE, 0xAF, 0xBB, 0x4B,
+ 0x0D, 0x5C, 0x45, 0xD4, 0x2F, 0x17, 0x92, 0x07,
+ 0x66, 0x11, 0xF5, 0x46, 0xF8, 0x0C, 0x03, 0x92,
+ 0xF5, 0xF5, 0xFF, 0xA4, 0xF3, 0x52, 0xF4, 0x08,
+ 0x2C, 0x49, 0x32, 0x1A, 0x93, 0x51, 0x98, 0xB6,
+ 0x94, 0x83, 0x39, 0xCF, 0x6B, 0x1F, 0x2F, 0xFC,
+ 0x2B, 0xFF, 0x10, 0x71, 0x7D, 0x35, 0x6C, 0xEA,
+ 0xC5, 0x66, 0xC7, 0x26, 0x7D, 0x9E, 0xAC, 0xDD,
+ 0x35, 0xD7, 0x06, 0x3F, 0x40, 0x82, 0xDA, 0xC3,
+ 0x2B, 0x3C, 0x91, 0x3A, 0x32, 0xF8, 0xB2, 0xC6,
+ 0x44, 0x4D, 0xCD, 0xB6, 0x54, 0x5F, 0x81, 0x95,
+ 0x59, 0xA1, 0xE5, 0x4E, 0xA5, 0x0A, 0x4A, 0x42),
+ chunk_from_chars(
+ 1, 2, 2, 2, 2, 1, 2, 2, 0, 0, 2, 0, 0, 0, 0, 1, 2, 2, 2, 0,
+ 2, 0, 0, 2, 2, 1, 2, 0, 0, 1, 2, 1, 0, 0, 0, 1, 0, 2, 2, 1,
+ 1, 2, 0, 0, 0, 1, 2, 0, 2, 2, 1, 2, 1, 0, 1, 0, 1, 2, 1, 1,
+ 1, 2, 0, 1, 0, 2, 1, 1, 0, 0, 0, 1, 2, 0, 0, 1, 2, 1, 2, 0,
+ 2, 1, 1, 1, 2, 2, 2, 2, 1, 0, 0, 2, 0, 2, 0, 1, 1, 0, 2, 2,
+ 2, 0, 1, 0, 2, 2, 1, 0, 1, 0, 1, 0, 0, 2, 2, 0, 0, 1, 2, 0,
+ 1, 1, 1, 0, 0, 2, 0, 2, 1, 2, 2, 2, 0, 0, 2, 1, 0, 2, 0, 1,
+ 0, 1, 2, 0, 1, 2, 0, 1, 0, 1, 2, 0, 2, 2, 0, 1, 2, 2, 1, 2,
+ 2, 2, 0, 2, 1, 1, 1, 0, 0, 1, 0, 2, 0, 0, 1, 0, 1, 2, 0, 0,
+ 1, 2, 1, 0, 2, 1, 1, 0, 0, 2, 1, 2, 2, 2, 1, 2, 1, 1, 2, 2,
+ 0, 2, 0, 0, 2, 0, 0, 1, 1, 2, 0, 0, 0, 1, 2, 1, 1, 1, 1, 0,
+ 0, 0, 2, 0, 2, 0, 2, 2, 1, 2, 2, 0, 0, 1, 1, 1, 0, 1, 0, 1,
+ 0, 1, 2, 2, 0, 2, 1, 1, 0, 2, 1, 2, 1, 2, 1, 0, 0, 1, 0, 0,
+ 1, 0, 1, 0, 2, 0, 2, 0, 0, 1, 2, 0, 2, 0, 1, 1, 0, 2, 0, 0,
+ 1, 2, 1, 2, 1, 2, 1, 0, 1, 1, 2, 2, 1, 1, 0, 0, 2, 1, 2, 0,
+ 1, 0, 2, 0, 0, 1, 2, 0, 2, 0, 1, 1, 2, 2, 2, 2, 0, 0, 1, 2,
+ 1, 1, 1, 0, 2, 1, 2, 2, 0, 2, 0, 1, 2, 2, 0, 1, 1, 1, 0, 0,
+ 2, 0, 1, 0, 1, 0, 2, 1, 2, 0, 2, 1, 2, 1, 2, 2, 0, 2, 1, 0,
+ 2, 1, 2, 0, 0, 2, 0, 1, 2, 1, 1, 2, 0, 0, 0, 0, 1, 2, 0, 1,
+ 2, 2, 1, 0, 0, 1, 2, 1, 2, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0,
+ 2, 0, 1, 2, 1, 2, 0, 0, 0, 2, 1, 0, 0, 0, 1, 2, 2, 0, 0, 0,
+ 2, 2, 1, 1, 0, 1, 0, 2, 2, 0, 2, 1, 2, 1, 0, 2, 2, 2, 0, 0,
+ 0, 1, 1, 2, 1, 0, 0, 0, 0, 1, 2, 2, 1, 2, 1, 2, 0, 2, 0, 2,
+ 1, 1, 1, 2, 1, 2, 1, 2, 1, 1, 0, 1, 0, 2, 0, 0, 0, 2, 1, 2,
+ 2, 2, 2, 0, 1, 1, 1, 0, 1, 0, 2, 0, 2, 1, 0, 1, 2, 1, 1, 0,
+ 1, 2, 1, 0, 0, 2, 1, 0, 1, 1, 2, 2, 1, 1, 1, 2, 2, 2, 1, 0,
+ 0, 0, 0, 1, 1, 0, 0, 2, 2, 2, 2, 2, 0, 1, 2, 0, 1, 2, 0, 1,
+ 1, 0, 1, 1, 2, 2, 0, 1, 1, 0, 2, 2, 1, 1, 1, 2, 1, 2, 2, 1,
+ 1, 0, 1, 0, 2, 2, 1, 0, 2, 2, 2, 2, 2, 1, 0, 2, 2, 2, 1, 2,
+ 0, 2, 0, 0, 0, 0, 0, 1, 2, 0, 1, 0, 1),
+ {
+ { 13, 743, 2048, TRUE, 11 + (11 << 8) + (15 << 16),
+ countof(indices_ees743ep1), indices_ees743ep1
+ },
+ { 12, 1171, 2048, FALSE, 106,
+ countof(indices_ees1171ep1), indices_ees1171ep1
+ }
+ }
+ }
+};
+
+START_TEST(test_ntru_mgf1)
+{
+ ntru_mgf1_t *mgf1;
+ chunk_t mask, mask1, mask2, mask3;
+
+ mask1 = mgf1_tests[_i].mask;
+ mask2 = chunk_skip(mask1, mgf1_tests[_i].ml1);
+ mask3 = chunk_skip(mask2, mgf1_tests[_i].ml2);
+ mask1.len = mgf1_tests[_i].ml1;
+ mask2.len = mgf1_tests[_i].ml2;
+ mask3.len = mgf1_tests[_i].ml3;
+
+ mgf1 = ntru_mgf1_create(HASH_UNKNOWN, mgf1_tests[_i].seed, TRUE);
+ ck_assert(mgf1 == NULL);
+
+ mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, chunk_empty, TRUE);
+ ck_assert(mgf1 == NULL);
+
+ /* return mask in allocated chunk */
+ mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
+ ck_assert(mgf1);
+
+ /* check hash size */
+ ck_assert(mgf1->get_hash_size(mgf1) == mgf1_tests[_i].hash_size);
+
+ /* get zero number of octets */
+ ck_assert(mgf1->allocate_mask(mgf1, 0, &mask));
+ ck_assert(mask.len == 0 && mask.ptr == NULL);
+
+ /* get non-zero number of octets */
+ ck_assert(mgf1->allocate_mask(mgf1, mgf1_tests[_i].mask.len, &mask));
+ ck_assert(chunk_equals(mask, mgf1_tests[_i].mask));
+ mgf1->destroy(mgf1);
+
+ /* copy mask to pre-allocated buffer */
+ mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE);
+ ck_assert(mgf1);
+ ck_assert(mgf1->get_mask(mgf1, mgf1_tests[_i].mask.len, mask.ptr));
+ ck_assert(chunk_equals(mask, mgf1_tests[_i].mask));
+ mgf1->destroy(mgf1);
+
+ /* get mask in batches without hashing the seed */
+ mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].hashed_seed, FALSE);
+ ck_assert(mgf1);
+
+ /* first batch */
+ ck_assert(mgf1->get_mask(mgf1, mask1.len, mask.ptr));
+ mask.len = mask1.len;
+ ck_assert(chunk_equals(mask, mask1));
+
+ /* second batch */
+ ck_assert(mgf1->get_mask(mgf1, mask2.len, mask.ptr));
+ mask.len = mask2.len;
+ ck_assert(chunk_equals(mask, mask2));
+
+ /* third batch */
+ ck_assert(mgf1->get_mask(mgf1, mask3.len, mask.ptr));
+ mask.len = mask3.len;
+ ck_assert(chunk_equals(mask, mask3));
+
+ mgf1->destroy(mgf1);
+ chunk_free(&mask);
+}
+END_TEST
+
+START_TEST(test_ntru_trits)
+{
+ ntru_trits_t *mask;
+ chunk_t trits;
+
+ mask = ntru_trits_create(mgf1_tests[_i].trits.len, HASH_UNKNOWN,
+ mgf1_tests[_i].seed);
+ ck_assert(mask == NULL);
+
+ mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg,
+ chunk_empty);
+ ck_assert(mask == NULL);
+
+ mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg,
+ mgf1_tests[_i].seed);
+ ck_assert(mask);
+
+ trits = chunk_create(mask->get_trits(mask), mask->get_size(mask));
+ ck_assert(chunk_equals(trits, mgf1_tests[_i].trits));
+ mask->destroy(mask);
+
+ /* generate a multiple of 5 trits */
+ mask = ntru_trits_create(10, mgf1_tests[_i].alg, mgf1_tests[_i].seed);
+ ck_assert(mask);
+
+ trits = chunk_create(mask->get_trits(mask), mask->get_size(mask));
+ ck_assert(chunk_equals(trits, chunk_create(mgf1_tests[_i].trits.ptr, 10)));
+ mask->destroy(mask);
+}
+END_TEST
+
+START_TEST(test_ntru_poly)
+{
+ ntru_poly_t *poly;
+ uint16_t *indices;
+ chunk_t seed;
+ poly_test_t *p;
+ int j, n;
+
+ seed = mgf1_tests[_i].seed;
+ seed.len = mgf1_tests[_i].seed_len;
+
+ p = &mgf1_tests[_i].poly_test[0];
+ poly = ntru_poly_create_from_seed(HASH_UNKNOWN, seed, p->c_bits, p->N, p->q,
+ p->indices_len, p->indices_len,
+ p->is_product_form);
+ ck_assert(poly == NULL);
+
+ for (n = 0; n < 2; n++)
+ {
+ p = &mgf1_tests[_i].poly_test[n];
+ poly = ntru_poly_create_from_seed(mgf1_tests[_i].alg, seed, p->c_bits,
+ p->N, p->q, p->indices_len,
+ p->indices_len, p->is_product_form);
+ ck_assert(poly != NULL && poly->get_size(poly) == p->indices_size);
+
+ indices = poly->get_indices(poly);
+ for (j = 0; j < p->indices_size; j++)
+ {
+ ck_assert(indices[j] == p->indices[j]);
+ }
+ poly->destroy(poly);
+ }
+}
+END_TEST
+
+typedef struct {
+ uint16_t N;
+ uint16_t q;
+ bool is_product_form;
+ uint32_t indices_len_p;
+ uint32_t indices_len_m;
+ uint16_t *indices;
+ uint16_t *a;
+ uint16_t *c;
+} ring_mult_test_t;
+
+uint16_t t1_indices[] = { 1, 6, 5, 3 };
+
+uint16_t t1_a[] = { 1, 0, 0, 0, 0, 0, 0 };
+uint16_t t1_c[] = { 0, 1, 0, 7, 0, 7, 1 };
+
+uint16_t t2_a[] = { 5, 0, 0, 0, 0, 0, 0 };
+uint16_t t2_c[] = { 0, 5, 0, 3, 0, 3, 5 };
+
+uint16_t t3_a[] = { 4, 0, 0, 0, 0, 0, 0 };
+uint16_t t3_c[] = { 0, 4, 0, 4, 0, 4, 4 };
+
+uint16_t t4_a[] = { 0, 6, 0, 0, 0, 0, 0 };
+uint16_t t4_c[] = { 6, 0, 6, 0, 2, 0, 2 };
+
+uint16_t t5_a[] = { 4, 6, 0, 0, 0, 0, 0 };
+uint16_t t5_c[] = { 6, 4, 6, 4, 2, 4, 6 };
+
+uint16_t t6_a[] = { 0, 0, 3, 0, 0, 0, 0 };
+uint16_t t6_c[] = { 5, 3, 0, 3, 0, 5, 0 };
+
+uint16_t t7_a[] = { 4, 6, 3, 0, 0, 0, 0 };
+uint16_t t7_c[] = { 3, 7, 6, 7, 2, 1, 6 };
+
+uint16_t t8_a[] = { 0, 0, 0, 7, 0, 0, 0 };
+uint16_t t8_c[] = { 0, 1, 7, 0, 7, 0, 1 };
+
+uint16_t t9_a[] = { 4, 6, 3, 7, 0, 0, 0 };
+uint16_t t9_c[] = { 3, 0, 5, 7, 1, 1, 7 };
+
+uint16_t t10_a[] = { 0, 0, 0, 0, 0, 1, 0 };
+uint16_t t10_c[] = { 0, 7, 0, 7, 1, 0, 1 };
+
+uint16_t t11_a[] = { 4, 6, 3, 7, 0, 1, 0 };
+uint16_t t11_c[] = { 3, 7, 5, 6, 2, 1, 0 };
+
+uint16_t t2_indices[] = { 1, 6, 5, 2, 3 };
+
+uint16_t t12_c[] = { 0, 1, 7, 7, 0, 1, 1 };
+uint16_t t13_c[] = { 0, 1, 7, 7, 0, 7, 1 };
+uint16_t t14_c[] = { 0, 1, 0, 31, 0, 31, 1 };
+uint16_t t15_c[] = { 0, 5, 0, 2043, 0, 2043, 5 };
+uint16_t t16_c[] = { 0, 5, 0, 32763, 0, 32763, 5 };
+
+uint16_t t3_indices[] = { 7, 2, 3, 5, 0, 2, 3, 10, 7, 0, 8, 2 };
+
+uint16_t t17_a[] = { 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+uint16_t t17_c[] = { 7, 1, 0, 1, 1, 7, 0, 7, 7, 7, 2 };
+
+ring_mult_test_t ring_mult_tests[] = {
+ { 7, 8, FALSE, 2, 2, t1_indices, t1_a, t1_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t2_a, t2_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t3_a, t3_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t4_a, t4_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t5_a, t5_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t6_a, t6_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t7_a, t7_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t8_a, t8_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t9_a, t9_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t10_a, t10_c },
+ { 7, 8, FALSE, 2, 2, t1_indices, t11_a, t11_c },
+ { 7, 8, FALSE, 3, 2, t2_indices, t1_a, t12_c },
+ { 7, 8, FALSE, 2, 3, t2_indices, t1_a, t13_c },
+ { 7, 32, FALSE, 2, 2, t1_indices, t1_a, t14_c },
+ { 7, 2048, FALSE, 2, 2, t1_indices, t2_a, t15_c },
+ { 7, 32768, FALSE, 2, 2, t1_indices, t2_a, t16_c },
+ { 11, 8, TRUE, 197121, 197121, t3_indices, t17_a, t17_c },
+};
+
+START_TEST(test_ntru_ring_mult)
+{
+ ntru_poly_t *poly;
+ ring_mult_test_t *t;
+ uint16_t *c;
+ int i;
+
+ t = &ring_mult_tests[_i];
+ poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p,
+ t->indices_len_m, t->is_product_form);
+ ck_assert(poly != NULL);
+
+ c = malloc(t->N * sizeof(uint16_t));
+ poly->ring_mult(poly, t->a, c);
+
+ for (i = 0; i < t->N; i++)
+ {
+ ck_assert(c[i] == t->c[i]);
+ }
+
+ free(c);
+ poly->destroy(poly);
+}
+END_TEST
+
+int array_tests[] = { 0, 11, 12, 16 };
+
+START_TEST(test_ntru_array)
+{
+ ntru_poly_t *poly;
+ ring_mult_test_t *t;
+ uint16_t *c;
+ int i;
+
+ t = &ring_mult_tests[array_tests[_i]];
+
+ poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p,
+ t->indices_len_m, t->is_product_form);
+ ck_assert(poly != NULL);
+
+ c = malloc(t->N * sizeof(uint16_t));
+ poly->get_array(poly, c);
+
+ for (i = 0; i < t->N; i++)
+ {
+ ck_assert(c[i] == t->c[i]);
+ }
+
+ free(c);
+ poly->destroy(poly);
+}
+END_TEST
+
+START_TEST(test_ntru_ke)
+{
+ chunk_t pub_key, cipher_text, i_shared_secret, r_shared_secret;
+ diffie_hellman_t *i_ntru, *r_ntru;
+ char buf[10];
+ int n, len;
+ status_t status;
+
+ len = snprintf(buf, sizeof(buf), "%N", diffie_hellman_group_names,
+ params[_i].group);
+ ck_assert(len == 8);
+ ck_assert(streq(buf, params[_i].group_name));
+
+ for (n = 0; n < countof(parameter_sets); n++)
+ {
+ lib->settings->set_str(lib->settings,
+ "libstrongswan.plugins.ntru.parameter_set",
+ parameter_sets[n]);
+
+ i_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group);
+ ck_assert(i_ntru != NULL);
+ ck_assert(i_ntru->get_dh_group(i_ntru) == params[_i].group);
+
+ i_ntru->get_my_public_value(i_ntru, &pub_key);
+ ck_assert(pub_key.len > 0);
+
+ r_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group);
+ ck_assert(r_ntru != NULL);
+
+ r_ntru->set_other_public_value(r_ntru, pub_key);
+ r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(cipher_text.len > 0);
+
+ status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret);
+ ck_assert(status == SUCCESS);
+ ck_assert(r_shared_secret.len > 0);
+
+ i_ntru->set_other_public_value(i_ntru, cipher_text);
+ status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret);
+
+ if (status == SUCCESS)
+ {
+ ck_assert(chunk_equals(i_shared_secret, r_shared_secret));
+ }
+ else
+ {
+ ck_assert(i_shared_secret.len == 0);
+ }
+
+ chunk_clear(&i_shared_secret);
+ chunk_clear(&r_shared_secret);
+ chunk_free(&pub_key);
+ chunk_free(&cipher_text);
+ i_ntru->destroy(i_ntru);
+ r_ntru->destroy(r_ntru);
+ }
+}
+END_TEST
+
+START_TEST(test_ntru_retransmission)
+{
+ diffie_hellman_t *i_ntru;
+ chunk_t pub_key1, pub_key2;
+
+ i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_256_BIT);
+ i_ntru->get_my_public_value(i_ntru, &pub_key1);
+ i_ntru->get_my_public_value(i_ntru, &pub_key2);
+ ck_assert(chunk_equals(pub_key1, pub_key2));
+
+ chunk_free(&pub_key1);
+ chunk_free(&pub_key2);
+ i_ntru->destroy(i_ntru);
+}
+END_TEST
+
+chunk_t oid_tests[] = {
+ { NULL, 0 },
+ chunk_from_chars(0x00),
+ chunk_from_chars(0x01),
+ chunk_from_chars(0x02),
+ chunk_from_chars(0x02, 0x03, 0x00, 0x03, 0x10),
+ chunk_from_chars(0x01, 0x04, 0x00, 0x03, 0x10),
+ chunk_from_chars(0x01, 0x03, 0x00, 0x03, 0x10),
+ chunk_from_chars(0x01, 0x03, 0xff, 0x03, 0x10),
+};
+
+START_TEST(test_ntru_pubkey_oid)
+{
+ diffie_hellman_t *r_ntru;
+ chunk_t cipher_text;
+
+ r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
+ r_ntru->set_other_public_value(r_ntru, oid_tests[_i]);
+ r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(cipher_text.len == 0);
+ r_ntru->destroy(r_ntru);
+}
+END_TEST
+
+START_TEST(test_ntru_wrong_set)
+{
+ diffie_hellman_t *i_ntru, *r_ntru;
+ chunk_t pub_key, cipher_text;
+
+ lib->settings->set_str(lib->settings,
+ "libstrongswan.plugins.ntru.parameter_set",
+ "x9_98_bandwidth");
+ i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT);
+ i_ntru->get_my_public_value(i_ntru, &pub_key);
+
+ lib->settings->set_str(lib->settings,
+ "libstrongswan.plugins.ntru.parameter_set",
+ "optimum");
+ r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_112_BIT);
+ r_ntru->set_other_public_value(r_ntru, pub_key);
+ r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ ck_assert(cipher_text.len == 0);
+
+ chunk_free(&pub_key);
+ chunk_free(&cipher_text);
+ i_ntru->destroy(i_ntru);
+ r_ntru->destroy(r_ntru);
+}
+END_TEST
+
+START_TEST(test_ntru_ciphertext)
+{
+ char buf_00[604], buf_ff[604];
+
+ chunk_t test[] = {
+ chunk_empty,
+ chunk_from_chars(0x00),
+ chunk_create(buf_00, sizeof(buf_00)),
+ chunk_create(buf_ff, sizeof(buf_ff)),
+ };
+
+ diffie_hellman_t *i_ntru;
+ chunk_t pub_key, shared_secret;
+ int i;
+
+ memset(buf_00, 0x00, sizeof(buf_00));
+ memset(buf_ff, 0xff, sizeof(buf_ff));
+
+ for (i = 0; i < countof(test); i++)
+ {
+ i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
+ i_ntru->get_my_public_value(i_ntru, &pub_key);
+ i_ntru->set_other_public_value(i_ntru, test[i]);
+ ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+ ck_assert(shared_secret.len == 0);
+
+ chunk_free(&pub_key);
+ i_ntru->destroy(i_ntru);
+ }
+}
+END_TEST
+
+START_TEST(test_ntru_wrong_ciphertext)
+{
+ diffie_hellman_t *i_ntru, *r_ntru, *m_ntru;
+ chunk_t pub_key_i, pub_key_m, cipher_text, shared_secret;
+
+ i_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
+ r_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
+ m_ntru = lib->crypto->create_dh(lib->crypto, NTRU_128_BIT);
+
+ i_ntru->get_my_public_value(i_ntru, &pub_key_i);
+ m_ntru->get_my_public_value(m_ntru, &pub_key_m);
+ r_ntru->set_other_public_value(r_ntru, pub_key_m);
+ r_ntru->get_my_public_value(r_ntru, &cipher_text);
+ i_ntru->set_other_public_value(i_ntru, cipher_text);
+ ck_assert(i_ntru->get_shared_secret(i_ntru, &shared_secret) != SUCCESS);
+ ck_assert(shared_secret.len == 0);
+
+ chunk_free(&pub_key_i);
+ chunk_free(&pub_key_m);
+ chunk_free(&cipher_text);
+ i_ntru->destroy(i_ntru);
+ m_ntru->destroy(m_ntru);
+ r_ntru->destroy(r_ntru);
+}
+END_TEST
+
+Suite *ntru_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("ntru");
+
+ tc = tcase_create("drbg_strength");
+ tcase_add_loop_test(tc, test_ntru_drbg_strength, 0, countof(strengths));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("drbg");
+ tcase_add_loop_test(tc, test_ntru_drbg, 0, countof(drbg_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("drgb_reseed");
+ tcase_add_test(tc, test_ntru_drbg_reseed);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("mgf1");
+ tcase_add_loop_test(tc, test_ntru_mgf1, 0, countof(mgf1_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("trits");
+ tcase_add_loop_test(tc, test_ntru_trits, 0, countof(mgf1_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("poly");
+ tcase_add_loop_test(tc, test_ntru_poly, 0, countof(mgf1_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("ring_mult");
+ tcase_add_loop_test(tc, test_ntru_ring_mult, 0, countof(ring_mult_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("array");
+ tcase_add_loop_test(tc, test_ntru_array, 0, countof(array_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("ke");
+ tcase_add_loop_test(tc, test_ntru_ke, 0, countof(params));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("retransmission");
+ tcase_add_test(tc, test_ntru_retransmission);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("pubkey_oid");
+ tcase_add_loop_test(tc, test_ntru_pubkey_oid, 0, countof(oid_tests));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("wrong_set");
+ tcase_add_test(tc, test_ntru_wrong_set);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("ciphertext");
+ tcase_add_test(tc, test_ntru_ciphertext);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("wrong_ciphertext");
+ tcase_add_test(tc, test_ntru_wrong_ciphertext);
+ suite_add_tcase(s, tc);
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_pen.c b/src/libstrongswan/tests/suites/test_pen.c
new file mode 100644
index 000000000..a6cbc9aa1
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_pen.c
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "test_suite.h"
+
+#include <pen/pen.h>
+
+/*******************************************************************************
+ * create
+ */
+
+START_TEST(test_pen_type_create)
+{
+ pen_type_t ita_1 = pen_type_create(PEN_ITA, 100);
+
+ ck_assert(ita_1.vendor_id == PEN_ITA);
+ ck_assert(ita_1.type == 100);
+}
+END_TEST
+
+/*******************************************************************************
+ * equals
+ */
+
+START_TEST(test_pen_type_equals)
+{
+ pen_type_t ita_1 = pen_type_create(PEN_ITA, 100);
+ pen_type_t ita_2 = pen_type_create(PEN_ITA, 200);
+ pen_type_t fhh_1 = pen_type_create(PEN_FHH, 100);
+ pen_type_t fhh_2 = pen_type_create(PEN_FHH, 200);
+
+ ck_assert( pen_type_equals(ita_1, ita_1));
+ ck_assert(!pen_type_equals(ita_1, ita_2));
+ ck_assert(!pen_type_equals(ita_1, fhh_1));
+ ck_assert(!pen_type_equals(ita_1, fhh_2));
+}
+END_TEST
+
+/*******************************************************************************
+ * is
+ */
+
+START_TEST(test_pen_type_is)
+{
+ pen_type_t ita_1 = pen_type_create(PEN_ITA, 100);
+
+ ck_assert( pen_type_is(ita_1, PEN_ITA, 100));
+ ck_assert(!pen_type_is(ita_1, PEN_ITA, 200));
+ ck_assert(!pen_type_is(ita_1, PEN_FHH, 100));
+ ck_assert(!pen_type_is(ita_1, PEN_FHH, 200));
+}
+END_TEST
+
+Suite *pen_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("pen");
+
+ tc = tcase_create("create");
+ tcase_add_test(tc, test_pen_type_create);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("equals");
+ tcase_add_test(tc, test_pen_type_equals);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("is");
+ tcase_add_test(tc, test_pen_type_is);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_printf.c b/src/libstrongswan/tests/suites/test_printf.c
index 6c15fbea1..9e40d1fc0 100644
--- a/src/libstrongswan/tests/test_printf.c
+++ b/src/libstrongswan/tests/suites/test_printf.c
@@ -17,10 +17,10 @@
#include <errno.h>
#include <math.h>
+#include <inttypes.h>
static void verify(char *expected, char *format, ...)
{
- FILE *mem;
char buf[128];
va_list args;
@@ -29,17 +29,35 @@ static void verify(char *expected, char *format, ...)
ck_assert_str_eq(expected, buf);
va_end(args);
- mem = fmemopen(buf, sizeof(buf), "w");
- va_start(args, format);
- vfprintf(mem, format, args);
- va_end(args);
- fclose(mem);
- ck_assert_str_eq(expected, buf);
+#ifdef HAVE_FMEMOPEN
+ {
+ FILE *mem;
+
+ mem = fmemopen(buf, sizeof(buf), "w");
+ va_start(args, format);
+ vfprintf(mem, format, args);
+ va_end(args);
+ fclose(mem);
+ ck_assert_str_eq(expected, buf);
+ }
+#endif /* HAVE_FMEMOPEN */
}
+START_TEST(test_printf_null)
+{
+ char buf[16];
+
+ /* on FreeBSD "(null)" gets printed even when a precision of 0 is used.
+ * because printing of "(null)" for NULL is not standardized we don't verify
+ * the output and just make sure there is no crash */
+ snprintf(buf, sizeof(buf), "%s", NULL);
+}
+END_TEST
+
START_TEST(test_printf_strings)
{
verify("a bc def", "%s %s %s", "a", "bc", "def");
+ verify("", "%.0s", "asdfg");
verify("asd", "%.3s", "asdfg");
verify("asdf", "%.*s", (int)4, "asdfg");
verify(" asdf", "%6s", "asdf");
@@ -150,6 +168,26 @@ START_TEST(test_printf_float)
}
END_TEST
+START_TEST(test_printf_pri)
+{
+ verify("255", "%" PRIu8, (u_int8_t)0xFF);
+ verify("65535", "%" PRIu16, (u_int16_t)0xFFFF);
+ verify("4294967295", "%" PRIu32, (u_int32_t)0x1FFFFFFFFll);
+ verify("18446744073709551615", "%" PRIu64, (u_int64_t)0xFFFFFFFFFFFFFFFFll);
+
+ verify("-1", "%" PRId8, (int8_t)-1);
+ verify("-1", "%" PRId16, (int16_t)-1);
+ verify("-1", "%" PRId32, (int32_t)-1);
+ verify("-1", "%" PRId64, (int64_t)-1);
+
+ verify("1", "%" PRIuMAX, (uintmax_t)1);
+ verify("1", "%" PRIuPTR, (uintptr_t)1);
+
+ verify("-1", "%" PRIdMAX, (intmax_t)-1);
+ verify("-1", "%" PRIdPTR, (intptr_t)-1);
+}
+END_TEST
+
Suite *printf_suite_create()
{
Suite *s;
@@ -158,6 +196,7 @@ Suite *printf_suite_create()
s = suite_create("printf");
tc = tcase_create("strings");
+ tcase_add_test(tc, test_printf_null);
tcase_add_test(tc, test_printf_strings);
suite_add_tcase(s, tc);
@@ -181,5 +220,9 @@ Suite *printf_suite_create()
tcase_add_test(tc, test_printf_float);
suite_add_tcase(s, tc);
+ tc = tcase_create("PRI*");
+ tcase_add_test(tc, test_printf_pri);
+ suite_add_tcase(s, tc);
+
return s;
}
diff --git a/src/libstrongswan/tests/test_rsa.c b/src/libstrongswan/tests/suites/test_rsa.c
index 4c75c34bc..2c1c6fb8d 100644
--- a/src/libstrongswan/tests/test_rsa.c
+++ b/src/libstrongswan/tests/suites/test_rsa.c
@@ -117,7 +117,7 @@ static void test_bad_sigs(public_key_t *pubkey)
* RSA key sizes to test
*/
static int key_sizes[] = {
- 786, 1024, 1536, 2048, 3072, 4096,
+ 768, 1024, 1536, 2048, 3072, 4096,
};
START_TEST(test_gen)
@@ -377,11 +377,17 @@ Suite *rsa_suite_create()
{
Suite *s;
TCase *tc;
+ int gen_count = countof(key_sizes);
s = suite_create("rsa");
+ if (getenv("TESTS_REDUCED_KEYLENGTHS") != NULL)
+ {
+ gen_count = min(1, gen_count);
+ }
+
tc = tcase_create("generate");
- tcase_add_loop_test(tc, test_gen, 0, countof(key_sizes));
+ tcase_add_loop_test(tc, test_gen, 0, gen_count);
tcase_set_timeout(tc, 8);
suite_add_tcase(s, tc);
diff --git a/src/libstrongswan/tests/suites/test_settings.c b/src/libstrongswan/tests/suites/test_settings.c
new file mode 100644
index 000000000..096465191
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_settings.c
@@ -0,0 +1,920 @@
+/*
+ * Copyright (C) 2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <unistd.h>
+
+#include <utils/settings.h>
+#include <utils/chunk.h>
+#include <utils/utils.h>
+#include <collections/linked_list.h>
+
+static char *path = "/tmp/strongswan-settings-test";
+static settings_t *settings;
+
+static void create_settings(chunk_t contents)
+{
+ ck_assert(chunk_write(contents, path, 0022, TRUE));
+ settings = settings_create(path);
+}
+
+START_SETUP(setup_base_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = val1\n"
+ " # this gets overridden below\n"
+ " key2 = val2\n"
+ " none = \n"
+ " sub1 {\n"
+ " key = value\n"
+ " key2 = value2\n"
+ " subsub {\n"
+ " foo = bar\n"
+ " }\n"
+ " # subsub is a section and a value\n"
+ " subsub = section value\n"
+ " }\n"
+ " sub% {\n"
+ " id = %any\n"
+ " }\n"
+ " key2 = with spaces\n"
+ "}\n"
+ "out = side\n"
+ "other {\n"
+ " key1 = other val\n"
+ " empty {\n"
+ " }\n"
+ "}"));
+}
+END_SETUP
+
+START_TEARDOWN(teardown_config)
+{
+ settings->destroy(settings);
+ unlink(path);
+}
+END_TEARDOWN
+
+#define verify_string(expected, key, ...) \
+ ck_assert_str_eq(expected, settings->get_str(settings, key, NULL, ##__VA_ARGS__))
+#define verify_null(key, ...) \
+ ck_assert(!settings->get_str(settings, key, NULL, ##__VA_ARGS__))
+
+START_TEST(test_get_str)
+{
+ verify_string("val1", "main.key1");
+ verify_string("val1", "main..key1");
+ verify_string("val1", ".main.key1");
+ verify_string("with spaces", "main.key2");
+ verify_string("value", "main.sub1.key");
+ verify_string("value2", "main.sub1.key2");
+ verify_string("bar", "main.sub1.subsub.foo");
+ verify_string("section value", "main.sub1.subsub");
+ verify_string("%any", "main.sub%%.id");
+ verify_string("side", "out");
+ verify_string("other val", "other.key1");
+
+ /* FIXME: should this rather be undefined i.e. return the default value? */
+ verify_string("", "main.none");
+
+ verify_null("main.key3");
+ verify_null("other.sub");
+}
+END_TEST
+
+enum {
+ KEY1,
+ SUB1
+} settings_test_enum;
+
+enum_name_t *test_settings_test_names;
+
+ENUM_BEGIN(test_settings_test_names, KEY1, SUB1,
+ "key1", "sub1");
+ENUM_END(test_settings_test_names, SUB1);
+
+START_TEST(test_get_str_printf)
+{
+ verify_string("val1", "%s.key1", "main");
+ verify_string("val1", "%s.%s", "main", "key1");
+ verify_string("val1", "%s.%N", "main", test_settings_test_names, KEY1);
+ verify_string("val1", "%s.%s%d", "main", "key", 1);
+ verify_string("bar", "%s.sub1.%s.foo", "main", "subsub");
+ verify_string("bar", "%s.%N.%s.foo", "main", test_settings_test_names, SUB1, "subsub");
+ verify_string("bar", "%s.sub%d.%s.foo", "main", 1, "subsub");
+ verify_string("%any", "%s.sub%%.id", "main");
+
+ /* FIXME: this is a bit inconsistent, while this works */
+ verify_string("value2", "main.%s%u.key2", "sub", 1);
+ /* this won't because no argument is consumed for %u so key1 will be tried
+ * granted, we never actually used any other specifiers, but we should
+ * probably document it at least */
+ verify_null("main.%s%u.key%d", "sub", 1, 2);
+
+ verify_null("%s.%s%d", "main", "key", 3);
+}
+END_TEST
+
+START_TEST(test_set_str)
+{
+ settings->set_str(settings, "main.key1", "val");
+ verify_string("val", "main.key1");
+ settings->set_str(settings, "main.key1", "longer value");
+ verify_string("longer value", "main.key1");
+ settings->set_str(settings, "main", "main val");
+ verify_string("main val", "main");
+ settings->set_str(settings, "main.sub1.new", "added");
+ verify_string("added", "main.sub1.new");
+ settings->set_str(settings, "main.sub2.newsub.foo", "bar");
+ verify_string("bar", "main.sub2.newsub.foo");
+ settings->set_str(settings, "new.newsub.foo", "bar");
+ verify_string("bar", "new.newsub.foo");
+ settings->set_str(settings, "main.key1", NULL);
+ verify_null("main.key1");
+}
+END_TEST
+
+START_TEST(test_set_str_printf)
+{
+ settings->set_str(settings, "%s.key1", "val", "main");
+ verify_string("val", "main.key1");
+ settings->set_str(settings, "main.%N.new", "added", test_settings_test_names, SUB1);
+ verify_string("added", "main.sub1.new");
+ settings->set_str(settings, "main.%s%d.newsub.%s", "bar", "sub", 2, "foo");
+ verify_string("bar", "main.sub2.newsub.foo");
+}
+END_TEST
+
+START_TEST(test_set_default_str)
+{
+ settings->set_default_str(settings, "main.key1", "default");
+ verify_string("val1", "main.key1");
+ settings->set_default_str(settings, "main.sub1.new", "added");
+ verify_string("added", "main.sub1.new");
+ settings->set_str(settings, "main.sub1.new", "changed");
+ verify_string("changed", "main.sub1.new");
+}
+END_TEST
+
+START_SETUP(setup_bool_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = yes\n"
+ " key2 = true\n"
+ " key3 = Enabled\n"
+ " key4 = 1\n"
+ " key5 = no\n"
+ " key6 = FALSE\n"
+ " key7 = disabled\n"
+ " key8 = 0\n"
+ " key9 = 5\n"
+ " none = \n"
+ " foo = bar\n"
+ "}"));
+}
+END_SETUP
+
+#define verify_bool(expected, def, key, ...) \
+ ck_assert(expected == settings->get_bool(settings, key, def, ##__VA_ARGS__))
+
+START_TEST(test_get_bool)
+{
+ verify_bool(TRUE, FALSE, "main.key1");
+ verify_bool(TRUE, FALSE, "main.key2");
+ verify_bool(TRUE, FALSE, "main.key3");
+ verify_bool(TRUE, FALSE, "main.key4");
+ verify_bool(FALSE, TRUE, "main.key5");
+ verify_bool(FALSE, TRUE, "main.key6");
+ verify_bool(FALSE, TRUE, "main.key7");
+ verify_bool(FALSE, TRUE, "main.key8");
+
+ verify_bool(FALSE, FALSE, "main.none");
+ verify_bool(TRUE, TRUE, "main.none");
+ verify_bool(FALSE, FALSE, "main.foo");
+ verify_bool(TRUE, TRUE, "main.foo");
+
+ verify_bool(FALSE, FALSE, "main.key9");
+ verify_bool(TRUE, TRUE, "main.key9");
+ verify_bool(FALSE, FALSE, "main");
+ verify_bool(TRUE, TRUE, "main");
+
+}
+END_TEST
+
+START_TEST(test_set_bool)
+{
+ settings->set_str(settings, "main.key1", "no");
+ verify_bool(FALSE, TRUE, "main.key1");
+ settings->set_bool(settings, "main.key2", FALSE);
+ verify_bool(FALSE, TRUE, "main.key2");
+ settings->set_str(settings, "main.key3", NULL);
+ verify_bool(FALSE, FALSE, "main.key3");
+ verify_bool(TRUE, TRUE, "main.key3");
+ settings->set_bool(settings, "main.key5", TRUE);
+ verify_bool(TRUE, FALSE, "main.key5");
+ settings->set_bool(settings, "main.new", TRUE);
+ verify_bool(TRUE, FALSE, "main.new");
+}
+END_TEST
+
+START_SETUP(setup_int_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = 5\n"
+ " # gets cut off\n"
+ " key2 = 5.5\n"
+ " key3 = -42\n"
+ " none = \n"
+ " foo1 = bar\n"
+ " foo2 = bar13\n"
+ " foo3 = 13bar\n"
+ "}"));
+}
+END_SETUP
+
+#define verify_int(expected, def, key, ...) \
+ ck_assert_int_eq(expected, settings->get_int(settings, key, def, ##__VA_ARGS__))
+
+START_TEST(test_get_int)
+{
+ verify_int(5, 0, "main.key1");
+ verify_int(5, 0, "main.key2");
+ verify_int(-42, 0, "main.key3");
+
+ /* FIXME: do we want this behavior? */
+ verify_int(0, 11, "main.none");
+ verify_int(0, 11, "main.foo1");
+ verify_int(0, 11, "main.foo2");
+ verify_int(13, 11, "main.foo3");
+
+ verify_int(13, 13, "main.key4");
+ verify_int(-13, -13, "main");
+}
+END_TEST
+
+START_TEST(test_set_int)
+{
+ settings->set_str(settings, "main.key1", "13");
+ verify_int(13, 0, "main.key1");
+ settings->set_int(settings, "main.key2", 6);
+ verify_int(6, 0, "main.key2");
+ settings->set_int(settings, "main.key3", -6);
+ verify_int(-6, 0, "main.key3");
+ settings->set_str(settings, "main.key3", NULL);
+ verify_int(15, 15, "main.key3");
+ settings->set_int(settings, "main.new", 314);
+ verify_int(314, 0, "main.new");
+}
+END_TEST
+
+START_SETUP(setup_double_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = 5\n"
+ " key2 = 5.5\n"
+ " key3 = -42\n"
+ " key4 = -42.5\n"
+ " none = \n"
+ " foo1 = bar\n"
+ " foo2 = bar13.5\n"
+ " foo3 = 13.5bar\n"
+ "}"));
+}
+END_SETUP
+
+#define verify_double(expected, def, key, ...) \
+ ck_assert(expected == settings->get_double(settings, key, def, ##__VA_ARGS__))
+
+START_TEST(test_get_double)
+{
+ verify_double(5, 0, "main.key1");
+ verify_double(5.5, 0, "main.key2");
+ verify_double(-42, 0, "main.key3");
+ verify_double(-42.5, 0, "main.key4");
+
+ /* FIXME: do we want this behavior? */
+ verify_double(0, 11.5, "main.none");
+ verify_double(0, 11.5, "main.foo1");
+ verify_double(0, 11.5, "main.foo2");
+ verify_double(13.5, 11.5, "main.foo3");
+
+ verify_double(11.5, 11.5, "main.key5");
+ verify_double(-11.5, -11.5, "main");
+}
+END_TEST
+
+START_TEST(test_set_double)
+{
+ settings->set_str(settings, "main.key1", "5.5");
+ verify_double(5.5, 0, "main.key1");
+ settings->set_double(settings, "main.key2", 13);
+ verify_double(13, 0, "main.key2");
+ settings->set_double(settings, "main.key3", -13.5);
+ verify_double(-13.5, 0, "main.key3");
+ settings->set_double(settings, "main.key4", 11.5);
+ verify_double(11.5, 0, "main.key4");
+ settings->set_str(settings, "main.key4", NULL);
+ verify_double(42.5, 42.5, "main.key4");
+ settings->set_double(settings, "main.new", 3.14);
+ verify_double(3.14, 0, "main.new");
+}
+END_TEST
+
+START_SETUP(setup_time_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = 5s\n"
+ " key2 = 5m\n"
+ " key3 = 5h\n"
+ " key4 = 5d\n"
+ " none = \n"
+ " foo1 = bar\n"
+ " foo2 = bar13\n"
+ " foo3 = 13bar\n"
+ "}"));
+}
+END_SETUP
+
+#define verify_time(expected, def, key, ...) \
+ ck_assert_int_eq(expected, settings->get_time(settings, key, def, ##__VA_ARGS__))
+
+START_TEST(test_get_time)
+{
+ verify_time(5, 0, "main.key1");
+ verify_time(300, 0, "main.key2");
+ verify_time(18000, 0, "main.key3");
+ verify_time(432000, 0, "main.key4");
+
+ /* FIXME: do we want this behavior? */
+ verify_time(0, 11, "main.none");
+ verify_time(0, 11, "main.foo1");
+ verify_time(0, 11, "main.foo2");
+ verify_time(13, 11, "main.foo3");
+
+ verify_time(11, 11, "main.key5");
+ verify_time(11, 11, "main");
+}
+END_TEST
+
+START_TEST(test_set_time)
+{
+ settings->set_str(settings, "main.key1", "15m");
+ verify_time(900, 0, "main.key1");
+ settings->set_time(settings, "main.key2", 15);
+ verify_time(15, 0, "main.key2");
+ settings->set_str(settings, "main.key3", NULL);
+ verify_time(300, 300, "main.key3");
+ settings->set_time(settings, "main.new", 314);
+ verify_time(314, 0, "main.new");
+}
+END_TEST
+
+static bool verify_section(linked_list_t *verifier, char *section)
+{
+ enumerator_t *enumerator;
+ char *current;
+ bool result = FALSE;
+
+ enumerator = verifier->create_enumerator(verifier);
+ while (enumerator->enumerate(enumerator, &current))
+ {
+ if (streq(current, section))
+ {
+ verifier->remove_at(verifier, enumerator);
+ result = TRUE;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ return result;
+}
+
+static void verify_sections(linked_list_t *verifier, char *parent)
+{
+ enumerator_t *enumerator;
+ char *section;
+
+ enumerator = settings->create_section_enumerator(settings, parent);
+ while (enumerator->enumerate(enumerator, &section))
+ {
+ ck_assert(verify_section(verifier, section));
+ }
+ enumerator->destroy(enumerator);
+ ck_assert_int_eq(0, verifier->get_count(verifier));
+ verifier->destroy(verifier);
+}
+
+START_TEST(test_section_enumerator)
+{
+ linked_list_t *verifier;
+
+ verifier = linked_list_create_with_items("sub1", "sub%", NULL);
+ verify_sections(verifier, "main");
+
+ settings->set_str(settings, "main.sub2.new", "added");
+ verifier = linked_list_create_with_items("sub1", "sub%", "sub2", NULL);
+ verify_sections(verifier, "main");
+
+ verifier = linked_list_create_with_items("subsub", NULL);
+ verify_sections(verifier, "main.sub1");
+
+ verifier = linked_list_create_with_items(NULL);
+ verify_sections(verifier, "main.sub%%");
+
+ verifier = linked_list_create_with_items(NULL);
+ verify_sections(verifier, "main.key1");
+
+ verifier = linked_list_create_with_items(NULL);
+ verify_sections(verifier, "main.unknown");
+}
+END_TEST
+
+static bool verify_key_value(linked_list_t *keys, linked_list_t *values,
+ char *key, char *value)
+{
+ enumerator_t *enum_keys, *enum_values;
+ char *current_key, *current_value;
+ bool result = FALSE;
+
+ enum_keys = keys->create_enumerator(keys);
+ enum_values = values->create_enumerator(values);
+ while (enum_keys->enumerate(enum_keys, &current_key) &&
+ enum_values->enumerate(enum_values, &current_value))
+ {
+ if (streq(current_key, key))
+ {
+ ck_assert_str_eq(current_value, value);
+ keys->remove_at(keys, enum_keys);
+ values->remove_at(values, enum_values);
+ result = TRUE;
+ break;
+ }
+ }
+ enum_keys->destroy(enum_keys);
+ enum_values->destroy(enum_values);
+ return result;
+}
+
+static void verify_key_values(linked_list_t *keys, linked_list_t *values,
+ char *parent)
+{
+ enumerator_t *enumerator;
+ char *key, *value;
+
+ enumerator = settings->create_key_value_enumerator(settings, parent);
+ while (enumerator->enumerate(enumerator, &key, &value))
+ {
+ ck_assert(verify_key_value(keys, values, key, value));
+ }
+ enumerator->destroy(enumerator);
+ ck_assert_int_eq(0, keys->get_count(keys));
+ keys->destroy(keys);
+ values->destroy(values);
+}
+
+START_TEST(test_key_value_enumerator)
+{
+ linked_list_t *keys, *values;
+
+ keys = linked_list_create_with_items("key1", "key2", "none", NULL);
+ values = linked_list_create_with_items("val1", "with spaces", "", NULL);
+ verify_key_values(keys, values, "main");
+
+ keys = linked_list_create_with_items("key", "key2", "subsub", NULL);
+ values = linked_list_create_with_items("value", "value2", "section value", NULL);
+ verify_key_values(keys, values, "main.sub1");
+
+ settings->set_str(settings, "main.sub2.new", "added");
+ keys = linked_list_create_with_items("new", NULL);
+ values = linked_list_create_with_items("added", NULL);
+ verify_key_values(keys, values, "main.sub2");
+
+ keys = linked_list_create_with_items(NULL);
+ values = linked_list_create_with_items(NULL);
+ verify_key_values(keys, values, "other.empty");
+
+ settings->set_str(settings, "other.empty.new", "added");
+ keys = linked_list_create_with_items("new", NULL);
+ values = linked_list_create_with_items("added", NULL);
+ verify_key_values(keys, values, "other.empty");
+
+ keys = linked_list_create_with_items(NULL);
+ values = linked_list_create_with_items(NULL);
+ verify_key_values(keys, values, "main.unknown");
+}
+END_TEST
+
+#define include1 "/tmp/strongswan-settings-test-include1"
+#define include2 "/tmp/strongswan-settings-test-include2"
+
+START_SETUP(setup_include_config)
+{
+ chunk_t inc1 = chunk_from_str(
+ "main {\n"
+ " key1 = n1\n"
+ " key2 = n2\n"
+ " none = \n"
+ " sub1 {\n"
+ " key3 = value\n"
+ " }\n"
+ " sub2 {\n"
+ " sub3 = val3\n"
+ " }\n"
+ " include " include2 "\n"
+ "}");
+ chunk_t inc2 = chunk_from_str(
+ "key2 = v2\n"
+ "sub1 {\n"
+ " key = val\n"
+ "}");
+ ck_assert(chunk_write(inc1, include1, 0022, TRUE));
+ ck_assert(chunk_write(inc2, include2, 0022, TRUE));
+}
+END_SETUP
+
+START_TEARDOWN(teardown_include_config)
+{
+ settings->destroy(settings);
+ unlink(include2);
+ unlink(include1);
+ unlink(path);
+}
+END_TEARDOWN
+
+static void verify_include()
+{
+ verify_string("n1", "main.key1");
+ verify_string("v2", "main.key2");
+ verify_string("", "main.none");
+ verify_string("val", "main.sub1.key");
+ verify_string("v2", "main.sub1.key2");
+ verify_string("val", "main.sub1.sub1.key");
+ verify_string("value", "main.sub1.key3");
+ verify_string("value", "main.sub1.include");
+ verify_string("val3", "main.sub2.sub3");
+}
+
+START_TEST(test_include)
+{
+ chunk_t contents = chunk_from_str(
+ "main {\n"
+ " key1 = val1\n"
+ " key2 = val2\n"
+ " none = x\n"
+ " sub1 {\n"
+ " include = value\n"
+ " key2 = value2\n"
+ " include " include2 "\n"
+ " }\n"
+ "}\n"
+ "# currently there must be a newline after include statements\n"
+ "include " include1 "\n");
+
+ create_settings(contents);
+ verify_include();
+}
+END_TEST
+
+START_TEST(test_load_files)
+{
+ chunk_t contents = chunk_from_str(
+ "main {\n"
+ " key1 = val1\n"
+ " key2 = val2\n"
+ " none = x\n"
+ " sub1 {\n"
+ " include = value\n"
+ " key2 = v2\n"
+ " sub1 {\n"
+ " key = val\n"
+ " }\n"
+ " }\n"
+ "}");
+
+ create_settings(contents);
+
+ ck_assert(settings->load_files(settings, include1, TRUE));
+ verify_include();
+
+ ck_assert(settings->load_files(settings, include2, FALSE));
+ verify_null("main.key1");
+ verify_string("v2", "key2");
+ verify_string("val", "sub1.key");
+ verify_null("main.sub1.key3");
+}
+END_TEST
+
+START_TEST(test_load_files_section)
+{
+ chunk_t contents = chunk_from_str(
+ "main {\n"
+ " key1 = val1\n"
+ " key2 = val2\n"
+ " none = x\n"
+ " sub1 {\n"
+ " include = value\n"
+ " key2 = value2\n"
+ " }\n"
+ "}");
+
+ create_settings(contents);
+
+ ck_assert(settings->load_files_section(settings, include1, TRUE, ""));
+ ck_assert(settings->load_files_section(settings, include2, TRUE, "main.sub1"));
+ verify_include();
+
+ /* non existing files are no failure */
+ ck_assert(settings->load_files_section(settings, include1".conf", TRUE, ""));
+ verify_include();
+
+ /* unreadable files are */
+ ck_assert(chunk_write(contents, include1".no", 0444, TRUE));
+ ck_assert(!settings->load_files_section(settings, include1".no", TRUE, ""));
+ unlink(include1".no");
+ verify_include();
+
+ ck_assert(settings->load_files_section(settings, include2, FALSE, "main"));
+ verify_null("main.key1");
+ verify_string("v2", "main.key2");
+ verify_string("val", "main.sub1.key");
+ verify_null("main.sub1.key3");
+ verify_null("main.sub2.sub3");
+
+ ck_assert(settings->load_files_section(settings, include2, TRUE, "main.sub2"));
+ verify_string("v2", "main.sub2.key2");
+ verify_string("val", "main.sub2.sub1.key");
+}
+END_TEST
+
+START_SETUP(setup_fallback_config)
+{
+ create_settings(chunk_from_str(
+ "main {\n"
+ " key1 = val1\n"
+ " sub1 {\n"
+ " key1 = val1\n"
+ " }\n"
+ "}\n"
+ "sub {\n"
+ " key1 = subval1\n"
+ " key2 = subval2\n"
+ " subsub {\n"
+ " subkey1 = subsubval1\n"
+ " }\n"
+ "}\n"
+ "base {\n"
+ " key1 = baseval1\n"
+ " key2 = baseval2\n"
+ " sub1 {\n"
+ " key1 = subbase1\n"
+ " key2 = subbase2\n"
+ " key3 = subbase3\n"
+ " subsub {\n"
+ " subkey1 = subsubbaseval1\n"
+ " subkey2 = subsubbaseval2\n"
+ " }\n"
+ " }\n"
+ " sub2 {\n"
+ " key4 = subbase4\n"
+ " }\n"
+ "}"));
+}
+END_SETUP
+
+START_TEST(test_add_fallback)
+{
+ linked_list_t *keys, *values;
+
+ settings->add_fallback(settings, "main.sub1", "sub");
+ verify_string("val1", "main.sub1.key1");
+ verify_string("subval2", "main.sub1.key2");
+ verify_string("subsubval1", "main.sub1.subsub.subkey1");
+
+ /* fallbacks are preserved even if the complete config is replaced */
+ settings->load_files(settings, path, FALSE);
+ verify_string("val1", "main.sub1.key1");
+ verify_string("subval2", "main.sub1.key2");
+ verify_string("subsubval1", "main.sub1.subsub.subkey1");
+
+ keys = linked_list_create_with_items("sub1", NULL);
+ verify_sections(keys, "main");
+ keys = linked_list_create_with_items("subsub", NULL);
+ verify_sections(keys, "main.sub1");
+
+ keys = linked_list_create_with_items("key1", NULL);
+ values = linked_list_create_with_items("val1", NULL);
+ verify_key_values(keys, values, "main");
+
+ keys = linked_list_create_with_items("key1", "key2", NULL);
+ values = linked_list_create_with_items("val1", "subval2", NULL);
+ verify_key_values(keys, values, "main.sub1");
+
+ keys = linked_list_create_with_items("subkey1", NULL);
+ values = linked_list_create_with_items("subsubval1", NULL);
+ verify_key_values(keys, values, "main.sub1.subsub");
+
+ settings->add_fallback(settings, "main", "base");
+ verify_string("val1", "main.key1");
+ verify_string("baseval2", "main.key2");
+ verify_string("val1", "main.sub1.key1");
+ verify_string("subval2", "main.sub1.key2");
+ verify_string("subsubval1", "main.sub1.subsub.subkey1");
+ verify_string("subsubbaseval2", "main.sub1.subsub.subkey2");
+ verify_string("subbase3", "main.sub1.key3");
+ verify_string("subbase4", "main.sub2.key4");
+
+
+ keys = linked_list_create_with_items("sub1", "sub2", NULL);
+ verify_sections(keys, "main");
+ keys = linked_list_create_with_items("subsub", NULL);
+ verify_sections(keys, "main.sub1");
+
+ keys = linked_list_create_with_items("key1", "key2", NULL);
+ values = linked_list_create_with_items("val1", "baseval2", NULL);
+ verify_key_values(keys, values, "main");
+
+ keys = linked_list_create_with_items("key1", "key2", "key3", NULL);
+ values = linked_list_create_with_items("val1", "subval2", "subbase3", NULL);
+ verify_key_values(keys, values, "main.sub1");
+
+ keys = linked_list_create_with_items("subkey1", "subkey2", NULL);
+ values = linked_list_create_with_items("subsubval1", "subsubbaseval2", NULL);
+ verify_key_values(keys, values, "main.sub1.subsub");
+
+ settings->set_str(settings, "main.sub1.key2", "val2");
+ verify_string("val2", "main.sub1.key2");
+ settings->set_str(settings, "main.sub1.subsub.subkey2", "val2");
+ verify_string("val2", "main.sub1.subsub.subkey2");
+ verify_string("subsubval1", "main.sub1.subsub.subkey1");
+}
+END_TEST
+
+START_TEST(test_add_fallback_printf)
+{
+ settings->add_fallback(settings, "%s.sub1", "sub", "main");
+ verify_string("val1", "main.sub1.key1");
+ verify_string("subval2", "main.sub1.key2");
+ verify_string("subsubval1", "main.sub1.subsub.subkey1");
+
+ settings->add_fallback(settings, "%s.%s2", "%s.%s1", "main", "sub");
+ verify_string("val1", "main.sub2.key1");
+ verify_string("subval2", "main.sub2.key2");
+ verify_string("subsubval1", "main.sub2.subsub.subkey1");
+}
+END_TEST
+
+START_SETUP(setup_invalid_config)
+{
+ create_settings(chunk_from_str(
+ "# section without name\n"
+ "{\n"
+ " key1 = val1\n"
+ "}\n"
+ "main {\n"
+ " key2 = val2\n"
+ " # value without key\n"
+ " = val3\n"
+ " key4 = val4\n"
+ " # key without value does not change it\n"
+ " key4\n"
+ " # subsection without name\n"
+ " {\n"
+ " key5 = val5\n"
+ " }\n"
+ " # empty include pattern\n"
+ " include\n"
+ " key6 = val6\n"
+ "}"));
+}
+END_SETUP
+
+START_TEST(test_invalid)
+{
+ linked_list_t *keys, *values;
+ chunk_t contents;
+
+ verify_null("key1");
+ verify_null(".key1");
+ verify_null("%s.key1", "");
+ verify_string("val2", "main.key2");
+ verify_string("val4", "main.key4");
+ verify_null("main..key5");
+ verify_string("val6", "main.key6");
+
+ keys = linked_list_create_with_items("main", NULL);
+ verify_sections(keys, "");
+
+ keys = linked_list_create_with_items(NULL);
+ verify_sections(keys, "main");
+
+ keys = linked_list_create_with_items("key2", "key4", "key6", NULL);
+ values = linked_list_create_with_items("val2", "val4", "val6", NULL);
+ verify_key_values(keys, values, "main");
+
+ /* FIXME: we should probably fix this */
+ contents = chunk_from_str(
+ "requires = newline");
+ ck_assert(chunk_write(contents, path, 0022, TRUE));
+ ck_assert(!settings->load_files(settings, path, FALSE));
+
+ contents = chunk_from_str(
+ "unterminated {\n"
+ " not = valid\n");
+ ck_assert(chunk_write(contents, path, 0022, TRUE));
+ ck_assert(!settings->load_files(settings, path, FALSE));
+
+ contents = chunk_from_str(
+ "singleline { not = valid }\n");
+ ck_assert(chunk_write(contents, path, 0022, TRUE));
+ ck_assert(!settings->load_files(settings, path, FALSE));
+}
+END_TEST
+
+Suite *settings_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("settings");
+
+ tc = tcase_create("get/set_str (basic behavior)");
+ tcase_add_checked_fixture(tc, setup_base_config, teardown_config);
+ tcase_add_test(tc, test_get_str);
+ tcase_add_test(tc, test_get_str_printf);
+ tcase_add_test(tc, test_set_str);
+ tcase_add_test(tc, test_set_str_printf);
+ tcase_add_test(tc, test_set_default_str);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("get/set_bool");
+ tcase_add_checked_fixture(tc, setup_bool_config, teardown_config);
+ tcase_add_test(tc, test_get_bool);
+ tcase_add_test(tc, test_set_bool);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("get/set_int");
+ tcase_add_checked_fixture(tc, setup_int_config, teardown_config);
+ tcase_add_test(tc, test_get_int);
+ tcase_add_test(tc, test_set_int);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("get/set_double");
+ tcase_add_checked_fixture(tc, setup_double_config, teardown_config);
+ tcase_add_test(tc, test_get_double);
+ tcase_add_test(tc, test_set_double);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("get/set_time");
+ tcase_add_checked_fixture(tc, setup_time_config, teardown_config);
+ tcase_add_test(tc, test_get_time);
+ tcase_add_test(tc, test_set_time);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("section enumerator");
+ tcase_add_checked_fixture(tc, setup_base_config, teardown_config);
+ tcase_add_test(tc, test_section_enumerator);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("key/value enumerator");
+ tcase_add_checked_fixture(tc, setup_base_config, teardown_config);
+ tcase_add_test(tc, test_key_value_enumerator);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("include/load_files[_section]");
+ tcase_add_checked_fixture(tc, setup_include_config, teardown_include_config);
+ tcase_add_test(tc, test_include);
+ tcase_add_test(tc, test_load_files);
+ tcase_add_test(tc, test_load_files_section);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("fallback");
+ tcase_add_checked_fixture(tc, setup_fallback_config, teardown_config);
+ tcase_add_test(tc, test_add_fallback);
+ tcase_add_test(tc, test_add_fallback_printf);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("invalid data");
+ tcase_add_checked_fixture(tc, setup_invalid_config, teardown_config);
+ tcase_add_test(tc, test_invalid);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_stream.c b/src/libstrongswan/tests/suites/test_stream.c
new file mode 100644
index 000000000..2d3173d46
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_stream.c
@@ -0,0 +1,267 @@
+/*
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <unistd.h>
+
+static char* services[] = {
+ "unix:///tmp/strongswan-test-service.sck",
+ "tcp://127.0.0.1:7766",
+ "tcp://[::1]:7766",
+};
+
+static char msg[] = "testmessage";
+static int msglen = 12;
+
+static bool servicing(void *data, stream_t *stream)
+{
+ char buf[64];
+ ssize_t len, total;
+
+ ck_assert(streq((char*)data, "test"));
+
+ for (total = 0; total < msglen;)
+ {
+ len = stream->read(stream, buf, sizeof(buf), TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+ for (total = 0; total < msglen;)
+ {
+ len = stream->write(stream, buf, len, TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+
+ return FALSE;
+}
+
+START_TEST(test_sync)
+{
+ char buf[64];
+ stream_service_t *service;
+ stream_t *stream;
+ ssize_t len, total;
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ service = lib->streams->create_service(lib->streams, services[_i], 1);
+ ck_assert(service != NULL);
+ service->on_accept(service, servicing, "test", JOB_PRIO_HIGH, 1);
+
+ stream = lib->streams->connect(lib->streams, services[_i]);
+ ck_assert(stream != NULL);
+ for (total = 0; total < msglen;)
+ {
+ len = stream->write(stream, msg, msglen, TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+ for (total = 0; total < msglen;)
+ {
+ len = stream->read(stream, buf, sizeof(buf), TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+ ck_assert(streq(buf, msg));
+ stream->destroy(stream);
+
+ service->destroy(service);
+}
+END_TEST
+
+static bool on_write(void *data, stream_t *stream)
+{
+ ssize_t len, total;
+
+ ck_assert(streq((char*)data, "test-write"));
+ for (total = 0; total < msglen;)
+ {
+ len = stream->write(stream, msg, msglen, TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+ return FALSE;
+}
+
+static bool read_done = FALSE;
+
+static bool on_read(void *data, stream_t *stream)
+{
+ ssize_t len, total;
+ char buf[64];
+
+ ck_assert(streq((char*)data, "test-read"));
+ for (total = 0; total < msglen;)
+ {
+ len = stream->read(stream, buf, sizeof(buf), TRUE);
+ ck_assert(len > 0);
+ total += len;
+ }
+ ck_assert(streq(buf, msg));
+ read_done = TRUE;
+ return FALSE;
+}
+
+START_TEST(test_async)
+{
+ stream_service_t *service;
+ stream_t *stream;
+
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ service = lib->streams->create_service(lib->streams, services[_i], 1);
+ ck_assert(service != NULL);
+ service->on_accept(service, servicing, "test", JOB_PRIO_HIGH, 0);
+
+ stream = lib->streams->connect(lib->streams, services[_i]);
+ ck_assert(stream != NULL);
+ read_done = FALSE;
+ stream->on_write(stream, (stream_cb_t)on_write, "test-write");
+ stream->on_read(stream, (stream_cb_t)on_read, "test-read");
+
+ while (!read_done)
+ {
+ usleep(1000);
+ }
+ stream->destroy(stream);
+
+ service->destroy(service);
+}
+END_TEST
+
+static bool all(void *data, stream_t *stream)
+{
+ char buf[64], *pos;
+ ssize_t len;
+ int i;
+
+ pos = buf;
+ for (i = 0; i < msglen; i++)
+ {
+ len = stream->read(stream, pos, 1, TRUE);
+ ck_assert_int_eq(len, 1);
+ pos += len;
+ }
+ pos = buf;
+ for (i = 0; i < msglen; i++)
+ {
+ len = stream->write(stream, pos, 1, TRUE);
+ ck_assert_int_eq(len, 1);
+ pos += len;
+ }
+
+ return FALSE;
+}
+
+START_TEST(test_all)
+{
+ char buf[64];
+ stream_service_t *service;
+ stream_t *stream;
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ service = lib->streams->create_service(lib->streams, services[_i], 1);
+ ck_assert(service != NULL);
+ service->on_accept(service, all, NULL, JOB_PRIO_HIGH, 1);
+
+ stream = lib->streams->connect(lib->streams, services[_i]);
+ ck_assert(stream != NULL);
+ ck_assert(stream->write_all(stream, msg, msglen));
+ ck_assert(stream->read_all(stream, buf, msglen));
+ ck_assert(streq(buf, msg));
+ stream->destroy(stream);
+
+ service->destroy(service);
+}
+END_TEST
+
+static bool concurrency(void *data, stream_t *stream)
+{
+ static refcount_t refs = 0;
+ u_int current;
+ ssize_t len;
+
+ current = ref_get(&refs);
+ ck_assert(current <= 3);
+ len = stream->write(stream, "x", 1, TRUE);
+ ck_assert_int_eq(len, 1);
+ usleep(1000);
+ ignore_result(ref_put(&refs));
+
+ return FALSE;
+}
+
+START_TEST(test_concurrency)
+{
+ stream_service_t *service;
+ stream_t *streams[10];
+ ssize_t len;
+ char x;
+ int i;
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ service = lib->streams->create_service(lib->streams, services[_i], 10);
+ ck_assert(service != NULL);
+ service->on_accept(service, concurrency, NULL, JOB_PRIO_HIGH, 3);
+
+ for (i = 0; i < countof(streams); i++)
+ {
+ streams[i] = lib->streams->connect(lib->streams, services[_i]);
+ ck_assert(streams[i] != NULL);
+ }
+ for (i = 0; i < countof(streams); i++)
+ {
+ len = streams[i]->read(streams[i], &x, 1, TRUE);
+ ck_assert_int_eq(len, 1);
+ ck_assert_int_eq(x, 'x');
+ }
+ for (i = 0; i < countof(streams); i++)
+ {
+ streams[i]->destroy(streams[i]);
+ }
+ service->destroy(service);
+}
+END_TEST
+
+Suite *stream_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("stream");
+
+ tc = tcase_create("sync");
+ tcase_add_loop_test(tc, test_sync, 0, countof(services));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("async");
+ tcase_add_loop_test(tc, test_async, 0, countof(services));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("all");
+ tcase_add_loop_test(tc, test_all, 0, countof(services));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("concurrency");
+ tcase_add_loop_test(tc, test_concurrency, 0, countof(services));
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_test_rng.c b/src/libstrongswan/tests/suites/test_test_rng.c
new file mode 100644
index 000000000..9a983b677
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_test_rng.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <tests/utils/test_rng.h>
+#include <utils/test.h>
+
+START_TEST(test_test_rng)
+{
+ rng_t *entropy;
+ chunk_t in, in1, in2, out;
+
+ in1 = chunk_from_chars(0x01, 0x02, 0x03, 0x04, 0x05, 0x06);
+ in2 = chunk_from_chars(0x07, 0x08);
+ in = chunk_cat("cc", in1, in2);
+
+ entropy = test_rng_create(in);
+ ck_assert(entropy->allocate_bytes(entropy, 6, &out));
+ ck_assert(chunk_equals(in1, out));
+ ck_assert(entropy->get_bytes(entropy, 2, out.ptr));
+ ck_assert(memeq(in2.ptr, out.ptr, in2.len));
+ ck_assert(!entropy->get_bytes(entropy, 4, out.ptr));
+ chunk_free(&out);
+ ck_assert(!entropy->allocate_bytes(entropy, 4, &out));
+ entropy->destroy(entropy);
+ chunk_free(&in);
+}
+END_TEST
+
+
+Suite *test_rng_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("test_rng");
+
+ tc = tcase_create("test_rng");
+ tcase_add_test(tc, test_test_rng);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/suites/test_threading.c b/src/libstrongswan/tests/suites/test_threading.c
new file mode 100644
index 000000000..844959e46
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_threading.c
@@ -0,0 +1,1466 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <sched.h>
+#include <unistd.h>
+
+#include <threading/thread.h>
+#include <threading/mutex.h>
+#include <threading/condvar.h>
+#include <threading/rwlock.h>
+#include <threading/rwlock_condvar.h>
+#include <threading/spinlock.h>
+#include <threading/semaphore.h>
+#include <threading/thread_value.h>
+
+/*******************************************************************************
+ * recursive mutex test
+ */
+
+#define THREADS 20
+
+/**
+ * Thread barrier data
+ */
+typedef struct {
+ mutex_t *mutex;
+ condvar_t *cond;
+ int count;
+ int current;
+ bool active;
+} barrier_t;
+
+/**
+ * Create a thread barrier for count threads
+ */
+static barrier_t* barrier_create(int count)
+{
+ barrier_t *this;
+
+ INIT(this,
+ .mutex = mutex_create(MUTEX_TYPE_DEFAULT),
+ .cond = condvar_create(CONDVAR_TYPE_DEFAULT),
+ .count = count,
+ );
+
+ return this;
+}
+
+/**
+ * Destroy a thread barrier
+ */
+static void barrier_destroy(barrier_t *this)
+{
+ this->mutex->destroy(this->mutex);
+ this->cond->destroy(this->cond);
+ free(this);
+}
+
+/**
+ * Wait to have configured number of threads in barrier
+ */
+static bool barrier_wait(barrier_t *this)
+{
+ bool winner = FALSE;
+
+ this->mutex->lock(this->mutex);
+ if (!this->active)
+ { /* first, reset */
+ this->active = TRUE;
+ this->current = 0;
+ }
+
+ this->current++;
+ while (this->current < this->count)
+ {
+ this->cond->wait(this->cond, this->mutex);
+ }
+ if (this->active)
+ { /* first, win */
+ winner = TRUE;
+ this->active = FALSE;
+ }
+ this->mutex->unlock(this->mutex);
+ this->cond->broadcast(this->cond);
+ sched_yield();
+
+ return winner;
+}
+
+/**
+ * Barrier for some tests
+ */
+static barrier_t *barrier;
+
+/**
+ * A mutex for tests requiring one
+ */
+static mutex_t *mutex;
+
+/**
+ * A condvar for tests requiring one
+ */
+static condvar_t *condvar;
+
+/**
+ * A counter for signaling
+ */
+static int sigcount;
+
+static void *mutex_run(void *data)
+{
+ int locked = 0;
+ int i;
+
+ /* wait for all threads before getting in action */
+ barrier_wait(barrier);
+
+ for (i = 0; i < 100; i++)
+ {
+ mutex->lock(mutex);
+ mutex->lock(mutex);
+ mutex->lock(mutex);
+ locked++;
+ sched_yield();
+ if (locked > 1)
+ {
+ fail("two threads locked the mutex concurrently");
+ }
+ locked--;
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+ }
+ return NULL;
+}
+
+START_TEST(test_mutex)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ barrier = barrier_create(THREADS);
+ mutex = mutex_create(MUTEX_TYPE_RECURSIVE);
+
+ for (i = 0; i < 10; i++)
+ {
+ mutex->lock(mutex);
+ mutex->unlock(mutex);
+ }
+ for (i = 0; i < 10; i++)
+ {
+ mutex->lock(mutex);
+ }
+ for (i = 0; i < 10; i++)
+ {
+ mutex->unlock(mutex);
+ }
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(mutex_run, NULL);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ mutex->destroy(mutex);
+ barrier_destroy(barrier);
+}
+END_TEST
+
+/**
+ * Spinlock for testing
+ */
+static spinlock_t *spinlock;
+
+static void *spinlock_run(void *data)
+{
+ int i, *locked = (int*)data;
+
+ barrier_wait(barrier);
+
+ for (i = 0; i < 1000; i++)
+ {
+ spinlock->lock(spinlock);
+ (*locked)++;
+ ck_assert_int_eq(*locked, 1);
+ (*locked)--;
+ spinlock->unlock(spinlock);
+ }
+ return NULL;
+}
+
+START_TEST(test_spinlock)
+{
+ thread_t *threads[THREADS];
+ int i, locked = 0;
+
+ barrier = barrier_create(THREADS);
+ spinlock = spinlock_create();
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(spinlock_run, &locked);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ spinlock->destroy(spinlock);
+ barrier_destroy(barrier);
+}
+END_TEST
+
+static void *condvar_run(void *data)
+{
+ mutex->lock(mutex);
+ sigcount++;
+ condvar->signal(condvar);
+ mutex->unlock(mutex);
+ return NULL;
+}
+
+START_TEST(test_condvar)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(condvar_run, NULL);
+ }
+
+ mutex->lock(mutex);
+ while (sigcount < THREADS)
+ {
+ condvar->wait(condvar, mutex);
+ }
+ mutex->unlock(mutex);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+static void *condvar_recursive_run(void *data)
+{
+ mutex->lock(mutex);
+ mutex->lock(mutex);
+ mutex->lock(mutex);
+ sigcount++;
+ condvar->signal(condvar);
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+ return NULL;
+}
+
+START_TEST(test_condvar_recursive)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ mutex = mutex_create(MUTEX_TYPE_RECURSIVE);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ mutex->lock(mutex);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(condvar_recursive_run, NULL);
+ }
+
+ mutex->lock(mutex);
+ mutex->lock(mutex);
+ while (sigcount < THREADS)
+ {
+ condvar->wait(condvar, mutex);
+ }
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+ mutex->unlock(mutex);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+static void *condvar_run_broad(void *data)
+{
+ mutex->lock(mutex);
+ while (sigcount < 0)
+ {
+ condvar->wait(condvar, mutex);
+ }
+ mutex->unlock(mutex);
+ return NULL;
+}
+
+START_TEST(test_condvar_broad)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(condvar_run_broad, NULL);
+ }
+
+ sched_yield();
+
+ mutex->lock(mutex);
+ sigcount = 1;
+ condvar->broadcast(condvar);
+ mutex->unlock(mutex);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+START_TEST(test_condvar_timed)
+{
+ thread_t *thread;
+ timeval_t start, end, diff = { .tv_usec = 50000 };
+
+ mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ mutex->lock(mutex);
+ while (TRUE)
+ {
+ time_monotonic(&start);
+ if (condvar->timed_wait(condvar, mutex, diff.tv_usec / 1000))
+ {
+ break;
+ }
+ }
+ time_monotonic(&end);
+ mutex->unlock(mutex);
+ timersub(&end, &start, &end);
+ ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u",
+ end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec);
+
+ thread = thread_create(condvar_run, NULL);
+
+ mutex->lock(mutex);
+ while (sigcount == 0)
+ {
+ ck_assert(!condvar->timed_wait(condvar, mutex, 1000));
+ }
+ mutex->unlock(mutex);
+
+ thread->join(thread);
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+START_TEST(test_condvar_timed_abs)
+{
+ thread_t *thread;
+ timeval_t start, end, abso, diff = { .tv_usec = 50000 };
+
+ mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ mutex->lock(mutex);
+ while (TRUE)
+ {
+ time_monotonic(&start);
+ timeradd(&start, &diff, &abso);
+ if (condvar->timed_wait_abs(condvar, mutex, abso))
+ {
+ break;
+ }
+ }
+ time_monotonic(&end);
+ mutex->unlock(mutex);
+ ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u",
+ end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec);
+
+ thread = thread_create(condvar_run, NULL);
+
+ time_monotonic(&start);
+ diff.tv_sec = 1;
+ timeradd(&start, &diff, &abso);
+ mutex->lock(mutex);
+ while (sigcount == 0)
+ {
+ ck_assert(!condvar->timed_wait_abs(condvar, mutex, abso));
+ }
+ mutex->unlock(mutex);
+
+ thread->join(thread);
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+static void *condvar_cancel_run(void *data)
+{
+ thread_cancelability(FALSE);
+
+ mutex->lock(mutex);
+
+ sigcount++;
+ condvar->broadcast(condvar);
+
+ thread_cleanup_push((void*)mutex->unlock, mutex);
+ thread_cancelability(TRUE);
+ while (TRUE)
+ {
+ condvar->wait(condvar, mutex);
+ }
+ thread_cleanup_pop(TRUE);
+
+ return NULL;
+}
+
+START_TEST(test_condvar_cancel)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ mutex = mutex_create(MUTEX_TYPE_DEFAULT);
+ condvar = condvar_create(CONDVAR_TYPE_DEFAULT);
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(condvar_cancel_run, NULL);
+ }
+
+ /* wait for all threads */
+ mutex->lock(mutex);
+ while (sigcount < THREADS)
+ {
+ condvar->wait(condvar, mutex);
+ }
+ mutex->unlock(mutex);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ mutex->destroy(mutex);
+ condvar->destroy(condvar);
+}
+END_TEST
+
+/**
+ * RWlock for different tests
+ */
+static rwlock_t *rwlock;
+
+static void *rwlock_run(refcount_t *refs)
+{
+ rwlock->read_lock(rwlock);
+ ref_get(refs);
+ sched_yield();
+ ignore_result(ref_put(refs));
+ rwlock->unlock(rwlock);
+
+ if (rwlock->try_write_lock(rwlock))
+ {
+ ck_assert_int_eq(*refs, 0);
+ sched_yield();
+ rwlock->unlock(rwlock);
+ }
+
+ rwlock->write_lock(rwlock);
+ ck_assert_int_eq(*refs, 0);
+ sched_yield();
+ rwlock->unlock(rwlock);
+
+ rwlock->read_lock(rwlock);
+ rwlock->read_lock(rwlock);
+ ref_get(refs);
+ sched_yield();
+ ignore_result(ref_put(refs));
+ rwlock->unlock(rwlock);
+ rwlock->unlock(rwlock);
+
+ return NULL;
+}
+
+START_TEST(test_rwlock)
+{
+ thread_t *threads[THREADS];
+ refcount_t refs = 0;
+ int i;
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create((void*)rwlock_run, &refs);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ rwlock->destroy(rwlock);
+}
+END_TEST
+
+/**
+ * Rwlock condvar
+ */
+static rwlock_condvar_t *rwcond;
+
+static void *rwlock_condvar_run(void *data)
+{
+ rwlock->write_lock(rwlock);
+ sigcount++;
+ rwcond->signal(rwcond);
+ rwlock->unlock(rwlock);
+ return NULL;
+}
+
+START_TEST(test_rwlock_condvar)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ rwcond = rwlock_condvar_create();
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(rwlock_condvar_run, NULL);
+ }
+
+ rwlock->write_lock(rwlock);
+ while (sigcount < THREADS)
+ {
+ rwcond->wait(rwcond, rwlock);
+ }
+ rwlock->unlock(rwlock);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ rwlock->destroy(rwlock);
+ rwcond->destroy(rwcond);
+}
+END_TEST
+
+static void *rwlock_condvar_run_broad(void *data)
+{
+ rwlock->write_lock(rwlock);
+ while (sigcount < 0)
+ {
+ rwcond->wait(rwcond, rwlock);
+ }
+ rwlock->unlock(rwlock);
+ return NULL;
+}
+
+START_TEST(test_rwlock_condvar_broad)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ rwcond = rwlock_condvar_create();
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(rwlock_condvar_run_broad, NULL);
+ }
+
+ sched_yield();
+
+ rwlock->write_lock(rwlock);
+ sigcount = 1;
+ rwcond->broadcast(rwcond);
+ rwlock->unlock(rwlock);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ rwlock->destroy(rwlock);
+ rwcond->destroy(rwcond);
+}
+END_TEST
+
+START_TEST(test_rwlock_condvar_timed)
+{
+ thread_t *thread;
+ timeval_t start, end, diff = { .tv_usec = 50000 };
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ rwcond = rwlock_condvar_create();
+ sigcount = 0;
+
+ rwlock->write_lock(rwlock);
+ while (TRUE)
+ {
+ time_monotonic(&start);
+ if (rwcond->timed_wait(rwcond, rwlock, diff.tv_usec / 1000))
+ {
+ break;
+ }
+ }
+ rwlock->unlock(rwlock);
+ time_monotonic(&end);
+ timersub(&end, &start, &end);
+ ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u",
+ end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec);
+
+ thread = thread_create(rwlock_condvar_run, NULL);
+
+ rwlock->write_lock(rwlock);
+ while (sigcount == 0)
+ {
+ ck_assert(!rwcond->timed_wait(rwcond, rwlock, 1000));
+ }
+ rwlock->unlock(rwlock);
+
+ thread->join(thread);
+ rwlock->destroy(rwlock);
+ rwcond->destroy(rwcond);
+}
+END_TEST
+
+START_TEST(test_rwlock_condvar_timed_abs)
+{
+ thread_t *thread;
+ timeval_t start, end, abso, diff = { .tv_usec = 50000 };
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ rwcond = rwlock_condvar_create();
+ sigcount = 0;
+
+ rwlock->write_lock(rwlock);
+ while (TRUE)
+ {
+ time_monotonic(&start);
+ timeradd(&start, &diff, &abso);
+ if (rwcond->timed_wait_abs(rwcond, rwlock, abso))
+ {
+ break;
+ }
+ }
+ rwlock->unlock(rwlock);
+ time_monotonic(&end);
+ ck_assert_msg(timercmp(&end, &abso, >), "end: %u.%u, abso: %u.%u",
+ end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec);
+
+ thread = thread_create(rwlock_condvar_run, NULL);
+
+ time_monotonic(&start);
+ diff.tv_sec = 1;
+ timeradd(&start, &diff, &abso);
+ rwlock->write_lock(rwlock);
+ while (sigcount == 0)
+ {
+ ck_assert(!rwcond->timed_wait_abs(rwcond, rwlock, abso));
+ }
+ rwlock->unlock(rwlock);
+
+ thread->join(thread);
+ rwlock->destroy(rwlock);
+ rwcond->destroy(rwcond);
+}
+END_TEST
+
+static void *rwlock_condvar_cancel_run(void *data)
+{
+ thread_cancelability(FALSE);
+
+ rwlock->write_lock(rwlock);
+
+ sigcount++;
+ rwcond->broadcast(rwcond);
+
+ thread_cleanup_push((void*)rwlock->unlock, rwlock);
+ thread_cancelability(TRUE);
+ while (TRUE)
+ {
+ rwcond->wait(rwcond, rwlock);
+ }
+ thread_cleanup_pop(TRUE);
+
+ return NULL;
+}
+
+START_TEST(test_rwlock_condvar_cancel)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ rwlock = rwlock_create(RWLOCK_TYPE_DEFAULT);
+ rwcond = rwlock_condvar_create();
+ sigcount = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(rwlock_condvar_cancel_run, NULL);
+ }
+
+ /* wait for all threads */
+ rwlock->write_lock(rwlock);
+ while (sigcount < THREADS)
+ {
+ rwcond->wait(rwcond, rwlock);
+ }
+ rwlock->unlock(rwlock);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ rwlock->destroy(rwlock);
+ rwcond->destroy(rwcond);
+}
+END_TEST
+
+/**
+ * Semaphore for different tests
+ */
+static semaphore_t *semaphore;
+
+static void *semaphore_run(void *data)
+{
+ semaphore->post(semaphore);
+ return NULL;
+}
+
+START_TEST(test_semaphore)
+{
+ thread_t *threads[THREADS];
+ int i, initial = 5;
+
+ semaphore = semaphore_create(initial);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(semaphore_run, NULL);
+ }
+ for (i = 0; i < THREADS + initial; i++)
+ {
+ semaphore->wait(semaphore);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ semaphore->destroy(semaphore);
+}
+END_TEST
+
+START_TEST(test_semaphore_timed)
+{
+ thread_t *thread;
+ timeval_t start, end, diff = { .tv_usec = 50000 };
+
+ semaphore = semaphore_create(0);
+
+ time_monotonic(&start);
+ ck_assert(semaphore->timed_wait(semaphore, diff.tv_usec / 1000));
+ time_monotonic(&end);
+ timersub(&end, &start, &end);
+ ck_assert_msg(timercmp(&end, &diff, >), "end: %u.%u, diff: %u.%u",
+ end.tv_sec, end.tv_usec, diff.tv_sec, diff.tv_usec);
+
+ thread = thread_create(semaphore_run, NULL);
+
+ ck_assert(!semaphore->timed_wait(semaphore, 1000));
+
+ thread->join(thread);
+ semaphore->destroy(semaphore);
+}
+END_TEST
+
+START_TEST(test_semaphore_timed_abs)
+{
+ thread_t *thread;
+ timeval_t start, end, abso, diff = { .tv_usec = 50000 };
+
+ semaphore = semaphore_create(0);
+
+ time_monotonic(&start);
+ timeradd(&start, &diff, &abso);
+ ck_assert(semaphore->timed_wait_abs(semaphore, abso));
+ time_monotonic(&end);
+ ck_assert_msg(timercmp(&end, &abso, >), "end: %u.%u, abso: %u.%u",
+ end.tv_sec, end.tv_usec, abso.tv_sec, abso.tv_usec);
+
+ thread = thread_create(semaphore_run, NULL);
+
+ time_monotonic(&start);
+ diff.tv_sec = 1;
+ timeradd(&start, &diff, &abso);
+ ck_assert(!semaphore->timed_wait_abs(semaphore, abso));
+
+ thread->join(thread);
+ semaphore->destroy(semaphore);
+}
+END_TEST
+
+static void *semaphore_cancel_run(void *data)
+{
+ refcount_t *ready = (refcount_t*)data;
+
+ thread_cancelability(FALSE);
+ ref_get(ready);
+
+ thread_cancelability(TRUE);
+ semaphore->wait(semaphore);
+
+ ck_assert(FALSE);
+ return NULL;
+}
+
+START_TEST(test_semaphore_cancel)
+{
+ thread_t *threads[THREADS];
+ refcount_t ready = 0;
+ int i;
+
+ semaphore = semaphore_create(0);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(semaphore_cancel_run, &ready);
+ }
+ while (ready < THREADS)
+ {
+ sched_yield();
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+
+ semaphore->destroy(semaphore);
+}
+END_TEST
+
+static void *join_run(void *data)
+{
+ /* force some context switches */
+ sched_yield();
+ return (void*)((uintptr_t)data + THREADS);
+}
+
+START_TEST(test_join)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(join_run, (void*)(uintptr_t)i);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ ck_assert_int_eq((uintptr_t)threads[i]->join(threads[i]), i + THREADS);
+ }
+}
+END_TEST
+
+static void *exit_join_run(void *data)
+{
+ sched_yield();
+ thread_exit((void*)((uintptr_t)data + THREADS));
+ /* not reached */
+ ck_assert(FALSE);
+ return NULL;
+}
+
+START_TEST(test_join_exit)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(exit_join_run, (void*)(uintptr_t)i);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ ck_assert_int_eq((uintptr_t)threads[i]->join(threads[i]), i + THREADS);
+ }
+}
+END_TEST
+
+static void *detach_run(void *data)
+{
+ refcount_t *running = (refcount_t*)data;
+
+ ignore_result(ref_put(running));
+ return NULL;
+}
+
+START_TEST(test_detach)
+{
+ thread_t *threads[THREADS];
+ int i;
+ refcount_t running = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ ref_get(&running);
+ threads[i] = thread_create(detach_run, &running);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->detach(threads[i]);
+ }
+ while (running > 0)
+ {
+ sched_yield();
+ }
+ /* no checks done here, but we check that thread state gets cleaned
+ * up with leak detective. */
+}
+END_TEST
+
+static void *detach_exit_run(void *data)
+{
+ refcount_t *running = (refcount_t*)data;
+
+ ignore_result(ref_put(running));
+ thread_exit(NULL);
+ /* not reached */
+ ck_assert(FALSE);
+ return NULL;
+}
+
+START_TEST(test_detach_exit)
+{
+ thread_t *threads[THREADS];
+ int i;
+ refcount_t running = 0;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ ref_get(&running);
+ threads[i] = thread_create(detach_exit_run, &running);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->detach(threads[i]);
+ }
+ while (running > 0)
+ {
+ sched_yield();
+ }
+ /* no checks done here, but we check that thread state gets cleaned
+ * up with leak detective. */
+}
+END_TEST
+
+static void *cancel_run(void *data)
+{
+ /* default cancellability should be TRUE, so don't change it */
+ while (TRUE)
+ {
+ sleep(10);
+ }
+ return NULL;
+}
+
+START_TEST(test_cancel)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(cancel_run, NULL);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+}
+END_TEST
+
+static void *cancel_onoff_run(void *data)
+{
+ bool *cancellable = (bool*)data;
+
+ thread_cancelability(FALSE);
+ *cancellable = FALSE;
+
+ /* we should not get cancelled here */
+ usleep(50000);
+
+ *cancellable = TRUE;
+ thread_cancelability(TRUE);
+
+ /* but here */
+ while (TRUE)
+ {
+ sleep(10);
+ }
+ return NULL;
+}
+
+START_TEST(test_cancel_onoff)
+{
+ thread_t *threads[THREADS];
+ bool cancellable[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ cancellable[i] = TRUE;
+ threads[i] = thread_create(cancel_onoff_run, &cancellable[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ /* wait until thread has cleared its cancellability */
+ while (cancellable[i])
+ {
+ sched_yield();
+ }
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert(cancellable[i]);
+ }
+}
+END_TEST
+
+static void *cancel_point_run(void *data)
+{
+ thread_cancelability(FALSE);
+ while (TRUE)
+ {
+ /* implicitly enables cancellability */
+ thread_cancellation_point();
+ }
+ return NULL;
+}
+
+START_TEST(test_cancel_point)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(cancel_point_run, NULL);
+ }
+ sched_yield();
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ }
+}
+END_TEST
+
+static void cleanup1(void *data)
+{
+ uintptr_t *value = (uintptr_t*)data;
+
+ ck_assert_int_eq(*value, 1);
+ (*value)++;
+}
+
+static void cleanup2(void *data)
+{
+ uintptr_t *value = (uintptr_t*)data;
+
+ ck_assert_int_eq(*value, 2);
+ (*value)++;
+}
+
+static void cleanup3(void *data)
+{
+ uintptr_t *value = (uintptr_t*)data;
+
+ ck_assert_int_eq(*value, 3);
+ (*value)++;
+}
+
+static void *cleanup_run(void *data)
+{
+ thread_cleanup_push(cleanup3, data);
+ thread_cleanup_push(cleanup2, data);
+ thread_cleanup_push(cleanup1, data);
+ return NULL;
+}
+
+START_TEST(test_cleanup)
+{
+ thread_t *threads[THREADS];
+ uintptr_t values[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ values[i] = 1;
+ threads[i] = thread_create(cleanup_run, &values[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert_int_eq(values[i], 4);
+ }
+}
+END_TEST
+
+static void *cleanup_exit_run(void *data)
+{
+ thread_cleanup_push(cleanup3, data);
+ thread_cleanup_push(cleanup2, data);
+ thread_cleanup_push(cleanup1, data);
+ thread_exit(NULL);
+ ck_assert(FALSE);
+ return NULL;
+}
+
+START_TEST(test_cleanup_exit)
+{
+ thread_t *threads[THREADS];
+ uintptr_t values[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ values[i] = 1;
+ threads[i] = thread_create(cleanup_exit_run, &values[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert_int_eq(values[i], 4);
+ }
+}
+END_TEST
+
+static void *cleanup_cancel_run(void *data)
+{
+ thread_cancelability(FALSE);
+
+ thread_cleanup_push(cleanup3, data);
+ thread_cleanup_push(cleanup2, data);
+ thread_cleanup_push(cleanup1, data);
+
+ thread_cancelability(TRUE);
+
+ while (TRUE)
+ {
+ sleep(1);
+ }
+ return NULL;
+}
+
+START_TEST(test_cleanup_cancel)
+{
+ thread_t *threads[THREADS];
+ uintptr_t values[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ values[i] = 1;
+ threads[i] = thread_create(cleanup_cancel_run, &values[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->cancel(threads[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert_int_eq(values[i], 4);
+ }
+}
+END_TEST
+
+static void *cleanup_pop_run(void *data)
+{
+ thread_cleanup_push(cleanup3, data);
+ thread_cleanup_push(cleanup2, data);
+ thread_cleanup_push(cleanup1, data);
+
+ thread_cleanup_push(cleanup2, data);
+ thread_cleanup_pop(FALSE);
+
+ thread_cleanup_pop(TRUE);
+ return NULL;
+}
+
+START_TEST(test_cleanup_pop)
+{
+ thread_t *threads[THREADS];
+ uintptr_t values[THREADS];
+ int i;
+
+ for (i = 0; i < THREADS; i++)
+ {
+ values[i] = 1;
+ threads[i] = thread_create(cleanup_pop_run, &values[i]);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert_int_eq(values[i], 4);
+ }
+}
+END_TEST
+
+static thread_value_t *tls[10];
+
+static void *tls_run(void *data)
+{
+ uintptr_t value = (uintptr_t)data;
+ int i, j;
+
+ for (i = 0; i < countof(tls); i++)
+ {
+ ck_assert(tls[i]->get(tls[i]) == NULL);
+ }
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i]->set(tls[i], (void*)(value * i));
+ }
+ for (j = 0; j < 1000; j++)
+ {
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i]->set(tls[i], (void*)(value * i));
+ ck_assert(tls[i]->get(tls[i]) == (void*)(value * i));
+ }
+ sched_yield();
+ }
+ for (i = 0; i < countof(tls); i++)
+ {
+ ck_assert(tls[i]->get(tls[i]) == (void*)(value * i));
+ }
+ return (void*)(value + 1);
+}
+
+START_TEST(test_tls)
+{
+ thread_t *threads[THREADS];
+ int i;
+
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i] = thread_value_create(NULL);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i] = thread_create(tls_run, (void*)(uintptr_t)i);
+ }
+
+ ck_assert_int_eq((uintptr_t)tls_run((void*)(uintptr_t)(THREADS + 1)),
+ THREADS + 2);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ ck_assert_int_eq((uintptr_t)threads[i]->join(threads[i]), i + 1);
+ }
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i]->destroy(tls[i]);
+ }
+}
+END_TEST
+
+static void tls_cleanup(void *data)
+{
+ uintptr_t *value = (uintptr_t*)data;
+
+ (*value)--;
+}
+
+static void *tls_cleanup_run(void *data)
+{
+ int i;
+
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i]->set(tls[i], data);
+ }
+ return NULL;
+}
+
+START_TEST(test_tls_cleanup)
+{
+ thread_t *threads[THREADS];
+ uintptr_t values[THREADS], main_value = countof(tls);
+ int i;
+
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i] = thread_value_create(tls_cleanup);
+ }
+ for (i = 0; i < THREADS; i++)
+ {
+ values[i] = countof(tls);
+ threads[i] = thread_create(tls_cleanup_run, &values[i]);
+ }
+
+ tls_cleanup_run(&main_value);
+
+ for (i = 0; i < THREADS; i++)
+ {
+ threads[i]->join(threads[i]);
+ ck_assert_int_eq(values[i], 0);
+ }
+ for (i = 0; i < countof(tls); i++)
+ {
+ tls[i]->destroy(tls[i]);
+ }
+ ck_assert_int_eq(main_value, 0);
+}
+END_TEST
+
+Suite *threading_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("threading");
+
+ tc = tcase_create("recursive mutex");
+ tcase_add_test(tc, test_mutex);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("spinlock");
+ tcase_add_test(tc, test_spinlock);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("condvar");
+ tcase_add_test(tc, test_condvar);
+ tcase_add_test(tc, test_condvar_recursive);
+ tcase_add_test(tc, test_condvar_broad);
+ tcase_add_test(tc, test_condvar_timed);
+ tcase_add_test(tc, test_condvar_timed_abs);
+ tcase_add_test(tc, test_condvar_cancel);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("rwlock");
+ tcase_add_test(tc, test_rwlock);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("rwlock condvar");
+ tcase_add_test(tc, test_rwlock_condvar);
+ tcase_add_test(tc, test_rwlock_condvar_broad);
+ tcase_add_test(tc, test_rwlock_condvar_timed);
+ tcase_add_test(tc, test_rwlock_condvar_timed_abs);
+ tcase_add_test(tc, test_rwlock_condvar_cancel);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("semaphore");
+ tcase_add_test(tc, test_semaphore);
+ tcase_add_test(tc, test_semaphore_timed);
+ tcase_add_test(tc, test_semaphore_timed_abs);
+ tcase_add_test(tc, test_semaphore_cancel);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("thread joining");
+ tcase_add_test(tc, test_join);
+ tcase_add_test(tc, test_join_exit);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("thread detaching");
+ tcase_add_test(tc, test_detach);
+ tcase_add_test(tc, test_detach_exit);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("thread cancellation");
+ tcase_add_test(tc, test_cancel);
+ tcase_add_test(tc, test_cancel_onoff);
+ tcase_add_test(tc, test_cancel_point);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("thread cleanup");
+ tcase_add_test(tc, test_cleanup);
+ tcase_add_test(tc, test_cleanup_exit);
+ tcase_add_test(tc, test_cleanup_cancel);
+ tcase_add_test(tc, test_cleanup_pop);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("thread local storage");
+ tcase_add_test(tc, test_tls);
+ tcase_add_test(tc, test_tls_cleanup);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c
index 3ca0412b4..0260726b2 100644
--- a/src/libstrongswan/tests/test_utils.c
+++ b/src/libstrongswan/tests/suites/test_utils.c
@@ -346,6 +346,46 @@ START_TEST(test_memstr)
END_TEST
/*******************************************************************************
+ * utils_memrchr
+ */
+
+static struct {
+ char *s;
+ int c;
+ size_t n;
+ int offset;
+} memrchr_data[] = {
+ {NULL, 'f', 0, -1},
+ {NULL, 'f', 3, -1},
+ {"", 'f', 0, -1},
+ {"", '\0', 1, 0},
+ {"foo", '\0', 3, -1},
+ {"foo", '\0', 4, 3},
+ {"foo", 'f', 3, 0},
+ {"foo", 'o', 3, 2},
+ {"foo", 'o', 2, 1},
+ {"foo", 'o', 1, -1},
+ {"foo", 'o', 0, -1},
+ {"foo", 'x', 3, -1},
+};
+
+START_TEST(test_utils_memrchr)
+{
+ void *ret;
+
+ ret = utils_memrchr(memrchr_data[_i].s, memrchr_data[_i].c, memrchr_data[_i].n);
+ if (memrchr_data[_i].offset >= 0)
+ {
+ ck_assert(ret == memrchr_data[_i].s + memrchr_data[_i].offset);
+ }
+ else
+ {
+ ck_assert(ret == NULL);
+ }
+}
+END_TEST
+
+/*******************************************************************************
* translate
*/
@@ -385,6 +425,140 @@ START_TEST(test_translate)
END_TEST
/*******************************************************************************
+ * strreplace
+ */
+
+static struct {
+ char *in;
+ char *out;
+ char *search;
+ char *replace;
+ bool allocated;
+} strreplace_data[] = {
+ /* invalid arguments */
+ {NULL, NULL, NULL, NULL, FALSE},
+ {"", "", NULL, NULL, FALSE},
+ {"", "", "", NULL, FALSE},
+ {"", "", NULL, "", FALSE},
+ {"", "", "", "", FALSE},
+ {"", "", "", "asdf", FALSE},
+ {"", "", "asdf", "", FALSE},
+ {"asdf", "asdf", NULL, NULL, FALSE},
+ {"asdf", "asdf", "", NULL, FALSE},
+ {"asdf", "asdf", NULL, "", FALSE},
+ {"asdf", "asdf", "", "", FALSE},
+ {"asdf", "asdf", "", "asdf", FALSE},
+ {"asdf", "asdf", "asdf", NULL, FALSE},
+ {"qwer", "qwer", "", "asdf", FALSE},
+ /* replacement shorter */
+ {"asdf", "", "asdf", "", TRUE},
+ {"asdfasdf", "", "asdf", "", TRUE},
+ {"asasdfdf", "asdf", "asdf", "", TRUE},
+ {"asdf", "df", "as", "", TRUE},
+ {"asdf", "as", "df", "", TRUE},
+ {"qwer", "qwer", "asdf", "", FALSE},
+ /* replacement same length */
+ {"a", "b", "a", "b", TRUE},
+ {"aaa", "bbb", "a", "b", TRUE},
+ {"aaa", "bbb", "aaa", "bbb", TRUE},
+ {"asdf", "asdf", "asdf", "asdf", TRUE},
+ {"qwer", "qwer", "asdf", "asdf", FALSE},
+ /* replacement longer */
+ {"asdf", "asdf", "", "asdf", FALSE},
+ {"asdf", "asdfasdf", "asdf", "asdfasdf", TRUE},
+ {"asdf", "asdfsdf", "a", "asdf", TRUE},
+ {"asdf", "asdasdf", "f", "asdf", TRUE},
+ {"aaa", "asdfasdfasdf", "a", "asdf", TRUE},
+ {"qwer", "qwer", "asdf", "asdfasdf", FALSE},
+ /* real examples */
+ {"http://x.org/no/spaces", "http://x.org/no/spaces", " ", "%20", FALSE},
+ {"http://x.org/end ", "http://x.org/end%20", " ", "%20", TRUE},
+ {" http://x.org/start", "%20http://x.org/start", " ", "%20", TRUE},
+ {" http://x.org/both ", "%20http://x.org/both%20", " ", "%20", TRUE},
+ {"http://x.org/ /slash", "http://x.org/%20/slash", " ", "%20", TRUE},
+ {"http://x.org/ /three", "http://x.org/%20%20%20/three", " ", "%20", TRUE},
+ {"http://x.org/ ", "http://x.org/%20%20%20%20%20%20", " ", "%20", TRUE},
+ {"http://x.org/%20/encoded", "http://x.org/%20/encoded", " ", "%20", FALSE},
+};
+
+START_TEST(test_strreplace)
+{
+ char *ret;
+
+ ret = strreplace(strreplace_data[_i].in, strreplace_data[_i].search,
+ strreplace_data[_i].replace);
+ if (ret && strreplace_data[_i].out)
+ {
+ ck_assert_str_eq(ret, strreplace_data[_i].out);
+ }
+ else
+ {
+ ck_assert(ret == strreplace_data[_i].out);
+ }
+ if (strreplace_data[_i].allocated)
+ {
+ ck_assert(ret != strreplace_data[_i].in);
+ free(ret);
+ }
+ else
+ {
+ ck_assert(ret == strreplace_data[_i].in);
+ }
+}
+END_TEST
+
+/*******************************************************************************
+ * path_dirname/basename
+ */
+
+static struct {
+ char *path;
+ char *dir;
+ char *base;
+} path_data[] = {
+ {NULL, ".", "."},
+ {"", ".", "."},
+ {".", ".", "."},
+ {"..", ".", ".."},
+ {"/", "/", "/"},
+ {"//", "/", "/"},
+ {"foo", ".", "foo"},
+ {"f/", ".", "f"},
+ {"foo/", ".", "foo"},
+ {"foo//", ".", "foo"},
+ {"/f", "/", "f"},
+ {"/f/", "/", "f"},
+ {"/foo", "/", "foo"},
+ {"/foo/", "/", "foo"},
+ {"//foo/", "/", "foo"},
+ {"foo/bar", "foo", "bar"},
+ {"foo//bar", "foo", "bar"},
+ {"/foo/bar", "/foo", "bar"},
+ {"/foo/bar/", "/foo", "bar"},
+ {"/foo/bar/baz", "/foo/bar", "baz"},
+};
+
+START_TEST(test_path_dirname)
+{
+ char *dir;
+
+ dir = path_dirname(path_data[_i].path);
+ ck_assert_str_eq(path_data[_i].dir, dir);
+ free(dir);
+}
+END_TEST
+
+START_TEST(test_path_basename)
+{
+ char *base;
+
+ base = path_basename(path_data[_i].path);
+ ck_assert_str_eq(path_data[_i].base, base);
+ free(base);
+}
+END_TEST
+
+/*******************************************************************************
* time_printf_hook
*/
@@ -539,10 +713,23 @@ Suite *utils_suite_create()
tcase_add_loop_test(tc, test_memstr, 0, countof(memstr_data));
suite_add_tcase(s, tc);
+ tc = tcase_create("utils_memrchr");
+ tcase_add_loop_test(tc, test_utils_memrchr, 0, countof(memrchr_data));
+ suite_add_tcase(s, tc);
+
tc = tcase_create("translate");
tcase_add_loop_test(tc, test_translate, 0, countof(translate_data));
suite_add_tcase(s, tc);
+ tc = tcase_create("strreplace");
+ tcase_add_loop_test(tc, test_strreplace, 0, countof(strreplace_data));
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("path_dirname/basename");
+ tcase_add_loop_test(tc, test_path_dirname, 0, countof(path_data));
+ tcase_add_loop_test(tc, test_path_basename, 0, countof(path_data));
+ suite_add_tcase(s, tc);
+
tc = tcase_create("printf_hooks");
tcase_add_loop_test(tc, test_time_printf_hook, 0, countof(time_data));
tcase_add_loop_test(tc, test_time_delta_printf_hook, 0, countof(time_delta_data));
diff --git a/src/libstrongswan/tests/test_vectors.c b/src/libstrongswan/tests/suites/test_vectors.c
index f2817d314..242ac9d09 100644
--- a/src/libstrongswan/tests/test_vectors.c
+++ b/src/libstrongswan/tests/suites/test_vectors.c
@@ -21,7 +21,8 @@
START_TEST(test_vectors)
{
- fail_if(lib->crypto->get_test_vector_failures(lib->crypto));
+ u_int failed = lib->crypto->get_test_vector_failures(lib->crypto);
+ fail_if(failed > 0, "%u test vectors failed", failed);
}
END_TEST
diff --git a/src/libstrongswan/tests/suites/test_watcher.c b/src/libstrongswan/tests/suites/test_watcher.c
new file mode 100644
index 000000000..9415bead9
--- /dev/null
+++ b/src/libstrongswan/tests/suites/test_watcher.c
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <library.h>
+
+#include <sched.h>
+#include <unistd.h>
+#include <errno.h>
+
+static char testbuf[1] = "";
+
+static bool readcb(void *data, int fd, watcher_event_t event)
+{
+ ck_assert_int_eq(*(int*)data, fd);
+ ck_assert_int_eq(event, WATCHER_READ);
+
+ if (recv(fd, testbuf, 1, MSG_DONTWAIT) != 1)
+ {
+ ck_assert(errno == EAGAIN || errno == EWOULDBLOCK);
+ }
+ return TRUE;
+}
+
+START_TEST(test_read)
+{
+ int fd[2];
+ char c;
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, fd) != -1);
+
+ lib->watcher->add(lib->watcher, fd[0], WATCHER_READ, readcb, &fd[0]);
+
+ for (c = 'a'; c <= 'z'; c++)
+ {
+ ck_assert_int_eq(write(fd[1], &c, 1), 1);
+ while (testbuf[0] != c)
+ {
+ sched_yield();
+ }
+ }
+
+ lib->watcher->remove(lib->watcher, fd[0]);
+ close(fd[0]);
+ close(fd[1]);
+
+ lib->processor->cancel(lib->processor);
+}
+END_TEST
+
+static bool writecb(void *data, int fd, watcher_event_t event)
+{
+ ck_assert_int_eq(event, WATCHER_WRITE);
+ if (send(fd, data, 1, MSG_DONTWAIT) != 1)
+ {
+ ck_assert(errno == EAGAIN || errno == EWOULDBLOCK);
+ }
+ return TRUE;
+}
+
+START_TEST(test_write)
+{
+ int fd[2];
+ char in = 'x', out;
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, fd) != -1);
+
+ lib->watcher->add(lib->watcher, fd[1], WATCHER_WRITE, writecb, &in);
+
+ ck_assert_int_eq(read(fd[0], &out, 1), 1);
+ ck_assert_int_eq(out, in);
+
+ lib->watcher->remove(lib->watcher, fd[1]);
+ close(fd[1]);
+ close(fd[0]);
+
+ lib->processor->cancel(lib->processor);
+}
+END_TEST
+
+static bool multiread(void *data, int fd, watcher_event_t event)
+{
+ ck_assert_int_eq(event, WATCHER_READ);
+ if (recv(fd, data, 1, MSG_DONTWAIT) != 1)
+ {
+ ck_assert(errno == EAGAIN || errno == EWOULDBLOCK);
+ }
+ return TRUE;
+}
+
+START_TEST(test_multiread)
+{
+ int fd[10][2], i;
+ char in, out[countof(fd)];
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ for (i = 0; i < countof(fd); i++)
+ {
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, fd[i]) != -1);
+ lib->watcher->add(lib->watcher, fd[i][0],
+ WATCHER_READ, multiread, &out[i]);
+ }
+
+ for (i = 0; i < countof(fd); i++)
+ {
+ for (in = 'a'; in <= 'z'; in++)
+ {
+ ck_assert_int_eq(write(fd[i][1], &in, 1), 1);
+ while (out[i] != in)
+ {
+ sched_yield();
+ }
+ }
+ }
+
+ for (i = 0; i < countof(fd); i++)
+ {
+ lib->watcher->remove(lib->watcher, fd[i][0]);
+ close(fd[i][1]);
+ close(fd[i][0]);
+ }
+
+ lib->processor->cancel(lib->processor);
+}
+END_TEST
+
+static bool multiwrite(void *data, int fd, watcher_event_t event)
+{
+ ck_assert_int_eq(event, WATCHER_WRITE);
+ if (send(fd, data, 1, MSG_DONTWAIT) != 1)
+ {
+ ck_assert(errno == EAGAIN || errno == EWOULDBLOCK);
+ }
+ return TRUE;
+}
+
+START_TEST(test_multiwrite)
+{
+ int fd[10][2], i, j;
+ u_char out, in[countof(fd)];
+
+ lib->processor->set_threads(lib->processor, 8);
+
+ for (i = 0; i < countof(fd); i++)
+ {
+ ck_assert(socketpair(AF_UNIX, SOCK_STREAM, 0, fd[i]) != -1);
+ in[i] = i;
+ lib->watcher->add(lib->watcher, fd[i][1],
+ WATCHER_WRITE, multiwrite, &in[i]);
+ }
+
+ for (j = 0; j < 10; j++)
+ {
+ for (i = 0; i < countof(fd); i++)
+ {
+ ck_assert_int_eq(read(fd[i][0], &out, 1), 1);
+ ck_assert_int_eq(out, i);
+ }
+ }
+
+ for (i = 0; i < countof(fd); i++)
+ {
+ lib->watcher->remove(lib->watcher, fd[i][1]);
+ close(fd[i][1]);
+ close(fd[i][0]);
+ }
+
+ lib->processor->cancel(lib->processor);
+}
+END_TEST
+
+Suite *watcher_suite_create()
+{
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("watcher");
+
+ tc = tcase_create("read");
+ tcase_add_test(tc, test_read);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("write");
+ tcase_add_test(tc, test_write);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("multiread");
+ tcase_add_test(tc, test_multiread);
+ suite_add_tcase(s, tc);
+
+ tc = tcase_create("multiwrite");
+ tcase_add_test(tc, test_multiwrite);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
diff --git a/src/libstrongswan/tests/test_runner.c b/src/libstrongswan/tests/test_runner.c
index f85858504..0b26ee128 100644
--- a/src/libstrongswan/tests/test_runner.c
+++ b/src/libstrongswan/tests/test_runner.c
@@ -1,6 +1,8 @@
/*
* Copyright (C) 2013 Tobias Brunner
* Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -13,48 +15,170 @@
* for more details.
*/
-#include <unistd.h>
-
#include "test_runner.h"
#include <library.h>
#include <plugins/plugin_feature.h>
+#include <collections/array.h>
+#include <utils/test.h>
#include <dirent.h>
+#include <unistd.h>
+#include <limits.h>
+
+/**
+ * Get a tty color escape character for stderr
+ */
+#define TTY(color) tty_escape_get(2, TTY_FG_##color)
/**
- * Load plugins from builddir
+ * Initialize the lookup table for testable functions (defined in libstrongswan)
*/
-static bool load_plugins()
+static void testable_functions_create() __attribute__ ((constructor(1000)));
+static void testable_functions_create()
{
- enumerator_t *enumerator;
- char *name, path[PATH_MAX], dir[64];
+ testable_functions = hashtable_create(hashtable_hash_str,
+ hashtable_equals_str, 8);
+}
+
+/**
+ * Destroy the lookup table for testable functions
+ */
+static void testable_functions_destroy() __attribute__ ((destructor(1000)));
+static void testable_functions_destroy()
+{
+ testable_functions->destroy(testable_functions);
+ /* if leak detective is enabled plugins are not actually unloaded, which
+ * means their destructor is called AFTER this one when the process
+ * terminates, even though the priority says differently, make sure this
+ * does not crash */
+ testable_functions = NULL;
+}
+
+/**
+ * Load all available test suites
+ */
+static array_t *load_suites(test_configuration_t configs[],
+ test_runner_init_t init)
+{
+ array_t *suites;
+ bool old = FALSE;
+ int i;
- enumerator = enumerator_create_token(PLUGINS, " ", "");
- while (enumerator->enumerate(enumerator, &name))
+ library_init(NULL, "test-runner");
+
+ test_setup_handler();
+
+ if (init && !init(TRUE))
{
- snprintf(dir, sizeof(dir), "%s", name);
- translate(dir, "-", "_");
- snprintf(path, sizeof(path), "%s/%s/.libs", PLUGINDIR, dir);
- lib->plugins->add_path(lib->plugins, path);
+ library_deinit();
+ return NULL;
}
- enumerator->destroy(enumerator);
+ lib->plugins->status(lib->plugins, LEVEL_CTRL);
- return lib->plugins->load(lib->plugins, PLUGINS);
+ if (lib->leak_detective)
+ {
+ old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
+ }
+
+ suites = array_create(0, 0);
+
+ for (i = 0; configs[i].suite; i++)
+ {
+ if (configs[i].feature.type == 0 ||
+ lib->plugins->has_feature(lib->plugins, configs[i].feature))
+ {
+ array_insert(suites, -1, configs[i].suite());
+ }
+ }
+
+ if (lib->leak_detective)
+ {
+ lib->leak_detective->set_state(lib->leak_detective, old);
+ }
+
+ if (init)
+ {
+ init(FALSE);
+ }
+ library_deinit();
+
+ return suites;
}
-int main()
+/**
+ * Unload and destroy test suites and associated data
+ */
+static void unload_suites(array_t *suites)
{
- SRunner *sr;
- int nf;
+ test_suite_t *suite;
+ test_case_t *tcase;
- /* test cases are forked and there is no cleanup, so disable leak detective.
- * if test_suite.h is included leak detective is enabled in test cases */
- setenv("LEAK_DETECTIVE_DISABLE", "1", 1);
- /* redirect all output to stderr (to redirect make's stdout to /dev/null) */
- dup2(2, 1);
+ while (array_remove(suites, 0, &suite))
+ {
+ while (array_remove(suite->tcases, 0, &tcase))
+ {
+ array_destroy(tcase->functions);
+ array_destroy(tcase->fixtures);
+ }
+ free(suite);
+ }
+ array_destroy(suites);
+}
- library_init(NULL);
+/**
+ * Run a single test function, return FALSE on failure
+ */
+static bool run_test(test_function_t *tfun, int i)
+{
+ if (test_restore_point())
+ {
+ tfun->cb(i);
+ return TRUE;
+ }
+ return FALSE;
+}
+
+/**
+ * Invoke fixture setup/teardown
+ */
+static bool call_fixture(test_case_t *tcase, bool up)
+{
+ enumerator_t *enumerator;
+ test_fixture_t *fixture;
+ bool failure = FALSE;
+
+ enumerator = array_create_enumerator(tcase->fixtures);
+ while (enumerator->enumerate(enumerator, &fixture))
+ {
+ if (test_restore_point())
+ {
+ if (up)
+ {
+ fixture->setup();
+ }
+ else
+ {
+ fixture->teardown();
+ }
+ }
+ else
+ {
+ failure = TRUE;
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ return !failure;
+}
+
+/**
+ * Test initialization, initializes libstrongswan for the next run
+ */
+static bool pre_test(test_runner_init_t init)
+{
+ library_init(NULL, "test-runner");
/* use non-blocking RNG to generate keys fast */
lib->settings->set_default_str(lib->settings,
@@ -62,45 +186,305 @@ int main()
lib->settings->get_str(lib->settings,
"libstrongswan.plugins.random.urandom", "/dev/urandom"));
- if (!load_plugins())
+ if (lib->leak_detective)
+ {
+ /* disable leak reports during testing */
+ lib->leak_detective->set_report_cb(lib->leak_detective,
+ NULL, NULL, NULL);
+ }
+ if (init && !init(TRUE))
{
library_deinit();
- return EXIT_FAILURE;
+ return FALSE;
}
- lib->plugins->status(lib->plugins, LEVEL_CTRL);
+ dbg_default_set_level(LEVEL_SILENT);
+ return TRUE;
+}
+
+/**
+ * Failure description
+ */
+typedef struct {
+ char *name;
+ char msg[512 - sizeof(char*) - 2 * sizeof(int)];
+ const char *file;
+ int line;
+ int i;
+ backtrace_t *bt;
+} failure_t;
+
+/**
+ * Data passed to leak report callbacks
+ */
+typedef struct {
+ array_t *failures;
+ char *name;
+ int i;
+ int leaks;
+} report_data_t;
+
+/**
+ * Leak report callback, build failures from leaks
+ */
+static void report_leaks(report_data_t *data, int count, size_t bytes,
+ backtrace_t *bt, bool detailed)
+{
+ failure_t failure = {
+ .name = data->name,
+ .i = data->i,
+ .bt = bt->clone(bt),
+ };
+
+ snprintf(failure.msg, sizeof(failure.msg),
+ "Leak detected: %d allocations using %zu bytes", count, bytes);
+
+ array_insert(data->failures, -1, &failure);
+}
+
+/**
+ * Leak summary callback, check if any leaks found
+ */
+static void sum_leaks(report_data_t *data, int count, size_t bytes,
+ int whitelisted)
+{
+ data->leaks = count;
+}
+
+/**
+ * Do library cleanup and optionally check for memory leaks
+ */
+static bool post_test(test_runner_init_t init, bool check_leaks,
+ array_t *failures, char *name, int i)
+{
+ report_data_t data = {
+ .failures = failures,
+ .name = name,
+ .i = i,
+ };
- sr = srunner_create(NULL);
- srunner_add_suite(sr, bio_reader_suite_create());
- srunner_add_suite(sr, bio_writer_suite_create());
- srunner_add_suite(sr, chunk_suite_create());
- srunner_add_suite(sr, enum_suite_create());
- srunner_add_suite(sr, enumerator_suite_create());
- srunner_add_suite(sr, linked_list_suite_create());
- srunner_add_suite(sr, linked_list_enumerator_suite_create());
- srunner_add_suite(sr, hashtable_suite_create());
- srunner_add_suite(sr, array_suite_create());
- srunner_add_suite(sr, identification_suite_create());
- srunner_add_suite(sr, threading_suite_create());
- srunner_add_suite(sr, utils_suite_create());
- srunner_add_suite(sr, host_suite_create());
- srunner_add_suite(sr, vectors_suite_create());
- srunner_add_suite(sr, printf_suite_create());
- if (lib->plugins->has_feature(lib->plugins,
- PLUGIN_DEPENDS(PRIVKEY_GEN, KEY_RSA)))
- {
- srunner_add_suite(sr, rsa_suite_create());
- }
- if (lib->plugins->has_feature(lib->plugins,
- PLUGIN_DEPENDS(PRIVKEY_GEN, KEY_ECDSA)))
- {
- srunner_add_suite(sr, ecdsa_suite_create());
- }
-
- srunner_run_all(sr, CK_NORMAL);
- nf = srunner_ntests_failed(sr);
-
- srunner_free(sr);
+ if (init)
+ {
+ init(FALSE);
+ }
+ if (check_leaks && lib->leak_detective)
+ {
+ lib->leak_detective->set_report_cb(lib->leak_detective,
+ (leak_detective_report_cb_t)report_leaks,
+ (leak_detective_summary_cb_t)sum_leaks, &data);
+ }
library_deinit();
- return (nf == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
+ return data.leaks != 0;
+}
+
+/**
+ * Collect failure information, add failure_t to array
+ */
+static void collect_failure_info(array_t *failures, char *name, int i)
+{
+ failure_t failure = {
+ .name = name,
+ .i = i,
+ .bt = test_failure_backtrace(),
+ };
+
+ failure.line = test_failure_get(failure.msg, sizeof(failure.msg),
+ &failure.file);
+
+ array_insert(failures, -1, &failure);
+}
+
+/**
+ * Print array of collected failure_t to stderr
+ */
+static void print_failures(array_t *failures)
+{
+ failure_t failure;
+
+ backtrace_init();
+
+ while (array_remove(failures, 0, &failure))
+ {
+ fprintf(stderr, " %sFailure in '%s': %s (",
+ TTY(RED), failure.name, failure.msg);
+ if (failure.line)
+ {
+ fprintf(stderr, "%s:%d, ", failure.file, failure.line);
+ }
+ fprintf(stderr, "i = %d)%s\n", failure.i, TTY(DEF));
+ if (failure.bt)
+ {
+ failure.bt->log(failure.bt, stderr, TRUE);
+ failure.bt->destroy(failure.bt);
+ }
+ }
+
+ backtrace_deinit();
+}
+
+/**
+ * Run a single test case with fixtures
+ */
+static bool run_case(test_case_t *tcase, test_runner_init_t init)
+{
+ enumerator_t *enumerator;
+ test_function_t *tfun;
+ int passed = 0;
+ array_t *failures;
+
+ failures = array_create(sizeof(failure_t), 0);
+
+ fprintf(stderr, " Running case '%s': ", tcase->name);
+ fflush(stderr);
+
+ enumerator = array_create_enumerator(tcase->functions);
+ while (enumerator->enumerate(enumerator, &tfun))
+ {
+ int i, rounds = 0;
+
+ for (i = tfun->start; i < tfun->end; i++)
+ {
+ if (pre_test(init))
+ {
+ bool ok = FALSE, leaks = FALSE;
+
+ test_setup_timeout(tcase->timeout);
+
+ if (call_fixture(tcase, TRUE))
+ {
+ if (run_test(tfun, i))
+ {
+ if (call_fixture(tcase, FALSE))
+ {
+ ok = TRUE;
+ }
+ }
+ else
+ {
+ call_fixture(tcase, FALSE);
+ }
+
+ }
+ leaks = post_test(init, ok, failures, tfun->name, i);
+
+ test_setup_timeout(0);
+
+ if (ok)
+ {
+ if (!leaks)
+ {
+ rounds++;
+ fprintf(stderr, "%s+%s", TTY(GREEN), TTY(DEF));
+ }
+ }
+ else
+ {
+ collect_failure_info(failures, tfun->name, i);
+ }
+ if (!ok || leaks)
+ {
+ fprintf(stderr, "%s-%s", TTY(RED), TTY(DEF));
+ }
+ }
+ else
+ {
+ fprintf(stderr, "!");
+ }
+ }
+ fflush(stderr);
+ if (rounds == tfun->end - tfun->start)
+ {
+ passed++;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ fprintf(stderr, "\n");
+
+ print_failures(failures);
+ array_destroy(failures);
+
+ return passed == array_count(tcase->functions);
+}
+
+/**
+ * Run a single test suite
+ */
+static bool run_suite(test_suite_t *suite, test_runner_init_t init)
+{
+ enumerator_t *enumerator;
+ test_case_t *tcase;
+ int passed = 0;
+
+ fprintf(stderr, " Running suite '%s':\n", suite->name);
+
+ enumerator = array_create_enumerator(suite->tcases);
+ while (enumerator->enumerate(enumerator, &tcase))
+ {
+ if (run_case(tcase, init))
+ {
+ passed++;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (passed == array_count(suite->tcases))
+ {
+ fprintf(stderr, " %sPassed all %u '%s' test cases%s\n",
+ TTY(GREEN), array_count(suite->tcases), suite->name, TTY(DEF));
+ return TRUE;
+ }
+ fprintf(stderr, " %sPassed %u/%u '%s' test cases%s\n",
+ TTY(RED), passed, array_count(suite->tcases), suite->name, TTY(DEF));
+ return FALSE;
+}
+
+/**
+ * See header.
+ */
+int test_runner_run(const char *name, test_configuration_t configs[],
+ test_runner_init_t init)
+{
+ array_t *suites;
+ test_suite_t *suite;
+ enumerator_t *enumerator;
+ int passed = 0, result;
+
+ /* redirect all output to stderr (to redirect make's stdout to /dev/null) */
+ dup2(2, 1);
+
+ suites = load_suites(configs, init);
+ if (!suites)
+ {
+ return EXIT_FAILURE;
+ }
+
+ fprintf(stderr, "Running %u '%s' test suites:\n", array_count(suites), name);
+
+ enumerator = array_create_enumerator(suites);
+ while (enumerator->enumerate(enumerator, &suite))
+ {
+ if (run_suite(suite, init))
+ {
+ passed++;
+ }
+ }
+ enumerator->destroy(enumerator);
+
+ if (passed == array_count(suites))
+ {
+ fprintf(stderr, "%sPassed all %u '%s' suites%s\n",
+ TTY(GREEN), array_count(suites), name, TTY(DEF));
+ result = EXIT_SUCCESS;
+ }
+ else
+ {
+ fprintf(stderr, "%sPassed %u of %u '%s' suites%s\n",
+ TTY(RED), passed, array_count(suites), name, TTY(DEF));
+ result = EXIT_FAILURE;
+ }
+
+ unload_suites(suites);
+
+ return result;
}
diff --git a/src/libstrongswan/tests/test_runner.h b/src/libstrongswan/tests/test_runner.h
index 6315abba7..643b622e5 100644
--- a/src/libstrongswan/tests/test_runner.h
+++ b/src/libstrongswan/tests/test_runner.h
@@ -1,6 +1,6 @@
/*
- * Copyright (C) 2013 Tobias Brunner
- * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -13,27 +13,65 @@
* for more details.
*/
+/**
+ * @defgroup libtest libtest
+ *
+ * @defgroup test_utils test_utils
+ * @ingroup libtest
+ *
+ * @defgroup test_runner test_runner
+ * @{ @ingroup libtest
+ */
+
#ifndef TEST_RUNNER_H_
#define TEST_RUNNER_H_
-#include <check.h>
-
-Suite *bio_reader_suite_create();
-Suite *bio_writer_suite_create();
-Suite *chunk_suite_create();
-Suite *enum_suite_create();
-Suite *enumerator_suite_create();
-Suite *linked_list_suite_create();
-Suite *linked_list_enumerator_suite_create();
-Suite *hashtable_suite_create();
-Suite *array_suite_create();
-Suite *identification_suite_create();
-Suite *threading_suite_create();
-Suite *utils_suite_create();
-Suite *vectors_suite_create();
-Suite *ecdsa_suite_create();
-Suite *rsa_suite_create();
-Suite *host_suite_create();
-Suite *printf_suite_create();
-
-#endif /** TEST_RUNNER_H_ */
+#include "test_suite.h"
+
+#include <plugins/plugin_feature.h>
+
+typedef struct test_configuration_t test_configuration_t;
+
+/**
+ * Callback called before and after each test case to de-/initialize the
+ * environment (e.g. to load plugins). It is also called before and after the
+ * test suites are loaded.
+ *
+ * It is called after libstrongswan has been initialized and likewise before it
+ * gets deinitialized.
+ *
+ * @param init TRUE during initialization
+ * @return FALSE if de-/init failed
+ */
+typedef bool (*test_runner_init_t)(bool init);
+
+/**
+ * Test configuration, suite constructor with plugin dependency
+ */
+struct test_configuration_t {
+
+ /**
+ * Constructor function to create suite.
+ */
+ test_suite_t *(*suite)();
+
+ /**
+ * Plugin feature this test suite depends on
+ */
+ plugin_feature_t feature;
+};
+
+/**
+ * Run test configuration.
+ *
+ * The configs array must be terminated with a NULL element.
+ *
+ * @param name name of test runner
+ * @param config test suite constructors with dependencies
+ * @param init_cb init/deinit callback
+ * @return test result, EXIT_SUCCESS if all tests passed
+ */
+int test_runner_run(const char *name, test_configuration_t config[],
+ test_runner_init_t init_cb);
+
+#endif /** TEST_RUNNER_H_ @}*/
diff --git a/src/libstrongswan/tests/test_suite.c b/src/libstrongswan/tests/test_suite.c
new file mode 100644
index 000000000..0f2e74b7c
--- /dev/null
+++ b/src/libstrongswan/tests/test_suite.c
@@ -0,0 +1,277 @@
+/*
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <signal.h>
+#include <unistd.h>
+
+#include <pthread.h>
+
+/**
+ * Failure message buf
+ */
+static char failure_buf[512];
+
+/**
+ * Source file failure occurred
+ */
+static const char *failure_file;
+
+/**
+ * Line of source file failure occurred
+ */
+static int failure_line;
+
+/**
+ * Backtrace of failure, if any
+ */
+static backtrace_t *failure_backtrace;
+
+/**
+ * Longjump restore point when failing
+ */
+sigjmp_buf test_restore_point_env;
+
+/**
+ * See header.
+ */
+test_suite_t* test_suite_create(const char *name)
+{
+ test_suite_t *suite;
+
+ INIT(suite,
+ .name = name,
+ .tcases = array_create(0, 0),
+ );
+ return suite;
+}
+
+/**
+ * See header.
+ */
+test_case_t* test_case_create(const char *name)
+{
+ test_case_t *tcase;
+
+ INIT(tcase,
+ .name = name,
+ .functions = array_create(sizeof(test_function_t), 0),
+ .fixtures = array_create(sizeof(test_fixture_t), 0),
+ .timeout = TEST_FUNCTION_DEFAULT_TIMEOUT,
+ );
+ return tcase;
+}
+
+/**
+ * See header.
+ */
+void test_case_add_checked_fixture(test_case_t *tcase, test_fixture_cb_t setup,
+ test_fixture_cb_t teardown)
+{
+ test_fixture_t fixture = {
+ .setup = setup,
+ .teardown = teardown,
+ };
+ array_insert(tcase->fixtures, -1, &fixture);
+}
+
+/**
+ * See header.
+ */
+void test_case_add_test_name(test_case_t *tcase, char *name,
+ test_function_cb_t cb, int start, int end)
+{
+ test_function_t fun = {
+ .name = name,
+ .cb = cb,
+ .start = start,
+ .end = end,
+ };
+ array_insert(tcase->functions, -1, &fun);
+}
+
+/**
+ * See header.
+ */
+void test_case_set_timeout(test_case_t *tcase, int s)
+{
+ tcase->timeout = s;
+}
+
+/**
+ * See header.
+ */
+void test_suite_add_case(test_suite_t *suite, test_case_t *tcase)
+{
+ array_insert(suite->tcases, -1, tcase);
+}
+
+/**
+ * Main thread performing tests
+ */
+static pthread_t main_thread;
+
+/**
+ * Let test case fail
+ */
+static inline void test_failure()
+{
+ if (pthread_self() == main_thread)
+ {
+ siglongjmp(test_restore_point_env, 1);
+ }
+ else
+ {
+ pthread_kill(main_thread, SIGUSR1);
+ /* how can we stop just the thread? longjmp to a restore point? */
+ }
+}
+
+/**
+ * See header.
+ */
+void test_fail_vmsg(const char *file, int line, char *fmt, va_list args)
+{
+ vsnprintf(failure_buf, sizeof(failure_buf), fmt, args);
+ failure_line = line;
+ failure_file = file;
+
+ test_failure();
+}
+
+/**
+ * See header.
+ */
+void test_fail_msg(const char *file, int line, char *fmt, ...)
+{
+ va_list args;
+
+ va_start(args, fmt);
+ vsnprintf(failure_buf, sizeof(failure_buf), fmt, args);
+ failure_line = line;
+ failure_file = file;
+ va_end(args);
+
+ test_failure();
+}
+
+/**
+ * Signal handler catching critical and alarm signals
+ */
+static void test_sighandler(int signal)
+{
+ char *signame;
+ bool old = FALSE;
+
+ switch (signal)
+ {
+ case SIGUSR1:
+ /* a different thread failed, abort test */
+ return test_failure();
+ case SIGSEGV:
+ signame = "SIGSEGV";
+ break;
+ case SIGILL:
+ signame = "SIGILL";
+ break;
+ case SIGBUS:
+ signame = "SIGBUS";
+ break;
+ case SIGALRM:
+ signame = "timeout";
+ break;
+ default:
+ signame = "SIG";
+ break;
+ }
+ if (lib->leak_detective)
+ {
+ old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
+ }
+ failure_backtrace = backtrace_create(3);
+ if (lib->leak_detective)
+ {
+ lib->leak_detective->set_state(lib->leak_detective, old);
+ }
+ test_fail_msg(NULL, 0, "%s(%d)", signame, signal);
+ /* unable to restore a valid context for that thread, terminate */
+ fprintf(stderr, "\n%s(%d) outside of main thread:\n", signame, signal);
+ failure_backtrace->log(failure_backtrace, stderr, TRUE);
+ fprintf(stderr, "terminating...\n");
+ abort();
+}
+
+/**
+ * See header.
+ */
+void test_setup_handler()
+{
+ struct sigaction action = {
+ .sa_handler = test_sighandler,
+ };
+
+ main_thread = pthread_self();
+
+ /* signal handler inherited by all threads */
+ sigaction(SIGSEGV, &action, NULL);
+ sigaction(SIGILL, &action, NULL);
+ sigaction(SIGBUS, &action, NULL);
+ /* ignore ALRM/USR1, these are catched by main thread only */
+ action.sa_handler = SIG_IGN;
+ sigaction(SIGALRM, &action, NULL);
+ sigaction(SIGUSR1, &action, NULL);
+}
+
+/**
+ * See header.
+ */
+void test_setup_timeout(int s)
+{
+ struct sigaction action = {
+ .sa_handler = test_sighandler,
+ };
+
+ /* This called by main thread only. Setup handler for timeout and
+ * failure cross-thread signaling. */
+ sigaction(SIGALRM, &action, NULL);
+ sigaction(SIGUSR1, &action, NULL);
+
+ alarm(s);
+}
+
+/**
+ * See header.
+ */
+int test_failure_get(char *msg, int len, const char **file)
+{
+ strncpy(msg, failure_buf, len - 1);
+ msg[len - 1] = 0;
+ *file = failure_file;
+ return failure_line;
+}
+
+/**
+ * See header.
+ */
+backtrace_t *test_failure_backtrace()
+{
+ backtrace_t *bt;
+
+ bt = failure_backtrace;
+ failure_backtrace = NULL;
+
+ return bt;
+}
diff --git a/src/libstrongswan/tests/test_suite.h b/src/libstrongswan/tests/test_suite.h
index 2a2861323..c44f149f5 100644
--- a/src/libstrongswan/tests/test_suite.h
+++ b/src/libstrongswan/tests/test_suite.h
@@ -1,6 +1,8 @@
/*
* Copyright (C) 2013 Tobias Brunner
* Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -13,98 +15,318 @@
* for more details.
*/
-#ifndef TEST_UTILS_H_
-#define TEST_UTILS_H_
+/**
+ * @defgroup test_suite test_suite
+ * @{ @ingroup libtest
+ */
+
+#ifndef TEST_SUITE_H_
+#define TEST_SUITE_H_
+
+#define _GNU_SOURCE
+#include <setjmp.h>
-#include <check.h>
#include <library.h>
#include <utils/debug.h>
+#include <utils/backtrace.h>
+#include <collections/array.h>
+
+typedef struct test_suite_t test_suite_t;
+typedef struct test_case_t test_case_t;
+typedef struct test_function_t test_function_t;
+typedef struct test_fixture_t test_fixture_t;
/**
- * Used to mark test cases that use test fixtures.
+ * Default timeout for a single test function
*/
-#define UNIT_TEST_FIXTURE_USED "UNIT_TEST_FIXTURE_USED"
+#define TEST_FUNCTION_DEFAULT_TIMEOUT 2
/**
- * Check for memory leaks and fail if any are encountered.
+ * Test function implementation
*/
-#define CHECK_FOR_LEAKS() do \
-{ \
- if (lib->leak_detective) \
- { \
- if (lib->leak_detective->leaks(lib->leak_detective)) { \
- lib->leak_detective->report(lib->leak_detective, TRUE); \
- } \
- ck_assert_int_eq(lib->leak_detective->leaks(lib->leak_detective), 0); \
- } \
-} \
-while(0)
+typedef void (*test_function_cb_t)(int);
+
+/**
+ * Fixture for a test case.
+ */
+typedef void (*test_fixture_cb_t)(void);
+
+/**
+ * A test suite; a collection of test cases with fixtures
+ */
+struct test_suite_t {
+ /** name of the test suite */
+ const char *name;
+ /** test cases registered, as test_case_t* */
+ array_t *tcases;
+};
/**
- * Extended versions of the START|END_TEST macros that use leak detective.
+ * A test case; multiple test functions using the same fixtures
+ */
+struct test_case_t {
+ /** name of the test case */
+ const char *name;
+ /** tests registered, as test_function_t */
+ array_t *functions;
+ /** fixture for tests, as test_fixture_t */
+ array_t *fixtures;
+ /** timeout for each function, in s */
+ int timeout;
+};
+
+/**
+ * A test function, with optional loop setup
+ */
+struct test_function_t {
+ /** name of test function */
+ char *name;
+ /** tests function registered, test_function_t* */
+ test_function_cb_t cb;
+ /** start for loop test */
+ int start;
+ /** end for loop test */
+ int end;
+};
+
+/**
+ * Registered fixture for a test case
+ */
+struct test_fixture_t {
+ test_fixture_cb_t setup;
+ test_fixture_cb_t teardown;
+};
+
+/**
+ * Create a new test suite
*
- * Since each test case runs in its own fork of the test runner the stuff
- * allocated before the test starts is not freed, so leak detective is disabled
- * by default to prevent false positives. By enabling it right when the test
- * starts we at least capture leaks created by the tested objects/functions and
- * the test case itself. This allows writing test cases for cleanup functions.
+ * @param name name of the test suite
+ * @return test suite
+ */
+test_suite_t* test_suite_create(const char *name);
+
+/**
+ * Create a new test case
*
- * To define test fixture with possibly allocated/destroyed memory that is
- * allocated/freed in a test case use the START|END_SETUP|TEARDOWN macros.
+ * @param name name of test case
+ * @return test case
*/
-#undef START_TEST
-#define START_TEST(name) \
-static void name (int _i CK_ATTRIBUTE_UNUSED) \
-{ \
- tcase_fn_start(""#name, __FILE__, __LINE__); \
- dbg_default_set_level(LEVEL_SILENT); \
- if (lib->leak_detective) \
- { \
- lib->leak_detective->set_state(lib->leak_detective, TRUE); \
- }
+test_case_t* test_case_create(const char *name);
-#undef END_TEST
-#define END_TEST \
- if (!lib->get(lib, UNIT_TEST_FIXTURE_USED)) \
- { \
- CHECK_FOR_LEAKS(); \
- } \
-}
+/**
+ * Add a setup/teardown function to the test case
+ *
+ * @param tcase test case to add a fixture to
+ * @param setup setup function called before each test
+ * @param teardown cleanup function called after each test
+ */
+void test_case_add_checked_fixture(test_case_t *tcase, test_fixture_cb_t setup,
+ test_fixture_cb_t teardown);
+
+/**
+ * Add a test function to a test case, with a name, looped several times
+ *
+ * @param name name of the test case
+ * @param tcase test case to add test function to
+ * @param cb callback function to invoke for test
+ * @param start start of loop counter
+ * @param end end of loop counter
+ */
+void test_case_add_test_name(test_case_t *tcase, char *name,
+ test_function_cb_t cb, int start, int end);
+
+/**
+ * Add a test function to a test case
+ *
+ * @param tcase test case to add test function to
+ * @param cb callback function to invoke for test
+ */
+#define test_case_add_test(tcase, cb) \
+ test_case_add_test_name(tcase, #cb, cb, 0, 1)
+
+/**
+ * Add a test function to a test case, looped several times
+ *
+ * @param tcase test case to add test function to
+ * @param cb callback function to invoke for test
+ * @param start start of loop counter
+ * @param end end of loop counter
+ */
+#define test_case_add_loop_test(tcase, cb, start, end) \
+ test_case_add_test_name(tcase, #cb, cb, start, end)
+
+/**
+ * Set a custom timeout for test functions in a test case
+ *
+ * @param tcase test case to set timeout for
+ * @param s test timeout in s
+ */
+void test_case_set_timeout(test_case_t *tcase, int s);
+
+/**
+ * Add a test function to a test case, looped several times
+ *
+ * @param suite test suite to add test case to
+ * @param tcase test case to add
+ */
+void test_suite_add_case(test_suite_t *suite, test_case_t *tcase);
/**
- * Define a function to setup a test fixture that can be used with the above
- * macros.
+ * sigjmp restore point used by test_restore_point
+ */
+extern sigjmp_buf test_restore_point_env;
+
+/**
+ * Set or return from an execution restore point
+ *
+ * This call sets a restore execution point and returns TRUE after it has
+ * been set up. On test failure, the execution is returned to the restore point
+ * and FALSE is returned to indicate test failure.
+ *
+ * @return TRUE if restore point set, FALSE when restored
*/
-#define START_SETUP(name) \
-static void name() \
-{ \
- lib->set(lib, UNIT_TEST_FIXTURE_USED, (void*)TRUE); \
- if (lib->leak_detective) \
+#define test_restore_point() (sigsetjmp(test_restore_point_env, 1) == 0)
+
+/**
+ * Set up signal handlers for test cases
+ */
+void test_setup_handler();
+
+/**
+ * Set up a timeout to let a test fail
+ *
+ * @param s timeout, 0 to disable timeout
+ */
+void test_setup_timeout(int s);
+
+/**
+ * Get info about a test failure
+ *
+ * @param msg buffer receiving failure info
+ * @param len size of msg buffer
+ * @param file pointer receiving source code file
+ * @return source code line number
+ */
+int test_failure_get(char *msg, int len, const char **file);
+
+/**
+ * Get a backtrace for a failure.
+ *
+ * @return allocated backtrace of test failure, if any
+ */
+backtrace_t *test_failure_backtrace();
+
+/**
+ * Let a test fail and set a message using vprintf style arguments.
+ *
+ * @param file source code file name
+ * @param line source code line number
+ * @param fmt printf format string
+ * @param args argument list for fmt
+ */
+void test_fail_vmsg(const char *file, int line, char *fmt, va_list args);
+
+/**
+ * Let a test fail and set a message using printf style arguments.
+ *
+ * @param file source code file name
+ * @param line source code line number
+ * @param fmt printf format string
+ * @param ... arguments for fmt
+ */
+void test_fail_msg(const char *file, int line, char *fmt, ...);
+
+/**
+ * Check if two integers equal, fail test if not
+ *
+ * @param a first integer
+ * @param b second integer
+ */
+#define test_int_eq(a, b) \
+({ \
+ typeof(a) _a = a; \
+ typeof(b) _b = b; \
+ if (_a != _b) \
{ \
- lib->leak_detective->set_state(lib->leak_detective, TRUE); \
- }
+ test_fail_msg(__FILE__, __LINE__, #a " != " #b " (%d != %d)", _a, _b); \
+ } \
+})
/**
- * End a setup function
+ * Check if two strings equal, fail test if not
+ *
+ * @param a first string
+ * @param b second string
*/
-#define END_SETUP }
+#define test_str_eq(a, b) \
+({ \
+ char* _a = (char*)a; \
+ char* _b = (char*)b; \
+ if (!_a || !_b || !streq(_a, _b)) \
+ { \
+ test_fail_msg(__FILE__, __LINE__, \
+ #a " != " #b " (\"%s\" != \"%s\")", _a, _b); \
+ } \
+})
/**
- * Define a function to teardown a test fixture that can be used with the above
- * macros.
+ * Check if a statement evaluates to TRUE, fail test if not
+ *
+ * @param x statement to evaluate
*/
-#define START_TEARDOWN(name) \
-static void name() \
-{
+#define test_assert(x) \
+({ \
+ if (!(x)) \
+ { \
+ test_fail_msg(__FILE__, __LINE__, #x); \
+ } \
+})
/**
- * End a teardown function
+ * Check if a statement evaluates to TRUE, fail and print a message if not
+ *
+ * @param x statement to evaluate
+ * @param fmt message format string
+ * @param ... fmt printf arguments
*/
-#define END_TEARDOWN \
- if (lib->get(lib, UNIT_TEST_FIXTURE_USED)) \
+#define test_assert_msg(x, fmt, ...) \
+({ \
+ if (!(x)) \
{ \
- CHECK_FOR_LEAKS(); \
+ test_fail_msg(__FILE__, __LINE__, #x ": " fmt, ##__VA_ARGS__); \
} \
-}
+})
+
+
+
+/* "check unit testing" compatibility */
+#define Suite test_suite_t
+#define TCase test_case_t
+#define ck_assert_int_eq test_int_eq
+#define ck_assert test_assert
+#define ck_assert_msg test_assert_msg
+#define ck_assert_str_eq test_str_eq
+#define fail(fmt, ...) test_fail_msg(__FILE__, __LINE__, fmt, ##__VA_ARGS__)
+#define fail_if(x, fmt, ...) \
+({ \
+ if (x) \
+ { \
+ test_fail_msg(__FILE__, __LINE__, #x ": " fmt, ##__VA_ARGS__); \
+ } \
+})
+#define fail_unless test_assert_msg
+#define suite_create test_suite_create
+#define tcase_create test_case_create
+#define tcase_add_checked_fixture test_case_add_checked_fixture
+#define tcase_add_test test_case_add_test
+#define tcase_add_loop_test test_case_add_loop_test
+#define tcase_set_timeout test_case_set_timeout
+#define suite_add_tcase test_suite_add_case
+#define START_TEST(name) static void name (int _i) {
+#define END_TEST }
+#define START_SETUP(name) static void name() {
+#define END_SETUP }
+#define START_TEARDOWN(name) static void name() {
+#define END_TEARDOWN }
-#endif /** TEST_UTILS_H_ */
+#endif /** TEST_SUITE_H_ @}*/
diff --git a/src/libstrongswan/tests/test_threading.c b/src/libstrongswan/tests/test_threading.c
deleted file mode 100644
index 0c768b3e2..000000000
--- a/src/libstrongswan/tests/test_threading.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * Copyright (C) 2013 Tobias Brunner
- * Copyright (C) 2008 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <sched.h>
-#include <pthread.h>
-
-#include "test_suite.h"
-
-#include <threading/mutex.h>
-
-/*******************************************************************************
- * recursive mutex test
- */
-
-#define THREADS 20
-
-static mutex_t *mutex;
-
-static pthread_barrier_t mutex_barrier;
-
-static int mutex_locked = 0;
-
-static void *mutex_run(void *data)
-{
- int i;
-
- /* wait for all threads before getting in action */
- pthread_barrier_wait(&mutex_barrier);
-
- for (i = 0; i < 100; i++)
- {
- mutex->lock(mutex);
- mutex->lock(mutex);
- mutex->lock(mutex);
- mutex_locked++;
- sched_yield();
- if (mutex_locked > 1)
- {
- fail("two threads locked the mutex concurrently");
- }
- mutex_locked--;
- mutex->unlock(mutex);
- mutex->unlock(mutex);
- mutex->unlock(mutex);
- }
- return NULL;
-}
-
-START_TEST(test_mutex)
-{
- pthread_t threads[THREADS];
- int i;
-
- mutex = mutex_create(MUTEX_TYPE_RECURSIVE);
-
- for (i = 0; i < 10; i++)
- {
- mutex->lock(mutex);
- mutex->unlock(mutex);
- }
- for (i = 0; i < 10; i++)
- {
- mutex->lock(mutex);
- }
- for (i = 0; i < 10; i++)
- {
- mutex->unlock(mutex);
- }
-
- pthread_barrier_init(&mutex_barrier, NULL, THREADS);
- for (i = 0; i < THREADS; i++)
- {
- pthread_create(&threads[i], NULL, mutex_run, NULL);
- }
- for (i = 0; i < THREADS; i++)
- {
- pthread_join(threads[i], NULL);
- }
- pthread_barrier_destroy(&mutex_barrier);
-
- mutex->destroy(mutex);
-}
-END_TEST
-
-Suite *threading_suite_create()
-{
- Suite *s;
- TCase *tc;
-
- s = suite_create("threading");
-
- tc = tcase_create("recursive mutex");
- tcase_add_test(tc, test_mutex);
- suite_add_tcase(s, tc);
-
- return s;
-}
diff --git a/src/libstrongswan/tests/tests.c b/src/libstrongswan/tests/tests.c
new file mode 100644
index 000000000..9f2adfd15
--- /dev/null
+++ b/src/libstrongswan/tests/tests.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <test_runner.h>
+
+/* declare test suite constructors */
+#define TEST_SUITE(x) test_suite_t* x();
+#define TEST_SUITE_DEPEND(x, ...) TEST_SUITE(x)
+#include "tests.h"
+#undef TEST_SUITE
+#undef TEST_SUITE_DEPEND
+
+static test_configuration_t tests[] = {
+#define TEST_SUITE(x) \
+ { .suite = x, },
+#define TEST_SUITE_DEPEND(x, type, args) \
+ { .suite = x, .feature = PLUGIN_DEPENDS(type, args) },
+#include "tests.h"
+ { .suite = NULL, }
+};
+
+static bool test_runner_init(bool init)
+{
+ if (init)
+ {
+ plugin_loader_add_plugindirs(PLUGINDIR, PLUGINS);
+ if (!lib->plugins->load(lib->plugins, PLUGINS))
+ {
+ return FALSE;
+ }
+ }
+ else
+ {
+ lib->processor->set_threads(lib->processor, 0);
+ lib->processor->cancel(lib->processor);
+ lib->plugins->unload(lib->plugins);
+ }
+ return TRUE;
+}
+
+int main(int argc, char *argv[])
+{
+ return test_runner_run("libstrongswan", tests, test_runner_init);
+}
diff --git a/src/libstrongswan/tests/tests.h b/src/libstrongswan/tests/tests.h
new file mode 100644
index 000000000..82a5137c1
--- /dev/null
+++ b/src/libstrongswan/tests/tests.h
@@ -0,0 +1,43 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+TEST_SUITE(bio_reader_suite_create)
+TEST_SUITE(bio_writer_suite_create)
+TEST_SUITE(chunk_suite_create)
+TEST_SUITE(enum_suite_create)
+TEST_SUITE(enumerator_suite_create)
+TEST_SUITE(linked_list_suite_create)
+TEST_SUITE(linked_list_enumerator_suite_create)
+TEST_SUITE(hashtable_suite_create)
+TEST_SUITE(array_suite_create)
+TEST_SUITE(identification_suite_create)
+TEST_SUITE(threading_suite_create)
+TEST_SUITE(watcher_suite_create)
+TEST_SUITE(stream_suite_create)
+TEST_SUITE(utils_suite_create)
+TEST_SUITE(settings_suite_create)
+TEST_SUITE(vectors_suite_create)
+TEST_SUITE_DEPEND(ecdsa_suite_create, PRIVKEY_GEN, KEY_ECDSA)
+TEST_SUITE_DEPEND(rsa_suite_create, PRIVKEY_GEN, KEY_RSA)
+TEST_SUITE(host_suite_create)
+TEST_SUITE(printf_suite_create)
+TEST_SUITE(hasher_suite_create)
+TEST_SUITE(crypter_suite_create)
+TEST_SUITE(pen_suite_create)
+TEST_SUITE(asn1_suite_create)
+TEST_SUITE(asn1_parser_suite_create)
+TEST_SUITE(test_rng_suite_create)
+TEST_SUITE_DEPEND(ntru_suite_create, DH, NTRU_112_BIT)
+TEST_SUITE_DEPEND(fetch_http_suite_create, FETCHER, "http://")
diff --git a/src/libstrongswan/tests/utils/test_rng.c b/src/libstrongswan/tests/utils/test_rng.c
new file mode 100644
index 000000000..01569509b
--- /dev/null
+++ b/src/libstrongswan/tests/utils/test_rng.c
@@ -0,0 +1,86 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_rng.h"
+
+typedef struct private_rng_t private_rng_t;
+
+/**
+ * Private data.
+ */
+struct private_rng_t {
+
+ /**
+ * Public interface.
+ */
+ rng_t public;
+
+ /**
+ * Entropy string.
+ */
+ chunk_t entropy;
+};
+
+METHOD(rng_t, get_bytes, bool,
+ private_rng_t *this, size_t bytes, u_int8_t *buffer)
+{
+ if (bytes > this->entropy.len)
+ {
+ return FALSE;
+ }
+ memcpy(buffer, this->entropy.ptr, bytes);
+ this->entropy = chunk_skip(this->entropy, bytes);
+ return TRUE;
+}
+
+METHOD(rng_t, allocate_bytes, bool,
+ private_rng_t *this, size_t bytes, chunk_t *chunk)
+{
+ if (bytes > this->entropy.len)
+ {
+ *chunk = chunk_empty;
+ return FALSE;
+ }
+
+ *chunk = chunk_alloc(bytes);
+ memcpy(chunk->ptr, this->entropy.ptr, bytes);
+ this->entropy = chunk_skip(this->entropy, bytes);
+ return TRUE;
+}
+
+METHOD(rng_t, destroy, void,
+ private_rng_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+rng_t *test_rng_create(chunk_t entropy)
+{
+ private_rng_t *this;
+
+ INIT(this,
+ .public = {
+ .get_bytes = _get_bytes,
+ .allocate_bytes = _allocate_bytes,
+ .destroy = _destroy,
+ },
+ .entropy = entropy,
+ );
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/tests/utils/test_rng.h b/src/libstrongswan/tests/utils/test_rng.h
new file mode 100644
index 000000000..e588f3be7
--- /dev/null
+++ b/src/libstrongswan/tests/utils/test_rng.h
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * rng_t providing NIST SP 800-90A entropy test vectors
+ *
+ * @defgroup test_rng test_rng
+ * @{ @ingroup test_utils
+ */
+
+#ifndef TEST_RNG_H_
+#define TEST_RNG_H_
+
+#include <library.h>
+
+/**
+ * Creates a test_rng_t instance.
+ *
+ * @param entropy entropy test vector
+ * @return created test_rng_t
+ */
+rng_t *test_rng_create(chunk_t entropy);
+
+#endif /** TEST_RNG_H_ @} */
diff --git a/src/libstrongswan/threading/thread.h b/src/libstrongswan/threading/thread.h
index 31b9e1b3a..8d3c30e9b 100644
--- a/src/libstrongswan/threading/thread.h
+++ b/src/libstrongswan/threading/thread.h
@@ -71,7 +71,6 @@ typedef void *(*thread_main_t)(void *arg);
*/
typedef void (*thread_cleanup_t)(void *arg);
-
/**
* Thread wrapper implements simple, portable and advanced thread functions.
*
@@ -110,10 +109,8 @@ struct thread_t {
* a call to exit.
*/
void *(*join)(thread_t *this);
-
};
-
/**
* Create a new thread instance.
*
@@ -168,6 +165,10 @@ bool thread_cancelability(bool enable);
/**
* Force creation of a cancellation point in the calling thread.
+ *
+ * This temporarily enables thread cancelability, tests for a pending
+ * cancellation request and then disables cancelability again if it was
+ * disabled before the call to thread_cancellation_point().
*/
void thread_cancellation_point();
@@ -188,6 +189,4 @@ void threads_init();
*/
void threads_deinit();
-
#endif /** THREADING_THREAD_H_ @} */
-
diff --git a/src/libstrongswan/utils/backtrace.c b/src/libstrongswan/utils/backtrace.c
index fb2c4d1e8..f1584620b 100644
--- a/src/libstrongswan/utils/backtrace.c
+++ b/src/libstrongswan/utils/backtrace.c
@@ -314,7 +314,7 @@ static void print_sourceline(FILE *file, char *filename, void *ptr, void *base)
bool old = FALSE;
bfd_mutex->lock(bfd_mutex);
- if (lib->leak_detective)
+ if (lib && lib->leak_detective)
{
old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
}
@@ -324,7 +324,7 @@ static void print_sourceline(FILE *file, char *filename, void *ptr, void *base)
data.entry = entry;
bfd_map_over_sections(entry->abfd, (void*)find_addr, &data);
}
- if (lib->leak_detective)
+ if (lib && lib->leak_detective)
{
lib->leak_detective->set_state(lib->leak_detective, old);
}
diff --git a/src/libstrongswan/utils/backtrace.h b/src/libstrongswan/utils/backtrace.h
index 416f58898..16e84c4d9 100644
--- a/src/libstrongswan/utils/backtrace.h
+++ b/src/libstrongswan/utils/backtrace.h
@@ -21,12 +21,12 @@
#ifndef BACKTRACE_H_
#define BACKTRACE_H_
+typedef struct backtrace_t backtrace_t;
+
#include <stdio.h>
#include <library.h>
-typedef struct backtrace_t backtrace_t;
-
/**
* A backtrace registers the frames on the stack during creation.
*/
diff --git a/src/libstrongswan/utils/capabilities.h b/src/libstrongswan/utils/capabilities.h
index fe11a4dfc..20c18554b 100644
--- a/src/libstrongswan/utils/capabilities.h
+++ b/src/libstrongswan/utils/capabilities.h
@@ -44,6 +44,9 @@ typedef struct capabilities_t capabilities_t;
#ifndef CAP_NET_RAW
# define CAP_NET_RAW 13
#endif
+#ifndef CAP_DAC_OVERRIDE
+# define CAP_DAC_OVERRIDE 1
+#endif
/**
* POSIX capability dropping abstraction layer.
diff --git a/src/libstrongswan/utils/chunk.c b/src/libstrongswan/utils/chunk.c
index 644b8060f..47181719a 100644
--- a/src/libstrongswan/utils/chunk.c
+++ b/src/libstrongswan/utils/chunk.c
@@ -18,6 +18,9 @@
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
+#ifdef HAVE_MMAP
+# include <sys/mman.h>
+#endif
#include <fcntl.h>
#include <unistd.h>
#include <errno.h>
@@ -25,7 +28,6 @@
#include <ctype.h>
#include "chunk.h"
-#include "debug.h"
/**
* Empty chunk.
@@ -206,15 +208,16 @@ void chunk_split(chunk_t chunk, const char *mode, ...)
/**
* Described in header.
*/
-bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force)
+bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force)
{
mode_t oldmask;
FILE *fd;
bool good = FALSE;
+ int tmp = 0;
if (!force && access(path, F_OK) == 0)
{
- DBG1(DBG_LIB, " %s file '%s' already exists", label, path);
+ errno = EEXIST;
return FALSE;
}
oldmask = umask(mask);
@@ -223,58 +226,206 @@ bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force
{
if (fwrite(chunk.ptr, sizeof(u_char), chunk.len, fd) == chunk.len)
{
- DBG1(DBG_LIB, " written %s file '%s' (%d bytes)",
- label, path, chunk.len);
good = TRUE;
}
else
{
- DBG1(DBG_LIB, " writing %s file '%s' failed: %s",
- label, path, strerror(errno));
+ tmp = errno;
}
fclose(fd);
}
else
{
- DBG1(DBG_LIB, " could not open %s file '%s': %s", label, path,
- strerror(errno));
+ tmp = errno;
}
umask(oldmask);
+ errno = tmp;
return good;
}
/**
* Described in header.
*/
-chunk_t chunk_from_fd(int fd)
+bool chunk_from_fd(int fd, chunk_t *out)
{
- char buf[8096];
- char *pos = buf;
- ssize_t len, total = 0;
+ struct stat sb;
+ char *buf, *tmp;
+ ssize_t len, total = 0, bufsize;
+
+ if (fstat(fd, &sb) == 0 && S_ISREG(sb.st_mode))
+ {
+ bufsize = sb.st_size;
+ }
+ else
+ {
+ bufsize = 256;
+ }
+ buf = malloc(bufsize);
+ if (!buf)
+ { /* for huge files */
+ return FALSE;
+ }
while (TRUE)
{
- len = read(fd, pos, buf + sizeof(buf) - pos);
+ len = read(fd, buf + total, bufsize - total);
if (len < 0)
{
- DBG1(DBG_LIB, "reading from file descriptor failed: %s",
- strerror(errno));
- return chunk_empty;
+ free(buf);
+ return FALSE;
}
if (len == 0)
{
break;
}
total += len;
- if (total == sizeof(buf))
+ if (total == bufsize)
+ {
+ bufsize *= 2;
+ tmp = realloc(buf, bufsize);
+ if (!tmp)
+ {
+ free(buf);
+ return FALSE;
+ }
+ buf = tmp;
+ }
+ }
+ if (total == 0)
+ {
+ free(buf);
+ buf = NULL;
+ }
+ else if (total < bufsize)
+ {
+ buf = realloc(buf, total);
+ }
+ *out = chunk_create(buf, total);
+ return TRUE;
+}
+
+/**
+ * Implementation for mmap()ed chunks
+ */
+typedef struct {
+ /* public chunk interface */
+ chunk_t public;
+ /* FD of open file */
+ int fd;
+ /* mmap() address */
+ void *map;
+ /* size of map */
+ size_t len;
+ /* do we write? */
+ bool wr;
+} mmaped_chunk_t;
+
+/**
+ * See header.
+ */
+chunk_t *chunk_map(char *path, bool wr)
+{
+ mmaped_chunk_t *chunk;
+ struct stat sb;
+ int tmp;
+
+ INIT(chunk,
+ .fd = open(path, wr ? O_RDWR : O_RDONLY),
+ .wr = wr,
+ );
+
+ if (chunk->fd == -1)
+ {
+ free(chunk);
+ return NULL;
+ }
+ if (fstat(chunk->fd, &sb) == -1)
+ {
+ tmp = errno;
+ chunk_unmap(&chunk->public);
+ errno = tmp;
+ return NULL;
+ }
+#ifdef HAVE_MMAP
+ chunk->len = sb.st_size;
+ /* map non-empty files only, as mmap() complains otherwise */
+ if (chunk->len)
+ {
+ /* in read-only mode, we allow writes, but don't sync to disk */
+ chunk->map = mmap(NULL, chunk->len, PROT_READ | PROT_WRITE,
+ wr ? MAP_SHARED : MAP_PRIVATE, chunk->fd, 0);
+ if (chunk->map == MAP_FAILED)
{
- DBG1(DBG_LIB, "buffer too small to read from file descriptor");
- return chunk_empty;
+ tmp = errno;
+ chunk_unmap(&chunk->public);
+ errno = tmp;
+ return NULL;
}
}
- return chunk_clone(chunk_create(buf, total));
+ chunk->public = chunk_create(chunk->map, chunk->len);
+#else /* !HAVE_MMAP */
+ if (!chunk_from_fd(chunk->fd, &chunk->public))
+ {
+ tmp = errno;
+ chunk_unmap(&chunk->public);
+ errno = tmp;
+ return NULL;
+ }
+ chunk->map = chunk->public.ptr;
+ chunk->len = chunk->public.len;
+#endif /* !HAVE_MMAP */
+ return &chunk->public;
}
+/**
+ * See header.
+ */
+bool chunk_unmap(chunk_t *public)
+{
+ mmaped_chunk_t *chunk;
+ bool ret = FALSE;
+ int tmp = 0;
+
+ chunk = (mmaped_chunk_t*)public;
+#ifdef HAVE_MMAP
+ if (chunk->map && chunk->map != MAP_FAILED)
+ {
+ ret = munmap(chunk->map, chunk->len) == 0;
+ tmp = errno;
+ }
+#else /* !HAVE_MMAP */
+ if (chunk->wr)
+ {
+ if (lseek(chunk->fd, 0, SEEK_SET) != -1)
+ {
+ int len, total = 0;
+
+ ret = TRUE;
+ while (total < chunk->len)
+ {
+ len = write(chunk->fd, chunk->map + total, chunk->len - total);
+ if (len <= 0)
+ {
+ ret = FALSE;
+ break;
+ }
+ total += len;
+ }
+ }
+ tmp = errno;
+ }
+ else
+ {
+ ret = TRUE;
+ }
+ free(chunk->map);
+#endif /* !HAVE_MMAP */
+ close(chunk->fd);
+ free(chunk);
+ errno = tmp;
+
+ return ret;
+}
/** hex conversion digits */
static char hexdig_upper[] = "0123456789ABCDEF";
diff --git a/src/libstrongswan/utils/chunk.h b/src/libstrongswan/utils/chunk.h
index d3751da70..33f66caec 100644
--- a/src/libstrongswan/utils/chunk.h
+++ b/src/libstrongswan/utils/chunk.h
@@ -90,22 +90,52 @@ void chunk_split(chunk_t chunk, const char *mode, ...);
/**
* Write the binary contents of a chunk_t to a file
*
+ * If the write fails, errno is set appropriately.
+ *
* @param chunk contents to write to file
* @param path path where file is written to
- * @param label label specifying file type
* @param mask file mode creation mask
* @param force overwrite existing file by force
* @return TRUE if write operation was successful
*/
-bool chunk_write(chunk_t chunk, char *path, char *label, mode_t mask, bool force);
+bool chunk_write(chunk_t chunk, char *path, mode_t mask, bool force);
/**
* Store data read from FD into a chunk
*
+ * On error, errno is set appropriately.
+ *
* @param fd file descriptor to read from
- * @return chunk or chunk_empty on failure
+ * @param chunk chunk receiving allocated buffer
+ * @return TRUE if successful, FALSE on failure
+ */
+bool chunk_from_fd(int fd, chunk_t *chunk);
+
+/**
+ * mmap() a file to a chunk
+ *
+ * The returned chunk structure is allocated from heap, but it must be freed
+ * through chunk_unmap(). A user may alter the chunk ptr or len, but must pass
+ * the chunk pointer returned from chunk_map() to chunk_unmap() after use.
+ *
+ * On error, errno is set appropriately.
+ *
+ * @param path path of file to map
+ * @param wr TRUE to sync writes to disk
+ * @return mapped chunk, NULL on error
+ */
+chunk_t *chunk_map(char *path, bool wr);
+
+/**
+ * munmap() a chunk previously mapped with chunk_map()
+ *
+ * When unmapping a writeable map, the return value should be checked to
+ * ensure changes landed on disk.
+ *
+ * @param chunk pointer returned from chunk_map()
+ * @return TRUE of changes written back to file
*/
-chunk_t chunk_from_fd(int fd);
+bool chunk_unmap(chunk_t *chunk);
/**
* Convert a chunk of data to hex encoding.
@@ -191,17 +221,17 @@ static inline void chunk_clear(chunk_t *chunk)
/**
* Initialize a chunk using a char array
*/
-#define chunk_from_chars(...) ((chunk_t){(char[]){__VA_ARGS__}, sizeof((char[]){__VA_ARGS__})})
+#define chunk_from_chars(...) ((chunk_t){(u_char[]){__VA_ARGS__}, sizeof((u_char[]){__VA_ARGS__})})
/**
* Initialize a chunk to point to a thing
*/
-#define chunk_from_thing(thing) chunk_create((char*)&(thing), sizeof(thing))
+#define chunk_from_thing(thing) chunk_create((u_char*)&(thing), sizeof(thing))
/**
* Initialize a chunk from a string, not containing 0-terminator
*/
-#define chunk_from_str(str) ({char *x = (str); chunk_create(x, strlen(x));})
+#define chunk_from_str(str) ({char *x = (str); chunk_create((u_char*)x, strlen(x));})
/**
* Allocate a chunk on the heap
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
index 9c43ad570..e7eb63bc6 100644
--- a/src/libstrongswan/utils/identification.c
+++ b/src/libstrongswan/utils/identification.c
@@ -332,8 +332,13 @@ static void dntoa(chunk_t dn, char *buf, size_t len)
buf += written;
len -= written;
+ written = 0;
chunk_printable(data, &printable, '?');
- written = snprintf(buf, len, "%.*s", (int)printable.len, printable.ptr);
+ if (printable.ptr)
+ {
+ written = snprintf(buf, len, "%.*s", (int)printable.len,
+ printable.ptr);
+ }
chunk_free(&printable);
if (written < 0 || written >= len)
{
diff --git a/src/libstrongswan/utils/integrity_checker.c b/src/libstrongswan/utils/integrity_checker.c
index d59a76232..b66df02e7 100644
--- a/src/libstrongswan/utils/integrity_checker.c
+++ b/src/libstrongswan/utils/integrity_checker.c
@@ -22,7 +22,6 @@
#include <fcntl.h>
#include <errno.h>
#include <unistd.h>
-#include <sys/mman.h>
#include <sys/stat.h>
#include <sys/types.h>
@@ -61,40 +60,17 @@ METHOD(integrity_checker_t, build_file, u_int32_t,
private_integrity_checker_t *this, char *file, size_t *len)
{
u_int32_t checksum;
- chunk_t contents;
- struct stat sb;
- void *addr;
- int fd;
+ chunk_t *contents;
- fd = open(file, O_RDONLY);
- if (fd == -1)
+ contents = chunk_map(file, FALSE);
+ if (!contents)
{
DBG1(DBG_LIB, " opening '%s' failed: %s", file, strerror(errno));
return 0;
}
-
- if (fstat(fd, &sb) == -1)
- {
- DBG1(DBG_LIB, " getting file size of '%s' failed: %s", file,
- strerror(errno));
- close(fd);
- return 0;
- }
-
- addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
- if (addr == MAP_FAILED)
- {
- DBG1(DBG_LIB, " mapping '%s' failed: %s", file, strerror(errno));
- close(fd);
- return 0;
- }
-
- *len = sb.st_size;
- contents = chunk_create(addr, sb.st_size);
- checksum = chunk_hash_static(contents);
-
- munmap(addr, sb.st_size);
- close(fd);
+ *len = contents->len;
+ checksum = chunk_hash_static(*contents);
+ chunk_unmap(contents);
return checksum;
}
@@ -318,4 +294,3 @@ integrity_checker_t *integrity_checker_create(char *checksum_library)
}
return &this->public;
}
-
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
index 725e04f7c..82eadcb97 100644
--- a/src/libstrongswan/utils/leak_detective.c
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -59,6 +59,21 @@ struct private_leak_detective_t {
* public functions
*/
leak_detective_t public;
+
+ /**
+ * Registered report() function
+ */
+ leak_detective_report_cb_t report_cb;
+
+ /**
+ * Registered report() summary function
+ */
+ leak_detective_summary_cb_t report_scb;
+
+ /**
+ * Registered user data for callbacks
+ */
+ void *report_data;
};
/**
@@ -318,9 +333,16 @@ HOOK(size_t, size, const void *ptr)
*/
static bool register_hooks()
{
+ static bool once = FALSE;
malloc_zone_t *zone;
void *page;
+ if (once)
+ {
+ return TRUE;
+ }
+ once = TRUE;
+
zone = malloc_default_zone();
if (zone->version != MALLOC_ZONE_VERSION)
{
@@ -461,7 +483,7 @@ static void* real_realloc(void *ptr, size_t size)
static bool register_hooks()
{
void *buf = real_malloc(8);
- real_realloc(buf, 16);
+ buf = real_realloc(buf, 16);
real_free(buf);
return TRUE;
}
@@ -477,7 +499,7 @@ static bool register_hooks()
char *whitelist[] = {
/* backtraces, including own */
"backtrace_create",
- "safe_strerror",
+ "strerror_safe",
/* pthread stuff */
"pthread_create",
"pthread_setspecific",
@@ -565,7 +587,12 @@ char *whitelist[] = {
*/
static void init_static_allocations()
{
+ struct tm tm;
+ time_t t = 0;
+
tzset();
+ gmtime_r(&t, &tm);
+ localtime_r(&t, &tm);
}
/**
@@ -599,7 +626,8 @@ static bool equals(backtrace_t *a, backtrace_t *b)
* Summarize and print backtraces
*/
static int print_traces(private_leak_detective_t *this,
- FILE *out, int thresh, int thresh_count,
+ leak_detective_report_cb_t cb, void *user,
+ int thresh, int thresh_count,
bool detailed, int *whitelisted, size_t *sum)
{
int leaks = 0;
@@ -652,16 +680,20 @@ static int print_traces(private_leak_detective_t *this,
leaks++;
}
lock->unlock(lock);
+
enumerator = entries->create_enumerator(entries);
while (enumerator->enumerate(enumerator, NULL, &entry))
{
- if (out &&
- (!thresh || entry->bytes >= thresh) &&
- (!thresh_count || entry->count >= thresh_count))
+ if (cb)
{
- fprintf(out, "%d bytes total, %d allocations, %d bytes average:\n",
- entry->bytes, entry->count, entry->bytes / entry->count);
- entry->backtrace->log(entry->backtrace, out, detailed);
+ if (!thresh || entry->bytes >= thresh)
+ {
+ if (!thresh_count || entry->count >= thresh_count)
+ {
+ this->report_cb(this->report_data, entry->count,
+ entry->bytes, entry->backtrace, detailed);
+ }
+ }
}
entry->backtrace->destroy(entry->backtrace);
free(entry);
@@ -681,38 +713,30 @@ METHOD(leak_detective_t, report, void,
int leaks, whitelisted = 0;
size_t sum = 0;
- leaks = print_traces(this, stderr, 0, 0, detailed, &whitelisted, &sum);
- switch (leaks)
+ leaks = print_traces(this, this->report_cb, this->report_data,
+ 0, 0, detailed, &whitelisted, &sum);
+ if (this->report_scb)
{
- case 0:
- fprintf(stderr, "No leaks detected");
- break;
- case 1:
- fprintf(stderr, "One leak detected");
- break;
- default:
- fprintf(stderr, "%d leaks detected, %zu bytes", leaks, sum);
- break;
+ this->report_scb(this->report_data, leaks, sum, whitelisted);
}
- fprintf(stderr, ", %d suppressed by whitelist\n", whitelisted);
- }
- else
- {
- fprintf(stderr, "Leak detective disabled\n");
}
}
+METHOD(leak_detective_t, set_report_cb, void,
+ private_leak_detective_t *this, leak_detective_report_cb_t cb,
+ leak_detective_summary_cb_t scb, void *user)
+{
+ this->report_cb = cb;
+ this->report_scb = scb;
+ this->report_data = user;
+}
+
METHOD(leak_detective_t, leaks, int,
private_leak_detective_t *this)
{
- if (lib->leak_detective)
- {
- int leaks, whitelisted = 0;
+ int whitelisted = 0;
- leaks = print_traces(this, NULL, 0, 0, FALSE, &whitelisted, NULL);
- return leaks;
- }
- return 0;
+ return print_traces(this, NULL, NULL, 0, 0, FALSE, &whitelisted, NULL);
}
METHOD(leak_detective_t, set_state, bool,
@@ -722,22 +746,26 @@ METHOD(leak_detective_t, set_state, bool,
}
METHOD(leak_detective_t, usage, void,
- private_leak_detective_t *this, FILE *out)
+ private_leak_detective_t *this, leak_detective_report_cb_t cb,
+ leak_detective_summary_cb_t scb, void *user)
{
bool detailed;
- int thresh, thresh_count;
+ int thresh, thresh_count, leaks, whitelisted = 0;
size_t sum = 0;
thresh = lib->settings->get_int(lib->settings,
- "libstrongswan.leak_detective.usage_threshold", 10240);
+ "%s.leak_detective.usage_threshold", 10240, lib->ns);
thresh_count = lib->settings->get_int(lib->settings,
- "libstrongswan.leak_detective.usage_threshold_count", 0);
+ "%s.leak_detective.usage_threshold_count", 0, lib->ns);
detailed = lib->settings->get_bool(lib->settings,
- "libstrongswan.leak_detective.detailed", TRUE);
+ "%s.leak_detective.detailed", TRUE, lib->ns);
- print_traces(this, out, thresh, thresh_count, detailed, NULL, &sum);
-
- fprintf(out, "Total memory usage: %zu\n", sum);
+ leaks = print_traces(this, cb, user, thresh, thresh_count,
+ detailed, &whitelisted, &sum);
+ if (scb)
+ {
+ scb(user, leaks, sum, whitelisted);
+ }
}
/**
@@ -924,6 +952,7 @@ METHOD(leak_detective_t, destroy, void,
lock->destroy(lock);
thread_disabled->destroy(thread_disabled);
free(this);
+ first_header.next = NULL;
}
/*
@@ -936,8 +965,9 @@ leak_detective_t *leak_detective_create()
INIT(this,
.public = {
.report = _report,
- .leaks = _leaks,
+ .set_report_cb = _set_report_cb,
.usage = _usage,
+ .leaks = _leaks,
.set_state = _set_state,
.destroy = _destroy,
},
diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h
index 7a29e81d7..3fd0b8c93 100644
--- a/src/libstrongswan/utils/leak_detective.h
+++ b/src/libstrongswan/utils/leak_detective.h
@@ -24,6 +24,30 @@
typedef struct leak_detective_t leak_detective_t;
#include <library.h>
+#include <utils/backtrace.h>
+
+/**
+ * Callback function to report leak/usage information
+ *
+ * @param user user specific data
+ * @param count number of allocations
+ * @param bytes total size of allocations
+ * @param bt backtrace of allocation
+ * @param detailed TRUE to show a detailed backtrace
+ */
+typedef void (*leak_detective_report_cb_t)(void *user, int count, size_t bytes,
+ backtrace_t *bt, bool detailed);
+
+/**
+ * Callback function to report leak/usage summary information
+ *
+ * @param user user specific data
+ * @param count total number of allocations
+ * @param bytes total size of all reported allocations
+ * @param whitelisted number of allocations suppressed by whitelist
+ */
+typedef void (*leak_detective_summary_cb_t)(void* user, int count, size_t bytes,
+ int whitelisted);
/**
* Leak detective finds leaks and bad frees using malloc hooks.
@@ -36,25 +60,39 @@ typedef struct leak_detective_t leak_detective_t;
struct leak_detective_t {
/**
- * Report leaks to stderr.
+ * Report leaks to the registered callback functions.
*
* @param detailed TRUE to resolve line/filename of leak (slow)
*/
void (*report)(leak_detective_t *this, bool detailed);
/**
- * Number of detected leaks.
+ * Report current memory usage to out.
+ * Set callback functions invoked during a report().
*
- * @return number of leaks
+ * @param cb callback invoked for each detected leak
+ * @param scb summary callback invoked at end of report
+ * @param user user data to supply to callbacks
*/
- int (*leaks)(leak_detective_t *this);
+ void (*set_report_cb)(leak_detective_t *this, leak_detective_report_cb_t cb,
+ leak_detective_summary_cb_t scb, void *user);
/**
- * Report current memory usage to out.
+ * Report current memory usage using a callbacks.
+ *
+ * @param cb callback invoked for each allocation
+ * @param scb summary callback invoked at end of usage report
+ * @param user user data supplied to callbacks
+ */
+ void (*usage)(leak_detective_t *this, leak_detective_report_cb_t cb,
+ leak_detective_summary_cb_t scb, void *user);
+
+ /**
+ * Number of detected leaks.
*
- * @param out target to write usage report to
+ * @return number of leaks
*/
- void (*usage)(leak_detective_t *this, FILE *out);
+ int (*leaks)(leak_detective_t *this);
/**
* Enable/disable leak detective hooks for the current thread.
diff --git a/src/libstrongswan/utils/printf_hook/printf_hook_builtin.c b/src/libstrongswan/utils/printf_hook/printf_hook_builtin.c
index d00abef20..c79d4b87a 100644
--- a/src/libstrongswan/utils/printf_hook/printf_hook_builtin.c
+++ b/src/libstrongswan/utils/printf_hook/printf_hook_builtin.c
@@ -122,10 +122,14 @@ size_t print_in_hook(printf_hook_data_t *data, char *fmt, ...)
if (written > data->n)
{
- written = data->n;
+ data->q += data->n;
+ data->n = 0;
+ }
+ else
+ {
+ data->q += written;
+ data->n -= written;
}
- data->q += written;
- data->n += written;
return written;
}
@@ -725,12 +729,6 @@ int builtin_vsnprintf(char *buffer, size_t n, const char *format, va_list ap)
switch (ch)
{
- case 'P':
- {
- /* Upper case pointer */
- flags |= FL_UPPER;
- /* fall through */
- }
case 'p':
{
/* Pointer */
diff --git a/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c b/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c
index 8fd1aed4a..5efe1d990 100644
--- a/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c
+++ b/src/libstrongswan/utils/printf_hook/printf_hook_glibc.c
@@ -19,10 +19,10 @@
#include <utils/utils.h>
#include <utils/debug.h>
-#include <printf.h>
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
+#include <printf.h>
typedef struct private_printf_hook_t private_printf_hook_t;
typedef struct printf_hook_handler_t printf_hook_handler_t;
diff --git a/src/libstrongswan/utils/settings.c b/src/libstrongswan/utils/settings.c
index 809ca10ab..490490a1e 100644
--- a/src/libstrongswan/utils/settings.c
+++ b/src/libstrongswan/utils/settings.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2010 Tobias Brunner
+ * Copyright (C) 2010-2014 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -20,7 +20,6 @@
#include <stdio.h>
#include <errno.h>
#include <limits.h>
-#include <libgen.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -31,6 +30,8 @@
#include "settings.h"
+#include "collections/array.h"
+#include "collections/hashtable.h"
#include "collections/linked_list.h"
#include "threading/rwlock.h"
#include "utils/debug.h"
@@ -78,14 +79,19 @@ struct section_t {
char *name;
/**
+ * fallback sections, as section_t
+ */
+ array_t *fallbacks;
+
+ /**
* subsections, as section_t
*/
- linked_list_t *sections;
+ array_t *sections;
/**
* key value pairs, as kv_t
*/
- linked_list_t *kv;
+ array_t *kv;
};
/**
@@ -134,8 +140,6 @@ static section_t *section_create(char *name)
section_t *this;
INIT(this,
.name = strdupnull(name),
- .sections = linked_list_create(),
- .kv = linked_list_create(),
);
return this;
}
@@ -145,37 +149,73 @@ static section_t *section_create(char *name)
*/
static void section_destroy(section_t *this)
{
- this->kv->destroy_function(this->kv, (void*)kv_destroy);
- this->sections->destroy_function(this->sections, (void*)section_destroy);
+ array_destroy_function(this->sections, (void*)section_destroy, NULL);
+ array_destroy_function(this->kv, (void*)kv_destroy, NULL);
+ array_destroy(this->fallbacks);
free(this->name);
free(this);
}
/**
- * Purge contents of a section
+ * Purge contents of a section, returns if section can be safely removed.
*/
-static void section_purge(section_t *this)
+static bool section_purge(section_t *this)
{
- this->kv->destroy_function(this->kv, (void*)kv_destroy);
- this->kv = linked_list_create();
- this->sections->destroy_function(this->sections, (void*)section_destroy);
- this->sections = linked_list_create();
+ section_t *current;
+ int i;
+
+ array_destroy_function(this->kv, (void*)kv_destroy, NULL);
+ this->kv = NULL;
+ /* we ensure sections used as fallback, or configured with fallbacks (or
+ * having any such subsections) are not removed */
+ for (i = array_count(this->sections) - 1; i >= 0; i--)
+ {
+ array_get(this->sections, i, &current);
+ if (section_purge(current))
+ {
+ array_remove(this->sections, i, NULL);
+ section_destroy(current);
+ }
+ }
+ return !this->fallbacks && !array_count(this->sections);
}
/**
* callback to find a section by name
*/
-static bool section_find(section_t *this, char *name)
+static int section_find(const void *a, const void *b)
{
- return streq(this->name, name);
+ const char *key = a;
+ const section_t *item = b;
+ return strcmp(key, item->name);
+}
+
+/**
+ * callback to sort sections by name
+ */
+static int section_sort(const void *a, const void *b, void *user)
+{
+ const section_t *sa = a, *sb = b;
+ return strcmp(sa->name, sb->name);
}
/**
* callback to find a kv pair by key
*/
-static bool kv_find(kv_t *this, char *key)
+static int kv_find(const void *a, const void *b)
+{
+ const char *key = a;
+ const kv_t *item = b;
+ return strcmp(key, item->key);
+}
+
+/**
+ * callback to sort kv pairs by key
+ */
+static int kv_sort(const void *a, const void *b, void *user)
{
- return streq(this->key, key);
+ const kv_t *kva = a, *kvb = b;
+ return strcmp(kva->key, kvb->key);
}
/**
@@ -184,17 +224,16 @@ static bool kv_find(kv_t *this, char *key)
static bool print_key(char *buf, int len, char *start, char *key, va_list args)
{
va_list copy;
+ char *pos = start;
bool res;
- char *pos;
va_copy(copy, args);
- while (start < key)
+ while (TRUE)
{
- pos = strchr(start, '%');
+ pos = memchr(pos, '%', key - pos);
if (!pos)
{
- start += strlen(start) + 1;
- continue;
+ break;
}
pos++;
switch (*pos)
@@ -215,11 +254,7 @@ static bool print_key(char *buf, int len, char *start, char *key, va_list args)
DBG1(DBG_CFG, "settings with %%%c not supported!", *pos);
break;
}
- start = pos;
- if (*start)
- {
- start++;
- }
+ pos++;
}
res = vsnprintf(buf, len, key, copy) < len;
va_end(copy);
@@ -251,14 +286,17 @@ static section_t *find_section_buffered(section_t *section,
{
return NULL;
}
- if (section->sections->find_first(section->sections,
- (linked_list_match_t)section_find,
- (void**)&found, buf) != SUCCESS)
+ if (!strlen(buf))
+ {
+ found = section;
+ }
+ else if (array_bsearch(section->sections, buf, section_find, &found) == -1)
{
if (ensure)
{
found = section_create(buf);
- section->sections->insert_last(section->sections, found);
+ array_insert_create(&section->sections, ARRAY_TAIL, found);
+ array_sort(section->sections, section_sort, NULL);
}
}
if (found && pos)
@@ -269,10 +307,74 @@ static section_t *find_section_buffered(section_t *section,
}
/**
- * Find a section by a given key (thread-safe).
+ * Find all sections via a given key considering fallbacks, using buffered key,
+ * reusable buffer.
+ */
+static void find_sections_buffered(section_t *section, char *start, char *key,
+ va_list args, char *buf, int len, array_t **sections)
+{
+ section_t *found = NULL, *fallback;
+ char *pos;
+ int i;
+
+ if (!section)
+ {
+ return;
+ }
+ pos = strchr(key, '.');
+ if (pos)
+ {
+ *pos = '\0';
+ }
+ if (!print_key(buf, len, start, key, args))
+ {
+ return;
+ }
+ if (pos)
+ { /* restore so we can follow fallbacks */
+ *pos = '.';
+ }
+ if (!strlen(buf))
+ {
+ found = section;
+ }
+ else
+ {
+ array_bsearch(section->sections, buf, section_find, &found);
+ }
+ if (found)
+ {
+ if (pos)
+ {
+ find_sections_buffered(found, start, pos+1, args, buf, len,
+ sections);
+ }
+ else
+ {
+ array_insert_create(sections, ARRAY_TAIL, found);
+ for (i = 0; i < array_count(found->fallbacks); i++)
+ {
+ array_get(found->fallbacks, i, &fallback);
+ array_insert_create(sections, ARRAY_TAIL, fallback);
+ }
+ }
+ }
+ if (section->fallbacks)
+ {
+ for (i = 0; i < array_count(section->fallbacks); i++)
+ {
+ array_get(section->fallbacks, i, &fallback);
+ find_sections_buffered(fallback, start, key, args, buf, len,
+ sections);
+ }
+ }
+}
+
+/**
+ * Ensure that the section with the given key exists (thread-safe).
*/
-static section_t *find_section(private_settings_t *this, section_t *section,
- char *key, va_list args)
+static section_t *ensure_section(private_settings_t *this, section_t *section,
+ const char *key, va_list args)
{
char buf[128], keybuf[512];
section_t *found;
@@ -281,42 +383,101 @@ static section_t *find_section(private_settings_t *this, section_t *section,
{
return NULL;
}
- this->lock->read_lock(this->lock);
+ /* we might have to change the tree */
+ this->lock->write_lock(this->lock);
found = find_section_buffered(section, keybuf, keybuf, args, buf,
- sizeof(buf), FALSE);
+ sizeof(buf), TRUE);
this->lock->unlock(this->lock);
return found;
}
/**
- * Ensure that the section with the given key exists (thread-safe).
+ * Find a section by a given key with its fallbacks (not thread-safe!).
+ * Sections are returned in depth-first order (array is allocated). NULL is
+ * returned if no sections are found.
*/
-static section_t *ensure_section(private_settings_t *this, section_t *section,
- char *key, va_list args)
+static array_t *find_sections(private_settings_t *this, section_t *section,
+ char *key, va_list args)
{
char buf[128], keybuf[512];
- section_t *found;
+ array_t *sections = NULL;
if (snprintf(keybuf, sizeof(keybuf), "%s", key) >= sizeof(keybuf))
{
return NULL;
}
- /* we might have to change the tree */
+ find_sections_buffered(section, keybuf, keybuf, args, buf,
+ sizeof(buf), &sections);
+ return sections;
+}
+
+/**
+ * Check if the given fallback section already exists
+ */
+static bool fallback_exists(section_t *section, section_t *fallback)
+{
+ if (section == fallback)
+ {
+ return TRUE;
+ }
+ else if (section->fallbacks)
+ {
+ section_t *existing;
+ int i;
+
+ for (i = 0; i < array_count(section->fallbacks); i++)
+ {
+ array_get(section->fallbacks, i, &existing);
+ if (existing == fallback)
+ {
+ return TRUE;
+ }
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Ensure that the section with the given key exists and add the given fallback
+ * section (thread-safe).
+ */
+static void add_fallback_to_section(private_settings_t *this,
+ section_t *section, const char *key, va_list args,
+ section_t *fallback)
+{
+ char buf[128], keybuf[512];
+ section_t *found;
+
+ if (snprintf(keybuf, sizeof(keybuf), "%s", key) >= sizeof(keybuf))
+ {
+ return;
+ }
this->lock->write_lock(this->lock);
found = find_section_buffered(section, keybuf, keybuf, args, buf,
sizeof(buf), TRUE);
+ if (!fallback_exists(found, fallback))
+ {
+ /* to ensure sections referred to as fallback are not purged, we create
+ * the array there too */
+ if (!fallback->fallbacks)
+ {
+ fallback->fallbacks = array_create(0, 0);
+ }
+ array_insert_create(&found->fallbacks, ARRAY_TAIL, fallback);
+ }
this->lock->unlock(this->lock);
- return found;
}
/**
* Find the key/value pair for a key, using buffered key, reusable buffer
* If "ensure" is TRUE, the sections (and key/value pair) are created if they
* don't exist.
+ * Fallbacks are only considered if "ensure" is FALSE.
*/
static kv_t *find_value_buffered(section_t *section, char *start, char *key,
va_list args, char *buf, int len, bool ensure)
{
+ int i;
char *pos;
kv_t *kv = NULL;
section_t *found = NULL;
@@ -330,25 +491,40 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
if (pos)
{
*pos = '\0';
- pos++;
-
if (!print_key(buf, len, start, key, args))
{
return NULL;
}
- if (section->sections->find_first(section->sections,
- (linked_list_match_t)section_find,
- (void**)&found, buf) != SUCCESS)
+ /* restore so we can retry for fallbacks */
+ *pos = '.';
+ if (!strlen(buf))
+ {
+ found = section;
+ }
+ else if (array_bsearch(section->sections, buf, section_find,
+ &found) == -1)
{
- if (!ensure)
+ if (ensure)
{
- return NULL;
+ found = section_create(buf);
+ array_insert_create(&section->sections, ARRAY_TAIL, found);
+ array_sort(section->sections, section_sort, NULL);
+ }
+ }
+ if (found)
+ {
+ kv = find_value_buffered(found, start, pos+1, args, buf, len,
+ ensure);
+ }
+ if (!kv && !ensure && section->fallbacks)
+ {
+ for (i = 0; !kv && i < array_count(section->fallbacks); i++)
+ {
+ array_get(section->fallbacks, i, &found);
+ kv = find_value_buffered(found, start, key, args, buf, len,
+ ensure);
}
- found = section_create(buf);
- section->sections->insert_last(section->sections, found);
}
- return find_value_buffered(found, start, pos, args, buf, len,
- ensure);
}
else
{
@@ -356,13 +532,22 @@ static kv_t *find_value_buffered(section_t *section, char *start, char *key,
{
return NULL;
}
- if (section->kv->find_first(section->kv, (linked_list_match_t)kv_find,
- (void**)&kv, buf) != SUCCESS)
+ if (array_bsearch(section->kv, buf, kv_find, &kv) == -1)
{
if (ensure)
{
kv = kv_create(buf, NULL);
- section->kv->insert_last(section->kv, kv);
+ array_insert_create(&section->kv, ARRAY_TAIL, kv);
+ array_sort(section->kv, kv_sort, NULL);
+ }
+ else if (section->fallbacks)
+ {
+ for (i = 0; !kv && i < array_count(section->fallbacks); i++)
+ {
+ array_get(section->fallbacks, i, &found);
+ kv = find_value_buffered(found, start, key, args, buf, len,
+ ensure);
+ }
}
}
}
@@ -429,7 +614,7 @@ static void set_value(private_settings_t *this, section_t *section,
}
METHOD(settings_t, get_str, char*,
- private_settings_t *this, char *key, char *def, ...)
+ private_settings_t *this, char *key, char *def, ...)
{
char *value;
va_list args;
@@ -470,7 +655,7 @@ inline bool settings_value_as_bool(char *value, bool def)
}
METHOD(settings_t, get_bool, bool,
- private_settings_t *this, char *key, bool def, ...)
+ private_settings_t *this, char *key, bool def, ...)
{
char *value;
va_list args;
@@ -500,7 +685,7 @@ inline int settings_value_as_int(char *value, int def)
}
METHOD(settings_t, get_int, int,
- private_settings_t *this, char *key, int def, ...)
+ private_settings_t *this, char *key, int def, ...)
{
char *value;
va_list args;
@@ -530,7 +715,7 @@ inline double settings_value_as_double(char *value, double def)
}
METHOD(settings_t, get_double, double,
- private_settings_t *this, char *key, double def, ...)
+ private_settings_t *this, char *key, double def, ...)
{
char *value;
va_list args;
@@ -576,7 +761,7 @@ inline u_int32_t settings_value_as_time(char *value, u_int32_t def)
}
METHOD(settings_t, get_time, u_int32_t,
- private_settings_t *this, char *key, u_int32_t def, ...)
+ private_settings_t *this, char *key, u_int32_t def, ...)
{
char *value;
va_list args;
@@ -588,7 +773,7 @@ METHOD(settings_t, get_time, u_int32_t,
}
METHOD(settings_t, set_str, void,
- private_settings_t *this, char *key, char *value, ...)
+ private_settings_t *this, char *key, char *value, ...)
{
va_list args;
va_start(args, value);
@@ -597,7 +782,7 @@ METHOD(settings_t, set_str, void,
}
METHOD(settings_t, set_bool, void,
- private_settings_t *this, char *key, bool value, ...)
+ private_settings_t *this, char *key, bool value, ...)
{
va_list args;
va_start(args, value);
@@ -606,7 +791,7 @@ METHOD(settings_t, set_bool, void,
}
METHOD(settings_t, set_int, void,
- private_settings_t *this, char *key, int value, ...)
+ private_settings_t *this, char *key, int value, ...)
{
char val[16];
va_list args;
@@ -619,7 +804,7 @@ METHOD(settings_t, set_int, void,
}
METHOD(settings_t, set_double, void,
- private_settings_t *this, char *key, double value, ...)
+ private_settings_t *this, char *key, double value, ...)
{
char val[64];
va_list args;
@@ -632,7 +817,7 @@ METHOD(settings_t, set_double, void,
}
METHOD(settings_t, set_time, void,
- private_settings_t *this, char *key, u_int32_t value, ...)
+ private_settings_t *this, char *key, u_int32_t value, ...)
{
char val[16];
va_list args;
@@ -645,7 +830,7 @@ METHOD(settings_t, set_time, void,
}
METHOD(settings_t, set_default_str, bool,
- private_settings_t *this, char *key, char *value, ...)
+ private_settings_t *this, char *key, char *value, ...)
{
char *old;
va_list args;
@@ -665,63 +850,143 @@ METHOD(settings_t, set_default_str, bool,
}
/**
+ * Data for enumerators
+ */
+typedef struct {
+ /** settings_t instance */
+ private_settings_t *settings;
+ /** sections to enumerate */
+ array_t *sections;
+ /** sections/keys that were already enumerated */
+ hashtable_t *seen;
+} enumerator_data_t;
+
+/**
+ * Destroy enumerator data
+ */
+static void enumerator_destroy(enumerator_data_t *this)
+{
+ this->settings->lock->unlock(this->settings->lock);
+ this->seen->destroy(this->seen);
+ array_destroy(this->sections);
+ free(this);
+}
+
+/**
* Enumerate section names, not sections
*/
-static bool section_filter(void *null, section_t **in, char **out)
+static bool section_filter(hashtable_t *seen, section_t **in, char **out)
{
*out = (*in)->name;
+ if (seen->get(seen, *out))
+ {
+ return FALSE;
+ }
+ seen->put(seen, *out, *out);
return TRUE;
}
+/**
+ * Enumerate sections of the given section
+ */
+static enumerator_t *section_enumerator(section_t *section,
+ enumerator_data_t *data)
+{
+ return enumerator_create_filter(array_create_enumerator(section->sections),
+ (void*)section_filter, data->seen, NULL);
+}
+
METHOD(settings_t, create_section_enumerator, enumerator_t*,
- private_settings_t *this, char *key, ...)
+ private_settings_t *this, char *key, ...)
{
- section_t *section;
+ enumerator_data_t *data;
+ array_t *sections;
va_list args;
+ this->lock->read_lock(this->lock);
va_start(args, key);
- section = find_section(this, this->top, key, args);
+ sections = find_sections(this, this->top, key, args);
va_end(args);
- if (!section)
+ if (!sections)
{
+ this->lock->unlock(this->lock);
return enumerator_create_empty();
}
- this->lock->read_lock(this->lock);
- return enumerator_create_filter(
- section->sections->create_enumerator(section->sections),
- (void*)section_filter, this->lock, (void*)this->lock->unlock);
+ INIT(data,
+ .settings = this,
+ .sections = sections,
+ .seen = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8),
+ );
+ return enumerator_create_nested(array_create_enumerator(sections),
+ (void*)section_enumerator, data, (void*)enumerator_destroy);
}
/**
* Enumerate key and values, not kv_t entries
*/
-static bool kv_filter(void *null, kv_t **in, char **key,
+static bool kv_filter(hashtable_t *seen, kv_t **in, char **key,
void *none, char **value)
{
*key = (*in)->key;
+ if (seen->get(seen, *key))
+ {
+ return FALSE;
+ }
*value = (*in)->value;
+ seen->put(seen, *key, *key);
return TRUE;
}
+/**
+ * Enumerate key/value pairs of the given section
+ */
+static enumerator_t *kv_enumerator(section_t *section, enumerator_data_t *data)
+{
+ return enumerator_create_filter(array_create_enumerator(section->kv),
+ (void*)kv_filter, data->seen, NULL);
+}
+
METHOD(settings_t, create_key_value_enumerator, enumerator_t*,
- private_settings_t *this, char *key, ...)
+ private_settings_t *this, char *key, ...)
{
- section_t *section;
+ enumerator_data_t *data;
+ array_t *sections;
va_list args;
+ this->lock->read_lock(this->lock);
va_start(args, key);
- section = find_section(this, this->top, key, args);
+ sections = find_sections(this, this->top, key, args);
va_end(args);
- if (!section)
+ if (!sections)
{
+ this->lock->unlock(this->lock);
return enumerator_create_empty();
}
- this->lock->read_lock(this->lock);
- return enumerator_create_filter(
- section->kv->create_enumerator(section->kv),
- (void*)kv_filter, this->lock, (void*)this->lock->unlock);
+ INIT(data,
+ .settings = this,
+ .sections = sections,
+ .seen = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8),
+ );
+ return enumerator_create_nested(array_create_enumerator(sections),
+ (void*)kv_enumerator, data, (void*)enumerator_destroy);
+}
+
+METHOD(settings_t, add_fallback, void,
+ private_settings_t *this, const char *key, const char *fallback, ...)
+{
+ section_t *section;
+ va_list args;
+
+ /* find/create the fallback */
+ va_start(args, fallback);
+ section = ensure_section(this, this->top, fallback, args);
+ va_end(args);
+
+ va_start(args, fallback);
+ add_fallback_to_section(this, this->top, key, args, section);
+ va_end(args);
}
/**
@@ -881,15 +1146,15 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
section->name);
continue;
}
- if (section->sections->find_first(section->sections,
- (linked_list_match_t)section_find,
- (void**)&sub, key) != SUCCESS)
+ if (array_bsearch(section->sections, key, section_find,
+ &sub) == -1)
{
sub = section_create(key);
if (parse_section(contents, file, level, &inner, sub))
{
- section->sections->insert_last(section->sections,
- sub);
+ array_insert_create(&section->sections, ARRAY_TAIL,
+ sub);
+ array_sort(section->sections, section_sort, NULL);
continue;
}
section_destroy(sub);
@@ -916,12 +1181,11 @@ static bool parse_section(linked_list_t *contents, char *file, int level,
section->name);
continue;
}
- if (section->kv->find_first(section->kv,
- (linked_list_match_t)kv_find,
- (void**)&kv, key) != SUCCESS)
+ if (array_bsearch(section->kv, key, kv_find, &kv) == -1)
{
kv = kv_create(key, value);
- section->kv->insert_last(section->kv, kv);
+ array_insert_create(&section->kv, ARRAY_TAIL, kv);
+ array_sort(section->kv, kv_sort, NULL);
}
else
{ /* replace with the most recently read value */
@@ -1037,8 +1301,7 @@ static bool parse_files(linked_list_t *contents, char *file, int level,
}
else
{ /* base relative paths to the directory of the current file */
- char *dir = strdup(file);
- dir = dirname(dir);
+ char *dir = path_dirname(file);
if (snprintf(pat, sizeof(pat), "%s/%s", dir, pattern) >= sizeof(pat))
{
DBG1(DBG_LIB, "include pattern too long, ignored");
@@ -1092,37 +1355,37 @@ static void section_extend(section_t *base, section_t *extension)
section_t *sec;
kv_t *kv;
- enumerator = extension->sections->create_enumerator(extension->sections);
+ enumerator = array_create_enumerator(extension->sections);
while (enumerator->enumerate(enumerator, (void**)&sec))
{
section_t *found;
- if (base->sections->find_first(base->sections,
- (linked_list_match_t)section_find, (void**)&found,
- sec->name) == SUCCESS)
+ if (array_bsearch(base->sections, sec->name, section_find,
+ &found) != -1)
{
section_extend(found, sec);
}
else
{
- extension->sections->remove_at(extension->sections, enumerator);
- base->sections->insert_last(base->sections, sec);
+ array_remove_at(extension->sections, enumerator);
+ array_insert_create(&base->sections, ARRAY_TAIL, sec);
+ array_sort(base->sections, section_sort, NULL);
}
}
enumerator->destroy(enumerator);
- enumerator = extension->kv->create_enumerator(extension->kv);
+ enumerator = array_create_enumerator(extension->kv);
while (enumerator->enumerate(enumerator, (void**)&kv))
{
kv_t *found;
- if (base->kv->find_first(base->kv, (linked_list_match_t)kv_find,
- (void**)&found, kv->key) == SUCCESS)
+ if (array_bsearch(base->kv, kv->key, kv_find, &found) != -1)
{
found->value = kv->value;
}
else
{
- extension->kv->remove_at(extension->kv, enumerator);
- base->kv->insert_last(base->kv, kv);
+ array_remove_at(extension->kv, enumerator);
+ array_insert_create(&base->kv, ARRAY_TAIL, kv);
+ array_sort(base->kv, kv_sort, NULL);
}
}
enumerator->destroy(enumerator);
@@ -1179,13 +1442,13 @@ static bool load_files_internal(private_settings_t *this, section_t *parent,
}
METHOD(settings_t, load_files, bool,
- private_settings_t *this, char *pattern, bool merge)
+ private_settings_t *this, char *pattern, bool merge)
{
return load_files_internal(this, this->top, pattern, merge);
}
METHOD(settings_t, load_files_section, bool,
- private_settings_t *this, char *pattern, bool merge, char *key, ...)
+ private_settings_t *this, char *pattern, bool merge, char *key, ...)
{
section_t *section;
va_list args;
@@ -1202,7 +1465,7 @@ METHOD(settings_t, load_files_section, bool,
}
METHOD(settings_t, destroy, void,
- private_settings_t *this)
+ private_settings_t *this)
{
section_destroy(this->top);
this->contents->destroy_function(this->contents, (void*)free);
@@ -1232,6 +1495,7 @@ settings_t *settings_create(char *file)
.set_default_str = _set_default_str,
.create_section_enumerator = _create_section_enumerator,
.create_key_value_enumerator = _create_key_value_enumerator,
+ .add_fallback = _add_fallback,
.load_files = _load_files,
.load_files_section = _load_files_section,
.destroy = _destroy,
diff --git a/src/libstrongswan/utils/settings.h b/src/libstrongswan/utils/settings.h
index df0c534e9..46403c4d3 100644
--- a/src/libstrongswan/utils/settings.h
+++ b/src/libstrongswan/utils/settings.h
@@ -269,6 +269,31 @@ struct settings_t {
char *section, ...);
/**
+ * Add a fallback for the given section.
+ *
+ * Example: When the fallback 'section-two' is configured for
+ * 'section-one.two' any failed lookup for a section or key in
+ * 'section-one.two' will result in a lookup for the same section/key
+ * in 'section-two'.
+ *
+ * @note Lookups are depth-first and currently strictly top-down.
+ * For instance, if app.sec had lib1.sec as fallback and lib1 had lib2 as
+ * fallback the keys/sections in lib2.sec would not be considered. But if
+ * app had lib3 as fallback the contents of lib3.sec would (as app is passed
+ * during the initial lookup). In the last example the order during
+ * enumerations would be app.sec, lib1.sec, lib3.sec.
+ *
+ * @note Additional arguments will be applied to both section format
+ * strings so they must be compatible.
+ *
+ * @param section section for which a fallback is configured, printf style
+ * @param fallback fallback section, printf style
+ * @param ... argument list for section and fallback
+ */
+ void (*add_fallback)(settings_t *this, const char *section,
+ const char *fallback, ...);
+
+ /**
* Load settings from the files matching the given pattern.
*
* If merge is TRUE, existing sections are extended, existing values
diff --git a/src/libstrongswan/utils/test.c b/src/libstrongswan/utils/test.c
new file mode 100644
index 000000000..7de5a7661
--- /dev/null
+++ b/src/libstrongswan/utils/test.c
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "test.h"
+
+#include <library.h>
+
+/**
+ * A collection of testable functions
+ */
+hashtable_t *testable_functions;
+
+/*
+ * Described in header.
+ */
+void testable_function_register(char *name, void *fn)
+{
+ if (testable_functions)
+ {
+ bool old = FALSE;
+ if (lib->leak_detective)
+ {
+ old = lib->leak_detective->set_state(lib->leak_detective, FALSE);
+ }
+ if (fn)
+ {
+ testable_functions->put(testable_functions, name, fn);
+ }
+ else
+ {
+ testable_functions->remove(testable_functions, name);
+ }
+ if (lib->leak_detective)
+ {
+ lib->leak_detective->set_state(lib->leak_detective, old);
+ }
+ }
+}
diff --git a/src/libstrongswan/utils/test.h b/src/libstrongswan/utils/test.h
new file mode 100644
index 000000000..5b7289244
--- /dev/null
+++ b/src/libstrongswan/utils/test.h
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup test test
+ * @{ @ingroup utils
+ */
+
+#ifndef TEST_H_
+#define TEST_H_
+
+#include "collections/hashtable.h"
+
+/**
+ * Collection of testable functions.
+ *
+ * @note Is initialized only if libtest is loaded.
+ */
+extern hashtable_t *testable_functions;
+
+/**
+ * Register a (possibly static) function so that it can be called from tests.
+ *
+ * @param name name (namespace/function)
+ * @param fn function to register (set to NULL to unregister)
+ */
+void testable_function_register(char *name, void *fn);
+
+/**
+ * Macro to automatically register/unregister a function that can be called
+ * from tests.
+ *
+ * @note The constructor has a priority set so that it runs after the
+ * constructor that creates the hashtable. The destructor, on the other hand,
+ * does not have a priority set, as test coverage would report that function as
+ * untested otherwise.
+ *
+ * @param ns namespace
+ * @param fn function to register
+ */
+#define EXPORT_FUNCTION_FOR_TESTS(ns, fn) \
+static void testable_function_register_##fn() __attribute__ ((constructor(2000))); \
+static void testable_function_register_##fn() \
+{ \
+ testable_function_register(#ns "/" #fn, fn); \
+} \
+static void testable_function_unregister_##fn() __attribute__ ((destructor)); \
+static void testable_function_unregister_##fn() \
+{ \
+ testable_function_register(#ns "/" #fn, NULL); \
+}
+
+/**
+ * Import a registered function so that it can be called from tests.
+ *
+ * @note If the imported function is static (or no conflicting header files
+ * are included) ret can be prefixed with static to declare the function static.
+ *
+ * @note We allocate an arbitrary amount of stack space, hopefully enough for
+ * all arguments.
+ *
+ * @param ns namespace of the function
+ * @param name name of the function
+ * @param ret return type of the function
+ * @param ... arguments of the function
+ */
+#define IMPORT_FUNCTION_FOR_TESTS(ns, name, ret, ...) \
+ret name(__VA_ARGS__) \
+{ \
+ void (*fn)() = NULL; \
+ if (testable_functions) \
+ { \
+ fn = testable_functions->get(testable_functions, #ns "/" #name); \
+ } \
+ if (fn) \
+ { \
+ void *args = __builtin_apply_args(); \
+ __builtin_return(__builtin_apply(fn, args, 16*sizeof(void*))); \
+ } \
+ test_fail_msg(__FILE__, __LINE__, "function " #name " (" #ns ") not found"); \
+ __builtin_return(NULL); \
+}
+
+#endif /** TEST_H_ @}*/
diff --git a/src/libstrongswan/utils/utils.c b/src/libstrongswan/utils/utils.c
index 266fb4357..fe80edb82 100644
--- a/src/libstrongswan/utils/utils.c
+++ b/src/libstrongswan/utils/utils.c
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2012 Tobias Brunner
+ * Copyright (C) 2008-2014 Tobias Brunner
* Copyright (C) 2005-2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -14,8 +14,7 @@
* for more details.
*/
-#include "utils.h"
-
+#define _GNU_SOURCE /* for memrchr */
#include <sys/stat.h>
#include <string.h>
#include <stdio.h>
@@ -27,6 +26,8 @@
#include <time.h>
#include <pthread.h>
+#include "utils.h"
+
#include "collections/enumerator.h"
#include "utils/debug.h"
#include "utils/chunk.h"
@@ -102,7 +103,7 @@ void memwipe_noinline(void *ptr, size_t n)
*/
void *memstr(const void *haystack, const char *needle, size_t n)
{
- unsigned const char *pos = haystack;
+ const u_char *pos = haystack;
size_t l;
if (!haystack || !needle || (l = strlen(needle)) == 0)
@@ -122,6 +123,28 @@ void *memstr(const void *haystack, const char *needle, size_t n)
/**
* Described in header.
*/
+void *utils_memrchr(const void *s, int c, size_t n)
+{
+ const u_char *pos;
+
+ if (!s || !n)
+ {
+ return NULL;
+ }
+
+ for (pos = s + n - 1; pos >= (u_char*)s; pos--)
+ {
+ if (*pos == (u_char)c)
+ {
+ return (void*)pos;
+ }
+ }
+ return NULL;
+}
+
+/**
+ * Described in header.
+ */
char* translate(char *str, const char *from, const char *to)
{
char *pos = str;
@@ -144,6 +167,115 @@ char* translate(char *str, const char *from, const char *to)
/**
* Described in header.
*/
+char* strreplace(const char *str, const char *search, const char *replace)
+{
+ size_t len, slen, rlen, count = 0;
+ char *res, *pos, *found, *dst;
+
+ if (!str || !*str || !search || !*search || !replace)
+ {
+ return (char*)str;
+ }
+ slen = strlen(search);
+ rlen = strlen(replace);
+ if (slen != rlen)
+ {
+ for (pos = (char*)str; (pos = strstr(pos, search)); pos += slen)
+ {
+ found = pos;
+ count++;
+ }
+ if (!count)
+ {
+ return (char*)str;
+ }
+ len = (found - str) + strlen(found) + count * (rlen - slen);
+ }
+ else
+ {
+ len = strlen(str);
+ }
+ found = strstr(str, search);
+ if (!found)
+ {
+ return (char*)str;
+ }
+ dst = res = malloc(len + 1);
+ pos = (char*)str;
+ do
+ {
+ len = found - pos;
+ memcpy(dst, pos, len);
+ dst += len;
+ memcpy(dst, replace, rlen);
+ dst += rlen;
+ pos = found + slen;
+ }
+ while ((found = strstr(pos, search)));
+ strcpy(dst, pos);
+ return res;
+}
+
+/**
+ * Described in header.
+ */
+char* path_dirname(const char *path)
+{
+ char *pos;
+
+ pos = path ? strrchr(path, '/') : NULL;
+
+ if (pos && !pos[1])
+ { /* if path ends with slashes we have to look beyond them */
+ while (pos > path && *pos == '/')
+ { /* skip trailing slashes */
+ pos--;
+ }
+ pos = memrchr(path, '/', pos - path + 1);
+ }
+ if (!pos)
+ {
+ return strdup(".");
+ }
+ while (pos > path && *pos == '/')
+ { /* skip superfluous slashes */
+ pos--;
+ }
+ return strndup(path, pos - path + 1);
+}
+
+/**
+ * Described in header.
+ */
+char* path_basename(const char *path)
+{
+ char *pos, *trail = NULL;
+
+ if (!path || !*path)
+ {
+ return strdup(".");
+ }
+ pos = strrchr(path, '/');
+ if (pos && !pos[1])
+ { /* if path ends with slashes we have to look beyond them */
+ while (pos > path && *pos == '/')
+ { /* skip trailing slashes */
+ pos--;
+ }
+ if (pos == path && *pos == '/')
+ { /* contains only slashes */
+ return strdup("/");
+ }
+ trail = pos + 1;
+ pos = memrchr(path, '/', trail - path);
+ }
+ pos = pos ? pos + 1 : (char*)path;
+ return trail ? strndup(pos, trail - pos) : strdup(pos);
+}
+
+/**
+ * Described in header.
+ */
bool mkdir_p(const char *path, mode_t mode)
{
int len;
@@ -251,84 +383,6 @@ char* tty_escape_get(int fd, tty_escape_t escape)
return "";
}
-/**
- * The size of the thread-specific error buffer
- */
-#define STRERROR_BUF_LEN 256
-
-/**
- * Key to store thread-specific error buffer
- */
-static pthread_key_t strerror_buf_key;
-
-/**
- * Only initialize the key above once
- */
-static pthread_once_t strerror_buf_key_once = PTHREAD_ONCE_INIT;
-
-/**
- * Create the key used for the thread-specific error buffer
- */
-static void create_strerror_buf_key()
-{
- pthread_key_create(&strerror_buf_key, free);
-}
-
-/**
- * Retrieve the error buffer assigned to the current thread (or create it)
- */
-static inline char *get_strerror_buf()
-{
- char *buf;
-
- pthread_once(&strerror_buf_key_once, create_strerror_buf_key);
- buf = pthread_getspecific(strerror_buf_key);
- if (!buf)
- {
- buf = malloc(STRERROR_BUF_LEN);
- pthread_setspecific(strerror_buf_key, buf);
- }
- return buf;
-}
-
-#ifdef HAVE_STRERROR_R
-/*
- * Described in header.
- */
-const char *safe_strerror(int errnum)
-{
- char *buf = get_strerror_buf(), *msg;
-
-#ifdef STRERROR_R_CHAR_P
- /* char* version which may or may not return the original buffer */
- msg = strerror_r(errnum, buf, STRERROR_BUF_LEN);
-#else
- /* int version returns 0 on success */
- msg = strerror_r(errnum, buf, STRERROR_BUF_LEN) ? "Unknown error" : buf;
-#endif
- return msg;
-}
-#else /* HAVE_STRERROR_R */
-/* we actually wan't to call strerror(3) below */
-#undef strerror
-/*
- * Described in header.
- */
-const char *safe_strerror(int errnum)
-{
- static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
- char *buf = get_strerror_buf();
-
- /* use a mutex to ensure calling strerror(3) is thread-safe */
- pthread_mutex_lock(&mutex);
- strncpy(buf, strerror(errnum), STRERROR_BUF_LEN);
- pthread_mutex_unlock(&mutex);
- buf[STRERROR_BUF_LEN - 1] = '\0';
- return buf;
-}
-#endif /* HAVE_STRERROR_R */
-
-
#ifndef HAVE_CLOSEFROM
/**
* Described in header.
@@ -570,7 +624,7 @@ int time_printf_hook(printf_hook_data_t *data, printf_hook_spec_t *spec,
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
};
time_t *time = *((time_t**)(args[0]));
- bool utc = *((bool*)(args[1]));;
+ bool utc = *((int*)(args[1]));
struct tm t;
if (*time == UNDEFINED_TIME)
diff --git a/src/libstrongswan/utils/utils.h b/src/libstrongswan/utils/utils.h
index cda7edf08..a55e7d831 100644
--- a/src/libstrongswan/utils/utils.h
+++ b/src/libstrongswan/utils/utils.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2012 Tobias Brunner
+ * Copyright (C) 2008-2014 Tobias Brunner
* Copyright (C) 2008 Martin Willi
* Hochschule fuer Technik Rapperswil
*
@@ -30,6 +30,7 @@
#include <string.h>
#include "enum.h"
+#include "utils/strerror.h"
/**
* strongSwan program return codes
@@ -464,6 +465,20 @@ static inline void memwipe(void *ptr, size_t n)
void *memstr(const void *haystack, const char *needle, size_t n);
/**
+ * Replacement for memrchr(3) if it is not provided by the C library.
+ *
+ * @param s start of the memory area to search
+ * @param c character to search
+ * @param n length of memory area to search
+ * @return pointer to the found character or NULL
+ */
+void *utils_memrchr(const void *s, int c, size_t n);
+
+#ifndef HAVE_MEMRCHR
+#define memrchr(s,c,n) utils_memrchr(s,c,n)
+#endif
+
+/**
* Translates the characters in the given string, searching for characters
* in 'from' and mapping them to characters in 'to'.
* The two characters sets 'from' and 'to' must contain the same number of
@@ -472,36 +487,59 @@ void *memstr(const void *haystack, const char *needle, size_t n);
char *translate(char *str, const char *from, const char *to);
/**
- * Creates a directory and all required parent directories.
+ * Replaces all occurrences of search in the given string with replace.
*
- * @param path path to the new directory
- * @param mode permissions of the new directory/directories
- * @return TRUE on success
+ * Allocates memory only if anything is replaced in the string. The original
+ * string is also returned if any of the arguments are invalid (e.g. if search
+ * is empty or any of them are NULL).
+ *
+ * @param str original string
+ * @param search string to search for and replace
+ * @param replace string to replace found occurrences with
+ * @return allocated string, if anything got replaced, str otherwise
*/
-bool mkdir_p(const char *path, mode_t mode);
+char *strreplace(const char *str, const char *search, const char *replace);
/**
- * Thread-safe wrapper around strerror and strerror_r.
+ * Like dirname(3) returns the directory part of the given null-terminated
+ * pathname, up to but not including the final '/' (or '.' if no '/' is found).
+ * Trailing '/' are not counted as part of the pathname.
*
- * This is required because the first is not thread-safe (on some platforms)
- * and the second uses two different signatures (POSIX/GNU) and is impractical
- * to use anyway.
+ * The difference is that it does this in a thread-safe manner (i.e. it does not
+ * use static buffers) and does not modify the original path.
*
- * @param errnum error code (i.e. errno)
- * @return error message
+ * @param path original pathname
+ * @return allocated directory component
*/
-const char *safe_strerror(int errnum);
+char *path_dirname(const char *path);
/**
- * Replace usages of strerror(3) with thread-safe variant.
+ * Like basename(3) returns the filename part of the given null-terminated path,
+ * i.e. the part following the final '/' (or '.' if path is empty or NULL).
+ * Trailing '/' are not counted as part of the pathname.
+ *
+ * The difference is that it does this in a thread-safe manner (i.e. it does not
+ * use static buffers) and does not modify the original path.
+ *
+ * @param path original pathname
+ * @return allocated filename component
*/
-#define strerror(errnum) safe_strerror(errnum)
+char *path_basename(const char *path);
+
+/**
+ * Creates a directory and all required parent directories.
+ *
+ * @param path path to the new directory
+ * @param mode permissions of the new directory/directories
+ * @return TRUE on success
+ */
+bool mkdir_p(const char *path, mode_t mode);
#ifndef HAVE_CLOSEFROM
/**
* Close open file descriptors greater than or equal to lowfd.
*
- * @param lowfd start closing file descriptoros from here
+ * @param lowfd start closing file descriptors from here
*/
void closefrom(int lowfd);
#endif
diff --git a/src/libstrongswan/utils/utils/strerror.c b/src/libstrongswan/utils/utils/strerror.c
new file mode 100644
index 000000000..95e463f5f
--- /dev/null
+++ b/src/libstrongswan/utils/utils/strerror.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2012-2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <pthread.h>
+
+#include "strerror.h"
+
+/**
+ * The size of the thread-specific error buffer
+ */
+#define STRERROR_BUF_LEN 256
+
+/**
+ * Key to store thread-specific error buffer
+ */
+static pthread_key_t strerror_buf_key;
+
+/**
+ * Only initialize the key above once
+ */
+static pthread_once_t strerror_buf_key_once = PTHREAD_ONCE_INIT;
+
+/**
+ * Create the key used for the thread-specific error buffer
+ */
+static void create_strerror_buf_key()
+{
+ pthread_key_create(&strerror_buf_key, free);
+}
+
+/**
+ * Retrieve the error buffer assigned to the current thread (or create it)
+ */
+static inline char *get_strerror_buf()
+{
+ char *buf;
+
+ pthread_once(&strerror_buf_key_once, create_strerror_buf_key);
+ buf = pthread_getspecific(strerror_buf_key);
+ if (!buf)
+ {
+ buf = malloc(STRERROR_BUF_LEN);
+ pthread_setspecific(strerror_buf_key, buf);
+ }
+ return buf;
+}
+
+#ifdef HAVE_STRERROR_R
+/*
+ * Described in header.
+ */
+const char *strerror_safe(int errnum)
+{
+ char *buf = get_strerror_buf(), *msg;
+
+#ifdef STRERROR_R_CHAR_P
+ /* char* version which may or may not return the original buffer */
+ msg = strerror_r(errnum, buf, STRERROR_BUF_LEN);
+#else
+ /* int version returns 0 on success */
+ msg = strerror_r(errnum, buf, STRERROR_BUF_LEN) ? "Unknown error" : buf;
+#endif
+ return msg;
+}
+#else /* HAVE_STRERROR_R */
+/* we actually wan't to call strerror(3) below */
+#undef strerror
+/*
+ * Described in header.
+ */
+const char *strerror_safe(int errnum)
+{
+ static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
+ char *buf = get_strerror_buf();
+
+ /* use a mutex to ensure calling strerror(3) is thread-safe */
+ pthread_mutex_lock(&mutex);
+ strncpy(buf, strerror(errnum), STRERROR_BUF_LEN);
+ pthread_mutex_unlock(&mutex);
+ buf[STRERROR_BUF_LEN - 1] = '\0';
+ return buf;
+}
+#endif /* HAVE_STRERROR_R */
diff --git a/src/libstrongswan/utils/utils/strerror.h b/src/libstrongswan/utils/utils/strerror.h
new file mode 100644
index 000000000..2cb76f12e
--- /dev/null
+++ b/src/libstrongswan/utils/utils/strerror.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012-2014 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @{ @ingroup utils
+ */
+
+#ifndef STRERROR_H_
+#define STRERROR_H_
+
+/**
+ * Thread-safe wrapper around strerror and strerror_r.
+ *
+ * This is required because the first is not thread-safe (on some platforms)
+ * and the second uses two different signatures (POSIX/GNU) and is impractical
+ * to use anyway.
+ *
+ * @param errnum error code (i.e. errno)
+ * @return error message
+ */
+const char *strerror_safe(int errnum);
+
+/**
+ * Replace usages of strerror(3) with thread-safe variant.
+ */
+#define strerror(errnum) strerror_safe(errnum)
+
+#endif /** STRERROR_H_ @}*/
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 17:23:13 +0000