diff options
Diffstat (limited to 'src/libstrongswan/plugins/fips_prf')
| -rw-r--r-- | src/libstrongswan/plugins/fips_prf/Makefile.in | 4 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/fips_prf/fips_prf.c | 55 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c | 28 |
3 files changed, 48 insertions, 39 deletions
diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index 7e2a1ccdf..ab1ed6d00 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -222,9 +222,7 @@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ ipsecdir = @ipsecdir@ -ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ -ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ @@ -263,6 +261,8 @@ sbindir = @sbindir@ scepclient_plugins = @scepclient_plugins@ scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index ad03fa585..ee71f6efd 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -106,7 +106,8 @@ static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[]) * 0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78, * 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16 */ -static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) +METHOD(prf_t, get_bytes, void, + private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) { int i; u_int8_t xval[this->b]; @@ -139,34 +140,26 @@ static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[]) /* 3.3 done already, mod q not used */ } -/** - * Implementation of prf_t.get_block_size. - */ -static size_t get_block_size(private_fips_prf_t *this) +METHOD(prf_t, get_block_size, size_t, + private_fips_prf_t *this) { return 2 * this->b; } -/** - * Implementation of prf_t.allocate_bytes. - */ -static void allocate_bytes(private_fips_prf_t *this, chunk_t seed, chunk_t *chunk) +METHOD(prf_t, allocate_bytes, void, + private_fips_prf_t *this, chunk_t seed, chunk_t *chunk) { *chunk = chunk_alloc(get_block_size(this)); get_bytes(this, seed, chunk->ptr); } -/** - * Implementation of prf_t.get_key_size. - */ -static size_t get_key_size(private_fips_prf_t *this) +METHOD(prf_t, get_key_size, size_t, + private_fips_prf_t *this) { return this->b; } -/** - * Implementation of prf_t.set_key. - */ -static void set_key(private_fips_prf_t *this, chunk_t key) +METHOD(prf_t, set_key, void, + private_fips_prf_t *this, chunk_t key) { /* save key as "key mod 2^b" */ chunk_mod(this->b, key, this->key); @@ -198,10 +191,8 @@ void g_sha1(private_fips_prf_t *this, chunk_t c, u_int8_t res[]) this->keyed_prf->get_bytes(this->keyed_prf, c, res); } -/** - * Implementation of prf_t.destroy. - */ -static void destroy(private_fips_prf_t *this) +METHOD(prf_t, destroy, void, + private_fips_prf_t *this) { this->keyed_prf->destroy(this->keyed_prf); free(this->key); @@ -213,14 +204,20 @@ static void destroy(private_fips_prf_t *this) */ fips_prf_t *fips_prf_create(pseudo_random_function_t algo) { - private_fips_prf_t *this = malloc_thing(private_fips_prf_t); - - this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes; - this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes; - this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size; - this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size; - this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key; - this->public.prf_interface.destroy = (void (*) (prf_t *))destroy; + private_fips_prf_t *this; + + INIT(this, + .public = { + .prf_interface = { + .get_bytes = _get_bytes, + .allocate_bytes = _allocate_bytes, + .get_block_size = _get_block_size, + .get_key_size = _get_key_size, + .set_key = _set_key, + .destroy = _destroy, + }, + }, + ); switch (algo) { diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index f41265637..3cce6ad91 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -18,6 +18,8 @@ #include <library.h> #include "fips_prf.h" +static const char *plugin_name = "fips-prf"; + typedef struct private_fips_prf_plugin_t private_fips_prf_plugin_t; /** @@ -31,10 +33,8 @@ struct private_fips_prf_plugin_t { fips_prf_plugin_t public; }; -/** - * Implementation of fips_prf_plugin_t.destroy - */ -static void destroy(private_fips_prf_plugin_t *this) +METHOD(plugin_t, destroy, void, + private_fips_prf_plugin_t *this) { lib->crypto->remove_prf(lib->crypto, (prf_constructor_t)fips_prf_create); @@ -46,12 +46,24 @@ static void destroy(private_fips_prf_plugin_t *this) */ plugin_t *fips_prf_plugin_create() { - private_fips_prf_plugin_t *this = malloc_thing(private_fips_prf_plugin_t); + private_fips_prf_plugin_t *this; + prf_t *prf; - this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + INIT(this, + .public = { + .plugin = { + .destroy = _destroy, + }, + }, + ); - lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, - (prf_constructor_t)fips_prf_create); + prf = lib->crypto->create_prf(lib->crypto, PRF_KEYED_SHA1); + if (prf) + { + prf->destroy(prf); + lib->crypto->add_prf(lib->crypto, PRF_FIPS_SHA1_160, plugin_name, + (prf_constructor_t)fips_prf_create); + } return &this->public.plugin; } |