summaryrefslogtreecommitdiff
path: root/src/libstrongswan/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan/crypto')
-rw-r--r--src/libstrongswan/crypto/crypto_factory.c6
-rw-r--r--src/libstrongswan/crypto/crypto_tester.c8
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.c9
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.h5
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.c55
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords.h13
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.c324
-rw-r--r--src/libstrongswan/crypto/proposal/proposal_keywords_static.txt8
8 files changed, 260 insertions, 168 deletions
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c
index edcabfe58..dba3f6f6d 100644
--- a/src/libstrongswan/crypto/crypto_factory.c
+++ b/src/libstrongswan/crypto/crypto_factory.c
@@ -967,11 +967,11 @@ crypto_factory_t *crypto_factory_create()
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
.tester = crypto_tester_create(),
.test_on_add = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.on_add", FALSE),
+ "%s.crypto_test.on_add", FALSE, lib->ns),
.test_on_create = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.on_create", FALSE),
+ "%s.crypto_test.on_create", FALSE, lib->ns),
.bench = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.bench", FALSE),
+ "%s.crypto_test.bench", FALSE, lib->ns),
);
return &this->public;
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 5a0dccced..30724b16d 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -1207,13 +1207,13 @@ crypto_tester_t *crypto_tester_create()
.rng = linked_list_create(),
.required = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.required", FALSE),
+ "%s.crypto_test.required", FALSE, lib->ns),
.rng_true = lib->settings->get_bool(lib->settings,
- "libstrongswan.crypto_test.rng_true", FALSE),
+ "%s.crypto_test.rng_true", FALSE, lib->ns),
.bench_time = lib->settings->get_int(lib->settings,
- "libstrongswan.crypto_test.bench_time", 50),
+ "%s.crypto_test.bench_time", 50, lib->ns),
.bench_size = lib->settings->get_int(lib->settings,
- "libstrongswan.crypto_test.bench_size", 1024),
+ "%s.crypto_test.bench_size", 1024, lib->ns),
);
/* enforce a block size of 16, should be fine for all algorithms */
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 3d319d2d4..5c1d08de2 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -45,7 +45,12 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP,
"MODP_NULL",
"MODP_CUSTOM");
-ENUM_END(diffie_hellman_group_names, MODP_CUSTOM);
+ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM,
+ "NTRU_112",
+ "NTRU_128",
+ "NTRU_192",
+ "NTRU_256");
+ENUM_END(diffie_hellman_group_names, NTRU_256_BIT);
/**
@@ -439,7 +444,7 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group)
{
if (!dh_params[i].public.subgroup.len &&
lib->settings->get_int(lib->settings,
- "libstrongswan.dh_exponent_ansi_x9_42", TRUE))
+ "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns))
{
dh_params[i].public.exp_len = dh_params[i].public.prime.len;
}
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index edf6bbd6d..00d700314 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -64,6 +64,11 @@ enum diffie_hellman_group_t {
MODP_NULL = 1024,
/** MODP group with custom generator/prime */
MODP_CUSTOM = 1025,
+ /** Parameters defined by IEEE 1363.1, in PRIVATE USE */
+ NTRU_112_BIT = 1030,
+ NTRU_128_BIT = 1031,
+ NTRU_192_BIT = 1032,
+ NTRU_256_BIT = 1033
};
/**
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c
index 4db504eb0..bbb97d088 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c
@@ -56,6 +56,11 @@ struct private_proposal_keywords_t {
linked_list_t * tokens;
/**
+ * registered algname parsers, as proposal_algname_parser_t
+ */
+ linked_list_t *parsers;
+
+ /**
* rwlock to lock access to modules
*/
rwlock_t *lock;
@@ -85,11 +90,46 @@ static const proposal_token_t* find_token(private_proposal_keywords_t *this,
return found;
}
+/**
+ * Parse the given algorithm into a token with user defined parser functions.
+ */
+static const proposal_token_t* parse_token(private_proposal_keywords_t *this,
+ const char *str)
+{
+ proposal_algname_parser_t parser;
+ enumerator_t *enumerator;
+ proposal_token_t *found = NULL;
+
+ this->lock->read_lock(this->lock);
+ enumerator = this->parsers->create_enumerator(this->parsers);
+ while (enumerator->enumerate(enumerator, &parser))
+ {
+ found = parser(str);
+ if (found)
+ {
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ this->lock->unlock(this->lock);
+ return found;
+}
+
METHOD(proposal_keywords_t, get_token, const proposal_token_t*,
private_proposal_keywords_t *this, const char *str)
{
- const proposal_token_t *token = proposal_get_token_static(str, strlen(str));
- return token ?: find_token(this, str);
+ const proposal_token_t *token;
+
+ token = proposal_get_token_static(str, strlen(str));
+ if (!token)
+ {
+ token = find_token(this, str);
+ }
+ if (!token)
+ {
+ token = parse_token(this, str);
+ }
+ return token;
}
METHOD(proposal_keywords_t, register_token, void,
@@ -110,6 +150,14 @@ METHOD(proposal_keywords_t, register_token, void,
this->lock->unlock(this->lock);
}
+METHOD(proposal_keywords_t, register_algname_parser, void,
+ private_proposal_keywords_t *this, proposal_algname_parser_t parser)
+{
+ this->lock->write_lock(this->lock);
+ this->tokens->insert_first(this->parsers, parser);
+ this->lock->unlock(this->lock);
+}
+
METHOD(proposal_keywords_t, destroy, void,
private_proposal_keywords_t *this)
{
@@ -121,6 +169,7 @@ METHOD(proposal_keywords_t, destroy, void,
free(token);
}
this->tokens->destroy(this->tokens);
+ this->parsers->destroy(this->parsers);
this->lock->destroy(this->lock);
free(this);
}
@@ -136,9 +185,11 @@ proposal_keywords_t *proposal_keywords_create()
.public = {
.get_token = _get_token,
.register_token = _register_token,
+ .register_algname_parser = _register_algname_parser,
.destroy = _destroy,
},
.tokens = linked_list_create(),
+ .parsers = linked_list_create(),
.lock = rwlock_create(RWLOCK_TYPE_DEFAULT),
);
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h
index d6107abc0..5cdbafc51 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords.h
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h
@@ -46,6 +46,8 @@
typedef struct proposal_token_t proposal_token_t;
typedef struct proposal_keywords_t proposal_keywords_t;
+typedef proposal_token_t*(*proposal_algname_parser_t)(const char *algname);
+
#include <library.h>
#include <crypto/transform.h>
@@ -102,6 +104,17 @@ struct proposal_keywords_t {
u_int16_t keysize);
/**
+ * Register an algorithm name parser.
+ *
+ * It is meant to parse an algorithm name into a proposal token in a
+ * generic, user defined way.
+ *
+ * @param parser a pointer to the parser function
+ */
+ void (*register_algname_parser)(proposal_keywords_t *this,
+ proposal_algname_parser_t parser);
+
+ /**
* Destroy a proposal_keywords_t instance.
*/
void (*destroy)(proposal_keywords_t *this);
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
index a238f640e..1da1421f4 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
@@ -1,6 +1,6 @@
/* C code produced by gperf version 3.0.4 */
/* Command-line: /usr/bin/gperf -N proposal_get_token_static -m 10 -C -G -c -t -D */
-/* Computed positions: -k'1,5,7,10,15,$' */
+/* Computed positions: -k'1,5-7,10,15,$' */
#if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \
&& ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \
@@ -31,8 +31,8 @@ error "gperf generated tables don't work with this execution character set. Plea
/*
- * Copyright (C) 2009 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
+ * Copyright (C) 2009-2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil, Switzerland
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -59,12 +59,12 @@ struct proposal_token {
u_int16_t keysize;
};
-#define TOTAL_KEYWORDS 134
+#define TOTAL_KEYWORDS 138
#define MIN_WORD_LENGTH 3
#define MAX_WORD_LENGTH 17
-#define MIN_HASH_VALUE 4
-#define MAX_HASH_VALUE 215
-/* maximum key range = 212, duplicates = 0 */
+#define MIN_HASH_VALUE 20
+#define MAX_HASH_VALUE 295
+/* maximum key range = 276, duplicates = 0 */
#ifdef __GNUC__
__inline
@@ -78,34 +78,34 @@ hash (str, len)
register const char *str;
register unsigned int len;
{
- static const unsigned char asso_values[] =
+ static const unsigned short asso_values[] =
{
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 0, 4,
- 1, 21, 15, 13, 9, 16, 2, 0, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 76, 216, 2, 28, 16,
- 0, 39, 112, 42, 31, 0, 216, 216, 0, 9,
- 100, 0, 7, 20, 95, 12, 44, 55, 216, 216,
- 1, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216, 216, 216, 216,
- 216, 216, 216, 216, 216, 216, 216
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 47, 6,
+ 15, 8, 64, 24, 12, 14, 7, 5, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 120, 296, 9, 5, 22,
+ 48, 114, 28, 76, 6, 5, 296, 296, 5, 20,
+ 7, 14, 82, 7, 81, 98, 10, 86, 296, 296,
+ 5, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296, 296, 296, 296,
+ 296, 296, 296, 296, 296, 296, 296
};
register int hval = len;
@@ -127,6 +127,8 @@ hash (str, len)
hval += asso_values[(unsigned char)str[6]];
/*FALLTHROUGH*/
case 6:
+ hval += asso_values[(unsigned char)str[5]];
+ /*FALLTHROUGH*/
case 5:
hval += asso_values[(unsigned char)str[4]];
/*FALLTHROUGH*/
@@ -142,166 +144,178 @@ hash (str, len)
static const struct proposal_token wordlist[] =
{
+ {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
+ {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
{"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0},
- {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
- {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
- {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
- {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
- {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
- {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
- {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
- {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
- {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
- {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
- {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
- {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
- {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
- {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
- {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
+ {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
+ {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0},
{"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
- {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
- {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
- {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
- {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
- {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
- {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
- {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0},
- {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
- {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
+ {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192},
+ {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
+ {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
{"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
+ {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
+ {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0},
+ {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
{"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256},
+ {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
+ {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0},
+ {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0},
+ {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
+ {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
+ {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
{"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
- {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
{"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
{"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
- {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
- {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0},
- {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
{"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192},
+ {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
{"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128},
- {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0},
+ {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192},
+ {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128},
+ {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
+ {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0},
+ {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
{"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
- {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0},
{"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0},
+ {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128},
{"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
- {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
- {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
{"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256},
- {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0},
+ {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192},
+ {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256},
+ {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128},
+ {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
+ {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
+ {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
+ {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
+ {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192},
+ {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
+ {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128},
+ {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
+ {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
+ {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0},
+ {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256},
+ {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
+ {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
+ {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
+ {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
+ {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0},
+ {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
+ {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
+ {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
{"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
- {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
{"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
{"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
- {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
- {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
{"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192},
+ {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
{"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128},
- {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0},
+ {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192},
+ {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192},
+ {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128},
+ {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128},
+ {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
+ {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
+ {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
{"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
- {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
{"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
+ {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
+ {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
{"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
- {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
- {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256},
- {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
- {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
- {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
- {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0},
+ {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
+ {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
+ {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256},
+ {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256},
+ {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
{"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
{"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
- {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
- {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0},
- {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0},
- {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0},
- {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
- {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0},
- {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0},
- {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
- {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0},
- {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
- {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
- {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0},
- {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0},
- {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0},
- {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0},
- {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
- {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
+ {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192},
+ {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
+ {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192},
+ {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
+ {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0},
+ {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
{"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0},
- {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128},
+ {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
{"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0},
+ {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128},
+ {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
+ {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0},
+ {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256},
{"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192},
- {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0},
- {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0},
- {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
- {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
- {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0},
- {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0},
- {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192},
- {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128},
- {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
- {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256},
+ {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0},
{"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192},
- {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256},
- {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0},
+ {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
+ {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192},
+ {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0},
+ {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128},
{"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0},
- {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0},
- {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256},
- {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0},
+ {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0},
{"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256},
- {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128},
- {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128},
- {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0},
- {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0},
- {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0}
+ {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0},
+ {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0},
+ {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256},
+ {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0},
+ {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0},
+ {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0},
+ {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128},
+ {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0},
+ {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256},
+ {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192},
+ {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0},
+ {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0}
};
static const short lookup[] =
{
- -1, -1, -1, -1, 0, -1, -1, -1, -1, -1,
- 1, -1, 2, -1, 3, 4, -1, -1, -1, 5,
- 6, 7, 8, 9, 10, 11, 12, -1, -1, 13,
- 14, 15, 16, 17, 18, 19, 20, 21, 22, 23,
- 24, 25, 26, 27, 28, -1, -1, -1, -1, 29,
- -1, -1, 30, 31, 32, 33, 34, -1, 35, 36,
- 37, 38, 39, 40, 41, 42, 43, 44, 45, 46,
- 47, 48, 49, 50, 51, 52, 53, 54, -1, 55,
- 56, 57, -1, 58, 59, 60, 61, 62, 63, 64,
- 65, 66, 67, -1, 68, 69, 70, 71, 72, 73,
- 74, 75, 76, 77, -1, 78, 79, 80, 81, 82,
- 83, 84, 85, 86, 87, 88, 89, 90, 91, 92,
- -1, 93, 94, 95, 96, 97, 98, 99, 100, -1,
- -1, -1, 101, 102, 103, 104, -1, 105, 106, 107,
- 108, 109, 110, -1, 111, 112, 113, 114, 115, 116,
- 117, 118, 119, 120, 121, 122, 123, 124, -1, 125,
- -1, 126, -1, -1, -1, -1, -1, -1, 127, -1,
- -1, -1, -1, 128, -1, -1, -1, -1, 129, 130,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
- -1, -1, -1, -1, -1, 131, -1, -1, 132, -1,
- -1, -1, -1, -1, -1, 133
+ 0, -1, 1, 2, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, 3, 4, -1, -1, -1, 5, -1,
+ 6, 7, -1, -1, -1, -1, 8, -1, 9, 10,
+ -1, -1, 11, -1, 12, -1, 13, -1, 14, 15,
+ -1, 16, 17, 18, 19, 20, -1, -1, -1, 21,
+ 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
+ 32, 33, 34, 35, 36, 37, -1, 38, 39, -1,
+ 40, 41, 42, -1, 43, 44, 45, 46, 47, 48,
+ -1, 49, 50, 51, -1, 52, 53, 54, 55, 56,
+ 57, 58, 59, -1, -1, 60, 61, 62, 63, 64,
+ 65, 66, -1, -1, 67, 68, 69, 70, 71, 72,
+ 73, 74, 75, 76, 77, 78, 79, 80, -1, 81,
+ 82, 83, 84, 85, 86, 87, 88, 89, 90, 91,
+ 92, 93, -1, 94, -1, 95, -1, 96, 97, 98,
+ 99, 100, -1, 101, -1, 102, 103, 104, -1, 105,
+ 106, 107, 108, 109, -1, 110, -1, 111, -1, 112,
+ -1, 113, 114, 115, 116, -1, 117, 118, 119, 120,
+ 121, -1, -1, -1, 122, -1, -1, 123, -1, -1,
+ 124, -1, 125, 126, 127, -1, -1, -1, 128, -1,
+ -1, -1, -1, -1, 129, 130, -1, 131, -1, 132,
+ -1, -1, -1, -1, 133, -1, -1, -1, -1, 134,
+ -1, -1, -1, -1, -1, 135, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, 136, -1,
+ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+ -1, -1, -1, -1, -1, 137
};
#ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
index c484320ca..70e79157a 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
@@ -1,7 +1,7 @@
%{
/*
- * Copyright (C) 2009 Andreas Steffen
- * Hochschule fuer Technik Rapperswil, Switzerland
+ * Copyright (C) 2009-2013 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil, Switzerland
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@@ -161,5 +161,9 @@ ecp224bp, DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0
ecp256bp, DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0
ecp384bp, DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0
ecp512bp, DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0
+ntru112, DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0
+ntru128, DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0
+ntru192, DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0
+ntru256, DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0
noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0
esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 00:44:59 +0000