diff options
Diffstat (limited to 'src/libstrongswan/crypto')
25 files changed, 1744 insertions, 169 deletions
diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c index 13ba9c6e2..ebd35a8a0 100644 --- a/src/libstrongswan/crypto/crypters/crypter.c +++ b/src/libstrongswan/crypto/crypters/crypter.c @@ -12,22 +12,20 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: crypter.c 4880 2009-02-18 19:45:46Z tobias $ */ +#include <asn1/oid.h> + #include "crypter.h" -ENUM_BEGIN(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_UNDEFINED, - "UNDEFINED"); -ENUM_NEXT(encryption_algorithm_names, ENCR_DES_IV64, ENCR_DES_IV32, ENCR_UNDEFINED, +ENUM_BEGIN(encryption_algorithm_names, ENCR_DES_IV64, ENCR_DES_IV32, "DES_IV64", - "DES", - "3DES", - "RC5", - "IDEA", - "CAST", - "BLOWFISH", + "DES_CBC", + "3DES_CBC", + "RC5_CBC", + "IDEA_CBC", + "CAST_CBC", + "BLOWFISH_CBC", "3IDEA", "DES_IV32"); ENUM_NEXT(encryption_algorithm_names, ENCR_NULL, ENCR_AES_CCM_ICV16, ENCR_DES_IV32, @@ -37,11 +35,128 @@ ENUM_NEXT(encryption_algorithm_names, ENCR_NULL, ENCR_AES_CCM_ICV16, ENCR_DES_IV "AES_CCM_8", "AES_CCM_12", "AES_CCM_16"); -ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_AES_GCM_ICV16, ENCR_AES_CCM_ICV16, +ENUM_NEXT(encryption_algorithm_names, ENCR_AES_GCM_ICV8, ENCR_NULL_AUTH_AES_GMAC, ENCR_AES_CCM_ICV16, "AES_GCM_8", "AES_GCM_12", - "AES_GCM_16"); -ENUM_NEXT(encryption_algorithm_names, ENCR_DES_ECB, ENCR_DES_ECB, ENCR_AES_GCM_ICV16, - "DES_ECB"); -ENUM_END(encryption_algorithm_names, ENCR_DES_ECB); + "AES_GCM_16", + "NULL_AES_GMAC"); +ENUM_NEXT(encryption_algorithm_names, ENCR_CAMELLIA_CBC, ENCR_CAMELLIA_CCM_ICV16, ENCR_NULL_AUTH_AES_GMAC, + "CAMELLIA_CBC", + "CAMELLIA_CTR", + "CAMELLIA_CCM_8", + "CAMELLIA_CCM_12", + "CAMELLIA_CCM_16"); +ENUM_NEXT(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_TWOFISH_CBC, ENCR_CAMELLIA_CCM_ICV16, + "UNDEFINED", + "DES_ECB", + "SERPENT_CBC", + "TWOFISH_CBC"); +ENUM_END(encryption_algorithm_names, ENCR_TWOFISH_CBC); + +/* + * Described in header. + */ +encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size) +{ + encryption_algorithm_t alg; + size_t alg_key_size; + + switch (oid) + { + case OID_DES_CBC: + alg = ENCR_DES; + alg_key_size = 0; + break; + case OID_3DES_EDE_CBC: + alg = ENCR_3DES; + alg_key_size = 0; + break; + case OID_AES128_CBC: + alg = ENCR_AES_CBC; + alg_key_size = 128; + break; + case OID_AES192_CBC: + alg = ENCR_AES_CBC; + alg_key_size = 192; + break; + case OID_AES256_CBC: + alg = ENCR_AES_CBC; + alg_key_size = 256; + break; + case OID_CAMELLIA128_CBC: + alg = ENCR_CAMELLIA_CBC; + alg_key_size = 128; + break; + case OID_CAMELLIA192_CBC: + alg = ENCR_CAMELLIA_CBC; + alg_key_size = 192; + break; + case OID_CAMELLIA256_CBC: + alg = ENCR_CAMELLIA_CBC; + alg_key_size = 256; + break; + default: + alg = ENCR_UNDEFINED; + alg_key_size = 0; + } + if (key_size) + { + *key_size = alg_key_size; + } + return alg; +} + +/* + * Described in header. + */ +int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size) +{ + int oid; + + switch(alg) + { + case ENCR_DES: + oid = OID_DES_CBC; + break; + case ENCR_3DES: + oid = OID_3DES_EDE_CBC; + break; + case ENCR_AES_CBC: + switch (key_size) + { + case 128: + oid = OID_AES128_CBC; + break; + case 192: + oid = OID_AES192_CBC; + break; + case 256: + oid = OID_AES256_CBC; + break; + default: + oid = OID_UNKNOWN; + } + break; + case ENCR_CAMELLIA_CBC: + switch (key_size) + { + case 128: + oid = OID_CAMELLIA128_CBC; + break; + case 192: + oid = OID_CAMELLIA192_CBC; + break; + case 256: + oid = OID_CAMELLIA256_CBC; + break; + default: + oid = OID_UNKNOWN; + } + break; + default: + oid = OID_UNKNOWN; + } + return oid; +} + diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h index d61d98f95..2879e24c0 100644 --- a/src/libstrongswan/crypto/crypters/crypter.h +++ b/src/libstrongswan/crypto/crypters/crypter.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: crypter.h 5003 2009-03-24 17:43:01Z martin $ */ /** @@ -33,28 +31,42 @@ typedef struct crypter_t crypter_t; * Encryption algorithm, as in IKEv2 RFC 3.3.2. */ enum encryption_algorithm_t { - ENCR_UNDEFINED = 1024, - ENCR_DES_IV64 = 1, - ENCR_DES = 2, - ENCR_3DES = 3, - ENCR_RC5 = 4, - ENCR_IDEA = 5, - ENCR_CAST = 6, - ENCR_BLOWFISH = 7, - ENCR_3IDEA = 8, - ENCR_DES_IV32 = 9, - ENCR_NULL = 11, - ENCR_AES_CBC = 12, - ENCR_AES_CTR = 13, - ENCR_AES_CCM_ICV8 = 14, - ENCR_AES_CCM_ICV12 = 15, - ENCR_AES_CCM_ICV16 = 16, - ENCR_AES_GCM_ICV8 = 18, - ENCR_AES_GCM_ICV12 = 19, - ENCR_AES_GCM_ICV16 = 20, - ENCR_DES_ECB = 1025 + ENCR_DES_IV64 = 1, + ENCR_DES = 2, + ENCR_3DES = 3, + ENCR_RC5 = 4, + ENCR_IDEA = 5, + ENCR_CAST = 6, + ENCR_BLOWFISH = 7, + ENCR_3IDEA = 8, + ENCR_DES_IV32 = 9, + ENCR_NULL = 11, + ENCR_AES_CBC = 12, + ENCR_AES_CTR = 13, + ENCR_AES_CCM_ICV8 = 14, + ENCR_AES_CCM_ICV12 = 15, + ENCR_AES_CCM_ICV16 = 16, + ENCR_AES_GCM_ICV8 = 18, + ENCR_AES_GCM_ICV12 = 19, + ENCR_AES_GCM_ICV16 = 20, + ENCR_NULL_AUTH_AES_GMAC = 21, + ENCR_CAMELLIA_CBC = 23, + ENCR_CAMELLIA_CTR = 24, + ENCR_CAMELLIA_CCM_ICV8 = 25, + ENCR_CAMELLIA_CCM_ICV12 = 26, + ENCR_CAMELLIA_CCM_ICV16 = 27, + ENCR_UNDEFINED = 1024, + ENCR_DES_ECB = 1025, + ENCR_SERPENT_CBC = 1026, + ENCR_TWOFISH_CBC = 1027 }; +#define DES_BLOCK_SIZE 8 +#define BLOWFISH_BLOCK_SIZE 8 +#define AES_BLOCK_SIZE 16 +#define SERPENT_BLOCK_SIZE 16 +#define TWOFISH_BLOCK_SIZE 16 + /** * enum name for encryption_algorithm_t. */ @@ -122,4 +134,22 @@ struct crypter_t { void (*destroy) (crypter_t *this); }; +/** + * Conversion of ASN.1 OID to encryption algorithm. + * + * @param oid ASN.1 OID + * @param key_size returns size of encryption key in bits + * @return encryption algorithm, ENCR_UNDEFINED if OID unsupported + */ +encryption_algorithm_t encryption_algorithm_from_oid(int oid, size_t *key_size); + +/** + * Conversion of encryption algorithm to ASN.1 OID. + * + * @param alg encryption algorithm + * @param key_size size of encryption key in bits + * @return ASN.1 OID, OID_UNKNOWN if OID is unknown + */ +int encryption_algorithm_to_oid(encryption_algorithm_t alg, size_t key_size); + #endif /** CRYPTER_H_ @}*/ diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c index dcc881f1d..fea8d0793 100644 --- a/src/libstrongswan/crypto/crypto_factory.c +++ b/src/libstrongswan/crypto/crypto_factory.c @@ -11,14 +11,14 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: crypto_factory.c 4592 2008-11-05 16:21:57Z martin $ */ #include "crypto_factory.h" -#include <utils/linked_list.h> +#include <debug.h> #include <utils/mutex.h> +#include <utils/linked_list.h> +#include <crypto/crypto_tester.h> typedef struct entry_t entry_t; struct entry_t { @@ -78,6 +78,21 @@ struct private_crypto_factory_t { linked_list_t *dhs; /** + * test manager to test crypto algorithms + */ + crypto_tester_t *tester; + + /** + * whether to test algorithms during registration + */ + bool test_on_add; + + /** + * whether to test algorithms on each crypto primitive construction + */ + bool test_on_create; + + /** * rwlock to lock access to modules */ rwlock_t *lock; @@ -92,13 +107,19 @@ static crypter_t* create_crypter(private_crypto_factory_t *this, enumerator_t *enumerator; entry_t *entry; crypter_t *crypter = NULL; - + this->lock->read_lock(this->lock); enumerator = this->crypters->create_enumerator(this->crypters); while (enumerator->enumerate(enumerator, &entry)) { if (entry->algo == algo) { + if (this->test_on_create && + !this->tester->test_crypter(this->tester, algo, key_size, + entry->create_crypter)) + { + continue; + } crypter = entry->create_crypter(algo, key_size); if (crypter) { @@ -120,13 +141,19 @@ static signer_t* create_signer(private_crypto_factory_t *this, enumerator_t *enumerator; entry_t *entry; signer_t *signer = NULL; - + this->lock->read_lock(this->lock); enumerator = this->signers->create_enumerator(this->signers); while (enumerator->enumerate(enumerator, &entry)) { if (entry->algo == algo) { + if (this->test_on_create && + !this->tester->test_signer(this->tester, algo, + entry->create_signer)) + { + continue; + } signer = entry->create_signer(algo); if (signer) { @@ -136,7 +163,7 @@ static signer_t* create_signer(private_crypto_factory_t *this, } enumerator->destroy(enumerator); this->lock->unlock(this->lock); - + return signer; } @@ -156,6 +183,12 @@ static hasher_t* create_hasher(private_crypto_factory_t *this, { if (algo == HASH_PREFERRED || entry->algo == algo) { + if (this->test_on_create && algo != HASH_PREFERRED && + !this->tester->test_hasher(this->tester, algo, + entry->create_hasher)) + { + continue; + } hasher = entry->create_hasher(entry->algo); if (hasher) { @@ -184,6 +217,11 @@ static prf_t* create_prf(private_crypto_factory_t *this, { if (entry->algo == algo) { + if (this->test_on_create && + !this->tester->test_prf(this->tester, algo, entry->create_prf)) + { + continue; + } prf = entry->create_prf(algo); if (prf) { @@ -205,13 +243,18 @@ static rng_t* create_rng(private_crypto_factory_t *this, rng_quality_t quality) entry_t *entry; u_int diff = ~0; rng_constructor_t constr = NULL; - + this->lock->read_lock(this->lock); enumerator = this->rngs->create_enumerator(this->rngs); while (enumerator->enumerate(enumerator, &entry)) { /* find the best matching quality, but at least as good as requested */ if (entry->algo >= quality && diff > entry->algo - quality) { + if (this->test_on_create && + !this->tester->test_rng(this->tester, quality, entry->create_rng)) + { + continue; + } diff = entry->algo - quality; constr = entry->create_rng; if (diff == 0) @@ -264,13 +307,17 @@ static void add_crypter(private_crypto_factory_t *this, encryption_algorithm_t algo, crypter_constructor_t create) { - entry_t *entry = malloc_thing(entry_t); - - entry->algo = algo; - entry->create_crypter = create; - this->lock->write_lock(this->lock); - this->crypters->insert_last(this->crypters, entry); - this->lock->unlock(this->lock); + if (!this->test_on_add || + this->tester->test_crypter(this->tester, algo, 0, create)) + { + entry_t *entry = malloc_thing(entry_t); + + entry->algo = algo; + entry->create_crypter = create; + this->lock->write_lock(this->lock); + this->crypters->insert_last(this->crypters, entry); + this->lock->unlock(this->lock); + } } /** @@ -302,13 +349,17 @@ static void remove_crypter(private_crypto_factory_t *this, static void add_signer(private_crypto_factory_t *this, integrity_algorithm_t algo, signer_constructor_t create) { - entry_t *entry = malloc_thing(entry_t); - - entry->algo = algo; - entry->create_signer = create; - this->lock->write_lock(this->lock); - this->signers->insert_last(this->signers, entry); - this->lock->unlock(this->lock); + if (!this->test_on_add || + this->tester->test_signer(this->tester, algo, create)) + { + entry_t *entry = malloc_thing(entry_t); + + entry->algo = algo; + entry->create_signer = create; + this->lock->write_lock(this->lock); + this->signers->insert_last(this->signers, entry); + this->lock->unlock(this->lock); + } } /** @@ -340,13 +391,17 @@ static void remove_signer(private_crypto_factory_t *this, static void add_hasher(private_crypto_factory_t *this, hash_algorithm_t algo, hasher_constructor_t create) { - entry_t *entry = malloc_thing(entry_t); - - entry->algo = algo; - entry->create_hasher = create; - this->lock->write_lock(this->lock); - this->hashers->insert_last(this->hashers, entry); - this->lock->unlock(this->lock); + if (!this->test_on_add || + this->tester->test_hasher(this->tester, algo, create)) + { + entry_t *entry = malloc_thing(entry_t); + + entry->algo = algo; + entry->create_hasher = create; + this->lock->write_lock(this->lock); + this->hashers->insert_last(this->hashers, entry); + this->lock->unlock(this->lock); + } } /** @@ -378,13 +433,17 @@ static void remove_hasher(private_crypto_factory_t *this, static void add_prf(private_crypto_factory_t *this, pseudo_random_function_t algo, prf_constructor_t create) { - entry_t *entry = malloc_thing(entry_t); - - entry->algo = algo; - entry->create_prf = create; - this->lock->write_lock(this->lock); - this->prfs->insert_last(this->prfs, entry); - this->lock->unlock(this->lock); + if (!this->test_on_add || + this->tester->test_prf(this->tester, algo, create)) + { + entry_t *entry = malloc_thing(entry_t); + + entry->algo = algo; + entry->create_prf = create; + this->lock->write_lock(this->lock); + this->prfs->insert_last(this->prfs, entry); + this->lock->unlock(this->lock); + } } /** @@ -415,13 +474,17 @@ static void remove_prf(private_crypto_factory_t *this, prf_constructor_t create) static void add_rng(private_crypto_factory_t *this, rng_quality_t quality, rng_constructor_t create) { - entry_t *entry = malloc_thing(entry_t); - - entry->algo = quality; - entry->create_rng = create; - this->lock->write_lock(this->lock); - this->rngs->insert_last(this->rngs, entry); - this->lock->unlock(this->lock); + if (!this->test_on_add || + this->tester->test_rng(this->tester, quality, create)) + { + entry_t *entry = malloc_thing(entry_t); + + entry->algo = quality; + entry->create_rng = create; + this->lock->write_lock(this->lock); + this->rngs->insert_last(this->rngs, entry); + this->lock->unlock(this->lock); + } } /** @@ -605,6 +668,30 @@ static enumerator_t* create_dh_enumerator(private_crypto_factory_t *this) } /** + * Implementation of crypto_factory_t.add_test_vector + */ +static void add_test_vector(private_crypto_factory_t *this, + transform_type_t type, void *vector) +{ + switch (type) + { + case ENCRYPTION_ALGORITHM: + return this->tester->add_crypter_vector(this->tester, vector); + case INTEGRITY_ALGORITHM: + return this->tester->add_signer_vector(this->tester, vector); + case HASH_ALGORITHM: + return this->tester->add_hasher_vector(this->tester, vector); + case PSEUDO_RANDOM_FUNCTION: + return this->tester->add_prf_vector(this->tester, vector); + case RANDOM_NUMBER_GENERATOR: + return this->tester->add_rng_vector(this->tester, vector); + default: + DBG1("%N test vectors not supported, ignored", + transform_type_names, type); + } +} + +/** * Implementation of crypto_factory_t.destroy */ static void destroy(private_crypto_factory_t *this) @@ -615,6 +702,7 @@ static void destroy(private_crypto_factory_t *this) this->prfs->destroy_function(this->prfs, free); this->rngs->destroy_function(this->rngs, free); this->dhs->destroy_function(this->dhs, free); + this->tester->destroy(this->tester); this->lock->destroy(this->lock); free(this); } @@ -649,6 +737,7 @@ crypto_factory_t *crypto_factory_create() this->public.create_hasher_enumerator = (enumerator_t*(*)(crypto_factory_t*))create_hasher_enumerator; this->public.create_prf_enumerator = (enumerator_t*(*)(crypto_factory_t*))create_prf_enumerator; this->public.create_dh_enumerator = (enumerator_t*(*)(crypto_factory_t*))create_dh_enumerator; + this->public.add_test_vector = (void(*)(crypto_factory_t*, transform_type_t type, ...))add_test_vector; this->public.destroy = (void(*)(crypto_factory_t*))destroy; this->crypters = linked_list_create(); @@ -658,6 +747,11 @@ crypto_factory_t *crypto_factory_create() this->rngs = linked_list_create(); this->dhs = linked_list_create(); this->lock = rwlock_create(RWLOCK_DEFAULT); + this->tester = crypto_tester_create(); + this->test_on_add = lib->settings->get_bool(lib->settings, + "libstrongswan.crypto_test.on_add", FALSE); + this->test_on_create = lib->settings->get_bool(lib->settings, + "libstrongswan.crypto_test.on_create", FALSE); return &this->public; } diff --git a/src/libstrongswan/crypto/crypto_factory.h b/src/libstrongswan/crypto/crypto_factory.h index e2d2de71a..f1ebcf90a 100644 --- a/src/libstrongswan/crypto/crypto_factory.h +++ b/src/libstrongswan/crypto/crypto_factory.h @@ -30,6 +30,7 @@ typedef struct crypto_factory_t crypto_factory_t; #include <crypto/prfs/prf.h> #include <crypto/rngs/rng.h> #include <crypto/diffie_hellman.h> +#include <crypto/transform.h> /** * Constructor function for crypters @@ -257,9 +258,17 @@ struct crypto_factory_t { enumerator_t* (*create_dh_enumerator)(crypto_factory_t *this); /** - * Destroy a crypto_factory instance. - */ - void (*destroy)(crypto_factory_t *this); + * Add a test vector to the crypto factory. + * + * @param type type of the test vector + * @param ... pointer to a test vector, defined in crypto_tester.h + */ + void (*add_test_vector)(crypto_factory_t *this, transform_type_t type, ...); + + /** + * Destroy a crypto_factory instance. + */ + void (*destroy)(crypto_factory_t *this); }; /** diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c new file mode 100644 index 000000000..b0b5aa969 --- /dev/null +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -0,0 +1,629 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "crypto_tester.h" + +#include <debug.h> +#include <utils/linked_list.h> + +typedef struct private_crypto_tester_t private_crypto_tester_t; + +/** + * Private data of an crypto_tester_t object. + */ +struct private_crypto_tester_t { + + /** + * Public crypto_tester_t interface. + */ + crypto_tester_t public; + + /** + * List of crypter test vectors + */ + linked_list_t *crypter; + + /** + * List of signer test vectors + */ + linked_list_t *signer; + + /** + * List of hasher test vectors + */ + linked_list_t *hasher; + + /** + * List of PRF test vectors + */ + linked_list_t *prf; + + /** + * List of RNG test vectors + */ + linked_list_t *rng; + + /** + * Is a test vector required to pass a test? + */ + bool required; + + /** + * should we run RNG_TRUE tests? Enough entropy? + */ + bool rng_true; +}; + +/** + * Implementation of crypto_tester_t.test_crypter + */ +static bool test_crypter(private_crypto_tester_t *this, + encryption_algorithm_t alg, size_t key_size, crypter_constructor_t create) +{ + enumerator_t *enumerator; + crypter_test_vector_t *vector; + bool failed = FALSE; + u_int tested = 0; + + enumerator = this->crypter->create_enumerator(this->crypter); + while (enumerator->enumerate(enumerator, &vector)) + { + crypter_t *crypter; + chunk_t key, plain, cipher, iv; + + if (vector->alg != alg) + { + continue; + } + if (key_size && key_size != vector->key_size) + { /* test only vectors with a specific key size, if key size given */ + continue; + } + crypter = create(alg, vector->key_size); + if (!crypter) + { /* key size not supported... */ + continue; + } + + failed = FALSE; + tested++; + + key = chunk_create(vector->key, crypter->get_key_size(crypter)); + crypter->set_key(crypter, key); + iv = chunk_create(vector->iv, crypter->get_block_size(crypter)); + + /* allocated encryption */ + plain = chunk_create(vector->plain, vector->len); + crypter->encrypt(crypter, plain, iv, &cipher); + if (!memeq(vector->cipher, cipher.ptr, cipher.len)) + { + failed = TRUE; + } + /* inline decryption */ + crypter->decrypt(crypter, cipher, iv, NULL); + if (!memeq(vector->plain, cipher.ptr, cipher.len)) + { + failed = TRUE; + } + free(cipher.ptr); + /* allocated decryption */ + cipher = chunk_create(vector->cipher, vector->len); + crypter->decrypt(crypter, cipher, iv, &plain); + if (!memeq(vector->plain, plain.ptr, plain.len)) + { + failed = TRUE; + } + /* inline encryption */ + crypter->encrypt(crypter, plain, iv, NULL); + if (!memeq(vector->cipher, plain.ptr, plain.len)) + { + failed = TRUE; + } + free(plain.ptr); + + crypter->destroy(crypter); + if (failed) + { + DBG1("disabled %N: test vector %d failed", + encryption_algorithm_names, alg, tested); + break; + } + } + enumerator->destroy(enumerator); + if (!tested) + { + DBG1("%s %N: no test vectors found", + this->required ? "disabled" : "enabled ", + encryption_algorithm_names, alg); + return !this->required; + } + if (!failed) + { + DBG1("enabled %N: successfully passed %d test vectors", + encryption_algorithm_names, alg, tested); + } + return !failed; +} + +/** + * Implementation of crypto_tester_t.test_signer + */ +static bool test_signer(private_crypto_tester_t *this, + integrity_algorithm_t alg, signer_constructor_t create) +{ + enumerator_t *enumerator; + signer_test_vector_t *vector; + bool failed = FALSE; + u_int tested = 0; + + enumerator = this->signer->create_enumerator(this->signer); + while (enumerator->enumerate(enumerator, &vector)) + { + signer_t *signer; + chunk_t key, data, mac; + + if (vector->alg != alg) + { + continue; + } + + tested++; + signer = create(alg); + if (!signer) + { + DBG1("disabled %N: creating instance failed", + integrity_algorithm_names, alg); + failed = TRUE; + break; + } + + failed = FALSE; + + key = chunk_create(vector->key, signer->get_key_size(signer)); + signer->set_key(signer, key); + + /* allocated signature */ + data = chunk_create(vector->data, vector->len); + signer->allocate_signature(signer, data, &mac); + if (mac.len != signer->get_block_size(signer)) + { + failed = TRUE; + } + if (!memeq(vector->mac, mac.ptr, mac.len)) + { + failed = TRUE; + } + /* signature to existing buffer */ + memset(mac.ptr, 0, mac.len); + signer->get_signature(signer, data, mac.ptr); + if (!memeq(vector->mac, mac.ptr, mac.len)) + { + failed = TRUE; + } + /* signature verification, good case */ + if (!signer->verify_signature(signer, data, mac)) + { + failed = TRUE; + } + /* signature verification, bad case */ + *(mac.ptr + mac.len - 1) += 1; + if (signer->verify_signature(signer, data, mac)) + { + failed = TRUE; + } + /* signature to existing buffer, using append mode */ + if (data.len > 2) + { + memset(mac.ptr, 0, mac.len); + signer->allocate_signature(signer, chunk_create(data.ptr, 1), NULL); + signer->get_signature(signer, chunk_create(data.ptr + 1, 1), NULL); + signer->get_signature(signer, chunk_skip(data, 2), mac.ptr); + if (!memeq(vector->mac, mac.ptr, mac.len)) + { + failed = TRUE; + } + } + free(mac.ptr); + + signer->destroy(signer); + if (failed) + { + DBG1("disabled %N: test vector %d failed", + integrity_algorithm_names, alg, tested); + break; + } + } + enumerator->destroy(enumerator); + if (!tested) + { + DBG1("%s %N: no test vectors found", + this->required ? "disabled" : "enabled ", + integrity_algorithm_names, alg); + return !this->required; + } + if (!failed) + { + DBG1("enabled %N: successfully passed %d test vectors", + integrity_algorithm_names, alg, tested); + } + return !failed; +} + +/** + * Implementation of hasher_t.test_hasher + */ +static bool test_hasher(private_crypto_tester_t *this, hash_algorithm_t alg, + hasher_constructor_t create) +{ + enumerator_t *enumerator; + hasher_test_vector_t *vector; + bool failed = FALSE; + u_int tested = 0; + + enumerator = this->hasher->create_enumerator(this->hasher); + while (enumerator->enumerate(enumerator, &vector)) + { + hasher_t *hasher; + chunk_t data, hash; + + if (vector->alg != alg) + { + continue; + } + + tested++; + hasher = create(alg); + if (!hasher) + { + DBG1("disabled %N: creating instance failed", + hash_algorithm_names, alg); + failed = TRUE; + break; + } + + failed = FALSE; + + /* allocated hash */ + data = chunk_create(vector->data, vector->len); + hasher->allocate_hash(hasher, data, &hash); + if (hash.len != hasher->get_hash_size(hasher)) + { + failed = TRUE; + } + if (!memeq(vector->hash, hash.ptr, hash.len)) + { + failed = TRUE; + } + /* hash to existing buffer */ + memset(hash.ptr, 0, hash.len); + hasher->get_hash(hasher, data, hash.ptr); + if (!memeq(vector->hash, hash.ptr, hash.len)) + { + failed = TRUE; + } + /* hasher to existing buffer, using append mode */ + if (data.len > 2) + { + memset(hash.ptr, 0, hash.len); + hasher->allocate_hash(hasher, chunk_create(data.ptr, 1), NULL); + hasher->get_hash(hasher, chunk_create(data.ptr + 1, 1), NULL); + hasher->get_hash(hasher, chunk_skip(data, 2), hash.ptr); + if (!memeq(vector->hash, hash.ptr, hash.len)) + { + failed = TRUE; + } + } + free(hash.ptr); + + hasher->destroy(hasher); + if (failed) + { + DBG1("disabled %N: test vector %d failed", + hash_algorithm_names, alg), tested; + break; + } + } + enumerator->destroy(enumerator); + if (!tested) + { + DBG1("%s %N: no test vectors found", + this->required ? "disabled" : "enabled ", + hash_algorithm_names, alg); + return !this->required; + } + if (!failed) + { + DBG1("enabled %N: successfully passed %d test vectors", + hash_algorithm_names, alg, tested); + } + return !failed; +} + +/** + * Implementation of crypto_tester_t.test_prf + */ +static bool test_prf(private_crypto_tester_t *this, + pseudo_random_function_t alg, prf_constructor_t create) +{ + enumerator_t *enumerator; + prf_test_vector_t *vector; + bool failed = FALSE; + u_int tested = 0; + + enumerator = this->prf->create_enumerator(this->prf); + while (enumerator->enumerate(enumerator, &vector)) + { + prf_t *prf; + chunk_t key, seed, out; + + if (vector->alg != alg) + { + continue; + } + + tested++; + prf = create(alg); + if (!prf) + { + DBG1("disabled %N: creating instance failed", + pseudo_random_function_names, alg); + failed = TRUE; + break; + } + + failed = FALSE; + + key = chunk_create(vector->key, vector->key_size); + prf->set_key(prf, key); + + /* allocated bytes */ + seed = chunk_create(vector->seed, vector->len); + prf->allocate_bytes(prf, seed, &out); + if (out.len != prf->get_block_size(prf)) + { + failed = TRUE; + } + if (!memeq(vector->out, out.ptr, out.len)) + { + failed = TRUE; + } + /* bytes to existing buffer */ + memset(out.ptr, 0, out.len); + if (vector->stateful) + { + prf->set_key(prf, key); + } + prf->get_bytes(prf, seed, out.ptr); + if (!memeq(vector->out, out.ptr, out.len)) + { + failed = TRUE; + } + /* bytes to existing buffer, using append mode */ + if (seed.len > 2) + { + memset(out.ptr, 0, out.len); + if (vector->stateful) + { + prf->set_key(prf, key); + } + prf->allocate_bytes(prf, chunk_create(seed.ptr, 1), NULL); + prf->get_bytes(prf, chunk_create(seed.ptr + 1, 1), NULL); + prf->get_bytes(prf, chunk_skip(seed, 2), out.ptr); + if (!memeq(vector->out, out.ptr, out.len)) + { + failed = TRUE; + } + } + free(out.ptr); + + prf->destroy(prf); + if (failed) + { + DBG1("disabled %N: test vector %d failed", + pseudo_random_function_names, alg, tested); + break; + } + } + enumerator->destroy(enumerator); + if (!tested) + { + DBG1("%s %N: no test vectors found", + this->required ? "disabled" : "enabled ", + pseudo_random_function_names, alg); + return !this->required; + } + if (!failed) + { + DBG1("enabled %N: successfully passed %d test vectors", + pseudo_random_function_names, alg, tested); + } + return !failed; +} + +/** + * Implementation of crypto_tester_t.test_rng + */ +static bool test_rng(private_crypto_tester_t *this, rng_quality_t quality, + rng_constructor_t create) +{ + enumerator_t *enumerator; + rng_test_vector_t *vector; + bool failed = FALSE; + u_int tested = 0; + + if (!this->rng_true && quality == RNG_TRUE) + { + DBG1("enabled %N: skipping test (disabled by config)", + rng_quality_names, quality); + return TRUE; + } + + enumerator = this->rng->create_enumerator(this->rng); + while (enumerator->enumerate(enumerator, &vector)) + { + rng_t *rng; + chunk_t data; + + if (vector->quality != quality) + { + continue; + } + + tested++; + rng = create(quality); + if (!rng) + { + DBG1("disabled %N: creating instance failed", + rng_quality_names, quality); + failed = TRUE; + break; + } + + failed = FALSE; + + /* allocated bytes */ + rng->allocate_bytes(rng, vector->len, &data); + if (data.len != vector->len) + { + failed = TRUE; + } + if (!vector->test(vector->user, data)) + { + failed = TRUE; + } + /* bytes to existing buffer */ + memset(data.ptr, 0, data.len); + rng->get_bytes(rng, vector->len, data.ptr); + if (!vector->test(vector->user, data)) + { + failed = TRUE; + } + free(data.ptr); + + rng->destroy(rng); + if (failed) + { + DBG1("disabled %N: test vector %d failed", + rng_quality_names, quality, tested); + break; + } + } + enumerator->destroy(enumerator); + if (!tested) + { + DBG1("%s %N: no test vectors found", + this->required ? ", disabled" : "enabled ", + rng_quality_names, quality); + return !this->required; + } + if (!failed) + { + DBG1("enabled %N: successfully passed %d test vectors", + rng_quality_names, quality, tested); + } + return !failed; +} + +/** + * Implementation of crypter_tester_t.add_crypter_vector + */ +static void add_crypter_vector(private_crypto_tester_t *this, + crypter_test_vector_t *vector) +{ + this->crypter->insert_last(this->crypter, vector); +} + +/** + * Implementation of crypter_tester_t.add_signer_vector + */ +static void add_signer_vector(private_crypto_tester_t *this, + signer_test_vector_t *vector) +{ + this->signer->insert_last(this->signer, vector); +} + +/** + * Implementation of crypter_tester_t.add_hasher_vector + */ +static void add_hasher_vector(private_crypto_tester_t *this, + hasher_test_vector_t *vector) +{ + this->hasher->insert_last(this->hasher, vector); +} + +/** + * Implementation of crypter_tester_t.add_prf_vector + */ +static void add_prf_vector(private_crypto_tester_t *this, + prf_test_vector_t *vector) +{ + this->prf->insert_last(this->prf, vector); +} + +/** + * Implementation of crypter_tester_t.add_rng_vector + */ +static void add_rng_vector(private_crypto_tester_t *this, + rng_test_vector_t *vector) +{ + this->rng->insert_last(this->rng, vector); +} + +/** + * Implementation of crypto_tester_t.destroy. + */ +static void destroy(private_crypto_tester_t *this) +{ + this->crypter->destroy(this->crypter); + this->signer->destroy(this->signer); + this->hasher->destroy(this->hasher); + this->prf->destroy(this->prf); + this->rng->destroy(this->rng); + free(this); +} + +/** + * See header + */ +crypto_tester_t *crypto_tester_create() +{ + private_crypto_tester_t *this = malloc_thing(private_crypto_tester_t); + + this->public.test_crypter = (bool(*)(crypto_tester_t*, encryption_algorithm_t alg,size_t key_size, crypter_constructor_t create))test_crypter; + this->public.test_signer = (bool(*)(crypto_tester_t*, integrity_algorithm_t alg, signer_constructor_t create))test_signer; + this->public.test_hasher = (bool(*)(crypto_tester_t*, hash_algorithm_t alg, hasher_constructor_t create))test_hasher; + this->public.test_prf = (bool(*)(crypto_tester_t*, pseudo_random_function_t alg, prf_constructor_t create))test_prf; + this->public.test_rng = (bool(*)(crypto_tester_t*, rng_quality_t quality, rng_constructor_t create))test_rng; + this->public.add_crypter_vector = (void(*)(crypto_tester_t*, crypter_test_vector_t *vector))add_crypter_vector; + this->public.add_signer_vector = (void(*)(crypto_tester_t*, signer_test_vector_t *vector))add_signer_vector; + this->public.add_hasher_vector = (void(*)(crypto_tester_t*, hasher_test_vector_t *vector))add_hasher_vector; + this->public.add_prf_vector = (void(*)(crypto_tester_t*, prf_test_vector_t *vector))add_prf_vector; + this->public.add_rng_vector = (void(*)(crypto_tester_t*, rng_test_vector_t *vector))add_rng_vector; + this->public.destroy = (void(*)(crypto_tester_t*))destroy; + + this->crypter = linked_list_create(); + this->signer = linked_list_create(); + this->hasher = linked_list_create(); + this->prf = linked_list_create(); + this->rng = linked_list_create(); + + this->required = lib->settings->get_bool(lib->settings, + "libstrongswan.crypto_test.required", FALSE); + this->rng_true = lib->settings->get_bool(lib->settings, + "libstrongswan.crypto_test.rng_true", FALSE); + + return &this->public; +} + diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h new file mode 100644 index 000000000..d2929f33d --- /dev/null +++ b/src/libstrongswan/crypto/crypto_tester.h @@ -0,0 +1,205 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup crypto_tester crypto_tester + * @{ @ingroup crypto + */ + +#ifndef CRYPTO_TESTER_H_ +#define CRYPTO_TESTER_H_ + +typedef struct crypto_tester_t crypto_tester_t; + +#include <crypto/crypto_factory.h> + +typedef struct crypter_test_vector_t crypter_test_vector_t; +typedef struct signer_test_vector_t signer_test_vector_t; +typedef struct hasher_test_vector_t hasher_test_vector_t; +typedef struct prf_test_vector_t prf_test_vector_t; +typedef struct rng_test_vector_t rng_test_vector_t; + +struct crypter_test_vector_t { + /** encryption algorithm this vector tests */ + encryption_algorithm_t alg; + /** key length to use, in bytes */ + size_t key_size; + /** encryption key of test vector */ + u_char *key; + /** initialization vector, using crypters blocksize bytes */ + u_char *iv; + /** length of plain and cipher text */ + size_t len; + /** plain text */ + u_char *plain; + /** cipher text */ + u_char *cipher; +}; + +struct signer_test_vector_t { + /** signer algorithm this test vector tests */ + pseudo_random_function_t alg; + /** key to use, with a length the algorithm expects */ + u_char *key; + /** size of the input data */ + size_t len; + /** input data */ + u_char *data; + /** expected output, with ouput size of the tested algorithm */ + u_char *mac; +}; + +struct hasher_test_vector_t { + /** hash algorithm this test vector tests */ + hash_algorithm_t alg; + /** length of the input data */ + size_t len; + /** input data */ + u_char *data; + /** expected hash, with hash size of the tested algorithm */ + u_char *hash; +}; + +struct prf_test_vector_t { + /** prf algorithm this test vector tests */ + pseudo_random_function_t alg; + /** is this PRF stateful? */ + bool stateful; + /** key length to use, in bytes */ + size_t key_size; + /** key to use */ + u_char *key; + /** size of the seed data */ + size_t len; + /** seed data */ + u_char *seed; + /** expected output, with block size of the tested algorithm */ + u_char *out; +}; + +/** + * Test vector for a RNG. + * + * Contains a callback function to analyze the output of a RNG, + */ +struct rng_test_vector_t { + /** quality of random data this test vector tests */ + rng_quality_t quality; + /** callback function to test RNG output, returns TRUE if data ok */ + bool (*test)(void *user, chunk_t data); + /** number of bytes the function requests */ + size_t len; + /** user data passed back to the test() function on invocation */ + void *user; +}; + +/** + * Cryptographic primitive testing framework. + */ +struct crypto_tester_t { + + /** + * Test a crypter algorithm, optionally using a specified key size. + * + * @param alg algorithm to test + * @param key_size key size to test, 0 for all + * @param create constructor function for the crypter + * @return TRUE if test passed + */ + bool (*test_crypter)(crypto_tester_t *this, encryption_algorithm_t alg, + size_t key_size, crypter_constructor_t create); + /** + * Test a signer algorithm. + * + * @param alg algorithm to test + * @param create constructor function for the signer + * @return TRUE if test passed + */ + bool (*test_signer)(crypto_tester_t *this, integrity_algorithm_t alg, + signer_constructor_t create); + /** + * Test a hasher algorithm. + * + * @param alg algorithm to test + * @param create constructor function for the hasher + * @return TRUE if test passed + */ + bool (*test_hasher)(crypto_tester_t *this, hash_algorithm_t alg, + hasher_constructor_t create); + /** + * Test a PRF algorithm. + * + * @param alg algorithm to test + * @param create constructor function for the PRF + * @return TRUE if test passed + */ + bool (*test_prf)(crypto_tester_t *this, pseudo_random_function_t alg, + prf_constructor_t create); + /** + * Test a RNG implementation. + * + * @param alg algorithm to test + * @param create constructor function for the RNG + * @return TRUE if test passed + */ + bool (*test_rng)(crypto_tester_t *this, rng_quality_t quality, + rng_constructor_t create); + /** + * Add a test vector to test a crypter. + * + * @param vector pointer to test vector + */ + void (*add_crypter_vector)(crypto_tester_t *this, + crypter_test_vector_t *vector); + /** + * Add a test vector to test a signer. + * + * @param vector pointer to test vector + */ + void (*add_signer_vector)(crypto_tester_t *this, + signer_test_vector_t *vector); + /** + * Add a test vector to test a hasher. + * + * @param vector pointer to test vector + */ + void (*add_hasher_vector)(crypto_tester_t *this, + hasher_test_vector_t *vector); + /** + * Add a test vector to test a PRF. + * + * @param vector pointer to test vector + */ + void (*add_prf_vector)(crypto_tester_t *this, prf_test_vector_t *vector); + + /** + * Add a test vector to test a RNG. + * + * @param vector pointer to test vector + */ + void (*add_rng_vector)(crypto_tester_t *this, rng_test_vector_t *vector); + + /** + * Destroy a crypto_tester_t. + */ + void (*destroy)(crypto_tester_t *this); +}; + +/** + * Create a crypto_tester instance. + */ +crypto_tester_t *crypto_tester_create(); + +#endif /* CRYPTO_TESTER_ @}*/ diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 53c3a1632..18d532697 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -12,30 +12,28 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: diffie_hellman.c 4685 2008-11-22 16:14:55Z martin $ */ #include "diffie_hellman.h" ENUM_BEGIN(diffie_hellman_group_names, MODP_NONE, MODP_1024_BIT, "MODP_NONE", - "MODP_768_BIT", - "MODP_1024_BIT"); + "MODP_768", + "MODP_1024"); ENUM_NEXT(diffie_hellman_group_names, MODP_1536_BIT, MODP_1536_BIT, MODP_1024_BIT, - "MODP_1536_BIT"); + "MODP_1536"); ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT, - "MODP_2048_BIT", - "MODP_3072_BIT", - "MODP_4096_BIT", - "MODP_6144_BIT", - "MODP_8192_BIT", - "ECP_256_BIT", - "ECP_384_BIT", - "ECP_521_BIT"); + "MODP_2048", + "MODP_3072", + "MODP_4096", + "MODP_6144", + "MODP_8192", + "ECP_256", + "ECP_384", + "ECP_521"); ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT, - "ECP_192_BIT", - "ECP_224_BIT"); + "ECP_192", + "ECP_224"); ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT, "MODP_NULL"); ENUM_END(diffie_hellman_group_names, MODP_NULL); diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index 5aaba383e..a40a73526 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: diffie_hellman.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index cf507442d..c58c2ad42 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -13,24 +13,22 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: hasher.c 4880 2009-02-18 19:45:46Z tobias $ */ #include "hasher.h" #include <asn1/oid.h> -ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_MD4, +ENUM(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA512, "HASH_UNKNOWN", "HASH_PREFERRED", "HASH_MD2", + "HASH_MD4", "HASH_MD5", "HASH_SHA1", "HASH_SHA256", "HASH_SHA384", - "HASH_SHA512", - "HASH_MD4" + "HASH_SHA512" ); /* diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h index 1db5c14cc..098739fa3 100644 --- a/src/libstrongswan/crypto/hashers/hasher.h +++ b/src/libstrongswan/crypto/hashers/hasher.h @@ -13,13 +13,11 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: hasher.h 5003 2009-03-24 17:43:01Z martin $ */ /** - * @defgroup traffic_selector traffic_selector - * @{ @ingroup config + * @defgroup hasher hasher + * @{ @ingroup crypto */ #ifndef HASHER_H_ @@ -39,12 +37,12 @@ enum hash_algorithm_t { /** preferred hash function, general purpose */ HASH_PREFERRED = 1, HASH_MD2 = 2, - HASH_MD5 = 3, - HASH_SHA1 = 4, - HASH_SHA256 = 5, - HASH_SHA384 = 6, - HASH_SHA512 = 7, - HASH_MD4 = 8, + HASH_MD4 = 3, + HASH_MD5 = 4, + HASH_SHA1 = 5, + HASH_SHA256 = 6, + HASH_SHA384 = 7, + HASH_SHA512 = 8 }; #define HASH_SIZE_MD2 16 diff --git a/src/libstrongswan/crypto/pkcs9.c b/src/libstrongswan/crypto/pkcs9.c index 1c1b5a586..525ea9db5 100644 --- a/src/libstrongswan/crypto/pkcs9.c +++ b/src/libstrongswan/crypto/pkcs9.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: pkcs9.c 3891 2008-04-28 16:00:52Z andreas $ */ #include <library.h> diff --git a/src/libstrongswan/crypto/pkcs9.h b/src/libstrongswan/crypto/pkcs9.h index 698f3c172..80d915701 100644 --- a/src/libstrongswan/crypto/pkcs9.h +++ b/src/libstrongswan/crypto/pkcs9.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: pkcs9.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c index 3d37d4ef7..a4fc377ef 100644 --- a/src/libstrongswan/crypto/prf_plus.c +++ b/src/libstrongswan/crypto/prf_plus.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: prf_plus.c 4524 2008-10-29 14:12:54Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h index 4c98e4ad1..2e5b66152 100644 --- a/src/libstrongswan/crypto/prf_plus.h +++ b/src/libstrongswan/crypto/prf_plus.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: prf_plus.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/crypto/prfs/prf.c b/src/libstrongswan/crypto/prfs/prf.c index 812f6278d..8681a5b97 100644 --- a/src/libstrongswan/crypto/prfs/prf.c +++ b/src/libstrongswan/crypto/prfs/prf.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: prf.c 3619 2008-03-19 14:02:52Z martin $ */ #include "prf.h" @@ -23,13 +21,14 @@ ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_KEYED_SHA1, "PRF_FIPS_SHA1_160", "PRF_FIPS_DES", "PRF_KEYED_SHA1"); -ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_KEYED_SHA1, +ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_AES128_CMAC, PRF_KEYED_SHA1, "PRF_HMAC_MD5", "PRF_HMAC_SHA1", "PRF_HMAC_TIGER", - "PRF_AES128_CBC", + "PRF_AES128_XCBC", "PRF_HMAC_SHA2_256", "PRF_HMAC_SHA2_384", - "PRF_HMAC_SHA2_512"); -ENUM_END(pseudo_random_function_names, PRF_HMAC_SHA2_512); + "PRF_HMAC_SHA2_512", + "PRF_AES128_CMAC"); +ENUM_END(pseudo_random_function_names, PRF_AES128_CMAC); diff --git a/src/libstrongswan/crypto/prfs/prf.h b/src/libstrongswan/crypto/prfs/prf.h index e2b4f6fe0..f2a5afc45 100644 --- a/src/libstrongswan/crypto/prfs/prf.h +++ b/src/libstrongswan/crypto/prfs/prf.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: prf.h 5003 2009-03-24 17:43:01Z martin $ */ /** @@ -37,21 +35,25 @@ typedef struct prf_t prf_t; */ enum pseudo_random_function_t { PRF_UNDEFINED = 1024, - /** Implemented via hmac_prf_t. */ + /** RFC2104 */ PRF_HMAC_MD5 = 1, - /** Implemented via hmac_prf_t. */ + /** RFC2104 */ PRF_HMAC_SHA1 = 2, + /** RFC2104 */ PRF_HMAC_TIGER = 3, + /** RFC4434 */ PRF_AES128_XCBC = 4, - /** Implemented via hmac_prf_t. */ + /** RFC4868 */ PRF_HMAC_SHA2_256 = 5, - /** Implemented via hmac_prf_t. */ + /** RFC4868. */ PRF_HMAC_SHA2_384 = 6, - /** Implemented via hmac_prf_t. */ + /** RFC4868 */ PRF_HMAC_SHA2_512 = 7, - /** Implemented via fips_prf_t, other output sizes would be possible */ + /** RFC4615 */ + PRF_AES128_CMAC = 8, + /** FIPS 186-2-change1 */ PRF_FIPS_SHA1_160 = 1025, - /** Could be implemented via fips_prf_t, uses fixed output size of 160bit */ + /** FIPS 186-2-change1, uses fixed output size of 160bit */ PRF_FIPS_DES = 1026, /** * Keyed hash algorithm using SHA1, used in EAP-AKA: diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c new file mode 100644 index 000000000..14321e070 --- /dev/null +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c @@ -0,0 +1,270 @@ +/* C code produced by gperf version 3.0.3 */ +/* Command-line: /usr/bin/gperf -N proposal_get_token -m 10 -C -G -c -t -D */ +/* Computed positions: -k'1,5,7,10,$' */ + +#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \ + && ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \ + && (')' == 41) && ('*' == 42) && ('+' == 43) && (',' == 44) \ + && ('-' == 45) && ('.' == 46) && ('/' == 47) && ('0' == 48) \ + && ('1' == 49) && ('2' == 50) && ('3' == 51) && ('4' == 52) \ + && ('5' == 53) && ('6' == 54) && ('7' == 55) && ('8' == 56) \ + && ('9' == 57) && (':' == 58) && (';' == 59) && ('<' == 60) \ + && ('=' == 61) && ('>' == 62) && ('?' == 63) && ('A' == 65) \ + && ('B' == 66) && ('C' == 67) && ('D' == 68) && ('E' == 69) \ + && ('F' == 70) && ('G' == 71) && ('H' == 72) && ('I' == 73) \ + && ('J' == 74) && ('K' == 75) && ('L' == 76) && ('M' == 77) \ + && ('N' == 78) && ('O' == 79) && ('P' == 80) && ('Q' == 81) \ + && ('R' == 82) && ('S' == 83) && ('T' == 84) && ('U' == 85) \ + && ('V' == 86) && ('W' == 87) && ('X' == 88) && ('Y' == 89) \ + && ('Z' == 90) && ('[' == 91) && ('\\' == 92) && (']' == 93) \ + && ('^' == 94) && ('_' == 95) && ('a' == 97) && ('b' == 98) \ + && ('c' == 99) && ('d' == 100) && ('e' == 101) && ('f' == 102) \ + && ('g' == 103) && ('h' == 104) && ('i' == 105) && ('j' == 106) \ + && ('k' == 107) && ('l' == 108) && ('m' == 109) && ('n' == 110) \ + && ('o' == 111) && ('p' == 112) && ('q' == 113) && ('r' == 114) \ + && ('s' == 115) && ('t' == 116) && ('u' == 117) && ('v' == 118) \ + && ('w' == 119) && ('x' == 120) && ('y' == 121) && ('z' == 122) \ + && ('{' == 123) && ('|' == 124) && ('}' == 125) && ('~' == 126)) +/* The character set is not based on ISO-646. */ +error "gperf generated tables don't work with this execution character set. Please report a bug to <bug-gnu-gperf@gnu.org>." +#endif + + +/* proposal keywords + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <string.h> + +#include <crypto/transform.h> +#include <crypto/crypters/crypter.h> +#include <crypto/signers/signer.h> +#include <crypto/diffie_hellman.h> + +struct proposal_token { + char *name; + transform_type_t type; + u_int16_t algorithm; + u_int16_t keysize; +}; + +#define TOTAL_KEYWORDS 87 +#define MIN_WORD_LENGTH 3 +#define MAX_WORD_LENGTH 12 +#define MIN_HASH_VALUE 4 +#define MAX_HASH_VALUE 129 +/* maximum key range = 126, duplicates = 0 */ + +#ifdef __GNUC__ +__inline +#else +#ifdef __cplusplus +inline +#endif +#endif +static unsigned int +hash (str, len) + register const char *str; + register unsigned int len; +{ + static const unsigned char asso_values[] = + { + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 11, + 2, 15, 5, 27, 21, 8, 5, 0, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 39, 130, 24, 0, 1, + 8, 2, 50, 0, 9, 53, 130, 130, 0, 130, + 42, 0, 130, 130, 5, 9, 34, 4, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130, 130, 130, 130, + 130, 130, 130, 130, 130, 130, 130 + }; + register int hval = len; + + switch (hval) + { + default: + hval += asso_values[(unsigned char)str[9]]; + /*FALLTHROUGH*/ + case 9: + case 8: + case 7: + hval += asso_values[(unsigned char)str[6]]; + /*FALLTHROUGH*/ + case 6: + case 5: + hval += asso_values[(unsigned char)str[4]]; + /*FALLTHROUGH*/ + case 4: + case 3: + case 2: + case 1: + hval += asso_values[(unsigned char)str[0]+1]; + break; + } + return hval + asso_values[(unsigned char)str[len - 1]]; +} + +static const struct proposal_token wordlist[] = + { + {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0}, + {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, + {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, + {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, + {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, + {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, + {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, + {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, + {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, + {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, + {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, + {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, + {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, + {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, + {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, + {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, + {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, + {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, + {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, + {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, + {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, + {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, + {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, + {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, + {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, + {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, + {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, + {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, + {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, + {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, + {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, + {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, + {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256}, + {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, + {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, + {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, + {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, + {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, + {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, + {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, + {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, + {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, + {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0}, + {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, + {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, + {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, + {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, + {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, + {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, + {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, + {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, + {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, + {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, + {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, + {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, + {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, + {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, + {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, + {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, + {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, + {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, + {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, + {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, + {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0} + }; + +static const short lookup[] = + { + -1, -1, -1, -1, 0, -1, -1, -1, 1, -1, 2, -1, 3, 4, + 5, 6, -1, 7, 8, -1, 9, 10, 11, 12, 13, 14, 15, 16, + 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, -1, + 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, + 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, + 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, -1, + 71, -1, 72, -1, 73, -1, 74, 75, 76, 77, 78, -1, -1, 79, + -1, -1, -1, -1, -1, -1, 80, -1, -1, -1, -1, -1, -1, 81, + -1, -1, -1, -1, -1, -1, 82, 83, 84, -1, 85, -1, -1, -1, + -1, -1, -1, 86 + }; + +#ifdef __GNUC__ +__inline +#ifdef __GNUC_STDC_INLINE__ +__attribute__ ((__gnu_inline__)) +#endif +#endif +const struct proposal_token * +proposal_get_token (str, len) + register const char *str; + register unsigned int len; +{ + if (len <= MAX_WORD_LENGTH && len >= MIN_WORD_LENGTH) + { + register int key = hash (str, len); + + if (key <= MAX_HASH_VALUE && key >= 0) + { + register int index = lookup[key]; + + if (index >= 0) + { + register const char *s = wordlist[index].name; + + if (*str == *s && !strncmp (str + 1, s + 1, len - 1) && s[len] == '\0') + return &wordlist[index]; + } + } + } + return 0; +} diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h new file mode 100644 index 000000000..86cb7ef09 --- /dev/null +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h @@ -0,0 +1,34 @@ +/* proposal keywords + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#ifndef _PROPOSAL_KEYWORDS_H_ +#define _PROPOSAL_KEYWORDS_H_ + +#include <crypto/transform.h> + +typedef struct proposal_token proposal_token_t; + +struct proposal_token { + char *name; + transform_type_t type; + u_int16_t algorithm; + u_int16_t keysize; +}; + +extern const proposal_token_t* proposal_get_token(register const char *str, + register unsigned int len); + +#endif /* _PROPOSAL_KEYWORDS_H_ */ + diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.txt b/src/libstrongswan/crypto/proposal/proposal_keywords.txt new file mode 100644 index 000000000..511fdd50a --- /dev/null +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.txt @@ -0,0 +1,118 @@ +%{ +/* proposal keywords + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil, Switzerland + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <string.h> + +#include <crypto/transform.h> +#include <crypto/crypters/crypter.h> +#include <crypto/signers/signer.h> +#include <crypto/diffie_hellman.h> + +%} +struct proposal_token { + char *name; + transform_type_t type; + u_int16_t algorithm; + u_int16_t keysize; +}; +%% +null, ENCRYPTION_ALGORITHM, ENCR_NULL, 0 +des, ENCRYPTION_ALGORITHM, ENCR_DES, 0 +3des, ENCRYPTION_ALGORITHM, ENCR_3DES, 0 +aes, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 +aes128, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128 +aes192, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192 +aes256, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256 +aes128ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128 +aes192ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192 +aes256ctr, ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256 +aes128ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 +aes128ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128 +aes128ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 +aes128ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128 +aes128ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 +aes128ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128 +aes192ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 +aes192ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192 +aes192ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 +aes192ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192 +aes192ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 +aes192ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192 +aes256ccm8, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 +aes256ccm64, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256 +aes256ccm12, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 +aes256ccm96, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256 +aes256ccm16, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 +aes256ccm128, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256 +aes128gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 +aes128gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128 +aes128gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 +aes128gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128 +aes128gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 +aes128gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128 +aes192gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 +aes192gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192 +aes192gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 +aes192gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192 +aes192gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 +aes192gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192 +aes256gcm8, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 +aes256gcm64, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256 +aes256gcm12, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 +aes256gcm96, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256 +aes256gcm16, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 +aes256gcm128, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256 +blowfish, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 +blowfish128, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128 +blowfish192, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192 +blowfish256, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256 +camellia, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 +camellia128, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128 +camellia192, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192 +camellia256, ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256 +cast128, ENCRYPTION_ALGORITHM, ENCR_CAST, 128 +serpent, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 +serpent128, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128 +serpent192, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192 +serpent256, ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256 +twofish, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 +twofish128, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128 +twofish192, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192 +twofish256, ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256 +sha, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 +sha1, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0 +sha256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 +sha2_256, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0 +sha384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 +sha2_384, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0 +sha512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 +sha2_512, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0 +md5, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0 +aesxcbc, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0 +modpnull, DIFFIE_HELLMAN_GROUP, MODP_NULL, 0 +modp768, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0 +modp1024, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0 +modp1536, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0 +modp2048, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0 +modp3072, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0 +modp4096, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0 +modp6144, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0 +modp8192, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0 +ecp192, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0 +ecp224, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0 +ecp256, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0 +ecp384, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0 +ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0 diff --git a/src/libstrongswan/crypto/rngs/rng.c b/src/libstrongswan/crypto/rngs/rng.c index 435e043e8..67fd76910 100644 --- a/src/libstrongswan/crypto/rngs/rng.c +++ b/src/libstrongswan/crypto/rngs/rng.c @@ -11,14 +11,12 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "rng.h" -ENUM(rng_quality_names, RNG_WEAK, RNG_REAL, +ENUM(rng_quality_names, RNG_WEAK, RNG_TRUE, "RNG_WEAK", "RNG_STRONG", - "RNG_REAL", + "RNG_TRUE", ); diff --git a/src/libstrongswan/crypto/rngs/rng.h b/src/libstrongswan/crypto/rngs/rng.h index 1c4d204f3..89bc2f2de 100644 --- a/src/libstrongswan/crypto/rngs/rng.h +++ b/src/libstrongswan/crypto/rngs/rng.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: rng.h 3619 2008-03-19 14:02:52Z martin $ */ /** @@ -36,8 +34,8 @@ enum rng_quality_t { RNG_WEAK, /** stronger randomness, usable for session keys */ RNG_STRONG, - /** real random, key material */ - RNG_REAL, + /** true random key material */ + RNG_TRUE, }; /** @@ -56,7 +54,7 @@ struct rng_t { * @param len number of bytes to get * @param buffer pointer where the generated bytes will be written */ - void (*get_bytes) (rng_t *this, u_int len, u_int8_t *buffer); + void (*get_bytes) (rng_t *this, size_t len, u_int8_t *buffer); /** * Generates random bytes and allocate space for them. @@ -64,7 +62,7 @@ struct rng_t { * @param len number of bytes to get * @param chunk chunk which will hold generated bytes */ - void (*allocate_bytes) (rng_t *this, u_int len, chunk_t *chunk); + void (*allocate_bytes) (rng_t *this, size_t len, chunk_t *chunk); /** * Destroys a rng object. diff --git a/src/libstrongswan/crypto/signers/signer.c b/src/libstrongswan/crypto/signers/signer.c index 8412ff62e..1147e1f26 100644 --- a/src/libstrongswan/crypto/signers/signer.c +++ b/src/libstrongswan/crypto/signers/signer.c @@ -12,24 +12,27 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: signer.c 3589 2008-03-13 14:14:44Z martin $ */ #include "signer.h" ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA1_128, "UNDEFINED", - "AUTH_HMAC_SHA1_128"); -ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_AES_XCBC_96, AUTH_HMAC_SHA1_128, + "HMAC_SHA1_128"); +ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_HMAC_SHA2_512_256, AUTH_HMAC_SHA1_128, "HMAC_MD5_96", "HMAC_SHA1_96", "DES_MAC", "KPDK_MD5", - "AES_XCBC_96"); -ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_SHA2_256_128, AUTH_HMAC_SHA2_512_256, AUTH_AES_XCBC_96, - "AUTH_HMAC_SHA2_256_128", - "AUTH_HMAC_SHA2_384_192", - "AUTH_HMAC_SHA2_512_256"); + "AES_XCBC_96", + "HMAC_MD5_128", + "HMAC_SHA1_160", + "AES_CMAC_96", + "AES_128_GMAC", + "AES_192_GMAC", + "AES_256_GMAC", + "HMAC_SHA2_256_128", + "HMAC_SHA2_384_192", + "HMAC_SHA2_512_256"); ENUM_END(integrity_algorithm_names, AUTH_HMAC_SHA2_512_256); diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h index b2be2c030..0d9bfc5af 100644 --- a/src/libstrongswan/crypto/signers/signer.h +++ b/src/libstrongswan/crypto/signers/signer.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: signer.h 5003 2009-03-24 17:43:01Z martin $ */ /** @@ -36,23 +34,36 @@ typedef struct signer_t signer_t; */ enum integrity_algorithm_t { AUTH_UNDEFINED = 1024, - /** Implemented via hmac_signer_t */ + /** RFC4306 */ AUTH_HMAC_MD5_96 = 1, - /** Implemented via hmac_signer_t */ + /** RFC4306 */ AUTH_HMAC_SHA1_96 = 2, + /** RFC4306 */ AUTH_DES_MAC = 3, + /** RFC1826 */ AUTH_KPDK_MD5 = 4, + /** RFC4306 */ AUTH_AES_XCBC_96 = 5, - /** Implemented via hmac_signer_t */ + /** RFC4595 */ + AUTH_HMAC_MD5_128 = 6, + /** RFC4595 */ + AUTH_HMAC_SHA1_160 = 7, + /** RFC4494 */ + AUTH_AES_CMAC_96 = 8, + /** RFC4543 */ + AUTH_AES_128_GMAC = 9, + /** RFC4543 */ + AUTH_AES_192_GMAC = 10, + /** RFC4543 */ + AUTH_AES_256_GMAC = 11, + /** RFC4868 */ AUTH_HMAC_SHA2_256_128 = 12, - /** Implemented via hmac_signer_t */ + /** RFC4868 */ AUTH_HMAC_SHA2_384_192 = 13, - /** Implemented via hmac_signer_t */ + /** RFC4868 */ AUTH_HMAC_SHA2_512_256 = 14, - /** Implemented via hmac_signer_t */ + /** private use */ AUTH_HMAC_SHA1_128 = 1025, - /** Implemented via hmac_signer_t */ - AUTH_HMAC_MD5_128 = 1026, }; /** @@ -61,7 +72,7 @@ enum integrity_algorithm_t { extern enum_name_t *integrity_algorithm_names; /** - * Generig interface for a symmetric signature algorithm. + * Generic interface for a symmetric signature algorithm. */ struct signer_t { /** diff --git a/src/libstrongswan/crypto/transform.c b/src/libstrongswan/crypto/transform.c new file mode 100644 index 000000000..af40f4de6 --- /dev/null +++ b/src/libstrongswan/crypto/transform.c @@ -0,0 +1,29 @@ +/* + * Copyright (C) 2006-2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/transform.h> + +ENUM_BEGIN(transform_type_names, UNDEFINED_TRANSFORM_TYPE, RANDOM_NUMBER_GENERATOR, + "UNDEFINED_TRANSFORM_TYPE", + "HASH_ALGORITHM", + "RANDOM_NUMBER_GENERATOR"); +ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, RANDOM_NUMBER_GENERATOR, + "ENCRYPTION_ALGORITHM", + "PSEUDO_RANDOM_FUNCTION", + "INTEGRITY_ALGORITHM", + "DIFFIE_HELLMAN_GROUP", + "EXTENDED_SEQUENCE_NUMBERS"); +ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS); + diff --git a/src/libstrongswan/crypto/transform.h b/src/libstrongswan/crypto/transform.h new file mode 100644 index 000000000..d11700a73 --- /dev/null +++ b/src/libstrongswan/crypto/transform.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2006-2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup transforms transforms + * @{ @ingroup crypto + */ + +#ifndef TRANSFORM_H_ +#define TRANSFORM_H_ + +typedef enum transform_type_t transform_type_t; + +#include <library.h> + +/** + * Type of a transform, as in IKEv2 RFC 3.3.2. + */ +enum transform_type_t { + UNDEFINED_TRANSFORM_TYPE = 241, + HASH_ALGORITHM = 242, + RANDOM_NUMBER_GENERATOR = 243, + ENCRYPTION_ALGORITHM = 1, + PSEUDO_RANDOM_FUNCTION = 2, + INTEGRITY_ALGORITHM = 3, + DIFFIE_HELLMAN_GROUP = 4, + EXTENDED_SEQUENCE_NUMBERS = 5 +}; + +/** + * enum names for transform_type_t. + */ +extern enum_name_t *transform_type_names; + +#endif /** TRANSFORM_H_ @}*/ |