summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto/crypters
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/crypto/crypters')
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.c147
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.h74
2 files changed, 183 insertions, 38 deletions
diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c
index 13ba9c6e2..ebd35a8a0 100644
--- a/src/libstrongswan/crypto/crypters/crypter.c
+++ b/src/libstrongswan/crypto/crypters/crypter.c
@@ -12,22 +12,20 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * $Id: crypter.c 4880 2009-02-18 19:45:46Z tobias $
*/
+#include <asn1/oid.h>
+
#include "crypter.h"
-ENUM_BEGIN(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_UNDEFINED,
- "UNDEFINED");
-ENUM_NEXT(encryption_algorithm_names, ENCR_DES_IV64, ENCR_DES_IV32, ENCR_UNDEFINED,
+ENUM_BEGIN(encryption_algorithm_names, ENCR_DES_IV64, ENCR_DES_IV32,
"DES_IV64",
- "DES",
- "3DES",
- "RC5",
- "IDEA",
- "CAST",
- "BLOWFISH",
+ "DES_CBC",
+ "3DES_CBC",
+ "RC5_CBC",
+ "IDEA_CBC",
+ "CAST_CBC",
+ "BLOWFISH_CBC",
"3IDEA",
"DES_IV32");
ENUM_NEXT(encryption_algorithm_names, ENCR_NULL, ENCR_AES_CCM_ICV16, ENCR_DES_IV32,
@@ -37,11 +35,128 @@ ENUM_NEXT(encryption_algorithm_names, ENCR_NULL, ENCR_AES_CCM_ICV16, ENCR_DES_IV
"AES_CCM_8",
"AES_CCM_12",
"AES_CCM_16");
-ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_AES_GCM_ICV16, ENCR_AES_CCM_ICV16,
+ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_NULL_AUTH_AES_GMAC, ENCR_AES_CCM_ICV16,
"AES_GCM_8",
"AES_GCM_12",
- "AES_GCM_16");
-ENUM_NEXT(encryption_algorithm_names, ENCR_DES_ECB, ENCR_DES_ECB, ENCR_AES_GCM_ICV16,
- "DES_ECB");
-ENUM_END(encryption_algorithm_names, ENCR_DES_ECB);
+ "AES_GCM_16",
+ "NULL_AES_GMAC");
+ENUM_NEXT(encryption_algorithm_names, ENCR_CAMELLIA_CBC, ENCR_CAMELLIA_CCM_ICV16, ENCR_NULL_AUTH_AES_GMAC,
+ "CAMELLIA_CBC",
+ "CAMELLIA_CTR",
+ "CAMELLIA_CCM_8",
+ "CAMELLIA_CCM_12",
+ "CAMELLIA_CCM_16");
+ENUM_NEXT(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_TWOFISH_CBC, ENCR_CAMELLIA_CCM_ICV16,
+ "UNDEFINED",
+ "DES_ECB",
+ "SERPENT_CBC",
+ "TWOFISH_CBC");
+ENUM_END(encryption_algorithm_names, ENCR_TWOFISH_CBC);
+
+/*
+ * Described in header.
+ */
+encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size)
+{
+ encryption_algorithm_t alg;
+ size_t alg_key_size;
+
+ switch (oid)
+ {
+ case OID_DES_CBC:
+ alg = ENCR_DES;
+ alg_key_size = 0;
+ break;
+ case OID_3DES_EDE_CBC:
+ alg = ENCR_3DES;
+ alg_key_size = 0;
+ break;
+ case OID_AES128_CBC:
+ alg = ENCR_AES_CBC;
+ alg_key_size = 128;
+ break;
+ case OID_AES192_CBC:
+ alg = ENCR_AES_CBC;
+ alg_key_size = 192;
+ break;
+ case OID_AES256_CBC:
+ alg = ENCR_AES_CBC;
+ alg_key_size = 256;
+ break;
+ case OID_CAMELLIA128_CBC:
+ alg = ENCR_CAMELLIA_CBC;
+ alg_key_size = 128;
+ break;
+ case OID_CAMELLIA192_CBC:
+ alg = ENCR_CAMELLIA_CBC;
+ alg_key_size = 192;
+ break;
+ case OID_CAMELLIA256_CBC:
+ alg = ENCR_CAMELLIA_CBC;
+ alg_key_size = 256;
+ break;
+ default:
+ alg = ENCR_UNDEFINED;
+ alg_key_size = 0;
+ }
+ if (key_size)
+ {
+ *key_size = alg_key_size;
+ }
+ return alg;
+}
+
+/*
+ * Described in header.
+ */
+int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size)
+{
+ int oid;
+
+ switch(alg)
+ {
+ case ENCR_DES:
+ oid = OID_DES_CBC;
+ break;
+ case ENCR_3DES:
+ oid = OID_3DES_EDE_CBC;
+ break;
+ case ENCR_AES_CBC:
+ switch (key_size)
+ {
+ case 128:
+ oid = OID_AES128_CBC;
+ break;
+ case 192:
+ oid = OID_AES192_CBC;
+ break;
+ case 256:
+ oid = OID_AES256_CBC;
+ break;
+ default:
+ oid = OID_UNKNOWN;
+ }
+ break;
+ case ENCR_CAMELLIA_CBC:
+ switch (key_size)
+ {
+ case 128:
+ oid = OID_CAMELLIA128_CBC;
+ break;
+ case 192:
+ oid = OID_CAMELLIA192_CBC;
+ break;
+ case 256:
+ oid = OID_CAMELLIA256_CBC;
+ break;
+ default:
+ oid = OID_UNKNOWN;
+ }
+ break;
+ default:
+ oid = OID_UNKNOWN;
+ }
+ return oid;
+}
+
diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h
index d61d98f95..2879e24c0 100644
--- a/src/libstrongswan/crypto/crypters/crypter.h
+++ b/src/libstrongswan/crypto/crypters/crypter.h
@@ -12,8 +12,6 @@
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
- *
- * $Id: crypter.h 5003 2009-03-24 17:43:01Z martin $
*/
/**
@@ -33,28 +31,42 @@ typedef struct crypter_t crypter_t;
* Encryption algorithm, as in IKEv2 RFC 3.3.2.
*/
enum encryption_algorithm_t {
- ENCR_UNDEFINED = 1024,
- ENCR_DES_IV64 = 1,
- ENCR_DES = 2,
- ENCR_3DES = 3,
- ENCR_RC5 = 4,
- ENCR_IDEA = 5,
- ENCR_CAST = 6,
- ENCR_BLOWFISH = 7,
- ENCR_3IDEA = 8,
- ENCR_DES_IV32 = 9,
- ENCR_NULL = 11,
- ENCR_AES_CBC = 12,
- ENCR_AES_CTR = 13,
- ENCR_AES_CCM_ICV8 = 14,
- ENCR_AES_CCM_ICV12 = 15,
- ENCR_AES_CCM_ICV16 = 16,
- ENCR_AES_GCM_ICV8 = 18,
- ENCR_AES_GCM_ICV12 = 19,
- ENCR_AES_GCM_ICV16 = 20,
- ENCR_DES_ECB = 1025
+ ENCR_DES_IV64 = 1,
+ ENCR_DES = 2,
+ ENCR_3DES = 3,
+ ENCR_RC5 = 4,
+ ENCR_IDEA = 5,
+ ENCR_CAST = 6,
+ ENCR_BLOWFISH = 7,
+ ENCR_3IDEA = 8,
+ ENCR_DES_IV32 = 9,
+ ENCR_NULL = 11,
+ ENCR_AES_CBC = 12,
+ ENCR_AES_CTR = 13,
+ ENCR_AES_CCM_ICV8 = 14,
+ ENCR_AES_CCM_ICV12 = 15,
+ ENCR_AES_CCM_ICV16 = 16,
+ ENCR_AES_GCM_ICV8 = 18,
+ ENCR_AES_GCM_ICV12 = 19,
+ ENCR_AES_GCM_ICV16 = 20,
+ ENCR_NULL_AUTH_AES_GMAC = 21,
+ ENCR_CAMELLIA_CBC = 23,
+ ENCR_CAMELLIA_CTR = 24,
+ ENCR_CAMELLIA_CCM_ICV8 = 25,
+ ENCR_CAMELLIA_CCM_ICV12 = 26,
+ ENCR_CAMELLIA_CCM_ICV16 = 27,
+ ENCR_UNDEFINED = 1024,
+ ENCR_DES_ECB = 1025,
+ ENCR_SERPENT_CBC = 1026,
+ ENCR_TWOFISH_CBC = 1027
};
+#define DES_BLOCK_SIZE 8
+#define BLOWFISH_BLOCK_SIZE 8
+#define AES_BLOCK_SIZE 16
+#define SERPENT_BLOCK_SIZE 16
+#define TWOFISH_BLOCK_SIZE 16
+
/**
* enum name for encryption_algorithm_t.
*/
@@ -122,4 +134,22 @@ struct crypter_t {
void (*destroy) (crypter_t *this);
};
+/**
+ * Conversion of ASN.1 OID to encryption algorithm.
+ *
+ * @param oid ASN.1 OID
+ * @param key_size returns size of encryption key in bits
+ * @return encryption algorithm, ENCR_UNDEFINED if OID unsupported
+ */
+encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size);
+
+/**
+ * Conversion of encryption algorithm to ASN.1 OID.
+ *
+ * @param alg encryption algorithm
+ * @param key_size size of encryption key in bits
+ * @return ASN.1 OID, OID_UNKNOWN if OID is unknown
+ */
+int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size);
+
#endif /** CRYPTER_H_ @}*/