diff options
Diffstat (limited to 'src/libstrongswan/crypto/iv')
| -rw-r--r-- | src/libstrongswan/crypto/iv/iv_gen.h | 61 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/iv/iv_gen_rand.c | 79 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/iv/iv_gen_rand.h | 32 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/iv/iv_gen_seq.c | 102 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/iv/iv_gen_seq.h | 32 |
5 files changed, 306 insertions, 0 deletions
diff --git a/src/libstrongswan/crypto/iv/iv_gen.h b/src/libstrongswan/crypto/iv/iv_gen.h new file mode 100644 index 000000000..f6bc6471f --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen.h @@ -0,0 +1,61 @@ +/* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup iv iv + * @{ @ingroup crypto + */ + +#ifndef IV_GEN_H_ +#define IV_GEN_H_ + +typedef struct iv_gen_t iv_gen_t; + +#include <library.h> + +/** + * Generic interface for initialization vector (IV) generators. + */ +struct iv_gen_t { + + /** + * Generates an IV and writes it into the buffer. + * + * @param seq external sequence number + * @param size size of IV in bytes + * @param buffer pointer where the generated IV will be written + * @return TRUE if IV allocation was successful, FALSE otherwise + */ + bool (*get_iv)(iv_gen_t *this, u_int64_t seq, size_t size, + u_int8_t *buffer) __attribute__((warn_unused_result)); + + /** + * Generates an IV and allocates space for it. + * + * @param seq external sequence number + * @param size size of IV in bytes + * @param chunk chunk which will hold the generated IV + * @return TRUE if IV allocation was successful, FALSE otherwise + */ + bool (*allocate_iv)(iv_gen_t *this, u_int64_t seq, size_t size, + chunk_t *chunk) __attribute__((warn_unused_result)); + + /** + * Destroys an IV generator object. + */ + void (*destroy)(iv_gen_t *this); +}; + +#endif /** IV_GEN_H_ @}*/ diff --git a/src/libstrongswan/crypto/iv/iv_gen_rand.c b/src/libstrongswan/crypto/iv/iv_gen_rand.c new file mode 100644 index 000000000..2bed63fcc --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_rand.c @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "iv_gen_rand.h" + +#include <library.h> + +typedef struct private_iv_gen_t private_iv_gen_t; + +/** + * Private data of an iv_gen_t object. + */ +struct private_iv_gen_t { + + /** + * Public iv_gen_t interface. + */ + iv_gen_t public; + + /** + * rng_t object + */ + rng_t *rng; +}; + +METHOD(iv_gen_t, get_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer) +{ + if (!this->rng) + { + return FALSE; + } + return this->rng->get_bytes(this->rng, size, buffer); +} + +METHOD(iv_gen_t, allocate_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk) +{ + if (!this->rng) + { + return FALSE; + } + return this->rng->allocate_bytes(this->rng, size, chunk); +} + +METHOD(iv_gen_t, destroy, void, + private_iv_gen_t *this) +{ + DESTROY_IF(this->rng); + free(this); +} + +iv_gen_t *iv_gen_rand_create() +{ + private_iv_gen_t *this; + + INIT(this, + .public = { + .get_iv = _get_iv, + .allocate_iv = _allocate_iv, + .destroy = _destroy, + }, + .rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK), + ); + + return &this->public; +} diff --git a/src/libstrongswan/crypto/iv/iv_gen_rand.h b/src/libstrongswan/crypto/iv/iv_gen_rand.h new file mode 100644 index 000000000..62d76ed21 --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_rand.h @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @{ @ingroup iv + */ + +#ifndef IV_GEN_RAND_H_ +#define IV_GEN_RAND_H_ + +#include <crypto/iv/iv_gen.h> + +/** + * Create an IV generator that generates random IVs. + * + * @return IV generator + */ +iv_gen_t *iv_gen_rand_create(); + +#endif /** IV_GEN_RAND_H_ @}*/ diff --git a/src/libstrongswan/crypto/iv/iv_gen_seq.c b/src/libstrongswan/crypto/iv/iv_gen_seq.c new file mode 100644 index 000000000..98d0c15a6 --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_seq.c @@ -0,0 +1,102 @@ +/* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "iv_gen_seq.h" + +typedef struct private_iv_gen_t private_iv_gen_t; + +/** + * Private data of an iv_gen_t object. + */ +struct private_iv_gen_t { + + /** + * Public iv_gen_t interface. + */ + iv_gen_t public; + + /** + * Salt to mask counter + */ + u_int8_t *salt; +}; + +METHOD(iv_gen_t, get_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer) +{ + u_int8_t iv[sizeof(u_int64_t)]; + size_t len = size; + + if (!this->salt) + { + return FALSE; + } + if (len > sizeof(u_int64_t)) + { + len = sizeof(u_int64_t); + memset(buffer, 0, size - len); + } + htoun64(iv, seq); + memxor(iv, this->salt, sizeof(u_int64_t)); + memcpy(buffer + size - len, iv + sizeof(u_int64_t) - len, len); + return TRUE; +} + +METHOD(iv_gen_t, allocate_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk) +{ + *chunk = chunk_alloc(size); + if (!get_iv(this, seq, chunk->len, chunk->ptr)) + { + chunk_free(chunk); + return FALSE; + } + return TRUE; +} + +METHOD(iv_gen_t, destroy, void, + private_iv_gen_t *this) +{ + free(this->salt); + free(this); +} + +iv_gen_t *iv_gen_seq_create() +{ + private_iv_gen_t *this; + rng_t *rng; + + INIT(this, + .public = { + .get_iv = _get_iv, + .allocate_iv = _allocate_iv, + .destroy = _destroy, + }, + ); + + rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); + if (rng) + { + this->salt = malloc(sizeof(u_int64_t)); + if (!rng->get_bytes(rng, sizeof(u_int64_t), this->salt)) + { + free(this->salt); + this->salt = NULL; + } + rng->destroy(rng); + } + + return &this->public; +} diff --git a/src/libstrongswan/crypto/iv/iv_gen_seq.h b/src/libstrongswan/crypto/iv/iv_gen_seq.h new file mode 100644 index 000000000..329dcca05 --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_seq.h @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2013 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @{ @ingroup iv + */ + +#ifndef IV_GEN_SEQ_H_ +#define IV_GEN_SEQ_H_ + +#include <crypto/iv/iv_gen.h> + +/** + * Create an IV generator that generates sequential IVs (counter). + * + * @return IV generator + */ +iv_gen_t *iv_gen_seq_create(); + +#endif /** IV_GEN_SEQ_H_ @}*/ |