diff options
Diffstat (limited to 'src/libstrongswan')
132 files changed, 5381 insertions, 4826 deletions
diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk index 440913071..2b58db554 100644 --- a/src/libstrongswan/Android.mk +++ b/src/libstrongswan/Android.mk @@ -20,7 +20,7 @@ credentials/keys/public_key.c credentials/keys/shared_key.c \ credentials/certificates/certificate.c credentials/certificates/crl.c \ credentials/certificates/ocsp_response.c \ credentials/containers/container.c credentials/containers/pkcs12.c \ -credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \ +credentials/credential_manager.c \ credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \ credentials/sets/cert_cache.c credentials/sets/mem_cred.c \ credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \ diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index b3a4eda99..3462d2ffc 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -18,7 +18,7 @@ credentials/keys/public_key.c credentials/keys/shared_key.c \ credentials/certificates/certificate.c credentials/certificates/crl.c \ credentials/certificates/ocsp_response.c \ credentials/containers/container.c credentials/containers/pkcs12.c \ -credentials/ietf_attributes/ietf_attributes.c credentials/credential_manager.c \ +credentials/credential_manager.c \ credentials/sets/auth_cfg_wrapper.c credentials/sets/ocsp_response_wrapper.c \ credentials/sets/cert_cache.c credentials/sets/mem_cred.c \ credentials/sets/callback_cred.c credentials/auth_cfg.c database/database.c \ @@ -61,7 +61,6 @@ credentials/certificates/ocsp_response.h \ credentials/certificates/pgp_certificate.h \ credentials/containers/container.h credentials/containers/pkcs7.h \ credentials/containers/pkcs12.h \ -credentials/ietf_attributes/ietf_attributes.h \ credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \ credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \ credentials/sets/mem_cred.h credentials/sets/callback_cred.h \ @@ -308,6 +307,13 @@ if MONOLITHIC endif endif +if USE_ACERT + SUBDIRS += plugins/acert +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/acert/libstrongswan-acert.la +endif +endif + if USE_PUBKEY SUBDIRS += plugins/pubkey if MONOLITHIC diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in index 64396b51f..af5ea402b 100644 --- a/src/libstrongswan/Makefile.in +++ b/src/libstrongswan/Makefile.in @@ -128,60 +128,62 @@ host_triplet = @host@ @MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_47 = plugins/revocation/libstrongswan-revocation.la @USE_CONSTRAINTS_TRUE@am__append_48 = plugins/constraints @MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_49 = plugins/constraints/libstrongswan-constraints.la -@USE_PUBKEY_TRUE@am__append_50 = plugins/pubkey -@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_51 = plugins/pubkey/libstrongswan-pubkey.la -@USE_PKCS1_TRUE@am__append_52 = plugins/pkcs1 -@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_53 = plugins/pkcs1/libstrongswan-pkcs1.la -@USE_PKCS7_TRUE@am__append_54 = plugins/pkcs7 -@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_55 = plugins/pkcs7/libstrongswan-pkcs7.la -@USE_PKCS8_TRUE@am__append_56 = plugins/pkcs8 -@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_57 = plugins/pkcs8/libstrongswan-pkcs8.la -@USE_PKCS12_TRUE@am__append_58 = plugins/pkcs12 -@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_59 = plugins/pkcs12/libstrongswan-pkcs12.la -@USE_PGP_TRUE@am__append_60 = plugins/pgp -@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_61 = plugins/pgp/libstrongswan-pgp.la -@USE_DNSKEY_TRUE@am__append_62 = plugins/dnskey -@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_63 = plugins/dnskey/libstrongswan-dnskey.la -@USE_SSHKEY_TRUE@am__append_64 = plugins/sshkey -@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_65 = plugins/sshkey/libstrongswan-sshkey.la -@USE_PEM_TRUE@am__append_66 = plugins/pem -@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_67 = plugins/pem/libstrongswan-pem.la -@USE_CURL_TRUE@am__append_68 = plugins/curl -@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_69 = plugins/curl/libstrongswan-curl.la -@USE_UNBOUND_TRUE@am__append_70 = plugins/unbound -@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_71 = plugins/unbound/libstrongswan-unbound.la -@USE_SOUP_TRUE@am__append_72 = plugins/soup -@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_73 = plugins/soup/libstrongswan-soup.la -@USE_LDAP_TRUE@am__append_74 = plugins/ldap -@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_75 = plugins/ldap/libstrongswan-ldap.la -@USE_MYSQL_TRUE@am__append_76 = plugins/mysql -@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_77 = plugins/mysql/libstrongswan-mysql.la -@USE_SQLITE_TRUE@am__append_78 = plugins/sqlite -@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_79 = plugins/sqlite/libstrongswan-sqlite.la -@USE_PADLOCK_TRUE@am__append_80 = plugins/padlock -@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_81 = plugins/padlock/libstrongswan-padlock.la -@USE_OPENSSL_TRUE@am__append_82 = plugins/openssl -@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_83 = plugins/openssl/libstrongswan-openssl.la -@USE_GCRYPT_TRUE@am__append_84 = plugins/gcrypt -@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_85 = plugins/gcrypt/libstrongswan-gcrypt.la -@USE_FIPS_PRF_TRUE@am__append_86 = plugins/fips_prf -@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_87 = plugins/fips_prf/libstrongswan-fips-prf.la -@USE_AGENT_TRUE@am__append_88 = plugins/agent -@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_89 = plugins/agent/libstrongswan-agent.la -@USE_KEYCHAIN_TRUE@am__append_90 = plugins/keychain -@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_91 = plugins/keychain/libstrongswan-keychain.la -@USE_PKCS11_TRUE@am__append_92 = plugins/pkcs11 -@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_93 = plugins/pkcs11/libstrongswan-pkcs11.la -@USE_CTR_TRUE@am__append_94 = plugins/ctr -@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_95 = plugins/ctr/libstrongswan-ctr.la -@USE_CCM_TRUE@am__append_96 = plugins/ccm -@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_97 = plugins/ccm/libstrongswan-ccm.la -@USE_GCM_TRUE@am__append_98 = plugins/gcm -@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_99 = plugins/gcm/libstrongswan-gcm.la -@USE_NTRU_TRUE@am__append_100 = plugins/ntru -@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_101 = plugins/ntru/libstrongswan-ntru.la -@USE_TEST_VECTORS_TRUE@am__append_102 = plugins/test_vectors -@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_103 = plugins/test_vectors/libstrongswan-test-vectors.la +@USE_ACERT_TRUE@am__append_50 = plugins/acert +@MONOLITHIC_TRUE@@USE_ACERT_TRUE@am__append_51 = plugins/acert/libstrongswan-acert.la +@USE_PUBKEY_TRUE@am__append_52 = plugins/pubkey +@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_53 = plugins/pubkey/libstrongswan-pubkey.la +@USE_PKCS1_TRUE@am__append_54 = plugins/pkcs1 +@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_55 = plugins/pkcs1/libstrongswan-pkcs1.la +@USE_PKCS7_TRUE@am__append_56 = plugins/pkcs7 +@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_57 = plugins/pkcs7/libstrongswan-pkcs7.la +@USE_PKCS8_TRUE@am__append_58 = plugins/pkcs8 +@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_59 = plugins/pkcs8/libstrongswan-pkcs8.la +@USE_PKCS12_TRUE@am__append_60 = plugins/pkcs12 +@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_61 = plugins/pkcs12/libstrongswan-pkcs12.la +@USE_PGP_TRUE@am__append_62 = plugins/pgp +@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_63 = plugins/pgp/libstrongswan-pgp.la +@USE_DNSKEY_TRUE@am__append_64 = plugins/dnskey +@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_65 = plugins/dnskey/libstrongswan-dnskey.la +@USE_SSHKEY_TRUE@am__append_66 = plugins/sshkey +@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_67 = plugins/sshkey/libstrongswan-sshkey.la +@USE_PEM_TRUE@am__append_68 = plugins/pem +@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_69 = plugins/pem/libstrongswan-pem.la +@USE_CURL_TRUE@am__append_70 = plugins/curl +@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_71 = plugins/curl/libstrongswan-curl.la +@USE_UNBOUND_TRUE@am__append_72 = plugins/unbound +@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_73 = plugins/unbound/libstrongswan-unbound.la +@USE_SOUP_TRUE@am__append_74 = plugins/soup +@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_75 = plugins/soup/libstrongswan-soup.la +@USE_LDAP_TRUE@am__append_76 = plugins/ldap +@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_77 = plugins/ldap/libstrongswan-ldap.la +@USE_MYSQL_TRUE@am__append_78 = plugins/mysql +@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_79 = plugins/mysql/libstrongswan-mysql.la +@USE_SQLITE_TRUE@am__append_80 = plugins/sqlite +@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_81 = plugins/sqlite/libstrongswan-sqlite.la +@USE_PADLOCK_TRUE@am__append_82 = plugins/padlock +@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_83 = plugins/padlock/libstrongswan-padlock.la +@USE_OPENSSL_TRUE@am__append_84 = plugins/openssl +@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_85 = plugins/openssl/libstrongswan-openssl.la +@USE_GCRYPT_TRUE@am__append_86 = plugins/gcrypt +@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_87 = plugins/gcrypt/libstrongswan-gcrypt.la +@USE_FIPS_PRF_TRUE@am__append_88 = plugins/fips_prf +@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_89 = plugins/fips_prf/libstrongswan-fips-prf.la +@USE_AGENT_TRUE@am__append_90 = plugins/agent +@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_91 = plugins/agent/libstrongswan-agent.la +@USE_KEYCHAIN_TRUE@am__append_92 = plugins/keychain +@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_93 = plugins/keychain/libstrongswan-keychain.la +@USE_PKCS11_TRUE@am__append_94 = plugins/pkcs11 +@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_95 = plugins/pkcs11/libstrongswan-pkcs11.la +@USE_CTR_TRUE@am__append_96 = plugins/ctr +@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_97 = plugins/ctr/libstrongswan-ctr.la +@USE_CCM_TRUE@am__append_98 = plugins/ccm +@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_99 = plugins/ccm/libstrongswan-ccm.la +@USE_GCM_TRUE@am__append_100 = plugins/gcm +@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_101 = plugins/gcm/libstrongswan-gcm.la +@USE_NTRU_TRUE@am__append_102 = plugins/ntru +@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_103 = plugins/ntru/libstrongswan-ntru.la +@USE_TEST_VECTORS_TRUE@am__append_104 = plugins/test_vectors +@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_105 = plugins/test_vectors/libstrongswan-test-vectors.la subdir = src/libstrongswan DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ $(top_srcdir)/depcomp \ @@ -254,7 +256,7 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ $(am__append_83) $(am__append_85) $(am__append_87) \ $(am__append_89) $(am__append_91) $(am__append_93) \ $(am__append_95) $(am__append_97) $(am__append_99) \ - $(am__append_101) $(am__append_103) + $(am__append_101) $(am__append_103) $(am__append_105) am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \ asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \ bio/bio_writer.c collections/blocking_queue.c \ @@ -277,7 +279,6 @@ am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \ credentials/certificates/ocsp_response.c \ credentials/containers/container.c \ credentials/containers/pkcs12.c \ - credentials/ietf_attributes/ietf_attributes.c \ credentials/credential_manager.c \ credentials/sets/auth_cfg_wrapper.c \ credentials/sets/ocsp_response_wrapper.c \ @@ -332,7 +333,6 @@ am_libstrongswan_la_OBJECTS = library.lo asn1/asn1.lo \ credentials/certificates/ocsp_response.lo \ credentials/containers/container.lo \ credentials/containers/pkcs12.lo \ - credentials/ietf_attributes/ietf_attributes.lo \ credentials/credential_manager.lo \ credentials/sets/auth_cfg_wrapper.lo \ credentials/sets/ocsp_response_wrapper.lo \ @@ -438,7 +438,6 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \ credentials/certificates/pgp_certificate.h \ credentials/containers/container.h \ credentials/containers/pkcs7.h credentials/containers/pkcs12.h \ - credentials/ietf_attributes/ietf_attributes.h \ credentials/credential_manager.h \ credentials/sets/auth_cfg_wrapper.h \ credentials/sets/ocsp_response_wrapper.h \ @@ -502,11 +501,11 @@ DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \ plugins/sha1 plugins/sha2 plugins/gmp plugins/rdrand \ plugins/random plugins/nonce plugins/hmac plugins/cmac \ plugins/xcbc plugins/x509 plugins/revocation \ - plugins/constraints plugins/pubkey plugins/pkcs1 plugins/pkcs7 \ - plugins/pkcs8 plugins/pkcs12 plugins/pgp plugins/dnskey \ - plugins/sshkey plugins/pem plugins/curl plugins/unbound \ - plugins/soup plugins/ldap plugins/mysql plugins/sqlite \ - plugins/padlock plugins/openssl plugins/gcrypt \ + plugins/constraints plugins/acert plugins/pubkey plugins/pkcs1 \ + plugins/pkcs7 plugins/pkcs8 plugins/pkcs12 plugins/pgp \ + plugins/dnskey plugins/sshkey plugins/pem plugins/curl \ + plugins/unbound plugins/soup plugins/ldap plugins/mysql \ + plugins/sqlite plugins/padlock plugins/openssl plugins/gcrypt \ plugins/fips_prf plugins/agent plugins/keychain plugins/pkcs11 \ plugins/ctr plugins/ccm plugins/gcm plugins/ntru \ plugins/test_vectors tests @@ -705,7 +704,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ @@ -767,7 +765,6 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \ credentials/certificates/ocsp_response.c \ credentials/containers/container.c \ credentials/containers/pkcs12.c \ - credentials/ietf_attributes/ietf_attributes.c \ credentials/credential_manager.c \ credentials/sets/auth_cfg_wrapper.c \ credentials/sets/ocsp_response_wrapper.c \ @@ -816,7 +813,6 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \ @USE_DEV_HEADERS_TRUE@credentials/certificates/pgp_certificate.h \ @USE_DEV_HEADERS_TRUE@credentials/containers/container.h credentials/containers/pkcs7.h \ @USE_DEV_HEADERS_TRUE@credentials/containers/pkcs12.h \ -@USE_DEV_HEADERS_TRUE@credentials/ietf_attributes/ietf_attributes.h \ @USE_DEV_HEADERS_TRUE@credentials/credential_manager.h credentials/sets/auth_cfg_wrapper.h \ @USE_DEV_HEADERS_TRUE@credentials/sets/ocsp_response_wrapper.h credentials/sets/cert_cache.h \ @USE_DEV_HEADERS_TRUE@credentials/sets/mem_cred.h credentials/sets/callback_cred.h \ @@ -858,7 +854,8 @@ libstrongswan_la_LIBADD = $(PTHREADLIB) $(DLLIB) $(BTLIB) $(SOCKLIB) \ $(am__append_81) $(am__append_83) $(am__append_85) \ $(am__append_87) $(am__append_89) $(am__append_91) \ $(am__append_93) $(am__append_95) $(am__append_97) \ - $(am__append_99) $(am__append_101) $(am__append_103) + $(am__append_99) $(am__append_101) $(am__append_103) \ + $(am__append_105) AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \ -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_LIB_DIR=\"${ipseclibdir}\" \ -DPLUGINDIR=\"${plugindir}\" \ @@ -905,7 +902,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c @MONOLITHIC_FALSE@ $(am__append_88) $(am__append_90) \ @MONOLITHIC_FALSE@ $(am__append_92) $(am__append_94) \ @MONOLITHIC_FALSE@ $(am__append_96) $(am__append_98) \ -@MONOLITHIC_FALSE@ $(am__append_100) $(am__append_102) tests +@MONOLITHIC_FALSE@ $(am__append_100) $(am__append_102) \ +@MONOLITHIC_FALSE@ $(am__append_104) tests # build plugins with their own Makefile ####################################### @@ -931,7 +929,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c @MONOLITHIC_TRUE@ $(am__append_88) $(am__append_90) \ @MONOLITHIC_TRUE@ $(am__append_92) $(am__append_94) \ @MONOLITHIC_TRUE@ $(am__append_96) $(am__append_98) \ -@MONOLITHIC_TRUE@ $(am__append_100) $(am__append_102) . tests +@MONOLITHIC_TRUE@ $(am__append_100) $(am__append_102) \ +@MONOLITHIC_TRUE@ $(am__append_104) . tests all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -1172,15 +1171,6 @@ credentials/containers/container.lo: \ credentials/containers/pkcs12.lo: \ credentials/containers/$(am__dirstamp) \ credentials/containers/$(DEPDIR)/$(am__dirstamp) -credentials/ietf_attributes/$(am__dirstamp): - @$(MKDIR_P) credentials/ietf_attributes - @: > credentials/ietf_attributes/$(am__dirstamp) -credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp): - @$(MKDIR_P) credentials/ietf_attributes/$(DEPDIR) - @: > credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp) -credentials/ietf_attributes/ietf_attributes.lo: \ - credentials/ietf_attributes/$(am__dirstamp) \ - credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp) credentials/credential_manager.lo: credentials/$(am__dirstamp) \ credentials/$(DEPDIR)/$(am__dirstamp) credentials/sets/$(am__dirstamp): @@ -1409,8 +1399,6 @@ mostlyclean-compile: -rm -f credentials/certificates/*.lo -rm -f credentials/containers/*.$(OBJEXT) -rm -f credentials/containers/*.lo - -rm -f credentials/ietf_attributes/*.$(OBJEXT) - -rm -f credentials/ietf_attributes/*.lo -rm -f credentials/keys/*.$(OBJEXT) -rm -f credentials/keys/*.lo -rm -f credentials/sets/*.$(OBJEXT) @@ -1488,7 +1476,6 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@credentials/certificates/$(DEPDIR)/ocsp_response.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@credentials/containers/$(DEPDIR)/container.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@credentials/containers/$(DEPDIR)/pkcs12.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@credentials/ietf_attributes/$(DEPDIR)/ietf_attributes.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/private_key.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/public_key.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@credentials/keys/$(DEPDIR)/shared_key.Plo@am__quote@ @@ -1598,7 +1585,6 @@ clean-libtool: -rm -rf credentials/.libs credentials/_libs -rm -rf credentials/certificates/.libs credentials/certificates/_libs -rm -rf credentials/containers/.libs credentials/containers/_libs - -rm -rf credentials/ietf_attributes/.libs credentials/ietf_attributes/_libs -rm -rf credentials/keys/.libs credentials/keys/_libs -rm -rf credentials/sets/.libs credentials/sets/_libs -rm -rf crypto/.libs crypto/_libs @@ -1852,8 +1838,6 @@ distclean-generic: -rm -f credentials/certificates/$(am__dirstamp) -rm -f credentials/containers/$(DEPDIR)/$(am__dirstamp) -rm -f credentials/containers/$(am__dirstamp) - -rm -f credentials/ietf_attributes/$(DEPDIR)/$(am__dirstamp) - -rm -f credentials/ietf_attributes/$(am__dirstamp) -rm -f credentials/keys/$(DEPDIR)/$(am__dirstamp) -rm -f credentials/keys/$(am__dirstamp) -rm -f credentials/sets/$(DEPDIR)/$(am__dirstamp) @@ -1918,7 +1902,7 @@ clean-am: clean-generic clean-ipseclibLTLIBRARIES clean-libtool \ mostlyclean-am distclean: distclean-recursive - -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR) + -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1965,7 +1949,7 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-recursive - -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/ietf_attributes/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR) + -rm -rf ./$(DEPDIR) asn1/$(DEPDIR) bio/$(DEPDIR) collections/$(DEPDIR) credentials/$(DEPDIR) credentials/certificates/$(DEPDIR) credentials/containers/$(DEPDIR) credentials/keys/$(DEPDIR) credentials/sets/$(DEPDIR) crypto/$(DEPDIR) crypto/crypters/$(DEPDIR) crypto/hashers/$(DEPDIR) crypto/iv/$(DEPDIR) crypto/prfs/$(DEPDIR) crypto/proposal/$(DEPDIR) crypto/rngs/$(DEPDIR) crypto/signers/$(DEPDIR) database/$(DEPDIR) eap/$(DEPDIR) fetcher/$(DEPDIR) ipsec/$(DEPDIR) networking/$(DEPDIR) networking/streams/$(DEPDIR) pen/$(DEPDIR) plugins/$(DEPDIR) processing/$(DEPDIR) processing/jobs/$(DEPDIR) resolver/$(DEPDIR) selectors/$(DEPDIR) threading/$(DEPDIR) utils/$(DEPDIR) utils/printf_hook/$(DEPDIR) utils/utils/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c index 6fa8f4e54..b479b0f4b 100644 --- a/src/libstrongswan/asn1/oid.c +++ b/src/libstrongswan/asn1/oid.c @@ -199,243 +199,268 @@ const oid_t oid_names[] = { { 0x02, 187, 0, 7, "ecdsa-with-SHA256" }, /* 186 */ { 0x03, 188, 0, 7, "ecdsa-with-SHA384" }, /* 187 */ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 188 */ - {0x2B, 372, 1, 0, "" }, /* 189 */ - { 0x06, 286, 1, 1, "dod" }, /* 190 */ + {0x2B, 391, 1, 0, "" }, /* 189 */ + { 0x06, 305, 1, 1, "dod" }, /* 190 */ { 0x01, 0, 1, 2, "internet" }, /* 191 */ - { 0x04, 237, 1, 3, "private" }, /* 192 */ + { 0x04, 256, 1, 3, "private" }, /* 192 */ { 0x01, 0, 1, 4, "enterprise" }, /* 193 */ - { 0x82, 207, 1, 5, "" }, /* 194 */ - { 0x37, 204, 1, 6, "Microsoft" }, /* 195 */ + { 0x82, 210, 1, 5, "" }, /* 194 */ + { 0x37, 207, 1, 6, "Microsoft" }, /* 195 */ { 0x0A, 200, 1, 7, "" }, /* 196 */ { 0x03, 0, 1, 8, "" }, /* 197 */ { 0x03, 199, 0, 9, "msSGC" }, /* 198 */ { 0x04, 0, 0, 9, "msEncryptingFileSystem" }, /* 199 */ - { 0x14, 0, 1, 7, "msEnrollmentInfrastructure" }, /* 200 */ + { 0x14, 204, 1, 7, "msEnrollmentInfrastructure" }, /* 200 */ { 0x02, 0, 1, 8, "msCertificateTypeExtension" }, /* 201 */ { 0x02, 203, 0, 9, "msSmartcardLogon" }, /* 202 */ { 0x03, 0, 0, 9, "msUPN" }, /* 203 */ - { 0xA0, 0, 1, 6, "" }, /* 204 */ - { 0x2A, 0, 1, 7, "ITA" }, /* 205 */ - { 0x01, 0, 0, 8, "strongSwan" }, /* 206 */ - { 0x89, 214, 1, 5, "" }, /* 207 */ - { 0x31, 0, 1, 6, "" }, /* 208 */ - { 0x01, 0, 1, 7, "" }, /* 209 */ - { 0x01, 0, 1, 8, "" }, /* 210 */ - { 0x02, 0, 1, 9, "" }, /* 211 */ - { 0x02, 0, 1, 10, "" }, /* 212 */ - { 0x4B, 0, 0, 11, "TCGID" }, /* 213 */ - { 0xc1, 0, 1, 5, "" }, /* 214 */ - { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 215 */ - { 0x01, 0, 1, 7, "eess" }, /* 216 */ - { 0x01, 0, 1, 8, "eess1" }, /* 217 */ - { 0x01, 222, 1, 9, "eess1-algs" }, /* 218 */ - { 0x01, 220, 0, 10, "ntru-EESS1v1-SVES" }, /* 219 */ - { 0x02, 221, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 220 */ - { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 221 */ - { 0x02, 236, 1, 9, "eess1-params" }, /* 222 */ - { 0x01, 224, 0, 10, "ees251ep1" }, /* 223 */ - { 0x02, 225, 0, 10, "ees347ep1" }, /* 224 */ - { 0x03, 226, 0, 10, "ees503ep1" }, /* 225 */ - { 0x07, 227, 0, 10, "ees251sp2" }, /* 226 */ - { 0x0C, 228, 0, 10, "ees251ep4" }, /* 227 */ - { 0x0D, 229, 0, 10, "ees251ep5" }, /* 228 */ - { 0x0E, 230, 0, 10, "ees251sp3" }, /* 229 */ - { 0x0F, 231, 0, 10, "ees251sp4" }, /* 230 */ - { 0x10, 232, 0, 10, "ees251sp5" }, /* 231 */ - { 0x11, 233, 0, 10, "ees251sp6" }, /* 232 */ - { 0x12, 234, 0, 10, "ees251sp7" }, /* 233 */ - { 0x13, 235, 0, 10, "ees251sp8" }, /* 234 */ - { 0x14, 0, 0, 10, "ees251sp9" }, /* 235 */ - { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 236 */ - { 0x05, 0, 1, 3, "security" }, /* 237 */ - { 0x05, 0, 1, 4, "mechanisms" }, /* 238 */ - { 0x07, 283, 1, 5, "id-pkix" }, /* 239 */ - { 0x01, 244, 1, 6, "id-pe" }, /* 240 */ - { 0x01, 242, 0, 7, "authorityInfoAccess" }, /* 241 */ - { 0x03, 243, 0, 7, "qcStatements" }, /* 242 */ - { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 243 */ - { 0x02, 247, 1, 6, "id-qt" }, /* 244 */ - { 0x01, 246, 0, 7, "cps" }, /* 245 */ - { 0x02, 0, 0, 7, "unotice" }, /* 246 */ - { 0x03, 257, 1, 6, "id-kp" }, /* 247 */ - { 0x01, 249, 0, 7, "serverAuth" }, /* 248 */ - { 0x02, 250, 0, 7, "clientAuth" }, /* 249 */ - { 0x03, 251, 0, 7, "codeSigning" }, /* 250 */ - { 0x04, 252, 0, 7, "emailProtection" }, /* 251 */ - { 0x05, 253, 0, 7, "ipsecEndSystem" }, /* 252 */ - { 0x06, 254, 0, 7, "ipsecTunnel" }, /* 253 */ - { 0x07, 255, 0, 7, "ipsecUser" }, /* 254 */ - { 0x08, 256, 0, 7, "timeStamping" }, /* 255 */ - { 0x09, 0, 0, 7, "ocspSigning" }, /* 256 */ - { 0x08, 265, 1, 6, "id-otherNames" }, /* 257 */ - { 0x01, 259, 0, 7, "personalData" }, /* 258 */ - { 0x02, 260, 0, 7, "userGroup" }, /* 259 */ - { 0x03, 261, 0, 7, "id-on-permanentIdentifier" }, /* 260 */ - { 0x04, 262, 0, 7, "id-on-hardwareModuleName" }, /* 261 */ - { 0x05, 263, 0, 7, "xmppAddr" }, /* 262 */ - { 0x06, 264, 0, 7, "id-on-SIM" }, /* 263 */ - { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 264 */ - { 0x0A, 270, 1, 6, "id-aca" }, /* 265 */ - { 0x01, 267, 0, 7, "authenticationInfo" }, /* 266 */ - { 0x02, 268, 0, 7, "accessIdentity" }, /* 267 */ - { 0x03, 269, 0, 7, "chargingIdentity" }, /* 268 */ - { 0x04, 0, 0, 7, "group" }, /* 269 */ - { 0x0B, 271, 0, 6, "subjectInfoAccess" }, /* 270 */ - { 0x30, 0, 1, 6, "id-ad" }, /* 271 */ - { 0x01, 280, 1, 7, "ocsp" }, /* 272 */ - { 0x01, 274, 0, 8, "basic" }, /* 273 */ - { 0x02, 275, 0, 8, "nonce" }, /* 274 */ - { 0x03, 276, 0, 8, "crl" }, /* 275 */ - { 0x04, 277, 0, 8, "response" }, /* 276 */ - { 0x05, 278, 0, 8, "noCheck" }, /* 277 */ - { 0x06, 279, 0, 8, "archiveCutoff" }, /* 278 */ - { 0x07, 0, 0, 8, "serviceLocator" }, /* 279 */ - { 0x02, 281, 0, 7, "caIssuers" }, /* 280 */ - { 0x03, 282, 0, 7, "timeStamping" }, /* 281 */ - { 0x05, 0, 0, 7, "caRepository" }, /* 282 */ - { 0x08, 0, 1, 5, "ipsec" }, /* 283 */ - { 0x02, 0, 1, 6, "certificate" }, /* 284 */ - { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 285 */ - { 0x0E, 292, 1, 1, "oiw" }, /* 286 */ - { 0x03, 0, 1, 2, "secsig" }, /* 287 */ - { 0x02, 0, 1, 3, "algorithms" }, /* 288 */ - { 0x07, 290, 0, 4, "des-cbc" }, /* 289 */ - { 0x1A, 291, 0, 4, "sha-1" }, /* 290 */ - { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 291 */ - { 0x24, 338, 1, 1, "TeleTrusT" }, /* 292 */ - { 0x03, 0, 1, 2, "algorithm" }, /* 293 */ - { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 294 */ - { 0x01, 299, 1, 4, "rsaSignature" }, /* 295 */ - { 0x02, 297, 0, 5, "rsaSigWithripemd160" }, /* 296 */ - { 0x03, 298, 0, 5, "rsaSigWithripemd128" }, /* 297 */ - { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 298 */ - { 0x02, 0, 1, 4, "ecSign" }, /* 299 */ - { 0x01, 301, 0, 5, "ecSignWithsha1" }, /* 300 */ - { 0x02, 302, 0, 5, "ecSignWithripemd160" }, /* 301 */ - { 0x03, 303, 0, 5, "ecSignWithmd2" }, /* 302 */ - { 0x04, 304, 0, 5, "ecSignWithmd5" }, /* 303 */ - { 0x05, 321, 1, 5, "ttt-ecg" }, /* 304 */ - { 0x01, 309, 1, 6, "fieldType" }, /* 305 */ - { 0x01, 0, 1, 7, "characteristictwoField" }, /* 306 */ - { 0x01, 0, 1, 8, "basisType" }, /* 307 */ - { 0x01, 0, 0, 9, "ipBasis" }, /* 308 */ - { 0x02, 311, 1, 6, "keyType" }, /* 309 */ - { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 310 */ - { 0x03, 312, 0, 6, "curve" }, /* 311 */ - { 0x04, 319, 1, 6, "signatures" }, /* 312 */ - { 0x01, 314, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 313 */ - { 0x02, 315, 0, 7, "ecgdsa-with-SHA1" }, /* 314 */ - { 0x03, 316, 0, 7, "ecgdsa-with-SHA224" }, /* 315 */ - { 0x04, 317, 0, 7, "ecgdsa-with-SHA256" }, /* 316 */ - { 0x05, 318, 0, 7, "ecgdsa-with-SHA384" }, /* 317 */ - { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 318 */ - { 0x05, 0, 1, 6, "module" }, /* 319 */ - { 0x01, 0, 0, 7, "1" }, /* 320 */ - { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 321 */ - { 0x01, 0, 1, 6, "ellipticCurve" }, /* 322 */ - { 0x01, 0, 1, 7, "versionOne" }, /* 323 */ - { 0x01, 325, 0, 8, "brainpoolP160r1" }, /* 324 */ - { 0x02, 326, 0, 8, "brainpoolP160t1" }, /* 325 */ - { 0x03, 327, 0, 8, "brainpoolP192r1" }, /* 326 */ - { 0x04, 328, 0, 8, "brainpoolP192t1" }, /* 327 */ - { 0x05, 329, 0, 8, "brainpoolP224r1" }, /* 328 */ - { 0x06, 330, 0, 8, "brainpoolP224t1" }, /* 329 */ - { 0x07, 331, 0, 8, "brainpoolP256r1" }, /* 330 */ - { 0x08, 332, 0, 8, "brainpoolP256t1" }, /* 331 */ - { 0x09, 333, 0, 8, "brainpoolP320r1" }, /* 332 */ - { 0x0A, 334, 0, 8, "brainpoolP320t1" }, /* 333 */ - { 0x0B, 335, 0, 8, "brainpoolP384r1" }, /* 334 */ - { 0x0C, 336, 0, 8, "brainpoolP384t1" }, /* 335 */ - { 0x0D, 337, 0, 8, "brainpoolP512r1" }, /* 336 */ - { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 337 */ - { 0x81, 0, 1, 1, "" }, /* 338 */ - { 0x04, 0, 1, 2, "Certicom" }, /* 339 */ - { 0x00, 0, 1, 3, "curve" }, /* 340 */ - { 0x01, 342, 0, 4, "sect163k1" }, /* 341 */ - { 0x02, 343, 0, 4, "sect163r1" }, /* 342 */ - { 0x03, 344, 0, 4, "sect239k1" }, /* 343 */ - { 0x04, 345, 0, 4, "sect113r1" }, /* 344 */ - { 0x05, 346, 0, 4, "sect113r2" }, /* 345 */ - { 0x06, 347, 0, 4, "secp112r1" }, /* 346 */ - { 0x07, 348, 0, 4, "secp112r2" }, /* 347 */ - { 0x08, 349, 0, 4, "secp160r1" }, /* 348 */ - { 0x09, 350, 0, 4, "secp160k1" }, /* 349 */ - { 0x0A, 351, 0, 4, "secp256k1" }, /* 350 */ - { 0x0F, 352, 0, 4, "sect163r2" }, /* 351 */ - { 0x10, 353, 0, 4, "sect283k1" }, /* 352 */ - { 0x11, 354, 0, 4, "sect283r1" }, /* 353 */ - { 0x16, 355, 0, 4, "sect131r1" }, /* 354 */ - { 0x17, 356, 0, 4, "sect131r2" }, /* 355 */ - { 0x18, 357, 0, 4, "sect193r1" }, /* 356 */ - { 0x19, 358, 0, 4, "sect193r2" }, /* 357 */ - { 0x1A, 359, 0, 4, "sect233k1" }, /* 358 */ - { 0x1B, 360, 0, 4, "sect233r1" }, /* 359 */ - { 0x1C, 361, 0, 4, "secp128r1" }, /* 360 */ - { 0x1D, 362, 0, 4, "secp128r2" }, /* 361 */ - { 0x1E, 363, 0, 4, "secp160r2" }, /* 362 */ - { 0x1F, 364, 0, 4, "secp192k1" }, /* 363 */ - { 0x20, 365, 0, 4, "secp224k1" }, /* 364 */ - { 0x21, 366, 0, 4, "secp224r1" }, /* 365 */ - { 0x22, 367, 0, 4, "secp384r1" }, /* 366 */ - { 0x23, 368, 0, 4, "secp521r1" }, /* 367 */ - { 0x24, 369, 0, 4, "sect409k1" }, /* 368 */ - { 0x25, 370, 0, 4, "sect409r1" }, /* 369 */ - { 0x26, 371, 0, 4, "sect571k1" }, /* 370 */ - { 0x27, 0, 0, 4, "sect571r1" }, /* 371 */ - {0x60, 420, 1, 0, "" }, /* 372 */ - { 0x86, 0, 1, 1, "" }, /* 373 */ - { 0x48, 0, 1, 2, "" }, /* 374 */ - { 0x01, 0, 1, 3, "organization" }, /* 375 */ - { 0x65, 396, 1, 4, "gov" }, /* 376 */ - { 0x03, 0, 1, 5, "csor" }, /* 377 */ - { 0x04, 0, 1, 6, "nistalgorithm" }, /* 378 */ - { 0x01, 389, 1, 7, "aes" }, /* 379 */ - { 0x02, 381, 0, 8, "id-aes128-CBC" }, /* 380 */ - { 0x06, 382, 0, 8, "id-aes128-GCM" }, /* 381 */ - { 0x07, 383, 0, 8, "id-aes128-CCM" }, /* 382 */ - { 0x16, 384, 0, 8, "id-aes192-CBC" }, /* 383 */ - { 0x1A, 385, 0, 8, "id-aes192-GCM" }, /* 384 */ - { 0x1B, 386, 0, 8, "id-aes192-CCM" }, /* 385 */ - { 0x2A, 387, 0, 8, "id-aes256-CBC" }, /* 386 */ - { 0x2E, 388, 0, 8, "id-aes256-GCM" }, /* 387 */ - { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 388 */ - { 0x02, 0, 1, 7, "hashalgs" }, /* 389 */ - { 0x01, 391, 0, 8, "id-SHA-256" }, /* 390 */ - { 0x02, 392, 0, 8, "id-SHA-384" }, /* 391 */ - { 0x03, 393, 0, 8, "id-SHA-512" }, /* 392 */ - { 0x04, 394, 0, 8, "id-SHA-224" }, /* 393 */ - { 0x05, 395, 0, 8, "id-SHA-512-224" }, /* 394 */ - { 0x06, 0, 0, 8, "id-SHA-512-256" }, /* 395 */ - { 0x86, 0, 1, 4, "" }, /* 396 */ - { 0xf8, 0, 1, 5, "" }, /* 397 */ - { 0x42, 410, 1, 6, "netscape" }, /* 398 */ - { 0x01, 405, 1, 7, "" }, /* 399 */ - { 0x01, 401, 0, 8, "nsCertType" }, /* 400 */ - { 0x03, 402, 0, 8, "nsRevocationUrl" }, /* 401 */ - { 0x04, 403, 0, 8, "nsCaRevocationUrl" }, /* 402 */ - { 0x08, 404, 0, 8, "nsCaPolicyUrl" }, /* 403 */ - { 0x0d, 0, 0, 8, "nsComment" }, /* 404 */ - { 0x03, 408, 1, 7, "directory" }, /* 405 */ - { 0x01, 0, 1, 8, "" }, /* 406 */ - { 0x03, 0, 0, 9, "employeeNumber" }, /* 407 */ - { 0x04, 0, 1, 7, "policy" }, /* 408 */ - { 0x01, 0, 0, 8, "nsSGC" }, /* 409 */ - { 0x45, 0, 1, 6, "verisign" }, /* 410 */ - { 0x01, 0, 1, 7, "pki" }, /* 411 */ - { 0x09, 0, 1, 8, "attributes" }, /* 412 */ - { 0x02, 414, 0, 9, "messageType" }, /* 413 */ - { 0x03, 415, 0, 9, "pkiStatus" }, /* 414 */ - { 0x04, 416, 0, 9, "failInfo" }, /* 415 */ - { 0x05, 417, 0, 9, "senderNonce" }, /* 416 */ - { 0x06, 418, 0, 9, "recipientNonce" }, /* 417 */ - { 0x07, 419, 0, 9, "transID" }, /* 418 */ - { 0x08, 0, 0, 9, "extensionReq" }, /* 419 */ - {0x67, 0, 1, 0, "" }, /* 420 */ - { 0x81, 0, 1, 1, "" }, /* 421 */ - { 0x05, 0, 1, 2, "" }, /* 422 */ - { 0x02, 0, 1, 3, "tcg-attribute" }, /* 423 */ - { 0x01, 425, 0, 4, "tcg-at-tpmManufacturer" }, /* 424 */ - { 0x02, 426, 0, 4, "tcg-at-tpmModel" }, /* 425 */ - { 0x03, 427, 0, 4, "tcg-at-tpmVersion" }, /* 426 */ - { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 427 */ + { 0x15, 0, 1, 7, "msCertSrvInfrastructure" }, /* 204 */ + { 0x07, 206, 0, 8, "msCertTemplate" }, /* 205 */ + { 0x0A, 0, 0, 8, "msApplicationCertPolicies" }, /* 206 */ + { 0xA0, 0, 1, 6, "" }, /* 207 */ + { 0x2A, 0, 1, 7, "ITA" }, /* 208 */ + { 0x01, 0, 0, 8, "strongSwan" }, /* 209 */ + { 0x89, 217, 1, 5, "" }, /* 210 */ + { 0x31, 0, 1, 6, "" }, /* 211 */ + { 0x01, 0, 1, 7, "" }, /* 212 */ + { 0x01, 0, 1, 8, "" }, /* 213 */ + { 0x02, 0, 1, 9, "" }, /* 214 */ + { 0x02, 0, 1, 10, "" }, /* 215 */ + { 0x4B, 0, 0, 11, "TCGID" }, /* 216 */ + { 0xC1, 0, 1, 5, "" }, /* 217 */ + { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 218 */ + { 0x01, 0, 1, 7, "eess" }, /* 219 */ + { 0x01, 0, 1, 8, "eess1" }, /* 220 */ + { 0x01, 225, 1, 9, "eess1-algs" }, /* 221 */ + { 0x01, 223, 0, 10, "ntru-EESS1v1-SVES" }, /* 222 */ + { 0x02, 224, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 223 */ + { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 224 */ + { 0x02, 255, 1, 9, "eess1-params" }, /* 225 */ + { 0x01, 227, 0, 10, "ees251ep1" }, /* 226 */ + { 0x02, 228, 0, 10, "ees347ep1" }, /* 227 */ + { 0x03, 229, 0, 10, "ees503ep1" }, /* 228 */ + { 0x07, 230, 0, 10, "ees251sp2" }, /* 229 */ + { 0x0C, 231, 0, 10, "ees251ep4" }, /* 230 */ + { 0x0D, 232, 0, 10, "ees251ep5" }, /* 231 */ + { 0x0E, 233, 0, 10, "ees251sp3" }, /* 232 */ + { 0x0F, 234, 0, 10, "ees251sp4" }, /* 233 */ + { 0x10, 235, 0, 10, "ees251sp5" }, /* 234 */ + { 0x11, 236, 0, 10, "ees251sp6" }, /* 235 */ + { 0x12, 237, 0, 10, "ees251sp7" }, /* 236 */ + { 0x13, 238, 0, 10, "ees251sp8" }, /* 237 */ + { 0x14, 239, 0, 10, "ees251sp9" }, /* 238 */ + { 0x22, 240, 0, 10, "ees401ep1" }, /* 239 */ + { 0x23, 241, 0, 10, "ees449ep1" }, /* 240 */ + { 0x24, 242, 0, 10, "ees677ep1" }, /* 241 */ + { 0x25, 243, 0, 10, "ees1087ep2" }, /* 242 */ + { 0x26, 244, 0, 10, "ees541ep1" }, /* 243 */ + { 0x27, 245, 0, 10, "ees613ep1" }, /* 244 */ + { 0x28, 246, 0, 10, "ees887ep1" }, /* 245 */ + { 0x29, 247, 0, 10, "ees1171ep1" }, /* 246 */ + { 0x2A, 248, 0, 10, "ees659ep1" }, /* 247 */ + { 0x2B, 249, 0, 10, "ees761ep1" }, /* 248 */ + { 0x2C, 250, 0, 10, "ees1087ep1" }, /* 249 */ + { 0x2D, 251, 0, 10, "ees1499ep1" }, /* 250 */ + { 0x2E, 252, 0, 10, "ees401ep2" }, /* 251 */ + { 0x2F, 253, 0, 10, "ees439ep1" }, /* 252 */ + { 0x30, 254, 0, 10, "ees593ep1" }, /* 253 */ + { 0x31, 0, 0, 10, "ees743ep1" }, /* 254 */ + { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 255 */ + { 0x05, 0, 1, 3, "security" }, /* 256 */ + { 0x05, 0, 1, 4, "mechanisms" }, /* 257 */ + { 0x07, 302, 1, 5, "id-pkix" }, /* 258 */ + { 0x01, 263, 1, 6, "id-pe" }, /* 259 */ + { 0x01, 261, 0, 7, "authorityInfoAccess" }, /* 260 */ + { 0x03, 262, 0, 7, "qcStatements" }, /* 261 */ + { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 262 */ + { 0x02, 266, 1, 6, "id-qt" }, /* 263 */ + { 0x01, 265, 0, 7, "cps" }, /* 264 */ + { 0x02, 0, 0, 7, "unotice" }, /* 265 */ + { 0x03, 276, 1, 6, "id-kp" }, /* 266 */ + { 0x01, 268, 0, 7, "serverAuth" }, /* 267 */ + { 0x02, 269, 0, 7, "clientAuth" }, /* 268 */ + { 0x03, 270, 0, 7, "codeSigning" }, /* 269 */ + { 0x04, 271, 0, 7, "emailProtection" }, /* 270 */ + { 0x05, 272, 0, 7, "ipsecEndSystem" }, /* 271 */ + { 0x06, 273, 0, 7, "ipsecTunnel" }, /* 272 */ + { 0x07, 274, 0, 7, "ipsecUser" }, /* 273 */ + { 0x08, 275, 0, 7, "timeStamping" }, /* 274 */ + { 0x09, 0, 0, 7, "ocspSigning" }, /* 275 */ + { 0x08, 284, 1, 6, "id-otherNames" }, /* 276 */ + { 0x01, 278, 0, 7, "personalData" }, /* 277 */ + { 0x02, 279, 0, 7, "userGroup" }, /* 278 */ + { 0x03, 280, 0, 7, "id-on-permanentIdentifier" }, /* 279 */ + { 0x04, 281, 0, 7, "id-on-hardwareModuleName" }, /* 280 */ + { 0x05, 282, 0, 7, "xmppAddr" }, /* 281 */ + { 0x06, 283, 0, 7, "id-on-SIM" }, /* 282 */ + { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 283 */ + { 0x0A, 289, 1, 6, "id-aca" }, /* 284 */ + { 0x01, 286, 0, 7, "authenticationInfo" }, /* 285 */ + { 0x02, 287, 0, 7, "accessIdentity" }, /* 286 */ + { 0x03, 288, 0, 7, "chargingIdentity" }, /* 287 */ + { 0x04, 0, 0, 7, "group" }, /* 288 */ + { 0x0B, 290, 0, 6, "subjectInfoAccess" }, /* 289 */ + { 0x30, 0, 1, 6, "id-ad" }, /* 290 */ + { 0x01, 299, 1, 7, "ocsp" }, /* 291 */ + { 0x01, 293, 0, 8, "basic" }, /* 292 */ + { 0x02, 294, 0, 8, "nonce" }, /* 293 */ + { 0x03, 295, 0, 8, "crl" }, /* 294 */ + { 0x04, 296, 0, 8, "response" }, /* 295 */ + { 0x05, 297, 0, 8, "noCheck" }, /* 296 */ + { 0x06, 298, 0, 8, "archiveCutoff" }, /* 297 */ + { 0x07, 0, 0, 8, "serviceLocator" }, /* 298 */ + { 0x02, 300, 0, 7, "caIssuers" }, /* 299 */ + { 0x03, 301, 0, 7, "timeStamping" }, /* 300 */ + { 0x05, 0, 0, 7, "caRepository" }, /* 301 */ + { 0x08, 0, 1, 5, "ipsec" }, /* 302 */ + { 0x02, 0, 1, 6, "certificate" }, /* 303 */ + { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 304 */ + { 0x0E, 311, 1, 1, "oiw" }, /* 305 */ + { 0x03, 0, 1, 2, "secsig" }, /* 306 */ + { 0x02, 0, 1, 3, "algorithms" }, /* 307 */ + { 0x07, 309, 0, 4, "des-cbc" }, /* 308 */ + { 0x1A, 310, 0, 4, "sha-1" }, /* 309 */ + { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 310 */ + { 0x24, 357, 1, 1, "TeleTrusT" }, /* 311 */ + { 0x03, 0, 1, 2, "algorithm" }, /* 312 */ + { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 313 */ + { 0x01, 318, 1, 4, "rsaSignature" }, /* 314 */ + { 0x02, 316, 0, 5, "rsaSigWithripemd160" }, /* 315 */ + { 0x03, 317, 0, 5, "rsaSigWithripemd128" }, /* 316 */ + { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 317 */ + { 0x02, 0, 1, 4, "ecSign" }, /* 318 */ + { 0x01, 320, 0, 5, "ecSignWithsha1" }, /* 319 */ + { 0x02, 321, 0, 5, "ecSignWithripemd160" }, /* 320 */ + { 0x03, 322, 0, 5, "ecSignWithmd2" }, /* 321 */ + { 0x04, 323, 0, 5, "ecSignWithmd5" }, /* 322 */ + { 0x05, 340, 1, 5, "ttt-ecg" }, /* 323 */ + { 0x01, 328, 1, 6, "fieldType" }, /* 324 */ + { 0x01, 0, 1, 7, "characteristictwoField" }, /* 325 */ + { 0x01, 0, 1, 8, "basisType" }, /* 326 */ + { 0x01, 0, 0, 9, "ipBasis" }, /* 327 */ + { 0x02, 330, 1, 6, "keyType" }, /* 328 */ + { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 329 */ + { 0x03, 331, 0, 6, "curve" }, /* 330 */ + { 0x04, 338, 1, 6, "signatures" }, /* 331 */ + { 0x01, 333, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 332 */ + { 0x02, 334, 0, 7, "ecgdsa-with-SHA1" }, /* 333 */ + { 0x03, 335, 0, 7, "ecgdsa-with-SHA224" }, /* 334 */ + { 0x04, 336, 0, 7, "ecgdsa-with-SHA256" }, /* 335 */ + { 0x05, 337, 0, 7, "ecgdsa-with-SHA384" }, /* 336 */ + { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 337 */ + { 0x05, 0, 1, 6, "module" }, /* 338 */ + { 0x01, 0, 0, 7, "1" }, /* 339 */ + { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 340 */ + { 0x01, 0, 1, 6, "ellipticCurve" }, /* 341 */ + { 0x01, 0, 1, 7, "versionOne" }, /* 342 */ + { 0x01, 344, 0, 8, "brainpoolP160r1" }, /* 343 */ + { 0x02, 345, 0, 8, "brainpoolP160t1" }, /* 344 */ + { 0x03, 346, 0, 8, "brainpoolP192r1" }, /* 345 */ + { 0x04, 347, 0, 8, "brainpoolP192t1" }, /* 346 */ + { 0x05, 348, 0, 8, "brainpoolP224r1" }, /* 347 */ + { 0x06, 349, 0, 8, "brainpoolP224t1" }, /* 348 */ + { 0x07, 350, 0, 8, "brainpoolP256r1" }, /* 349 */ + { 0x08, 351, 0, 8, "brainpoolP256t1" }, /* 350 */ + { 0x09, 352, 0, 8, "brainpoolP320r1" }, /* 351 */ + { 0x0A, 353, 0, 8, "brainpoolP320t1" }, /* 352 */ + { 0x0B, 354, 0, 8, "brainpoolP384r1" }, /* 353 */ + { 0x0C, 355, 0, 8, "brainpoolP384t1" }, /* 354 */ + { 0x0D, 356, 0, 8, "brainpoolP512r1" }, /* 355 */ + { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 356 */ + { 0x81, 0, 1, 1, "" }, /* 357 */ + { 0x04, 0, 1, 2, "Certicom" }, /* 358 */ + { 0x00, 0, 1, 3, "curve" }, /* 359 */ + { 0x01, 361, 0, 4, "sect163k1" }, /* 360 */ + { 0x02, 362, 0, 4, "sect163r1" }, /* 361 */ + { 0x03, 363, 0, 4, "sect239k1" }, /* 362 */ + { 0x04, 364, 0, 4, "sect113r1" }, /* 363 */ + { 0x05, 365, 0, 4, "sect113r2" }, /* 364 */ + { 0x06, 366, 0, 4, "secp112r1" }, /* 365 */ + { 0x07, 367, 0, 4, "secp112r2" }, /* 366 */ + { 0x08, 368, 0, 4, "secp160r1" }, /* 367 */ + { 0x09, 369, 0, 4, "secp160k1" }, /* 368 */ + { 0x0A, 370, 0, 4, "secp256k1" }, /* 369 */ + { 0x0F, 371, 0, 4, "sect163r2" }, /* 370 */ + { 0x10, 372, 0, 4, "sect283k1" }, /* 371 */ + { 0x11, 373, 0, 4, "sect283r1" }, /* 372 */ + { 0x16, 374, 0, 4, "sect131r1" }, /* 373 */ + { 0x17, 375, 0, 4, "sect131r2" }, /* 374 */ + { 0x18, 376, 0, 4, "sect193r1" }, /* 375 */ + { 0x19, 377, 0, 4, "sect193r2" }, /* 376 */ + { 0x1A, 378, 0, 4, "sect233k1" }, /* 377 */ + { 0x1B, 379, 0, 4, "sect233r1" }, /* 378 */ + { 0x1C, 380, 0, 4, "secp128r1" }, /* 379 */ + { 0x1D, 381, 0, 4, "secp128r2" }, /* 380 */ + { 0x1E, 382, 0, 4, "secp160r2" }, /* 381 */ + { 0x1F, 383, 0, 4, "secp192k1" }, /* 382 */ + { 0x20, 384, 0, 4, "secp224k1" }, /* 383 */ + { 0x21, 385, 0, 4, "secp224r1" }, /* 384 */ + { 0x22, 386, 0, 4, "secp384r1" }, /* 385 */ + { 0x23, 387, 0, 4, "secp521r1" }, /* 386 */ + { 0x24, 388, 0, 4, "sect409k1" }, /* 387 */ + { 0x25, 389, 0, 4, "sect409r1" }, /* 388 */ + { 0x26, 390, 0, 4, "sect571k1" }, /* 389 */ + { 0x27, 0, 0, 4, "sect571r1" }, /* 390 */ + {0x60, 445, 1, 0, "" }, /* 391 */ + { 0x86, 0, 1, 1, "" }, /* 392 */ + { 0x48, 0, 1, 2, "" }, /* 393 */ + { 0x01, 0, 1, 3, "organization" }, /* 394 */ + { 0x65, 421, 1, 4, "gov" }, /* 395 */ + { 0x03, 0, 1, 5, "csor" }, /* 396 */ + { 0x04, 0, 1, 6, "nistalgorithm" }, /* 397 */ + { 0x01, 408, 1, 7, "aes" }, /* 398 */ + { 0x02, 400, 0, 8, "id-aes128-CBC" }, /* 399 */ + { 0x06, 401, 0, 8, "id-aes128-GCM" }, /* 400 */ + { 0x07, 402, 0, 8, "id-aes128-CCM" }, /* 401 */ + { 0x16, 403, 0, 8, "id-aes192-CBC" }, /* 402 */ + { 0x1A, 404, 0, 8, "id-aes192-GCM" }, /* 403 */ + { 0x1B, 405, 0, 8, "id-aes192-CCM" }, /* 404 */ + { 0x2A, 406, 0, 8, "id-aes256-CBC" }, /* 405 */ + { 0x2E, 407, 0, 8, "id-aes256-GCM" }, /* 406 */ + { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 407 */ + { 0x02, 0, 1, 7, "hashalgs" }, /* 408 */ + { 0x01, 410, 0, 8, "id-sha256" }, /* 409 */ + { 0x02, 411, 0, 8, "id-sha384" }, /* 410 */ + { 0x03, 412, 0, 8, "id-sha512" }, /* 411 */ + { 0x04, 413, 0, 8, "id-sha224" }, /* 412 */ + { 0x05, 414, 0, 8, "id-sha512-224" }, /* 413 */ + { 0x06, 415, 0, 8, "id-sha512-256" }, /* 414 */ + { 0x07, 416, 0, 8, "id-sha3-224" }, /* 415 */ + { 0x08, 417, 0, 8, "id-sha3-256" }, /* 416 */ + { 0x09, 418, 0, 8, "id-sha3-384" }, /* 417 */ + { 0x0A, 419, 0, 8, "id-sha3-512" }, /* 418 */ + { 0x0B, 420, 0, 8, "id-shake128" }, /* 419 */ + { 0x0C, 0, 0, 8, "id-shake256" }, /* 420 */ + { 0x86, 0, 1, 4, "" }, /* 421 */ + { 0xf8, 0, 1, 5, "" }, /* 422 */ + { 0x42, 435, 1, 6, "netscape" }, /* 423 */ + { 0x01, 430, 1, 7, "" }, /* 424 */ + { 0x01, 426, 0, 8, "nsCertType" }, /* 425 */ + { 0x03, 427, 0, 8, "nsRevocationUrl" }, /* 426 */ + { 0x04, 428, 0, 8, "nsCaRevocationUrl" }, /* 427 */ + { 0x08, 429, 0, 8, "nsCaPolicyUrl" }, /* 428 */ + { 0x0d, 0, 0, 8, "nsComment" }, /* 429 */ + { 0x03, 433, 1, 7, "directory" }, /* 430 */ + { 0x01, 0, 1, 8, "" }, /* 431 */ + { 0x03, 0, 0, 9, "employeeNumber" }, /* 432 */ + { 0x04, 0, 1, 7, "policy" }, /* 433 */ + { 0x01, 0, 0, 8, "nsSGC" }, /* 434 */ + { 0x45, 0, 1, 6, "verisign" }, /* 435 */ + { 0x01, 0, 1, 7, "pki" }, /* 436 */ + { 0x09, 0, 1, 8, "attributes" }, /* 437 */ + { 0x02, 439, 0, 9, "messageType" }, /* 438 */ + { 0x03, 440, 0, 9, "pkiStatus" }, /* 439 */ + { 0x04, 441, 0, 9, "failInfo" }, /* 440 */ + { 0x05, 442, 0, 9, "senderNonce" }, /* 441 */ + { 0x06, 443, 0, 9, "recipientNonce" }, /* 442 */ + { 0x07, 444, 0, 9, "transID" }, /* 443 */ + { 0x08, 0, 0, 9, "extensionReq" }, /* 444 */ + {0x67, 0, 1, 0, "" }, /* 445 */ + { 0x81, 0, 1, 1, "" }, /* 446 */ + { 0x05, 0, 1, 2, "" }, /* 447 */ + { 0x02, 0, 1, 3, "tcg-attribute" }, /* 448 */ + { 0x01, 450, 0, 4, "tcg-at-tpmManufacturer" }, /* 449 */ + { 0x02, 451, 0, 4, "tcg-at-tpmModel" }, /* 450 */ + { 0x03, 452, 0, 4, "tcg-at-tpmVersion" }, /* 451 */ + { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 452 */ }; diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h index 14f774adb..d72d986c5 100644 --- a/src/libstrongswan/asn1/oid.h +++ b/src/libstrongswan/asn1/oid.h @@ -138,101 +138,102 @@ extern const oid_t oid_names[]; #define OID_ECDSA_WITH_SHA256 186 #define OID_ECDSA_WITH_SHA384 187 #define OID_ECDSA_WITH_SHA512 188 +#define OID_MS_SMARTCARD_LOGON 202 #define OID_USER_PRINCIPAL_NAME 203 -#define OID_STRONGSWAN 206 -#define OID_TCGID 213 -#define OID_AUTHORITY_INFO_ACCESS 241 -#define OID_IP_ADDR_BLOCKS 243 -#define OID_POLICY_QUALIFIER_CPS 245 -#define OID_POLICY_QUALIFIER_UNOTICE 246 -#define OID_SERVER_AUTH 248 -#define OID_CLIENT_AUTH 249 -#define OID_OCSP_SIGNING 256 -#define OID_XMPP_ADDR 262 -#define OID_AUTHENTICATION_INFO 266 -#define OID_ACCESS_IDENTITY 267 -#define OID_CHARGING_IDENTITY 268 -#define OID_GROUP 269 -#define OID_OCSP 272 -#define OID_BASIC 273 -#define OID_NONCE 274 -#define OID_CRL 275 -#define OID_RESPONSE 276 -#define OID_NO_CHECK 277 -#define OID_ARCHIVE_CUTOFF 278 -#define OID_SERVICE_LOCATOR 279 -#define OID_CA_ISSUERS 280 -#define OID_IKE_INTERMEDIATE 285 -#define OID_DES_CBC 289 -#define OID_SHA1 290 -#define OID_SHA1_WITH_RSA_OIW 291 -#define OID_ECGDSA_PUBKEY 310 -#define OID_ECGDSA_SIG_WITH_RIPEMD160 313 -#define OID_ECGDSA_SIG_WITH_SHA1 314 -#define OID_ECGDSA_SIG_WITH_SHA224 315 -#define OID_ECGDSA_SIG_WITH_SHA256 316 -#define OID_ECGDSA_SIG_WITH_SHA384 317 -#define OID_ECGDSA_SIG_WITH_SHA512 318 -#define OID_SECT163K1 341 -#define OID_SECT163R1 342 -#define OID_SECT239K1 343 -#define OID_SECT113R1 344 -#define OID_SECT113R2 345 -#define OID_SECT112R1 346 -#define OID_SECT112R2 347 -#define OID_SECT160R1 348 -#define OID_SECT160K1 349 -#define OID_SECT256K1 350 -#define OID_SECT163R2 351 -#define OID_SECT283K1 352 -#define OID_SECT283R1 353 -#define OID_SECT131R1 354 -#define OID_SECT131R2 355 -#define OID_SECT193R1 356 -#define OID_SECT193R2 357 -#define OID_SECT233K1 358 -#define OID_SECT233R1 359 -#define OID_SECT128R1 360 -#define OID_SECT128R2 361 -#define OID_SECT160R2 362 -#define OID_SECT192K1 363 -#define OID_SECT224K1 364 -#define OID_SECT224R1 365 -#define OID_SECT384R1 366 -#define OID_SECT521R1 367 -#define OID_SECT409K1 368 -#define OID_SECT409R1 369 -#define OID_SECT571K1 370 -#define OID_SECT571R1 371 -#define OID_AES128_CBC 380 -#define OID_AES128_GCM 381 -#define OID_AES128_CCM 382 -#define OID_AES192_CBC 383 -#define OID_AES192_GCM 384 -#define OID_AES192_CCM 385 -#define OID_AES256_CBC 386 -#define OID_AES256_GCM 387 -#define OID_AES256_CCM 388 -#define OID_SHA256 390 -#define OID_SHA384 391 -#define OID_SHA512 392 -#define OID_SHA224 393 -#define OID_NS_REVOCATION_URL 401 -#define OID_NS_CA_REVOCATION_URL 402 -#define OID_NS_CA_POLICY_URL 403 -#define OID_NS_COMMENT 404 -#define OID_EMPLOYEE_NUMBER 407 -#define OID_PKI_MESSAGE_TYPE 413 -#define OID_PKI_STATUS 414 -#define OID_PKI_FAIL_INFO 415 -#define OID_PKI_SENDER_NONCE 416 -#define OID_PKI_RECIPIENT_NONCE 417 -#define OID_PKI_TRANS_ID 418 -#define OID_TPM_MANUFACTURER 424 -#define OID_TPM_MODEL 425 -#define OID_TPM_VERSION 426 -#define OID_TPM_ID_LABEL 427 +#define OID_STRONGSWAN 209 +#define OID_TCGID 216 +#define OID_AUTHORITY_INFO_ACCESS 260 +#define OID_IP_ADDR_BLOCKS 262 +#define OID_POLICY_QUALIFIER_CPS 264 +#define OID_POLICY_QUALIFIER_UNOTICE 265 +#define OID_SERVER_AUTH 267 +#define OID_CLIENT_AUTH 268 +#define OID_OCSP_SIGNING 275 +#define OID_XMPP_ADDR 281 +#define OID_AUTHENTICATION_INFO 285 +#define OID_ACCESS_IDENTITY 286 +#define OID_CHARGING_IDENTITY 287 +#define OID_GROUP 288 +#define OID_OCSP 291 +#define OID_BASIC 292 +#define OID_NONCE 293 +#define OID_CRL 294 +#define OID_RESPONSE 295 +#define OID_NO_CHECK 296 +#define OID_ARCHIVE_CUTOFF 297 +#define OID_SERVICE_LOCATOR 298 +#define OID_CA_ISSUERS 299 +#define OID_IKE_INTERMEDIATE 304 +#define OID_DES_CBC 308 +#define OID_SHA1 309 +#define OID_SHA1_WITH_RSA_OIW 310 +#define OID_ECGDSA_PUBKEY 329 +#define OID_ECGDSA_SIG_WITH_RIPEMD160 332 +#define OID_ECGDSA_SIG_WITH_SHA1 333 +#define OID_ECGDSA_SIG_WITH_SHA224 334 +#define OID_ECGDSA_SIG_WITH_SHA256 335 +#define OID_ECGDSA_SIG_WITH_SHA384 336 +#define OID_ECGDSA_SIG_WITH_SHA512 337 +#define OID_SECT163K1 360 +#define OID_SECT163R1 361 +#define OID_SECT239K1 362 +#define OID_SECT113R1 363 +#define OID_SECT113R2 364 +#define OID_SECT112R1 365 +#define OID_SECT112R2 366 +#define OID_SECT160R1 367 +#define OID_SECT160K1 368 +#define OID_SECT256K1 369 +#define OID_SECT163R2 370 +#define OID_SECT283K1 371 +#define OID_SECT283R1 372 +#define OID_SECT131R1 373 +#define OID_SECT131R2 374 +#define OID_SECT193R1 375 +#define OID_SECT193R2 376 +#define OID_SECT233K1 377 +#define OID_SECT233R1 378 +#define OID_SECT128R1 379 +#define OID_SECT128R2 380 +#define OID_SECT160R2 381 +#define OID_SECT192K1 382 +#define OID_SECT224K1 383 +#define OID_SECT224R1 384 +#define OID_SECT384R1 385 +#define OID_SECT521R1 386 +#define OID_SECT409K1 387 +#define OID_SECT409R1 388 +#define OID_SECT571K1 389 +#define OID_SECT571R1 390 +#define OID_AES128_CBC 399 +#define OID_AES128_GCM 400 +#define OID_AES128_CCM 401 +#define OID_AES192_CBC 402 +#define OID_AES192_GCM 403 +#define OID_AES192_CCM 404 +#define OID_AES256_CBC 405 +#define OID_AES256_GCM 406 +#define OID_AES256_CCM 407 +#define OID_SHA256 409 +#define OID_SHA384 410 +#define OID_SHA512 411 +#define OID_SHA224 412 +#define OID_NS_REVOCATION_URL 426 +#define OID_NS_CA_REVOCATION_URL 427 +#define OID_NS_CA_POLICY_URL 428 +#define OID_NS_COMMENT 429 +#define OID_EMPLOYEE_NUMBER 432 +#define OID_PKI_MESSAGE_TYPE 438 +#define OID_PKI_STATUS 439 +#define OID_PKI_FAIL_INFO 440 +#define OID_PKI_SENDER_NONCE 441 +#define OID_PKI_RECIPIENT_NONCE 442 +#define OID_PKI_TRANS_ID 443 +#define OID_TPM_MANUFACTURER 449 +#define OID_TPM_MODEL 450 +#define OID_TPM_VERSION 451 +#define OID_TPM_ID_LABEL 452 -#define OID_MAX 428 +#define OID_MAX 453 #endif /* OID_H_ */ diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index c15a1cc2a..e545188d4 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -200,8 +200,11 @@ 0x04 "msEncryptingFileSystem" 0x14 "msEnrollmentInfrastructure" 0x02 "msCertificateTypeExtension" - 0x02 "msSmartcardLogon" + 0x02 "msSmartcardLogon" OID_MS_SMARTCARD_LOGON 0x03 "msUPN" OID_USER_PRINCIPAL_NAME + 0x15 "msCertSrvInfrastructure" + 0x07 "msCertTemplate" + 0x0A "msApplicationCertPolicies" 0xA0 "" 0x2A "ITA" 0x01 "strongSwan" OID_STRONGSWAN @@ -212,7 +215,7 @@ 0x02 "" 0x02 "" 0x4B "TCGID" OID_TCGID - 0xc1 "" + 0xC1 "" 0x16 "ntruCryptosystems" 0x01 "eess" 0x01 "eess1" @@ -234,6 +237,22 @@ 0x12 "ees251sp7" 0x13 "ees251sp8" 0x14 "ees251sp9" + 0x22 "ees401ep1" + 0x23 "ees449ep1" + 0x24 "ees677ep1" + 0x25 "ees1087ep2" + 0x26 "ees541ep1" + 0x27 "ees613ep1" + 0x28 "ees887ep1" + 0x29 "ees1171ep1" + 0x2A "ees659ep1" + 0x2B "ees761ep1" + 0x2C "ees1087ep1" + 0x2D "ees1499ep1" + 0x2E "ees401ep2" + 0x2F "ees439ep1" + 0x30 "ees593ep1" + 0x31 "ees743ep1" 0x03 "eess1-encodingMethods" 0x05 "security" 0x05 "mechanisms" @@ -388,12 +407,18 @@ 0x2E "id-aes256-GCM" OID_AES256_GCM 0x2F "id-aes256-CCM" OID_AES256_CCM 0x02 "hashalgs" - 0x01 "id-SHA-256" OID_SHA256 - 0x02 "id-SHA-384" OID_SHA384 - 0x03 "id-SHA-512" OID_SHA512 - 0x04 "id-SHA-224" OID_SHA224 - 0x05 "id-SHA-512-224" - 0x06 "id-SHA-512-256" + 0x01 "id-sha256" OID_SHA256 + 0x02 "id-sha384" OID_SHA384 + 0x03 "id-sha512" OID_SHA512 + 0x04 "id-sha224" OID_SHA224 + 0x05 "id-sha512-224" + 0x06 "id-sha512-256" + 0x07 "id-sha3-224" + 0x08 "id-sha3-256" + 0x09 "id-sha3-384" + 0x0A "id-sha3-512" + 0x0B "id-shake128" + 0x0C "id-shake256" 0x86 "" 0xf8 "" 0x42 "netscape" diff --git a/src/libstrongswan/collections/array.c b/src/libstrongswan/collections/array.c index 314e8e916..75efb85bf 100644 --- a/src/libstrongswan/collections/array.c +++ b/src/libstrongswan/collections/array.c @@ -141,7 +141,7 @@ static void remove_tail(array_t *array, int idx) /* move all items after idx one down */ memmove(array->data + get_size(array, idx + array->head), array->data + get_size(array, idx + array->head + 1), - get_size(array, array->count - idx)); + get_size(array, array->count - 1 - idx)); array->count--; array->tail++; } diff --git a/src/libstrongswan/collections/hashtable.c b/src/libstrongswan/collections/hashtable.c index 1003aa0fa..ca31d8361 100644 --- a/src/libstrongswan/collections/hashtable.c +++ b/src/libstrongswan/collections/hashtable.c @@ -30,7 +30,7 @@ struct pair_t { /** * Key of a hash table item. */ - void *key; + const void *key; /** * Value of a hash table item. @@ -51,7 +51,7 @@ struct pair_t { /** * Creates an empty pair object. */ -static inline pair_t *pair_create(void *key, void *value, u_int hash) +static inline pair_t *pair_create(const void *key, void *value, u_int hash) { pair_t *this; @@ -153,7 +153,7 @@ struct private_enumerator_t { /* * See header. */ -u_int hashtable_hash_ptr(void *key) +u_int hashtable_hash_ptr(const void *key) { return chunk_hash(chunk_from_thing(key)); } @@ -161,7 +161,7 @@ u_int hashtable_hash_ptr(void *key) /* * See header. */ -u_int hashtable_hash_str(void *key) +u_int hashtable_hash_str(const void *key) { return chunk_hash(chunk_from_str((char*)key)); } @@ -169,7 +169,7 @@ u_int hashtable_hash_str(void *key) /* * See header. */ -bool hashtable_equals_ptr(void *key, void *other_key) +bool hashtable_equals_ptr(const void *key, const void *other_key) { return key == other_key; } @@ -177,7 +177,7 @@ bool hashtable_equals_ptr(void *key, void *other_key) /* * See header. */ -bool hashtable_equals_str(void *key, void *other_key) +bool hashtable_equals_str(const void *key, const void *other_key) { return streq(key, other_key); } @@ -250,7 +250,7 @@ static void rehash(private_hashtable_t *this) } METHOD(hashtable_t, put, void*, - private_hashtable_t *this, void *key, void *value) + private_hashtable_t *this, const void *key, void *value) { void *old_value = NULL; pair_t *pair; @@ -284,7 +284,7 @@ METHOD(hashtable_t, put, void*, return old_value; } -static void *get_internal(private_hashtable_t *this, void *key, +static void *get_internal(private_hashtable_t *this, const void *key, hashtable_equals_t equals) { void *value = NULL; @@ -309,19 +309,19 @@ static void *get_internal(private_hashtable_t *this, void *key, } METHOD(hashtable_t, get, void*, - private_hashtable_t *this, void *key) + private_hashtable_t *this, const void *key) { return get_internal(this, key, this->equals); } METHOD(hashtable_t, get_match, void*, - private_hashtable_t *this, void *key, hashtable_equals_t match) + private_hashtable_t *this, const void *key, hashtable_equals_t match) { return get_internal(this, key, match); } METHOD(hashtable_t, remove_, void*, - private_hashtable_t *this, void *key) + private_hashtable_t *this, const void *key) { void *value = NULL; pair_t *pair, *prev = NULL; @@ -379,7 +379,7 @@ METHOD(hashtable_t, get_count, u_int, } METHOD(enumerator_t, enumerate, bool, - private_enumerator_t *this, void **key, void **value) + private_enumerator_t *this, const void **key, void **value) { while (this->count && this->row < this->table->capacity) { diff --git a/src/libstrongswan/collections/hashtable.h b/src/libstrongswan/collections/hashtable.h index 520a86c90..0a7ebeb65 100644 --- a/src/libstrongswan/collections/hashtable.h +++ b/src/libstrongswan/collections/hashtable.h @@ -31,7 +31,7 @@ typedef struct hashtable_t hashtable_t; * @param key key to hash * @return hash code */ -typedef u_int (*hashtable_hash_t)(void *key); +typedef u_int (*hashtable_hash_t)(const void *key); /** * Hashtable hash function calculation the hash solely based on the key pointer. @@ -39,7 +39,7 @@ typedef u_int (*hashtable_hash_t)(void *key); * @param key key to hash * @return hash of key */ -u_int hashtable_hash_ptr(void *key); +u_int hashtable_hash_ptr(const void *key); /** * Hashtable hash function calculation the hash for char* keys. @@ -47,7 +47,7 @@ u_int hashtable_hash_ptr(void *key); * @param key key to hash, a char* * @return hash of key */ -u_int hashtable_hash_str(void *key); +u_int hashtable_hash_str(const void *key); /** * Prototype for a function that compares the two keys for equality. @@ -56,7 +56,7 @@ u_int hashtable_hash_str(void *key); * @param other_key second key * @return TRUE if the keys are equal */ -typedef bool (*hashtable_equals_t)(void *key, void *other_key); +typedef bool (*hashtable_equals_t)(const void *key, const void *other_key); /** * Hashtable equals function comparing pointers. @@ -65,7 +65,7 @@ typedef bool (*hashtable_equals_t)(void *key, void *other_key); * @param other_key other key to compare * @return TRUE if key == other_key */ -bool hashtable_equals_ptr(void *key, void *other_key); +bool hashtable_equals_ptr(const void *key, const void *other_key); /** * Hashtable equals function comparing char* keys. @@ -74,7 +74,7 @@ bool hashtable_equals_ptr(void *key, void *other_key); * @param other_key other key to compare * @return TRUE if streq(key, other_key) */ -bool hashtable_equals_str(void *key, void *other_key); +bool hashtable_equals_str(const void *key, const void *other_key); /** * Class implementing a hash table. @@ -100,7 +100,7 @@ struct hashtable_t { * @param value the value to store * @return NULL if no item was replaced, the old value otherwise */ - void *(*put) (hashtable_t *this, void *key, void *value); + void *(*put) (hashtable_t *this, const void *key, void *value); /** * Returns the value with the given key, if the hash table contains such an @@ -109,7 +109,7 @@ struct hashtable_t { * @param key the key of the requested value * @return the value, NULL if not found */ - void *(*get) (hashtable_t *this, void *key); + void *(*get) (hashtable_t *this, const void *key); /** * Returns the value with a matching key, if the hash table contains such an @@ -125,7 +125,8 @@ struct hashtable_t { * @param match match function to be used when comparing keys * @return the value, NULL if not found */ - void *(*get_match) (hashtable_t *this, void *key, hashtable_equals_t match); + void *(*get_match) (hashtable_t *this, const void *key, + hashtable_equals_t match); /** * Removes the value with the given key from the hash table and returns the @@ -134,7 +135,7 @@ struct hashtable_t { * @param key the key of the value to remove * @return the removed value, NULL if not found */ - void *(*remove) (hashtable_t *this, void *key); + void *(*remove) (hashtable_t *this, const void *key); /** * Removes the key and value pair from the hash table at which the given diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c index 2203519e2..4ff9aa6dd 100644 --- a/src/libstrongswan/credentials/auth_cfg.c +++ b/src/libstrongswan/credentials/auth_cfg.c @@ -31,7 +31,7 @@ ENUM(auth_class_names, AUTH_CLASS_ANY, AUTH_CLASS_XAUTH, "XAuth", ); -ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_REVOCATION_CERT, +ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_AC_CERT, "RULE_IDENTITY", "RULE_IDENTITY_LOOSE", "RULE_AUTH_CLASS", @@ -56,6 +56,7 @@ ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_REVOCATION_CERT, "HELPER_IM_HASH_URL", "HELPER_SUBJECT_HASH_URL", "HELPER_REVOCATION_CERT", + "HELPER_AC_CERT", ); /** @@ -91,6 +92,7 @@ static inline bool is_multi_value_rule(auth_rule_t type) case AUTH_HELPER_IM_CERT: case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: return TRUE; } return FALSE; @@ -224,6 +226,7 @@ static void init_entry(entry_t *this, auth_rule_t type, va_list args) case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: /* pointer type */ this->value = va_arg(args, void*); break; @@ -262,6 +265,7 @@ static bool entry_equals(entry_t *e1, entry_t *e2) case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: { certificate_t *c1, *c2; @@ -319,6 +323,7 @@ static void destroy_entry_value(entry_t *entry) case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: { certificate_t *cert = (certificate_t*)entry->value; cert->destroy(cert); @@ -390,6 +395,7 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator, case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: /* pointer type */ entry->value = va_arg(args, void*); break; @@ -467,6 +473,7 @@ METHOD(auth_cfg_t, get, void*, case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: case AUTH_RULE_MAX: break; } @@ -736,6 +743,7 @@ METHOD(auth_cfg_t, complies, bool, case AUTH_HELPER_IM_HASH_URL: case AUTH_HELPER_SUBJECT_HASH_URL: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: case AUTH_RULE_MAX: /* skip helpers */ continue; @@ -868,6 +876,7 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: { certificate_t *cert = (certificate_t*)value; @@ -1029,6 +1038,7 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*, case AUTH_HELPER_IM_CERT: case AUTH_HELPER_SUBJECT_CERT: case AUTH_HELPER_REVOCATION_CERT: + case AUTH_HELPER_AC_CERT: { certificate_t *cert = (certificate_t*)value; clone->add(clone, type, cert->get_ref(cert)); diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h index d87935589..95b36d706 100644 --- a/src/libstrongswan/credentials/auth_cfg.h +++ b/src/libstrongswan/credentials/auth_cfg.h @@ -117,6 +117,8 @@ enum auth_rule_t { AUTH_HELPER_SUBJECT_HASH_URL, /** revocation certificate (CRL, OCSP), certificate_t* */ AUTH_HELPER_REVOCATION_CERT, + /** attribute certificate for authorization decisions, certificate_t */ + AUTH_HELPER_AC_CERT, /** helper to determine the number of elements in this enum */ AUTH_RULE_MAX, diff --git a/src/libstrongswan/credentials/builder.c b/src/libstrongswan/credentials/builder.c index 4e52272a7..ddb64ef88 100644 --- a/src/libstrongswan/credentials/builder.c +++ b/src/libstrongswan/credentials/builder.c @@ -38,7 +38,7 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END, "BUILD_SERIAL", "BUILD_DIGEST_ALG", "BUILD_ENCRYPTION_ALG", - "BUILD_IETF_GROUP_ATTR", + "BUILD_AC_GROUP_STRINGS", "BUILD_CA_CERT", "BUILD_CERT", "BUILD_CRL_DISTRIBUTION_POINTS", @@ -72,4 +72,3 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END, "BUILD_THRESHOLD", "BUILD_END", ); - diff --git a/src/libstrongswan/credentials/builder.h b/src/libstrongswan/credentials/builder.h index 103b823c0..627e0934d 100644 --- a/src/libstrongswan/credentials/builder.h +++ b/src/libstrongswan/credentials/builder.h @@ -87,8 +87,8 @@ enum builder_part_t { BUILD_DIGEST_ALG, /** encryption algorithm to use, encryption_algorithm_t */ BUILD_ENCRYPTION_ALG, - /** a comma-separated list of ietf group attributes, char* */ - BUILD_IETF_GROUP_ATTR, + /** list of AC group memberships, linked_list_t* with char* */ + BUILD_AC_GROUP_STRINGS, /** a ca certificate, certificate_t* */ BUILD_CA_CERT, /** a certificate, certificate_t* */ diff --git a/src/libstrongswan/credentials/certificates/ac.h b/src/libstrongswan/credentials/certificates/ac.h index 57b44adca..9a3d8f0b9 100644 --- a/src/libstrongswan/credentials/certificates/ac.h +++ b/src/libstrongswan/credentials/certificates/ac.h @@ -24,9 +24,18 @@ #include <library.h> #include <credentials/certificates/certificate.h> -#include <credentials/ietf_attributes/ietf_attributes.h> typedef struct ac_t ac_t; +typedef enum ac_group_type_t ac_group_type_t; + +/** + * Common group types, from IETF Attributes Syntax + */ +enum ac_group_type_t { + AC_GROUP_TYPE_OCTETS, + AC_GROUP_TYPE_STRING, + AC_GROUP_TYPE_OID, +}; /** * X.509 attribute certificate interface. @@ -70,19 +79,11 @@ struct ac_t { chunk_t (*get_authKeyIdentifier)(ac_t *this); /** - * Get the group memberships as a list of IETF attributes - * - * @return object containing a list of IETF attributes - */ - ietf_attributes_t* (*get_groups)(ac_t *this); - - /** - * @brief Checks if two attribute certificates belong to the same holder + * Create an enumerator of contained Group memberships. * - * @param that other attribute certificate - * @return TRUE if same holder + * @return enumerator over (ac_group_type_t, chunk_t) */ - bool (*equals_holder) (ac_t *this, ac_t *other); + enumerator_t* (*create_group_enumerator)(ac_t *this); }; #endif /** AC_H_ @}*/ diff --git a/src/libstrongswan/credentials/certificates/x509.h b/src/libstrongswan/credentials/certificates/x509.h index 4e8d4317f..6cbfcdeed 100644 --- a/src/libstrongswan/credentials/certificates/x509.h +++ b/src/libstrongswan/credentials/certificates/x509.h @@ -39,25 +39,27 @@ typedef enum x509_constraint_t x509_constraint_t; */ enum x509_flag_t { /** cert has no constraints */ - X509_NONE = 0, + X509_NONE = 0, /** cert has CA constraint */ - X509_CA = (1<<0), + X509_CA = (1<<0), /** cert has AA constraint */ - X509_AA = (1<<1), + X509_AA = (1<<1), /** cert has OCSP signer constraint */ - X509_OCSP_SIGNER = (1<<2), + X509_OCSP_SIGNER = (1<<2), /** cert has serverAuth key usage */ - X509_SERVER_AUTH = (1<<3), + X509_SERVER_AUTH = (1<<3), /** cert has clientAuth key usage */ - X509_CLIENT_AUTH = (1<<4), + X509_CLIENT_AUTH = (1<<4), /** cert is self-signed */ - X509_SELF_SIGNED = (1<<5), + X509_SELF_SIGNED = (1<<5), /** cert has an ipAddrBlocks extension */ - X509_IP_ADDR_BLOCKS = (1<<6), + X509_IP_ADDR_BLOCKS = (1<<6), /** cert has CRL sign key usage */ - X509_CRL_SIGN = (1<<7), + X509_CRL_SIGN = (1<<7), /** cert has iKEIntermediate key usage */ - X509_IKE_INTERMEDIATE = (1<<8), + X509_IKE_INTERMEDIATE = (1<<8), + /** cert has Microsoft Smartcard Logon usage */ + X509_MS_SMARTCARD_LOGON = (1<<9), }; /** diff --git a/src/libstrongswan/credentials/cred_encoding.c b/src/libstrongswan/credentials/cred_encoding.c index 53ac13cbb..303816391 100644 --- a/src/libstrongswan/credentials/cred_encoding.c +++ b/src/libstrongswan/credentials/cred_encoding.c @@ -94,22 +94,6 @@ bool cred_encoding_args(va_list args, ...) return !failed; } -/** - * hashtable hash() function - */ -static u_int hash(void *key) -{ - return (uintptr_t)key; -} - -/** - * hashtable equals() function - */ -static bool equals(void *key1, void *key2) -{ - return key1 == key2; -} - METHOD(cred_encoding_t, get_cache, bool, private_cred_encoding_t *this, cred_encoding_type_t type, void *cache, chunk_t *encoding) @@ -289,7 +273,8 @@ cred_encoding_t *cred_encoding_create() for (type = 0; type < CRED_ENCODING_MAX; type++) { - this->cache[type] = hashtable_create(hash, equals, 8); + this->cache[type] = hashtable_create(hashtable_hash_ptr, + hashtable_equals_ptr, 8); } return &this->public; diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c deleted file mode 100644 index 49af5a079..000000000 --- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c +++ /dev/null @@ -1,534 +0,0 @@ -/* - * Copyright (C) 2007-2009 Andreas Steffen - * - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <asn1/oid.h> -#include <asn1/asn1.h> -#include <asn1/asn1_parser.h> -#include <collections/linked_list.h> -#include <utils/lexparser.h> - -#include "ietf_attributes.h" - -/** - * Private definition of IETF attribute types - */ -typedef enum { - IETF_ATTRIBUTE_OCTETS = 0, - IETF_ATTRIBUTE_OID = 1, - IETF_ATTRIBUTE_STRING = 2 -} ietf_attribute_type_t; - -typedef struct ietf_attr_t ietf_attr_t; - -/** - * Private definition of an IETF attribute - */ -struct ietf_attr_t { - /** - * IETF attribute type - */ - ietf_attribute_type_t type; - - /** - * IETF attribute value - */ - chunk_t value; - - /** - * Compares two IETF attributes - * - * return -1 if this is earlier in the alphabet than other - * return 0 if this equals other - * return +1 if this is later in the alphabet than other - * - * @param other other object - */ - int (*compare) (ietf_attr_t *this, ietf_attr_t *other); - - /** - * Destroys an ietf_attr_t object. - */ - void (*destroy) (ietf_attr_t *this); -}; - -/** - * Implements ietf_attr_t.compare. - */ -static int ietf_attr_compare(ietf_attr_t *this, ietf_attr_t *other) -{ - int cmp_len, len, cmp_value; - - /* OID attributes are appended after STRING and OCTETS attributes */ - if (this->type != IETF_ATTRIBUTE_OID && other->type == IETF_ATTRIBUTE_OID) - { - return -1; - } - if (this->type == IETF_ATTRIBUTE_OID && other->type != IETF_ATTRIBUTE_OID) - { - return 1; - } - - cmp_len = this->value.len - other->value.len; - len = (cmp_len < 0) ? this->value.len : other->value.len; - cmp_value = memcmp(this->value.ptr, other->value.ptr, len); - - return (cmp_value == 0) ? cmp_len : cmp_value; -} - -/** - * Implements ietf_attr_t.destroy. - */ -static void ietf_attr_destroy(ietf_attr_t *this) -{ - free(this->value.ptr); - free(this); -} - -/** - * Creates an ietf_attr_t object. - */ -static ietf_attr_t* ietf_attr_create(ietf_attribute_type_t type, chunk_t value) -{ - ietf_attr_t *this; - - INIT(this, - .compare = ietf_attr_compare, - .destroy = ietf_attr_destroy, - .type = type, - .value = chunk_clone(value), - ); - - return this; -} - -typedef struct private_ietf_attributes_t private_ietf_attributes_t; - -/** - * Private data of an ietf_attributes_t object. - */ -struct private_ietf_attributes_t { - /** - * Public interface. - */ - ietf_attributes_t public; - - /** - * Printable representation of the IETF attributes - */ - char *string; - - /** - * Linked list of IETF attributes. - */ - linked_list_t *list; - - /** - * reference count - */ - refcount_t ref; -}; - -METHOD(ietf_attributes_t, get_string, char*, - private_ietf_attributes_t *this) -{ - if (this->string == NULL) - { - char buf[BUF_LEN]; - char *pos = buf; - int len = BUF_LEN; - bool first = TRUE; - ietf_attr_t *attr; - enumerator_t *enumerator; - - enumerator = this->list->create_enumerator(this->list); - while (enumerator->enumerate(enumerator, &attr)) - { - int written; - - if (first) - { - first = FALSE; - } - else - { - written = snprintf(pos, len, ", "); - if (written < 0 || written >= len) - { - break; - } - pos += written; - len -= written; - } - - switch (attr->type) - { - case IETF_ATTRIBUTE_OCTETS: - case IETF_ATTRIBUTE_STRING: - written = snprintf(pos, len, "%.*s", (int)attr->value.len, - attr->value.ptr); - break; - case IETF_ATTRIBUTE_OID: - { - int oid = asn1_known_oid(attr->value); - - if (oid == OID_UNKNOWN) - { - written = snprintf(pos, len, "0x%#B", &attr->value); - } - else - { - written = snprintf(pos, len, "%s", oid_names[oid].name); - } - break; - } - default: - written = 0; - break; - } - if (written < 0 || written >= len) - { - break; - } - pos += written; - len -= written; - } - enumerator->destroy(enumerator); - if (len < BUF_LEN) - { - this->string = strdup(buf); - } - } - return this->string; -} - -METHOD(ietf_attributes_t, get_encoding, chunk_t, - private_ietf_attributes_t *this) -{ - chunk_t values; - size_t size = 0; - u_char *pos; - ietf_attr_t *attr; - enumerator_t *enumerator; - - /* precalculate the total size of all values */ - enumerator = this->list->create_enumerator(this->list); - while (enumerator->enumerate(enumerator, &attr)) - { - size_t len = attr->value.len; - - size += 1 + (len > 0) + (len >= 128) + (len >= 256) + (len >= 65536) + len; - } - enumerator->destroy(enumerator); - - pos = asn1_build_object(&values, ASN1_SEQUENCE, size); - - enumerator = this->list->create_enumerator(this->list); - while (enumerator->enumerate(enumerator, &attr)) - { - chunk_t ietfAttribute; - asn1_t type = ASN1_NULL; - - switch (attr->type) - { - case IETF_ATTRIBUTE_OCTETS: - type = ASN1_OCTET_STRING; - break; - case IETF_ATTRIBUTE_STRING: - type = ASN1_UTF8STRING; - break; - case IETF_ATTRIBUTE_OID: - type = ASN1_OID; - break; - } - ietfAttribute = asn1_simple_object(type, attr->value); - - /* copy ietfAttribute into values chunk */ - memcpy(pos, ietfAttribute.ptr, ietfAttribute.len); - pos += ietfAttribute.len; - free(ietfAttribute.ptr); - } - enumerator->destroy(enumerator); - - return asn1_wrap(ASN1_SEQUENCE, "m", values); -} - -/** - * Implementation of ietf_attributes_t.equals. - */ -static bool equals(private_ietf_attributes_t *this, - private_ietf_attributes_t *other) -{ - bool result = TRUE; - - /* lists must have the same number of attributes */ - if (other == NULL || - this->list->get_count(this->list) != other->list->get_count(other->list)) - { - return FALSE; - } - - /* compare two alphabetically-sorted lists */ - { - ietf_attr_t *attr_a, *attr_b; - enumerator_t *enum_a, *enum_b; - - enum_a = this->list->create_enumerator(this->list); - enum_b = other->list->create_enumerator(other->list); - while (enum_a->enumerate(enum_a, &attr_a) && - enum_b->enumerate(enum_b, &attr_b)) - { - if (attr_a->compare(attr_a, attr_b) != 0) - { - /* we have a mismatch */ - result = FALSE; - break; - } - } - enum_a->destroy(enum_a); - enum_b->destroy(enum_b); - } - return result; -} - -/** - * Implementation of ietf_attributes_t.matches. - */ -static bool matches(private_ietf_attributes_t *this, - private_ietf_attributes_t *other) -{ - bool result = FALSE; - ietf_attr_t *attr_a, *attr_b; - enumerator_t *enum_a, *enum_b; - - /* always match if this->list does not contain any attributes */ - if (this->list->get_count(this->list) == 0) - { - return TRUE; - } - - /* never match if other->list does not contain any attributes */ - if (other == NULL || other->list->get_count(other->list) == 0) - { - return FALSE; - } - - /* get first attribute from both lists */ - enum_a = this->list->create_enumerator(this->list); - enum_a->enumerate(enum_a, &attr_a); - enum_b = other->list->create_enumerator(other->list); - enum_b->enumerate(enum_b, &attr_b); - - /* look for at least one common attribute */ - while (TRUE) - { - int cmp = attr_a->compare(attr_a, attr_b); - - if (cmp == 0) - { - /* we have a match */ - result = TRUE; - break; - } - if (cmp == -1) - { - /* attr_a is earlier in the alphabet, get next attr_a */ - if (!enum_a->enumerate(enum_a, &attr_a)) - { - /* we have reached the end of enum_a */ - break; - } - } - else - { - /* attr_a is later in the alphabet, get next attr_b */ - if (!enum_b->enumerate(enum_b, &attr_b)) - { - /* we have reached the end of enum_b */ - break; - } - } - } - enum_a->destroy(enum_a); - enum_b->destroy(enum_b); - - return result; -} - -METHOD(ietf_attributes_t, get_ref, ietf_attributes_t*, - private_ietf_attributes_t *this) -{ - ref_get(&this->ref); - return &this->public; -} - -METHOD(ietf_attributes_t, destroy, void, - private_ietf_attributes_t *this) -{ - if (ref_put(&this->ref)) - { - this->list->destroy_offset(this->list, offsetof(ietf_attr_t, destroy)); - free(this->string); - free(this); - } -} - -static private_ietf_attributes_t* create_empty(void) -{ - private_ietf_attributes_t *this; - - INIT(this, - .public = { - .get_string = _get_string, - .get_encoding = _get_encoding, - .equals = (bool (*)(ietf_attributes_t*,ietf_attributes_t*))equals, - .matches = (bool (*)(ietf_attributes_t*,ietf_attributes_t*))matches, - .get_ref = _get_ref, - .destroy = _destroy, - }, - .list = linked_list_create(), - .ref = 1, - ); - - return this; -} - -/** - * Adds an ietf_attr_t object to a sorted linked list - */ -static void ietf_attributes_add(private_ietf_attributes_t *this, - ietf_attr_t *attr) -{ - ietf_attr_t *current_attr; - enumerator_t *enumerator; - int cmp = -1; - - enumerator = this->list->create_enumerator(this->list); - while (enumerator->enumerate(enumerator, (void **)¤t_attr) && - (cmp = attr->compare(attr, current_attr)) > 0) - { - continue; - } - if (cmp == 0) - { - attr->destroy(attr); - } - else - { /* the enumerator either points to the end or to the attribute > attr */ - this->list->insert_before(this->list, enumerator, attr); - } - enumerator->destroy(enumerator); -} - -/* - * Described in header. - */ -ietf_attributes_t *ietf_attributes_create_from_string(char *string) -{ - private_ietf_attributes_t *this = create_empty(); - - chunk_t line = { string, strlen(string) }; - - while (eat_whitespace(&line)) - { - chunk_t group; - - /* extract the next comma-separated group attribute */ - if (!extract_token(&group, ',', &line)) - { - group = line; - line.len = 0; - } - - /* remove any trailing spaces */ - while (group.len > 0 && *(group.ptr + group.len - 1) == ' ') - { - group.len--; - } - - /* add the group attribute to the list */ - if (group.len > 0) - { - ietf_attr_t *attr = ietf_attr_create(IETF_ATTRIBUTE_STRING, group); - - ietf_attributes_add(this, attr); - } - } - - return &(this->public); -} - -/** - * ASN.1 definition of ietfAttrSyntax - */ -static const asn1Object_t ietfAttrSyntaxObjects[] = -{ - { 0, "ietfAttrSyntax", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ - { 1, "policyAuthority", ASN1_CONTEXT_C_0, ASN1_OPT | - ASN1_BODY }, /* 1 */ - { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */ - { 1, "values", ASN1_SEQUENCE, ASN1_LOOP }, /* 3 */ - { 2, "octets", ASN1_OCTET_STRING, ASN1_OPT | - ASN1_BODY }, /* 4 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 5 */ - { 2, "oid", ASN1_OID, ASN1_OPT | - ASN1_BODY }, /* 6 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ - { 2, "string", ASN1_UTF8STRING, ASN1_OPT | - ASN1_BODY }, /* 8 */ - { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */ - { 1, "end loop", ASN1_EOC, ASN1_END }, /* 10 */ - { 0, "exit", ASN1_EOC, ASN1_EXIT } -}; -#define IETF_ATTR_OCTETS 4 -#define IETF_ATTR_OID 6 -#define IETF_ATTR_STRING 8 - -/* - * Described in header. - */ -ietf_attributes_t *ietf_attributes_create_from_encoding(chunk_t encoded) -{ - private_ietf_attributes_t *this = create_empty(); - asn1_parser_t *parser; - chunk_t object; - int objectID; - - parser = asn1_parser_create(ietfAttrSyntaxObjects, encoded); - while (parser->iterate(parser, &objectID, &object)) - { - switch (objectID) - { - case IETF_ATTR_OCTETS: - case IETF_ATTR_OID: - case IETF_ATTR_STRING: - { - ietf_attribute_type_t type; - ietf_attr_t *attr; - - type = (objectID - IETF_ATTR_OCTETS) / 2; - attr = ietf_attr_create(type, object); - ietf_attributes_add(this, attr); - } - break; - default: - break; - } - } - parser->destroy(parser); - - return &(this->public); -} - diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h deleted file mode 100644 index ab6bae984..000000000 --- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.h +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (C) 2007-2009 Andreas Steffen - * - * HSR Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ietf_attributes ietf_attributes - * @{ @ingroup credentials - */ - -#ifndef IETF_ATTRIBUTES_H_ -#define IETF_ATTRIBUTES_H_ - -typedef struct ietf_attributes_t ietf_attributes_t; - -#include <library.h> - -/** - * - */ -struct ietf_attributes_t { - - /** - * Get the an alphabetically sorted list of printable IETF attributes. - * - * Result points to internal data, do not free. - * - * @return a string containing printable attributes - */ - char* (*get_string) (ietf_attributes_t *this); - - /** - * Get the ASN.1 encoding of the IETF attributes. - * - * @return allocated chunk containing the encoded bytes - */ - chunk_t (*get_encoding) (ietf_attributes_t *this); - - /** - * Check for equality between two lists. - * - * @param other attribute list to be checked for equality - * @return TRUE if equal - */ - bool (*equals) (ietf_attributes_t *this, ietf_attributes_t *other); - - /** - * Check for common attributes between two lists. - * - * @param other attribute list to be matched - * @return TRUE if there is at least a common attribute - */ - bool (*matches) (ietf_attributes_t *this, ietf_attributes_t *other); - - /** - * Get a new reference to the IETF attributes. - * - * @return this, with an increased refcount - */ - ietf_attributes_t* (*get_ref)(ietf_attributes_t *this); - - /** - * Destroys an ietf_attributes_t object. - */ - void (*destroy) (ietf_attributes_t *this); -}; - -/** - * @param string input string, which will be converted - * @return ietf_attributes_t - */ -ietf_attributes_t *ietf_attributes_create_from_string(char *string); - -/** - * @param encoded ASN.1 encoded bytes, such as from ietf_attributes.get_encoding - * @return ietf_attributes_t - */ -ietf_attributes_t *ietf_attributes_create_from_encoding(chunk_t encoded); - -#endif /** IETF_ATTRIBUTES_H_ @}*/ - diff --git a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c index 46bfb5c6e..c6b8d0c7e 100644 --- a/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c +++ b/src/libstrongswan/credentials/sets/auth_cfg_wrapper.c @@ -133,7 +133,8 @@ static bool enumerate(wrapper_enumerator_t *this, certificate_t **cert) } else if (rule != AUTH_HELPER_SUBJECT_CERT && rule != AUTH_HELPER_IM_CERT && - rule != AUTH_HELPER_REVOCATION_CERT) + rule != AUTH_HELPER_REVOCATION_CERT && + rule != AUTH_HELPER_AC_CERT) { /* handle only HELPER certificates */ continue; } diff --git a/src/libstrongswan/crypto/aead.h b/src/libstrongswan/crypto/aead.h index c887f53bb..43f71b65e 100644 --- a/src/libstrongswan/crypto/aead.h +++ b/src/libstrongswan/crypto/aead.h @@ -102,6 +102,10 @@ struct aead_t { /** * Get the size of the key material (for encryption and authentication). * + * This includes any additional bytes requires for the implicit nonce part. + * For AEADs based on traditional ciphers, the length is for both + * the integrity and the encryption key in total. + * * @return key size in bytes */ size_t (*get_key_size)(aead_t *this); @@ -109,6 +113,11 @@ struct aead_t { /** * Set the key for encryption and authentication. * + * If the AEAD uses an implicit nonce, the last part of the key shall + * be the implicit nonce. For AEADs based on traditional ciphers, the + * key shall include both integrity and encryption keys, concatenated + * in that order. + * * @param key encryption and authentication key * @return TRUE if key set successfully */ diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c index dba3f6f6d..6dea30ee3 100644 --- a/src/libstrongswan/crypto/crypto_factory.c +++ b/src/libstrongswan/crypto/crypto_factory.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2014 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -20,6 +20,7 @@ #include <threading/rwlock.h> #include <collections/linked_list.h> #include <crypto/crypto_tester.h> +#include <utils/test.h> const char *default_plugin_name = "default"; @@ -175,7 +176,7 @@ METHOD(crypto_factory_t, create_crypter, crypter_t*, METHOD(crypto_factory_t, create_aead, aead_t*, private_crypto_factory_t *this, encryption_algorithm_t algo, - size_t key_size) + size_t key_size, size_t salt_size) { enumerator_t *enumerator; entry_t *entry; @@ -189,12 +190,12 @@ METHOD(crypto_factory_t, create_aead, aead_t*, { if (this->test_on_create && !this->tester->test_aead(this->tester, algo, key_size, - entry->create_aead, NULL, + salt_size, entry->create_aead, NULL, default_plugin_name)) { continue; } - aead = entry->create_aead(algo, key_size); + aead = entry->create_aead(algo, key_size, salt_size); if (aead) { break; @@ -473,7 +474,7 @@ METHOD(crypto_factory_t, add_aead, bool, u_int speed = 0; if (!this->test_on_add || - this->tester->test_aead(this->tester, algo, 0, create, + this->tester->test_aead(this->tester, algo, 0, 0, create, this->bench ? &speed : NULL, plugin_name)) { add_entry(this, this->aeads, algo, plugin_name, speed, create); @@ -976,3 +977,39 @@ crypto_factory_t *crypto_factory_create() return &this->public; } + +/** + * Manually verify all registered algorithms against test vectors + */ +static u_int verify_registered_algorithms(crypto_factory_t *factory) +{ + private_crypto_factory_t *this = (private_crypto_factory_t*)factory; + enumerator_t *enumerator; + entry_t *entry; + u_int failures = 0; + +#define TEST_ALGORITHMS(test, ...) do { \ + enumerator = this->test##s->create_enumerator(this->test##s); \ + while (enumerator->enumerate(enumerator, &entry)) \ + { \ + if (!this->tester->test_##test(this->tester, entry->algo, ##__VA_ARGS__, \ + entry->create_##test, NULL, entry->plugin_name)) \ + { \ + failures++; \ + } \ + } \ + enumerator->destroy(enumerator); \ +} while (0) + + this->lock->read_lock(this->lock); + TEST_ALGORITHMS(crypter, 0); + TEST_ALGORITHMS(aead, 0, 0); + TEST_ALGORITHMS(signer); + TEST_ALGORITHMS(hasher); + TEST_ALGORITHMS(prf); + TEST_ALGORITHMS(rng); + this->lock->unlock(this->lock); + return failures; +} + +EXPORT_FUNCTION_FOR_TESTS(crypto, verify_registered_algorithms); diff --git a/src/libstrongswan/crypto/crypto_factory.h b/src/libstrongswan/crypto/crypto_factory.h index 281dc256f..7865bcb15 100644 --- a/src/libstrongswan/crypto/crypto_factory.h +++ b/src/libstrongswan/crypto/crypto_factory.h @@ -46,7 +46,7 @@ typedef crypter_t* (*crypter_constructor_t)(encryption_algorithm_t algo, * Constructor function for aead transforms */ typedef aead_t* (*aead_constructor_t)(encryption_algorithm_t algo, - size_t key_size); + size_t key_size, size_t salt_size); /** * Constructor function for signers */ @@ -100,10 +100,12 @@ struct crypto_factory_t { * * @param algo encryption algorithm * @param key_size length of the key in bytes + * @param salt_size size of salt, implicit part of the nonce * @return aead_t instance, NULL if not supported */ aead_t* (*create_aead)(crypto_factory_t *this, - encryption_algorithm_t algo, size_t key_size); + encryption_algorithm_t algo, + size_t key_size, size_t salt_size); /** * Create a symmetric signer instance. diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index 30724b16d..c6780daf1 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -204,16 +204,13 @@ METHOD(crypto_tester_t, test_crypter, bool, continue; } - tested++; - failed = TRUE; crypter = create(alg, vector->key_size); if (!crypter) - { - DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported", - encryption_algorithm_names, alg, plugin_name, - BITS_PER_BYTE * vector->key_size); + { /* key size not supported */ continue; } + tested++; + failed = TRUE; key = chunk_create(vector->key, crypter->get_key_size(crypter)); if (!crypter->set_key(crypter, key)) @@ -318,7 +315,7 @@ static u_int bench_aead(private_crypto_tester_t *this, { aead_t *aead; - aead = create(alg, 0); + aead = create(alg, 0, 0); if (aead) { char iv[aead->get_iv_size(aead)]; @@ -367,7 +364,8 @@ static u_int bench_aead(private_crypto_tester_t *this, METHOD(crypto_tester_t, test_aead, bool, private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size, - aead_constructor_t create, u_int *speed, const char *plugin_name) + size_t salt_size, aead_constructor_t create, + u_int *speed, const char *plugin_name) { enumerator_t *enumerator; aead_test_vector_t *vector; @@ -389,10 +387,14 @@ METHOD(crypto_tester_t, test_aead, bool, { /* test only vectors with a specific key size, if key size given */ continue; } + if (salt_size && salt_size != vector->salt_size) + { + continue; + } tested++; failed = TRUE; - aead = create(alg, vector->key_size); + aead = create(alg, vector->key_size, vector->salt_size); if (!aead) { DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported", @@ -1221,4 +1223,3 @@ crypto_tester_t *crypto_tester_create() return &this->public; } - diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h index 9ac665929..add3b1cdf 100644 --- a/src/libstrongswan/crypto/crypto_tester.h +++ b/src/libstrongswan/crypto/crypto_tester.h @@ -54,6 +54,8 @@ struct aead_test_vector_t { encryption_algorithm_t alg; /** key length to use, in bytes */ size_t key_size; + /** salt length to use, in bytes */ + size_t salt_size; /** encryption key of test vector */ u_char *key; /** initialization vector, using crypters blocksize bytes */ @@ -150,13 +152,15 @@ struct crypto_tester_t { * * @param alg algorithm to test * @param key_size key size to test, 0 for default + * @param salt_size salt length to test, 0 for default * @param create constructor function for the aead transform * @param speed speed test result, NULL to omit * @return TRUE if test passed */ bool (*test_aead)(crypto_tester_t *this, encryption_algorithm_t alg, - size_t key_size, aead_constructor_t create, - u_int *speed, const char *plugin_name); + size_t key_size, size_t salt_size, + aead_constructor_t create, + u_int *speed, const char *plugin_name); /** * Test a signer algorithm. * diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index 8472c30a5..c5bb4cd93 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -265,8 +265,11 @@ bool library_init(char *settings, const char *namespace) #ifdef LEAK_DETECTIVE lib->leak_detective = leak_detective_create(); - lib->leak_detective->set_report_cb(lib->leak_detective, - report_leaks, sum_leaks, NULL); + if (lib->leak_detective) + { + lib->leak_detective->set_report_cb(lib->leak_detective, + report_leaks, sum_leaks, NULL); + } #endif /* LEAK_DETECTIVE */ pfh = printf_hook_create(); diff --git a/src/libstrongswan/plugins/acert/Makefile.am b/src/libstrongswan/plugins/acert/Makefile.am new file mode 100644 index 000000000..ba16f413a --- /dev/null +++ b/src/libstrongswan/plugins/acert/Makefile.am @@ -0,0 +1,17 @@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = \ + -rdynamic + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-acert.la +else +plugin_LTLIBRARIES = libstrongswan-acert.la +endif + +libstrongswan_acert_la_SOURCES = \ + acert_validator.h acert_validator.c \ + acert_plugin.h acert_plugin.c + +libstrongswan_acert_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/acert/Makefile.in b/src/libstrongswan/plugins/acert/Makefile.in new file mode 100644 index 000000000..3dd650d4b --- /dev/null +++ b/src/libstrongswan/plugins/acert/Makefile.in @@ -0,0 +1,759 @@ +# Makefile.in generated by automake 1.13.3 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/acert +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(plugindir)" +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) +libstrongswan_acert_la_LIBADD = +am_libstrongswan_acert_la_OBJECTS = acert_validator.lo acert_plugin.lo +libstrongswan_acert_la_OBJECTS = $(am_libstrongswan_acert_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libstrongswan_acert_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_acert_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_acert_la_rpath = -rpath \ +@MONOLITHIC_FALSE@ $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_acert_la_rpath = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libstrongswan_acert_la_SOURCES) +DIST_SOURCES = $(libstrongswan_acert_la_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ +RUBYLIB = @RUBYLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dbusservicedir = @dbusservicedir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +maemo_CFLAGS = @maemo_CFLAGS@ +maemo_LIBS = @maemo_LIBS@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = \ + -rdynamic + +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-acert.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-acert.la +libstrongswan_acert_la_SOURCES = \ + acert_validator.h acert_validator.c \ + acert_plugin.h acert_plugin.c + +libstrongswan_acert_la_LDFLAGS = -module -avoid-version +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/acert/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libstrongswan-acert.la: $(libstrongswan_acert_la_OBJECTS) $(libstrongswan_acert_la_DEPENDENCIES) $(EXTRA_libstrongswan_acert_la_DEPENDENCIES) + $(AM_V_CCLD)$(libstrongswan_acert_la_LINK) $(am_libstrongswan_acert_la_rpath) $(libstrongswan_acert_la_OBJECTS) $(libstrongswan_acert_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acert_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acert_validator.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-pluginLTLIBRARIES install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-pluginLTLIBRARIES + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/acert/acert_plugin.c b/src/libstrongswan/plugins/acert/acert_plugin.c new file mode 100644 index 000000000..01d9ae3b8 --- /dev/null +++ b/src/libstrongswan/plugins/acert/acert_plugin.c @@ -0,0 +1,99 @@ +/* + * Copyright (C) 2014 Martin Willi + * Copyright (C) 2014 revosec AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "acert_plugin.h" +#include "acert_validator.h" + +#include <library.h> + +typedef struct private_acert_plugin_t private_acert_plugin_t; + +/** + * private data of acert_plugin + */ +struct private_acert_plugin_t { + + /** + * public functions + */ + acert_plugin_t public; + + /** + * Validator implementation instance. + */ + acert_validator_t *validator; +}; + +METHOD(plugin_t, get_name, char*, + private_acert_plugin_t *this) +{ + return "acert"; +} + +/** + * Register validator + */ +static bool plugin_cb(private_acert_plugin_t *this, + plugin_feature_t *feature, bool reg, void *cb_data) +{ + if (reg) + { + lib->credmgr->add_validator(lib->credmgr, &this->validator->validator); + } + else + { + lib->credmgr->remove_validator(lib->credmgr, &this->validator->validator); + } + return TRUE; +} + +METHOD(plugin_t, get_features, int, + private_acert_plugin_t *this, plugin_feature_t *features[]) +{ + static plugin_feature_t f[] = { + PLUGIN_CALLBACK((plugin_feature_callback_t)plugin_cb, NULL), + PLUGIN_PROVIDE(CUSTOM, "acert"), + }; + *features = f; + return countof(f); +} + +METHOD(plugin_t, destroy, void, + private_acert_plugin_t *this) +{ + this->validator->destroy(this->validator); + free(this); +} + +/* + * see header file + */ +plugin_t *acert_plugin_create() +{ + private_acert_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, + }, + .validator = acert_validator_create(), + ); + + return &this->public.plugin; +} diff --git a/src/libstrongswan/plugins/acert/acert_plugin.h b/src/libstrongswan/plugins/acert/acert_plugin.h new file mode 100644 index 000000000..97d12936d --- /dev/null +++ b/src/libstrongswan/plugins/acert/acert_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2014 Martin Willi + * Copyright (C) 2014 revosec AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup acert acert + * @ingroup plugins + * + * @defgroup acert_plugin acert_plugin + * @{ @ingroup acert + */ + +#ifndef ACERT_PLUGIN_H_ +#define ACERT_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct acert_plugin_t acert_plugin_t; + +/** + * X.509 attribute certificate group membership checking. + */ +struct acert_plugin_t { + + /** + * Implements plugin_t. interface. + */ + plugin_t plugin; +}; + +#endif /** ACERT_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/acert/acert_validator.c b/src/libstrongswan/plugins/acert/acert_validator.c new file mode 100644 index 000000000..ab15dba98 --- /dev/null +++ b/src/libstrongswan/plugins/acert/acert_validator.c @@ -0,0 +1,149 @@ +/* + * Copyright (C) 2014 Martin Willi + * Copyright (C) 2014 revosec AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#define _GNU_SOURCE +#include <library.h> + +#include "acert_validator.h" + +#include <credentials/certificates/x509.h> +#include <credentials/certificates/ac.h> + +typedef struct private_acert_validator_t private_acert_validator_t; + +/** + * Private data of an acert_validator_t object. + */ +struct private_acert_validator_t { + + /** + * Public acert_validator_t interface. + */ + acert_validator_t public; +}; + +/** + * Check if an AC can be trusted + */ +static bool verify(private_acert_validator_t *this, certificate_t *ac) +{ + certificate_t *issuer; + enumerator_t *enumerator; + bool verified = FALSE; + + if (!ac->get_validity(ac, NULL, NULL, NULL)) + { + return FALSE; + } + DBG1(DBG_CFG, "verifying attribute certificate issued by \"%Y\"", + ac->get_issuer(ac)); + enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY, + ac->get_issuer(ac), TRUE); + while (enumerator->enumerate(enumerator, &issuer, NULL)) + { + if (issuer->get_validity(issuer, NULL, NULL, NULL)) + { + if (lib->credmgr->issued_by(lib->credmgr, ac, issuer, NULL)) + { + verified = TRUE; + break; + } + } + } + enumerator->destroy(enumerator); + + return verified; +} + +/** + * Apply AC group membership to auth config + */ +static void apply(private_acert_validator_t *this, ac_t *ac, auth_cfg_t *auth) +{ + enumerator_t *enumerator; + ac_group_type_t type; + chunk_t chunk; + + enumerator = ac->create_group_enumerator(ac); + while (enumerator->enumerate(enumerator, &type, &chunk)) + { + if (type == AC_GROUP_TYPE_STRING) + { + auth->add(auth, AUTH_RULE_GROUP, + identification_create_from_data(chunk)); + } + } + enumerator->destroy(enumerator); +} + +METHOD(cert_validator_t, validate, bool, + private_acert_validator_t *this, certificate_t *subject, + certificate_t *issuer, bool online, u_int pathlen, bool anchor, + auth_cfg_t *auth) +{ + /* for X.509 end entity certs only */ + if (pathlen == 0 && subject->get_type(subject) == CERT_X509) + { + x509_t *x509 = (x509_t*)subject; + enumerator_t *enumerator; + identification_t *id, *serial; + ac_t *ac; + + /* find attribute certificates by serial and issuer. A lookup by + * the holder DN would work as well, but RFC 5755 recommends the use + * of baseCertificateID. */ + serial = identification_create_from_encoding(ID_KEY_ID, + x509->get_serial(x509)); + enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, + CERT_X509_AC, KEY_ANY, serial, FALSE); + while (enumerator->enumerate(enumerator, &ac)) + { + id = ac->get_holderIssuer(ac); + if (id && id->equals(id, subject->get_issuer(subject))) + { + if (verify(this, &ac->certificate)) + { + apply(this, ac, auth); + } + } + } + enumerator->destroy(enumerator); + serial->destroy(serial); + } + return TRUE; +} + +METHOD(acert_validator_t, destroy, void, + private_acert_validator_t *this) +{ + free(this); +} + +/** + * See header + */ +acert_validator_t *acert_validator_create() +{ + private_acert_validator_t *this; + + INIT(this, + .public = { + .validator.validate = _validate, + .destroy = _destroy, + }, + ); + + return &this->public; +} diff --git a/src/libstrongswan/plugins/acert/acert_validator.h b/src/libstrongswan/plugins/acert/acert_validator.h new file mode 100644 index 000000000..507776f18 --- /dev/null +++ b/src/libstrongswan/plugins/acert/acert_validator.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2014 Martin Willi + * Copyright (C) 2014 revosec AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup acert_validator acert_validator + * @{ @ingroup acert + */ + +#ifndef ACERT_VALIDATOR_H_ +#define ACERT_VALIDATOR_H_ + +#include <credentials/cert_validator.h> + +typedef struct acert_validator_t acert_validator_t; + +/** + * Attribute certificate group membership checking + */ +struct acert_validator_t { + + /** + * Implements cert_validator_t interface. + */ + cert_validator_t validator; + + /** + * Destroy a acert_validator_t. + */ + void (*destroy)(acert_validator_t *this); +}; + +/** + * Create a acert_validator instance. + */ +acert_validator_t *acert_validator_create(); + +#endif /** ACERT_VALIDATOR_H_ @}*/ diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index 9e91e8671..f9c0750ed 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/af_alg/Makefile.in b/src/libstrongswan/plugins/af_alg/Makefile.in index 4ea1e8f36..08f5e9453 100644 --- a/src/libstrongswan/plugins/af_alg/Makefile.in +++ b/src/libstrongswan/plugins/af_alg/Makefile.in @@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index 150e8d4d4..bfd9f2b6c 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in index f13a96421..1e3f69f96 100644 --- a/src/libstrongswan/plugins/blowfish/Makefile.in +++ b/src/libstrongswan/plugins/blowfish/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in index ed3f05681..b1e0f160b 100644 --- a/src/libstrongswan/plugins/ccm/Makefile.in +++ b/src/libstrongswan/plugins/ccm/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c index 65eccb2db..6d4b2e13c 100644 --- a/src/libstrongswan/plugins/ccm/ccm_aead.c +++ b/src/libstrongswan/plugins/ccm/ccm_aead.c @@ -343,7 +343,8 @@ METHOD(aead_t, destroy, void, /** * See header */ -ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size) +ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, + size_t key_size, size_t salt_size) { private_ccm_aead_t *this; size_t icv_size; @@ -360,6 +361,11 @@ ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size) default: return NULL; } + if (salt_size && salt_size != SALT_SIZE) + { + /* currently not supported */ + return NULL; + } switch (algo) { case ENCR_AES_CCM_ICV8: diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.h b/src/libstrongswan/plugins/ccm/ccm_aead.h index 79ab31804..0f1ec09a7 100644 --- a/src/libstrongswan/plugins/ccm/ccm_aead.h +++ b/src/libstrongswan/plugins/ccm/ccm_aead.h @@ -44,8 +44,10 @@ struct ccm_aead_t { * * @param algo algorithm to implement, a CCM mode * @param key_size key size in bytes + * @param salt_size size of implicit salt length * @return aead, NULL if not supported */ -ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size); +ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size, + size_t salt_size); #endif /** CCM_AEAD_H_ @}*/ diff --git a/src/libstrongswan/plugins/cmac/Makefile.in b/src/libstrongswan/plugins/cmac/Makefile.in index 620d8359f..a609e7177 100644 --- a/src/libstrongswan/plugins/cmac/Makefile.in +++ b/src/libstrongswan/plugins/cmac/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/constraints/Makefile.in b/src/libstrongswan/plugins/constraints/Makefile.in index 060287d1c..654800b65 100644 --- a/src/libstrongswan/plugins/constraints/Makefile.in +++ b/src/libstrongswan/plugins/constraints/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/ctr/Makefile.in b/src/libstrongswan/plugins/ctr/Makefile.in index ff34435a2..b6789e76d 100644 --- a/src/libstrongswan/plugins/ctr/Makefile.in +++ b/src/libstrongswan/plugins/ctr/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index a756a0a7e..67a92b3c2 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index ca79430c9..fb38b0738 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/dnskey/Makefile.in b/src/libstrongswan/plugins/dnskey/Makefile.in index b94b644c0..6986a8156 100644 --- a/src/libstrongswan/plugins/dnskey/Makefile.in +++ b/src/libstrongswan/plugins/dnskey/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index 3bb540d90..71a61f617 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in index 7bce3c983..dbf9d1169 100644 --- a/src/libstrongswan/plugins/gcm/Makefile.in +++ b/src/libstrongswan/plugins/gcm/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c index ba5f2e4b3..4ab17017f 100644 --- a/src/libstrongswan/plugins/gcm/gcm_aead.c +++ b/src/libstrongswan/plugins/gcm/gcm_aead.c @@ -375,7 +375,8 @@ METHOD(aead_t, destroy, void, /** * See header */ -gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size) +gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, + size_t key_size, size_t salt_size) { private_gcm_aead_t *this; size_t icv_size; @@ -392,6 +393,11 @@ gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size) default: return NULL; } + if (salt_size && salt_size != SALT_SIZE) + { + /* currently not supported */ + return NULL; + } switch (algo) { case ENCR_AES_GCM_ICV8: diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.h b/src/libstrongswan/plugins/gcm/gcm_aead.h index 846c3c76c..5c09477c3 100644 --- a/src/libstrongswan/plugins/gcm/gcm_aead.h +++ b/src/libstrongswan/plugins/gcm/gcm_aead.h @@ -44,8 +44,10 @@ struct gcm_aead_t { * * @param algo algorithm to implement, a gcm mode * @param key_size key size in bytes + * @param salt_size size of implicit salt length * @return aead, NULL if not supported */ -gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size); +gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size, + size_t salt_size); #endif /** GCM_AEAD_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in index 4ce3cf919..731375dcd 100644 --- a/src/libstrongswan/plugins/gcrypt/Makefile.in +++ b/src/libstrongswan/plugins/gcrypt/Makefile.in @@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index 73e0645b0..6b63e192d 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index f5e38fa90..d255cc95d 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/keychain/Makefile.in b/src/libstrongswan/plugins/keychain/Makefile.in index 42093e413..38a478b77 100644 --- a/src/libstrongswan/plugins/keychain/Makefile.in +++ b/src/libstrongswan/plugins/keychain/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index 7f14fbf8e..bd5bd43f2 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in index bdd446cd3..a5caf8df5 100644 --- a/src/libstrongswan/plugins/md4/Makefile.in +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index 32aac7bfa..c44893149 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index a35f8051b..fb36d16a2 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/nonce/Makefile.in b/src/libstrongswan/plugins/nonce/Makefile.in index 25437bdb8..60e45db7c 100644 --- a/src/libstrongswan/plugins/nonce/Makefile.in +++ b/src/libstrongswan/plugins/nonce/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/ntru/Makefile.am b/src/libstrongswan/plugins/ntru/Makefile.am index b33cbc8c9..e241554b5 100644 --- a/src/libstrongswan/plugins/ntru/Makefile.am +++ b/src/libstrongswan/plugins/ntru/Makefile.am @@ -12,21 +12,15 @@ endif libstrongswan_ntru_la_SOURCES = \ ntru_plugin.h ntru_plugin.c \ + ntru_convert.h ntru_convert.c \ ntru_drbg.h ntru_drbg.c \ ntru_ke.h ntru_ke.c \ ntru_mgf1.h ntru_mgf1.c \ + ntru_param_set.h ntru_param_set.c \ ntru_poly.h ntru_poly.c \ - ntru_trits.h ntru_trits.c \ - ntru_crypto/ntru_crypto.h \ - ntru_crypto/ntru_crypto_ntru_convert.h \ - ntru_crypto/ntru_crypto_ntru_convert.c \ - ntru_crypto/ntru_crypto_ntru_encrypt.c \ - ntru_crypto/ntru_crypto_ntru_encrypt_key.h \ - ntru_crypto/ntru_crypto_ntru_encrypt_key.c \ - ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \ - ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \ - ntru_crypto/ntru_crypto_ntru_poly.h \ - ntru_crypto/ntru_crypto_ntru_poly.c + ntru_public_key.h ntru_public_key.c \ + ntru_private_key.h ntru_private_key.c \ + ntru_trits.h ntru_trits.c libstrongswan_ntru_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/ntru/Makefile.in b/src/libstrongswan/plugins/ntru/Makefile.in index af192d203..38258048f 100644 --- a/src/libstrongswan/plugins/ntru/Makefile.in +++ b/src/libstrongswan/plugins/ntru/Makefile.in @@ -128,14 +128,10 @@ am__uninstall_files_from_dir = { \ am__installdirs = "$(DESTDIR)$(plugindir)" LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) libstrongswan_ntru_la_LIBADD = -am__dirstamp = $(am__leading_dot)dirstamp -am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_drbg.lo \ - ntru_ke.lo ntru_mgf1.lo ntru_poly.lo ntru_trits.lo \ - ntru_crypto/ntru_crypto_ntru_convert.lo \ - ntru_crypto/ntru_crypto_ntru_encrypt.lo \ - ntru_crypto/ntru_crypto_ntru_encrypt_key.lo \ - ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo \ - ntru_crypto/ntru_crypto_ntru_poly.lo +am_libstrongswan_ntru_la_OBJECTS = ntru_plugin.lo ntru_convert.lo \ + ntru_drbg.lo ntru_ke.lo ntru_mgf1.lo ntru_param_set.lo \ + ntru_poly.lo ntru_public_key.lo ntru_private_key.lo \ + ntru_trits.lo libstrongswan_ntru_la_OBJECTS = $(am_libstrongswan_ntru_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) @@ -377,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ @@ -427,21 +422,15 @@ AM_CFLAGS = \ @MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-ntru.la libstrongswan_ntru_la_SOURCES = \ ntru_plugin.h ntru_plugin.c \ + ntru_convert.h ntru_convert.c \ ntru_drbg.h ntru_drbg.c \ ntru_ke.h ntru_ke.c \ ntru_mgf1.h ntru_mgf1.c \ + ntru_param_set.h ntru_param_set.c \ ntru_poly.h ntru_poly.c \ - ntru_trits.h ntru_trits.c \ - ntru_crypto/ntru_crypto.h \ - ntru_crypto/ntru_crypto_ntru_convert.h \ - ntru_crypto/ntru_crypto_ntru_convert.c \ - ntru_crypto/ntru_crypto_ntru_encrypt.c \ - ntru_crypto/ntru_crypto_ntru_encrypt_key.h \ - ntru_crypto/ntru_crypto_ntru_encrypt_key.c \ - ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h \ - ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c \ - ntru_crypto/ntru_crypto_ntru_poly.h \ - ntru_crypto/ntru_crypto_ntru_poly.c + ntru_public_key.h ntru_public_key.c \ + ntru_private_key.h ntru_private_key.c \ + ntru_trits.h ntru_trits.c libstrongswan_ntru_la_LDFLAGS = -module -avoid-version all: all-am @@ -524,47 +513,26 @@ clean-pluginLTLIBRARIES: echo rm -f $${locs}; \ rm -f $${locs}; \ } -ntru_crypto/$(am__dirstamp): - @$(MKDIR_P) ntru_crypto - @: > ntru_crypto/$(am__dirstamp) -ntru_crypto/$(DEPDIR)/$(am__dirstamp): - @$(MKDIR_P) ntru_crypto/$(DEPDIR) - @: > ntru_crypto/$(DEPDIR)/$(am__dirstamp) -ntru_crypto/ntru_crypto_ntru_convert.lo: ntru_crypto/$(am__dirstamp) \ - ntru_crypto/$(DEPDIR)/$(am__dirstamp) -ntru_crypto/ntru_crypto_ntru_encrypt.lo: ntru_crypto/$(am__dirstamp) \ - ntru_crypto/$(DEPDIR)/$(am__dirstamp) -ntru_crypto/ntru_crypto_ntru_encrypt_key.lo: \ - ntru_crypto/$(am__dirstamp) \ - ntru_crypto/$(DEPDIR)/$(am__dirstamp) -ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.lo: \ - ntru_crypto/$(am__dirstamp) \ - ntru_crypto/$(DEPDIR)/$(am__dirstamp) -ntru_crypto/ntru_crypto_ntru_poly.lo: ntru_crypto/$(am__dirstamp) \ - ntru_crypto/$(DEPDIR)/$(am__dirstamp) libstrongswan-ntru.la: $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_DEPENDENCIES) $(EXTRA_libstrongswan_ntru_la_DEPENDENCIES) $(AM_V_CCLD)$(libstrongswan_ntru_la_LINK) $(am_libstrongswan_ntru_la_rpath) $(libstrongswan_ntru_la_OBJECTS) $(libstrongswan_ntru_la_LIBADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) - -rm -f ntru_crypto/*.$(OBJEXT) - -rm -f ntru_crypto/*.lo distclean-compile: -rm -f *.tab.c +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_convert.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_drbg.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_ke.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_mgf1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_param_set.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_plugin.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_poly.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_private_key.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_public_key.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ntru_trits.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_convert.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_key.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_encrypt_param_sets.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ntru_crypto/$(DEPDIR)/ntru_crypto_ntru_poly.Plo@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @@ -595,7 +563,6 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs - -rm -rf ntru_crypto/.libs ntru_crypto/_libs ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique @@ -712,8 +679,6 @@ clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -rm -f ntru_crypto/$(DEPDIR)/$(am__dirstamp) - -rm -f ntru_crypto/$(am__dirstamp) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @@ -724,7 +689,7 @@ clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ clean-pluginLTLIBRARIES mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR) + -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -770,7 +735,7 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) ntru_crypto/$(DEPDIR) + -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic diff --git a/src/libstrongswan/plugins/ntru/ntru_convert.c b/src/libstrongswan/plugins/ntru/ntru_convert.c new file mode 100644 index 000000000..6330b2e39 --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_convert.c @@ -0,0 +1,452 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2009-2013 Security Innovation + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <stdlib.h> +#include <string.h> + +#include "ntru_convert.h" + +/** + * 3-bit to 2-trit conversion tables: 2 represents -1 + */ +static uint8_t const bits_2_trit1[] = {0, 0, 0, 1, 1, 1, 2, 2}; +static uint8_t const bits_2_trit2[] = {0, 1, 2, 0, 1, 2, 0, 1}; + +/** + * See header. + */ +void ntru_bits_2_trits(uint8_t const *octets, uint16_t num_trits, uint8_t *trits) +{ + uint32_t bits24, bits3, shift; + + while (num_trits >= 16) + { + /* get next three octets */ + bits24 = ((uint32_t)(*octets++)) << 16; + bits24 |= ((uint32_t)(*octets++)) << 8; + bits24 |= (uint32_t)(*octets++); + + /* for each 3 bits in the three octets, output 2 trits */ + bits3 = (bits24 >> 21) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 18) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 15) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 12) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 9) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 6) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = (bits24 >> 3) & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + bits3 = bits24 & 0x7; + *trits++ = bits_2_trit1[bits3]; + *trits++ = bits_2_trit2[bits3]; + + num_trits -= 16; + } + if (num_trits == 0) + { + return; + } + + /* get three octets */ + bits24 = ((uint32_t)(*octets++)) << 16; + bits24 |= ((uint32_t)(*octets++)) << 8; + bits24 |= (uint32_t)(*octets++); + + shift = 21; + while (num_trits) + { + /** + * for each 3 bits in the three octets, output up to 2 trits + * until all trits needed are produced + */ + bits3 = (bits24 >> shift) & 0x7; + shift -= 3; + *trits++ = bits_2_trit1[bits3]; + if (--num_trits) + { + *trits++ = bits_2_trit2[bits3]; + --num_trits; + } + } +} + +/** + * See header. + */ +bool ntru_trits_2_bits(uint8_t const *trits, uint32_t num_trits, uint8_t *octets) +{ + bool all_trits_valid = TRUE; + uint32_t bits24, bits3, shift; + + while (num_trits >= 16) + { + /* convert each 2 trits to 3 bits and pack */ + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 = (bits3 << 21); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 18); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 15); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 12); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 9); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 6); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << 3); + + bits3 = *trits++ * 3; + bits3 += *trits++; + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= bits3; + + num_trits -= 16; + + /* output three octets */ + *octets++ = (uint8_t)((bits24 >> 16) & 0xff); + *octets++ = (uint8_t)((bits24 >> 8) & 0xff); + *octets++ = (uint8_t)(bits24 & 0xff); + } + + bits24 = 0; + shift = 21; + while (num_trits) + { + /* convert each 2 trits to 3 bits and pack */ + bits3 = *trits++ * 3; + if (--num_trits) + { + bits3 += *trits++; + --num_trits; + } + if (bits3 > 7) + { + bits3 = 7; + all_trits_valid = FALSE; + } + bits24 |= (bits3 << shift); + shift -= 3; + } + + /* output three octets */ + *octets++ = (uint8_t)((bits24 >> 16) & 0xff); + *octets++ = (uint8_t)((bits24 >> 8) & 0xff); + *octets++ = (uint8_t)(bits24 & 0xff); + + return all_trits_valid; +} + +/** + * See header + */ +void ntru_coeffs_mod4_2_octets(uint16_t num_coeffs, uint16_t const *coeffs, uint8_t *octets) +{ + uint8_t bits2; + int shift, i; + + *octets = 0; + shift = 6; + for (i = 0; i < num_coeffs; i++) + { + bits2 = (uint8_t)(coeffs[i] & 0x3); + *octets |= bits2 << shift; + shift -= 2; + if (shift < 0) + { + ++octets; + *octets = 0; + shift = 6; + } + } +} + +/** + * See header. + */ +void ntru_trits_2_octet(uint8_t const *trits, uint8_t *octet) +{ + int i; + + *octet = 0; + for (i = 4; i >= 0; i--) + { + *octet = (*octet * 3) + trits[i]; + } +} + +/** + * See header. + */ +void ntru_octet_2_trits(uint8_t octet, uint8_t *trits) +{ + int i; + + for (i = 0; i < 5; i++) + { + trits[i] = octet % 3; + octet = (octet - trits[i]) / 3; + } +} + +/** + * See header. + */ +void ntru_indices_2_trits(uint16_t in_len, uint16_t const *in, bool plus1, + uint8_t *out) +{ + uint8_t trit = plus1 ? 1 : 2; + int i; + + for (i = 0; i < in_len; i++) + { + out[in[i]] = trit; + } +} + +/** + * See header. + */ +void ntru_packed_trits_2_indices(uint8_t const *in, uint16_t num_trits, + uint16_t *indices_plus1, + uint16_t *indices_minus1) +{ + uint8_t trits[5]; + uint16_t i = 0; + int j; + + while (num_trits >= 5) + { + ntru_octet_2_trits(*in++, trits); + num_trits -= 5; + for (j = 0; j < 5; j++, i++) + { + if (trits[j] == 1) + { + *indices_plus1 = i; + ++indices_plus1; + } + else if (trits[j] == 2) + { + *indices_minus1 = i; + ++indices_minus1; + } + } + } + if (num_trits) + { + ntru_octet_2_trits(*in, trits); + for (j = 0; num_trits && (j < 5); j++, i++) + { + if (trits[j] == 1) + { + *indices_plus1 = i; + ++indices_plus1; + } + else if (trits[j] == 2) + { + *indices_minus1 = i; + ++indices_minus1; + } + --num_trits; + } + } +} + +/** + * See header. + */ +void ntru_indices_2_packed_trits(uint16_t const *indices, uint16_t num_plus1, + uint16_t num_minus1, uint16_t num_trits, + uint8_t *buf, uint8_t *out) +{ + /* convert indices to an array of trits */ + memset(buf, 0, num_trits); + ntru_indices_2_trits(num_plus1, indices, TRUE, buf); + ntru_indices_2_trits(num_minus1, indices + num_plus1, FALSE, buf); + + /* pack the array of trits */ + while (num_trits >= 5) + { + ntru_trits_2_octet(buf, out); + num_trits -= 5; + buf += 5; + ++out; + } + if (num_trits) + { + uint8_t trits[5]; + + memcpy(trits, buf, num_trits); + memset(trits + num_trits, 0, sizeof(trits) - num_trits); + ntru_trits_2_octet(trits, out); + } +} + +/** + * See header + */ +void ntru_elements_2_octets(uint16_t in_len, uint16_t const *in, uint8_t n_bits, + uint8_t *out) +{ + uint16_t temp; + int shift, i; + + /* pack */ + temp = 0; + shift = n_bits - 8; + i = 0; + while (i < in_len) + { + /* add bits to temp to fill an octet and output the octet */ + temp |= in[i] >> shift; + *out++ = (uint8_t)(temp & 0xff); + shift = 8 - shift; + if (shift < 1) + { + /* next full octet is in current input word */ + shift += n_bits; + temp = 0; + } + else + { + /* put remaining bits of input word in temp as partial octet, + * and increment index to next input word + */ + temp = in[i] << (uint16_t)shift; + ++i; + } + shift = n_bits - shift; + } + + /* output any bits remaining in last input word */ + if (shift != n_bits - 8) + { + *out++ = (uint8_t)(temp & 0xff); + } +} + + +/** + * See header. + */ +void ntru_octets_2_elements(uint16_t in_len, uint8_t const *in, uint8_t n_bits, + uint16_t *out) +{ + uint16_t temp; + uint16_t mask = (1 << n_bits) - 1; + int shift, i; + + /* unpack */ + temp = 0; + shift = n_bits; + i = 0; + while (i < in_len) + { + shift = 8 - shift; + if (shift < 0) + { + /* the current octet will not fill the current element */ + shift += n_bits; + } + else + { + /* add bits from the current octet to fill the current element and + * output the element + */ + temp |= ((uint16_t)in[i]) >> shift; + *out++ = temp & mask; + temp = 0; + } + + /* add the remaining bits of the current octet to start an element */ + shift = n_bits - shift; + temp |= ((uint16_t)in[i]) << shift; + ++i; + } +} diff --git a/src/libstrongswan/plugins/ntru/ntru_convert.h b/src/libstrongswan/plugins/ntru/ntru_convert.h new file mode 100644 index 000000000..31594b1f6 --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_convert.h @@ -0,0 +1,147 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2009-2013 Security Innovation + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup ntru_convert ntru_convert + * @{ @ingroup ntru_p + */ + +#ifndef NTRU_CONVERT_H_ +#define NTRU_CONVERT_H_ + +#include <library.h> + +/** + * Each 3 bits in an array of octets is converted to 2 trits in an array + * of trits. + * + * @param octets pointer to array of octets + * @param num_trits number of trits to produce + * @param trits address for array of trits + */ +void ntru_bits_2_trits(uint8_t const *octets, uint16_t num_trits, + uint8_t *trits); + +/** + * Each 2 trits in an array of trits is converted to 3 bits, and the bits + * are packed in an array of octets. A multiple of 3 octets is output. + * Any bits in the final octets not derived from trits are zero. + * + * @param trits pointer to array of trits + * @param num_trits number of trits to convert + * @param octets address for array of octets + * @return TRUE if all trits were valid + * FALSE if invalid trits were found + */ +bool ntru_trits_2_bits(uint8_t const *trits, uint32_t num_trits, + uint8_t *octets); + +/** + * Takes an array of coefficients mod 4 and packs the results into an + * octet string. + * + * @param num_coeffs number of coefficients + * @param coeffs pointer to coefficients + * @param octets address for octets + */ +void ntru_coeffs_mod4_2_octets(uint16_t num_coeffs, uint16_t const *coeffs, + uint8_t *octets); + +/** + * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1). + * + * @param trits pointer to trits + * @param octet address for octet + */ +void ntru_trits_2_octet(uint8_t const *trits, uint8_t *octet); + +/** + * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1). + * + * @param octet octet to be unpacked + * @param trits address for trits + */ +void ntru_octet_2_trits(uint8_t octet, uint8_t *trits); + +/** + * + * Converts a list of the nonzero indices of a polynomial into an array of + * trits. + * + * @param in_len no. of indices + * @param in pointer to list of indices + * @param plus1 if list is +1 coefficients + * @param out address of output polynomial + */ +void ntru_indices_2_trits(uint16_t in_len, uint16_t const *in, bool plus1, + uint8_t *out); + +/** + * Unpacks an array of N trits and creates a list of array indices + * corresponding to trits = +1, and list of array indices corresponding to + * trits = -1. + * + * @param in pointer to packed-trit octets + * @param num_trits no. of packed trits + * @param indices_plus1 address for indices of +1 trits + * @param indices_minus1 address for indices of -1 trits + */ +void ntru_packed_trits_2_indices(uint8_t const *in, uint16_t num_trits, + uint16_t *indices_plus1, + uint16_t *indices_minus1); + +/** + * Takes a list of array indices corresponding to elements whose values + * are +1 or -1, and packs the N-element array of trits described by these + * lists into octets, 5 trits per octet. + * + * @param indices pointer to indices + * @param num_plus1 no. of indices for +1 trits + * @param num_minus1 no. of indices for -1 trits + * @param num_trits N, no. of trits in array + * @param buf temp buf, N octets + * @param out address for packed octet + */ +void ntru_indices_2_packed_trits(uint16_t const *indices, uint16_t num_plus1, + uint16_t num_minus1, uint16_t num_trits, + uint8_t *buf, uint8_t *out); + +/** + * Packs an array of n-bit elements into an array of + * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16. + * + * @param in_len no. of elements to be packed + * @param in ptr to elements to be packed + * @param n_bits no. of bits in input element + * @param out addr for output octets + */ +void ntru_elements_2_octets(uint16_t in_len, uint16_t const *in, uint8_t n_bits, + uint8_t *out); + +/** + * Unpacks an octet string into an array of ((in_len * 8) / n_bits) + * n-bit elements, 8 < n < 16. Any extra bits are discarded. + * + * @param in_len no. of octets to be unpacked + * @param in ptr to octets to be unpacked + * @param n_bits no. of bits in output element + * @param out addr for output elements + */ +void ntru_octets_2_elements(uint16_t in_len, uint8_t const *in, uint8_t n_bits, + uint16_t *out); + +#endif /** NTRU_CONVERT_H_ @}*/ diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h deleted file mode 100644 index 72f47035e..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto.h +++ /dev/null @@ -1,235 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto.h is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - - -/****************************************************************************** - * - * File: ntru_crypto.h - * - * Contents: Public header file for NTRUEncrypt. - * - *****************************************************************************/ - -#ifndef NTRU_CRYPTO_H -#define NTRU_CRYPTO_H - -#include <library.h> - -#include "ntru_drbg.h" - -#if !defined( NTRUCALL ) - #if !defined(WIN32) || defined (NTRUCRYPTO_STATIC) - // Linux, or a Win32 static library - #define NTRUCALL extern uint32_t - #elif defined (NTRUCRYPTO_EXPORTS) - // Win32 DLL build - #define NTRUCALL extern __declspec(dllexport) uint32_t - #else - // Win32 DLL import - #define NTRUCALL extern __declspec(dllimport) uint32_t - #endif -#endif /* NTRUCALL */ - -/* parameter set ID list */ - -typedef enum _NTRU_ENCRYPT_PARAM_SET_ID { - NTRU_EES401EP1, - NTRU_EES449EP1, - NTRU_EES677EP1, - NTRU_EES1087EP2, - NTRU_EES541EP1, - NTRU_EES613EP1, - NTRU_EES887EP1, - NTRU_EES1171EP1, - NTRU_EES659EP1, - NTRU_EES761EP1, - NTRU_EES1087EP1, - NTRU_EES1499EP1, - NTRU_EES401EP2, - NTRU_EES439EP1, - NTRU_EES593EP1, - NTRU_EES743EP1, -} NTRU_ENCRYPT_PARAM_SET_ID; - - -/* error codes */ - -#define NTRU_OK 0 -#define NTRU_FAIL 1 -#define NTRU_BAD_PARAMETER 2 -#define NTRU_BAD_LENGTH 3 -#define NTRU_BUFFER_TOO_SMALL 4 -#define NTRU_INVALID_PARAMETER_SET 5 -#define NTRU_BAD_PUBLIC_KEY 6 -#define NTRU_BAD_PRIVATE_KEY 7 -#define NTRU_OUT_OF_MEMORY 8 -#define NTRU_BAD_ENCODING 9 -#define NTRU_OID_NOT_RECOGNIZED 10 -#define NTRU_DRBG_FAIL 11 -#define NTRU_MGF1_FAIL 12 - -/* function declarations */ - -/* ntru_crypto_ntru_encrypt - * - * Implements NTRU encryption (SVES) for the parameter set specified in - * the public key blob. - * - * Before invoking this function, a DRBG must be instantiated using - * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that - * instantiation the requested security strength must be at least as large - * as the security strength of the NTRU parameter set being used. - * Failure to instantiate the DRBG with the proper security strength will - * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH. - * - * The required minimum size of the output ciphertext buffer (ct) may be - * queried by invoking this function with ct = NULL. In this case, no - * encryption is performed, NTRU_OK is returned, and the required minimum - * size for ct is returned in ct_len. - * - * When ct != NULL, at invocation *ct_len must be the size of the ct buffer. - * Upon return it is the actual size of the ciphertext. - * - * Returns NTRU_OK if successful. - * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL. - * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is - * zero, or if pt_len exceeds the maximum plaintext length for the parameter set. - * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid - * (unknown format, corrupt, bad length). - * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - */ - -NTRUCALL -ntru_crypto_ntru_encrypt( - ntru_drbg_t *drbg , /* in - handle for DRBG */ - uint16_t pubkey_blob_len, /* in - no. of octets in public key - blob */ - uint8_t const *pubkey_blob, /* in - pointer to public key */ - uint16_t pt_len, /* in - no. of octets in plaintext */ - uint8_t const *pt, /* in - pointer to plaintext */ - uint16_t *ct_len, /* in/out - no. of octets in ct, addr for - no. of octets in ciphertext */ - uint8_t *ct); /* out - address for ciphertext */ - - -/* ntru_crypto_ntru_decrypt - * - * Implements NTRU decryption (SVES) for the parameter set specified in - * the private key blob. - * - * The maximum size of the output plaintext may be queried by invoking - * this function with pt = NULL. In this case, no decryption is performed, - * NTRU_OK is returned, and the maximum size the plaintext could be is - * returned in pt_len. - * Note that until the decryption is performed successfully, the actual size - * of the resulting plaintext cannot be known. - * - * When pt != NULL, at invocation *pt_len must be the size of the pt buffer. - * Upon return it is the actual size of the plaintext. - * - * Returns NTRU_OK if successful. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL. - * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if - * ct_len is invalid for the parameter set. - * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid - * (unknown format, corrupt, bad length). - * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - * Returns NTRU_FAIL if a decryption error occurs. - */ - -NTRUCALL -ntru_crypto_ntru_decrypt( - uint16_t privkey_blob_len, /* in - no. of octets in private key - blob */ - uint8_t const *privkey_blob, /* in - pointer to private key */ - uint16_t ct_len, /* in - no. of octets in ciphertext */ - uint8_t const *ct, /* in - pointer to ciphertext */ - uint16_t *pt_len, /* in/out - no. of octets in pt, addr for - no. of octets in plaintext */ - uint8_t *pt); /* out - address for plaintext */ - - -/* ntru_crypto_ntru_encrypt_keygen - * - * Implements key generation for NTRUEncrypt for the parameter set specified. - * - * Before invoking this function, a DRBG must be instantiated using - * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that - * instantiation the requested security strength must be at least as large - * as the security strength of the NTRU parameter set being used. - * Failure to instantiate the DRBG with the proper security strength will - * result in this function returning NTRU_DRBG_FAIL. - * - * The required minimum size of the output public-key buffer (pubkey_blob) - * may be queried by invoking this function with pubkey_blob = NULL. - * In this case, no key generation is performed, NTRU_OK is returned, and - * the required minimum size for pubkey_blob is returned in pubkey_blob_len. - * - * The required minimum size of the output private-key buffer (privkey_blob) - * may be queried by invoking this function with privkey_blob = NULL. - * In this case, no key generation is performed, NTRU_OK is returned, and - * the required minimum size for privkey_blob is returned in privkey_blob_len. - * - * The required minimum sizes of both pubkey_blob and privkey_blob may be - * queried as described above, in a single invocation of this function. - * - * When pubkey_blob != NULL and privkey_blob != NULL, at invocation - * *pubkey_blob_len must be the size of the pubkey_blob buffer and - * *privkey_blob_len must be the size of the privkey_blob buffer. - * Upon return, *pubkey_blob_len is the actual size of the public-key blob - * and *privkey_blob_len is the actual size of the private-key blob. - * - * Returns NTRU_OK if successful. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob - * or privkey_blob) is NULL. - * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid. - * Returns NTRU_BAD_LENGTH if a length argument is invalid. - * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the - * privkey_blob buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - * Returns NTRU_FAIL if the polynomial generated for f is not invertible in - * (Z/qZ)[X]/(X^N - 1), which is extremely unlikely. - * Should this occur, this function should simply be invoked again. - */ - -NTRUCALL -ntru_crypto_ntru_encrypt_keygen( - ntru_drbg_t *drbg, /* in - handle of DRBG */ - NTRU_ENCRYPT_PARAM_SET_ID param_set_id, /* in - parameter set ID */ - uint16_t *pubkey_blob_len, /* in/out - no. of octets in - pubkey_blob, addr - for no. of octets - in pubkey_blob */ - uint8_t *pubkey_blob, /* out - address for - public key blob */ - uint16_t *privkey_blob_len, /* in/out - no. of octets in - privkey_blob, addr - for no. of octets - in privkey_blob */ - uint8_t *privkey_blob); /* out - address for - private key blob */ -#endif /* NTRU_CRYPTO_H */ diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c deleted file mode 100644 index 3d6dfde41..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.c +++ /dev/null @@ -1,581 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_convert.c is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_convert.c - * - * Contents: Conversion routines for NTRUEncrypt, including packing, unpacking, - * and others. - * - *****************************************************************************/ - -#include <stdlib.h> -#include <string.h> -#include <assert.h> -#include "ntru_crypto_ntru_convert.h" - - -/* 3-bit to 2-trit conversion tables: 2 represents -1 */ - -static uint8_t const bits_2_trit1[] = {0, 0, 0, 1, 1, 1, 2, 2}; -static uint8_t const bits_2_trit2[] = {0, 1, 2, 0, 1, 2, 0, 1}; - - -/* ntru_bits_2_trits - * - * Each 3 bits in an array of octets is converted to 2 trits in an array - * of trits. - * - * The octet array may overlap the end of the trit array. - */ - -void -ntru_bits_2_trits( - uint8_t const *octets, /* in - pointer to array of octets */ - uint16_t num_trits, /* in - number of trits to produce */ - uint8_t *trits) /* out - address for array of trits */ -{ - uint32_t bits24; - uint32_t bits3; - uint32_t shift; - - assert(octets); - assert(trits); - - while (num_trits >= 16) { - - /* get next three octets */ - - bits24 = ((uint32_t)(*octets++)) << 16; - bits24 |= ((uint32_t)(*octets++)) << 8; - bits24 |= (uint32_t)(*octets++); - - /* for each 3 bits in the three octets, output 2 trits */ - - bits3 = (bits24 >> 21) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 18) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 15) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 12) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 9) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 6) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = (bits24 >> 3) & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - bits3 = bits24 & 0x7; - *trits++ = bits_2_trit1[bits3]; - *trits++ = bits_2_trit2[bits3]; - - num_trits -= 16; - } - if (num_trits == 0) - return; - - /* get three octets */ - - bits24 = ((uint32_t)(*octets++)) << 16; - bits24 |= ((uint32_t)(*octets++)) << 8; - bits24 |= (uint32_t)(*octets++); - - shift = 21; - while (num_trits) { - - /* for each 3 bits in the three octets, output up to 2 trits - * until all trits needed are produced - */ - - bits3 = (bits24 >> shift) & 0x7; - shift -= 3; - *trits++ = bits_2_trit1[bits3]; - if (--num_trits) { - *trits++ = bits_2_trit2[bits3]; - --num_trits; - } - } -} - - -/* ntru_trits_2_bits - * - * Each 2 trits in an array of trits is converted to 3 bits, and the bits - * are packed in an array of octets. A multiple of 3 octets is output. - * Any bits in the final octets not derived from trits are zero. - * - * Returns TRUE if all trits were valid. - * Returns FALSE if invalid trits were found. - */ - -bool -ntru_trits_2_bits( - uint8_t const *trits, /* in - pointer to array of trits */ - uint32_t num_trits, /* in - number of trits to convert */ - uint8_t *octets) /* out - address for array of octets */ -{ - bool all_trits_valid = TRUE; - uint32_t bits24; - uint32_t bits3; - uint32_t shift; - - assert(octets); - assert(trits); - - while (num_trits >= 16) { - - /* convert each 2 trits to 3 bits and pack */ - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 = (bits3 << 21); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 18); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 15); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 12); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 9); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 6); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << 3); - - bits3 = *trits++ * 3; - bits3 += *trits++; - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= bits3; - - num_trits -= 16; - - /* output three octets */ - - *octets++ = (uint8_t)((bits24 >> 16) & 0xff); - *octets++ = (uint8_t)((bits24 >> 8) & 0xff); - *octets++ = (uint8_t)(bits24 & 0xff); - } - - bits24 = 0; - shift = 21; - while (num_trits) { - - /* convert each 2 trits to 3 bits and pack */ - - bits3 = *trits++ * 3; - if (--num_trits) { - bits3 += *trits++; - --num_trits; - } - if (bits3 > 7) { - bits3 = 7; - all_trits_valid = FALSE; - } - bits24 |= (bits3 << shift); - shift -= 3; - } - - /* output three octets */ - - *octets++ = (uint8_t)((bits24 >> 16) & 0xff); - *octets++ = (uint8_t)((bits24 >> 8) & 0xff); - *octets++ = (uint8_t)(bits24 & 0xff); - - return all_trits_valid; -} - - -/* ntru_coeffs_mod4_2_octets - * - * Takes an array of ring element coefficients mod 4 and packs the - * results into an octet string. - */ - -void -ntru_coeffs_mod4_2_octets( - uint16_t num_coeffs, /* in - number of coefficients */ - uint16_t const *coeffs, /* in - pointer to coefficients */ - uint8_t *octets) /* out - address for octets */ -{ - uint8_t bits2; - int shift; - uint16_t i; - - assert(coeffs); - assert(octets); - - *octets = 0; - shift = 6; - for (i = 0; i < num_coeffs; i++) { - bits2 = (uint8_t)(coeffs[i] & 0x3); - *octets |= bits2 << shift; - shift -= 2; - if (shift < 0) { - ++octets; - *octets = 0; - shift = 6; - } - } -} - - -/* ntru_trits_2_octet - * - * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1). - */ - -void -ntru_trits_2_octet( - uint8_t const *trits, /* in - pointer to trits */ - uint8_t *octet) /* out - address for octet */ -{ - int i; - - assert(trits); - assert(octet); - - *octet = 0; - for (i = 4; i >= 0; i--) { - *octet = (*octet * 3) + trits[i]; - } -} - - -/* ntru_octet_2_trits - * - * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1). - */ - -void -ntru_octet_2_trits( - uint8_t octet, /* in - octet to be unpacked */ - uint8_t *trits) /* out - address for trits */ -{ - int i; - - assert(trits); - - for (i = 0; i < 5; i++) { - trits[i] = octet % 3; - octet = (octet - trits[i]) / 3; - } -} - - -/* ntru_indices_2_trits - * - * Converts a list of the nonzero indices of a polynomial into an array of - * trits. - */ - -void -ntru_indices_2_trits( - uint16_t in_len, /* in - no. of indices */ - uint16_t const *in, /* in - pointer to list of indices */ - bool plus1, /* in - if list is +1 cofficients */ - uint8_t *out) /* out - address of output polynomial */ -{ - uint8_t trit = plus1 ? 1 : 2; - uint16_t i; - - assert(in); - assert(out); - - for (i = 0; i < in_len; i++) { - out[in[i]] = trit; - } -} - - -/* ntru_packed_trits_2_indices - * - * Unpacks an array of N trits and creates a list of array indices - * corresponding to trits = +1, and list of array indices corresponding to - * trits = -1. - */ - -void -ntru_packed_trits_2_indices( - uint8_t const *in, /* in - pointer to packed-trit octets */ - uint16_t num_trits, /* in - no. of packed trits */ - uint16_t *indices_plus1, /* out - address for indices of +1 trits */ - uint16_t *indices_minus1) /* out - address for indices of -1 trits */ -{ - uint8_t trits[5]; - uint16_t i = 0; - int j; - - assert(in); - assert(indices_plus1); - assert(indices_minus1); - - while (num_trits >= 5) { - ntru_octet_2_trits(*in++, trits); - num_trits -= 5; - for (j = 0; j < 5; j++, i++) { - if (trits[j] == 1) { - *indices_plus1 = i; - ++indices_plus1; - } else if (trits[j] == 2) { - *indices_minus1 = i; - ++indices_minus1; - } - } - } - if (num_trits) { - ntru_octet_2_trits(*in, trits); - for (j = 0; num_trits && (j < 5); j++, i++) { - if (trits[j] == 1) { - *indices_plus1 = i; - ++indices_plus1; - } else if (trits[j] == 2) { - *indices_minus1 = i; - ++indices_minus1; - } - --num_trits; - } - } -} - - -/* ntru_indices_2_packed_trits - * - * Takes a list of array indices corresponding to elements whose values - * are +1 or -1, and packs the N-element array of trits described by these - * lists into octets, 5 trits per octet. - */ - -void -ntru_indices_2_packed_trits( - uint16_t const *indices, /* in - pointer to indices */ - uint16_t num_plus1, /* in - no. of indices for +1 trits */ - uint16_t num_minus1, /* in - no. of indices for -1 trits */ - uint16_t num_trits, /* in - N, no. of trits in array */ - uint8_t *buf, /* in - temp buf, N octets */ - uint8_t *out) /* out - address for packed octets */ -{ - assert(indices); - assert(buf); - assert(out); - - /* convert indices to an array of trits */ - - memset(buf, 0, num_trits); - ntru_indices_2_trits(num_plus1, indices, TRUE, buf); - ntru_indices_2_trits(num_minus1, indices + num_plus1, FALSE, buf); - - /* pack the array of trits */ - - while (num_trits >= 5) { - ntru_trits_2_octet(buf, out); - num_trits -= 5; - buf += 5; - ++out; - } - if (num_trits) { - uint8_t trits[5]; - - memcpy(trits, buf, num_trits); - memset(trits + num_trits, 0, sizeof(trits) - num_trits); - ntru_trits_2_octet(trits, out); - } -} - - -/* ntru_elements_2_octets - * - * Packs an array of n-bit elements into an array of - * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16. - */ - -void -ntru_elements_2_octets( - uint16_t in_len, /* in - no. of elements to be packed */ - uint16_t const *in, /* in - ptr to elements to be packed */ - uint8_t n_bits, /* in - no. of bits in input element */ - uint8_t *out) /* out - addr for output octets */ -{ - uint16_t temp; - int shift; - uint16_t i; - - assert(in_len); - assert(in); - assert((n_bits > 8) && (n_bits < 16)); - assert(out); - - /* pack */ - - temp = 0; - shift = n_bits - 8; - i = 0; - while (i < in_len) { - - /* add bits to temp to fill an octet and output the octet */ - - temp |= in[i] >> shift; - *out++ = (uint8_t)(temp & 0xff); - shift = 8 - shift; - if (shift < 1) { - - /* next full octet is in current input word */ - - shift += n_bits; - temp = 0; - - } else { - - /* put remaining bits of input word in temp as partial octet, - * and increment index to next input word - */ - temp = in[i] << (uint16_t)shift; - - ++i; - } - shift = n_bits - shift; - } - - /* output any bits remaining in last input word */ - - if (shift != n_bits - 8) { - *out++ = (uint8_t)(temp & 0xff); - } -} - - -/* ntru_octets_2_elements - * - * Unpacks an octet string into an array of ((in_len * 8) / n_bits) - * n-bit elements, 8 < n_bits < 16. Any extra bits are discarded. - */ - -void -ntru_octets_2_elements( - uint16_t in_len, /* in - no. of octets to be unpacked */ - uint8_t const *in, /* in - ptr to octets to be unpacked */ - uint8_t n_bits, /* in - no. of bits in output element */ - uint16_t *out) /* out - addr for output elements */ -{ - uint16_t temp; - uint16_t mask = (1 << n_bits) - 1; - int shift; - uint16_t i; - - assert(in_len > 1); - assert(in); - assert((n_bits > 8) && (n_bits < 16)); - assert(out); - - /* unpack */ - - temp = 0; - shift = n_bits; - i = 0; - while (i < in_len) { - shift = 8 - shift; - if (shift < 0) { - - /* the current octet will not fill the current element */ - - shift += n_bits; - - } else { - - /* add bits from the current octet to fill the current element and - * output the element - */ - - temp |= ((uint16_t)in[i]) >> shift; - *out++ = temp & mask; - temp = 0; - } - - /* add the remaining bits of the current octet to start an element */ - - shift = n_bits - shift; - temp |= ((uint16_t)in[i]) << shift; - ++i; - } -} - - diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h deleted file mode 100644 index 1c4b35b24..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_convert.h +++ /dev/null @@ -1,183 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_convert.h is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_convert.h - * - * Contents: Definitions and declarations for conversion routines - * for NTRUEncrypt, including packing, unpacking and others. - * - *****************************************************************************/ - -#ifndef NTRU_CRYPTO_NTRU_CONVERT_H -#define NTRU_CRYPTO_NTRU_CONVERT_H - -#include "ntru_crypto.h" - - -/* function declarations */ - -/* ntru_bits_2_trits - * - * Each 3 bits in an array of octets is converted to 2 trits in an array - * of trits. - */ - -extern void -ntru_bits_2_trits( - uint8_t const *octets, /* in - pointer to array of octets */ - uint16_t num_trits, /* in - number of trits to produce */ - uint8_t *trits); /* out - address for array of trits */ - - -/* ntru_trits_2_bits - * - * Each 2 trits in an array of trits is converted to 3 bits, and the bits - * are packed in an array of octets. A multiple of 3 octets is output. - * Any bits in the final octets not derived from trits are zero. - * - * Returns TRUE if all trits were valid. - * Returns FALSE if invalid trits were found. - */ - -extern bool -ntru_trits_2_bits( - uint8_t const *trits, /* in - pointer to array of trits */ - uint32_t num_trits, /* in - number of trits to convert */ - uint8_t *octets); /* out - address for array of octets */ - - -/* ntru_coeffs_mod4_2_octets - * - * Takes an array of coefficients mod 4 and packs the results into an - * octet string. - */ - -extern void -ntru_coeffs_mod4_2_octets( - uint16_t num_coeffs, /* in - number of coefficients */ - uint16_t const *coeffs, /* in - pointer to coefficients */ - uint8_t *octets); /* out - address for octets */ - - -/* ntru_trits_2_octet - * - * Packs 5 trits in an octet, where a trit is 0, 1, or 2 (-1). - */ - -extern void -ntru_trits_2_octet( - uint8_t const *trits, /* in - pointer to trits */ - uint8_t *octet); /* out - address for octet */ - - -/* ntru_octet_2_trits - * - * Unpacks an octet to 5 trits, where a trit is 0, 1, or 2 (-1). - */ - -extern void -ntru_octet_2_trits( - uint8_t octet, /* in - octet to be unpacked */ - uint8_t *trits); /* out - address for trits */ - - -/* ntru_indices_2_trits - * - * Converts a list of the nonzero indices of a polynomial into an array of - * trits. - */ - -extern void -ntru_indices_2_trits( - uint16_t in_len, /* in - no. of indices */ - uint16_t const *in, /* in - pointer to list of indices */ - bool plus1, /* in - if list is +1 coefficients */ - uint8_t *out); /* out - address of output polynomial */ - - -/* ntru_packed_trits_2_indices - * - * Unpacks an array of N trits and creates a list of array indices - * corresponding to trits = +1, and list of array indices corresponding to - * trits = -1. - */ - -extern void -ntru_packed_trits_2_indices( - uint8_t const *in, /* in - pointer to packed-trit octets */ - uint16_t num_trits, /* in - no. of packed trits */ - uint16_t *indices_plus1, /* out - address for indices of +1 trits */ - uint16_t *indices_minus1); /* out - address for indices of -1 trits */ - - -/* ntru_indices_2_packed_trits - * - * Takes a list of array indices corresponding to elements whose values - * are +1 or -1, and packs the N-element array of trits described by these - * lists into octets, 5 trits per octet. - */ - -extern void -ntru_indices_2_packed_trits( - uint16_t const *indices, /* in - pointer to indices */ - uint16_t num_plus1, /* in - no. of indices for +1 trits */ - uint16_t num_minus1, /* in - no. of indices for -1 trits */ - uint16_t num_trits, /* in - N, no. of trits in array */ - uint8_t *buf, /* in - temp buf, N octets */ - uint8_t *out); /* out - address for packed octets */ - - -/* ntru_elements_2_octets - * - * Packs an array of n-bit elements into an array of - * ((in_len * n_bits) + 7) / 8 octets, 8 < n_bits < 16. - */ - -extern void -ntru_elements_2_octets( - uint16_t in_len, /* in - no. of elements to be packed */ - uint16_t const *in, /* in - ptr to elements to be packed */ - uint8_t n_bits, /* in - no. of bits in input element */ - uint8_t *out); /* out - addr for output octets */ - - -/* ntru_octets_2_elements - * - * Unpacks an octet string into an array of ((in_len * 8) / n_bits) - * n-bit elements, 8 < n < 16. Any extra bits are discarded. - */ - -extern void -ntru_octets_2_elements( - uint16_t in_len, /* in - no. of octets to be unpacked */ - uint8_t const *in, /* in - ptr to octets to be unpacked */ - uint8_t n_bits, /* in - no. of bits in output element */ - uint16_t *out); /* out - addr for output elements */ - - -#endif /* NTRU_CRYPTO_NTRU_CONVERT_H */ - - diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c deleted file mode 100644 index dba81915a..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt.c +++ /dev/null @@ -1,1034 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_encrypt.c is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_encrypt.c - * - * Contents: Routines implementing NTRUEncrypt encryption and decryption and - * key generation. - * - *****************************************************************************/ - - -#include <stdlib.h> -#include <string.h> -#include <assert.h> -#include "ntru_crypto.h" -#include "ntru_crypto_ntru_encrypt_param_sets.h" -#include "ntru_crypto_ntru_encrypt_key.h" -#include "ntru_crypto_ntru_convert.h" -#include "ntru_crypto_ntru_poly.h" -# -#include "ntru_trits.h" -#include "ntru_poly.h" - -/* ntru_crypto_ntru_encrypt - * - * Implements NTRU encryption (SVES) for the parameter set specified in - * the public key blob. - * - * Before invoking this function, a DRBG must be instantiated using - * ntru_crypto_drbg_instantiate() to obtain a DRBG handle, and in that - * instantiation the requested security strength must be at least as large - * as the security strength of the NTRU parameter set being used. - * Failure to instantiate the DRBG with the proper security strength will - * result in this function returning DRBG_ERROR_BASE + DRBG_BAD_LENGTH. - * - * The required minimum size of the output ciphertext buffer (ct) may be - * queried by invoking this function with ct = NULL. In this case, no - * encryption is performed, NTRU_OK is returned, and the required minimum - * size for ct is returned in ct_len. - * - * When ct != NULL, at invocation *ct_len must be the size of the ct buffer. - * Upon return it is the actual size of the ciphertext. - * - * Returns NTRU_OK if successful. - * Returns NTRU_DRBG_FAIL if the DRBG handle is invalid. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than ct) is NULL. - * Returns NTRU_BAD_LENGTH if a length argument (pubkey_blob_len or pt_len) is - * zero, or if pt_len exceeds the maximum plaintext length for the parameter set. - * Returns NTRU_BAD_PUBLIC_KEY if the public-key blob is invalid - * (unknown format, corrupt, bad length). - * Returns NTRU_BUFFER_TOO_SMALL if the ciphertext buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - */ - -uint32_t -ntru_crypto_ntru_encrypt( - ntru_drbg_t *drbg, /* in - handle of DRBG */ - uint16_t pubkey_blob_len, /* in - no. of octets in public key - blob */ - uint8_t const *pubkey_blob, /* in - pointer to public key */ - uint16_t pt_len, /* in - no. of octets in plaintext */ - uint8_t const *pt, /* in - pointer to plaintext */ - uint16_t *ct_len, /* in/out - no. of octets in ct, addr for - no. of octets in ciphertext */ - uint8_t *ct) /* out - address for ciphertext */ -{ - NTRU_ENCRYPT_PARAM_SET *params = NULL; - uint8_t const *pubkey_packed = NULL; - uint8_t pubkey_pack_type = 0x00; - uint16_t packed_ct_len; - size_t scratch_buf_len; - uint32_t dr; - uint32_t dr1 = 0; - uint32_t dr2 = 0; - uint32_t dr3 = 0; - uint16_t ring_mult_tmp_len; - int16_t m1 = 0; - uint16_t *scratch_buf = NULL; - uint16_t *ringel_buf = NULL; - uint8_t *b_buf = NULL; - uint8_t *tmp_buf = NULL; - bool msg_rep_good = FALSE; - hash_algorithm_t hash_algid; - uint16_t mprime_len = 0; - uint16_t mod_q_mask; - uint32_t result = NTRU_OK; - ntru_trits_t *mask; - uint8_t *mask_trits; - chunk_t seed; - ntru_poly_t *r_poly; - - /* check for bad parameters */ - - if (!pubkey_blob || !pt || !ct_len) - { - return NTRU_BAD_PARAMETER; - } - if ((pubkey_blob_len == 0) || (pt_len == 0)) - { - return NTRU_BAD_LENGTH; - } - - /* get a pointer to the parameter-set parameters, the packing type for - * the public key, and a pointer to the packed public key - */ - - if (!ntru_crypto_ntru_encrypt_key_parse(TRUE /* pubkey */, pubkey_blob_len, - pubkey_blob, &pubkey_pack_type, - NULL, ¶ms, &pubkey_packed, - NULL)) - { - return NTRU_BAD_PUBLIC_KEY; - } - - /* return the ciphertext size if requested */ - - packed_ct_len = (params->N * params->q_bits + 7) >> 3; - if (!ct) - { - *ct_len = packed_ct_len; - return NTRU_OK; - } - - /* check the ciphertext buffer size */ - - if (*ct_len < packed_ct_len) - { - return NTRU_BUFFER_TOO_SMALL; - } - - /* check the plaintext length */ - - if (pt_len > params->m_len_max) - { - return NTRU_BAD_LENGTH; - } - - /* allocate memory for all operations */ - - if (params->is_product_form) - { - ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */ - dr1 = params->dF_r & 0xff; - dr2 = (params->dF_r >> 8) & 0xff; - dr3 = (params->dF_r >> 16) & 0xff; - dr = dr1 + dr2 + dr3; - } - else - { - ring_mult_tmp_len = params->N; /* N 16-bit word buffer */ - dr = params->dF_r; - } - scratch_buf_len = (ring_mult_tmp_len << 1) + - /* X-byte temp buf for ring mult and - other intermediate results */ - (params->N << 1) + /* 2N-byte buffer for ring elements - and overflow from temp buffer */ - (dr << 2) + /* buffer for r indices */ - params->sec_strength_len; - /* buffer for b */ - scratch_buf = malloc(scratch_buf_len); - if (!scratch_buf) - { - return NTRU_OUT_OF_MEMORY; - } - ringel_buf = scratch_buf + ring_mult_tmp_len; - b_buf = (uint8_t *)(ringel_buf + params->N); - tmp_buf = (uint8_t *)scratch_buf; - - /* set hash algorithm based on security strength */ - hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256; - - /* set constants */ - mod_q_mask = params->q - 1; - - /* loop until a message representative with proper weight is achieved */ - - do { - uint8_t *ptr = tmp_buf; - - /* get b */ - if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE, - params->sec_strength_len, b_buf)) - { - result = NTRU_OK; - } - else - { - result = NTRU_FAIL; - } - - if (result == NTRU_OK) - { - - /* form sData (OID || m || b || hTrunc) */ - memcpy(ptr, params->OID, 3); - ptr += 3; - memcpy(ptr, pt, pt_len); - ptr += pt_len; - memcpy(ptr, b_buf, params->sec_strength_len); - ptr += params->sec_strength_len; - memcpy(ptr, pubkey_packed, params->sec_strength_len); - ptr += params->sec_strength_len; - - DBG2(DBG_LIB, "generate polynomial r"); - - seed = chunk_create(tmp_buf, ptr - tmp_buf); - r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, - params->N, params->q, - params->dF_r, params->dF_r, - params->is_product_form); - if (!r_poly) - { - result = NTRU_MGF1_FAIL; - } - } - - if (result == NTRU_OK) - { - uint16_t pubkey_packed_len; - - /* unpack the public key */ - assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS); - pubkey_packed_len = (params->N * params->q_bits + 7) >> 3; - ntru_octets_2_elements(pubkey_packed_len, pubkey_packed, - params->q_bits, ringel_buf); - - /* form R = h * r */ - r_poly->ring_mult(r_poly, ringel_buf, ringel_buf); - r_poly->destroy(r_poly); - - /* form R mod 4 */ - ntru_coeffs_mod4_2_octets(params->N, ringel_buf, tmp_buf); - - /* form mask */ - seed = chunk_create(tmp_buf, (params->N + 3)/4); - mask = ntru_trits_create(params->N, hash_algid, seed); - if (!mask) - { - result = NTRU_MGF1_FAIL; - } - } - - if (result == NTRU_OK) - { - uint8_t *Mtrin_buf = tmp_buf + params->N; - uint8_t *M_buf = Mtrin_buf + params->N - - (params->sec_strength_len + params->m_len_len + - params->m_len_max + 2); - uint16_t i; - - /* form the padded message M */ - ptr = M_buf; - memcpy(ptr, b_buf, params->sec_strength_len); - ptr += params->sec_strength_len; - if (params->m_len_len == 2) - *ptr++ = (uint8_t)((pt_len >> 8) & 0xff); - *ptr++ = (uint8_t)(pt_len & 0xff); - memcpy(ptr, pt, pt_len); - ptr += pt_len; - - /* add an extra zero byte in case without it the bit string - * is not a multiple of 3 bits and therefore might not be - * able to produce enough trits - */ - - memset(ptr, 0, params->m_len_max - pt_len + 2); - - /* convert M to trits (Mbin to Mtrin) */ - mprime_len = params->N; - if (params->is_product_form) - { - --mprime_len; - } - - ntru_bits_2_trits(M_buf, mprime_len, Mtrin_buf); - mask_trits = mask->get_trits(mask); - - /* form the msg representative m' by adding Mtrin to mask, mod p */ - if (params->is_product_form) - { - for (i = 0; i < mprime_len; i++) - { - tmp_buf[i] = mask_trits[i] + Mtrin_buf[i]; - if (tmp_buf[i] >= 3) - { - tmp_buf[i] -= 3; - } - if (tmp_buf[i] == 1) - { - ++m1; - } - else if (tmp_buf[i] == 2) - { - --m1; - } - } - } - else - { - for (i = 0; i < mprime_len; i++) - { - tmp_buf[i] = mask_trits[i] + Mtrin_buf[i]; - if (tmp_buf[i] >= 3) - { - tmp_buf[i] -= 3; - } - } - } - mask->destroy(mask); - - /* check that message representative meets minimum weight - * requirements - */ - - if (params->is_product_form) - msg_rep_good = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) : - (bool)( m1 <= params->min_msg_rep_wt); - else - msg_rep_good = ntru_poly_check_min_weight(mprime_len, tmp_buf, - params->min_msg_rep_wt); - msg_rep_good = TRUE; - } - } while ((result == NTRU_OK) && !msg_rep_good); - - if (result == NTRU_OK) - { - uint16_t i; - - /* form ciphertext e by adding m' to R mod q */ - - for (i = 0; i < mprime_len; i++) { - if (tmp_buf[i] == 1) - ringel_buf[i] = (ringel_buf[i] + 1) & mod_q_mask; - else if (tmp_buf[i] == 2) - ringel_buf[i] = (ringel_buf[i] - 1) & mod_q_mask; - } - if (params->is_product_form) - ringel_buf[i] = (ringel_buf[i] - m1) & mod_q_mask; - - /* pack ciphertext */ - ntru_elements_2_octets(params->N, ringel_buf, params->q_bits, ct); - *ct_len = packed_ct_len; - } - - /* cleanup */ - memset(scratch_buf, 0, scratch_buf_len); - free(scratch_buf); - - return result; -} - - -/* ntru_crypto_ntru_decrypt - * - * Implements NTRU decryption (SVES) for the parameter set specified in - * the private key blob. - * - * The maximum size of the output plaintext may be queried by invoking - * this function with pt = NULL. In this case, no decryption is performed, - * NTRU_OK is returned, and the maximum size the plaintext could be is - * returned in pt_len. - * Note that until the decryption is performed successfully, the actual size - * of the resulting plaintext cannot be known. - * - * When pt != NULL, at invocation *pt_len must be the size of the pt buffer. - * Upon return it is the actual size of the plaintext. - * - * Returns NTRU_OK if successful. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pt) is NULL. - * Returns NTRU_BAD_LENGTH if a length argument (privkey_blob) is zero, or if - * ct_len is invalid for the parameter set. - * Returns NTRU_BAD_PRIVATE_KEY if the private-key blob is invalid - * (unknown format, corrupt, bad length). - * Returns NTRU_BUFFER_TOO_SMALL if the plaintext buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - * Returns NTRU_FAIL if a decryption error occurs. - */ - -uint32_t -ntru_crypto_ntru_decrypt( - uint16_t privkey_blob_len, /* in - no. of octets in private key - blob */ - uint8_t const *privkey_blob, /* in - pointer to private key */ - uint16_t ct_len, /* in - no. of octets in ciphertext */ - uint8_t const *ct, /* in - pointer to ciphertext */ - uint16_t *pt_len, /* in/out - no. of octets in pt, addr for - no. of octets in plaintext */ - uint8_t *pt) /* out - address for plaintext */ -{ - NTRU_ENCRYPT_PARAM_SET *params = NULL; - uint8_t const *privkey_packed = NULL; - uint8_t const *pubkey_packed = NULL; - uint8_t privkey_pack_type = 0x00; - uint8_t pubkey_pack_type = 0x00; - size_t scratch_buf_len; - uint32_t dF_r; - uint32_t dF_r1 = 0; - uint32_t dF_r2 = 0; - uint32_t dF_r3 = 0; - uint16_t ring_mult_tmp_len; - int16_t m1 = 0; - uint16_t *scratch_buf = NULL; - uint16_t *ringel_buf1 = NULL; - uint16_t *ringel_buf2 = NULL; - uint16_t *i_buf = NULL; - uint8_t *m_buf = NULL; - uint8_t *tmp_buf = NULL; - uint8_t *Mtrin_buf = NULL; - uint8_t *M_buf = NULL; - uint8_t *ptr = NULL; - hash_algorithm_t hash_algid; - uint16_t cmprime_len; - uint16_t mod_q_mask; - uint16_t q_mod_p; - uint16_t cm_len = 0; - uint16_t num_zeros; - uint16_t i; - bool decryption_ok = TRUE; - uint32_t result = NTRU_OK; - ntru_trits_t *mask; - uint8_t *mask_trits; - chunk_t seed; - ntru_poly_t *F_poly, *r_poly; - - /* check for bad parameters */ - if (!privkey_blob || !ct || !pt_len) - { - return NTRU_BAD_PARAMETER; - } - if ((privkey_blob_len == 0) || (ct_len == 0)) - { - return NTRU_BAD_LENGTH; - } - - /* get a pointer to the parameter-set parameters, the packing types for - * the public and private keys, and pointers to the packed public and - * private keys - */ - - if (!ntru_crypto_ntru_encrypt_key_parse(FALSE /* privkey */, - privkey_blob_len, - privkey_blob, &pubkey_pack_type, - &privkey_pack_type, ¶ms, - &pubkey_packed, &privkey_packed)) - { - return NTRU_BAD_PRIVATE_KEY; - } - - /* return the max plaintext size if requested */ - - if (!pt) - { - *pt_len = params->m_len_max; - return NTRU_OK; - } - - /* cannot check the plaintext buffer size until after the plaintext - * is derived, if we allow plaintext buffers only as large as the - * actual plaintext - */ - - /* check the ciphertext length */ - - if (ct_len != (params->N * params->q_bits + 7) >> 3) - { - return NTRU_BAD_LENGTH; - } - - /* allocate memory for all operations */ - - if (params->is_product_form) - { - ring_mult_tmp_len = params->N << 1; /* 2N 16-bit word buffer */ - dF_r1 = params->dF_r & 0xff; - dF_r2 = (params->dF_r >> 8) & 0xff; - dF_r3 = (params->dF_r >> 16) & 0xff; - dF_r = dF_r1 + dF_r2 + dF_r3; - } else { - ring_mult_tmp_len = params->N; /* N 16-bit word buffer */ - dF_r = params->dF_r; - } - scratch_buf_len = (ring_mult_tmp_len << 1) + - /* X-byte temp buf for ring mult and - other intermediate results */ - (params->N << 2) + /* 2 2N-byte bufs for ring elements - and overflow from temp buffer */ - (dF_r << 2) + /* buffer for F, r indices */ - params->m_len_max; /* buffer for plaintext */ - scratch_buf = malloc(scratch_buf_len); - if (!scratch_buf) - { - return NTRU_OUT_OF_MEMORY; - } - ringel_buf1 = scratch_buf + ring_mult_tmp_len; - ringel_buf2 = ringel_buf1 + params->N; - i_buf = ringel_buf2 + params->N; - m_buf = (uint8_t *)(i_buf + (dF_r << 1)); - tmp_buf = (uint8_t *)scratch_buf; - Mtrin_buf = (uint8_t *)ringel_buf1; - M_buf = Mtrin_buf + params->N; - - /* set hash algorithm based on security strength */ - hash_algid = (params->sec_strength_len <= 20) ? HASH_SHA1 : HASH_SHA256; - - /* set constants */ - mod_q_mask = params->q - 1; - q_mod_p = params->q % 3; - - /* unpack the ciphertext */ - ntru_octets_2_elements(ct_len, ct, params->q_bits, ringel_buf2); - - /* unpack the private key */ - if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS) - { - ntru_packed_trits_2_indices(privkey_packed, params->N, i_buf, - i_buf + dF_r); - - } - else if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_INDICES) - { - ntru_octets_2_elements( - (((uint16_t)dF_r << 1) * params->N_bits + 7) >> 3, - privkey_packed, params->N_bits, i_buf); - - } - else - { - assert(FALSE); - } - - /* form cm': - * F * e - * A = e * (1 + pF) mod q = e + pFe mod q - * a = A in the range [-q/2, q/2) - * cm' = a mod p - */ - F_poly = ntru_poly_create_from_data(i_buf, params->N, params->q, - params->dF_r, params->dF_r, - params->is_product_form); - F_poly->ring_mult(F_poly, ringel_buf2, ringel_buf1); - F_poly->destroy(F_poly); - - cmprime_len = params->N; - if (params->is_product_form) - { - --cmprime_len; - for (i = 0; i < cmprime_len; i++) - { - ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask; - if (ringel_buf1[i] >= (params->q >> 1)) - { - ringel_buf1[i] = ringel_buf1[i] - q_mod_p; - } - Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3); - if (Mtrin_buf[i] == 1) - { - ++m1; - } - else if (Mtrin_buf[i] == 2) - { - --m1; - } - } - } - else - { - for (i = 0; i < cmprime_len; i++) - { - ringel_buf1[i] = (ringel_buf2[i] + 3 * ringel_buf1[i]) & mod_q_mask; - if (ringel_buf1[i] >= (params->q >> 1)) - { - ringel_buf1[i] = ringel_buf1[i] - q_mod_p; - } - Mtrin_buf[i] = (uint8_t)(ringel_buf1[i] % 3); - } - } - - /* check that the candidate message representative meets minimum weight - * requirements - */ - - if (params->is_product_form) - { - decryption_ok = m1 < 0 ? (bool)(-m1 <= params->min_msg_rep_wt) : - (bool)( m1 <= params->min_msg_rep_wt); - } - else - { - decryption_ok = ntru_poly_check_min_weight(cmprime_len, Mtrin_buf, - params->min_msg_rep_wt); - } - - /* form cR = e - cm' mod q */ - for (i = 0; i < cmprime_len; i++) - { - if (Mtrin_buf[i] == 1) - { - ringel_buf2[i] = (ringel_buf2[i] - 1) & mod_q_mask; - } - else if (Mtrin_buf[i] == 2) - { - ringel_buf2[i] = (ringel_buf2[i] + 1) & mod_q_mask; - } - } - if (params->is_product_form) - { - ringel_buf2[i] = (ringel_buf2[i] + m1) & mod_q_mask; - } - - /* form cR mod 4 */ - ntru_coeffs_mod4_2_octets(params->N, ringel_buf2, tmp_buf); - - /* form mask */ - seed = chunk_create(tmp_buf, (params->N + 3)/4); - mask = ntru_trits_create(params->N, hash_algid, seed); - if (!mask) - { - result = NTRU_MGF1_FAIL; - } - else - { - mask_trits = mask->get_trits(mask); - - /* form cMtrin by subtracting mask from cm', mod p */ - for (i = 0; i < cmprime_len; i++) - { - Mtrin_buf[i] = Mtrin_buf[i] - mask_trits[i]; - if (Mtrin_buf[i] >= 3) - { - Mtrin_buf[i] += 3; - } - } - mask->destroy(mask); - - if (params->is_product_form) - - /* set the last trit to zero since that's what it was, and - * because it can't be calculated from (cm' - mask) since - * we don't have the correct value for the last cm' trit - */ - - Mtrin_buf[i] = 0; - - /* convert cMtrin to cM (Mtrin to Mbin) */ - - if (!ntru_trits_2_bits(Mtrin_buf, params->N, M_buf)) - decryption_ok = FALSE; - - /* validate the padded message cM and copy cm to m_buf */ - - ptr = M_buf + params->sec_strength_len; - if (params->m_len_len == 2) - cm_len = (uint16_t)(*ptr++) << 16; - cm_len |= (uint16_t)(*ptr++); - if (cm_len > params->m_len_max) { - cm_len = params->m_len_max; - decryption_ok = FALSE; - } - memcpy(m_buf, ptr, cm_len); - ptr += cm_len; - num_zeros = params->m_len_max - cm_len + 1; - for (i = 0; i < num_zeros; i++) { - if (ptr[i] != 0) - decryption_ok = FALSE; - } - - /* form sData (OID || m || b || hTrunc) */ - - ptr = tmp_buf; - memcpy(ptr, params->OID, 3); - ptr += 3; - memcpy(ptr, m_buf, cm_len); - ptr += cm_len; - memcpy(ptr, M_buf, params->sec_strength_len); - ptr += params->sec_strength_len; - memcpy(ptr, pubkey_packed, params->sec_strength_len); - ptr += params->sec_strength_len; - - /* generate cr */ - DBG2(DBG_LIB, "generate polynomial r"); - - seed = chunk_create(tmp_buf, ptr - tmp_buf); - r_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, - params->N, params->q, - params->dF_r, params->dF_r, - params->is_product_form); - if (!r_poly) - { - result = NTRU_MGF1_FAIL; - } - } - - if (result == NTRU_OK) - { - /* unpack the public key */ - { - uint16_t pubkey_packed_len; - - assert(pubkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS); - pubkey_packed_len = (params->N * params->q_bits + 7) >> 3; - ntru_octets_2_elements(pubkey_packed_len, pubkey_packed, - params->q_bits, ringel_buf1); - } - - /* form cR' = h * cr */ - r_poly->ring_mult(r_poly, ringel_buf1, ringel_buf1); - r_poly->destroy(r_poly); - - /* compare cR' to cR */ - for (i = 0; i < params->N; i++) - { - if (ringel_buf1[i] != ringel_buf2[i]) - { - decryption_ok = FALSE; - } - } - - /* output plaintext and plaintext length */ - if (decryption_ok) - { - if (*pt_len < cm_len) - { - return NTRU_BUFFER_TOO_SMALL; - } - memcpy(pt, m_buf, cm_len); - *pt_len = cm_len; - } - } - - /* cleanup */ - memset(scratch_buf, 0, scratch_buf_len); - free(scratch_buf); - - if (!decryption_ok) - { - return NTRU_FAIL; - } - - return result; -} - - -/* ntru_crypto_ntru_encrypt_keygen - * - * Implements key generation for NTRUEncrypt for the parameter set specified. - * - * The required minimum size of the output public-key buffer (pubkey_blob) - * may be queried by invoking this function with pubkey_blob = NULL. - * In this case, no key generation is performed, NTRU_OK is returned, and - * the required minimum size for pubkey_blob is returned in pubkey_blob_len. - * - * The required minimum size of the output private-key buffer (privkey_blob) - * may be queried by invoking this function with privkey_blob = NULL. - * In this case, no key generation is performed, NTRU_OK is returned, and - * the required minimum size for privkey_blob is returned in privkey_blob_len. - * - * The required minimum sizes of both pubkey_blob and privkey_blob may be - * queried as described above, in a single invocation of this function. - * - * When pubkey_blob != NULL and privkey_blob != NULL, at invocation - * *pubkey_blob_len must be the size of the pubkey_blob buffer and - * *privkey_blob_len must be the size of the privkey_blob buffer. - * Upon return, *pubkey_blob_len is the actual size of the public-key blob - * and *privkey_blob_len is the actual size of the private-key blob. - * - * Returns NTRU_OK if successful. - * Returns NTRU_BAD_PARAMETER if an argument pointer (other than pubkey_blob or - * privkey_blob) is NULL. - * Returns NTRU_INVALID_PARAMETER_SET if the parameter-set ID is invalid. - * Returns NTRU_BAD_LENGTH if a length argument is invalid. - * Returns NTRU_BUFFER_TOO_SMALL if either the pubkey_blob buffer or the - * privkey_blob buffer is too small. - * Returns NTRU_NO_MEMORY if memory needed cannot be allocated from the heap. - * Returns NTRU_FAIL if the polynomial generated for f is not invertible in - * (Z/qZ)[X]/(X^N - 1), which is extremely unlikely. - * Should this occur, this function should simply be invoked again. - */ - -uint32_t -ntru_crypto_ntru_encrypt_keygen( - ntru_drbg_t *drbg, /* in - handle of DRBG */ - NTRU_ENCRYPT_PARAM_SET_ID param_set_id, /* in - parameter set ID */ - uint16_t *pubkey_blob_len, /* in/out - no. of octets in - pubkey_blob, addr - for no. of octets - in pubkey_blob */ - uint8_t *pubkey_blob, /* out - address for - public key blob */ - uint16_t *privkey_blob_len, /* in/out - no. of octets in - privkey_blob, addr - for no. of octets - in privkey_blob */ - uint8_t *privkey_blob) /* out - address for - private key blob */ -{ - NTRU_ENCRYPT_PARAM_SET *params = NULL; - uint16_t public_key_blob_len; - uint16_t private_key_blob_len; - uint8_t pubkey_pack_type; - uint8_t privkey_pack_type; - size_t scratch_buf_len; - uint32_t dF; - uint32_t dF1 = 0; - uint32_t dF2 = 0; - uint32_t dF3 = 0; - uint16_t *scratch_buf = NULL; - uint16_t *ringel_buf1 = NULL; - uint16_t *ringel_buf2 = NULL; - uint8_t *tmp_buf = NULL; - uint16_t mod_q_mask; - hash_algorithm_t hash_algid; - uint16_t seed_len; - chunk_t seed; - uint32_t result = NTRU_OK; - ntru_poly_t *F_poly = NULL; - ntru_poly_t *g_poly = NULL; - uint16_t *F_indices; - - /* get a pointer to the parameter-set parameters */ - - if ((params = ntru_encrypt_get_params_with_id(param_set_id)) == NULL) - { - return NTRU_INVALID_PARAMETER_SET; - } - - /* check for bad parameters */ - - if (!pubkey_blob_len || !privkey_blob_len) - { - return NTRU_BAD_PARAMETER; - } - - /* get public and private key packing types and blob lengths */ - - ntru_crypto_ntru_encrypt_key_get_blob_params(params, &pubkey_pack_type, - &public_key_blob_len, - &privkey_pack_type, - &private_key_blob_len); - - /* return the pubkey_blob size and/or privkey_blob size if requested */ - - if (!pubkey_blob || !privkey_blob) - { - if (!pubkey_blob) - *pubkey_blob_len = public_key_blob_len; - if (!privkey_blob) - *privkey_blob_len = private_key_blob_len; - return NTRU_OK; - } - - /* check size of output buffers */ - - if ((*pubkey_blob_len < public_key_blob_len) || - (*privkey_blob_len < private_key_blob_len)) - { - return NTRU_BUFFER_TOO_SMALL; - } - - /* allocate memory for all operations */ - if (params->is_product_form) { - dF1 = params->dF_r & 0xff; - dF2 = (params->dF_r >> 8) & 0xff; - dF3 = (params->dF_r >> 16) & 0xff; - dF = dF1 + dF2 + dF3; - } else { - dF = params->dF_r; - } - - scratch_buf_len = (params->N * 8) + /* 4N-byte temp buffer for ring inv - and other intermediate results, - 2N-byte buffer for f, g indices - and overflow from temp buffer, - 2N-byte buffer for f^-1 */ - (dF << 2); /* buffer for F indices */ - scratch_buf = malloc(scratch_buf_len); - if (!scratch_buf) - { - return NTRU_OUT_OF_MEMORY; - } - ringel_buf1 = scratch_buf + (params->N << 1); - ringel_buf2 = ringel_buf1 + params->N; - tmp_buf = (uint8_t *)scratch_buf; - - /* set hash algorithm and seed length based on security strength */ - if (params->sec_strength_len <= 20) - { - hash_algid = HASH_SHA1; - } - else - { - hash_algid = HASH_SHA256; - } - seed_len = params->sec_strength_len + 8; - - /* set constants */ - - mod_q_mask = params->q - 1; - - /* get random bytes for seed for generating trinary F - * as a list of indices - */ - - if (drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE, - seed_len, tmp_buf)) - { - result = NTRU_OK; - } - else - { - result = NTRU_DRBG_FAIL; - } - - if (result == NTRU_OK) - { - DBG2(DBG_LIB, "generate polynomial F"); - - seed = chunk_create(tmp_buf, seed_len); - F_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, - params->N, params->q, - params->dF_r, params->dF_r, - params->is_product_form); - if (!F_poly) - { - result = NTRU_MGF1_FAIL; - } - } - - if (result == NTRU_OK) - { - int i; - - F_poly->get_array(F_poly, ringel_buf1); - - /* form f = 1 + pF */ - for (i = 0; i < params->N; i++) - { - ringel_buf1[i] = (ringel_buf1[i] * 3) & mod_q_mask; - } - ringel_buf1[0] = (ringel_buf1[0] + 1) & mod_q_mask; - - /* find f^-1 in (Z/qZ)[X]/(X^N - 1) */ - if (!ntru_ring_inv(ringel_buf1, params->N, params->q, - scratch_buf, ringel_buf2)) - { - result = NTRU_FAIL; - } - } - - if (result == NTRU_OK) - { - - /* get random bytes for seed for generating trinary polynomial g - * as a list of indices - */ - if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE, - seed_len, tmp_buf)) - { - result = NTRU_DRBG_FAIL; - } - } - - if (result == NTRU_OK) - { - DBG2(DBG_LIB, "generate polynomial g"); - - seed = chunk_create(tmp_buf, seed_len); - g_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, - params->N, params->q, - params->dg + 1, params->dg, FALSE); - if (!g_poly) - { - result = NTRU_MGF1_FAIL; - } - } - - if (result == NTRU_OK) - { - uint16_t i; - - /* compute h = p * (f^-1 * g) mod q */ - g_poly->ring_mult(g_poly, ringel_buf2, ringel_buf2); - g_poly->destroy(g_poly); - - for (i = 0; i < params->N; i++) - { - ringel_buf2[i] = (ringel_buf2[i] * 3) & mod_q_mask; - } - - /* create public key blob */ - ntru_crypto_ntru_encrypt_key_create_pubkey_blob(params, ringel_buf2, - pubkey_pack_type, - pubkey_blob); - *pubkey_blob_len = public_key_blob_len; - - /* create private key blob */ - F_indices = F_poly->get_indices(F_poly); - ntru_crypto_ntru_encrypt_key_create_privkey_blob(params, ringel_buf2, - F_indices, - privkey_pack_type, - tmp_buf, privkey_blob); - *privkey_blob_len = private_key_blob_len; - } - - /* cleanup */ - DESTROY_IF(F_poly); - memset(scratch_buf, 0, scratch_buf_len); - free(scratch_buf); - - return result; -} diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c deleted file mode 100644 index 90baaadf3..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.c +++ /dev/null @@ -1,360 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_encrypt_key.c is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_encrypt_key.c - * - * Contents: Routines for exporting and importing public and private keys - * for NTRUEncrypt. - * - *****************************************************************************/ - - -#include <stdlib.h> -#include <string.h> -#include <assert.h> -#include "ntru_crypto_ntru_encrypt_key.h" - - -/* ntru_crypto_ntru_encrypt_key_parse - * - * Parses an NTRUEncrypt key blob. - * If the blob is not corrupt, returns packing types for public and private - * keys, a pointer to the parameter set, a pointer to the public key, and - * a pointer to the private key if it exists. - * - * Returns TRUE if successful. - * Returns FALSE if the blob is invalid. - */ - -bool -ntru_crypto_ntru_encrypt_key_parse( - bool pubkey_parse, /* in - if parsing pubkey - blob */ - uint16_t key_blob_len, /* in - no. octets in key - blob */ - uint8_t const *key_blob, /* in - pointer to key blob */ - uint8_t *pubkey_pack_type, /* out - addr for pubkey - packing type */ - uint8_t *privkey_pack_type, /* out - addr for privkey - packing type */ - NTRU_ENCRYPT_PARAM_SET **params, /* out - addr for ptr to - parameter set */ - uint8_t const **pubkey, /* out - addr for ptr to - packed pubkey */ - uint8_t const **privkey) /* out - addr for ptr to - packed privkey */ -{ - uint8_t tag; - - assert(key_blob_len); - assert(key_blob); - assert(pubkey_pack_type); - assert(params); - assert(pubkey); - - /* parse key blob based on tag */ - - tag = key_blob[0]; - switch (tag) { - case NTRU_ENCRYPT_PUBKEY_TAG: - if (!pubkey_parse) - return FALSE; - break; - case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG: - case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG: - case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG: - assert(privkey_pack_type); - assert(privkey); - if (pubkey_parse) - return FALSE; - break; - default: - return FALSE; - } - - switch (tag) { - case NTRU_ENCRYPT_PUBKEY_TAG: - case NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG: - case NTRU_ENCRYPT_PRIVKEY_TRITS_TAG: - case NTRU_ENCRYPT_PRIVKEY_INDICES_TAG: - - /* Version 0: - * byte 0: tag - * byte 1: no. of octets in OID - * bytes 2-4: OID - * bytes 5- : packed pubkey - * [packed privkey] - */ - - { - NTRU_ENCRYPT_PARAM_SET *p = NULL; - uint16_t pubkey_packed_len; - - /* check OID length and minimum blob length for tag and OID */ - - if ((key_blob_len < 5) || (key_blob[1] != 3)) - return FALSE; - - /* get a pointer to the parameter set corresponding to the OID */ - - if ((p = ntru_encrypt_get_params_with_OID(key_blob + 2)) == NULL) - return FALSE; - - /* check blob length and assign pointers to blob fields */ - - pubkey_packed_len = (p->N * p->q_bits + 7) / 8; - if (pubkey_parse) { /* public-key parsing */ - if (key_blob_len != 5 + pubkey_packed_len) - return FALSE; - - *pubkey = key_blob + 5; - - } else { /* private-key parsing */ - uint16_t privkey_packed_len; - uint16_t privkey_packed_trits_len = (p->N + 4) / 5; - uint16_t privkey_packed_indices_len; - uint16_t dF; - - /* check packing type for product-form private keys */ - - if (p->is_product_form && - (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG)) - return FALSE; - - /* set packed-key length for packed indices */ - - if (p->is_product_form) - dF = (uint16_t)( (p->dF_r & 0xff) + /* df1 */ - ((p->dF_r >> 8) & 0xff) + /* df2 */ - ((p->dF_r >> 16) & 0xff)); /* df3 */ - else - dF = (uint16_t)p->dF_r; - privkey_packed_indices_len = ((dF << 1) * p->N_bits + 7) >> 3; - - /* set private-key packing type if defaulted */ - - if (tag == NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG) { - if (p->is_product_form || - (privkey_packed_indices_len <= - privkey_packed_trits_len)) - tag = NTRU_ENCRYPT_PRIVKEY_INDICES_TAG; - else - tag = NTRU_ENCRYPT_PRIVKEY_TRITS_TAG; - } - - if (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG) - privkey_packed_len = privkey_packed_trits_len; - else - privkey_packed_len = privkey_packed_indices_len; - - if (key_blob_len != 5 + pubkey_packed_len + privkey_packed_len) - return FALSE; - - *pubkey = key_blob + 5; - *privkey = *pubkey + pubkey_packed_len; - *privkey_pack_type = (tag == NTRU_ENCRYPT_PRIVKEY_TRITS_TAG) ? - NTRU_ENCRYPT_KEY_PACKED_TRITS : - NTRU_ENCRYPT_KEY_PACKED_INDICES; - } - - /* return parameter set pointer */ - - *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS; - *params = p; - } - default: - break; /* can't get here */ - } - return TRUE; -} - - -/* ntru_crypto_ntru_encrypt_key_get_blob_params - * - * Returns public and private key packing types and blob lengths given - * a packing format. For now, only a default packing format exists. - * - * Only public-key params may be returned by setting privkey_pack_type - * and privkey_blob_len to NULL. - */ - -void -ntru_crypto_ntru_encrypt_key_get_blob_params( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint8_t *pubkey_pack_type, /* out - addr for pubkey - packing type */ - uint16_t *pubkey_blob_len, /* out - addr for no. of - bytes in - pubkey blob */ - uint8_t *privkey_pack_type, /* out - addr for privkey - packing type */ - uint16_t *privkey_blob_len) /* out - addr for no. of - bytes in - privkey blob */ -{ - uint16_t pubkey_packed_len = (params->N * params->q_bits + 7) >> 3; - - assert(params); - assert(pubkey_pack_type); - assert(pubkey_blob_len); - - *pubkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS; - *pubkey_blob_len = 5 + pubkey_packed_len; - - if (privkey_pack_type && privkey_blob_len) { - uint16_t privkey_packed_trits_len = (params->N + 4) / 5; - uint16_t privkey_packed_indices_len; - uint16_t dF; - - if (params->is_product_form) - dF = (uint16_t)( (params->dF_r & 0xff) + /* df1 */ - ((params->dF_r >> 8) & 0xff) + /* df2 */ - ((params->dF_r >> 16) & 0xff)); /* df3 */ - else - dF = (uint16_t)params->dF_r; - privkey_packed_indices_len = ((dF << 1) * params->N_bits + 7) >> 3; - - if (params->is_product_form || - (privkey_packed_indices_len <= privkey_packed_trits_len)) { - *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_INDICES; - *privkey_blob_len = - 5 + pubkey_packed_len + privkey_packed_indices_len; - } else { - *privkey_pack_type = NTRU_ENCRYPT_KEY_PACKED_TRITS; - *privkey_blob_len = - 5 + pubkey_packed_len + privkey_packed_trits_len; - } - } -} - - -/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob - * - * Returns a public key blob, packed according to the packing type provided. - */ - -void -ntru_crypto_ntru_encrypt_key_create_pubkey_blob( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint16_t const *pubkey, /* in - pointer to the - coefficients - of the pubkey */ - uint8_t pubkey_pack_type, /* out - pubkey packing - type */ - uint8_t *pubkey_blob) /* out - addr for the - pubkey blob */ -{ - assert(params); - assert(pubkey); - assert(pubkey_blob); - - switch (pubkey_pack_type) { - case NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS: - *pubkey_blob++ = NTRU_ENCRYPT_PUBKEY_TAG; - *pubkey_blob++ = (uint8_t)sizeof(params->OID); - memcpy(pubkey_blob, params->OID, sizeof(params->OID)); - pubkey_blob += sizeof(params->OID); - ntru_elements_2_octets(params->N, pubkey, params->q_bits, - pubkey_blob); - break; - default: - assert(FALSE); - } -} - - -/* ntru_crypto_ntru_encrypt_key_create_privkey_blob - * - * Returns a private key blob, packed according to the packing type provided. - */ - -void -ntru_crypto_ntru_encrypt_key_create_privkey_blob( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint16_t const *pubkey, /* in - pointer to the - coefficients - of the pubkey */ - uint16_t const *privkey, /* in - pointer to the - indices of the - privkey */ - uint8_t privkey_pack_type, /* in - privkey packing - type */ - uint8_t *buf, /* in - temp, N bytes */ - uint8_t *privkey_blob) /* out - addr for the - privkey blob */ -{ - assert(params); - assert(pubkey); - assert(privkey); - assert(privkey_blob); - - switch (privkey_pack_type) { - case NTRU_ENCRYPT_KEY_PACKED_TRITS: - case NTRU_ENCRYPT_KEY_PACKED_INDICES: - - /* format header and packed public key */ - - *privkey_blob++ = NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG; - *privkey_blob++ = (uint8_t)sizeof(params->OID); - memcpy(privkey_blob, params->OID, sizeof(params->OID)); - privkey_blob += sizeof(params->OID); - ntru_elements_2_octets(params->N, pubkey, params->q_bits, - privkey_blob); - privkey_blob += (params->N * params->q_bits + 7) >> 3; - - /* add packed private key */ - - if (privkey_pack_type == NTRU_ENCRYPT_KEY_PACKED_TRITS) { - ntru_indices_2_packed_trits(privkey, (uint16_t)params->dF_r, - (uint16_t)params->dF_r, - params->N, buf, privkey_blob); - } else { - uint32_t dF; - - if (params->is_product_form) { - dF = (params->dF_r & 0xff) + - ((params->dF_r >> 8) & 0xff) + - ((params->dF_r >> 16) & 0xff); - } else { - dF = params->dF_r; - } - ntru_elements_2_octets((uint16_t)dF << 1, privkey, - params->N_bits, privkey_blob); - } - break; - default: - assert(FALSE); - break; - } -} - - diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h deleted file mode 100644 index 6734f2a4c..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_key.h +++ /dev/null @@ -1,167 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_cencrypt_key.h is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - - -#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H -#define NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H - -#include "ntru_crypto_ntru_convert.h" -#include "ntru_crypto_ntru_encrypt_param_sets.h" - - -/* key-blob definitions */ - -#define NTRU_ENCRYPT_PUBKEY_TAG 0x01 -#define NTRU_ENCRYPT_PRIVKEY_DEFAULT_TAG 0x02 -#define NTRU_ENCRYPT_PRIVKEY_TRITS_TAG 0xfe -#define NTRU_ENCRYPT_PRIVKEY_INDICES_TAG 0xff - -/* packing types */ - -#define NTRU_ENCRYPT_KEY_PACKED_COEFFICIENTS 0x01 -#define NTRU_ENCRYPT_KEY_PACKED_INDICES 0x02 -#define NTRU_ENCRYPT_KEY_PACKED_TRITS 0x03 - -/* function declarations */ - - -/* ntru_crypto_ntru_encrypt_key_parse - * - * Parses an NTRUEncrypt key blob. - * If the blob is not corrupt, returns packing types for public and private - * keys, a pointer to the parameter set, a pointer to the public key, and - * a pointer to the private key if it exists. - * - * Returns TRUE if successful. - * Returns FALSE if the blob is invalid. - */ - -extern bool -ntru_crypto_ntru_encrypt_key_parse( - bool pubkey_parse, /* in - if parsing pubkey - blob */ - uint16_t key_blob_len, /* in - no. octets in key - blob */ - uint8_t const *key_blob, /* in - pointer to key blob */ - uint8_t *pubkey_pack_type, /* out - addr for pubkey - packing type */ - uint8_t *privkey_pack_type, /* out - addr for privkey - packing type */ - NTRU_ENCRYPT_PARAM_SET **params, /* out - addr for ptr to - parameter set */ - uint8_t const **pubkey, /* out - addr for ptr to - packed pubkey */ - uint8_t const **privkey); /* out - addr for ptr to - packed privkey */ - - -/* ntru_crypto_ntru_encrypt_key_get_blob_params - * - * Returns public and private key packing types and blob lengths given - * a packing format. For now, only a default packing format exists. - * - * Only public-key params may be returned by setting privkey_pack_type - * and privkey_blob_len to NULL. - */ - -extern void -ntru_crypto_ntru_encrypt_key_get_blob_params( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint8_t *pubkey_pack_type, /* out - addr for pubkey - packing type */ - uint16_t *pubkey_blob_len, /* out - addr for no. of - bytes in - pubkey blob */ - uint8_t *privkey_pack_type, /* out - addr for privkey - packing type */ - uint16_t *privkey_blob_len); /* out - addr for no. of - bytes in - privkey blob */ - - -/* ntru_crypto_ntru_encrypt_key_create_pubkey_blob - * - * Returns a public key blob, packed according to the packing type provided. - */ - -extern void -ntru_crypto_ntru_encrypt_key_create_pubkey_blob( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint16_t const *pubkey, /* in - pointer to the - coefficients - of the pubkey */ - uint8_t pubkey_pack_type, /* out - addr for pubkey - packing type */ - uint8_t *pubkey_blob); /* out - addr for the - pubkey blob */ - - -/* ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob - * - * Returns a public key blob, recreated from an already-packed public key. - */ - -extern void -ntru_crypto_ntru_encrypt_key_recreate_pubkey_blob( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint16_t packed_pubkey_len, /* in - no. octets in - packed pubkey */ - uint8_t const *packed_pubkey, /* in - pointer to the - packed pubkey */ - uint8_t pubkey_pack_type, /* out - pubkey packing - type */ - uint8_t *pubkey_blob); /* out - addr for the - pubkey blob */ - - -/* ntru_crypto_ntru_encrypt_key_create_privkey_blob - * - * Returns a privlic key blob, packed according to the packing type provided. - */ - -extern void -ntru_crypto_ntru_encrypt_key_create_privkey_blob( - NTRU_ENCRYPT_PARAM_SET const *params, /* in - pointer to - param set - parameters */ - uint16_t const *pubkey, /* in - pointer to the - coefficients - of the pubkey */ - uint16_t const *privkey, /* in - pointer to the - indices of the - privkey */ - uint8_t privkey_pack_type, /* in - privkey packing - type */ - uint8_t *buf, /* in - temp, N bytes */ - uint8_t *privkey_blob); /* out - addr for the - privkey blob */ - - -#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_KEY_H */ diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h deleted file mode 100644 index e5e977a0e..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.h +++ /dev/null @@ -1,101 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_encrypt_param_sets.h is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_encrypt_param_sets.h - * - * Contents: Definitions and declarations for the NTRUEncrypt parameter sets. - * - *****************************************************************************/ - -#ifndef NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H -#define NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H - -#include "ntru_crypto.h" - -/* structures */ - -typedef struct _NTRU_ENCRYPT_PARAM_SET { - NTRU_ENCRYPT_PARAM_SET_ID id; /* parameter-set ID */ - uint8_t const OID[3]; /* pointer to OID */ - uint8_t der_id; /* parameter-set DER id */ - uint8_t N_bits; /* no. of bits in N (i.e. in - an index */ - uint16_t N; /* ring dimension */ - uint16_t sec_strength_len; /* no. of octets of - security strength */ - uint16_t q; /* big modulus */ - uint8_t q_bits; /* no. of bits in q (i.e. in - a coefficient */ - bool is_product_form; /* if product form used */ - uint32_t dF_r; /* no. of 1 or -1 coefficients - in ring elements F, r */ - uint16_t dg; /* no. - 1 of 1 coefficients - or no. of -1 coefficients - in ring element g */ - uint16_t m_len_max; /* max no. of plaintext - octets */ - uint16_t min_msg_rep_wt; /* min. message - representative weight */ - uint8_t c_bits; /* no. bits in candidate for - deriving an index in - IGF-2 */ - uint8_t m_len_len; /* no. of octets to hold - mLenOctets */ -} NTRU_ENCRYPT_PARAM_SET; - - - -/* function declarations */ - -/* ntru_encrypt_get_params_with_id - * - * Looks up a set of NTRU Encrypt parameters based on the id of the - * parameter set. - * - * Returns a pointer to the parameter set parameters if successful. - * Returns NULL if the parameter set cannot be found. - */ - -extern NTRU_ENCRYPT_PARAM_SET * -ntru_encrypt_get_params_with_id( - NTRU_ENCRYPT_PARAM_SET_ID id); /* in - parameter-set id */ - - -/* ntru_encrypt_get_params_with_OID - * - * Looks up a set of NTRU Encrypt parameters based on the OID of the - * parameter set. - * - * Returns a pointer to the parameter set parameters if successful. - * Returns NULL if the parameter set cannot be found. - */ - -extern NTRU_ENCRYPT_PARAM_SET * -ntru_encrypt_get_params_with_OID( - uint8_t const *oid); /* in - pointer to parameter-set OID */ - -#endif /* NTRU_CRYPTO_NTRU_ENCRYPT_PARAM_SETS_H */ - diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c deleted file mode 100644 index 8e4eede87..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.c +++ /dev/null @@ -1,242 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_poly.c is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -#include <stdlib.h> -#include <string.h> -#include "ntru_crypto_ntru_poly.h" - -/* ntru_poly_check_min_weight - * - * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed - * a minimum weight. - */ - -bool -ntru_poly_check_min_weight( - uint16_t num_els, /* in - degree of polynomial */ - uint8_t *ringels, /* in - pointer to trinary ring elements */ - uint16_t min_wt) /* in - minimum weight */ -{ - uint16_t wt[3]; - uint16_t i; - - wt[0] = wt[1] = wt[2] = 0; - for (i = 0; i < num_els; i++) { - ++wt[ringels[i]]; - } - if ((wt[0] < min_wt) || (wt[1] < min_wt) || (wt[2] < min_wt)) { - return FALSE; - } - return TRUE; -} - -/* ntru_ring_mult_coefficients - * - * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b" - * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1). - * This is a convolution operation. - * - * Ring element "b" has coefficients in the range [0,N). - * - * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum - * beyond 16 bits does not matter. - */ - -void -ntru_ring_mult_coefficients( - uint16_t const *a, /* in - pointer to polynomial a */ - uint16_t const *b, /* in - pointer to polynomial b */ - uint16_t N, /* in - no. of coefficients in a, b, c */ - uint16_t q, /* in - large modulus */ - uint16_t *c) /* out - address for polynomial c */ -{ - uint16_t const *bptr = b; - uint16_t mod_q_mask = q - 1; - uint16_t i, k; - - /* c[k] = sum(a[i] * b[k-i]) mod q */ - memset(c, 0, N * sizeof(uint16_t)); - for (k = 0; k < N; k++) { - i = 0; - while (i <= k) - c[k] += a[i++] * *bptr--; - bptr += N; - while (i < N) - c[k] += a[i++] * *bptr--; - c[k] &= mod_q_mask; - ++bptr; - } -} - - -/* ntru_ring_inv - * - * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1). - * - * This assumes q is 2^r where 8 < r < 16, so that operations mod q can - * wait until the end, and only 16-bit arrays need to be used. - */ - -bool -ntru_ring_inv( - uint16_t *a, /* in - pointer to polynomial a */ - uint16_t N, /* in - no. of coefficients in a */ - uint16_t q, /* in - large modulus */ - uint16_t *t, /* in - temp buffer of 2N elements */ - uint16_t *a_inv) /* out - address for polynomial a^-1 */ -{ - uint8_t *b = (uint8_t *)t; /* b cannot be in a_inv since it must be - rotated and copied there as a^-1 mod 2 */ - uint8_t *c = b + N; /* c cannot be in a_inv since it exchanges - with b, and b cannot be in a_inv */ - uint8_t *f = c + N; - uint8_t *g = (uint8_t *)a_inv; /* g needs N + 1 bytes */ - uint16_t *t2 = t + N; - uint16_t deg_b; - uint16_t deg_c; - uint16_t deg_f; - uint16_t deg_g; - uint16_t k = 0; - bool done = FALSE; - uint16_t i, j; - - /* form a^-1 in (Z/2Z)[X]/X^N - 1) */ - memset(b, 0, (N << 1)); /* clear to init b, c */ - - /* b(X) = 1 */ - b[0] = 1; - deg_b = 0; - - /* c(X) = 0 (cleared above) */ - deg_c = 0; - - /* f(X) = a(X) mod 2 */ - for (i = 0; i < N; i++) - f[i] = (uint8_t)(a[i] & 1); - deg_f = N - 1; - - /* g(X) = X^N - 1 */ - g[0] = 1; - memset(g + 1, 0, N - 1); - g[N] = 1; - deg_g = N; - - /* until f(X) = 1 */ - - while (!done) - { - - /* while f[0] = 0, f(X) /= X, c(X) *= X, k++ */ - - for (i = 0; (i <= deg_f) && (f[i] == 0); ++i); - if (i > deg_f) - return FALSE; - if (i) { - f = f + i; - deg_f = deg_f - i; - deg_c = deg_c + i; - for (j = deg_c; j >= i; j--) - c[j] = c[j-i]; - for (j = 0; j < i; j++) - c[j] = 0; - k = k + i; - } - - /* adjust degree of f(X) if the highest coefficients are zero - * Note: f[0] = 1 from above so the loop will terminate. - */ - - while (f[deg_f] == 0) - --deg_f; - - /* if f(X) = 1, done - * Note: f[0] = 1 from above, so only check the x term and up - */ - - for (i = 1; (i <= deg_f) && (f[i] == 0); ++i); - if (i > deg_f) { - done = TRUE; - break; - } - - /* if deg_f < deg_g, f <-> g, b <-> c */ - - if (deg_f < deg_g) { - uint8_t *x; - - x = f; - f = g; - g = x; - deg_f ^= deg_g; - deg_g ^= deg_f; - deg_f ^= deg_g; - x = b; - b = c; - c = x; - deg_b ^= deg_c; - deg_c ^= deg_b; - deg_b ^= deg_c; - } - - /* f(X) += g(X), b(X) += c(X) */ - - for (i = 0; i <= deg_g; i++) - f[i] ^= g[i]; - - if (deg_c > deg_b) - deg_b = deg_c; - for (i = 0; i <= deg_c; i++) - b[i] ^= c[i]; - } - - /* a^-1 in (Z/2Z)[X]/(X^N - 1) = b(X) shifted left k coefficients */ - - j = 0; - if (k >= N) - k = k - N; - for (i = k; i < N; i++) - a_inv[j++] = (uint16_t)(b[i]); - for (i = 0; i < k; i++) - a_inv[j++] = (uint16_t)(b[i]); - - /* lift a^-1 in (Z/2Z)[X]/(X^N - 1) to a^-1 in (Z/qZ)[X]/(X^N -1) */ - - for (j = 0; j < 4; ++j) { /* assumes 256 < q <= 65536 */ - - /* a^-1 = a^-1 * (2 - a * a^-1) mod q */ - - memcpy(t2, a_inv, N * sizeof(uint16_t)); - ntru_ring_mult_coefficients(a, t2, N, q, t); - for (i = 0; i < N; ++i) - t[i] = q - t[i]; - t[0] = t[0] + 2; - ntru_ring_mult_coefficients(t2, t, N, q, a_inv); - } - - return TRUE; - - -} - - diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h b/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h deleted file mode 100644 index 1e9d467ed..000000000 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_poly.h +++ /dev/null @@ -1,96 +0,0 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_poly.h is a component of ntru-crypto. - * - * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_poly.h - * - * Contents: Public header file for generating and operating on polynomials - * in the NTRU algorithm. - * - *****************************************************************************/ - - -#ifndef NTRU_CRYPTO_NTRU_POLY_H -#define NTRU_CRYPTO_NTRU_POLY_H - - -#include "ntru_crypto.h" - -#include <crypto/hashers/hasher.h> - - -/* function declarations */ - -/* ntru_poly_check_min_weight - * - * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed - * a minimum weight. - */ - -extern bool -ntru_poly_check_min_weight( - uint16_t num_els, /* in - degree of polynomial */ - uint8_t *ringels, /* in - pointer to trinary ring elements */ - uint16_t min_wt); /* in - minimum weight */ - -/* ntru_ring_mult_coefficients - * - * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b" - * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1). - * This is a convolution operation. - * - * Ring element "b" has coefficients in the range [0,N). - * - * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum - * beyond 16 bits does not matter. - */ - -extern void -ntru_ring_mult_coefficients( - uint16_t const *a, /* in - pointer to polynomial a */ - uint16_t const *b, /* in - pointer to polynomial b */ - uint16_t N, /* in - no. of coefficients in a, b, c */ - uint16_t q, /* in - large modulus */ - uint16_t *c); /* out - address for polynomial c */ - - -/* ntru_ring_inv - * - * Finds the inverse of a polynomial, a, in (Z/2^rZ)[X]/(X^N - 1). - * - * This assumes q is 2^r where 8 < r < 16, so that operations mod q can - * wait until the end, and only 16-bit arrays need to be used. - */ - -extern bool -ntru_ring_inv( - uint16_t *a, /* in - pointer to polynomial a */ - uint16_t N, /* in - no. of coefficients in a */ - uint16_t q, /* in - large modulus */ - uint16_t *t, /* in - temp buffer of 2N elements */ - uint16_t *a_inv); /* out - address for polynomial a^-1 */ - - -#endif /* NTRU_CRYPTO_NTRU_POLY_H */ diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.c b/src/libstrongswan/plugins/ntru/ntru_drbg.c index 181a58939..ef0d3d9c8 100644 --- a/src/libstrongswan/plugins/ntru/ntru_drbg.c +++ b/src/libstrongswan/plugins/ntru/ntru_drbg.c @@ -67,6 +67,10 @@ struct private_ntru_drbg_t { */ chunk_t value; + /** + * reference count + */ + refcount_t ref; }; /** @@ -180,13 +184,23 @@ METHOD(ntru_drbg_t, generate, bool, return TRUE; } +METHOD(ntru_drbg_t, get_ref, ntru_drbg_t*, + private_ntru_drbg_t *this) +{ + ref_get(&this->ref); + return &this->public; +} + METHOD(ntru_drbg_t, destroy, void, private_ntru_drbg_t *this) { - this->hmac->destroy(this->hmac); - chunk_clear(&this->key); - chunk_clear(&this->value); - free(this); + if (ref_put(&this->ref)) + { + this->hmac->destroy(this->hmac); + chunk_clear(&this->key); + chunk_clear(&this->value); + free(this); + } } /* @@ -238,6 +252,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str, .get_strength = _get_strength, .reseed = _reseed, .generate = _generate, + .get_ref = _get_ref, .destroy = _destroy, }, .strength = strength, @@ -247,6 +262,7 @@ ntru_drbg_t *ntru_drbg_create(u_int32_t strength, chunk_t pers_str, .value = chunk_alloc(hmac->get_block_size(hmac)), .max_requests = max_requests, .reseed_counter = 1, + .ref = 1, ); memset(this->key.ptr, 0x00, this->key.len); diff --git a/src/libstrongswan/plugins/ntru/ntru_drbg.h b/src/libstrongswan/plugins/ntru/ntru_drbg.h index 38ac718ae..83cef11be 100644 --- a/src/libstrongswan/plugins/ntru/ntru_drbg.h +++ b/src/libstrongswan/plugins/ntru/ntru_drbg.h @@ -58,6 +58,13 @@ struct ntru_drbg_t { u_int8_t *out); /** + * Get a reference on an ntru_drbg_t object increasing the count by one + * + * @return reference to the ntru_drbg_t object + */ + ntru_drbg_t* (*get_ref)(ntru_drbg_t *this); + + /** * Uninstantiate and destroy the DRBG object */ void (*destroy)(ntru_drbg_t *this); diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c index 39fb261cd..abaa22336 100644 --- a/src/libstrongswan/plugins/ntru/ntru_ke.c +++ b/src/libstrongswan/plugins/ntru/ntru_ke.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2014 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -15,54 +15,33 @@ #include "ntru_ke.h" #include "ntru_drbg.h" - -#include "ntru_crypto/ntru_crypto.h" +#include "ntru_param_set.h" +#include "ntru_private_key.h" +#include "ntru_public_key.h" #include <crypto/diffie_hellman.h> #include <utils/debug.h> typedef struct private_ntru_ke_t private_ntru_ke_t; -typedef struct param_set_t param_set_t; - -/** - * Defines an NTRU parameter set by ID or OID - */ -struct param_set_t { - NTRU_ENCRYPT_PARAM_SET_ID id; - char oid[3]; - char *name; -}; /* Best bandwidth and speed, no X9.98 compatibility */ -static param_set_t param_sets_optimum[] = { - { NTRU_EES401EP2, {0x00, 0x02, 0x10}, "ees401ep2" }, - { NTRU_EES439EP1, {0x00, 0x03, 0x10}, "ees439ep1" }, - { NTRU_EES593EP1, {0x00, 0x05, 0x10}, "ees593ep1" }, - { NTRU_EES743EP1, {0x00, 0x06, 0x10}, "ees743ep1" } +static ntru_param_set_id_t param_sets_optimum[] = { + NTRU_EES401EP2, NTRU_EES439EP1, NTRU_EES593EP1, NTRU_EES743EP1 }; /* X9.98/IEEE 1363.1 parameter sets for best speed */ -static param_set_t param_sets_x9_98_speed[] = { - { NTRU_EES659EP1, {0x00, 0x02, 0x06}, "ees659ep1" }, - { NTRU_EES761EP1, {0x00, 0x03, 0x05}, "ees761ep1" }, - { NTRU_EES1087EP1, {0x00, 0x05, 0x05}, "ees1087ep1" }, - { NTRU_EES1499EP1, {0x00, 0x06, 0x05}, "ees1499ep1" } +static ntru_param_set_id_t param_sets_x9_98_speed[] = { + NTRU_EES659EP1, NTRU_EES761EP1, NTRU_EES1087EP1, NTRU_EES1499EP1 }; /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ -static param_set_t param_sets_x9_98_bandwidth[] = { - { NTRU_EES401EP1, {0x00, 0x02, 0x04}, "ees401ep1" }, - { NTRU_EES449EP1, {0x00, 0x03, 0x03}, "ees449ep1" }, - { NTRU_EES677EP1, {0x00, 0x05, 0x03}, "ees677ep1" }, - { NTRU_EES1087EP2, {0x00, 0x06, 0x03}, "ees1087ep2" } +static ntru_param_set_id_t param_sets_x9_98_bandwidth[] = { + NTRU_EES401EP1, NTRU_EES449EP1, NTRU_EES677EP1, NTRU_EES1087EP2 }; /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */ -static param_set_t param_sets_x9_98_balance[] = { - { NTRU_EES541EP1, {0x00, 0x02, 0x05}, "ees541ep1" }, - { NTRU_EES613EP1, {0x00, 0x03, 0x04}, "ees613ep1" }, - { NTRU_EES887EP1, {0x00, 0x05, 0x04}, "ees887ep1" }, - { NTRU_EES1171EP1, {0x00, 0x06, 0x04}, "ees1171ep1" } +static ntru_param_set_id_t param_sets_x9_98_balance[] = { + NTRU_EES541EP1, NTRU_EES613EP1, NTRU_EES887EP1, NTRU_EES1171EP1 }; /** @@ -82,7 +61,7 @@ struct private_ntru_ke_t { /** * NTRU Parameter Set */ - param_set_t *param_set; + ntru_param_set_t *param_set; /** * Cryptographical strength in bits of the NTRU Parameter Set @@ -92,12 +71,12 @@ struct private_ntru_ke_t { /** * NTRU Public Key */ - chunk_t pub_key; + ntru_public_key_t *pubkey; /** * NTRU Private Key */ - chunk_t priv_key; + ntru_private_key_t *privkey; /** * NTRU encrypted shared secret @@ -133,8 +112,6 @@ struct private_ntru_ke_t { METHOD(diffie_hellman_t, get_my_public_value, void, private_ntru_ke_t *this, chunk_t *value) { - uint16_t pub_key_len, priv_key_len; - *value = chunk_empty; if (this->responder) @@ -146,34 +123,19 @@ METHOD(diffie_hellman_t, get_my_public_value, void, } else { - if (this->pub_key.len == 0) + if (!this->pubkey) { - /* determine the NTRU public and private key sizes */ - if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id, - &pub_key_len, NULL, - &priv_key_len, NULL) != NTRU_OK) - { - DBG1(DBG_LIB, "error determining NTRU public and private key " - "sizes"); - return; - } - this->pub_key = chunk_alloc(pub_key_len); - this->priv_key = chunk_alloc(priv_key_len); - /* generate a random NTRU public/private key pair */ - if (ntru_crypto_ntru_encrypt_keygen(this->drbg, this->param_set->id, - &pub_key_len, this->pub_key.ptr, - &priv_key_len, this->priv_key.ptr) != NTRU_OK) + this->privkey = ntru_private_key_create(this->drbg, this->param_set); + if (!this->privkey) { DBG1(DBG_LIB, "NTRU keypair generation failed"); - chunk_free(&this->priv_key); - chunk_free(&this->pub_key); return; } - DBG3(DBG_LIB, "NTRU public key: %B", &this->pub_key); - DBG4(DBG_LIB, "NTRU private key: %B", &this->priv_key); + this->pubkey = this->privkey->get_public_key(this->privkey); } - *value = chunk_clone(this->pub_key); + *value = chunk_clone(this->pubkey->get_encoding(this->pubkey)); + DBG3(DBG_LIB, "NTRU public key: %B", value); } } @@ -194,9 +156,7 @@ METHOD(diffie_hellman_t, get_shared_secret, status_t, METHOD(diffie_hellman_t, set_other_public_value, void, private_ntru_ke_t *this, chunk_t value) { - u_int16_t plaintext_len, ciphertext_len; - - if (this->priv_key.len) + if (this->privkey) { /* initiator decrypting shared secret */ if (value.len == 0) @@ -204,48 +164,36 @@ METHOD(diffie_hellman_t, set_other_public_value, void, DBG1(DBG_LIB, "empty NTRU ciphertext"); return; } - this->ciphertext = chunk_clone(value); - DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext); - - /* determine the size of the maximum plaintext */ - if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr, - this->ciphertext.len, this->ciphertext.ptr, - &plaintext_len, NULL) != NTRU_OK) - { - DBG1(DBG_LIB, "error determining maximum plaintext size"); - return; - } - this->shared_secret = chunk_alloc(plaintext_len); + DBG3(DBG_LIB, "NTRU ciphertext: %B", &value); /* decrypt the shared secret */ - if (ntru_crypto_ntru_decrypt(this->priv_key.len, this->priv_key.ptr, - this->ciphertext.len, this->ciphertext.ptr, - &plaintext_len, this->shared_secret.ptr) != NTRU_OK) + if (!this->privkey->decrypt(this->privkey, value, &this->shared_secret)) { DBG1(DBG_LIB, "NTRU decryption of shared secret failed"); - chunk_free(&this->shared_secret); return; } - this->shared_secret.len = plaintext_len; this->computed = TRUE; } else { + ntru_public_key_t *pubkey; + /* responder generating and encrypting the shared secret */ this->responder = TRUE; - /* check the NTRU public key format */ - if (value.len < 5 || value.ptr[0] != 1 || value.ptr[1] != 3) + DBG3(DBG_LIB, "NTRU public key: %B", &value); + pubkey = ntru_public_key_create_from_data(this->drbg, value); + if (!pubkey) { - DBG1(DBG_LIB, "received NTRU public key with invalid header"); return; } - if (!memeq(value.ptr + 2, this->param_set->oid, 3)) + if (pubkey->get_id(pubkey) != this->param_set->id) { - DBG1(DBG_LIB, "received NTRU public key with wrong OID"); + DBG1(DBG_LIB, "received NTRU public key with wrong OUI"); + pubkey->destroy(pubkey); return; } - this->pub_key = chunk_clone(value); + this->pubkey = pubkey; /* shared secret size is chosen as twice the cryptographical strength */ this->shared_secret = chunk_alloc(2 * this->strength / BITS_PER_BYTE); @@ -260,25 +208,10 @@ METHOD(diffie_hellman_t, set_other_public_value, void, } this->computed = TRUE; - /* determine the size of the ciphertext */ - if (ntru_crypto_ntru_encrypt(this->drbg, - this->pub_key.len, this->pub_key.ptr, - this->shared_secret.len, this->shared_secret.ptr, - &ciphertext_len, NULL) != NTRU_OK) - { - DBG1(DBG_LIB, "error determining ciphertext size"); - return; - } - this->ciphertext = chunk_alloc(ciphertext_len); - /* encrypt the shared secret */ - if (ntru_crypto_ntru_encrypt(this->drbg, - this->pub_key.len, this->pub_key.ptr, - this->shared_secret.len, this->shared_secret.ptr, - &ciphertext_len, this->ciphertext.ptr) != NTRU_OK) + if (!pubkey->encrypt(pubkey, this->shared_secret, &this->ciphertext)) { DBG1(DBG_LIB, "NTRU encryption of shared secret failed"); - chunk_free(&this->ciphertext); return; } DBG3(DBG_LIB, "NTRU ciphertext: %B", &this->ciphertext); @@ -294,11 +227,11 @@ METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t, METHOD(diffie_hellman_t, destroy, void, private_ntru_ke_t *this) { + DESTROY_IF(this->privkey); + DESTROY_IF(this->pubkey); this->drbg->destroy(this->drbg); this->entropy->destroy(this->entropy); - chunk_free(&this->pub_key); chunk_free(&this->ciphertext); - chunk_clear(&this->priv_key); chunk_clear(&this->shared_secret); free(this); } @@ -309,7 +242,7 @@ METHOD(diffie_hellman_t, destroy, void, ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) { private_ntru_ke_t *this; - param_set_t *param_sets, *param_set; + ntru_param_set_id_t *param_sets, param_set_id; rng_t *entropy; ntru_drbg_t *drbg; char *parameter_set; @@ -339,25 +272,25 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) { case NTRU_112_BIT: strength = 112; - param_set = ¶m_sets[0]; + param_set_id = param_sets[0]; break; case NTRU_128_BIT: strength = 128; - param_set = ¶m_sets[1]; + param_set_id = param_sets[1]; break; case NTRU_192_BIT: strength = 192; - param_set = ¶m_sets[2]; + param_set_id = param_sets[2]; break; case NTRU_256_BIT: strength = 256; - param_set = ¶m_sets[3]; + param_set_id = param_sets[3]; break; default: return NULL; } - DBG1(DBG_LIB, "%u bit %s NTRU parameter set %s selected", strength, - parameter_set, param_set->name); + DBG1(DBG_LIB, "%u bit %s NTRU parameter set %N selected", strength, + parameter_set, ntru_param_set_id_names, param_set_id); entropy = lib->crypto->create_rng(lib->crypto, RNG_TRUE); if (!entropy) @@ -385,7 +318,7 @@ ntru_ke_t *ntru_ke_create(diffie_hellman_group_t group, chunk_t g, chunk_t p) }, }, .group = group, - .param_set = param_set, + .param_set = ntru_param_set_get_by_id(param_set_id), .strength = strength, .entropy = entropy, .drbg = drbg, diff --git a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c b/src/libstrongswan/plugins/ntru/ntru_param_set.c index 5ddf91d2a..4af1e3091 100644 --- a/src/libstrongswan/plugins/ntru/ntru_crypto/ntru_crypto_ntru_encrypt_param_sets.c +++ b/src/libstrongswan/plugins/ntru/ntru_param_set.c @@ -1,44 +1,49 @@ -/****************************************************************************** - * NTRU Cryptography Reference Source Code - * Copyright (c) 2009-2013, by Security Innovation, Inc. All rights reserved. - * - * ntru_crypto_ntru_param_sets.c is a component of ntru-crypto. +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil * * Copyright (C) 2009-2013 Security Innovation - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - * - *****************************************************************************/ - -/****************************************************************************** - * - * File: ntru_crypto_ntru_encrypt_param_sets.c * - * Contents: Defines the NTRUEncrypt parameter sets. + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. * - *****************************************************************************/ - -#include <stdlib.h> -#include <string.h> -#include "ntru_crypto_ntru_encrypt_param_sets.h" - - -/* parameter sets */ + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ -static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { +#include "ntru_param_set.h" + +#include <utils/test.h> + +ENUM(ntru_param_set_id_names, NTRU_EES401EP1, NTRU_EES743EP1, + "ees401ep1", + "ees449ep1", + "ees677ep1", + "ees1087ep2", + "ees541ep1", + "ees613ep1", + "ees887ep1", + "ees1171ep1", + "ees659ep1", + "ees761ep1", + "ees1087ep1", + "ees1499ep1", + "ees401ep2", + "ees439ep1", + "ees593ep1", + "ees743ep1" +); + +/** + * NTRU encryption parameter set definitions + */ +static ntru_param_set_t ntru_param_sets[] = { + /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ { NTRU_EES401EP1, /* parameter-set id */ {0x00, 0x02, 0x04}, /* OID */ @@ -97,7 +102,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { NTRU_EES1087EP2, /* parameter-set id */ {0x00, 0x06, 0x03}, /* OID */ 0x25, /* DER id */ - 10, /* no. of bits in N (i.e., in an index) */ + 11, /* no. of bits in N (i.e., in an index) */ 1087, /* N */ 32, /* security strength in octets */ 2048, /* q */ @@ -111,6 +116,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { 1, /* lLen */ }, + /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */ { NTRU_EES541EP1, /* parameter-set id */ {0x00, 0x02, 0x05}, /* OID */ @@ -183,6 +189,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { 1, /* lLen */ }, + /* X9.98/IEEE 1363.1 parameter sets for best speed */ { NTRU_EES659EP1, /* parameter-set id */ {0x00, 0x02, 0x06}, /* OID */ @@ -255,6 +262,7 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { 1, /* lLen */ }, + /* Best bandwidth and speed, no X9.98 compatibility */ { NTRU_EES401EP2, /* parameter-set id */ {0x00, 0x02, 0x10}, /* OID */ @@ -329,56 +337,39 @@ static NTRU_ENCRYPT_PARAM_SET ntruParamSets[] = { }; -static size_t numParamSets = - sizeof(ntruParamSets)/sizeof(NTRU_ENCRYPT_PARAM_SET); - - -/* functions */ - -/* ntru_encrypt_get_params_with_id - * - * Looks up a set of NTRUEncrypt parameters based on the id of the - * parameter set. - * - * Returns a pointer to the parameter set parameters if successful. - * Returns NULL if the parameter set cannot be found. +/** + * See header. */ - -NTRU_ENCRYPT_PARAM_SET * -ntru_encrypt_get_params_with_id( - NTRU_ENCRYPT_PARAM_SET_ID id) /* in - parameter-set id */ +ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id) { - size_t i; - - for (i = 0; i < numParamSets; i++) { - if (ntruParamSets[i].id == id) { - return &(ntruParamSets[i]); - } - } - return NULL; + int i; + + for (i = 0; i < countof(ntru_param_sets); i++) + { + if (ntru_param_sets[i].id == id) + { + return &ntru_param_sets[i]; + } + } + return NULL; } -/* ntru_encrypt_get_params_with_OID - * - * Looks up a set of NTRUEncrypt parameters based on the OID of the - * parameter set. - * - * Returns a pointer to the parameter set parameters if successful. - * Returns NULL if the parameter set cannot be found. +/** + * See header. */ - -NTRU_ENCRYPT_PARAM_SET * -ntru_encrypt_get_params_with_OID( - uint8_t const *oid) /* in - pointer to parameter-set OID */ +ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid) { - size_t i; - - for (i = 0; i < numParamSets; i++) { - if (!memcmp(ntruParamSets[i].OID, oid, 3)) { - return &(ntruParamSets[i]); - } - } - return NULL; + int i; + + for (i = 0; i < countof(ntru_param_sets); i++) + { + if (memeq(ntru_param_sets[i].oid, oid, 3)) + { + return &ntru_param_sets[i]; + } + } + return NULL; } +EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id); diff --git a/src/libstrongswan/plugins/ntru/ntru_param_set.h b/src/libstrongswan/plugins/ntru/ntru_param_set.h new file mode 100644 index 000000000..df4e55333 --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_param_set.h @@ -0,0 +1,118 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2009-2013 Security Innovation + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup ntru_param_set ntru_param_set + * @{ @ingroup ntru_p + */ + +#ifndef NTRU_PARAM_SET_H_ +#define NTRU_PARAM_SET_H_ + +typedef enum ntru_param_set_id_t ntru_param_set_id_t; +typedef struct ntru_param_set_t ntru_param_set_t; + +#include <library.h> + +/** + * Encoding types for NTRU encryption public/private key blobs + */ +#define NTRU_PUBKEY_TAG 0x01 +#define NTRU_PRIVKEY_DEFAULT_TAG 0x02 +#define NTRU_PRIVKEY_TRITS_TAG 0xfe +#define NTRU_PRIVKEY_INDICES_TAG 0xff + +/** + * Size in octets of the OID designating the NTRU encryption parameter set + */ +#define NTRU_OID_LEN 3 + +/** + * Packing types for NTRU encryption public/private keys + */ +#define NTRU_KEY_PACKED_COEFFICIENTS 0x01 +#define NTRU_KEY_PACKED_INDICES 0x02 +#define NTRU_KEY_PACKED_TRITS 0x03 + +/** + * NTRU encryption parameter set ID list + */ +enum ntru_param_set_id_t { + /* X9.98/IEEE 1363.1 parameter sets for best bandwidth (smallest size) */ + NTRU_EES401EP1, + NTRU_EES449EP1, + NTRU_EES677EP1, + NTRU_EES1087EP2, + /* X9.98/IEEE 1363.1 parameter sets balancing speed and bandwidth */ + NTRU_EES541EP1, + NTRU_EES613EP1, + NTRU_EES887EP1, + NTRU_EES1171EP1, + /* X9.98/IEEE 1363.1 parameter sets for best speed */ + NTRU_EES659EP1, + NTRU_EES761EP1, + NTRU_EES1087EP1, + NTRU_EES1499EP1, + /* Best bandwidth and speed, no X9.98 compatibility */ + NTRU_EES401EP2, + NTRU_EES439EP1, + NTRU_EES593EP1, + NTRU_EES743EP1, +}; + +extern enum_name_t *ntru_param_set_id_names; + +/** + * NTRU encryption parameter set definitions + */ +struct ntru_param_set_t { + ntru_param_set_id_t id; /* NTRU parameter set ID */ + uint8_t oid[NTRU_OID_LEN]; /* pointer to OID */ + uint8_t der_id; /* parameter-set DER id */ + uint8_t N_bits; /* no. of bits in N (i.e. in an index */ + uint16_t N; /* ring dimension */ + uint16_t sec_strength_len; /* no. of octets of security strength */ + uint16_t q; /* big modulus */ + uint8_t q_bits; /* no. of bits in q (i.e. in a coefficient */ + bool is_product_form; /* if product form used */ + uint32_t dF_r; /* no. of +1 or -1 coefficients in ring elements + F, r */ + uint16_t dg; /* no. - 1 of +1 coefficients or + no. of -1 coefficients in ring element g */ + uint16_t m_len_max; /* max no. of plaintext octets */ + uint16_t min_msg_rep_wt; /* min. message representative weight */ + uint8_t c_bits; /* no. bits in candidate for deriving an index */ + uint8_t m_len_len; /* no. of octets to hold mLenOctets */ +}; + +/** + * Get NTRU encryption parameter set by NTRU parameter set ID + * + * @param id NTRU parameter set ID + * @return NTRU parameter set +*/ +ntru_param_set_t* ntru_param_set_get_by_id(ntru_param_set_id_t id); + +/** + * Get NTRU encryption parameter set by NTRU parameter set OID + * + * @param oid NTRU parameter set OID + * @return NTRU parameter set +*/ +ntru_param_set_t* ntru_param_set_get_by_oid(uint8_t const *oid); + +#endif /** NTRU_PARAM_SET_H_ @}*/ diff --git a/src/libstrongswan/plugins/ntru/ntru_poly.c b/src/libstrongswan/plugins/ntru/ntru_poly.c index 3f754f2a0..77ab54a5c 100644 --- a/src/libstrongswan/plugins/ntru/ntru_poly.c +++ b/src/libstrongswan/plugins/ntru/ntru_poly.c @@ -239,11 +239,29 @@ METHOD(ntru_poly_t, destroy, void, free(this); } -static void init_indices(private_ntru_poly_t *this, bool is_product_form, - uint32_t indices_len_p, uint32_t indices_len_m) +/** + * Creates an empty ntru_poly_t object with space allocated for indices + */ +static private_ntru_poly_t* ntru_poly_create(uint16_t N, uint16_t q, + uint32_t indices_len_p, + uint32_t indices_len_m, + bool is_product_form) { + private_ntru_poly_t *this; int n; + INIT(this, + .public = { + .get_size = _get_size, + .get_indices = _get_indices, + .get_array = _get_array, + .ring_mult = _ring_mult, + .destroy = _destroy, + }, + .N = N, + .q = q, + ); + if (is_product_form) { this->num_polynomials = 3; @@ -265,6 +283,8 @@ static void init_indices(private_ntru_poly_t *this, bool is_product_form, this->num_indices = indices_len_p + indices_len_m; } this->indices = malloc(sizeof(uint16_t) * this->num_indices); + + return this; } /* @@ -291,19 +311,8 @@ ntru_poly_t *ntru_poly_create_from_seed(hash_algorithm_t alg, chunk_t seed, } i = hash_len = mgf1->get_hash_size(mgf1); - INIT(this, - .public = { - .get_size = _get_size, - .get_indices = _get_indices, - .get_array = _get_array, - .ring_mult = _ring_mult, - .destroy = _destroy, - }, - .N = N, - .q = q, - ); + this = ntru_poly_create(N, q, indices_len_p, indices_len_m, is_product_form); - init_indices(this, is_product_form, indices_len_p, indices_len_m); used = malloc(N); limit = N * ((1 << c_bits) / N); @@ -390,19 +399,8 @@ ntru_poly_t *ntru_poly_create_from_data(uint16_t *data, uint16_t N, uint16_t q, private_ntru_poly_t *this; int i; - INIT(this, - .public = { - .get_size = _get_size, - .get_indices = _get_indices, - .get_array = _get_array, - .ring_mult = _ring_mult, - .destroy = _destroy, - }, - .N = N, - .q = q, - ); + this = ntru_poly_create(N, q, indices_len_p, indices_len_m, is_product_form); - init_indices(this, is_product_form, indices_len_p, indices_len_m); for (i = 0; i < this->num_indices; i++) { this->indices[i] = data[i]; diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.c b/src/libstrongswan/plugins/ntru/ntru_private_key.c new file mode 100644 index 000000000..fa87fe9c3 --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_private_key.c @@ -0,0 +1,892 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2009-2013 Security Innovation + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "ntru_private_key.h" +#include "ntru_trits.h" +#include "ntru_poly.h" +#include "ntru_convert.h" + +#include <utils/debug.h> +#include <utils/test.h> + +typedef struct private_ntru_private_key_t private_ntru_private_key_t; + +/** + * Private data of an ntru_private_key_t object. + */ +struct private_ntru_private_key_t { + + /** + * Public ntru_private_key_t interface. + */ + ntru_private_key_t public; + + /** + * NTRU Parameter Set + */ + ntru_param_set_t *params; + + /** + * Polynomial F which is the private key + */ + ntru_poly_t *privkey; + + /** + * Polynomial h which is the public key + */ + uint16_t *pubkey; + + /** + * Encoding of the private key + */ + chunk_t encoding; + + /** + * Deterministic Random Bit Generator + */ + ntru_drbg_t *drbg; + +}; + +METHOD(ntru_private_key_t, get_id, ntru_param_set_id_t, + private_ntru_private_key_t *this) +{ + return this->params->id; +} + +METHOD(ntru_private_key_t, get_public_key, ntru_public_key_t*, + private_ntru_private_key_t *this) +{ + return ntru_public_key_create(this->drbg, this->params, this->pubkey); +} + +/** + * Generate NTRU encryption private key encoding + */ +static void generate_encoding(private_ntru_private_key_t *this) +{ + size_t pubkey_len, privkey_len, privkey_trits_len, privkey_indices_len; + int privkey_pack_type; + uint16_t *indices; + uint8_t *trits; + u_char *enc; + + /* compute public key length encoded as packed coefficients */ + pubkey_len = (this->params->N * this->params->q_bits + 7) / 8; + + /* compute private key length encoded as packed trits coefficients */ + privkey_trits_len = (this->params->N + 4) / 5; + + /* compute private key length encoded as packed indices */ + privkey_indices_len = (this->privkey->get_size(this->privkey) * + this->params->N_bits + 7) / 8; + + if (this->params->is_product_form || + privkey_indices_len <= privkey_trits_len) + { + privkey_pack_type = NTRU_KEY_PACKED_INDICES; + privkey_len = privkey_indices_len; + } + else + { + privkey_pack_type = NTRU_KEY_PACKED_TRITS; + privkey_len = privkey_trits_len; + } + + /* allocate memory for private key encoding */ + this->encoding = chunk_alloc(2 + NTRU_OID_LEN + pubkey_len + privkey_len); + enc = this->encoding.ptr; + + /* format header and packed public key */ + *enc++ = NTRU_PRIVKEY_DEFAULT_TAG; + *enc++ = NTRU_OID_LEN; + memcpy(enc, this->params->oid, NTRU_OID_LEN); + enc += NTRU_OID_LEN; + ntru_elements_2_octets(this->params->N, this->pubkey, + this->params->q_bits, enc); + enc += pubkey_len; + + /* add packed private key */ + indices = this->privkey->get_indices(this->privkey); + + if (privkey_pack_type == NTRU_KEY_PACKED_TRITS) + { + /* encode private key as packed trits */ + trits = malloc(this->params->N); + ntru_indices_2_packed_trits(indices, this->params->dF_r, + this->params->dF_r, this->params->N, trits, enc); + memwipe(trits, this->params->N); + free(trits); + } + else + { + /* encode private key as packed indices */ + ntru_elements_2_octets(this->privkey->get_size(this->privkey), + indices, this->params->N_bits, enc); + } +} + +METHOD(ntru_private_key_t, get_encoding, chunk_t, + private_ntru_private_key_t *this) +{ + return this->encoding; +} + +/** + * Checks that the number of 0, +1, and -1 trinary ring elements meet or exceed + * a minimum weight. + * + * @param N degree of polynomial + * @param t array of trinary ring elements + * @param min_wt minimum weight + * @return TRUE if minimum weight met or exceeded + */ +bool ntru_check_min_weight(uint16_t N, uint8_t *t, uint16_t min_wt) +{ + uint16_t wt[3]; + bool success; + int i; + + wt[0] = wt[1] = wt[2] = 0; + + for (i = 0; i < N; i++) + { + ++wt[t[i]]; + } + success = (wt[0] >= min_wt) && (wt[1] >= min_wt) && (wt[2] >= min_wt); + + DBG2(DBG_LIB, "minimum weight = %u, so -1: %u, 0: %u, +1: %u is %sok", + min_wt, wt[2], wt[0], wt[1], success ? "" : "not "); + + return success; +} + +METHOD(ntru_private_key_t, decrypt, bool, + private_ntru_private_key_t *this, chunk_t ciphertext, chunk_t *plaintext) +{ + hash_algorithm_t hash_algid; + size_t t_len, seed1_len, seed2_len; + uint16_t *t1, *t2, *t = NULL; + uint16_t mod_q_mask, q_mod_p, cmprime_len, cm_len = 0, num_zeros; + uint8_t *Mtrin, *M, *cm, *mask_trits, *ptr; + int16_t m1 = 0; + chunk_t seed = chunk_empty; + ntru_trits_t *mask; + ntru_poly_t *r_poly; + bool msg_rep_good, success = TRUE; + int i; + + *plaintext = chunk_empty; + + if (ciphertext.len != (this->params->N * this->params->q_bits + 7) / 8) + { + DBG1(DBG_LIB, "wrong NTRU ciphertext length"); + return FALSE; + } + + /* allocate temporary array t */ + t_len = 2 * this->params->N * sizeof(uint16_t); + t = malloc(t_len); + t1 = t; + t2 = t + this->params->N; + Mtrin = (uint8_t *)t1; + M = Mtrin + this->params->N; + + /* set hash algorithm based on security strength */ + hash_algid = (this->params->sec_strength_len <= 20) ? HASH_SHA1 : + HASH_SHA256; + + /* set constants */ + mod_q_mask = this->params->q - 1; + q_mod_p = this->params->q % 3; + + /* unpack the ciphertext */ + ntru_octets_2_elements(ciphertext.len, ciphertext.ptr, + this->params->q_bits, t2); + + /* form cm': + * F * e + * A = e * (1 + pF) mod q = e + pFe mod q + * a = A in the range [-q/2, q/2) + * cm' = a mod p + */ + this->privkey->ring_mult(this->privkey, t2, t1); + + cmprime_len = this->params->N; + if (this->params->is_product_form) + { + --cmprime_len; + for (i = 0; i < cmprime_len; i++) + { + t1[i] = (t2[i] + 3 * t1[i]) & mod_q_mask; + if (t1[i] >= (this->params->q / 2)) + { + t1[i] -= q_mod_p; + } + Mtrin[i] = (uint8_t)(t1[i] % 3); + if (Mtrin[i] == 1) + { + ++m1; + } + else if (Mtrin[i] == 2) + { + --m1; + } + } + } + else + { + for (i = 0; i < cmprime_len; i++) + { + t1[i] = (t2[i] + 3 * t1[i]) & mod_q_mask; + if (t1[i] >= (this->params->q / 2)) + { + t1[i] -= q_mod_p; + } + Mtrin[i] = (uint8_t)(t1[i] % 3); + } + } + + /** + * check that the candidate message representative meets + * minimum weight requirements + */ + if (this->params->is_product_form) + { + msg_rep_good = (abs(m1) <= this->params->min_msg_rep_wt); + } + else + { + msg_rep_good = ntru_check_min_weight(cmprime_len, Mtrin, + this->params->min_msg_rep_wt); + } + if (!msg_rep_good) + { + DBG1(DBG_LIB, "decryption failed due to unsufficient minimum weight"); + success = FALSE; + } + + /* form cR = e - cm' mod q */ + for (i = 0; i < cmprime_len; i++) + { + if (Mtrin[i] == 1) + { + t2[i] = (t2[i] - 1) & mod_q_mask; + } + else if (Mtrin[i] == 2) + { + t2[i] = (t2[i] + 1) & mod_q_mask; + } + } + if (this->params->is_product_form) + { + t2[i] = (t2[i] + m1) & mod_q_mask; + } + + /* allocate memory for the larger of the two seeds */ + seed1_len = (this->params->N + 3)/4; + seed2_len = 3 + 2*this->params->sec_strength_len + this->params->m_len_max; + seed = chunk_alloc(max(seed1_len, seed2_len)); + seed.len = seed1_len; + + /* form cR mod 4 */ + ntru_coeffs_mod4_2_octets(this->params->N, t2, seed.ptr); + + /* form mask */ + mask = ntru_trits_create(this->params->N, hash_algid, seed); + if (!mask) + { + DBG1(DBG_LIB, "mask creation failed"); + success = FALSE; + goto err; + } + + mask_trits = mask->get_trits(mask); + + /* form cMtrin by subtracting mask from cm', mod p */ + for (i = 0; i < cmprime_len; i++) + { + Mtrin[i] -= mask_trits[i]; + if (Mtrin[i] >= 3) + { + Mtrin[i] += 3; + } + } + mask->destroy(mask); + + if (this->params->is_product_form) + { + /* set the last trit to zero since that's what it was, and + * because it can't be calculated from (cm' - mask) since + * we don't have the correct value for the last cm' trit + */ + Mtrin[i] = 0; + } + + /* convert cMtrin to cM (Mtrin to Mbin) */ + if (!ntru_trits_2_bits(Mtrin, this->params->N, M)) + { + success = FALSE; + goto err; + } + + /* skip the random padding */ + ptr = M + this->params->sec_strength_len; + + /* validate the padded message cM and copy cm to m_buf */ + if (this->params->m_len_len == 2) + { + cm_len = (uint16_t)(*ptr++) << 16; + } + cm_len |= (uint16_t)(*ptr++); + + if (cm_len > this->params->m_len_max) + { + cm_len = this->params->m_len_max; + DBG1(DBG_LIB, "NTRU message length is larger than maximum length"); + success = FALSE; + } + cm = ptr; + ptr += cm_len; + + /* check if the remaining padding consists of zeros */ + num_zeros = this->params->m_len_max - cm_len + 1; + for (i = 0; i < num_zeros; i++) + { + if (ptr[i] != 0) + { + DBG1(DBG_LIB, "non-zero trailing padding detected"); + success = FALSE; + break; + } + } + + /* form sData (OID || m || b || hTrunc) */ + ptr = seed.ptr; + memcpy(ptr, this->params->oid, 3); + ptr += 3; + memcpy(ptr, cm, cm_len); + ptr += cm_len; + memcpy(ptr, M, this->params->sec_strength_len); + ptr += this->params->sec_strength_len; + memcpy(ptr, this->encoding.ptr + 2 + NTRU_OID_LEN, + this->params->sec_strength_len); + ptr += this->params->sec_strength_len; + seed.len = ptr - seed.ptr; + + /* generate cr */ + DBG2(DBG_LIB, "generate polynomial r"); + r_poly = ntru_poly_create_from_seed(hash_algid, seed, + this->params->c_bits, this->params->N, + this->params->q, this->params->dF_r, + this->params->dF_r, this->params->is_product_form); + if (!r_poly) + { + success = FALSE; + goto err; + } + + /* output plaintext in allocated chunk */ + *plaintext = chunk_clone(chunk_create(cm, cm_len)); + + /* form cR' = h * cr */ + r_poly->ring_mult(r_poly, this->pubkey, t1); + r_poly->destroy(r_poly); + + /* compare cR' to cR */ + for (i = 0; i < this->params->N; i++) + { + if (t[i] != t2[i]) + { + DBG1(DBG_LIB, "cR' does not equal cR'"); + chunk_clear(plaintext); + success = FALSE; + break; + } + } + memwipe(t, t_len); + +err: + /* cleanup */ + chunk_clear(&seed); + free(t); + + return success; +} + +METHOD(ntru_private_key_t, destroy, void, + private_ntru_private_key_t *this) +{ + DESTROY_IF(this->privkey); + this->drbg->destroy(this->drbg); + chunk_clear(&this->encoding); + free(this->pubkey); + free(this); +} + +/** + * Multiplies ring element (polynomial) "a" by ring element (polynomial) "b" + * to produce ring element (polynomial) "c" in (Z/qZ)[X]/(X^N - 1). + * This is a convolution operation. + * + * Ring element "b" has coefficients in the range [0,N). + * + * This assumes q is 2^r where 8 < r < 16, so that overflow of the sum + * beyond 16 bits does not matter. + * + * @param a polynomial a + * @param b polynomial b + * @param N no. of coefficients in a, b, c + * @param q large modulus + * @param c polynomial c = a * b + */ +static void ring_mult_c(uint16_t *a, uint16_t *b, uint16_t N, uint16_t q, + uint16_t *c) +{ + uint16_t *bptr = b; + uint16_t mod_q_mask = q - 1; + int i, k; + + /* c[k] = sum(a[i] * b[k-i]) mod q */ + memset(c, 0, N * sizeof(uint16_t)); + for (k = 0; k < N; k++) + { + i = 0; + while (i <= k) + { + c[k] += a[i++] * *bptr--; + } + bptr += N; + while (i < N) + { + c[k] += a[i++] * *bptr--; + } + c[k] &= mod_q_mask; + ++bptr; + } +} + +/** + * Finds the inverse of a polynomial a in (Z/2^rZ)[X]/(X^N - 1). + * + * This assumes q is 2^r where 8 < r < 16, so that operations mod q can + * wait until the end, and only 16-bit arrays need to be used. + * + * @param a polynomial a + * @param N no. of coefficients in a + * @param q large modulus + * @param t temporary buffer of size 2N elements + * @param a_inv polynomial for inverse of a + */ +static bool ring_inv(uint16_t *a, uint16_t N, uint16_t q, uint16_t *t, + uint16_t *a_inv) +{ + uint8_t *b = (uint8_t *)t; + uint8_t *c = b + N; + uint8_t *f = c + N; + uint8_t *g = (uint8_t *)a_inv; + uint16_t *t2 = t + N; + uint16_t deg_b, deg_c, deg_f, deg_g; + bool done = FALSE; + int i, j, k = 0; + + /* form a^-1 in (Z/2Z)[X]/X^N - 1) */ + memset(b, 0, 2 * N); /* clear to init b, c */ + + /* b(X) = 1 */ + b[0] = 1; + deg_b = 0; + + /* c(X) = 0 (cleared above) */ + deg_c = 0; + + /* f(X) = a(X) mod 2 */ + for (i = 0; i < N; i++) + { + f[i] = (uint8_t)(a[i] & 1); + } + deg_f = N - 1; + + /* g(X) = X^N - 1 */ + g[0] = 1; + memset(g + 1, 0, N - 1); + g[N] = 1; + deg_g = N; + + /* until f(X) = 1 */ + while (!done) + { + /* while f[0] = 0, f(X) /= X, c(X) *= X, k++ */ + for (i = 0; (i <= deg_f) && (f[i] == 0); ++i); + + if (i > deg_f) + { + return FALSE; + } + if (i) + { + f = f + i; + deg_f = deg_f - i; + deg_c = deg_c + i; + for (j = deg_c; j >= i; j--) + { + c[j] = c[j-i]; + } + for (j = 0; j < i; j++) + { + c[j] = 0; + } + k = k + i; + } + + /* adjust degree of f(X) if the highest coefficients are zero + * Note: f[0] = 1 from above so the loop will terminate. + */ + while (f[deg_f] == 0) + { + --deg_f; + } + + /* if f(X) = 1, done + * Note: f[0] = 1 from above, so only check the x term and up + */ + for (i = 1; (i <= deg_f) && (f[i] == 0); ++i); + + if (i > deg_f) + { + done = TRUE; + break; + } + + /* if deg_f < deg_g, f <-> g, b <-> c */ + if (deg_f < deg_g) + { + uint8_t *x; + + x = f; + f = g; + g = x; + deg_f ^= deg_g; + deg_g ^= deg_f; + deg_f ^= deg_g; + x = b; + b = c; + c = x; + deg_b ^= deg_c; + deg_c ^= deg_b; + deg_b ^= deg_c; + } + + /* f(X) += g(X), b(X) += c(X) */ + for (i = 0; i <= deg_g; i++) + { + f[i] ^= g[i]; + } + if (deg_c > deg_b) + { + deg_b = deg_c; + } + for (i = 0; i <= deg_c; i++) + { + b[i] ^= c[i]; + } + } + + /* a^-1 in (Z/2Z)[X]/(X^N - 1) = b(X) shifted left k coefficients */ + j = 0; + if (k >= N) + { + k = k - N; + } + for (i = k; i < N; i++) + { + a_inv[j++] = (uint16_t)(b[i]); + } + for (i = 0; i < k; i++) + { + a_inv[j++] = (uint16_t)(b[i]); + } + + /* lift a^-1 in (Z/2Z)[X]/(X^N - 1) to a^-1 in (Z/qZ)[X]/(X^N -1) */ + for (j = 0; j < 4; ++j) /* assumes 256 < q <= 65536 */ + { + /* a^-1 = a^-1 * (2 - a * a^-1) mod q */ + memcpy(t2, a_inv, N * sizeof(uint16_t)); + ring_mult_c(a, t2, N, q, t); + for (i = 0; i < N; ++i) + { + t[i] = q - t[i]; + } + t[0] = t[0] + 2; + ring_mult_c(t2, t, N, q, a_inv); + } + + return TRUE; +} + +/* + * Described in header. + */ +ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, + ntru_param_set_t *params) +{ + private_ntru_private_key_t *this; + size_t t_len; + uint16_t *t1, *t2, *t = NULL; + uint16_t mod_q_mask; + hash_algorithm_t hash_algid; + ntru_poly_t *g_poly; + chunk_t seed; + int i; + + INIT(this, + .public = { + .get_id = _get_id, + .get_public_key = _get_public_key, + .get_encoding = _get_encoding, + .decrypt = _decrypt, + .destroy = _destroy, + }, + .params = params, + .pubkey = malloc(params->N * sizeof(uint16_t)), + .drbg = drbg->get_ref(drbg), + ); + + /* set hash algorithm and seed length based on security strength */ + if (params->sec_strength_len <= 20) + { + hash_algid = HASH_SHA1; + } + else + { + hash_algid = HASH_SHA256; + } + seed =chunk_alloc(params->sec_strength_len + 8); + + /* get random seed for generating trinary F as a list of indices */ + if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE, + seed.len, seed.ptr)) + { + goto err; + } + + DBG2(DBG_LIB, "generate polynomial F"); + this->privkey = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, + params->N, params->q, + params->dF_r, params->dF_r, + params->is_product_form); + if (!this->privkey) + { + goto err; + } + + /* allocate temporary array t */ + t_len = 3 * params->N * sizeof(uint16_t); + t = malloc(t_len); + t1 = t + 2 * params->N; + + /* extend sparse private key polynomial f to N array elements */ + this->privkey->get_array(this->privkey, t1); + + /* set mask for large modulus */ + mod_q_mask = params->q - 1; + + /* form f = 1 + pF */ + for (i = 0; i < params->N; i++) + { + t1[i] = (t1[i] * 3) & mod_q_mask; + } + t1[0] = (t1[0] + 1) & mod_q_mask; + + /* use the public key array as a temporary buffer */ + t2 = this->pubkey; + + /* find f^-1 in (Z/qZ)[X]/(X^N - 1) */ + if (!ring_inv(t1, params->N, params->q, t, t2)) + { + goto err; + } + + /* get random seed for generating trinary g as a list of indices */ + if (!drbg->generate(drbg, params->sec_strength_len * BITS_PER_BYTE, + seed.len, seed.ptr)) + { + goto err; + } + + DBG2(DBG_LIB, "generate polynomial g"); + g_poly = ntru_poly_create_from_seed(hash_algid, seed, params->c_bits, + params->N, params->q, params->dg + 1, + params->dg, FALSE); + if (!g_poly) + { + goto err; + } + + /* compute public key polynomial h = p * (f^-1 * g) mod q */ + g_poly->ring_mult(g_poly, t2, t2); + g_poly->destroy(g_poly); + + for (i = 0; i < params->N; i++) + { + this->pubkey[i] = (t2[i] * 3) & mod_q_mask; + } + + /* cleanup temporary storage */ + chunk_clear(&seed); + memwipe(t, t_len); + free(t); + + /* generate private key encoding */ + generate_encoding(this); + + return &this->public; + +err: + chunk_free(&seed); + free(t); + destroy(this); + + return NULL; +} + +/* + * Described in header. + */ +ntru_private_key_t *ntru_private_key_create_from_data(ntru_drbg_t *drbg, + chunk_t data) +{ + private_ntru_private_key_t *this; + size_t header_len, pubkey_packed_len, privkey_packed_len; + size_t privkey_packed_trits_len, privkey_packed_indices_len; + uint8_t *privkey_packed, tag; + uint16_t *indices, dF; + ntru_param_set_t *params; + + header_len = 2 + NTRU_OID_LEN; + + /* check the NTRU public key header format */ + if (data.len < header_len || + !(data.ptr[0] == NTRU_PRIVKEY_DEFAULT_TAG || + data.ptr[0] == NTRU_PRIVKEY_TRITS_TAG || + data.ptr[0] == NTRU_PRIVKEY_INDICES_TAG) || + data.ptr[1] != NTRU_OID_LEN) + { + DBG1(DBG_LIB, "loaded NTRU private key with invalid header"); + return NULL; + } + tag = data.ptr[0]; + params = ntru_param_set_get_by_oid(data.ptr + 2); + + if (!params) + { + DBG1(DBG_LIB, "loaded NTRU private key with unknown OID"); + return NULL; + } + + pubkey_packed_len = (params->N * params->q_bits + 7) / 8; + privkey_packed_trits_len = (params->N + 4) / 5; + + /* check packing type for product-form private keys */ + if (params->is_product_form && tag == NTRU_PRIVKEY_TRITS_TAG) + { + DBG1(DBG_LIB, "a product-form NTRU private key cannot be trits-encoded"); + return NULL; + } + + /* set packed-key length for packed indices */ + if (params->is_product_form) + { + dF = (uint16_t)((params->dF_r & 0xff) + /* df1 */ + ((params->dF_r >> 8) & 0xff) + /* df2 */ + ((params->dF_r >> 16) & 0xff)); /* df3 */ + } + else + { + dF = (uint16_t)params->dF_r; + } + privkey_packed_indices_len = (2 * dF * params->N_bits + 7) / 8; + + /* set private-key packing type if defaulted */ + if (tag == NTRU_PRIVKEY_DEFAULT_TAG) + { + if (params->is_product_form || + privkey_packed_indices_len <= privkey_packed_trits_len) + { + tag = NTRU_PRIVKEY_INDICES_TAG; + } + else + { + tag = NTRU_PRIVKEY_TRITS_TAG; + } + } + privkey_packed_len = (tag == NTRU_PRIVKEY_TRITS_TAG) ? + privkey_packed_trits_len : privkey_packed_indices_len; + + if (data.len < header_len + pubkey_packed_len + privkey_packed_len) + { + DBG1(DBG_LIB, "loaded NTRU private key with wrong packed key size"); + return NULL; + } + + INIT(this, + .public = { + .get_id = _get_id, + .get_public_key = _get_public_key, + .get_encoding = _get_encoding, + .decrypt = _decrypt, + .destroy = _destroy, + }, + .params = params, + .pubkey = malloc(params->N * sizeof(uint16_t)), + .encoding = chunk_clone(data), + .drbg = drbg->get_ref(drbg), + ); + + /* unpack the encoded public key */ + ntru_octets_2_elements(pubkey_packed_len, data.ptr + header_len, + params->q_bits, this->pubkey); + + /* allocate temporary memory for indices */ + indices = malloc(2 * dF * sizeof(uint16_t)); + + /* unpack the private key */ + privkey_packed = data.ptr + header_len + pubkey_packed_len; + if (tag == NTRU_PRIVKEY_TRITS_TAG) + { + ntru_packed_trits_2_indices(privkey_packed, params->N, + indices, indices + dF); + } + else + { + ntru_octets_2_elements(privkey_packed_indices_len, privkey_packed, + params->N_bits, indices); + } + this->privkey = ntru_poly_create_from_data(indices, params->N, params->q, + params->dF_r, params->dF_r, + params->is_product_form); + + /* cleanup */ + memwipe(indices, 2 * dF * sizeof(uint16_t)); + free(indices); + + return &this->public; +} + +EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create); + +EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create_from_data); diff --git a/src/libstrongswan/plugins/ntru/ntru_private_key.h b/src/libstrongswan/plugins/ntru/ntru_private_key.h new file mode 100644 index 000000000..c6f08440f --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_private_key.h @@ -0,0 +1,92 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup ntru_private_key ntru_private_key + * @{ @ingroup ntru_p + */ + +#ifndef NTRU_PRIVATE_KEY_H_ +#define NTRU_PRIVATE_KEY_H_ + +typedef struct ntru_private_key_t ntru_private_key_t; + +#include "ntru_drbg.h" +#include "ntru_param_set.h" +#include "ntru_public_key.h" + +#include <library.h> + +/** + * Implements an NTRU encryption public/private key pair + */ +struct ntru_private_key_t { + + /** + * Returns NTRU parameter set ID of the private key + * + * @return NTRU parameter set ID + */ + ntru_param_set_id_t (*get_id)(ntru_private_key_t *this); + + /** + * Returns the NTRU encryption public key as an encoded binary blob + * + * @return NTRU encryption public key (must be freed after use) + */ + ntru_public_key_t* (*get_public_key)(ntru_private_key_t *this); + + /** + * Returns the packed encoding of the NTRU encryption private key + * + * @return Packed encoding of NTRU encryption private key + */ + chunk_t (*get_encoding)(ntru_private_key_t *this); + + /** + * Decrypts an NTRU ciphertext + * + * @param ciphertext NTRU Ciphertext + * @param plaintext Plaintext + * @return TRUE if decryption was successful + */ + bool (*decrypt)(ntru_private_key_t *this, chunk_t ciphertext, + chunk_t *plaintext); + + /** + * Destroy ntru_private_key_t object + */ + void (*destroy)(ntru_private_key_t *this); +}; + +/** + * Creates an NTRU encryption public/private key pair using a NIST DRBG + * + * @param drbg Digital Random Bit Generator used for key generation + * @param params NTRU encryption parameter set to be used + */ +ntru_private_key_t *ntru_private_key_create(ntru_drbg_t *drbg, ntru_param_set_t *params); + +/** + * Creates an NTRU encryption private key from encoding + * + * @param drbg Deterministic random bit generator + * @param data Encoded NTRU private key + */ +ntru_private_key_t *ntru_private_key_create_from_data(ntru_drbg_t *drbg, + chunk_t data); + +#endif /** NTRU_PRIVATE_KEY_H_ @}*/ + diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.c b/src/libstrongswan/plugins/ntru/ntru_public_key.c new file mode 100644 index 000000000..a2ff1b2b0 --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_public_key.c @@ -0,0 +1,408 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Copyright (C) 2009-2013 Security Innovation + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "ntru_public_key.h" +#include "ntru_trits.h" +#include "ntru_poly.h" +#include "ntru_convert.h" + +#include <utils/debug.h> +#include <utils/test.h> + +typedef struct private_ntru_public_key_t private_ntru_public_key_t; + +/** + * Private data of an ntru_public_key_t object. + */ +struct private_ntru_public_key_t { + /** + * Public ntru_public_key_t interface. + */ + ntru_public_key_t public; + + /** + * NTRU Parameter Set + */ + ntru_param_set_t *params; + + /** + * Polynomial h which is the public key + */ + uint16_t *pubkey; + + /** + * Encoding of the public key + */ + chunk_t encoding; + + /** + * Deterministic Random Bit Generator + */ + ntru_drbg_t *drbg; + +}; + +METHOD(ntru_public_key_t, get_id, ntru_param_set_id_t, + private_ntru_public_key_t *this) +{ + return this->params->id; +} + +/** + * Generate NTRU encryption public key encoding + */ +static void generate_encoding(private_ntru_public_key_t *this) +{ + size_t pubkey_len; + u_char *enc; + + /* compute public key length encoded as packed coefficients */ + pubkey_len = (this->params->N * this->params->q_bits + 7) / 8; + + /* allocate memory for public key encoding */ + this->encoding = chunk_alloc(2 + NTRU_OID_LEN + pubkey_len); + enc = this->encoding.ptr; + + /* format header and packed public key */ + *enc++ = NTRU_PUBKEY_TAG; + *enc++ = NTRU_OID_LEN; + memcpy(enc, this->params->oid, NTRU_OID_LEN); + enc += NTRU_OID_LEN; + ntru_elements_2_octets(this->params->N, this->pubkey, + this->params->q_bits, enc); +} + +METHOD(ntru_public_key_t, get_encoding, chunk_t, + private_ntru_public_key_t *this) +{ + return this->encoding; +} + +#define MAX_SEC_STRENGTH_LEN 32 /* bytes */ + +/** + * Shared with ntru_private_key.c + */ +extern bool ntru_check_min_weight(uint16_t N, uint8_t *t, uint16_t min_wt); + +METHOD(ntru_public_key_t, encrypt, bool, + private_ntru_public_key_t *this, chunk_t plaintext, chunk_t *ciphertext) +{ + hash_algorithm_t hash_algid; + size_t t_len, seed1_len, seed2_len; + uint16_t *t1, *t = NULL; + uint8_t b[MAX_SEC_STRENGTH_LEN]; + uint8_t *t2, *Mtrin, *M, *mask_trits, *ptr; + uint16_t mod_q_mask, mprime_len = 0; + int16_t m1 = 0; + chunk_t seed = chunk_empty; + ntru_trits_t *mask; + ntru_poly_t *r_poly; + bool msg_rep_good, success = FALSE; + int i; + + *ciphertext = chunk_empty; + + if (plaintext.len > this->params->m_len_max) + { + DBG1(DBG_LIB, "plaintext exceeds maximum size"); + return FALSE; + } + + if (this->params->sec_strength_len > MAX_SEC_STRENGTH_LEN) + { + DBG1(DBG_LIB, "required security strength exceeds %d bits", + MAX_SEC_STRENGTH_LEN * BITS_PER_BYTE); + return FALSE; + } + + /* allocate temporary array t */ + t_len = (sizeof(uint16_t) + 3*sizeof(uint8_t)) * this->params->N; + t = malloc(t_len); + t1 = t; + t2 = (uint8_t *)(t1 + this->params->N); + Mtrin = t2 + this->params->N; + M = Mtrin + this->params->N; + + /* set hash algorithm based on security strength */ + hash_algid = (this->params->sec_strength_len <= 20) ? HASH_SHA1 : + HASH_SHA256; + /* set constants */ + mod_q_mask = this->params->q - 1; + + /* allocate memory for the larger of the two seeds */ + seed1_len = (this->params->N + 3)/4; + seed2_len = 3 + 2*this->params->sec_strength_len + plaintext.len; + seed = chunk_alloc(max(seed1_len, seed2_len)); + + /* loop until a message representative with proper weight is achieved */ + do + { + if (!this->drbg->generate(this->drbg, + this->params->sec_strength_len * BITS_PER_BYTE, + this->params->sec_strength_len, b)) + { + goto err; + } + + /* form sData (OID || m || b || hTrunc) */ + ptr = seed.ptr; + memcpy(ptr, this->params->oid, NTRU_OID_LEN); + ptr += NTRU_OID_LEN; + memcpy(ptr, plaintext.ptr, plaintext.len); + ptr += plaintext.len; + memcpy(ptr, b, this->params->sec_strength_len); + ptr += this->params->sec_strength_len; + memcpy(ptr, this->encoding.ptr + 2 + NTRU_OID_LEN, + this->params->sec_strength_len); + ptr += this->params->sec_strength_len; + seed.len = seed2_len; + + DBG2(DBG_LIB, "generate polynomial r"); + r_poly = ntru_poly_create_from_seed(hash_algid, seed, this->params->c_bits, + this->params->N, this->params->q, + this->params->dF_r, this->params->dF_r, + this->params->is_product_form); + if (!r_poly) + { + goto err; + } + + /* form R = h * r */ + r_poly->ring_mult(r_poly, this->pubkey, t1); + r_poly->destroy(r_poly); + + /* form R mod 4 */ + ntru_coeffs_mod4_2_octets(this->params->N, t1, seed.ptr); + seed.len = seed1_len; + + /* form mask */ + mask = ntru_trits_create(this->params->N, hash_algid, seed); + if (!mask) + { + DBG1(DBG_LIB, "mask creation failed"); + goto err; + } + + /* form the padded message M */ + ptr = M; + memcpy(ptr, b, this->params->sec_strength_len); + ptr += this->params->sec_strength_len; + if (this->params->m_len_len == 2) + { + *ptr++ = (uint8_t)((plaintext.len >> 8) & 0xff); + } + *ptr++ = (uint8_t)(plaintext.len & 0xff); + memcpy(ptr, plaintext.ptr, plaintext.len); + ptr += plaintext.len; + + /* add an extra zero byte in case without it the bit string + * is not a multiple of 3 bits and therefore might not be + * able to produce enough trits + */ + memset(ptr, 0, this->params->m_len_max - plaintext.len + 2); + + /* convert M to trits (Mbin to Mtrin) */ + mprime_len = this->params->N; + if (this->params->is_product_form) + { + --mprime_len; + } + ntru_bits_2_trits(M, mprime_len, Mtrin); + mask_trits = mask->get_trits(mask); + + + /* form the msg representative m' by adding Mtrin to mask, mod p */ + if (this->params->is_product_form) + { + m1 = 0; + for (i = 0; i < mprime_len; i++) + { + t2[i] = mask_trits[i] + Mtrin[i]; + if (t2[i] >= 3) + { + t2[i] -= 3; + } + if (t2[i] == 1) + { + ++m1; + } + else if (t2[i] == 2) + { + --m1; + } + } + } + else + { + for (i = 0; i < mprime_len; i++) + { + t2[i] = mask_trits[i] + Mtrin[i]; + if (t2[i] >= 3) + { + t2[i] -= 3; + } + } + } + mask->destroy(mask); + + /* check that message representative meets minimum weight + * requirements + */ + if (this->params->is_product_form) + { + msg_rep_good = (abs(m1) <= this->params->min_msg_rep_wt); + } + else + { + msg_rep_good = ntru_check_min_weight(mprime_len, t2, + this->params->min_msg_rep_wt); + } + } + while (!msg_rep_good); + + /* form ciphertext e by adding m' to R mod q */ + for (i = 0; i < mprime_len; i++) + { + if (t2[i] == 1) + { + t1[i] = (t1[i] + 1) & mod_q_mask; + } + else if (t2[i] == 2) + { + t1[i] = (t1[i] - 1) & mod_q_mask; + } + } + if (this->params->is_product_form) + { + t1[i] = (t1[i] - m1) & mod_q_mask; + } + + /* pack ciphertext */ + *ciphertext = chunk_alloc((this->params->N * this->params->q_bits + 7) / 8); + ntru_elements_2_octets(this->params->N, t1, this->params->q_bits, + ciphertext->ptr); + + memwipe(t, t_len); + success = TRUE; + +err: + /* cleanup */ + chunk_clear(&seed); + free(t); + + return success; +} +METHOD(ntru_public_key_t, destroy, void, + private_ntru_public_key_t *this) +{ + this->drbg->destroy(this->drbg); + chunk_clear(&this->encoding); + free(this->pubkey); + free(this); +} + +/* + * Described in header. + */ +ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg, + ntru_param_set_t *params, + uint16_t *pubkey) +{ + private_ntru_public_key_t *this; + int i; + + INIT(this, + .public = { + .get_id = _get_id, + .get_encoding = _get_encoding, + .encrypt = _encrypt, + .destroy = _destroy, + }, + .params = params, + .pubkey = malloc(params->N * sizeof(uint16_t)), + .drbg = drbg->get_ref(drbg), + ); + + for (i = 0; i < params->N; i++) + { + this->pubkey[i] = pubkey[i]; + } + + /* generate public key encoding */ + generate_encoding(this); + + return &this->public; +} + +/* + * Described in header. + */ +ntru_public_key_t *ntru_public_key_create_from_data(ntru_drbg_t *drbg, + chunk_t data) +{ + private_ntru_public_key_t *this; + size_t header_len, pubkey_packed_len; + ntru_param_set_t *params; + + header_len = 2 + NTRU_OID_LEN; + + /* check the NTRU public key header format */ + if (data.len < header_len || + data.ptr[0] != NTRU_PUBKEY_TAG || + data.ptr[1] != NTRU_OID_LEN) + { + DBG1(DBG_LIB, "received NTRU public key with invalid header"); + return NULL; + } + params = ntru_param_set_get_by_oid(data.ptr + 2); + + if (!params) + { + DBG1(DBG_LIB, "received NTRU public key with unknown OID"); + return NULL; + } + + pubkey_packed_len = (params->N * params->q_bits + 7) / 8; + + if (data.len < header_len + pubkey_packed_len) + { + DBG1(DBG_LIB, "received NTRU public key with wrong packed key size"); + return NULL; + } + + INIT(this, + .public = { + .get_id = _get_id, + .get_encoding = _get_encoding, + .encrypt = _encrypt, + .destroy = _destroy, + }, + .params = params, + .pubkey = malloc(params->N * sizeof(uint16_t)), + .encoding = chunk_clone(data), + .drbg = drbg->get_ref(drbg), + ); + + /* unpack the encoded public key */ + ntru_octets_2_elements(pubkey_packed_len, data.ptr + header_len, + params->q_bits, this->pubkey); + + return &this->public; +} + +EXPORT_FUNCTION_FOR_TESTS(ntru, ntru_public_key_create_from_data); diff --git a/src/libstrongswan/plugins/ntru/ntru_public_key.h b/src/libstrongswan/plugins/ntru/ntru_public_key.h new file mode 100644 index 000000000..baa8eabcd --- /dev/null +++ b/src/libstrongswan/plugins/ntru/ntru_public_key.h @@ -0,0 +1,88 @@ +/* + * Copyright (C) 2014 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup ntru_public_key ntru_public_key + * @{ @ingroup ntru_p + */ + +#ifndef NTRU_PUBLIC_KEY_H_ +#define NTRU_PUBLIC_KEY_H_ + +typedef struct ntru_public_key_t ntru_public_key_t; + +#include "ntru_param_set.h" +#include "ntru_drbg.h" + +#include <library.h> + +/** + * Implements an NTRU encryption public key + */ +struct ntru_public_key_t { + + /** + * Returns NTRU parameter set ID of the public key + * + * @return NTRU parameter set ID + */ + ntru_param_set_id_t (*get_id)(ntru_public_key_t *this); + + /** + * Returns the packed encoding of the NTRU encryption public key + * + * @return Packed encoding of NTRU encryption public key + */ + chunk_t (*get_encoding)(ntru_public_key_t *this); + + /** + * Encrypts a plaintext with the NTRU public key + * + * @param ciphertext Plaintext + * @param plaintext Ciphertext + * @return TRUE if encryption was successful + */ + bool (*encrypt)(ntru_public_key_t *this, chunk_t plaintext, + chunk_t *ciphertext); + + /** + * Destroy ntru_public_key_t object + */ + void (*destroy)(ntru_public_key_t *this); +}; + +/** + * Creates an NTRU encryption public key from coefficients + * + * @param drbg Deterministic random bit generator + * @param params NTRU encryption parameter set to be used + * @param pubkey Coefficients of public key polynomial h + */ +ntru_public_key_t *ntru_public_key_create(ntru_drbg_t *drbg, + ntru_param_set_t *params, + uint16_t *pubkey); + +/** + * Creates an NTRU encryption public key from encoding + * + * @param drbg Deterministic random bit generator + * @param data Encoded NTRU public key + */ +ntru_public_key_t *ntru_public_key_create_from_data(ntru_drbg_t *drbg, + chunk_t data); + + +#endif /** NTRU_PUBLIC_KEY_H_ @}*/ + diff --git a/src/libstrongswan/plugins/ntru/ntru_trits.c b/src/libstrongswan/plugins/ntru/ntru_trits.c index f82501629..1abb7671c 100644 --- a/src/libstrongswan/plugins/ntru/ntru_trits.c +++ b/src/libstrongswan/plugins/ntru/ntru_trits.c @@ -15,8 +15,7 @@ #include "ntru_trits.h" #include "ntru_mgf1.h" - -#include "ntru_crypto/ntru_crypto_ntru_convert.h" +#include "ntru_convert.h" #include <utils/debug.h> #include <utils/test.h> diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index f0735294b..5d8ada2fa 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -379,7 +379,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.c b/src/libstrongswan/plugins/openssl/openssl_gcm.c index 842111bd3..147e4afb4 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.c +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.c @@ -202,7 +202,8 @@ METHOD(aead_t, destroy, void, /* * Described in header */ -aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size) +aead_t *openssl_gcm_create(encryption_algorithm_t algo, + size_t key_size, size_t salt_size) { private_aead_t *this; @@ -236,6 +237,13 @@ aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size) return NULL; } + if (salt_size && salt_size != SALT_LEN) + { + /* currently not supported */ + free(this); + return NULL; + } + switch (algo) { case ENCR_AES_GCM_ICV8: diff --git a/src/libstrongswan/plugins/openssl/openssl_gcm.h b/src/libstrongswan/plugins/openssl/openssl_gcm.h index 12d2e8ab6..4ae268bd6 100644 --- a/src/libstrongswan/plugins/openssl/openssl_gcm.h +++ b/src/libstrongswan/plugins/openssl/openssl_gcm.h @@ -30,8 +30,10 @@ * * @param algo algorithm to implement * @param key_size key size in bytes + * @param salt_size size of implicit salt length * @return aead_t object, NULL if not supported */ -aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size); +aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size, + size_t salt_size); #endif /** OPENSSL_GCM_H_ @}*/ diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index f0c172629..9748e28f2 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -222,7 +222,21 @@ bool openssl_rsa_fingerprint(RSA *rsa, cred_encoding_type_t type, chunk_t *fp) i2d_RSA_PUBKEY(rsa, &p); break; default: - return FALSE; + { + chunk_t n = chunk_empty, e = chunk_empty; + bool success = FALSE; + + if (openssl_bn2chunk(rsa->n, &n) && + openssl_bn2chunk(rsa->e, &e)) + { + success = lib->encoding->encode(lib->encoding, type, rsa, fp, + CRED_PART_RSA_MODULUS, n, + CRED_PART_RSA_PUB_EXP, e, CRED_PART_END); + } + chunk_free(&n); + chunk_free(&e); + return success; + } } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); if (!hasher || !hasher->allocate_hash(hasher, key, fp)) diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 55c0271ce..0450ab053 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pem/Makefile.in b/src/libstrongswan/plugins/pem/Makefile.in index 22c33b0c8..300615eb7 100644 --- a/src/libstrongswan/plugins/pem/Makefile.in +++ b/src/libstrongswan/plugins/pem/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c index 9c8237e4d..df4b77cc3 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.c +++ b/src/libstrongswan/plugins/pem/pem_encoder.c @@ -106,6 +106,12 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, label = "CERTIFICATE REQUEST"; break; } + if (cred_encoding_args(args, CRED_PART_X509_AC_ASN1_DER, + &asn1, CRED_PART_END)) + { + label = "ATTRIBUTE CERTIFICATE"; + break; + } default: return FALSE; } @@ -154,4 +160,3 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, encoding->len = pos - encoding->ptr; return TRUE; } - diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in index e2491f5a4..ca8743bc0 100644 --- a/src/libstrongswan/plugins/pgp/Makefile.in +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pkcs1/Makefile.in b/src/libstrongswan/plugins/pkcs1/Makefile.in index d3f3fdf49..c563806ee 100644 --- a/src/libstrongswan/plugins/pkcs1/Makefile.in +++ b/src/libstrongswan/plugins/pkcs1/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c index b304a5101..eb0903d47 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c @@ -46,6 +46,9 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(PRIVKEY, KEY_RSA), PLUGIN_REGISTER(PUBKEY, pkcs1_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_ANY), + PLUGIN_SDEPEND(PUBKEY, KEY_RSA), + PLUGIN_SDEPEND(PUBKEY, KEY_ECDSA), + PLUGIN_SDEPEND(PUBKEY, KEY_DSA), PLUGIN_REGISTER(PUBKEY, pkcs1_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_RSA), }; diff --git a/src/libstrongswan/plugins/pkcs11/Makefile.in b/src/libstrongswan/plugins/pkcs11/Makefile.in index c8cec3771..5d2f39c9e 100644 --- a/src/libstrongswan/plugins/pkcs11/Makefile.in +++ b/src/libstrongswan/plugins/pkcs11/Makefile.in @@ -375,7 +375,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pkcs12/Makefile.in b/src/libstrongswan/plugins/pkcs12/Makefile.in index 67b1f4f57..f398652d5 100644 --- a/src/libstrongswan/plugins/pkcs12/Makefile.in +++ b/src/libstrongswan/plugins/pkcs12/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pkcs7/Makefile.in b/src/libstrongswan/plugins/pkcs7/Makefile.in index feff6e5b0..7d1c65538 100644 --- a/src/libstrongswan/plugins/pkcs7/Makefile.in +++ b/src/libstrongswan/plugins/pkcs7/Makefile.in @@ -374,7 +374,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/pkcs8/Makefile.in b/src/libstrongswan/plugins/pkcs8/Makefile.in index 35a5c9a35..fca8fd1f9 100644 --- a/src/libstrongswan/plugins/pkcs8/Makefile.in +++ b/src/libstrongswan/plugins/pkcs8/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/plugin_feature.c b/src/libstrongswan/plugins/plugin_feature.c index 8a1958be5..65cdbe9d9 100644 --- a/src/libstrongswan/plugins/plugin_feature.c +++ b/src/libstrongswan/plugins/plugin_feature.c @@ -73,25 +73,55 @@ u_int32_t plugin_feature_hash(plugin_feature_t *feature) data = chunk_empty; break; case FEATURE_CRYPTER: + data = chunk_from_thing(feature->arg.crypter); + break; case FEATURE_AEAD: + data = chunk_from_thing(feature->arg.aead); + break; case FEATURE_SIGNER: + data = chunk_from_thing(feature->arg.signer); + break; case FEATURE_HASHER: + data = chunk_from_thing(feature->arg.hasher); + break; case FEATURE_PRF: + data = chunk_from_thing(feature->arg.prf); + break; case FEATURE_DH: + data = chunk_from_thing(feature->arg.dh_group); + break; case FEATURE_PRIVKEY: + data = chunk_from_thing(feature->arg.privkey); + break; case FEATURE_PRIVKEY_GEN: + data = chunk_from_thing(feature->arg.privkey_gen); + break; case FEATURE_PUBKEY: + data = chunk_from_thing(feature->arg.pubkey); + break; case FEATURE_PRIVKEY_SIGN: + data = chunk_from_thing(feature->arg.privkey_sign); + break; case FEATURE_PUBKEY_VERIFY: + data = chunk_from_thing(feature->arg.pubkey_verify); + break; case FEATURE_PRIVKEY_DECRYPT: + data = chunk_from_thing(feature->arg.privkey_decrypt); + break; case FEATURE_PUBKEY_ENCRYPT: + data = chunk_from_thing(feature->arg.pubkey_encrypt); + break; case FEATURE_CERT_DECODE: case FEATURE_CERT_ENCODE: + data = chunk_from_thing(feature->arg.cert); + break; case FEATURE_CONTAINER_DECODE: case FEATURE_CONTAINER_ENCODE: + data = chunk_from_thing(feature->arg.container); + break; case FEATURE_EAP_SERVER: case FEATURE_EAP_PEER: - data = chunk_from_thing(feature->arg); + data = chunk_from_thing(feature->arg.eap); break; case FEATURE_CUSTOM: data = chunk_create(feature->arg.custom, diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index 08a8442ea..487fafa01 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -1047,6 +1047,7 @@ static char *modular_pluginlist(char *list) array_sort(final, (void*)plugin_priority_cmp, NULL); + plugins = strdup(""); enumerator = array_create_enumerator(final); while (enumerator->enumerate(enumerator, ¤t)) { diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index 803eeab44..6f00e7eb1 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index 0efe24cb7..59f062dd2 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/rc2/Makefile.in b/src/libstrongswan/plugins/rc2/Makefile.in index afcbc07eb..b820d1211 100644 --- a/src/libstrongswan/plugins/rc2/Makefile.in +++ b/src/libstrongswan/plugins/rc2/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/rdrand/Makefile.in b/src/libstrongswan/plugins/rdrand/Makefile.in index 88b283e87..db926c545 100644 --- a/src/libstrongswan/plugins/rdrand/Makefile.in +++ b/src/libstrongswan/plugins/rdrand/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/revocation/Makefile.in b/src/libstrongswan/plugins/revocation/Makefile.in index 745ee83e7..cfdd7e8b6 100644 --- a/src/libstrongswan/plugins/revocation/Makefile.in +++ b/src/libstrongswan/plugins/revocation/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index c8ec3f723..9fd5b2a22 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -93,40 +93,92 @@ static certificate_t *fetch_ocsp(char *url, certificate_t *subject, /** * check the signature of an OCSP response */ -static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth) +static bool verify_ocsp(ocsp_response_t *response, certificate_t *ca) { certificate_t *issuer, *subject; identification_t *responder; ocsp_response_wrapper_t *wrapper; enumerator_t *enumerator; - auth_cfg_t *current; - bool verified = FALSE; + x509_t *x509; + bool verified = FALSE, found = FALSE; wrapper = ocsp_response_wrapper_create((ocsp_response_t*)response); lib->credmgr->add_local_set(lib->credmgr, &wrapper->set, FALSE); subject = &response->certificate; responder = subject->get_issuer(subject); - enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, + + /* check OCSP response using CA or directly delegated OCSP signer */ + enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, CERT_X509, KEY_ANY, responder, FALSE); - while (enumerator->enumerate(enumerator, &issuer, ¤t)) + while (enumerator->enumerate(enumerator, &issuer)) { + x509 = (x509_t*)issuer; + if (!issuer->get_validity(issuer, NULL, NULL, NULL)) + { /* OCSP signer currently invalid */ + continue; + } + if (!ca->equals(ca, issuer)) + { /* delegated OCSP signer? */ + if (!lib->credmgr->issued_by(lib->credmgr, issuer, ca, NULL)) + { /* OCSP response not signed by CA, nor delegated OCSP signer */ + continue; + } + if (!(x509->get_flags(x509) & X509_OCSP_SIGNER)) + { /* delegated OCSP signer does not have OCSP signer flag */ + continue; + } + } + found = TRUE; if (lib->credmgr->issued_by(lib->credmgr, subject, issuer, NULL)) { DBG1(DBG_CFG, " ocsp response correctly signed by \"%Y\"", - issuer->get_subject(issuer)); - if (auth) - { - auth->merge(auth, current, FALSE); - } + issuer->get_subject(issuer)); verified = TRUE; break; } + DBG1(DBG_CFG, "ocsp response verification failed, " + "invalid signature"); } enumerator->destroy(enumerator); + if (!verified) + { + /* as fallback, use any locally installed OCSP signer certificate */ + enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, + CERT_X509, KEY_ANY, responder, TRUE); + while (enumerator->enumerate(enumerator, &issuer)) + { + x509 = (x509_t*)issuer; + /* while issued_by() accepts both OCSP signer or CA basic + * constraint flags to verify OCSP responses, unrelated but trusted + * OCSP signers must explicitly have the OCSP signer flag set. */ + if ((x509->get_flags(x509) & X509_OCSP_SIGNER) && + issuer->get_validity(issuer, NULL, NULL, NULL)) + { + found = TRUE; + if (lib->credmgr->issued_by(lib->credmgr, subject, issuer, NULL)) + { + DBG1(DBG_CFG, " ocsp response correctly signed by \"%Y\"", + issuer->get_subject(issuer)); + verified = TRUE; + break; + } + DBG1(DBG_CFG, "ocsp response verification failed, " + "invalid signature"); + } + } + enumerator->destroy(enumerator); + } + lib->credmgr->remove_local_set(lib->credmgr, &wrapper->set); wrapper->destroy(wrapper); + + if (!found) + { + DBG1(DBG_CFG, "ocsp response verification failed, " + "no signer certificate '%Y' found", responder); + } return verified; } @@ -134,8 +186,8 @@ static bool verify_ocsp(ocsp_response_t *response, auth_cfg_t *auth) * Get the better of two OCSP responses, and check for usable OCSP info */ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best, - x509_t *subject, x509_t *issuer, cert_validation_t *valid, - auth_cfg_t *auth, bool cache) + x509_t *subject, x509_t *issuer, + cert_validation_t *valid, bool cache) { ocsp_response_t *response; time_t revocation, this_update, next_update, valid_until; @@ -145,9 +197,8 @@ static certificate_t *get_better_ocsp(certificate_t *cand, certificate_t *best, response = (ocsp_response_t*)cand; /* check ocsp signature */ - if (!verify_ocsp(response, auth)) + if (!verify_ocsp(response, &issuer->interface)) { - DBG1(DBG_CFG, "ocsp response verification failed"); cand->destroy(cand); return best; } @@ -226,8 +277,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, while (enumerator->enumerate(enumerator, ¤t)) { current->get_ref(current); - best = get_better_ocsp(current, best, subject, issuer, - &valid, auth, FALSE); + best = get_better_ocsp(current, best, subject, issuer, &valid, FALSE); if (best && valid != VALIDATION_STALE) { DBG1(DBG_CFG, " using cached ocsp response"); @@ -254,7 +304,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, if (current) { best = get_better_ocsp(current, best, subject, issuer, - &valid, auth, TRUE); + &valid, TRUE); if (best && valid != VALIDATION_STALE) { break; @@ -276,7 +326,7 @@ static cert_validation_t check_ocsp(x509_t *subject, x509_t *issuer, if (current) { best = get_better_ocsp(current, best, subject, issuer, - &valid, auth, TRUE); + &valid, TRUE); if (best && valid != VALIDATION_STALE) { break; @@ -330,25 +380,20 @@ static certificate_t* fetch_crl(char *url) /** * check the signature of an CRL */ -static bool verify_crl(certificate_t *crl, auth_cfg_t *auth) +static bool verify_crl(certificate_t *crl) { certificate_t *issuer; enumerator_t *enumerator; bool verified = FALSE; - auth_cfg_t *current; enumerator = lib->credmgr->create_trusted_enumerator(lib->credmgr, KEY_ANY, crl->get_issuer(crl), FALSE); - while (enumerator->enumerate(enumerator, &issuer, ¤t)) + while (enumerator->enumerate(enumerator, &issuer, NULL)) { if (lib->credmgr->issued_by(lib->credmgr, crl, issuer, NULL)) { DBG1(DBG_CFG, " crl correctly signed by \"%Y\"", issuer->get_subject(issuer)); - if (auth) - { - auth->merge(auth, current, FALSE); - } verified = TRUE; break; } @@ -362,7 +407,7 @@ static bool verify_crl(certificate_t *crl, auth_cfg_t *auth) * Get the better of two CRLs, and check for usable CRL info */ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, - x509_t *subject, cert_validation_t *valid, auth_cfg_t *auth, + x509_t *subject, cert_validation_t *valid, bool cache, crl_t *base) { enumerator_t *enumerator; @@ -390,7 +435,7 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, } /* check CRL signature */ - if (!verify_crl(cand, auth)) + if (!verify_crl(cand)) { DBG1(DBG_CFG, "crl response verification failed"); cand->destroy(cand); @@ -452,8 +497,8 @@ static certificate_t *get_better_crl(certificate_t *cand, certificate_t *best, * Find or fetch a certificate for a given crlIssuer */ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, - auth_cfg_t *auth, crl_t *base, - certificate_t **best, bool *uri_found) + crl_t *base, certificate_t **best, + bool *uri_found) { cert_validation_t valid = VALIDATION_SKIPPED; enumerator_t *enumerator; @@ -466,8 +511,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, while (enumerator->enumerate(enumerator, ¤t)) { current->get_ref(current); - *best = get_better_crl(current, *best, subject, &valid, - auth, FALSE, base); + *best = get_better_crl(current, *best, subject, &valid, FALSE, base); if (*best && valid != VALIDATION_STALE) { DBG1(DBG_CFG, " using cached crl"); @@ -495,7 +539,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, continue; } *best = get_better_crl(current, *best, subject, - &valid, auth, TRUE, base); + &valid, TRUE, base); if (*best && valid != VALIDATION_STALE) { break; @@ -511,7 +555,7 @@ static cert_validation_t find_crl(x509_t *subject, identification_t *issuer, * Look for a delta CRL for a given base CRL */ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, - crl_t *base, cert_validation_t base_valid, auth_cfg_t *auth) + crl_t *base, cert_validation_t base_valid) { cert_validation_t valid = VALIDATION_SKIPPED; certificate_t *best = NULL, *current; @@ -526,7 +570,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, if (chunk.len) { id = identification_create_from_encoding(ID_KEY_ID, chunk); - valid = find_crl(subject, id, auth, base, &best, &uri); + valid = find_crl(subject, id, base, &best, &uri); id->destroy(id); } @@ -537,7 +581,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, { if (cdp->issuer) { - valid = find_crl(subject, cdp->issuer, auth, base, &best, &uri); + valid = find_crl(subject, cdp->issuer, base, &best, &uri); } } enumerator->destroy(enumerator); @@ -558,8 +602,7 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, current->destroy(current); continue; } - best = get_better_crl(current, best, subject, &valid, - auth, TRUE, base); + best = get_better_crl(current, best, subject, &valid, TRUE, base); if (best && valid != VALIDATION_STALE) { break; @@ -576,7 +619,6 @@ static cert_validation_t check_delta_crl(x509_t *subject, x509_t *issuer, return base_valid; } - /** * validate a x509 certificate using CRL */ @@ -597,7 +639,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, if (chunk.len) { id = identification_create_from_encoding(ID_KEY_ID, chunk); - valid = find_crl(subject, id, auth, NULL, &best, &uri_found); + valid = find_crl(subject, id, NULL, &best, &uri_found); id->destroy(id); } @@ -608,8 +650,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, { if (cdp->issuer) { - valid = find_crl(subject, cdp->issuer, auth, NULL, - &best, &uri_found); + valid = find_crl(subject, cdp->issuer, NULL, &best, &uri_found); } } enumerator->destroy(enumerator); @@ -633,7 +674,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, continue; } best = get_better_crl(current, best, subject, &valid, - auth, TRUE, NULL); + TRUE, NULL); if (best && valid != VALIDATION_STALE) { break; @@ -646,7 +687,7 @@ static cert_validation_t check_crl(x509_t *subject, x509_t *issuer, /* look for delta CRLs */ if (best && (valid == VALIDATION_GOOD || valid == VALIDATION_STALE)) { - valid = check_delta_crl(subject, issuer, (crl_t*)best, valid, auth); + valid = check_delta_crl(subject, issuer, (crl_t*)best, valid); } /* an uri was found, but no result. switch validation state to failed */ diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index e57eb78ab..4f9d24a7e 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index c044178b9..ddc287522 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/soup/Makefile.in b/src/libstrongswan/plugins/soup/Makefile.in index cc16ef5cb..2ba05f71e 100644 --- a/src/libstrongswan/plugins/soup/Makefile.in +++ b/src/libstrongswan/plugins/soup/Makefile.in @@ -371,7 +371,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index c428b883f..2cbacddf1 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/sshkey/Makefile.in b/src/libstrongswan/plugins/sshkey/Makefile.in index 3c9926acc..6bd82503d 100644 --- a/src/libstrongswan/plugins/sshkey/Makefile.in +++ b/src/libstrongswan/plugins/sshkey/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in index a1439f6ea..7443f531c 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.in +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -387,7 +387,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h index 788baae57..33c13d9f4 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors.h +++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h @@ -88,11 +88,18 @@ TEST_VECTOR_AEAD(aes_ccm10) TEST_VECTOR_AEAD(aes_ccm11) TEST_VECTOR_AEAD(aes_gcm1) TEST_VECTOR_AEAD(aes_gcm2) -TEST_VECTOR_AEAD(aes_gcm3) +TEST_VECTOR_AEAD(aes_gcm3_1) +TEST_VECTOR_AEAD(aes_gcm3_2) +TEST_VECTOR_AEAD(aes_gcm3_3) TEST_VECTOR_AEAD(aes_gcm4) -TEST_VECTOR_AEAD(aes_gcm5) -TEST_VECTOR_AEAD(aes_gcm6) TEST_VECTOR_AEAD(aes_gcm7) +TEST_VECTOR_AEAD(aes_gcm8) +TEST_VECTOR_AEAD(aes_gcm9) +TEST_VECTOR_AEAD(aes_gcm10) +TEST_VECTOR_AEAD(aes_gcm13) +TEST_VECTOR_AEAD(aes_gcm14) +TEST_VECTOR_AEAD(aes_gcm15) +TEST_VECTOR_AEAD(aes_gcm16) TEST_VECTOR_SIGNER(aes_xcbc_s1) TEST_VECTOR_SIGNER(aes_xcbc_s2) diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c index 8de180ad5..95c41ecbc 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_ccm.c @@ -21,7 +21,8 @@ * originally from "fips cavs fax files on hand at Red Hat". */ aead_test_vector_t aes_ccm1 = { - .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 0, + .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3, + .len = 32, .alen = 0, .key = "\x83\xac\x54\x66\xc2\xeb\xe5\x05\x2e\x01\xd1\xfc\x5d\x82\x66\x2e" "\x96\xac\x59", .iv = "\x30\x07\xa1\xe2\xa2\xc7\x55\x24", @@ -33,7 +34,8 @@ aead_test_vector_t aes_ccm1 = { }; aead_test_vector_t aes_ccm2 = { - .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3, + .len = 32, .alen = 32, .key = "\x1e\x2c\x7e\x01\x41\x9a\xef\xc0\x0d\x58\x96\x6e\x5c\xa2\x4b\xd3" "\x4f\xa3\x19", .iv = "\xd3\x01\x5a\xd8\x30\x60\x15\x56", @@ -47,7 +49,8 @@ aead_test_vector_t aes_ccm2 = { }; aead_test_vector_t aes_ccm3 = { - .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 0, .alen = 32, + .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3, + .len = 0, .alen = 32, .key = "\xf4\x6b\xc2\x75\x62\xfe\xb4\xe1\xa3\xf0\xff\xdd\x4e\x4b\x12\x75" "\x53\x14\x73\x66\x8d\x88\xf6\x80\xa0\x20\x35", .iv = "\x26\xf2\x21\x8d\x50\x20\xda\xe2", @@ -57,7 +60,8 @@ aead_test_vector_t aes_ccm3 = { }; aead_test_vector_t aes_ccm4 = { - .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3, + .len = 32, .alen = 32, .key = "\x56\xdf\x5c\x8f\x26\x3f\x0e\x42\xef\x7a\xd3\xce\xfc\x84\x60\x62" "\xca\xb4\x40\xaf\x5f\xc9\xc9\x01\xd6\x3c\x8c", .iv = "\x86\x84\xb6\xcd\xef\x09\x2e\x94", @@ -71,7 +75,8 @@ aead_test_vector_t aes_ccm4 = { }; aead_test_vector_t aes_ccm5 = { - .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3, + .len = 32, .alen = 32, .key = "\xe0\x8d\x99\x71\x60\xd7\x97\x1a\xbd\x01\x99\xd5\x8a\xdf\x71\x3a" "\xd3\xdf\x24\x4b\x5e\x3d\x4b\x4e\x30\x7a\xb9\xd8\x53\x0a\x5e\x2b" "\x1e\x29\x91", @@ -86,7 +91,8 @@ aead_test_vector_t aes_ccm5 = { }; aead_test_vector_t aes_ccm6 = { - .alg = ENCR_AES_CCM_ICV12, .key_size = 32, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV12, .key_size = 32, .salt_size = 3, + .len = 32, .alen = 32, .key = "\x7c\xc8\x18\x3b\x8d\x99\xe0\x7c\x45\x41\xb8\xbd\x5c\xa7\xc2\x32" "\x8a\xb8\x02\x59\xa4\xfe\xa9\x2c\x09\x75\x9a\x9b\x3c\x9b\x27\x39" "\xf9\xd9\x4e", @@ -101,7 +107,8 @@ aead_test_vector_t aes_ccm6 = { }; aead_test_vector_t aes_ccm7 = { - .alg = ENCR_AES_CCM_ICV16, .key_size = 32, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV16, .key_size = 32, .salt_size = 3, + .len = 32, .alen = 32, .key = "\xab\xd0\xe9\x33\x07\x26\xe5\x83\x8c\x76\x95\xd4\xb6\xdc\xf3\x46" "\xf9\x8f\xad\xe3\x02\x13\x83\x77\x3f\xb0\xf1\xa1\xa1\x22\x0f\x2b" "\x24\xa7\x8b", @@ -116,7 +123,8 @@ aead_test_vector_t aes_ccm7 = { }; aead_test_vector_t aes_ccm8 = { - .alg = ENCR_AES_CCM_ICV8, .key_size = 16, .len = 0, .alen = 0, + .alg = ENCR_AES_CCM_ICV8, .key_size = 16, .salt_size = 3, + .len = 0, .alen = 0, .key = "\xab\x2f\x8a\x74\xb7\x1c\xd2\xb1\xff\x80\x2e\x48\x7d\x82\xf8\xb9" "\xaf\x94\x87", .iv = "\x78\x35\x82\x81\x7f\x88\x94\x68", @@ -124,7 +132,8 @@ aead_test_vector_t aes_ccm8 = { }; aead_test_vector_t aes_ccm9 = { - .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 0, .alen = 32, + .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3, + .len = 0, .alen = 32, .key = "\x39\xbb\xa7\xbe\x59\x97\x9e\x73\xa2\xbc\x6b\x98\xd7\x75\x7f\xe3" "\xa4\x48\x93\x39\x26\x71\x4a\xc6\xee\x49\x83", .iv = "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e", @@ -134,7 +143,8 @@ aead_test_vector_t aes_ccm9 = { }; aead_test_vector_t aes_ccm10 = { - .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 0, .alen = 0, + .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3, + .len = 0, .alen = 0, .key = "\xa4\x4b\x54\x29\x0a\xb8\x6d\x01\x5b\x80\x2a\xcf\x25\xc4\xb7\x5c" "\x20\x2c\xad\x30\xc2\x2b\x41\xfb\x0e\x85\xbc\x33\xad\x0f\x2b\xff" "\xee\x49\x83", @@ -143,7 +153,8 @@ aead_test_vector_t aes_ccm10 = { }; aead_test_vector_t aes_ccm11 = { - .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 32, .alen = 32, + .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3, + .len = 32, .alen = 32, .key = "\x58\x5d\xa0\x96\x65\x1a\x04\xd7\x96\xe5\xc5\x68\xaa\x95\x35\xe0" "\x29\xa0\xba\x9e\x48\x78\xd1\xba\xee\x49\x83", .iv = "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e", diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c index 7534633e1..1f33bcbd5 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_gcm.c @@ -16,11 +16,37 @@ #include <crypto/crypto_tester.h> /** - * From the Linux kernel, those with an IV. Originally from - * McGrew & Viega - http://citeseer.ist.psu.edu/656989.html + * From McGrew & Viega + * http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf + * Formatted to match our API which expects the first four bytes (salt) of the + * IV as part of the key and writes/expects the ICV at the end of the cipher + * text. + * Since our implementations are currently limited to IV lengths of 12 (IV=8, + * SALT=4 as per RFC 4106/5282) the test cases 5/6, 11/12 and 17/18 aren't + * compatible. */ aead_test_vector_t aes_gcm1 = { - .alg = ENCR_AES_GCM_ICV8, .key_size = 16, .len = 64, .alen = 0, + .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4, + .len = 0, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "", + .cipher = "\x58\xe2\xfc\xce\xfa\x7e\x30\x61\x36\x7f\x1d\x57\xa4\xe7\x45\x5a", +}; +aead_test_vector_t aes_gcm2 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4, + .len = 16, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .cipher = "\x03\x88\xda\xce\x60\xb6\xa3\x92\xf3\x28\xc2\xb9\x71\xb2\xfe\x78" + "\xab\x6e\x47\xd4\x2c\xec\x13\xbd\xf5\x3a\x67\xb2\x12\x57\xbd\xdf", +}; +aead_test_vector_t aes_gcm3_1 = { + .alg = ENCR_AES_GCM_ICV8, .key_size = 16, .salt_size = 4, + .len = 64, .alen = 0, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", @@ -34,9 +60,9 @@ aead_test_vector_t aes_gcm1 = { "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85" "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6", }; - -aead_test_vector_t aes_gcm2 = { - .alg = ENCR_AES_GCM_ICV12, .key_size = 16, .len = 64, .alen = 0, +aead_test_vector_t aes_gcm3_2 = { + .alg = ENCR_AES_GCM_ICV12, .key_size = 16, .salt_size = 4, + .len = 64, .alen = 0, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", @@ -50,9 +76,9 @@ aead_test_vector_t aes_gcm2 = { "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85" "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6\x2c\xf3\x5a\xbd", }; - -aead_test_vector_t aes_gcm3 = { - .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 64, .alen = 0, +aead_test_vector_t aes_gcm3_3 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4, + .len = 64, .alen = 0, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", @@ -66,9 +92,9 @@ aead_test_vector_t aes_gcm3 = { "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x47\x3f\x59\x85" "\x4d\x5c\x2a\xf3\x27\xcd\x64\xa6\x2c\xf3\x5a\xbd\x2b\xa6\xfa\xb4", }; - aead_test_vector_t aes_gcm4 = { - .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 60, .alen = 20, + .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4, + .len = 60, .alen = 20, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", @@ -84,9 +110,28 @@ aead_test_vector_t aes_gcm4 = { "\x1b\xa3\x0b\x39\x6a\x0a\xac\x97\x3d\x58\xe0\x91\x5b\xc9\x4f\xbc" "\x32\x21\xa5\xdb\x94\xfa\xe9\x5a\xe7\x12\x1a\x47", }; - -aead_test_vector_t aes_gcm5 = { - .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .len = 64, .alen = 0, +aead_test_vector_t aes_gcm7 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4, + .len = 0, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "", + .cipher = "\xcd\x33\xb2\x8a\xc7\x73\xf7\x4b\xa0\x0e\xd1\xf3\x12\x57\x24\x35", +}; +aead_test_vector_t aes_gcm8 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4, + .len = 16, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .cipher = "\x98\xe7\x24\x7c\x07\xf0\xfe\x41\x1c\x26\x7e\x43\x84\xb0\xf6\x00" + "\x2f\xf5\x8d\x80\x03\x39\x27\xab\x8e\xf4\xd4\x58\x75\x14\xf0\xfb", +}; +aead_test_vector_t aes_gcm9 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4, + .len = 64, .alen = 0, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xfe\xff\xe9\x92\x86\x65\x73\x1c\xca\xfe\xba\xbe", .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", @@ -100,9 +145,48 @@ aead_test_vector_t aes_gcm5 = { "\x18\xe2\x44\x8b\x2f\xe3\x24\xd9\xcc\xda\x27\x10\xac\xad\xe2\x56" "\x99\x24\xa7\xc8\x58\x73\x36\xbf\xb1\x18\x02\x4d\xb8\x67\x4a\x14", }; - -aead_test_vector_t aes_gcm6 = { - .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 64, .alen = 0, +aead_test_vector_t aes_gcm10 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4, + .len = 60, .alen = 20, + .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" + "\xfe\xff\xe9\x92\x86\x65\x73\x1c\xca\xfe\xba\xbe", + .iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88", + .plain = "\xd9\x31\x32\x25\xf8\x84\x06\xe5\xa5\x59\x09\xc5\xaf\xf5\x26\x9a" + "\x86\xa7\xa9\x53\x15\x34\xf7\xda\x2e\x4c\x30\x3d\x8a\x31\x8a\x72" + "\x1c\x3c\x0c\x95\x95\x68\x09\x53\x2f\xcf\x0e\x24\x49\xa6\xb5\x25" + "\xb1\x6a\xed\xf5\xaa\x0d\xe6\x57\xba\x63\x7b\x39", + .adata = "\xfe\xed\xfa\xce\xde\xad\xbe\xef\xfe\xed\xfa\xce\xde\xad\xbe\xef" + "\xab\xad\xda\xd2", + .cipher = "\x39\x80\xca\x0b\x3c\x00\xe8\x41\xeb\x06\xfa\xc4\x87\x2a\x27\x57" + "\x85\x9e\x1c\xea\xa6\xef\xd9\x84\x62\x85\x93\xb4\x0c\xa1\xe1\x9c" + "\x7d\x77\x3d\x00\xc1\x44\xc5\x25\xac\x61\x9d\x18\xc8\x4a\x3f\x47" + "\x18\xe2\x44\x8b\x2f\xe3\x24\xd9\xcc\xda\x27\x10\x25\x19\x49\x8e" + "\x80\xf1\x47\x8f\x37\xba\x55\xbd\x6d\x27\x61\x8c", +}; +aead_test_vector_t aes_gcm13 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4, + .len = 0, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "", + .cipher = "\x53\x0f\x8a\xfb\xc7\x45\x36\xb9\xa9\x63\xb4\xf1\xc4\xcb\x73\x8b", +}; +aead_test_vector_t aes_gcm14 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4, + .len = 16, .alen = 0, + .key = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .cipher = "\xce\xa7\x40\x3d\x4d\x60\x6b\x6e\x07\x4e\xc5\xd3\xba\xf3\x9d\x18" + "\xd0\xd1\xc8\xa7\x99\x99\x6b\xf0\x26\x5b\x98\xb5\xd4\x8a\xb9\x19", +}; +aead_test_vector_t aes_gcm15 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4, + .len = 64, .alen = 0, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", @@ -117,9 +201,9 @@ aead_test_vector_t aes_gcm6 = { "\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x89\x80\x15\xad" "\xb0\x94\xda\xc5\xd9\x34\x71\xbd\xec\x1a\x50\x22\x70\xe3\xcc\x6c", }; - -aead_test_vector_t aes_gcm7 = { - .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 60, .alen = 20, +aead_test_vector_t aes_gcm16 = { + .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4, + .len = 60, .alen = 20, .key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08" "\xca\xfe\xba\xbe", @@ -136,4 +220,3 @@ aead_test_vector_t aes_gcm7 = { "\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x76\xfc\x6e\xce" "\x0f\x4e\x17\x68\xcd\xdf\x88\x53\xbb\x2d\x55\x1b", }; - diff --git a/src/libstrongswan/plugins/unbound/Makefile.in b/src/libstrongswan/plugins/unbound/Makefile.in index 961311eb0..c3c6ed6a7 100644 --- a/src/libstrongswan/plugins/unbound/Makefile.in +++ b/src/libstrongswan/plugins/unbound/Makefile.in @@ -373,7 +373,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 74552e00b..154fc5ccd 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -372,7 +372,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 7d83e48ea..30b871d42 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -29,7 +29,6 @@ #include <utils/identification.h> #include <collections/linked_list.h> #include <credentials/certificates/x509.h> -#include <credentials/ietf_attributes/ietf_attributes.h> #include <credentials/keys/private_key.h> extern chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, @@ -75,7 +74,7 @@ struct private_x509_ac_t { /** * Serial number of the holder certificate */ - chunk_t holderSerial; + identification_t *holderSerial; /** * ID representing the holder @@ -98,14 +97,9 @@ struct private_x509_ac_t { time_t notAfter; /** - * List of charging attributes + * List of group attributes, as group_t */ - ietf_attributes_t *charging; - - /** - * List of groub attributes - */ - ietf_attributes_t *groups; + linked_list_t *groups; /** * Authority Key Identifier @@ -153,6 +147,25 @@ struct private_x509_ac_t { refcount_t ref; }; +/** + * Group definition, an IETF attribute + */ +typedef struct { + /** Attribute type */ + ac_group_type_t type; + /* attribute value */ + chunk_t value; +} group_t; + +/** + * Clean up a group entry + */ +static void group_destroy(group_t *group) +{ + free(group->value.ptr); + free(group); +} + static chunk_t ASN1_noRevAvail_ext = chunk_from_chars( 0x30, 0x09, 0x06, 0x03, @@ -169,42 +182,41 @@ extern void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, /** * parses a directoryName */ -static bool parse_directoryName(chunk_t blob, int level, bool implicit, identification_t **name) +static bool parse_directoryName(chunk_t blob, int level, bool implicit, + identification_t **name) { - bool has_directoryName; - linked_list_t *list = linked_list_create(); + identification_t *directoryName; + enumerator_t *enumerator; + bool first = TRUE; + linked_list_t *list; + list = linked_list_create(); x509_parse_generalNames(blob, level, implicit, list); - has_directoryName = list->get_count(list) > 0; - if (has_directoryName) + enumerator = list->create_enumerator(list); + while (enumerator->enumerate(enumerator, &directoryName)) { - enumerator_t *enumerator = list->create_enumerator(list); - identification_t *directoryName; - bool first = TRUE; - - while (enumerator->enumerate(enumerator, (void**)&directoryName)) + if (first) { - if (first) - { - *name = directoryName; - first = FALSE; - } - else - { - DBG1(DBG_ASN, "more than one directory name - first selected"); - directoryName->destroy(directoryName); - } + *name = directoryName; + first = FALSE; + } + else + { + DBG1(DBG_ASN, "more than one directory name - first selected"); + directoryName->destroy(directoryName); + break; } - enumerator->destroy(enumerator); } - else + enumerator->destroy(enumerator); + list->destroy(list); + + if (first) { DBG1(DBG_ASN, "no directoryName found"); + return FALSE; } - - list->destroy(list); - return has_directoryName; + return TRUE; } /** @@ -244,63 +256,131 @@ static void parse_roleSyntax(chunk_t blob, int level0) } /** + * ASN.1 definition of ietfAttrSyntax + */ +static const asn1Object_t ietfAttrSyntaxObjects[] = +{ + { 0, "ietfAttrSyntax", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "policyAuthority", ASN1_CONTEXT_C_0, ASN1_OPT | + ASN1_BODY }, /* 1 */ + { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */ + { 1, "values", ASN1_SEQUENCE, ASN1_LOOP }, /* 3 */ + { 2, "octets", ASN1_OCTET_STRING, ASN1_OPT | + ASN1_BODY }, /* 4 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 5 */ + { 2, "oid", ASN1_OID, ASN1_OPT | + ASN1_BODY }, /* 6 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 7 */ + { 2, "string", ASN1_UTF8STRING, ASN1_OPT | + ASN1_BODY }, /* 8 */ + { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */ + { 1, "end loop", ASN1_EOC, ASN1_END }, /* 10 */ + { 0, "exit", ASN1_EOC, ASN1_EXIT } +}; +#define IETF_ATTR_OCTETS 4 +#define IETF_ATTR_OID 6 +#define IETF_ATTR_STRING 8 + +/** + * Parse group memberships, IETF attributes + */ +static bool parse_groups(private_x509_ac_t *this, chunk_t encoded, int level0) +{ + ac_group_type_t type; + group_t *group; + asn1_parser_t *parser; + chunk_t object; + int objectID; + bool success; + + parser = asn1_parser_create(ietfAttrSyntaxObjects, encoded); + parser->set_top_level(parser, level0); + while (parser->iterate(parser, &objectID, &object)) + { + switch (objectID) + { + case IETF_ATTR_OCTETS: + type = AC_GROUP_TYPE_OCTETS; + break; + case IETF_ATTR_OID: + type = AC_GROUP_TYPE_OID; + break; + case IETF_ATTR_STRING: + type = AC_GROUP_TYPE_STRING; + break; + default: + continue; + } + INIT(group, + .type = type, + .value = chunk_clone(object), + ); + this->groups->insert_last(this->groups, group); + } + success = parser->success(parser); + parser->destroy(parser); + + return success; +} + +/** * ASN.1 definition of an X509 attribute certificate */ static const asn1Object_t acObjects[] = { { 0, "AttributeCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */ { 1, "AttributeCertificateInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */ - { 2, "version", ASN1_INTEGER, ASN1_DEF | + { 2, "version", ASN1_INTEGER, ASN1_DEF | ASN1_BODY }, /* 2 */ - { 2, "holder", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */ - { 3, "baseCertificateID", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 4 */ - { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */ - { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 6 */ + { 2, "holder", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */ + { 3, "baseCertificateID", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 4 */ + { 4, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */ + { 4, "serial", ASN1_INTEGER, ASN1_BODY }, /* 6 */ { 4, "issuerUID", ASN1_BIT_STRING, ASN1_OPT | ASN1_BODY }, /* 7 */ { 4, "end opt", ASN1_EOC, ASN1_END }, /* 8 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 9 */ - { 3, "entityName", ASN1_CONTEXT_C_1, ASN1_OPT | + { 3, "entityName", ASN1_CONTEXT_C_1, ASN1_OPT | ASN1_OBJ }, /* 10 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 11 */ - { 3, "objectDigestInfo", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 12 */ - { 4, "digestedObjectType", ASN1_ENUMERATED, ASN1_BODY }, /* 13 */ - { 4, "otherObjectTypeID", ASN1_OID, ASN1_OPT | + { 3, "objectDigestInfo", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 12 */ + { 4, "digestedObjectType", ASN1_ENUMERATED, ASN1_BODY }, /* 13 */ + { 4, "otherObjectTypeID", ASN1_OID, ASN1_OPT | ASN1_BODY }, /* 14 */ { 4, "end opt", ASN1_EOC, ASN1_END }, /* 15 */ { 4, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 16 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 17 */ - { 2, "v2Form", ASN1_CONTEXT_C_0, ASN1_NONE }, /* 18 */ - { 3, "issuerName", ASN1_SEQUENCE, ASN1_OPT | + { 2, "v2Form", ASN1_CONTEXT_C_0, ASN1_NONE }, /* 18 */ + { 3, "issuerName", ASN1_SEQUENCE, ASN1_OPT | ASN1_OBJ }, /* 19 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 20 */ - { 3, "baseCertificateID", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 21 */ - { 4, "issuerSerial", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */ - { 5, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 23 */ - { 5, "serial", ASN1_INTEGER, ASN1_BODY }, /* 24 */ + { 3, "baseCertificateID", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 21 */ + { 4, "issuerSerial", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */ + { 5, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 23 */ + { 5, "serial", ASN1_INTEGER, ASN1_BODY }, /* 24 */ { 5, "issuerUID", ASN1_BIT_STRING, ASN1_OPT | ASN1_BODY }, /* 25 */ { 5, "end opt", ASN1_EOC, ASN1_END }, /* 26 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 27 */ { 3, "objectDigestInfo", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 28 */ - { 4, "digestInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 29 */ - { 5, "digestedObjectType", ASN1_ENUMERATED, ASN1_BODY }, /* 30 */ - { 5, "otherObjectTypeID", ASN1_OID, ASN1_OPT | + { 4, "digestInfo", ASN1_SEQUENCE, ASN1_OBJ }, /* 29 */ + { 5, "digestedObjectType", ASN1_ENUMERATED, ASN1_BODY }, /* 30 */ + { 5, "otherObjectTypeID", ASN1_OID, ASN1_OPT | ASN1_BODY }, /* 31 */ { 5, "end opt", ASN1_EOC, ASN1_END }, /* 32 */ { 5, "digestAlgorithm", ASN1_EOC, ASN1_RAW }, /* 33 */ { 3, "end opt", ASN1_EOC, ASN1_END }, /* 34 */ - { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 35 */ - { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 36 */ - { 2, "attrCertValidityPeriod", ASN1_SEQUENCE, ASN1_NONE }, /* 37 */ - { 3, "notBeforeTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 38 */ - { 3, "notAfterTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 39 */ - { 2, "attributes", ASN1_SEQUENCE, ASN1_LOOP }, /* 40 */ + { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 35 */ + { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 36 */ + { 2, "attrCertValidityPeriod", ASN1_SEQUENCE, ASN1_NONE }, /* 37 */ + { 3, "notBeforeTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 38 */ + { 3, "notAfterTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 39 */ + { 2, "attributes", ASN1_SEQUENCE, ASN1_LOOP }, /* 40 */ { 3, "attribute", ASN1_SEQUENCE, ASN1_NONE }, /* 41 */ { 4, "type", ASN1_OID, ASN1_BODY }, /* 42 */ { 4, "values", ASN1_SET, ASN1_LOOP }, /* 43 */ { 5, "value", ASN1_EOC, ASN1_RAW }, /* 44 */ - { 4, "end loop", ASN1_EOC, ASN1_END }, /* 45 */ + { 4, "end loop", ASN1_EOC, ASN1_END }, /* 45 */ { 2, "end loop", ASN1_EOC, ASN1_END }, /* 46 */ { 2, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 47 */ { 3, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 48 */ @@ -368,22 +448,26 @@ static bool parse_certificate(private_x509_ac_t *this) } break; case AC_OBJ_HOLDER_ISSUER: - if (!parse_directoryName(object, level, FALSE, &this->holderIssuer)) + if (!parse_directoryName(object, level, FALSE, + &this->holderIssuer)) { goto end; } break; case AC_OBJ_HOLDER_SERIAL: - this->holderSerial = object; + this->holderSerial = identification_create_from_encoding( + ID_KEY_ID, object); break; case AC_OBJ_ENTITY_NAME: - if (!parse_directoryName(object, level, TRUE, &this->entityName)) + if (!parse_directoryName(object, level, TRUE, + &this->entityName)) { goto end; } break; case AC_OBJ_ISSUER_NAME: - if (!parse_directoryName(object, level, FALSE, &this->issuerName)) + if (!parse_directoryName(object, level, FALSE, + &this->issuerName)) { goto end; } @@ -414,13 +498,14 @@ static bool parse_certificate(private_x509_ac_t *this) DBG2(DBG_ASN, " need to parse accessIdentity"); break; case OID_CHARGING_IDENTITY: - DBG2(DBG_ASN, "-- > --"); - this->charging = ietf_attributes_create_from_encoding(object); - DBG2(DBG_ASN, "-- < --"); + DBG2(DBG_ASN, " need to parse chargingIdentity"); break; case OID_GROUP: DBG2(DBG_ASN, "-- > --"); - this->groups = ietf_attributes_create_from_encoding(object); + if (!parse_groups(this, object, level)) + { + goto end; + } DBG2(DBG_ASN, "-- < --"); break; case OID_ROLE: @@ -446,8 +531,9 @@ static bool parse_certificate(private_x509_ac_t *this) DBG2(DBG_ASN, " need to parse crlDistributionPoints"); break; case OID_AUTHORITY_KEY_ID: - this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object, - level, &this->authKeySerialNumber); + this->authKeyIdentifier = + x509_parse_authorityKeyIdentifier(object, + level, &this->authKeySerialNumber); break; case OID_TARGET_INFORMATION: DBG2(DBG_ASN, " need to parse targetInformation"); @@ -490,7 +576,7 @@ end: static chunk_t build_directoryName(asn1_t tag, chunk_t name) { return asn1_wrap(tag, "m", - asn1_simple_object(ASN1_CONTEXT_C_4, name)); + asn1_simple_object(ASN1_CONTEXT_C_4, name)); } /** @@ -499,14 +585,15 @@ static chunk_t build_directoryName(asn1_t tag, chunk_t name) static chunk_t build_holder(private_x509_ac_t *this) { x509_t* x509 = (x509_t*)this->holderCert; - identification_t *issuer = this->holderCert->get_issuer(this->holderCert); - identification_t *subject = this->holderCert->get_subject(this->holderCert); + identification_t *issuer, *subject; + + issuer = this->holderCert->get_issuer(this->holderCert); + subject = this->holderCert->get_subject(this->holderCert); return asn1_wrap(ASN1_SEQUENCE, "mm", asn1_wrap(ASN1_CONTEXT_C_0, "mm", build_directoryName(ASN1_SEQUENCE, issuer->get_encoding(issuer)), - asn1_simple_object(ASN1_INTEGER, x509->get_serial(x509)) - ), + asn1_simple_object(ASN1_INTEGER, x509->get_serial(x509))), build_directoryName(ASN1_CONTEXT_C_1, subject->get_encoding(subject))); } @@ -515,10 +602,12 @@ static chunk_t build_holder(private_x509_ac_t *this) */ static chunk_t build_v2_form(private_x509_ac_t *this) { - identification_t *subject = this->signerCert->get_subject(this->signerCert); + identification_t *subject; + subject = this->signerCert->get_subject(this->signerCert); return asn1_wrap(ASN1_CONTEXT_C_0, "m", - build_directoryName(ASN1_SEQUENCE, subject->get_encoding(subject))); + build_directoryName(ASN1_SEQUENCE, + subject->get_encoding(subject))); } /** @@ -531,7 +620,6 @@ static chunk_t build_attr_cert_validity(private_x509_ac_t *this) asn1_from_time(&this->notAfter, ASN1_GENERALIZEDTIME)); } - /** * build attribute type */ @@ -547,8 +635,55 @@ static chunk_t build_attribute_type(int type, chunk_t content) */ static chunk_t build_attributes(private_x509_ac_t *this) { + enumerator_t *enumerator; + group_t *group; + chunk_t values; + size_t size = 0, len; + u_char *pos; + + /* precalculate the total size of all values */ + enumerator = this->groups->create_enumerator(this->groups); + while (enumerator->enumerate(enumerator, &group)) + { + len = group->value.len; + size += 1 + (len > 0) + (len >= 128) + + (len >= 256) + (len >= 65536) + len; + } + enumerator->destroy(enumerator); + + pos = asn1_build_object(&values, ASN1_SEQUENCE, size); + + enumerator = this->groups->create_enumerator(this->groups); + while (enumerator->enumerate(enumerator, &group)) + { + chunk_t attr; + asn1_t type; + + switch (group->type) + { + case AC_GROUP_TYPE_OCTETS: + type = ASN1_OCTET_STRING; + break; + case AC_GROUP_TYPE_STRING: + type = ASN1_UTF8STRING; + break; + case AC_GROUP_TYPE_OID: + type = ASN1_OID; + break; + default: + continue; + } + attr = asn1_simple_object(type, group->value); + + memcpy(pos, attr.ptr, attr.len); + pos += attr.len; + free(attr.ptr); + } + enumerator->destroy(enumerator); + return asn1_wrap(ASN1_SEQUENCE, "m", - build_attribute_type(OID_GROUP, this->groups->get_encoding(this->groups))); + build_attribute_type(OID_GROUP, + asn1_wrap(ASN1_SEQUENCE, "m", values))); } /** @@ -621,14 +756,11 @@ static chunk_t build_attr_cert_info(private_x509_ac_t *this) */ static chunk_t build_ac(private_x509_ac_t *this) { - chunk_t signatureValue; - chunk_t attributeCertificateInfo; + chunk_t signatureValue, attributeCertificateInfo; attributeCertificateInfo = build_attr_cert_info(this); - this->signerKey->sign(this->signerKey, SIGN_RSA_EMSA_PKCS1_SHA1, attributeCertificateInfo, &signatureValue); - return asn1_wrap(ASN1_SEQUENCE, "mmm", attributeCertificateInfo, asn1_algorithmIdentifier(OID_SHA1_WITH_RSA), @@ -644,7 +776,11 @@ METHOD(ac_t, get_serial, chunk_t, METHOD(ac_t, get_holderSerial, chunk_t, private_x509_ac_t *this) { - return this->holderSerial; + if (this->holderSerial) + { + return this->holderSerial->get_encoding(this->holderSerial); + } + return chunk_empty; } METHOD(ac_t, get_holderIssuer, identification_t*, @@ -659,10 +795,28 @@ METHOD(ac_t, get_authKeyIdentifier, chunk_t, return this->authKeyIdentifier; } -METHOD(ac_t, get_groups, ietf_attributes_t*, +/** + * Filter function for attribute enumeration + */ +static bool attr_filter(void *null, group_t **in, ac_group_type_t *type, + void *in2, chunk_t *out) +{ + if ((*in)->type == AC_GROUP_TYPE_STRING && + !chunk_printable((*in)->value, NULL, 0)) + { /* skip non-printable strings */ + return FALSE; + } + *type = (*in)->type; + *out = (*in)->value; + return TRUE; +} + +METHOD(ac_t, create_group_enumerator, enumerator_t*, private_x509_ac_t *this) { - return this->groups ? this->groups->get_ref(this->groups) : NULL; + return enumerator_create_filter( + this->groups->create_enumerator(this->groups), + (void*)attr_filter, NULL, NULL); } METHOD(certificate_t, get_type, certificate_type_t, @@ -674,7 +828,11 @@ METHOD(certificate_t, get_type, certificate_type_t, METHOD(certificate_t, get_subject, identification_t*, private_x509_ac_t *this) { - return this->entityName; + if (this->entityName) + { + return this->entityName; + } + return this->holderSerial; } METHOD(certificate_t, get_issuer, identification_t*, @@ -686,13 +844,24 @@ METHOD(certificate_t, get_issuer, identification_t*, METHOD(certificate_t, has_subject, id_match_t, private_x509_ac_t *this, identification_t *subject) { - return ID_MATCH_NONE; + id_match_t entity = ID_MATCH_NONE, serial = ID_MATCH_NONE; + + if (this->entityName) + { + entity = this->entityName->matches(this->entityName, subject); + } + if (this->holderSerial) + { + serial = this->holderSerial->matches(this->holderSerial, subject); + } + return max(entity, serial); } METHOD(certificate_t, has_issuer, id_match_t, private_x509_ac_t *this, identification_t *issuer) { - if (issuer->get_type(issuer) == ID_KEY_ID && this->authKeyIdentifier.ptr && + if (issuer->get_type(issuer) == ID_KEY_ID && + this->authKeyIdentifier.ptr && chunk_equals(this->authKeyIdentifier, issuer->get_encoding(issuer))) { return ID_MATCH_PERFECT; @@ -808,9 +977,10 @@ METHOD(certificate_t, equals, bool, { return TRUE; } - if (other->equals == (void*)equals) + if (other->equals == _equals) { /* skip allocation if we have the same implementation */ - return chunk_equals(this->encoding, ((private_x509_ac_t*)other)->encoding); + return chunk_equals(this->encoding, + ((private_x509_ac_t*)other)->encoding); } if (!other->get_encoding(other, CERT_ASN1_DER, &encoding)) { @@ -827,13 +997,13 @@ METHOD(certificate_t, destroy, void, if (ref_put(&this->ref)) { DESTROY_IF(this->holderIssuer); + DESTROY_IF(this->holderSerial); DESTROY_IF(this->entityName); DESTROY_IF(this->issuerName); DESTROY_IF(this->holderCert); DESTROY_IF(this->signerCert); DESTROY_IF(this->signerKey); - DESTROY_IF(this->charging); - DESTROY_IF(this->groups); + this->groups->destroy_function(this->groups, (void*)group_destroy); free(this->serialNumber.ptr); free(this->authKeyIdentifier.ptr); free(this->encoding.ptr); @@ -869,9 +1039,10 @@ static private_x509_ac_t *create_empty(void) .get_holderSerial = _get_holderSerial, .get_holderIssuer = _get_holderIssuer, .get_authKeyIdentifier = _get_authKeyIdentifier, - .get_groups = _get_groups, + .create_group_enumerator = _create_group_enumerator, }, }, + .groups = linked_list_create(), .ref = 1, ); @@ -914,6 +1085,27 @@ x509_ac_t *x509_ac_load(certificate_type_t type, va_list args) } /** + * Add groups from a list into AC group memberships + */ +static void add_groups_from_list(private_x509_ac_t *this, linked_list_t *list) +{ + enumerator_t *enumerator; + group_t *group; + char *name; + + enumerator = list->create_enumerator(list); + while (enumerator->enumerate(enumerator, &name)) + { + INIT(group, + .type = AC_GROUP_TYPE_STRING, + .value = chunk_clone(chunk_from_str(name)), + ); + this->groups->insert_last(this->groups, group); + } + enumerator->destroy(enumerator); +} + +/** * See header. */ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args) @@ -934,8 +1126,8 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args) case BUILD_SERIAL: ac->serialNumber = chunk_clone(va_arg(args, chunk_t)); continue; - case BUILD_IETF_GROUP_ATTR: - ac->groups = ietf_attributes_create_from_string(va_arg(args, char*)); + case BUILD_AC_GROUP_STRINGS: + add_groups_from_list(ac, va_arg(args, linked_list_t*)); continue; case BUILD_CERT: ac->holderCert = va_arg(args, certificate_t*); @@ -968,4 +1160,3 @@ x509_ac_t *x509_ac_gen(certificate_type_t type, va_list args) destroy(ac); return NULL; } - diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index ed850e8f5..9fd869e77 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -758,6 +758,9 @@ static void parse_extendedKeyUsage(chunk_t blob, int level0, case OID_OCSP_SIGNING: this->flags |= X509_OCSP_SIGNER; break; + case OID_MS_SMARTCARD_LOGON: + this->flags |= X509_MS_SMARTCARD_LOGON; + break; default: break; } @@ -2008,7 +2011,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty; chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty; chunk_t policyConstraints = chunk_empty, inhibitAnyPolicy = chunk_empty; - chunk_t ikeIntermediate = chunk_empty; + chunk_t ikeIntermediate = chunk_empty, msSmartcardLogon = chunk_empty; identification_t *issuer, *subject; chunk_t key_info; signature_scheme_t scheme; @@ -2139,6 +2142,10 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, { ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING); } + if (cert->flags & X509_MS_SMARTCARD_LOGON) + { + msSmartcardLogon = asn1_build_known_oid(OID_MS_SMARTCARD_LOGON); + } if (serverAuth.ptr || clientAuth.ptr || ikeIntermediate.ptr || ocspSigning.ptr) @@ -2146,9 +2153,9 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm", asn1_build_known_oid(OID_EXTENDED_KEY_USAGE), asn1_wrap(ASN1_OCTET_STRING, "m", - asn1_wrap(ASN1_SEQUENCE, "mmmm", + asn1_wrap(ASN1_SEQUENCE, "mmmmm", serverAuth, clientAuth, ikeIntermediate, - ocspSigning))); + ocspSigning, msSmartcardLogon))); } /* add subjectKeyIdentifier to CA and OCSP signer certificates */ @@ -2167,7 +2174,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert, } /* add the keyid authKeyIdentifier for non self-signed certificates */ - if (sign_key) + if (sign_cert) { chunk_t keyid; diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index 09c5a8539..ff0f0231f 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -252,7 +252,7 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, { int oid; signature_scheme_t scheme; - chunk_t certs, signature, encoding; + chunk_t certs = chunk_empty, signature, encoding; switch (this->key->get_type(this->key)) { diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index 15fea7ee0..54bef7357 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -52,9 +52,7 @@ METHOD(plugin_t, get_features, int, PLUGIN_REGISTER(CERT_DECODE, x509_cert_load, TRUE), PLUGIN_PROVIDE(CERT_DECODE, CERT_X509), PLUGIN_DEPENDS(HASHER, HASH_SHA1), - PLUGIN_SDEPEND(PUBKEY, KEY_RSA), - PLUGIN_SDEPEND(PUBKEY, KEY_ECDSA), - PLUGIN_SDEPEND(PUBKEY, KEY_DSA), + PLUGIN_DEPENDS(PUBKEY, KEY_ANY), PLUGIN_REGISTER(CERT_ENCODE, x509_ac_gen, FALSE), PLUGIN_PROVIDE(CERT_ENCODE, CERT_X509_AC), diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index c8f886c60..ca6164371 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -370,7 +370,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/tests/Makefile.in b/src/libstrongswan/tests/Makefile.in index 656be4efb..e58831c5b 100644 --- a/src/libstrongswan/tests/Makefile.in +++ b/src/libstrongswan/tests/Makefile.in @@ -402,7 +402,6 @@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ nm_plugins = @nm_plugins@ oldincludedir = @oldincludedir@ -openac_plugins = @openac_plugins@ pcsclite_CFLAGS = @pcsclite_CFLAGS@ pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ diff --git a/src/libstrongswan/tests/suites/test_chunk.c b/src/libstrongswan/tests/suites/test_chunk.c index e373fbdb6..34ace2894 100644 --- a/src/libstrongswan/tests/suites/test_chunk.c +++ b/src/libstrongswan/tests/suites/test_chunk.c @@ -117,10 +117,13 @@ START_TEST(test_chunk_clear) } chunk_clear(&chunk); /* check memory area of freed chunk. We can't use ck_assert() for this - * test directly, as it might allocate data at the freed area. */ - for (i = 0; i < 64; i++) + * test directly, as it might allocate data at the freed area. comparing + * two bytes at once reduces the chances of conflicts if memory got + * overwritten already */ + for (i = 0; i < 64; i += 2) { - if (ptr[i] != 0 && ptr[i] == i) + if (ptr[i] != 0 && ptr[i] == i && + ptr[i+1] != 0 && ptr[i+1] == i+1) { cleared = FALSE; break; diff --git a/src/libstrongswan/tests/suites/test_enumerator.c b/src/libstrongswan/tests/suites/test_enumerator.c index b5dde4650..9bd6d24f2 100644 --- a/src/libstrongswan/tests/suites/test_enumerator.c +++ b/src/libstrongswan/tests/suites/test_enumerator.c @@ -104,10 +104,10 @@ static void destroy_data(void *data) * filtered test */ -static bool filter(void *data, int *v, int *vo, int *w, int *wo, - int *x, int *xo, int *y, int *yo, int *z, int *zo) +static bool filter(int *data, int **v, int *vo, int **w, int *wo, + int **x, int *xo, int **y, int *yo, int **z, int *zo) { - int val = *v; + int val = **v; *vo = val++; *wo = val++; @@ -118,21 +118,21 @@ static bool filter(void *data, int *v, int *vo, int *w, int *wo, return TRUE; } -static bool filter_odd(void *data, int *item, int *out) +static bool filter_odd(void *data, int **item, int *out) { fail_if(data != (void*)101, "data does not match '101' in filter function"); - *out = *item; - return *item % 2 == 0; + *out = **item; + return **item % 2 == 0; } START_TEST(test_filtered) { - int round, v, w, x, y, z; + int data[5] = {1,2,3,4,5}, round, v, w, x, y, z; linked_list_t *list; enumerator_t *enumerator; - list = linked_list_create_with_items((void*)1, (void*)2, (void*)3, (void*)4, - (void*)5, NULL); + list = linked_list_create_with_items(&data[0], &data[1], &data[2], &data[3], + &data[4], NULL); round = 1; enumerator = enumerator_create_filter(list->create_enumerator(list), @@ -155,12 +155,12 @@ END_TEST START_TEST(test_filtered_filter) { - int count, x; + int data[5] = {1,2,3,4,5}, count, x; linked_list_t *list; enumerator_t *enumerator; - list = linked_list_create_with_items((void*)1, (void*)2, (void*)3, (void*)4, - (void*)5, NULL); + list = linked_list_create_with_items(&data[0], &data[1], &data[2], &data[3], + &data[4], NULL); count = 0; /* should also work without destructor, so set this manually */ diff --git a/src/libstrongswan/tests/suites/test_ntru.c b/src/libstrongswan/tests/suites/test_ntru.c index a46f5742c..7c0cb81bf 100644 --- a/src/libstrongswan/tests/suites/test_ntru.c +++ b/src/libstrongswan/tests/suites/test_ntru.c @@ -20,6 +20,8 @@ #include <plugins/ntru/ntru_mgf1.h> #include <plugins/ntru/ntru_trits.h> #include <plugins/ntru/ntru_poly.h> +#include <plugins/ntru/ntru_param_set.h> +#include <plugins/ntru/ntru_private_key.h> #include <utils/test.h> IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_drbg_create, ntru_drbg_t*, @@ -41,6 +43,18 @@ IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_poly_create_from_data, ntru_poly_t*, uint32_t indices_len_p, uint32_t indices_len_m, bool is_product_form) +IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_param_set_get_by_id, ntru_param_set_t* , + ntru_param_set_id_t id) + +IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create, ntru_private_key_t*, + ntru_drbg_t *drbg, ntru_param_set_t *params) + +IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_private_key_create_from_data, ntru_private_key_t*, + ntru_drbg_t *drbg, chunk_t data) + +IMPORT_FUNCTION_FOR_TESTS(ntru, ntru_public_key_create_from_data, ntru_public_key_t*, + ntru_drbg_t *drbg, chunk_t data) + /** * NTRU parameter sets to test */ @@ -86,7 +100,8 @@ START_TEST(test_ntru_drbg_strength) entropy = lib->crypto->create_rng(lib->crypto, RNG_STRONG); ck_assert(entropy != NULL); - drbg = ntru_drbg_create(strengths[_i].requested, chunk_empty, entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, strengths[_i].requested, + chunk_empty, entropy); if (strengths[_i].standard) { ck_assert(drbg != NULL); @@ -243,7 +258,8 @@ START_TEST(test_ntru_drbg) out = chunk_alloc(128); entropy = test_rng_create(drbg_tests[_i].entropy); - drbg = ntru_drbg_create(256, drbg_tests[_i].pers_str, entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, drbg_tests[_i].pers_str, + entropy); ck_assert(drbg != NULL); ck_assert(drbg->reseed(drbg)); ck_assert(drbg->generate(drbg, 256, 128, out.ptr)); @@ -265,7 +281,7 @@ START_TEST(test_ntru_drbg_reseed) "libstrongswan.plugins.ntru.max_drbg_requests", 2); out = chunk_alloc(128); entropy = test_rng_create(drbg_tests[0].entropy); - drbg = ntru_drbg_create(256, chunk_empty, entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy); /* bad output parameters */ ck_assert(!drbg->generate(drbg, 256, 0, out.ptr)); @@ -283,13 +299,13 @@ START_TEST(test_ntru_drbg_reseed) drbg->destroy(drbg); /* no entropy available for DRBG instantiation */ - drbg = ntru_drbg_create(256, chunk_empty, entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy); ck_assert(drbg == NULL); entropy->destroy(entropy); /* one automatic reseeding occurs */ entropy = test_rng_create(drbg_tests[0].entropy); - drbg = ntru_drbg_create(256, chunk_empty, entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, 256, chunk_empty, entropy); ck_assert(drbg->generate(drbg, 256, 128, out.ptr)); ck_assert(drbg->generate(drbg, 256, 128, out.ptr)); ck_assert(drbg->generate(drbg, 256, 128, out.ptr)); @@ -374,7 +390,7 @@ uint16_t indices_ees1171ep1[] = { */ mgf1_test_t mgf1_tests[] = { { HASH_SHA1, 20, 60, 20, 15, 24, - chunk_from_chars( + chunk_from_chars( 0xED, 0xA5, 0xC3, 0xBC, 0xAF, 0xB3, 0x20, 0x7D, 0x14, 0xA1, 0x54, 0xF7, 0x8B, 0x37, 0xF2, 0x8D, 0x8C, 0x9B, 0xD5, 0x63, 0x57, 0x38, 0x11, 0xC2, @@ -408,7 +424,7 @@ mgf1_test_t mgf1_tests[] = { 0x40, 0x4B, 0xE7, 0x22, 0x3A, 0x56, 0x10, 0x6D, 0x4D, 0x29, 0x0B, 0xCE, 0xA6, 0x21, 0xB5, 0x5C, 0x71, 0x66, 0x2F, 0x70, 0x35, 0xD8, 0x8A, 0x92, - 0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14), + 0x33, 0xF0, 0x16, 0xD4, 0x0E, 0x43, 0x8A, 0x14), chunk_from_chars( 1, 2, 1, 0, 0, 1, 1, 1, 2, 0, 1, 0, 1, 1, 1, 0, 2, 0, 1, 1, 0, 0, 0, 1, 1, 0, 2, 0, 2, 2, 1, 2, 2, 2, 1, 2, 1, 1, 0, 0, @@ -466,7 +482,7 @@ mgf1_test_t mgf1_tests[] = { 0x76, 0x89, 0x8B, 0x1B, 0x60, 0xEC, 0x10, 0x9D, 0x8F, 0x13, 0xF2, 0xFE, 0xD9, 0x85, 0xC1, 0xAB, 0x7E, 0xEE, 0xB1, 0x31, 0xDD, 0xF7, 0x7F, 0x0C, - 0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28), + 0x7D, 0xF9, 0x6B, 0x7B, 0x19, 0x80, 0xBD, 0x28), chunk_from_chars( 0xF1, 0x19, 0x02, 0x4F, 0xDA, 0x58, 0x05, 0x9A, 0x07, 0xDF, 0x61, 0x81, 0x22, 0x0E, 0x15, 0x46, @@ -542,14 +558,17 @@ START_TEST(test_ntru_mgf1) mask2.len = mgf1_tests[_i].ml2; mask3.len = mgf1_tests[_i].ml3; - mgf1 = ntru_mgf1_create(HASH_UNKNOWN, mgf1_tests[_i].seed, TRUE); + mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, HASH_UNKNOWN, + mgf1_tests[_i].seed, TRUE); ck_assert(mgf1 == NULL); - mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, chunk_empty, TRUE); + mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg, + chunk_empty, TRUE); ck_assert(mgf1 == NULL); /* return mask in allocated chunk */ - mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE); + mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg, + mgf1_tests[_i].seed, TRUE); ck_assert(mgf1); /* check hash size */ @@ -565,14 +584,16 @@ START_TEST(test_ntru_mgf1) mgf1->destroy(mgf1); /* copy mask to pre-allocated buffer */ - mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].seed, TRUE); + mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg, + mgf1_tests[_i].seed, TRUE); ck_assert(mgf1); ck_assert(mgf1->get_mask(mgf1, mgf1_tests[_i].mask.len, mask.ptr)); ck_assert(chunk_equals(mask, mgf1_tests[_i].mask)); mgf1->destroy(mgf1); /* get mask in batches without hashing the seed */ - mgf1 = ntru_mgf1_create(mgf1_tests[_i].alg, mgf1_tests[_i].hashed_seed, FALSE); + mgf1 = TEST_FUNCTION(ntru, ntru_mgf1_create, mgf1_tests[_i].alg, + mgf1_tests[_i].hashed_seed, FALSE); ck_assert(mgf1); /* first batch */ @@ -600,16 +621,16 @@ START_TEST(test_ntru_trits) ntru_trits_t *mask; chunk_t trits; - mask = ntru_trits_create(mgf1_tests[_i].trits.len, HASH_UNKNOWN, - mgf1_tests[_i].seed); + mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len, + HASH_UNKNOWN, mgf1_tests[_i].seed); ck_assert(mask == NULL); - mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg, - chunk_empty); + mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len, + mgf1_tests[_i].alg, chunk_empty); ck_assert(mask == NULL); - mask = ntru_trits_create(mgf1_tests[_i].trits.len, mgf1_tests[_i].alg, - mgf1_tests[_i].seed); + mask = TEST_FUNCTION(ntru, ntru_trits_create, mgf1_tests[_i].trits.len, + mgf1_tests[_i].alg, mgf1_tests[_i].seed); ck_assert(mask); trits = chunk_create(mask->get_trits(mask), mask->get_size(mask)); @@ -617,7 +638,8 @@ START_TEST(test_ntru_trits) mask->destroy(mask); /* generate a multiple of 5 trits */ - mask = ntru_trits_create(10, mgf1_tests[_i].alg, mgf1_tests[_i].seed); + mask = TEST_FUNCTION(ntru, ntru_trits_create, 10, mgf1_tests[_i].alg, + mgf1_tests[_i].seed); ck_assert(mask); trits = chunk_create(mask->get_trits(mask), mask->get_size(mask)); @@ -638,17 +660,17 @@ START_TEST(test_ntru_poly) seed.len = mgf1_tests[_i].seed_len; p = &mgf1_tests[_i].poly_test[0]; - poly = ntru_poly_create_from_seed(HASH_UNKNOWN, seed, p->c_bits, p->N, p->q, - p->indices_len, p->indices_len, - p->is_product_form); + poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed, HASH_UNKNOWN, seed, + p->c_bits, p->N, p->q, p->indices_len, p->indices_len, + p->is_product_form); ck_assert(poly == NULL); for (n = 0; n < 2; n++) { p = &mgf1_tests[_i].poly_test[n]; - poly = ntru_poly_create_from_seed(mgf1_tests[_i].alg, seed, p->c_bits, - p->N, p->q, p->indices_len, - p->indices_len, p->is_product_form); + poly = TEST_FUNCTION(ntru, ntru_poly_create_from_seed, + mgf1_tests[_i].alg, seed, p->c_bits, p->N, p->q, + p->indices_len, p->indices_len, p->is_product_form); ck_assert(poly != NULL && poly->get_size(poly) == p->indices_size); indices = poly->get_indices(poly); @@ -748,8 +770,9 @@ START_TEST(test_ntru_ring_mult) int i; t = &ring_mult_tests[_i]; - poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p, - t->indices_len_m, t->is_product_form); + poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N, + t->q, t->indices_len_p, t->indices_len_m, + t->is_product_form); ck_assert(poly != NULL); c = malloc(t->N * sizeof(uint16_t)); @@ -776,8 +799,9 @@ START_TEST(test_ntru_array) t = &ring_mult_tests[array_tests[_i]]; - poly = ntru_poly_create_from_data(t->indices, t->N, t->q, t->indices_len_p, - t->indices_len_m, t->is_product_form); + poly = TEST_FUNCTION(ntru, ntru_poly_create_from_data, t->indices, t->N, + t->q, t->indices_len_p, t->indices_len_m, + t->is_product_form); ck_assert(poly != NULL); c = malloc(t->N * sizeof(uint16_t)); @@ -793,62 +817,413 @@ START_TEST(test_ntru_array) } END_TEST +START_TEST(test_ntru_param_set) +{ + ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, -1) == NULL); + ck_assert(TEST_FUNCTION(ntru, ntru_param_set_get_by_id, 16) == NULL); +} +END_TEST + +typedef struct { + ntru_param_set_id_t id; + chunk_t entropy; + chunk_t encoding; +} privkey_test_t; + +privkey_test_t privkey_tests[] = { + { + NTRU_EES401EP1, + chunk_from_chars( + 0x0C, 0x2F, 0x24, 0xE1, 0xA4, 0x81, 0x26, 0xA2, + 0x6C, 0xEA, 0xCD, 0x1A, 0xF3, 0xEB, 0x3D, 0xBF, + 0xEA, 0xAE, 0xC3, 0x0D, 0xC1), + chunk_from_chars( + 0x02, 0x03, 0x00, 0x02, 0x04, 0x3E, 0xF3, 0xCB, + 0x7A, 0x58, 0x13, 0x75, 0xBB, 0x87, 0xF5, 0xBF, + 0x2E, 0x18, 0xAE, 0x03, 0xAF, 0xB8, 0x33, 0x85, + 0xD8, 0xBF, 0x8A, 0xB5, 0x8C, 0xA6, 0xDF, 0x03, + 0x90, 0x1E, 0xE4, 0x83, 0xA4, 0x95, 0x40, 0xB5, + 0x08, 0x92, 0x29, 0xD8, 0x83, 0xA8, 0x42, 0xB2, + 0x69, 0xC2, 0x00, 0x8B, 0xAE, 0x80, 0x00, 0x4F, + 0x3D, 0xDD, 0xFB, 0xDB, 0x9A, 0xD8, 0x0F, 0xFF, + 0xBC, 0x21, 0xD5, 0xE6, 0x04, 0x9C, 0xDD, 0x3B, + 0x2D, 0x16, 0x4B, 0xC7, 0x3D, 0xBE, 0xDE, 0xBB, + 0x6F, 0xF4, 0x8A, 0x31, 0xCD, 0x23, 0x19, 0xC2, + 0x3C, 0xE1, 0xE2, 0xEE, 0xE4, 0xE7, 0x2E, 0xFC, + 0x5C, 0xDD, 0xAD, 0x0C, 0x9D, 0x98, 0xC5, 0x18, + 0x2A, 0x80, 0x21, 0x93, 0x61, 0xC4, 0x9A, 0x16, + 0xE8, 0x9B, 0xF7, 0x3B, 0x6D, 0x06, 0x91, 0x9E, + 0x71, 0x59, 0xBE, 0x8E, 0x65, 0x61, 0xB2, 0x69, + 0x9C, 0x82, 0x58, 0x0D, 0x63, 0x7A, 0x1F, 0x2A, + 0x1C, 0x2C, 0x92, 0x8C, 0x8D, 0xCA, 0x2B, 0x45, + 0x24, 0x79, 0xDB, 0x7F, 0x1D, 0x2F, 0xAB, 0x88, + 0x8C, 0x1D, 0xE3, 0x15, 0x8F, 0xCD, 0x46, 0x8C, + 0x45, 0x20, 0x88, 0x1C, 0x17, 0xE0, 0xE5, 0x89, + 0xF4, 0x60, 0x56, 0x3C, 0x6B, 0x9F, 0x2A, 0xD9, + 0xD0, 0xAE, 0x3B, 0xB6, 0xC2, 0xB7, 0x58, 0xC6, + 0x6E, 0x09, 0x36, 0x21, 0x0B, 0xDD, 0xE9, 0x52, + 0x33, 0x27, 0x39, 0xC8, 0x51, 0x59, 0x69, 0x25, + 0xC6, 0x3D, 0x19, 0x5C, 0x5E, 0x74, 0xD0, 0x62, + 0xD9, 0x26, 0x90, 0xC7, 0x64, 0x92, 0xA8, 0x72, + 0xD1, 0x77, 0x1F, 0x78, 0xC5, 0x11, 0xBD, 0x5D, + 0x3C, 0x1B, 0x1F, 0x8B, 0x5B, 0xE4, 0x5D, 0xA1, + 0x27, 0x6D, 0x20, 0x24, 0x32, 0x53, 0xF3, 0xB0, + 0xE6, 0x71, 0x61, 0xCC, 0xFC, 0x4A, 0x06, 0xDA, + 0xBE, 0xD7, 0x9F, 0x2F, 0xEB, 0x44, 0xD0, 0x8A, + 0x7D, 0x8E, 0x82, 0xF5, 0x84, 0xCF, 0x8E, 0xE5, + 0x4B, 0xA4, 0x30, 0x77, 0xBD, 0x14, 0xB9, 0x75, + 0x02, 0x68, 0xDF, 0x71, 0x89, 0x81, 0xF2, 0x95, + 0xC3, 0x67, 0x6E, 0x37, 0xE4, 0xD0, 0xC9, 0x1E, + 0x02, 0xDE, 0x2D, 0x79, 0x99, 0xE8, 0x7D, 0x5C, + 0x99, 0xF2, 0x1A, 0xDE, 0x12, 0x9B, 0xD1, 0x83, + 0x9B, 0x01, 0xD3, 0xEB, 0x2B, 0x8E, 0x9C, 0xA5, + 0x19, 0xE8, 0x2E, 0xFE, 0x23, 0x6E, 0xAD, 0x8F, + 0x3C, 0xAF, 0xB9, 0xE6, 0xDB, 0x07, 0xA4, 0x31, + 0x02, 0x2B, 0x6A, 0xA0, 0xFB, 0x51, 0x6C, 0xD0, + 0x26, 0xD5, 0xAD, 0x29, 0x65, 0x10, 0xCE, 0xF8, + 0x84, 0x4D, 0x1E, 0x37, 0x92, 0xA2, 0xD1, 0xFA, + 0xF6, 0xC0, 0x36, 0x4C, 0x23, 0x3A, 0x42, 0xAA, + 0xB8, 0x0D, 0x4E, 0xD4, 0x40, 0x61, 0xD5, 0x36, + 0x62, 0x23, 0x7C, 0x1C, 0x5E, 0xEA, 0x16, 0xAD, + 0x4F, 0x30, 0xF9, 0x16, 0x99, 0xCE, 0xC5, 0x50, + 0xAC, 0x8F, 0x6F, 0x98, 0xD7, 0xE3, 0x89, 0x6E, + 0x3A, 0x12, 0xCE, 0xA7, 0xA4, 0x17, 0x74, 0xDC, + 0xDB, 0xFA, 0xFF, 0xF9, 0x35, 0xD7, 0xF5, 0x77, + 0x03, 0xF5, 0xBF, 0x81, 0x6C, 0x9F, 0x62, 0xA6, + 0x8A, 0x5B, 0xA3, 0xEF, 0x9D, 0xC3, 0xF6, 0x3A, + 0x6A, 0xC0, 0x42, 0x71, 0xAF, 0x90, 0xCA, 0x1D, + 0x86, 0x78, 0xD7, 0x2C, 0xFE, 0xB6, 0x99, 0x15, + 0x8C, 0x10, 0x42, 0x92, 0x2C, 0x05, 0x43, 0x92, + 0x69, 0x05, 0x8D, 0x9E, 0xBC, 0xAB, 0x8F, 0x28, + 0xAA, 0x4B, 0xFB, 0x25, 0xD9, 0xAD, 0x29, 0xFF, + 0x33, 0x65, 0x14, 0xC3, 0x75, 0x1F, 0xCF, 0xFC, + 0x20, 0x83, 0xBF, 0xB9, 0xA5, 0x4B, 0x7B, 0xD9, + 0x07, 0x5C, 0xA1, 0xD1, 0x5A, 0x3E, 0x94, 0xF8, + 0x03, 0xDE, 0xB8, 0x94, 0x11, 0x92, 0x80, 0x77, + 0x57, 0x45, 0x1E, 0x6B, 0xA5, 0x15, 0xDB, 0x48, + 0xB6, 0x9E, 0x02, 0xF1, 0x61, 0x4A, 0xAC, 0x1D, + 0x49, 0xBC, 0xA9, 0x3F, 0x03, 0x50, 0xAC, 0x02, + 0x8E, 0x84, 0xE0, 0x12, 0x37, 0x76, 0xBC, 0x4A, + 0xF9, 0xC6, 0x74, 0x36, 0xFC, 0x92, 0x1D, 0x59, + 0x0C, 0x04, 0xD2, 0x14, 0xB7, 0x11, 0xE9, 0xE2, + 0xFE, 0x0C, 0xE1, 0xDA, 0x8B, 0xCA, 0x10, 0xA1, + 0x60, 0xB6, 0x57, 0x51, 0x00, 0xD6, 0x5B, 0x55, + 0x09, 0x60, 0xE8, 0x00, 0x40, 0x45, 0x56, 0xBA, + 0x83, 0x1E, 0x36, 0x12, 0x59, 0x4B, 0x19, 0x00, + 0x53, 0xAE, 0x62, 0xA6, 0x29, 0x39, 0xED, 0x87, + 0x24, 0x37, 0x1E, 0x1B, 0xCF, 0x3F, 0x3A, 0x71, + 0x31, 0xB5, 0x50, 0x8D, 0x4B, 0x53, 0x53, 0x75, + 0x3F, 0x33, 0x39, 0x09, 0x2A, 0x78, 0xA8, 0x71, + 0x3E, 0x63, 0xC5, 0x61, 0x73, 0xB6, 0xE1, 0x71, + 0x16, 0xDA, 0x06, 0xBF, 0x3F, 0x22, 0x74, 0x89, + 0x08, 0xD2, 0x05, 0x0B, 0x16, 0xC8, 0xF0, 0x17, + 0x4E, 0xA2, 0x65, 0x67, 0x6D, 0x02) + }, + { + NTRU_EES743EP1, + chunk_from_chars( + 0x9B, 0xAB, 0x57, 0xDB, 0x2C, 0x60, 0x83, 0x48, + 0x9F, 0xC9, 0x70, 0x8F, 0x69, 0xF7, 0xB4, 0xBB, + 0x63, 0x5C, 0x9A, 0x63, 0x07, 0x80, 0x17, 0xD3, + 0xCD, 0xB1, 0x57, 0x79, 0xFE, 0x8D, 0x81, 0x70, + 0xEB, 0x50, 0xFA, 0x05, 0xFB, 0x97, 0xB2, 0xAB, + 0x25, 0xED, 0xD8, 0x18, 0x1C, 0xFE, 0x96, 0x7D), + chunk_from_chars( + 0x02, 0x03, 0x00, 0x06, 0x10, 0x14, 0x53, 0x73, + 0x56, 0xF5, 0xA9, 0x34, 0xDE, 0xA6, 0x4D, 0x46, + 0x05, 0x9E, 0x80, 0xAE, 0xB6, 0x74, 0x91, 0xFF, + 0xFB, 0x48, 0xD3, 0x5C, 0x61, 0x12, 0x46, 0x02, + 0x9F, 0x53, 0x45, 0x87, 0x47, 0xBD, 0x6B, 0x26, + 0xF7, 0x36, 0xD3, 0x99, 0x1B, 0xD7, 0xEA, 0xA3, + 0xA8, 0x94, 0xFF, 0x93, 0x46, 0x7C, 0x2C, 0x5F, + 0x87, 0x8C, 0x38, 0xB3, 0x7B, 0xC6, 0x49, 0xE2, + 0x88, 0xCA, 0x67, 0x89, 0xD0, 0x6D, 0x7C, 0xAE, + 0x7C, 0x98, 0x84, 0xDA, 0x6B, 0x93, 0x92, 0xEF, + 0x4A, 0xD1, 0x4A, 0xD2, 0x5B, 0x13, 0xF8, 0x59, + 0x15, 0x2E, 0xBC, 0x70, 0x8D, 0x2D, 0xA9, 0x47, + 0xA1, 0x99, 0x19, 0x3F, 0x67, 0xE8, 0x18, 0xA7, + 0x17, 0x07, 0xB3, 0x14, 0xF6, 0x20, 0xA1, 0xD8, + 0x33, 0xE8, 0x08, 0x6A, 0xC1, 0x39, 0x99, 0x08, + 0xB4, 0x88, 0xEB, 0x48, 0x7D, 0xFB, 0xF5, 0xEF, + 0x03, 0x0D, 0x25, 0xB7, 0x98, 0xF3, 0xF1, 0x15, + 0x63, 0xE4, 0x0F, 0xFD, 0x54, 0x9F, 0x56, 0xE9, + 0xD1, 0x44, 0xE5, 0x89, 0x66, 0x14, 0x91, 0x1C, + 0xFD, 0xD6, 0xFD, 0x38, 0xAE, 0x39, 0xE3, 0xF7, + 0xCD, 0x77, 0xC2, 0xEA, 0x2E, 0xE4, 0xB7, 0x2B, + 0xBA, 0x7A, 0xD1, 0x75, 0xB8, 0x28, 0x65, 0x18, + 0xF4, 0xC6, 0xBD, 0xD0, 0x17, 0x7E, 0xEA, 0x86, + 0x7E, 0xFC, 0x95, 0xD6, 0x4C, 0x92, 0x01, 0xC3, + 0xFF, 0x04, 0x9B, 0xF8, 0xD6, 0xB3, 0x8F, 0x72, + 0xEF, 0x64, 0x09, 0x61, 0xF8, 0xE4, 0x48, 0xFC, + 0x0D, 0xEE, 0xEF, 0xA2, 0x9F, 0x3A, 0x2B, 0x1A, + 0xFB, 0x8B, 0xA0, 0x9C, 0x11, 0x0B, 0x97, 0x75, + 0x30, 0x7C, 0xB8, 0x9F, 0xEE, 0x3B, 0x53, 0x85, + 0x7D, 0xE9, 0xCB, 0xC4, 0x4D, 0xD7, 0x7F, 0x59, + 0x10, 0x72, 0x19, 0x3A, 0xC9, 0x38, 0xFE, 0xE8, + 0xB3, 0x06, 0x55, 0x8D, 0xA2, 0x5A, 0x3D, 0x79, + 0x67, 0x0E, 0x90, 0xC9, 0x25, 0x6D, 0x45, 0x9C, + 0x39, 0x79, 0x5F, 0x18, 0x35, 0x9F, 0xC1, 0x49, + 0x08, 0x6F, 0x1C, 0x47, 0x09, 0x0D, 0x49, 0x7C, + 0x3C, 0x7B, 0xB1, 0x09, 0x92, 0x1C, 0x4E, 0x5A, + 0xDA, 0x74, 0x9E, 0xBB, 0x55, 0x9D, 0xBB, 0x1E, + 0x43, 0x28, 0x62, 0xAF, 0x02, 0xB0, 0x1A, 0xEA, + 0x13, 0x0A, 0x70, 0x0F, 0x60, 0x0F, 0x62, 0xA2, + 0x4E, 0x1F, 0xB2, 0xEA, 0x06, 0xDD, 0x18, 0x02, + 0x6C, 0xF3, 0x82, 0xF1, 0x80, 0x7F, 0xA7, 0x2F, + 0xCC, 0xC6, 0x18, 0xEA, 0xFF, 0x1F, 0xAD, 0xC6, + 0xBA, 0x0C, 0x0E, 0x04, 0xB2, 0x58, 0x1D, 0xB6, + 0x01, 0xA3, 0x97, 0xDF, 0x7D, 0x9B, 0xB5, 0x0A, + 0xAD, 0x30, 0x2B, 0xC5, 0x67, 0x40, 0x07, 0xF1, + 0xD5, 0x6C, 0x11, 0x10, 0xE1, 0x69, 0x30, 0xAD, + 0x90, 0x06, 0xDB, 0xF8, 0xEA, 0x92, 0x9B, 0x39, + 0x57, 0x38, 0x7B, 0xE4, 0xB2, 0xA2, 0x89, 0xFD, + 0xB1, 0x6D, 0x88, 0x41, 0x62, 0x4D, 0x18, 0xB6, + 0x3F, 0x12, 0x81, 0xDE, 0xE6, 0xDC, 0x4A, 0x31, + 0x61, 0x26, 0xB1, 0x4B, 0x95, 0xC1, 0x69, 0xDC, + 0xDC, 0xAC, 0xD0, 0x15, 0xFC, 0x21, 0xC5, 0x20, + 0x5F, 0x97, 0x76, 0x41, 0xC1, 0xF2, 0xD7, 0x95, + 0x1D, 0x25, 0x23, 0x36, 0x86, 0xFA, 0x7E, 0xF4, + 0x14, 0x9F, 0x9D, 0x9F, 0xB2, 0xBB, 0x25, 0x1D, + 0xD5, 0x7A, 0x6F, 0x9E, 0xF7, 0xEF, 0x9D, 0x63, + 0x1E, 0xD5, 0xDE, 0x6A, 0xE6, 0x46, 0x48, 0x1F, + 0xE1, 0x0C, 0x4D, 0x82, 0xC9, 0x19, 0x3B, 0x65, + 0xA4, 0x06, 0x13, 0xB7, 0x04, 0xB1, 0x62, 0xF7, + 0x08, 0xAE, 0xED, 0x42, 0x6D, 0xCC, 0x6C, 0xA6, + 0x06, 0x06, 0x41, 0x3E, 0x0C, 0x89, 0x4C, 0xBD, + 0x00, 0x4F, 0x0E, 0xA9, 0x72, 0x06, 0x21, 0x82, + 0xD2, 0xB6, 0x6C, 0xB0, 0xB0, 0x01, 0x5B, 0xDD, + 0x05, 0xCE, 0x71, 0x6E, 0x00, 0x58, 0xC7, 0xA6, + 0x5B, 0xF6, 0xFB, 0x6B, 0x62, 0xB1, 0xE8, 0x4D, + 0xAC, 0xC0, 0x6B, 0xF4, 0x40, 0x69, 0xEE, 0x0D, + 0xE7, 0x82, 0x61, 0x8D, 0x35, 0x01, 0x97, 0x4E, + 0xF2, 0xCC, 0xF5, 0x7F, 0xBF, 0xE4, 0xEC, 0x9C, + 0xC4, 0xD2, 0xD9, 0x65, 0x78, 0x98, 0xD8, 0xB0, + 0xFA, 0xA8, 0xFB, 0xB0, 0xCE, 0x22, 0x5D, 0x0B, + 0x27, 0xDF, 0x0E, 0x63, 0x42, 0xFE, 0x89, 0x13, + 0x99, 0xB2, 0x02, 0x0B, 0xF6, 0x04, 0xB6, 0xAF, + 0x9F, 0x8C, 0xA6, 0x17, 0x0D, 0xD9, 0x5B, 0x45, + 0xE4, 0x08, 0x53, 0x51, 0xE0, 0xD5, 0x22, 0x72, + 0xBE, 0xAD, 0x74, 0x69, 0xB9, 0xFB, 0x91, 0xF8, + 0xC1, 0x89, 0x28, 0x71, 0x27, 0x62, 0xB1, 0xF0, + 0xFD, 0x78, 0xBC, 0x82, 0xFE, 0x76, 0xBE, 0x7B, + 0x47, 0x79, 0x32, 0x71, 0xAD, 0xD6, 0x76, 0x46, + 0xFB, 0x32, 0xE8, 0x4B, 0x98, 0x9A, 0xC6, 0x85, + 0xF2, 0xF1, 0x8A, 0xEC, 0xC2, 0x4E, 0x9B, 0x2F, + 0x2D, 0x6F, 0xC9, 0x9B, 0xB6, 0x14, 0x35, 0x6D, + 0xD6, 0x5B, 0xF3, 0x02, 0x5A, 0xE5, 0xBD, 0x00, + 0xF7, 0x6E, 0x51, 0xA7, 0xDB, 0x19, 0xAE, 0x01, + 0x01, 0x05, 0x94, 0x23, 0xF7, 0x5B, 0x07, 0x79, + 0xFF, 0x39, 0x58, 0x9C, 0x2A, 0xF7, 0x7E, 0x5D, + 0x81, 0xF9, 0x59, 0xFE, 0xB9, 0x9A, 0x96, 0x63, + 0x1F, 0x65, 0xF6, 0xF0, 0x3D, 0xEA, 0xD7, 0xC2, + 0x8A, 0xCF, 0xB5, 0x58, 0x74, 0x77, 0x23, 0xD6, + 0x72, 0x58, 0xA8, 0xAE, 0x31, 0x8A, 0x59, 0xEA, + 0x69, 0x14, 0x6A, 0x20, 0x78, 0x79, 0x28, 0x5A, + 0xE1, 0x76, 0x6F, 0xA6, 0x1A, 0x9E, 0x47, 0xD2, + 0xAF, 0x63, 0xF8, 0x06, 0xF6, 0xD8, 0xD5, 0x14, + 0xA8, 0xD1, 0xEE, 0x96, 0xCE, 0xBB, 0x8E, 0x22, + 0x69, 0x2F, 0x52, 0x06, 0xB6, 0x6F, 0xC8, 0x99, + 0x96, 0xEA, 0xC6, 0x1D, 0x96, 0x4C, 0x69, 0x95, + 0xFE, 0x74, 0x04, 0x3C, 0x55, 0xD9, 0x5F, 0xE0, + 0x41, 0x21, 0x43, 0x21, 0x5A, 0x50, 0x5D, 0x8B, + 0xE8, 0xB2, 0x51, 0x1B, 0x7C, 0x63, 0x50, 0xAE, + 0x97, 0x4F, 0xBA, 0x7D, 0xF2, 0xB6, 0xB6, 0x16, + 0x1D, 0x47, 0x9E, 0x19, 0x68, 0xD4, 0x6B, 0x2B, + 0x75, 0xCD, 0xAE, 0x65, 0x33, 0x38, 0xF6, 0x6D, + 0xC7, 0x3E, 0x46, 0x98, 0x9E, 0x98, 0x8B, 0x45, + 0x11, 0xA7, 0x12, 0x05, 0xB0, 0x01, 0xC3, 0x51, + 0xA0, 0xEE, 0x7C, 0x16, 0xD1, 0x42, 0x96, 0xC4, + 0xF0, 0x7B, 0x71, 0xCD, 0x50, 0x38, 0xA4, 0xB0, + 0x6E, 0x6F, 0xE0, 0xBD, 0xC4, 0xF7, 0x96, 0x2B, + 0xF1, 0x6D, 0x9F, 0xF3, 0x71, 0x89, 0xFA, 0xB4, + 0x44, 0xA4, 0x32, 0xDC, 0xB2, 0x55, 0x13, 0x31, + 0x83, 0x29, 0x66, 0x21, 0x3E, 0x89, 0xF8, 0x78, + 0x97, 0x9C, 0x64, 0xF9, 0x2C, 0x0A, 0x88, 0xBC, + 0xCA, 0x6F, 0x83, 0x42, 0xF6, 0xD7, 0x00, 0xC4, + 0x19, 0x52, 0xB0, 0x31, 0xA8, 0xBA, 0xE8, 0xD4, + 0xAD, 0x4B, 0x5D, 0xC0, 0x01, 0x20, 0x6C, 0xBB, + 0x1D, 0x9A, 0x1D, 0xD4, 0x19, 0xFD, 0x33, 0xAB, + 0xA0, 0x54, 0x50, 0x91, 0xE9, 0x75, 0x5C, 0x7E, + 0x7E, 0xB3, 0x24, 0x79, 0xAE, 0x10, 0x3C, 0xB4, + 0xB7, 0x0A, 0x1D, 0x86, 0xAD, 0x06, 0x95, 0xCB, + 0x84, 0x9B, 0x0E, 0x8B, 0x77, 0x7E, 0x3E, 0xD2, + 0xA6, 0xDF, 0xAD, 0x4E, 0xFB, 0x69, 0x23, 0xAC, + 0x7A, 0xCB, 0xAA, 0xB0, 0x22, 0xDD, 0xD2, 0xC6, + 0xC7, 0xAD, 0xD7, 0xDE, 0xEC, 0x6F, 0x08, 0x41, + 0x54, 0xD5, 0x52, 0xDC, 0x77, 0xE4, 0x72, 0xF9, + 0x16, 0xB1, 0xC9, 0xAF, 0xB1, 0x3B, 0x18, 0x99, + 0x20, 0x9F, 0x79, 0x63, 0x7B, 0x07, 0xC7, 0x35, + 0xDF, 0xBB, 0xCE, 0x66, 0x93, 0x1B, 0xF5, 0x82, + 0x25, 0x67, 0xC1, 0xF2, 0xF0, 0x89, 0x0F, 0xEF, + 0x84, 0x0D, 0x63, 0xB6, 0x7B, 0xD0, 0x40, 0x8E, + 0xDB, 0x94, 0xCC, 0x71, 0x3C, 0xDB, 0x36, 0x14, + 0x34, 0xFD, 0xA0, 0xB0, 0xC1, 0x45, 0x31, 0xF8, + 0x8D, 0xD8, 0x23, 0xB1, 0x05, 0x14, 0xA9, 0x55, + 0x3A, 0x1A, 0x37, 0x48, 0x68, 0x89, 0x3F, 0x15, + 0x25, 0xD4, 0x99, 0x53, 0x4C, 0x85, 0x98, 0x78, + 0x1D, 0x35, 0x4A, 0x83, 0x79, 0x9A, 0x29, 0x90, + 0x2B, 0x45, 0x76, 0x0C, 0x13, 0x80, 0x4A, 0xE0, + 0x40, 0xED, 0x6B, 0x2E, 0x2A, 0x43, 0xA9, 0x28, + 0xB0, 0x2F, 0x89, 0x01, 0x6B, 0x39, 0x8C, 0x5E, + 0x80, 0x61, 0xD9, 0xEE, 0x0F, 0x41, 0x75, 0xB5, + 0xAE, 0xB6, 0xC2, 0x42, 0x49, 0x8D, 0x89, 0xD8, + 0xF4, 0x78, 0x1D, 0x90, 0x46, 0x26, 0x4C, 0x56, + 0xB7, 0xC0, 0xD9, 0x98, 0x7B, 0x07, 0xA1, 0x20) + } +}; + +START_TEST(test_ntru_privkey) +{ + rng_t *entropy; + ntru_drbg_t *drbg; + ntru_private_key_t *privkey; + ntru_public_key_t *pubkey; + ntru_param_set_t *params; + uint32_t strength; + chunk_t encoding, privkey_encoding, pubkey_encoding; + + params = TEST_FUNCTION(ntru, ntru_param_set_get_by_id, + privkey_tests[_i].id); + strength = params->sec_strength_len * BITS_PER_BYTE; + entropy = test_rng_create(privkey_tests[_i].entropy); + drbg = TEST_FUNCTION(ntru, ntru_drbg_create, strength, + chunk_from_str("IKE NTRU-KE"), entropy); + ck_assert(drbg != NULL); + + privkey = TEST_FUNCTION(ntru, ntru_private_key_create, drbg, params); + ck_assert(privkey); + ck_assert(privkey->get_id(privkey) == privkey_tests[_i].id); + + privkey_encoding = privkey->get_encoding(privkey); + encoding = privkey_tests[_i].encoding; + ck_assert(chunk_equals(privkey_encoding, encoding)); + + /* load private key as a packed blob */ + privkey->destroy(privkey); + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, chunk_empty); + ck_assert(privkey == NULL); + + encoding = chunk_clone(encoding); + encoding.ptr[0] = NTRU_PUBKEY_TAG; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + ck_assert(privkey == NULL); + + encoding.ptr[0] = NTRU_PRIVKEY_TRITS_TAG; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + if (params->is_product_form) + { + ck_assert(privkey == NULL); + } + else + { + ck_assert(privkey != NULL); + privkey->destroy(privkey); + } + + encoding.ptr[0] = NTRU_PRIVKEY_INDICES_TAG; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + if (params->is_product_form) + { + ck_assert(privkey != NULL); + privkey->destroy(privkey); + } + else + { + ck_assert(privkey == NULL); + } + + encoding.ptr[0] = NTRU_PRIVKEY_DEFAULT_TAG; + encoding.ptr[1] = NTRU_OID_LEN - 1; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + ck_assert(privkey == NULL); + + encoding.ptr[1] = NTRU_OID_LEN; + encoding.ptr[2] = 0xff; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + ck_assert(privkey == NULL); + + encoding.ptr[2] = params->oid[0]; + privkey = TEST_FUNCTION(ntru, ntru_private_key_create_from_data, + drbg, encoding); + privkey_encoding = privkey->get_encoding(privkey); + ck_assert(chunk_equals(privkey_encoding, encoding)); + + pubkey = privkey->get_public_key(privkey); + pubkey_encoding = pubkey->get_encoding(pubkey); + + encoding.ptr[0] = NTRU_PUBKEY_TAG; + encoding.len = pubkey_encoding.len; + ck_assert(chunk_equals(pubkey_encoding, encoding)); + + /* load public key as a packed blob */ + pubkey->destroy(pubkey); + pubkey = TEST_FUNCTION(ntru, ntru_public_key_create_from_data, + drbg, encoding); + pubkey_encoding = pubkey->get_encoding(pubkey); + ck_assert(chunk_equals(pubkey_encoding, encoding)); + + chunk_free(&encoding); + privkey->destroy(privkey); + pubkey->destroy(pubkey); + drbg->destroy(drbg); + entropy->destroy(entropy); +} +END_TEST + START_TEST(test_ntru_ke) { chunk_t pub_key, cipher_text, i_shared_secret, r_shared_secret; diffie_hellman_t *i_ntru, *r_ntru; char buf[10]; - int n, len; + int k, n, len; status_t status; + k = (_i) / countof(parameter_sets); + n = (_i) % countof(parameter_sets); + len = snprintf(buf, sizeof(buf), "%N", diffie_hellman_group_names, - params[_i].group); + params[k].group); ck_assert(len == 8); - ck_assert(streq(buf, params[_i].group_name)); - - for (n = 0; n < countof(parameter_sets); n++) - { - lib->settings->set_str(lib->settings, - "libstrongswan.plugins.ntru.parameter_set", - parameter_sets[n]); + ck_assert(streq(buf, params[k].group_name)); - i_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group); - ck_assert(i_ntru != NULL); - ck_assert(i_ntru->get_dh_group(i_ntru) == params[_i].group); + lib->settings->set_str(lib->settings, + "libstrongswan.plugins.ntru.parameter_set", parameter_sets[n]); - i_ntru->get_my_public_value(i_ntru, &pub_key); - ck_assert(pub_key.len > 0); + i_ntru = lib->crypto->create_dh(lib->crypto, params[k].group); + ck_assert(i_ntru != NULL); + ck_assert(i_ntru->get_dh_group(i_ntru) == params[k].group); - r_ntru = lib->crypto->create_dh(lib->crypto, params[_i].group); - ck_assert(r_ntru != NULL); + i_ntru->get_my_public_value(i_ntru, &pub_key); + ck_assert(pub_key.len > 0); - r_ntru->set_other_public_value(r_ntru, pub_key); - r_ntru->get_my_public_value(r_ntru, &cipher_text); - ck_assert(cipher_text.len > 0); + r_ntru = lib->crypto->create_dh(lib->crypto, params[k].group); + ck_assert(r_ntru != NULL); - status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret); - ck_assert(status == SUCCESS); - ck_assert(r_shared_secret.len > 0); + r_ntru->set_other_public_value(r_ntru, pub_key); + r_ntru->get_my_public_value(r_ntru, &cipher_text); + ck_assert(cipher_text.len > 0); - i_ntru->set_other_public_value(i_ntru, cipher_text); - status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret); + status = r_ntru->get_shared_secret(r_ntru, &r_shared_secret); + ck_assert(status == SUCCESS); + ck_assert(r_shared_secret.len > 0); - if (status == SUCCESS) - { - ck_assert(chunk_equals(i_shared_secret, r_shared_secret)); - } - else - { - ck_assert(i_shared_secret.len == 0); - } + i_ntru->set_other_public_value(i_ntru, cipher_text); + status = i_ntru->get_shared_secret(i_ntru, &i_shared_secret); + ck_assert(status == SUCCESS); + ck_assert(chunk_equals(i_shared_secret, r_shared_secret)); - chunk_clear(&i_shared_secret); - chunk_clear(&r_shared_secret); - chunk_free(&pub_key); - chunk_free(&cipher_text); - i_ntru->destroy(i_ntru); - r_ntru->destroy(r_ntru); - } + chunk_clear(&i_shared_secret); + chunk_clear(&r_shared_secret); + chunk_free(&pub_key); + chunk_free(&cipher_text); + i_ntru->destroy(i_ntru); + r_ntru->destroy(r_ntru); } END_TEST @@ -1015,8 +1390,17 @@ Suite *ntru_suite_create() tcase_add_loop_test(tc, test_ntru_array, 0, countof(array_tests)); suite_add_tcase(s, tc); + tc = tcase_create("param_set"); + tcase_add_test(tc, test_ntru_param_set); + suite_add_tcase(s, tc); + + tc = tcase_create("privkey"); + tcase_add_loop_test(tc, test_ntru_privkey, 0, countof(privkey_tests)); + suite_add_tcase(s, tc); + tc = tcase_create("ke"); - tcase_add_loop_test(tc, test_ntru_ke, 0, countof(params)); + tcase_add_loop_test(tc, test_ntru_ke, 0, + countof(params) * countof(parameter_sets)); suite_add_tcase(s, tc); tc = tcase_create("retransmission"); diff --git a/src/libstrongswan/tests/suites/test_vectors.c b/src/libstrongswan/tests/suites/test_vectors.c index 242ac9d09..a1205d0be 100644 --- a/src/libstrongswan/tests/suites/test_vectors.c +++ b/src/libstrongswan/tests/suites/test_vectors.c @@ -1,4 +1,7 @@ /* + * Copyright (C) 2014 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * * Copyright (C) 2013 Martin Willi * Copyright (C) 2013 revosec AG * @@ -15,13 +18,15 @@ #include "test_suite.h" -/******************************************************************************* - * Check if test vectors have been successful during transform registration - */ +#include <utils/test.h> + +IMPORT_FUNCTION_FOR_TESTS(crypto, verify_registered_algorithms, u_int, + crypto_factory_t *factory); START_TEST(test_vectors) { - u_int failed = lib->crypto->get_test_vector_failures(lib->crypto); + u_int failed = TEST_FUNCTION(crypto, verify_registered_algorithms, + lib->crypto); fail_if(failed > 0, "%u test vectors failed", failed); } END_TEST diff --git a/src/libstrongswan/tests/test_runner.c b/src/libstrongswan/tests/test_runner.c index 0b26ee128..5ec4198e7 100644 --- a/src/libstrongswan/tests/test_runner.c +++ b/src/libstrongswan/tests/test_runner.c @@ -22,6 +22,7 @@ #include <collections/array.h> #include <utils/test.h> +#include <stdlib.h> #include <dirent.h> #include <unistd.h> #include <limits.h> @@ -32,31 +33,85 @@ #define TTY(color) tty_escape_get(2, TTY_FG_##color) /** - * Initialize the lookup table for testable functions (defined in libstrongswan) + * Initialize the lookup table for testable functions (defined in + * libstrongswan). We don't use the constructor attribute as the order can't + * really be defined (clang does not support it and gcc does not adhere to it in + * the monolithic build). The function here is a weak symbol in libstrongswan. */ -static void testable_functions_create() __attribute__ ((constructor(1000))); -static void testable_functions_create() +void testable_functions_create() { - testable_functions = hashtable_create(hashtable_hash_str, - hashtable_equals_str, 8); + if (!testable_functions) + { + testable_functions = hashtable_create(hashtable_hash_str, + hashtable_equals_str, 8); + } } /** * Destroy the lookup table for testable functions */ -static void testable_functions_destroy() __attribute__ ((destructor(1000))); +static void testable_functions_destroy() __attribute__ ((destructor)); static void testable_functions_destroy() { - testable_functions->destroy(testable_functions); + DESTROY_IF(testable_functions); /* if leak detective is enabled plugins are not actually unloaded, which * means their destructor is called AFTER this one when the process - * terminates, even though the priority says differently, make sure this - * does not crash */ + * terminates, make sure this does not crash */ testable_functions = NULL; } /** - * Load all available test suites + * Destroy a single test suite and associated data + */ +static void destroy_suite(test_suite_t *suite) +{ + test_case_t *tcase; + + while (array_remove(suite->tcases, 0, &tcase)) + { + array_destroy(tcase->functions); + array_destroy(tcase->fixtures); + } + free(suite); +} + +/** + * Removes and destroys test suites that are not selected. + */ +static void filter_suites(array_t *loaded) +{ + enumerator_t *enumerator, *names; + hashtable_t *selected; + test_suite_t *suite; + char *suites, *name; + + suites = getenv("TESTS_SUITES"); + if (!suites) + { + return; + } + selected = hashtable_create(hashtable_hash_str, hashtable_equals_str, 8); + names = enumerator_create_token(suites, ",", " "); + while (names->enumerate(names, &name)) + { + selected->put(selected, name, name); + } + enumerator = array_create_enumerator(loaded); + while (enumerator->enumerate(enumerator, &suite)) + { + if (!selected->get(selected, suite->name)) + { + array_remove_at(loaded, enumerator); + destroy_suite(suite); + } + } + enumerator->destroy(enumerator); + selected->destroy(selected); + names->destroy(names); +} + +/** + * Load all available test suites, or optionally only selected ones. */ static array_t *load_suites(test_configuration_t configs[], test_runner_init_t init) @@ -91,6 +146,7 @@ static array_t *load_suites(test_configuration_t configs[], array_insert(suites, -1, configs[i].suite()); } } + filter_suites(suites); if (lib->leak_detective) { @@ -112,16 +168,10 @@ static array_t *load_suites(test_configuration_t configs[], static void unload_suites(array_t *suites) { test_suite_t *suite; - test_case_t *tcase; while (array_remove(suites, 0, &suite)) { - while (array_remove(suite->tcases, 0, &tcase)) - { - array_destroy(tcase->functions); - array_destroy(tcase->fixtures); - } - free(suite); + destroy_suite(suite); } array_destroy(suites); } @@ -178,6 +228,9 @@ static bool call_fixture(test_case_t *tcase, bool up) */ static bool pre_test(test_runner_init_t init) { + level_t level = LEVEL_SILENT; + char *verbosity; + library_init(NULL, "test-runner"); /* use non-blocking RNG to generate keys fast */ @@ -185,6 +238,9 @@ static bool pre_test(test_runner_init_t init) "libstrongswan.plugins.random.random", lib->settings->get_str(lib->settings, "libstrongswan.plugins.random.urandom", "/dev/urandom")); + /* same for the gcrypt plugin */ + lib->settings->set_default_str(lib->settings, + "libstrongswan.plugins.gcrypt.quick_random", "yes"); if (lib->leak_detective) { @@ -197,7 +253,12 @@ static bool pre_test(test_runner_init_t init) library_deinit(); return FALSE; } - dbg_default_set_level(LEVEL_SILENT); + verbosity = getenv("TESTS_VERBOSITY"); + if (verbosity) + { + level = atoi(verbosity); + } + dbg_default_set_level(level); return TRUE; } @@ -254,7 +315,7 @@ static void sum_leaks(report_data_t *data, int count, size_t bytes, * Do library cleanup and optionally check for memory leaks */ static bool post_test(test_runner_init_t init, bool check_leaks, - array_t *failures, char *name, int i) + array_t *failures, char *name, int i, int *leaks) { report_data_t data = { .failures = failures, @@ -264,7 +325,15 @@ static bool post_test(test_runner_init_t init, bool check_leaks, if (init) { - init(FALSE); + if (test_restore_point()) + { + init(FALSE); + } + else + { + library_deinit(); + return FALSE; + } } if (check_leaks && lib->leak_detective) { @@ -274,7 +343,8 @@ static bool post_test(test_runner_init_t init, bool check_leaks, } library_deinit(); - return data.leaks != 0; + *leaks = data.leaks; + return TRUE; } /** @@ -346,7 +416,8 @@ static bool run_case(test_case_t *tcase, test_runner_init_t init) { if (pre_test(init)) { - bool ok = FALSE, leaks = FALSE; + bool ok = FALSE; + int leaks = 0; test_setup_timeout(tcase->timeout); @@ -363,9 +434,11 @@ static bool run_case(test_case_t *tcase, test_runner_init_t init) { call_fixture(tcase, FALSE); } - } - leaks = post_test(init, ok, failures, tfun->name, i); + if (!post_test(init, ok, failures, tfun->name, i, &leaks)) + { + ok = FALSE; + } test_setup_timeout(0); diff --git a/src/libstrongswan/tests/test_suite.c b/src/libstrongswan/tests/test_suite.c index 0f2e74b7c..fb40b05c1 100644 --- a/src/libstrongswan/tests/test_suite.c +++ b/src/libstrongswan/tests/test_suite.c @@ -136,7 +136,8 @@ static inline void test_failure() else { pthread_kill(main_thread, SIGUSR1); - /* how can we stop just the thread? longjmp to a restore point? */ + /* terminate thread to prevent it from going wild */ + pthread_exit(NULL); } } diff --git a/src/libstrongswan/threading/thread.c b/src/libstrongswan/threading/thread.c index eb167d6a4..0adfb31d0 100644 --- a/src/libstrongswan/threading/thread.c +++ b/src/libstrongswan/threading/thread.c @@ -496,6 +496,8 @@ void threads_deinit() dummy1->destroy(dummy1); main_thread->mutex->lock(main_thread->mutex); + main_thread->terminated = TRUE; + main_thread->detached_or_joined = TRUE; thread_destroy(main_thread); current_thread->destroy(current_thread); id_mutex->destroy(id_mutex); diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c index 82eadcb97..af29e2100 100644 --- a/src/libstrongswan/utils/leak_detective.c +++ b/src/libstrongswan/utils/leak_detective.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Tobias Brunner + * Copyright (C) 2013-2014 Tobias Brunner * Copyright (C) 2006-2013 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -973,17 +973,20 @@ leak_detective_t *leak_detective_create() }, ); + if (getenv("LEAK_DETECTIVE_DISABLE") != NULL) + { + free(this); + return NULL; + } + lock = spinlock_create(); thread_disabled = thread_value_create(NULL); init_static_allocations(); - if (getenv("LEAK_DETECTIVE_DISABLE") == NULL) + if (register_hooks()) { - if (register_hooks()) - { - enable_leak_detective(); - } + enable_leak_detective(); } return &this->public; } diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h index 3fd0b8c93..ca70067d4 100644 --- a/src/libstrongswan/utils/leak_detective.h +++ b/src/libstrongswan/utils/leak_detective.h @@ -50,9 +50,7 @@ typedef void (*leak_detective_summary_cb_t)(void* user, int count, size_t bytes, int whitelisted); /** - * Leak detective finds leaks and bad frees using malloc hooks. - * - * Currently leaks are reported to stderr on destruction. + * Leak detective finds leaks and invalid frees using malloc hooks. * * @todo Build an API for leak detective, allowing leak enumeration, statistics * and dynamic whitelisting. @@ -62,13 +60,12 @@ struct leak_detective_t { /** * Report leaks to the registered callback functions. * - * @param detailed TRUE to resolve line/filename of leak (slow) + * @param detailed TRUE to resolve line/filename of leaks (slow) */ void (*report)(leak_detective_t *this, bool detailed); /** - * Report current memory usage to out. - * Set callback functions invoked during a report(). + * Set callback functions invoked when report() is called. * * @param cb callback invoked for each detected leak * @param scb summary callback invoked at end of report @@ -78,11 +75,11 @@ struct leak_detective_t { leak_detective_summary_cb_t scb, void *user); /** - * Report current memory usage using a callbacks. + * Report current memory usage using callback functions. * * @param cb callback invoked for each allocation * @param scb summary callback invoked at end of usage report - * @param user user data supplied to callbacks + * @param user user data to supply to callbacks */ void (*usage)(leak_detective_t *this, leak_detective_report_cb_t cb, leak_detective_summary_cb_t scb, void *user); @@ -109,7 +106,10 @@ struct leak_detective_t { }; /** - * Create a leak_detective instance. + * Create a leak_detective instance, unless the LEAK_DETECTIVE_DISABLE + * environment variable is set. + * + * @return leak detective instance */ leak_detective_t *leak_detective_create(); diff --git a/src/libstrongswan/utils/settings.c b/src/libstrongswan/utils/settings.c index 490490a1e..cf34fd1cf 100644 --- a/src/libstrongswan/utils/settings.c +++ b/src/libstrongswan/utils/settings.c @@ -1224,7 +1224,16 @@ static bool parse_file(linked_list_t *contents, char *file, int level, { if (errno == ENOENT) { - DBG2(DBG_LIB, "'%s' does not exist, ignored", file); +#ifdef STRONGSWAN_CONF + if (streq(file, STRONGSWAN_CONF)) + { + DBG2(DBG_LIB, "'%s' does not exist, ignored", file); + } + else +#endif + { + DBG1(DBG_LIB, "'%s' does not exist, ignored", file); + } return TRUE; } DBG1(DBG_LIB, "failed to stat '%s': %s", file, strerror(errno)); @@ -1244,8 +1253,8 @@ static bool parse_file(linked_list_t *contents, char *file, int level, fseek(fd, 0, SEEK_END); len = ftell(fd); rewind(fd); - text = malloc(len + 1); - text[len] = '\0'; + text = malloc(len + 2); + text[len] = text[len + 1] = '\0'; if (fread(text, 1, len, fd) != len) { free(text); @@ -1287,7 +1296,7 @@ static bool parse_files(linked_list_t *contents, char *file, int level, if (!strlen(pattern)) { - DBG2(DBG_LIB, "empty include pattern, ignored"); + DBG1(DBG_LIB, "empty include pattern, ignored"); return TRUE; } @@ -1318,7 +1327,7 @@ static bool parse_files(linked_list_t *contents, char *file, int level, status = glob(pat, GLOB_ERR, NULL, &buf); if (status == GLOB_NOMATCH) { - DBG2(DBG_LIB, "no files found matching '%s', ignored", pat); + DBG1(DBG_LIB, "no files found matching '%s', ignored", pat); } else if (status != 0) { @@ -1509,4 +1518,3 @@ settings_t *settings_create(char *file) return &this->public; } - diff --git a/src/libstrongswan/utils/test.c b/src/libstrongswan/utils/test.c index 7de5a7661..624ac4b34 100644 --- a/src/libstrongswan/utils/test.c +++ b/src/libstrongswan/utils/test.c @@ -22,29 +22,46 @@ */ hashtable_t *testable_functions; +/** + * The function that actually initializes the hash table above. Provided + * by the test runner. + */ +void testable_functions_create() __attribute__((weak)); + /* * Described in header. */ void testable_function_register(char *name, void *fn) { - if (testable_functions) + bool old = FALSE; + + if (!testable_functions_create) + { /* not linked to the test runner */ + return; + } + else if (!fn && !testable_functions) + { /* ignore as testable_functions has already been destroyed */ + return; + } + + if (lib && lib->leak_detective) + { + old = lib->leak_detective->set_state(lib->leak_detective, FALSE); + } + if (!testable_functions) + { + testable_functions_create(); + } + if (fn) + { + testable_functions->put(testable_functions, name, fn); + } + else + { + testable_functions->remove(testable_functions, name); + } + if (lib && lib->leak_detective) { - bool old = FALSE; - if (lib->leak_detective) - { - old = lib->leak_detective->set_state(lib->leak_detective, FALSE); - } - if (fn) - { - testable_functions->put(testable_functions, name, fn); - } - else - { - testable_functions->remove(testable_functions, name); - } - if (lib->leak_detective) - { - lib->leak_detective->set_state(lib->leak_detective, old); - } + lib->leak_detective->set_state(lib->leak_detective, old); } } diff --git a/src/libstrongswan/utils/test.h b/src/libstrongswan/utils/test.h index 5b7289244..a1b2a2d9b 100644 --- a/src/libstrongswan/utils/test.h +++ b/src/libstrongswan/utils/test.h @@ -51,7 +51,7 @@ void testable_function_register(char *name, void *fn); * @param fn function to register */ #define EXPORT_FUNCTION_FOR_TESTS(ns, fn) \ -static void testable_function_register_##fn() __attribute__ ((constructor(2000))); \ +static void testable_function_register_##fn() __attribute__ ((constructor)); \ static void testable_function_register_##fn() \ { \ testable_function_register(#ns "/" #fn, fn); \ @@ -65,32 +65,32 @@ static void testable_function_unregister_##fn() \ /** * Import a registered function so that it can be called from tests. * - * @note If the imported function is static (or no conflicting header files - * are included) ret can be prefixed with static to declare the function static. - * - * @note We allocate an arbitrary amount of stack space, hopefully enough for - * all arguments. - * * @param ns namespace of the function * @param name name of the function * @param ret return type of the function * @param ... arguments of the function */ #define IMPORT_FUNCTION_FOR_TESTS(ns, name, ret, ...) \ -ret name(__VA_ARGS__) \ -{ \ - void (*fn)() = NULL; \ +static ret (*TEST_##ns##name)(__VA_ARGS__); + +/** + * Call a registered function from tests. + * + * @param ns namespace of the function + * @param name name of the function + * @param ... arguments for the function + */ +#define TEST_FUNCTION(ns, name, ...) \ +({ \ if (testable_functions) \ { \ - fn = testable_functions->get(testable_functions, #ns "/" #name); \ + TEST_##ns##name = testable_functions->get(testable_functions, #ns "/" #name); \ } \ - if (fn) \ + if (!TEST_##ns##name) \ { \ - void *args = __builtin_apply_args(); \ - __builtin_return(__builtin_apply(fn, args, 16*sizeof(void*))); \ + test_fail_msg(__FILE__, __LINE__, "function " #name " (" #ns ") not found"); \ } \ - test_fail_msg(__FILE__, __LINE__, "function " #name " (" #ns ") not found"); \ - __builtin_return(NULL); \ -} + TEST_##ns##name(__VA_ARGS__); \ +}) #endif /** TEST_H_ @}*/ |