summaryrefslogtreecommitdiff
path: root/src/libstrongswan
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/Makefile.am69
-rw-r--r--src/libstrongswan/Makefile.in820
-rw-r--r--src/libstrongswan/asn1/asn1.c733
-rw-r--r--src/libstrongswan/asn1/asn1.h135
-rw-r--r--src/libstrongswan/asn1/oid.c197
-rw-r--r--src/libstrongswan/asn1/oid.h80
-rw-r--r--src/libstrongswan/asn1/oid.pl127
-rw-r--r--src/libstrongswan/asn1/oid.txt184
-rwxr-xr-xsrc/libstrongswan/asn1/pem.c366
-rwxr-xr-xsrc/libstrongswan/asn1/pem.h27
-rw-r--r--src/libstrongswan/asn1/ttodata.c378
-rw-r--r--src/libstrongswan/asn1/ttodata.h28
-rw-r--r--src/libstrongswan/chunk.c410
-rw-r--r--src/libstrongswan/chunk.h154
-rwxr-xr-xsrc/libstrongswan/credential_store.h294
-rw-r--r--src/libstrongswan/crypto/ca.c788
-rw-r--r--src/libstrongswan/crypto/ca.h215
-rw-r--r--src/libstrongswan/crypto/certinfo.c305
-rw-r--r--src/libstrongswan/crypto/certinfo.h203
-rwxr-xr-xsrc/libstrongswan/crypto/crl.c533
-rwxr-xr-xsrc/libstrongswan/crypto/crl.h147
-rw-r--r--src/libstrongswan/crypto/crypters/aes_cbc_crypter.c1620
-rw-r--r--src/libstrongswan/crypto/crypters/aes_cbc_crypter.h61
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.c68
-rw-r--r--src/libstrongswan/crypto/crypters/crypter.h155
-rw-r--r--src/libstrongswan/crypto/crypters/des_crypter.c1535
-rw-r--r--src/libstrongswan/crypto/crypters/des_crypter.h58
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.c612
-rw-r--r--src/libstrongswan/crypto/diffie_hellman.h147
-rw-r--r--src/libstrongswan/crypto/hashers/hasher.c65
-rw-r--r--src/libstrongswan/crypto/hashers/hasher.h159
-rw-r--r--src/libstrongswan/crypto/hashers/md5_hasher.c405
-rw-r--r--src/libstrongswan/crypto/hashers/md5_hasher.h60
-rw-r--r--src/libstrongswan/crypto/hashers/sha1_hasher.c280
-rw-r--r--src/libstrongswan/crypto/hashers/sha1_hasher.h60
-rw-r--r--src/libstrongswan/crypto/hashers/sha2_hasher.c672
-rw-r--r--src/libstrongswan/crypto/hashers/sha2_hasher.h62
-rw-r--r--src/libstrongswan/crypto/hmac.c215
-rw-r--r--src/libstrongswan/crypto/hmac.h117
-rw-r--r--src/libstrongswan/crypto/ocsp.c924
-rw-r--r--src/libstrongswan/crypto/ocsp.h86
-rw-r--r--src/libstrongswan/crypto/prf_plus.c156
-rw-r--r--src/libstrongswan/crypto/prf_plus.h92
-rw-r--r--src/libstrongswan/crypto/prfs/fips_prf.c258
-rw-r--r--src/libstrongswan/crypto/prfs/fips_prf.h80
-rw-r--r--src/libstrongswan/crypto/prfs/hmac_prf.c118
-rw-r--r--src/libstrongswan/crypto/prfs/hmac_prf.h65
-rw-r--r--src/libstrongswan/crypto/prfs/prf.c70
-rw-r--r--src/libstrongswan/crypto/prfs/prf.h142
-rw-r--r--src/libstrongswan/crypto/rsa/rsa_private_key.c774
-rw-r--r--src/libstrongswan/crypto/rsa/rsa_private_key.h184
-rw-r--r--src/libstrongswan/crypto/rsa/rsa_public_key.c497
-rw-r--r--src/libstrongswan/crypto/rsa/rsa_public_key.h164
-rw-r--r--src/libstrongswan/crypto/signers/hmac_signer.c174
-rw-r--r--src/libstrongswan/crypto/signers/hmac_signer.h68
-rw-r--r--src/libstrongswan/crypto/signers/signer.c65
-rw-r--r--src/libstrongswan/crypto/signers/signer.h147
-rwxr-xr-xsrc/libstrongswan/crypto/x509.c1354
-rwxr-xr-xsrc/libstrongswan/crypto/x509.h290
-rw-r--r--src/libstrongswan/debug.c41
-rw-r--r--src/libstrongswan/debug.h60
-rw-r--r--src/libstrongswan/enum.c73
-rw-r--r--src/libstrongswan/enum.h106
-rw-r--r--src/libstrongswan/library.c184
-rw-r--r--src/libstrongswan/library.h301
-rw-r--r--src/libstrongswan/printf_hook.c118
-rw-r--r--src/libstrongswan/printf_hook.h76
-rw-r--r--src/libstrongswan/utils/fetcher.c421
-rw-r--r--src/libstrongswan/utils/fetcher.h95
-rw-r--r--src/libstrongswan/utils/host.c526
-rw-r--r--src/libstrongswan/utils/host.h231
-rw-r--r--src/libstrongswan/utils/identification.c1144
-rw-r--r--src/libstrongswan/utils/identification.h261
-rw-r--r--src/libstrongswan/utils/iterator.h166
-rw-r--r--src/libstrongswan/utils/leak_detective.c459
-rw-r--r--src/libstrongswan/utils/leak_detective.h35
-rw-r--r--src/libstrongswan/utils/lexparser.c137
-rw-r--r--src/libstrongswan/utils/lexparser.h57
-rw-r--r--src/libstrongswan/utils/linked_list.c763
-rw-r--r--src/libstrongswan/utils/linked_list.h232
-rw-r--r--src/libstrongswan/utils/randomizer.c165
-rw-r--r--src/libstrongswan/utils/randomizer.h114
82 files changed, 24017 insertions, 0 deletions
diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
new file mode 100644
index 000000000..b103be193
--- /dev/null
+++ b/src/libstrongswan/Makefile.am
@@ -0,0 +1,69 @@
+lib_LTLIBRARIES = libstrongswan.la
+
+libstrongswan_la_SOURCES = \
+credential_store.h \
+library.c library.h \
+chunk.c chunk.h \
+debug.c debug.h \
+enum.c enum.h \
+printf_hook.c printf_hook.h \
+asn1/asn1.c asn1/asn1.h \
+asn1/oid.c asn1/oid.h \
+asn1/pem.c asn1/pem.h \
+asn1/ttodata.c asn1/ttodata.h \
+crypto/ca.c crypto/ca.h \
+crypto/certinfo.c crypto/certinfo.h \
+crypto/crl.c crypto/crl.h \
+crypto/crypters/crypter.c crypto/crypters/crypter.h \
+crypto/crypters/aes_cbc_crypter.c crypto/crypters/aes_cbc_crypter.h\
+crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h\
+crypto/diffie_hellman.c crypto/diffie_hellman.h \
+crypto/hashers/hasher.h crypto/hashers/hasher.c \
+crypto/hashers/sha1_hasher.c crypto/hashers/sha1_hasher.h \
+crypto/hashers/sha2_hasher.c crypto/hashers/sha2_hasher.h \
+crypto/hashers/md5_hasher.c crypto/hashers/md5_hasher.h \
+crypto/hmac.c crypto/hmac.h \
+crypto/ocsp.c crypto/ocsp.h \
+crypto/prfs/fips_prf.c crypto/prfs/fips_prf.h \
+crypto/prfs/hmac_prf.c crypto/prfs/hmac_prf.h \
+crypto/prfs/prf.c crypto/prfs/prf.h \
+crypto/prf_plus.h crypto/prf_plus.c \
+crypto/rsa/rsa_private_key.c crypto/rsa/rsa_private_key.h \
+crypto/rsa/rsa_public_key.h crypto/rsa/rsa_public_key.c \
+crypto/signers/hmac_signer.c crypto/signers/hmac_signer.h \
+crypto/signers/signer.c crypto/signers/signer.h \
+crypto/x509.c crypto/x509.h \
+utils/fetcher.c utils/fetcher.h \
+utils/host.c utils/host.h \
+utils/identification.c utils/identification.h \
+utils/iterator.h \
+utils/leak_detective.c utils/leak_detective.h \
+utils/lexparser.c utils/lexparser.h \
+utils/linked_list.c utils/linked_list.h \
+utils/randomizer.c utils/randomizer.h
+
+libstrongswan_la_LIBADD = -lgmp -lpthread
+
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+EXTRA_DIST = asn1/oid.txt asn1/oid.pl
+BUILT_SOURCES = asn1/oid.c asn1/oid.h
+MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h
+
+if USE_LEAK_DETECTIVE
+ libstrongswan_la_LIBADD += -ldl
+ AM_CFLAGS = -DLEAK_DETECTIVE
+endif
+
+if USE_LIBCURL
+ libstrongswan_la_LIBADD += -lcurl
+endif
+
+if USE_LIBLDAP
+ libstrongswan_la_LIBADD += -lldap -llber
+endif
+
+asn1/oid.c : asn1/oid.txt asn1/oid.pl
+ cd asn1 && $(PERL) oid.pl
+
+asn1/oid.h : asn1/oid.txt asn1/oid.pl
+ cd asn1 && $(PERL) oid.pl
diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in
new file mode 100644
index 000000000..e5c5c758e
--- /dev/null
+++ b/src/libstrongswan/Makefile.in
@@ -0,0 +1,820 @@
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+top_builddir = ../..
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+INSTALL = @INSTALL@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+@USE_LEAK_DETECTIVE_TRUE@am__append_1 = -ldl
+@USE_LIBCURL_TRUE@am__append_2 = -lcurl
+@USE_LIBLDAP_TRUE@am__append_3 = -lldap -llber
+subdir = src/libstrongswan
+DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_CLEAN_FILES =
+am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
+am__vpath_adj = case $$p in \
+ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
+ *) f=$$p;; \
+ esac;
+am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
+am__installdirs = "$(DESTDIR)$(libdir)"
+libLTLIBRARIES_INSTALL = $(INSTALL)
+LTLIBRARIES = $(lib_LTLIBRARIES)
+am__DEPENDENCIES_1 =
+libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1)
+am_libstrongswan_la_OBJECTS = library.lo chunk.lo debug.lo enum.lo \
+ printf_hook.lo asn1.lo oid.lo pem.lo ttodata.lo ca.lo \
+ certinfo.lo crl.lo crypter.lo aes_cbc_crypter.lo \
+ des_crypter.lo diffie_hellman.lo hasher.lo sha1_hasher.lo \
+ sha2_hasher.lo md5_hasher.lo hmac.lo ocsp.lo fips_prf.lo \
+ hmac_prf.lo prf.lo prf_plus.lo rsa_private_key.lo \
+ rsa_public_key.lo hmac_signer.lo signer.lo x509.lo fetcher.lo \
+ host.lo identification.lo leak_detective.lo lexparser.lo \
+ linked_list.lo randomizer.lo
+libstrongswan_la_OBJECTS = $(am_libstrongswan_la_OBJECTS)
+DEFAULT_INCLUDES = -I. -I$(srcdir)
+depcomp = $(SHELL) $(top_srcdir)/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
+ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \
+ $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
+ $(AM_LDFLAGS) $(LDFLAGS) -o $@
+SOURCES = $(libstrongswan_la_SOURCES)
+DIST_SOURCES = $(libstrongswan_la_SOURCES)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+AMDEP_FALSE = @AMDEP_FALSE@
+AMDEP_TRUE = @AMDEP_TRUE@
+AMTAR = @AMTAR@
+AR = @AR@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BUILD_EAP_SIM_FALSE = @BUILD_EAP_SIM_FALSE@
+BUILD_EAP_SIM_TRUE = @BUILD_EAP_SIM_TRUE@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+CXXDEPMODE = @CXXDEPMODE@
+CXXFLAGS = @CXXFLAGS@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+ECHO = @ECHO@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+EXEEXT = @EXEEXT@
+F77 = @F77@
+FFLAGS = @FFLAGS@
+GPERF = @GPERF@
+GREP = @GREP@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDFLAGS = @LDFLAGS@
+LEX = @LEX@
+LEXLIB = @LEXLIB@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+LIBOBJS = @LIBOBJS@
+LIBS = @LIBS@
+LIBTOOL = @LIBTOOL@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+RANLIB = @RANLIB@
+SET_MAKE = @SET_MAKE@
+SHELL = @SHELL@
+STRIP = @STRIP@
+USE_CISCO_QUIRKS_FALSE = @USE_CISCO_QUIRKS_FALSE@
+USE_CISCO_QUIRKS_TRUE = @USE_CISCO_QUIRKS_TRUE@
+USE_LEAK_DETECTIVE_FALSE = @USE_LEAK_DETECTIVE_FALSE@
+USE_LEAK_DETECTIVE_TRUE = @USE_LEAK_DETECTIVE_TRUE@
+USE_LIBCURL_FALSE = @USE_LIBCURL_FALSE@
+USE_LIBCURL_TRUE = @USE_LIBCURL_TRUE@
+USE_LIBLDAP_FALSE = @USE_LIBLDAP_FALSE@
+USE_LIBLDAP_TRUE = @USE_LIBLDAP_TRUE@
+USE_NAT_TRANSPORT_FALSE = @USE_NAT_TRANSPORT_FALSE@
+USE_NAT_TRANSPORT_TRUE = @USE_NAT_TRANSPORT_TRUE@
+USE_SMARTCARD_FALSE = @USE_SMARTCARD_FALSE@
+USE_SMARTCARD_TRUE = @USE_SMARTCARD_TRUE@
+USE_VENDORID_FALSE = @USE_VENDORID_FALSE@
+USE_VENDORID_TRUE = @USE_VENDORID_TRUE@
+VERSION = @VERSION@
+YACC = @YACC@
+YFLAGS = @YFLAGS@
+ac_ct_CC = @ac_ct_CC@
+ac_ct_CXX = @ac_ct_CXX@
+ac_ct_F77 = @ac_ct_F77@
+am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
+am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
+am__fastdepCXX_FALSE = @am__fastdepCXX_FALSE@
+am__fastdepCXX_TRUE = @am__fastdepCXX_TRUE@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+confdir = @confdir@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+eapdir = @eapdir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+ipsecdir = @ipsecdir@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+piddir = @piddir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+lib_LTLIBRARIES = libstrongswan.la
+libstrongswan_la_SOURCES = \
+credential_store.h \
+library.c library.h \
+chunk.c chunk.h \
+debug.c debug.h \
+enum.c enum.h \
+printf_hook.c printf_hook.h \
+asn1/asn1.c asn1/asn1.h \
+asn1/oid.c asn1/oid.h \
+asn1/pem.c asn1/pem.h \
+asn1/ttodata.c asn1/ttodata.h \
+crypto/ca.c crypto/ca.h \
+crypto/certinfo.c crypto/certinfo.h \
+crypto/crl.c crypto/crl.h \
+crypto/crypters/crypter.c crypto/crypters/crypter.h \
+crypto/crypters/aes_cbc_crypter.c crypto/crypters/aes_cbc_crypter.h\
+crypto/crypters/des_crypter.c crypto/crypters/des_crypter.h\
+crypto/diffie_hellman.c crypto/diffie_hellman.h \
+crypto/hashers/hasher.h crypto/hashers/hasher.c \
+crypto/hashers/sha1_hasher.c crypto/hashers/sha1_hasher.h \
+crypto/hashers/sha2_hasher.c crypto/hashers/sha2_hasher.h \
+crypto/hashers/md5_hasher.c crypto/hashers/md5_hasher.h \
+crypto/hmac.c crypto/hmac.h \
+crypto/ocsp.c crypto/ocsp.h \
+crypto/prfs/fips_prf.c crypto/prfs/fips_prf.h \
+crypto/prfs/hmac_prf.c crypto/prfs/hmac_prf.h \
+crypto/prfs/prf.c crypto/prfs/prf.h \
+crypto/prf_plus.h crypto/prf_plus.c \
+crypto/rsa/rsa_private_key.c crypto/rsa/rsa_private_key.h \
+crypto/rsa/rsa_public_key.h crypto/rsa/rsa_public_key.c \
+crypto/signers/hmac_signer.c crypto/signers/hmac_signer.h \
+crypto/signers/signer.c crypto/signers/signer.h \
+crypto/x509.c crypto/x509.h \
+utils/fetcher.c utils/fetcher.h \
+utils/host.c utils/host.h \
+utils/identification.c utils/identification.h \
+utils/iterator.h \
+utils/leak_detective.c utils/leak_detective.h \
+utils/lexparser.c utils/lexparser.h \
+utils/linked_list.c utils/linked_list.h \
+utils/randomizer.c utils/randomizer.h
+
+libstrongswan_la_LIBADD = -lgmp -lpthread $(am__append_1) \
+ $(am__append_2) $(am__append_3)
+INCLUDES = -I$(top_srcdir)/src/libstrongswan
+EXTRA_DIST = asn1/oid.txt asn1/oid.pl
+BUILT_SOURCES = asn1/oid.c asn1/oid.h
+MAINTAINERCLEANFILES = asn1/oid.c asn1/oid.h
+@USE_LEAK_DETECTIVE_TRUE@AM_CFLAGS = -DLEAK_DETECTIVE
+all: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .lo .o .obj
+$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --gnu src/libstrongswan/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ test -z "$(libdir)" || $(mkdir_p) "$(DESTDIR)$(libdir)"
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ f=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \
+ $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @set -x; list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ p=$(am__strip_dir) \
+ echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \
+ $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \
+ done
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \
+ test "$$dir" != "$$p" || dir=.; \
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
+libstrongswan.la: $(libstrongswan_la_OBJECTS) $(libstrongswan_la_DEPENDENCIES)
+ $(LINK) -rpath $(libdir) $(libstrongswan_la_LDFLAGS) $(libstrongswan_la_OBJECTS) $(libstrongswan_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes_cbc_crypter.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn1.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ca.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/certinfo.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chunk.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crl.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypter.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/debug.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/des_crypter.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/diffie_hellman.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/enum.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fetcher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_prf.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac_prf.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hmac_signer.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/host.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/identification.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/leak_detective.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lexparser.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/library.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linked_list.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oid.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pem.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/prf_plus.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/printf_hook.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/randomizer.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsa_private_key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rsa_public_key.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1_hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha2_hasher.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/signer.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ttodata.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/x509.Plo@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+
+.c.lo:
+@am__fastdepCC_TRUE@ if $(LTCOMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Plo"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $<
+
+asn1.lo: asn1/asn1.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT asn1.lo -MD -MP -MF "$(DEPDIR)/asn1.Tpo" -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/asn1.Tpo" "$(DEPDIR)/asn1.Plo"; else rm -f "$(DEPDIR)/asn1.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/asn1.c' object='asn1.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o asn1.lo `test -f 'asn1/asn1.c' || echo '$(srcdir)/'`asn1/asn1.c
+
+oid.lo: asn1/oid.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT oid.lo -MD -MP -MF "$(DEPDIR)/oid.Tpo" -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/oid.Tpo" "$(DEPDIR)/oid.Plo"; else rm -f "$(DEPDIR)/oid.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/oid.c' object='oid.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o oid.lo `test -f 'asn1/oid.c' || echo '$(srcdir)/'`asn1/oid.c
+
+pem.lo: asn1/pem.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT pem.lo -MD -MP -MF "$(DEPDIR)/pem.Tpo" -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/pem.Tpo" "$(DEPDIR)/pem.Plo"; else rm -f "$(DEPDIR)/pem.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/pem.c' object='pem.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o pem.lo `test -f 'asn1/pem.c' || echo '$(srcdir)/'`asn1/pem.c
+
+ttodata.lo: asn1/ttodata.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ttodata.lo -MD -MP -MF "$(DEPDIR)/ttodata.Tpo" -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ttodata.Tpo" "$(DEPDIR)/ttodata.Plo"; else rm -f "$(DEPDIR)/ttodata.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='asn1/ttodata.c' object='ttodata.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ttodata.lo `test -f 'asn1/ttodata.c' || echo '$(srcdir)/'`asn1/ttodata.c
+
+ca.lo: crypto/ca.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ca.lo -MD -MP -MF "$(DEPDIR)/ca.Tpo" -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ca.Tpo" "$(DEPDIR)/ca.Plo"; else rm -f "$(DEPDIR)/ca.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ca.c' object='ca.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ca.lo `test -f 'crypto/ca.c' || echo '$(srcdir)/'`crypto/ca.c
+
+certinfo.lo: crypto/certinfo.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT certinfo.lo -MD -MP -MF "$(DEPDIR)/certinfo.Tpo" -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/certinfo.Tpo" "$(DEPDIR)/certinfo.Plo"; else rm -f "$(DEPDIR)/certinfo.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/certinfo.c' object='certinfo.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o certinfo.lo `test -f 'crypto/certinfo.c' || echo '$(srcdir)/'`crypto/certinfo.c
+
+crl.lo: crypto/crl.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crl.lo -MD -MP -MF "$(DEPDIR)/crl.Tpo" -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/crl.Tpo" "$(DEPDIR)/crl.Plo"; else rm -f "$(DEPDIR)/crl.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crl.c' object='crl.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crl.lo `test -f 'crypto/crl.c' || echo '$(srcdir)/'`crypto/crl.c
+
+crypter.lo: crypto/crypters/crypter.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT crypter.lo -MD -MP -MF "$(DEPDIR)/crypter.Tpo" -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/crypter.Tpo" "$(DEPDIR)/crypter.Plo"; else rm -f "$(DEPDIR)/crypter.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/crypter.c' object='crypter.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o crypter.lo `test -f 'crypto/crypters/crypter.c' || echo '$(srcdir)/'`crypto/crypters/crypter.c
+
+aes_cbc_crypter.lo: crypto/crypters/aes_cbc_crypter.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc_crypter.lo -MD -MP -MF "$(DEPDIR)/aes_cbc_crypter.Tpo" -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/aes_cbc_crypter.Tpo" "$(DEPDIR)/aes_cbc_crypter.Plo"; else rm -f "$(DEPDIR)/aes_cbc_crypter.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/aes_cbc_crypter.c' object='aes_cbc_crypter.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc_crypter.lo `test -f 'crypto/crypters/aes_cbc_crypter.c' || echo '$(srcdir)/'`crypto/crypters/aes_cbc_crypter.c
+
+des_crypter.lo: crypto/crypters/des_crypter.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des_crypter.lo -MD -MP -MF "$(DEPDIR)/des_crypter.Tpo" -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/des_crypter.Tpo" "$(DEPDIR)/des_crypter.Plo"; else rm -f "$(DEPDIR)/des_crypter.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/crypters/des_crypter.c' object='des_crypter.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des_crypter.lo `test -f 'crypto/crypters/des_crypter.c' || echo '$(srcdir)/'`crypto/crypters/des_crypter.c
+
+diffie_hellman.lo: crypto/diffie_hellman.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT diffie_hellman.lo -MD -MP -MF "$(DEPDIR)/diffie_hellman.Tpo" -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/diffie_hellman.Tpo" "$(DEPDIR)/diffie_hellman.Plo"; else rm -f "$(DEPDIR)/diffie_hellman.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/diffie_hellman.c' object='diffie_hellman.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o diffie_hellman.lo `test -f 'crypto/diffie_hellman.c' || echo '$(srcdir)/'`crypto/diffie_hellman.c
+
+hasher.lo: crypto/hashers/hasher.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hasher.lo -MD -MP -MF "$(DEPDIR)/hasher.Tpo" -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hasher.Tpo" "$(DEPDIR)/hasher.Plo"; else rm -f "$(DEPDIR)/hasher.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/hasher.c' object='hasher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hasher.lo `test -f 'crypto/hashers/hasher.c' || echo '$(srcdir)/'`crypto/hashers/hasher.c
+
+sha1_hasher.lo: crypto/hashers/sha1_hasher.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha1_hasher.lo -MD -MP -MF "$(DEPDIR)/sha1_hasher.Tpo" -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha1_hasher.Tpo" "$(DEPDIR)/sha1_hasher.Plo"; else rm -f "$(DEPDIR)/sha1_hasher.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/sha1_hasher.c' object='sha1_hasher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha1_hasher.lo `test -f 'crypto/hashers/sha1_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha1_hasher.c
+
+sha2_hasher.lo: crypto/hashers/sha2_hasher.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2_hasher.lo -MD -MP -MF "$(DEPDIR)/sha2_hasher.Tpo" -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/sha2_hasher.Tpo" "$(DEPDIR)/sha2_hasher.Plo"; else rm -f "$(DEPDIR)/sha2_hasher.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/sha2_hasher.c' object='sha2_hasher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2_hasher.lo `test -f 'crypto/hashers/sha2_hasher.c' || echo '$(srcdir)/'`crypto/hashers/sha2_hasher.c
+
+md5_hasher.lo: crypto/hashers/md5_hasher.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md5_hasher.lo -MD -MP -MF "$(DEPDIR)/md5_hasher.Tpo" -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/md5_hasher.Tpo" "$(DEPDIR)/md5_hasher.Plo"; else rm -f "$(DEPDIR)/md5_hasher.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hashers/md5_hasher.c' object='md5_hasher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md5_hasher.lo `test -f 'crypto/hashers/md5_hasher.c' || echo '$(srcdir)/'`crypto/hashers/md5_hasher.c
+
+hmac.lo: crypto/hmac.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac.lo -MD -MP -MF "$(DEPDIR)/hmac.Tpo" -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac.Tpo" "$(DEPDIR)/hmac.Plo"; else rm -f "$(DEPDIR)/hmac.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/hmac.c' object='hmac.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac.lo `test -f 'crypto/hmac.c' || echo '$(srcdir)/'`crypto/hmac.c
+
+ocsp.lo: crypto/ocsp.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT ocsp.lo -MD -MP -MF "$(DEPDIR)/ocsp.Tpo" -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/ocsp.Tpo" "$(DEPDIR)/ocsp.Plo"; else rm -f "$(DEPDIR)/ocsp.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/ocsp.c' object='ocsp.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o ocsp.lo `test -f 'crypto/ocsp.c' || echo '$(srcdir)/'`crypto/ocsp.c
+
+fips_prf.lo: crypto/prfs/fips_prf.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_prf.lo -MD -MP -MF "$(DEPDIR)/fips_prf.Tpo" -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fips_prf.Tpo" "$(DEPDIR)/fips_prf.Plo"; else rm -f "$(DEPDIR)/fips_prf.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/fips_prf.c' object='fips_prf.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_prf.lo `test -f 'crypto/prfs/fips_prf.c' || echo '$(srcdir)/'`crypto/prfs/fips_prf.c
+
+hmac_prf.lo: crypto/prfs/hmac_prf.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_prf.lo -MD -MP -MF "$(DEPDIR)/hmac_prf.Tpo" -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_prf.Tpo" "$(DEPDIR)/hmac_prf.Plo"; else rm -f "$(DEPDIR)/hmac_prf.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/hmac_prf.c' object='hmac_prf.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_prf.lo `test -f 'crypto/prfs/hmac_prf.c' || echo '$(srcdir)/'`crypto/prfs/hmac_prf.c
+
+prf.lo: crypto/prfs/prf.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf.lo -MD -MP -MF "$(DEPDIR)/prf.Tpo" -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/prf.Tpo" "$(DEPDIR)/prf.Plo"; else rm -f "$(DEPDIR)/prf.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prfs/prf.c' object='prf.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf.lo `test -f 'crypto/prfs/prf.c' || echo '$(srcdir)/'`crypto/prfs/prf.c
+
+prf_plus.lo: crypto/prf_plus.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT prf_plus.lo -MD -MP -MF "$(DEPDIR)/prf_plus.Tpo" -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/prf_plus.Tpo" "$(DEPDIR)/prf_plus.Plo"; else rm -f "$(DEPDIR)/prf_plus.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/prf_plus.c' object='prf_plus.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o prf_plus.lo `test -f 'crypto/prf_plus.c' || echo '$(srcdir)/'`crypto/prf_plus.c
+
+rsa_private_key.lo: crypto/rsa/rsa_private_key.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_private_key.lo -MD -MP -MF "$(DEPDIR)/rsa_private_key.Tpo" -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_private_key.Tpo" "$(DEPDIR)/rsa_private_key.Plo"; else rm -f "$(DEPDIR)/rsa_private_key.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/rsa/rsa_private_key.c' object='rsa_private_key.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_private_key.lo `test -f 'crypto/rsa/rsa_private_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_private_key.c
+
+rsa_public_key.lo: crypto/rsa/rsa_public_key.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rsa_public_key.lo -MD -MP -MF "$(DEPDIR)/rsa_public_key.Tpo" -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/rsa_public_key.Tpo" "$(DEPDIR)/rsa_public_key.Plo"; else rm -f "$(DEPDIR)/rsa_public_key.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/rsa/rsa_public_key.c' object='rsa_public_key.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rsa_public_key.lo `test -f 'crypto/rsa/rsa_public_key.c' || echo '$(srcdir)/'`crypto/rsa/rsa_public_key.c
+
+hmac_signer.lo: crypto/signers/hmac_signer.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT hmac_signer.lo -MD -MP -MF "$(DEPDIR)/hmac_signer.Tpo" -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/hmac_signer.Tpo" "$(DEPDIR)/hmac_signer.Plo"; else rm -f "$(DEPDIR)/hmac_signer.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/signers/hmac_signer.c' object='hmac_signer.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o hmac_signer.lo `test -f 'crypto/signers/hmac_signer.c' || echo '$(srcdir)/'`crypto/signers/hmac_signer.c
+
+signer.lo: crypto/signers/signer.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT signer.lo -MD -MP -MF "$(DEPDIR)/signer.Tpo" -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/signer.Tpo" "$(DEPDIR)/signer.Plo"; else rm -f "$(DEPDIR)/signer.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/signers/signer.c' object='signer.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o signer.lo `test -f 'crypto/signers/signer.c' || echo '$(srcdir)/'`crypto/signers/signer.c
+
+x509.lo: crypto/x509.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT x509.lo -MD -MP -MF "$(DEPDIR)/x509.Tpo" -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/x509.Tpo" "$(DEPDIR)/x509.Plo"; else rm -f "$(DEPDIR)/x509.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='crypto/x509.c' object='x509.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o x509.lo `test -f 'crypto/x509.c' || echo '$(srcdir)/'`crypto/x509.c
+
+fetcher.lo: utils/fetcher.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fetcher.lo -MD -MP -MF "$(DEPDIR)/fetcher.Tpo" -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/fetcher.Tpo" "$(DEPDIR)/fetcher.Plo"; else rm -f "$(DEPDIR)/fetcher.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/fetcher.c' object='fetcher.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fetcher.lo `test -f 'utils/fetcher.c' || echo '$(srcdir)/'`utils/fetcher.c
+
+host.lo: utils/host.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT host.lo -MD -MP -MF "$(DEPDIR)/host.Tpo" -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/host.Tpo" "$(DEPDIR)/host.Plo"; else rm -f "$(DEPDIR)/host.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/host.c' object='host.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o host.lo `test -f 'utils/host.c' || echo '$(srcdir)/'`utils/host.c
+
+identification.lo: utils/identification.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT identification.lo -MD -MP -MF "$(DEPDIR)/identification.Tpo" -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/identification.Tpo" "$(DEPDIR)/identification.Plo"; else rm -f "$(DEPDIR)/identification.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/identification.c' object='identification.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o identification.lo `test -f 'utils/identification.c' || echo '$(srcdir)/'`utils/identification.c
+
+leak_detective.lo: utils/leak_detective.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT leak_detective.lo -MD -MP -MF "$(DEPDIR)/leak_detective.Tpo" -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/leak_detective.Tpo" "$(DEPDIR)/leak_detective.Plo"; else rm -f "$(DEPDIR)/leak_detective.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/leak_detective.c' object='leak_detective.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o leak_detective.lo `test -f 'utils/leak_detective.c' || echo '$(srcdir)/'`utils/leak_detective.c
+
+lexparser.lo: utils/lexparser.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lexparser.lo -MD -MP -MF "$(DEPDIR)/lexparser.Tpo" -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/lexparser.Tpo" "$(DEPDIR)/lexparser.Plo"; else rm -f "$(DEPDIR)/lexparser.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/lexparser.c' object='lexparser.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lexparser.lo `test -f 'utils/lexparser.c' || echo '$(srcdir)/'`utils/lexparser.c
+
+linked_list.lo: utils/linked_list.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT linked_list.lo -MD -MP -MF "$(DEPDIR)/linked_list.Tpo" -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/linked_list.Tpo" "$(DEPDIR)/linked_list.Plo"; else rm -f "$(DEPDIR)/linked_list.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/linked_list.c' object='linked_list.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o linked_list.lo `test -f 'utils/linked_list.c' || echo '$(srcdir)/'`utils/linked_list.c
+
+randomizer.lo: utils/randomizer.c
+@am__fastdepCC_TRUE@ if $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT randomizer.lo -MD -MP -MF "$(DEPDIR)/randomizer.Tpo" -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/randomizer.Tpo" "$(DEPDIR)/randomizer.Plo"; else rm -f "$(DEPDIR)/randomizer.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='utils/randomizer.c' object='randomizer.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o randomizer.lo `test -f 'utils/randomizer.c' || echo '$(srcdir)/'`utils/randomizer.c
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+ -rm -f libtool
+uninstall-info-am:
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ $(mkdir_p) $(distdir)/asn1
+ @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
+ list='$(DISTFILES)'; for file in $$list; do \
+ case $$file in \
+ $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
+ $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
+ esac; \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test "$$dir" != "$$file" && test "$$dir" != "."; then \
+ dir="/$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
+ fi; \
+ if test -d $$d/$$file; then \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) check-am
+all-am: Makefile $(LTLIBRARIES)
+installdirs:
+ for dir in "$(DESTDIR)$(libdir)"; do \
+ test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ done
+install: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
+ -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
+clean: clean-am
+
+clean-am: clean-generic clean-libLTLIBRARIES clean-libtool \
+ mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-libtool distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am:
+
+install-exec-am: install-libLTLIBRARIES
+
+install-info: install-info-am
+
+install-man:
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic \
+ mostlyclean-libtool
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-info-am uninstall-libLTLIBRARIES
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libLTLIBRARIES clean-libtool ctags distclean \
+ distclean-compile distclean-generic distclean-libtool \
+ distclean-tags distdir dvi dvi-am html html-am info info-am \
+ install install-am install-data install-data-am install-exec \
+ install-exec-am install-info install-info-am \
+ install-libLTLIBRARIES install-man install-strip installcheck \
+ installcheck-am installdirs maintainer-clean \
+ maintainer-clean-generic mostlyclean mostlyclean-compile \
+ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+ tags uninstall uninstall-am uninstall-info-am \
+ uninstall-libLTLIBRARIES
+
+
+asn1/oid.c : asn1/oid.txt asn1/oid.pl
+ cd asn1 && $(PERL) oid.pl
+
+asn1/oid.h : asn1/oid.txt asn1/oid.pl
+ cd asn1 && $(PERL) oid.pl
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
new file mode 100644
index 000000000..91a6621d4
--- /dev/null
+++ b/src/libstrongswan/asn1/asn1.c
@@ -0,0 +1,733 @@
+/* Simple ASN.1 parser
+ * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ * Copyright (C) 2006 Martin Will, Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+
+#include "asn1.h"
+
+#include <library.h>
+#include <debug.h>
+
+/* some common prefabricated ASN.1 constants */
+static u_char ASN1_INTEGER_0_str[] = { 0x02, 0x00 };
+static u_char ASN1_INTEGER_1_str[] = { 0x02, 0x01, 0x01 };
+static u_char ASN1_INTEGER_2_str[] = { 0x02, 0x01, 0x02 };
+
+const chunk_t ASN1_INTEGER_0 = chunk_from_buf(ASN1_INTEGER_0_str);
+const chunk_t ASN1_INTEGER_1 = chunk_from_buf(ASN1_INTEGER_1_str);
+const chunk_t ASN1_INTEGER_2 = chunk_from_buf(ASN1_INTEGER_2_str);
+
+/* some popular algorithmIdentifiers */
+
+static u_char ASN1_md5_id_str[] = {
+ 0x30, 0x0C,
+ 0x06, 0x08,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
+ 0x05, 0x00
+};
+
+static u_char ASN1_sha1_id_str[] = {
+ 0x30, 0x09,
+ 0x06, 0x05,
+ 0x2B, 0x0E,0x03, 0x02, 0x1A,
+ 0x05, 0x00
+};
+
+static u_char ASN1_md5WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04,
+ 0x05, 0x00
+};
+
+static u_char ASN1_sha1WithRSA_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
+ 0x05, 0x00
+};
+
+static u_char ASN1_rsaEncryption_id_str[] = {
+ 0x30, 0x0D,
+ 0x06, 0x09,
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+ 0x05, 0x00
+};
+
+const chunk_t ASN1_md5_id = chunk_from_buf(ASN1_md5_id_str);
+const chunk_t ASN1_sha1_id = chunk_from_buf(ASN1_sha1_id_str);
+const chunk_t ASN1_rsaEncryption_id = chunk_from_buf(ASN1_rsaEncryption_id_str);
+const chunk_t ASN1_md5WithRSA_id = chunk_from_buf(ASN1_md5WithRSA_id_str);
+const chunk_t ASN1_sha1WithRSA_id = chunk_from_buf(ASN1_sha1WithRSA_id_str);
+
+/* ASN.1 definiton of an algorithmIdentifier */
+static const asn1Object_t algorithmIdentifierObjects[] = {
+ { 0, "algorithmIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "algorithm", ASN1_OID, ASN1_BODY }, /* 1 */
+ { 1, "parameters", ASN1_EOC, ASN1_RAW } /* 2 */
+};
+
+#define ALGORITHM_ID_ALG 1
+#define ALGORITHM_ID_PARAMETERS 2
+#define ALGORITHM_ID_ROOF 3
+
+/**
+ * return the ASN.1 encoded algorithm identifier
+ */
+chunk_t asn1_algorithmIdentifier(int oid)
+{
+ switch (oid)
+ {
+ case OID_RSA_ENCRYPTION:
+ return ASN1_rsaEncryption_id;
+ case OID_MD5_WITH_RSA:
+ return ASN1_md5WithRSA_id;
+ case OID_SHA1_WITH_RSA:
+ return ASN1_sha1WithRSA_id;
+ case OID_MD5:
+ return ASN1_md5_id;
+ case OID_SHA1:
+ return ASN1_sha1_id;
+ default:
+ return chunk_empty;
+ }
+}
+
+/**
+ * If the oid is listed in the oid_names table then the corresponding
+ * position in the oid_names table is returned otherwise -1 is returned
+ */
+int known_oid(chunk_t object)
+{
+ int oid = 0;
+
+ while (object.len)
+ {
+ if (oid_names[oid].octet == *object.ptr)
+ {
+ if (--object.len == 0 || oid_names[oid].down == 0)
+ {
+ return oid; /* found terminal symbol */
+ }
+ else
+ {
+ object.ptr++; oid++; /* advance to next hex octet */
+ }
+ }
+ else
+ {
+ if (oid_names[oid].next)
+ oid = oid_names[oid].next;
+ else
+ return OID_UNKNOWN;
+ }
+ }
+ return -1;
+}
+
+/**
+ * Decodes the length in bytes of an ASN.1 object
+ */
+u_int asn1_length(chunk_t *blob)
+{
+ u_char n;
+ size_t len;
+
+ /* advance from tag field on to length field */
+ blob->ptr++;
+ blob->len--;
+
+ /* read first octet of length field */
+ n = *blob->ptr++;
+ blob->len--;
+
+ if ((n & 0x80) == 0)
+ {/* single length octet */
+ return n;
+ }
+
+ /* composite length, determine number of length octets */
+ n &= 0x7f;
+
+ if (n > blob->len)
+ {
+ DBG2("number of length octets is larger than ASN.1 object");
+ return ASN1_INVALID_LENGTH;
+ }
+
+ if (n > sizeof(len))
+ {
+ DBG2("number of length octets is larger than limit of %d octets",
+ (int)sizeof(len));
+ return ASN1_INVALID_LENGTH;
+ }
+
+ len = 0;
+
+ while (n-- > 0)
+ {
+ len = 256*len + *blob->ptr++;
+ blob->len--;
+ }
+ return len;
+}
+
+/**
+ * determines if a character string is of type ASN.1 printableString
+ */
+bool is_printablestring(chunk_t str)
+{
+ const char printablestring_charset[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 '()+,-./:=?";
+ u_int i;
+
+ for (i = 0; i < str.len; i++)
+ {
+ if (strchr(printablestring_charset, str.ptr[i]) == NULL)
+ return FALSE;
+ }
+ return TRUE;
+}
+
+/**
+ * Converts ASN.1 UTCTIME or GENERALIZEDTIME into calender time
+ */
+time_t asn1totime(const chunk_t *utctime, asn1_t type)
+{
+ struct tm t;
+ time_t tz_offset;
+ u_char *eot = NULL;
+
+ if ((eot = memchr(utctime->ptr, 'Z', utctime->len)) != NULL)
+ {
+ tz_offset = 0; /* Zulu time with a zero time zone offset */
+ }
+ else if ((eot = memchr(utctime->ptr, '+', utctime->len)) != NULL)
+ {
+ int tz_hour, tz_min;
+
+ sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
+ tz_offset = 3600*tz_hour + 60*tz_min; /* positive time zone offset */
+ }
+ else if ((eot = memchr(utctime->ptr, '-', utctime->len)) != NULL)
+ {
+ int tz_hour, tz_min;
+
+ sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
+ tz_offset = -3600*tz_hour - 60*tz_min; /* negative time zone offset */
+ }
+ else
+ {
+ return 0; /* error in time format */
+ }
+
+ {
+ const char* format = (type == ASN1_UTCTIME)? "%2d%2d%2d%2d%2d":
+ "%4d%2d%2d%2d%2d";
+
+ sscanf(utctime->ptr, format, &t.tm_year, &t.tm_mon, &t.tm_mday,
+ &t.tm_hour, &t.tm_min);
+ }
+
+ /* is there a seconds field? */
+ if ((eot - utctime->ptr) == ((type == ASN1_UTCTIME)?12:14))
+ {
+ sscanf(eot-2, "%2d", &t.tm_sec);
+ }
+ else
+ {
+ t.tm_sec = 0;
+ }
+
+ /* representation of year */
+ if (t.tm_year >= 1900)
+ {
+ t.tm_year -= 1900;
+ }
+ else if (t.tm_year >= 100)
+ {
+ return 0;
+ }
+ else if (t.tm_year < 50)
+ {
+ t.tm_year += 100;
+ }
+
+ /* representation of month 0..11*/
+ t.tm_mon--;
+
+ /* set daylight saving time to off */
+ t.tm_isdst = 0;
+
+ /* compensate timezone */
+
+ return mktime(&t) - timezone - tz_offset;
+}
+
+/**
+ * Initializes the internal context of the ASN.1 parser
+ */
+void asn1_init(asn1_ctx_t *ctx, chunk_t blob, u_int level0,
+ bool implicit, bool private)
+{
+ ctx->blobs[0] = blob;
+ ctx->level0 = level0;
+ ctx->implicit = implicit;
+ ctx->private = private;
+ memset(ctx->loopAddr, '\0', sizeof(ctx->loopAddr));
+}
+
+/**
+ * print the value of an ASN.1 simple object
+ */
+static void debug_asn1_simple_object(chunk_t object, asn1_t type, bool private)
+{
+ int oid;
+
+ switch (type)
+ {
+ case ASN1_OID:
+ oid = known_oid(object);
+ if (oid != OID_UNKNOWN)
+ {
+ DBG2(" '%s'", oid_names[oid].name);
+ return;
+ }
+ break;
+ case ASN1_UTF8STRING:
+ case ASN1_IA5STRING:
+ case ASN1_PRINTABLESTRING:
+ case ASN1_T61STRING:
+ case ASN1_VISIBLESTRING:
+ DBG2(" '%.*s'", (int)object.len, object.ptr);
+ return;
+ case ASN1_UTCTIME:
+ case ASN1_GENERALIZEDTIME:
+ {
+ time_t time = asn1totime(&object, type);
+
+ DBG2(" '%T'", &time);
+ }
+ return;
+ default:
+ break;
+ }
+ if (private)
+ {
+ DBG4("%B", &object);
+ }
+ else
+ {
+ DBG3("%B", &object);
+ }
+}
+
+/**
+ * Parses and extracts the next ASN.1 object
+ */
+bool extract_object(asn1Object_t const *objects, u_int *objectID, chunk_t *object, u_int *level, asn1_ctx_t *ctx)
+{
+ asn1Object_t obj = objects[*objectID];
+ chunk_t *blob;
+ chunk_t *blob1;
+ u_char *start_ptr;
+
+ *object = chunk_empty;
+
+ if (obj.flags & ASN1_END) /* end of loop or option found */
+ {
+ if (ctx->loopAddr[obj.level] && ctx->blobs[obj.level+1].len > 0)
+ {
+ *objectID = ctx->loopAddr[obj.level]; /* another iteration */
+ obj = objects[*objectID];
+ }
+ else
+ {
+ ctx->loopAddr[obj.level] = 0; /* exit loop or option*/
+ return TRUE;
+ }
+ }
+
+ *level = ctx->level0 + obj.level;
+ blob = ctx->blobs + obj.level;
+ blob1 = blob + 1;
+ start_ptr = blob->ptr;
+
+ /* handle ASN.1 defaults values */
+ if ((obj.flags & ASN1_DEF) && (blob->len == 0 || *start_ptr != obj.type) )
+ {
+ /* field is missing */
+ DBG2("L%d - %s:", *level, obj.name);
+ if (obj.type & ASN1_CONSTRUCTED)
+ {
+ (*objectID)++ ; /* skip context-specific tag */
+ }
+ return TRUE;
+ }
+
+ /* handle ASN.1 options */
+
+ if ((obj.flags & ASN1_OPT)
+ && (blob->len == 0 || *start_ptr != obj.type))
+ {
+ /* advance to end of missing option field */
+ do
+ (*objectID)++;
+ while (!((objects[*objectID].flags & ASN1_END)
+ && (objects[*objectID].level == obj.level)));
+ return TRUE;
+ }
+
+ /* an ASN.1 object must possess at least a tag and length field */
+
+ if (blob->len < 2)
+ {
+ DBG2("L%d - %s: ASN.1 object smaller than 2 octets",
+ *level, obj.name);
+ return FALSE;
+ }
+
+ blob1->len = asn1_length(blob);
+
+ if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len)
+ {
+ DBG2("L%d - %s: length of ASN.1 object invalid or too large",
+ *level, obj.name);
+ return FALSE;
+ }
+
+ blob1->ptr = blob->ptr;
+ blob->ptr += blob1->len;
+ blob->len -= blob1->len;
+
+ /* return raw ASN.1 object without prior type checking */
+
+ if (obj.flags & ASN1_RAW)
+ {
+ DBG2("L%d - %s:", *level, obj.name);
+ object->ptr = start_ptr;
+ object->len = (size_t)(blob->ptr - start_ptr);
+ return TRUE;
+ }
+
+ if (*start_ptr != obj.type && !(ctx->implicit && *objectID == 0))
+ {
+ DBG1("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
+ *level, obj.name, obj.type, *start_ptr);
+ DBG3("%b", start_ptr, (u_int)(blob->ptr - start_ptr));
+ return FALSE;
+ }
+
+ DBG2("L%d - %s:", ctx->level0+obj.level, obj.name);
+
+ /* In case of "SEQUENCE OF" or "SET OF" start a loop */
+ if (obj.flags & ASN1_LOOP)
+ {
+ if (blob1->len > 0)
+ {
+ /* at least one item, start the loop */
+ ctx->loopAddr[obj.level] = *objectID + 1;
+ }
+ else
+ {
+ /* no items, advance directly to end of loop */
+ do
+ (*objectID)++;
+ while (!((objects[*objectID].flags & ASN1_END)
+ && (objects[*objectID].level == obj.level)));
+ return TRUE;
+ }
+ }
+
+ if (obj.flags & ASN1_OBJ)
+ {
+ object->ptr = start_ptr;
+ object->len = (size_t)(blob->ptr - start_ptr);
+ if (ctx->private)
+ {
+ DBG4("%B", object);
+ }
+ else
+ {
+ DBG3("%B", object);
+ }
+ }
+ else if (obj.flags & ASN1_BODY)
+ {
+ *object = *blob1;
+ debug_asn1_simple_object(*object, obj.type, ctx->private);
+ }
+ return TRUE;
+}
+
+/**
+ * parse an ASN.1 simple type
+ */
+bool parse_asn1_simple_object(chunk_t *object, asn1_t type, u_int level, const char* name)
+{
+ size_t len;
+
+ /* an ASN.1 object must possess at least a tag and length field */
+ if (object->len < 2)
+ {
+ DBG2("L%d - %s: ASN.1 object smaller than 2 octets", level, name);
+ return FALSE;
+ }
+
+ if (*object->ptr != type)
+ {
+ DBG2("L%d - %s: ASN1 tag 0x%02x expected, but is 0x%02x",
+ level, name, type, *object->ptr);
+ return FALSE;
+ }
+
+ len = asn1_length(object);
+
+ if (len == ASN1_INVALID_LENGTH || object->len < len)
+ {
+ DBG2("L%d - %s: length of ASN.1 object invalid or too large",
+ level, name);
+ return FALSE;
+ }
+
+ DBG2("L%d - %s:", level, name);
+ debug_asn1_simple_object(*object, type, FALSE);
+ return TRUE;
+}
+
+/**
+ * extracts an algorithmIdentifier
+ */
+int parse_algorithmIdentifier(chunk_t blob, int level0, chunk_t *parameters)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int alg = OID_UNKNOWN;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < ALGORITHM_ID_ROOF)
+ {
+ if (!extract_object(algorithmIdentifierObjects, &objectID, &object, &level, &ctx))
+ return OID_UNKNOWN;
+
+ switch (objectID)
+ {
+ case ALGORITHM_ID_ALG:
+ alg = known_oid(object);
+ break;
+ case ALGORITHM_ID_PARAMETERS:
+ if (parameters != NULL)
+ *parameters = object;
+ break;
+ default:
+ break;
+ }
+ objectID++;
+ }
+ return alg;
+ }
+
+/*
+ * tests if a blob contains a valid ASN.1 set or sequence
+ */
+bool is_asn1(chunk_t blob)
+{
+ u_int len;
+ u_char tag = *blob.ptr;
+
+ if (tag != ASN1_SEQUENCE && tag != ASN1_SET)
+ {
+ DBG2(" file content is not binary ASN.1");
+ return FALSE;
+ }
+ len = asn1_length(&blob);
+ if (len != blob.len)
+ {
+ DBG2(" file size does not match ASN.1 coded length");
+ return FALSE;
+ }
+ return TRUE;
+}
+
+/**
+ * codes ASN.1 lengths up to a size of 16'777'215 bytes
+ */
+void code_asn1_length(size_t length, chunk_t *code)
+{
+ if (length < 128)
+ {
+ code->ptr[0] = length;
+ code->len = 1;
+ }
+ else if (length < 256)
+ {
+ code->ptr[0] = 0x81;
+ code->ptr[1] = (u_char) length;
+ code->len = 2;
+ }
+ else if (length < 65536)
+ {
+ code->ptr[0] = 0x82;
+ code->ptr[1] = length >> 8;
+ code->ptr[2] = length & 0x00ff;
+ code->len = 3;
+ }
+ else
+ {
+ code->ptr[0] = 0x83;
+ code->ptr[1] = length >> 16;
+ code->ptr[2] = (length >> 8) & 0x00ff;
+ code->ptr[3] = length & 0x0000ff;
+ code->len = 4;
+ }
+}
+
+/**
+ * build an empty asn.1 object with tag and length fields already filled in
+ */
+u_char* build_asn1_object(chunk_t *object, asn1_t type, size_t datalen)
+{
+ u_char length_buf[4];
+ chunk_t length = { length_buf, 0 };
+ u_char *pos;
+
+ /* code the asn.1 length field */
+ code_asn1_length(datalen, &length);
+
+ /* allocate memory for the asn.1 TLV object */
+ object->len = 1 + length.len + datalen;
+ object->ptr = malloc(object->len);
+
+ /* set position pointer at the start of the object */
+ pos = object->ptr;
+
+ /* copy the asn.1 tag field and advance the pointer */
+ *pos++ = type;
+
+ /* copy the asn.1 length field and advance the pointer */
+ memcpy(pos, length.ptr, length.len);
+ pos += length.len;
+
+ return pos;
+}
+
+/**
+ * build a simple ASN.1 object
+ */
+chunk_t asn1_simple_object(asn1_t tag, chunk_t content)
+{
+ chunk_t object;
+
+ u_char *pos = build_asn1_object(&object, tag, content.len);
+ memcpy(pos, content.ptr, content.len);
+ pos += content.len;
+
+ return object;
+}
+
+/**
+ * Build an ASN.1 object from a variable number of individual chunks.
+ * Depending on the mode, chunks either are moved ('m') or copied ('c').
+ */
+chunk_t asn1_wrap(asn1_t type, const char *mode, ...)
+{
+ chunk_t construct;
+ va_list chunks;
+ u_char *pos;
+ int i;
+ int count = strlen(mode);
+
+ /* sum up lengths of individual chunks */
+ va_start(chunks, mode);
+ construct.len = 0;
+ for (i = 0; i < count; i++)
+ {
+ chunk_t ch = va_arg(chunks, chunk_t);
+ construct.len += ch.len;
+ }
+ va_end(chunks);
+
+ /* allocate needed memory for construct */
+ pos = build_asn1_object(&construct, type, construct.len);
+
+ /* copy or move the chunks */
+ va_start(chunks, mode);
+ for (i = 0; i < count; i++)
+ {
+ chunk_t ch = va_arg(chunks, chunk_t);
+
+ switch (*mode++)
+ {
+ case 'm':
+ memcpy(pos, ch.ptr, ch.len);
+ pos += ch.len;
+ free(ch.ptr);
+ break;
+ case 'c':
+ default:
+ memcpy(pos, ch.ptr, ch.len);
+ pos += ch.len;
+ }
+ }
+ va_end(chunks);
+
+ return construct;
+}
+
+/**
+ * convert a MP integer into a DER coded ASN.1 object
+ */
+chunk_t asn1_integer_from_mpz(const mpz_t value)
+{
+ size_t bits = mpz_sizeinbase(value, 2); /* size in bits */
+ chunk_t n;
+ n.len = 1 + bits / 8; /* size in bytes */
+ n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, value);
+
+ return asn1_wrap(ASN1_INTEGER, "m", n);
+}
+
+/**
+ * convert a date into ASN.1 UTCTIME or GENERALIZEDTIME format
+ */
+chunk_t timetoasn1(const time_t *time, asn1_t type)
+{
+ int offset;
+ const char *format;
+ char buf[32];
+ chunk_t formatted_time;
+ struct tm *t = gmtime(time);
+
+ if (type == ASN1_GENERALIZEDTIME)
+ {
+ format = "%04d%02d%02d%02d%02d%02dZ";
+ offset = 1900;
+ }
+ else /* ASN1_UTCTIME */
+ {
+ format = "%02d%02d%02d%02d%02d%02dZ";
+ offset = (t->tm_year < 100)? 0 : -100;
+ }
+ snprintf(buf, sizeof(buf), format, t->tm_year + offset,
+ t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec);
+ formatted_time.ptr = buf;
+ formatted_time.len = strlen(buf);
+ return asn1_simple_object(type, formatted_time);
+}
diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
new file mode 100644
index 000000000..5ab519ec8
--- /dev/null
+++ b/src/libstrongswan/asn1/asn1.h
@@ -0,0 +1,135 @@
+/* Simple ASN.1 parser
+ * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ * Copyright (C) 2006 Martin Will, Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef _ASN1_H
+#define _ASN1_H
+
+#include <stdarg.h>
+#include <gmp.h>
+
+#include <library.h>
+#include <asn1/oid.h>
+
+
+/* Defines some primitive ASN1 types */
+typedef enum {
+ ASN1_EOC = 0x00,
+ ASN1_BOOLEAN = 0x01,
+ ASN1_INTEGER = 0x02,
+ ASN1_BIT_STRING = 0x03,
+ ASN1_OCTET_STRING = 0x04,
+ ASN1_NULL = 0x05,
+ ASN1_OID = 0x06,
+ ASN1_ENUMERATED = 0x0A,
+ ASN1_UTF8STRING = 0x0C,
+ ASN1_NUMERICSTRING = 0x12,
+ ASN1_PRINTABLESTRING = 0x13,
+ ASN1_T61STRING = 0x14,
+ ASN1_VIDEOTEXSTRING = 0x15,
+ ASN1_IA5STRING = 0x16,
+ ASN1_UTCTIME = 0x17,
+ ASN1_GENERALIZEDTIME = 0x18,
+ ASN1_GRAPHICSTRING = 0x19,
+ ASN1_VISIBLESTRING = 0x1A,
+ ASN1_GENERALSTRING = 0x1B,
+ ASN1_UNIVERSALSTRING = 0x1C,
+ ASN1_BMPSTRING = 0x1E,
+
+ ASN1_CONSTRUCTED = 0x20,
+
+ ASN1_SEQUENCE = 0x30,
+
+ ASN1_SET = 0x31,
+
+ ASN1_CONTEXT_S_0 = 0x80,
+ ASN1_CONTEXT_S_1 = 0x81,
+ ASN1_CONTEXT_S_2 = 0x82,
+ ASN1_CONTEXT_S_3 = 0x83,
+ ASN1_CONTEXT_S_4 = 0x84,
+ ASN1_CONTEXT_S_5 = 0x85,
+ ASN1_CONTEXT_S_6 = 0x86,
+ ASN1_CONTEXT_S_7 = 0x87,
+ ASN1_CONTEXT_S_8 = 0x88,
+
+ ASN1_CONTEXT_C_0 = 0xA0,
+ ASN1_CONTEXT_C_1 = 0xA1,
+ ASN1_CONTEXT_C_2 = 0xA2,
+ ASN1_CONTEXT_C_3 = 0xA3,
+ ASN1_CONTEXT_C_4 = 0xA4,
+ ASN1_CONTEXT_C_5 = 0xA5
+} asn1_t;
+
+/* Definition of ASN1 flags */
+
+#define ASN1_NONE 0x00
+#define ASN1_DEF 0x01
+#define ASN1_OPT 0x02
+#define ASN1_LOOP 0x04
+#define ASN1_END 0x08
+#define ASN1_OBJ 0x10
+#define ASN1_BODY 0x20
+#define ASN1_RAW 0x40
+
+#define ASN1_INVALID_LENGTH 0xffffffff
+
+/* definition of an ASN.1 object */
+
+typedef struct {
+ u_int level;
+ const u_char *name;
+ asn1_t type;
+ u_char flags;
+} asn1Object_t;
+
+#define ASN1_MAX_LEVEL 10
+
+typedef struct {
+ bool implicit;
+ bool private;
+ u_int level0;
+ u_int loopAddr[ASN1_MAX_LEVEL+1];
+ chunk_t blobs[ASN1_MAX_LEVEL+2];
+} asn1_ctx_t;
+
+/* some common prefabricated ASN.1 constants */
+extern const chunk_t ASN1_INTEGER_0;
+extern const chunk_t ASN1_INTEGER_1;
+extern const chunk_t ASN1_INTEGER_2;
+
+/* some popular algorithmIdentifiers */
+extern const chunk_t ASN1_md5_id;
+extern const chunk_t ASN1_sha1_id;
+extern const chunk_t ASN1_rsaEncryption_id;
+extern const chunk_t ASN1_md5WithRSA_id;
+extern const chunk_t ASN1_sha1WithRSA_id;
+
+extern chunk_t asn1_algorithmIdentifier(int oid);
+extern int known_oid(chunk_t object);
+extern u_int asn1_length(chunk_t *blob);
+extern bool is_printablestring(chunk_t str);
+extern time_t asn1totime(const chunk_t *utctime, asn1_t type);
+extern void asn1_init(asn1_ctx_t *ctx, chunk_t blob, u_int level0, bool implicit, bool private);
+extern bool extract_object(asn1Object_t const *objects, u_int *objectID, chunk_t *object, u_int *level, asn1_ctx_t *ctx);
+extern bool parse_asn1_simple_object(chunk_t *object, asn1_t type, u_int level, const char* name);
+extern int parse_algorithmIdentifier(chunk_t blob, int level0, chunk_t *parameters);
+extern bool is_asn1(chunk_t blob);
+
+extern void code_asn1_length(size_t length, chunk_t *code);
+extern u_char* build_asn1_object(chunk_t *object, asn1_t type, size_t datalen);
+extern chunk_t asn1_integer_from_mpz(const mpz_t value);
+extern chunk_t asn1_simple_object(asn1_t tag, chunk_t content);
+extern chunk_t asn1_wrap(asn1_t type, const char *mode, ...);
+
+#endif /* _ASN1_H */
diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c
new file mode 100644
index 000000000..4b0632de2
--- /dev/null
+++ b/src/libstrongswan/asn1/oid.c
@@ -0,0 +1,197 @@
+/* List of some useful object identifiers (OIDs)
+ * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This file has been automatically generated by the script oid.pl
+ * Do not edit manually!
+ */
+
+#include <stdlib.h>
+
+#include "oid.h"
+
+const oid_t oid_names[] = {
+ {0x02, 7, 1, "ITU-T Administration" }, /* 0 */
+ { 0x82, 0, 1, "" }, /* 1 */
+ { 0x06, 0, 1, "Germany ITU-T member" }, /* 2 */
+ { 0x01, 0, 1, "Deutsche Telekom AG" }, /* 3 */
+ { 0x0A, 0, 1, "" }, /* 4 */
+ { 0x07, 0, 1, "" }, /* 5 */
+ { 0x14, 0, 0, "ND" }, /* 6 */
+ {0x09, 18, 1, "data" }, /* 7 */
+ { 0x92, 0, 1, "" }, /* 8 */
+ { 0x26, 0, 1, "" }, /* 9 */
+ { 0x89, 0, 1, "" }, /* 10 */
+ { 0x93, 0, 1, "" }, /* 11 */
+ { 0xF2, 0, 1, "" }, /* 12 */
+ { 0x2C, 0, 1, "" }, /* 13 */
+ { 0x64, 0, 1, "pilot" }, /* 14 */
+ { 0x01, 0, 1, "pilotAttributeType" }, /* 15 */
+ { 0x01, 17, 0, "UID" }, /* 16 */
+ { 0x19, 0, 0, "DC" }, /* 17 */
+ {0x55, 51, 1, "X.500" }, /* 18 */
+ { 0x04, 36, 1, "X.509" }, /* 19 */
+ { 0x03, 21, 0, "CN" }, /* 20 */
+ { 0x04, 22, 0, "S" }, /* 21 */
+ { 0x05, 23, 0, "SN" }, /* 22 */
+ { 0x06, 24, 0, "C" }, /* 23 */
+ { 0x07, 25, 0, "L" }, /* 24 */
+ { 0x08, 26, 0, "ST" }, /* 25 */
+ { 0x0A, 27, 0, "O" }, /* 26 */
+ { 0x0B, 28, 0, "OU" }, /* 27 */
+ { 0x0C, 29, 0, "T" }, /* 28 */
+ { 0x0D, 30, 0, "D" }, /* 29 */
+ { 0x24, 31, 0, "userCertificate" }, /* 30 */
+ { 0x29, 32, 0, "N" }, /* 31 */
+ { 0x2A, 33, 0, "G" }, /* 32 */
+ { 0x2B, 34, 0, "I" }, /* 33 */
+ { 0x2D, 35, 0, "ID" }, /* 34 */
+ { 0x48, 0, 0, "role" }, /* 35 */
+ { 0x1D, 0, 1, "id-ce" }, /* 36 */
+ { 0x09, 38, 0, "subjectDirectoryAttrs" }, /* 37 */
+ { 0x0E, 39, 0, "subjectKeyIdentifier" }, /* 38 */
+ { 0x0F, 40, 0, "keyUsage" }, /* 39 */
+ { 0x10, 41, 0, "privateKeyUsagePeriod" }, /* 40 */
+ { 0x11, 42, 0, "subjectAltName" }, /* 41 */
+ { 0x12, 43, 0, "issuerAltName" }, /* 42 */
+ { 0x13, 44, 0, "basicConstraints" }, /* 43 */
+ { 0x15, 45, 0, "reasonCode" }, /* 44 */
+ { 0x1F, 46, 0, "crlDistributionPoints" }, /* 45 */
+ { 0x20, 47, 0, "certificatePolicies" }, /* 46 */
+ { 0x23, 48, 0, "authorityKeyIdentifier" }, /* 47 */
+ { 0x25, 49, 0, "extendedKeyUsage" }, /* 48 */
+ { 0x37, 50, 0, "targetInformation" }, /* 49 */
+ { 0x38, 0, 0, "noRevAvail" }, /* 50 */
+ {0x2A, 88, 1, "" }, /* 51 */
+ { 0x86, 0, 1, "" }, /* 52 */
+ { 0x48, 0, 1, "" }, /* 53 */
+ { 0x86, 0, 1, "" }, /* 54 */
+ { 0xF7, 0, 1, "" }, /* 55 */
+ { 0x0D, 0, 1, "RSADSI" }, /* 56 */
+ { 0x01, 83, 1, "PKCS" }, /* 57 */
+ { 0x01, 66, 1, "PKCS-1" }, /* 58 */
+ { 0x01, 60, 0, "rsaEncryption" }, /* 59 */
+ { 0x02, 61, 0, "md2WithRSAEncryption" }, /* 60 */
+ { 0x04, 62, 0, "md5WithRSAEncryption" }, /* 61 */
+ { 0x05, 63, 0, "sha-1WithRSAEncryption" }, /* 62 */
+ { 0x0B, 64, 0, "sha256WithRSAEncryption"}, /* 63 */
+ { 0x0C, 65, 0, "sha384WithRSAEncryption"}, /* 64 */
+ { 0x0D, 0, 0, "sha512WithRSAEncryption"}, /* 65 */
+ { 0x07, 73, 1, "PKCS-7" }, /* 66 */
+ { 0x01, 68, 0, "data" }, /* 67 */
+ { 0x02, 69, 0, "signedData" }, /* 68 */
+ { 0x03, 70, 0, "envelopedData" }, /* 69 */
+ { 0x04, 71, 0, "signedAndEnvelopedData" }, /* 70 */
+ { 0x05, 72, 0, "digestedData" }, /* 71 */
+ { 0x06, 0, 0, "encryptedData" }, /* 72 */
+ { 0x09, 0, 1, "PKCS-9" }, /* 73 */
+ { 0x01, 75, 0, "E" }, /* 74 */
+ { 0x02, 76, 0, "unstructuredName" }, /* 75 */
+ { 0x03, 77, 0, "contentType" }, /* 76 */
+ { 0x04, 78, 0, "messageDigest" }, /* 77 */
+ { 0x05, 79, 0, "signingTime" }, /* 78 */
+ { 0x06, 80, 0, "counterSignature" }, /* 79 */
+ { 0x07, 81, 0, "challengePassword" }, /* 80 */
+ { 0x08, 82, 0, "unstructuredAddress" }, /* 81 */
+ { 0x0E, 0, 0, "extensionRequest" }, /* 82 */
+ { 0x02, 86, 1, "digestAlgorithm" }, /* 83 */
+ { 0x02, 85, 0, "md2" }, /* 84 */
+ { 0x05, 0, 0, "md5" }, /* 85 */
+ { 0x03, 0, 1, "encryptionAlgorithm" }, /* 86 */
+ { 0x07, 0, 0, "3des-ede-cbc" }, /* 87 */
+ {0x2B, 149, 1, "" }, /* 88 */
+ { 0x06, 136, 1, "dod" }, /* 89 */
+ { 0x01, 0, 1, "internet" }, /* 90 */
+ { 0x04, 105, 1, "private" }, /* 91 */
+ { 0x01, 0, 1, "enterprise" }, /* 92 */
+ { 0x82, 98, 1, "" }, /* 93 */
+ { 0x37, 0, 1, "Microsoft" }, /* 94 */
+ { 0x0A, 0, 1, "" }, /* 95 */
+ { 0x03, 0, 1, "" }, /* 96 */
+ { 0x03, 0, 0, "msSGC" }, /* 97 */
+ { 0x89, 0, 1, "" }, /* 98 */
+ { 0x31, 0, 1, "" }, /* 99 */
+ { 0x01, 0, 1, "" }, /* 100 */
+ { 0x01, 0, 1, "" }, /* 101 */
+ { 0x02, 0, 1, "" }, /* 102 */
+ { 0x02, 104, 0, "" }, /* 103 */
+ { 0x4B, 0, 0, "TCGID" }, /* 104 */
+ { 0x05, 0, 1, "security" }, /* 105 */
+ { 0x05, 0, 1, "mechanisms" }, /* 106 */
+ { 0x07, 0, 1, "id-pkix" }, /* 107 */
+ { 0x01, 110, 1, "id-pe" }, /* 108 */
+ { 0x01, 0, 0, "authorityInfoAccess" }, /* 109 */
+ { 0x03, 120, 1, "id-kp" }, /* 110 */
+ { 0x01, 112, 0, "serverAuth" }, /* 111 */
+ { 0x02, 113, 0, "clientAuth" }, /* 112 */
+ { 0x03, 114, 0, "codeSigning" }, /* 113 */
+ { 0x04, 115, 0, "emailProtection" }, /* 114 */
+ { 0x05, 116, 0, "ipsecEndSystem" }, /* 115 */
+ { 0x06, 117, 0, "ipsecTunnel" }, /* 116 */
+ { 0x07, 118, 0, "ipsecUser" }, /* 117 */
+ { 0x08, 119, 0, "timeStamping" }, /* 118 */
+ { 0x09, 0, 0, "ocspSigning" }, /* 119 */
+ { 0x08, 122, 1, "id-otherNames" }, /* 120 */
+ { 0x05, 0, 0, "xmppAddr" }, /* 121 */
+ { 0x0A, 127, 1, "id-aca" }, /* 122 */
+ { 0x01, 124, 0, "authenticationInfo" }, /* 123 */
+ { 0x02, 125, 0, "accessIdentity" }, /* 124 */
+ { 0x03, 126, 0, "chargingIdentity" }, /* 125 */
+ { 0x04, 0, 0, "group" }, /* 126 */
+ { 0x30, 0, 1, "id-ad" }, /* 127 */
+ { 0x01, 0, 1, "ocsp" }, /* 128 */
+ { 0x01, 130, 0, "basic" }, /* 129 */
+ { 0x02, 131, 0, "nonce" }, /* 130 */
+ { 0x03, 132, 0, "crl" }, /* 131 */
+ { 0x04, 133, 0, "response" }, /* 132 */
+ { 0x05, 134, 0, "noCheck" }, /* 133 */
+ { 0x06, 135, 0, "archiveCutoff" }, /* 134 */
+ { 0x07, 0, 0, "serviceLocator" }, /* 135 */
+ { 0x0E, 142, 1, "oiw" }, /* 136 */
+ { 0x03, 0, 1, "secsig" }, /* 137 */
+ { 0x02, 0, 1, "algorithms" }, /* 138 */
+ { 0x07, 140, 0, "des-cbc" }, /* 139 */
+ { 0x1A, 141, 0, "sha-1" }, /* 140 */
+ { 0x1D, 0, 0, "sha-1WithRSASignature" }, /* 141 */
+ { 0x24, 0, 1, "TeleTrusT" }, /* 142 */
+ { 0x03, 0, 1, "algorithm" }, /* 143 */
+ { 0x03, 0, 1, "signatureAlgorithm" }, /* 144 */
+ { 0x01, 0, 1, "rsaSignature" }, /* 145 */
+ { 0x02, 147, 0, "rsaSigWithripemd160" }, /* 146 */
+ { 0x03, 148, 0, "rsaSigWithripemd128" }, /* 147 */
+ { 0x04, 0, 0, "rsaSigWithripemd256" }, /* 148 */
+ {0x60, 0, 1, "" }, /* 149 */
+ { 0x86, 0, 1, "" }, /* 150 */
+ { 0x48, 0, 1, "" }, /* 151 */
+ { 0x01, 0, 1, "organization" }, /* 152 */
+ { 0x65, 160, 1, "gov" }, /* 153 */
+ { 0x03, 0, 1, "csor" }, /* 154 */
+ { 0x04, 0, 1, "nistalgorithm" }, /* 155 */
+ { 0x02, 0, 1, "hashalgs" }, /* 156 */
+ { 0x01, 158, 0, "id-SHA-256" }, /* 157 */
+ { 0x02, 159, 0, "id-SHA-384" }, /* 158 */
+ { 0x03, 0, 0, "id-SHA-512" }, /* 159 */
+ { 0x86, 0, 1, "" }, /* 160 */
+ { 0xf8, 0, 1, "" }, /* 161 */
+ { 0x42, 174, 1, "netscape" }, /* 162 */
+ { 0x01, 169, 1, "" }, /* 163 */
+ { 0x01, 165, 0, "nsCertType" }, /* 164 */
+ { 0x03, 166, 0, "nsRevocationUrl" }, /* 165 */
+ { 0x04, 167, 0, "nsCaRevocationUrl" }, /* 166 */
+ { 0x08, 168, 0, "nsCaPolicyUrl" }, /* 167 */
+ { 0x0d, 0, 0, "nsComment" }, /* 168 */
+ { 0x03, 172, 1, "directory" }, /* 169 */
+ { 0x01, 0, 1, "" }, /* 170 */
+ { 0x03, 0, 0, "employeeNumber" }, /* 171 */
+ { 0x04, 0, 1, "policy" }, /* 172 */
+ { 0x01, 0, 0, "nsSGC" }, /* 173 */
+ { 0x45, 0, 1, "verisign" }, /* 174 */
+ { 0x01, 0, 1, "pki" }, /* 175 */
+ { 0x09, 0, 1, "attributes" }, /* 176 */
+ { 0x02, 178, 0, "messageType" }, /* 177 */
+ { 0x03, 179, 0, "pkiStatus" }, /* 178 */
+ { 0x04, 180, 0, "failInfo" }, /* 179 */
+ { 0x05, 181, 0, "senderNonce" }, /* 180 */
+ { 0x06, 182, 0, "recipientNonce" }, /* 181 */
+ { 0x07, 183, 0, "transID" }, /* 182 */
+ { 0x08, 0, 0, "extensionReq" } /* 183 */
+};
diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h
new file mode 100644
index 000000000..f85997159
--- /dev/null
+++ b/src/libstrongswan/asn1/oid.h
@@ -0,0 +1,80 @@
+/* Object identifiers (OIDs) used by FreeS/WAN
+ * Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This file has been automatically generated by the script oid.pl
+ * Do not edit manually!
+ */
+
+#ifndef OID_H_
+#define OID_H_
+
+typedef struct {
+ u_char octet;
+ u_int next;
+ u_int down;
+ const u_char *name;
+} oid_t;
+
+extern const oid_t oid_names[];
+
+#define OID_UNKNOWN -1
+#define OID_ROLE 35
+#define OID_SUBJECT_KEY_ID 38
+#define OID_SUBJECT_ALT_NAME 41
+#define OID_BASIC_CONSTRAINTS 43
+#define OID_CRL_REASON_CODE 44
+#define OID_CRL_DISTRIBUTION_POINTS 45
+#define OID_AUTHORITY_KEY_ID 47
+#define OID_EXTENDED_KEY_USAGE 48
+#define OID_TARGET_INFORMATION 49
+#define OID_NO_REV_AVAIL 50
+#define OID_RSA_ENCRYPTION 59
+#define OID_MD2_WITH_RSA 60
+#define OID_MD5_WITH_RSA 61
+#define OID_SHA1_WITH_RSA 62
+#define OID_SHA256_WITH_RSA 63
+#define OID_SHA384_WITH_RSA 64
+#define OID_SHA512_WITH_RSA 65
+#define OID_PKCS7_DATA 67
+#define OID_PKCS7_SIGNED_DATA 68
+#define OID_PKCS7_ENVELOPED_DATA 69
+#define OID_PKCS7_SIGNED_ENVELOPED_DATA 70
+#define OID_PKCS7_DIGESTED_DATA 71
+#define OID_PKCS7_ENCRYPTED_DATA 72
+#define OID_PKCS9_EMAIL 74
+#define OID_PKCS9_CONTENT_TYPE 76
+#define OID_PKCS9_MESSAGE_DIGEST 77
+#define OID_PKCS9_SIGNING_TIME 78
+#define OID_MD2 84
+#define OID_MD5 85
+#define OID_3DES_EDE_CBC 87
+#define OID_AUTHORITY_INFO_ACCESS 109
+#define OID_OCSP_SIGNING 119
+#define OID_XMPP_ADDR 121
+#define OID_AUTHENTICATION_INFO 123
+#define OID_ACCESS_IDENTITY 124
+#define OID_CHARGING_IDENTITY 125
+#define OID_GROUP 126
+#define OID_OCSP 128
+#define OID_BASIC 129
+#define OID_NONCE 130
+#define OID_CRL 131
+#define OID_RESPONSE 132
+#define OID_NO_CHECK 133
+#define OID_ARCHIVE_CUTOFF 134
+#define OID_SERVICE_LOCATOR 135
+#define OID_DES_CBC 139
+#define OID_SHA1 140
+#define OID_SHA1_WITH_RSA_OIW 141
+#define OID_NS_REVOCATION_URL 165
+#define OID_NS_CA_REVOCATION_URL 166
+#define OID_NS_CA_POLICY_URL 167
+#define OID_NS_COMMENT 168
+#define OID_PKI_MESSAGE_TYPE 177
+#define OID_PKI_STATUS 178
+#define OID_PKI_FAIL_INFO 179
+#define OID_PKI_SENDER_NONCE 180
+#define OID_PKI_RECIPIENT_NONCE 181
+#define OID_PKI_TRANS_ID 182
+
+#endif /* OID_H_ */
diff --git a/src/libstrongswan/asn1/oid.pl b/src/libstrongswan/asn1/oid.pl
new file mode 100644
index 000000000..5db619755
--- /dev/null
+++ b/src/libstrongswan/asn1/oid.pl
@@ -0,0 +1,127 @@
+#!/usr/bin/perl
+# Generates oid.h and oid.c out of oid.txt
+# Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# for more details.
+#
+
+$copyright="Copyright (C) 2003-2004 Andreas Steffen, Zuercher Hochschule Winterthur";
+$automatic="This file has been automatically generated by the script oid.pl";
+$warning="Do not edit manually!";
+
+print "oid.pl generating oid.h and oid.c\n";
+
+# Generate oid.h
+
+open(OID_H, ">oid.h")
+ or die "could not open 'oid.h': $!";
+
+print OID_H "/* Object identifiers (OIDs) used by FreeS/WAN\n",
+ " * ", $copyright, "\n",
+ " * \n",
+ " * ", $automatic, "\n",
+ " * ", $warning, "\n",
+ " */\n\n",
+ "#ifndef OID_H_\n",
+ "#define OID_H_\n\n",
+ "typedef struct {\n",
+ " u_char octet;\n",
+ " u_int next;\n",
+ " u_int down;\n",
+ " const u_char *name;\n",
+ "} oid_t;\n",
+ "\n",
+ "extern const oid_t oid_names[];\n",
+ "\n",
+ "#define OID_UNKNOWN -1\n";
+
+# parse oid.txt
+
+open(SRC, "<oid.txt")
+ or die "could not open 'oid.txt': $!";
+
+$counter = 0;
+$max_name = 0;
+$max_order = 0;
+
+while ($line = <SRC>)
+{
+ $line =~ m/( *?)(0x\w{2})\s+(".*?")[ \t]*?([\w_]*?)\Z/;
+
+ @order[$counter] = length($1);
+ @octet[$counter] = $2;
+ @name[$counter] = $3;
+
+ if (length($1) > $max_order)
+ {
+ $max_order = length($1);
+ }
+ if (length($3) > $max_name)
+ {
+ $max_name = length($3);
+ }
+ if (length($4) > 0)
+ {
+ printf OID_H "#define %s%s%d\n", $4, "\t" x ((39-length($4))/4), $counter;
+ }
+ $counter++;
+}
+
+print OID_H "\n#endif /* OID_H_ */\n";
+
+close SRC;
+close OID_H;
+
+# Generate oid.c
+
+open(OID_C, ">oid.c")
+ or die "could not open 'oid.c': $!";
+
+print OID_C "/* List of some useful object identifiers (OIDs)\n",
+ " * ", $copyright, "\n",
+ " * \n",
+ " * ", $automatic, "\n",
+ " * ", $warning, "\n",
+ " */\n",
+ "\n",
+ "#include <stdlib.h>\n",
+ "\n",
+ "#include \"oid.h\"\n",
+ "\n",
+ "const oid_t oid_names[] = {\n";
+
+for ($c = 0; $c < $counter; $c++)
+{
+ $next = 0;
+
+ for ($d = $c+1; $d < $counter && @order[$d] >= @order[$c]; $d++)
+ {
+ if (@order[$d] == @order[$c])
+ {
+ @next[$c] = $d;
+ last;
+ }
+ }
+
+ printf OID_C " {%s%s,%s%3d, %d, %s%s}%s /* %3d */\n"
+ ,' ' x @order[$c]
+ , @octet[$c]
+ , ' ' x (1 + $max_order - @order[$c])
+ , @next[$c]
+ , @order[$c+1] > @order[$c]
+ , @name[$c]
+ , ' ' x ($max_name - length(@name[$c]))
+ , $c != $counter-1 ? "," : " "
+ , $c;
+}
+
+print OID_C "};\n" ;
+close OID_C;
diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt
new file mode 100644
index 000000000..eed46d59d
--- /dev/null
+++ b/src/libstrongswan/asn1/oid.txt
@@ -0,0 +1,184 @@
+0x02 "ITU-T Administration"
+ 0x82 ""
+ 0x06 "Germany ITU-T member"
+ 0x01 "Deutsche Telekom AG"
+ 0x0A ""
+ 0x07 ""
+ 0x14 "ND"
+0x09 "data"
+ 0x92 ""
+ 0x26 ""
+ 0x89 ""
+ 0x93 ""
+ 0xF2 ""
+ 0x2C ""
+ 0x64 "pilot"
+ 0x01 "pilotAttributeType"
+ 0x01 "UID"
+ 0x19 "DC"
+0x55 "X.500"
+ 0x04 "X.509"
+ 0x03 "CN"
+ 0x04 "S"
+ 0x05 "SN"
+ 0x06 "C"
+ 0x07 "L"
+ 0x08 "ST"
+ 0x0A "O"
+ 0x0B "OU"
+ 0x0C "T"
+ 0x0D "D"
+ 0x24 "userCertificate"
+ 0x29 "N"
+ 0x2A "G"
+ 0x2B "I"
+ 0x2D "ID"
+ 0x48 "role" OID_ROLE
+ 0x1D "id-ce"
+ 0x09 "subjectDirectoryAttrs"
+ 0x0E "subjectKeyIdentifier" OID_SUBJECT_KEY_ID
+ 0x0F "keyUsage"
+ 0x10 "privateKeyUsagePeriod"
+ 0x11 "subjectAltName" OID_SUBJECT_ALT_NAME
+ 0x12 "issuerAltName"
+ 0x13 "basicConstraints" OID_BASIC_CONSTRAINTS
+ 0x15 "reasonCode" OID_CRL_REASON_CODE
+ 0x1F "crlDistributionPoints" OID_CRL_DISTRIBUTION_POINTS
+ 0x20 "certificatePolicies"
+ 0x23 "authorityKeyIdentifier" OID_AUTHORITY_KEY_ID
+ 0x25 "extendedKeyUsage" OID_EXTENDED_KEY_USAGE
+ 0x37 "targetInformation" OID_TARGET_INFORMATION
+ 0x38 "noRevAvail" OID_NO_REV_AVAIL
+0x2A ""
+ 0x86 ""
+ 0x48 ""
+ 0x86 ""
+ 0xF7 ""
+ 0x0D "RSADSI"
+ 0x01 "PKCS"
+ 0x01 "PKCS-1"
+ 0x01 "rsaEncryption" OID_RSA_ENCRYPTION
+ 0x02 "md2WithRSAEncryption" OID_MD2_WITH_RSA
+ 0x04 "md5WithRSAEncryption" OID_MD5_WITH_RSA
+ 0x05 "sha-1WithRSAEncryption" OID_SHA1_WITH_RSA
+ 0x0B "sha256WithRSAEncryption" OID_SHA256_WITH_RSA
+ 0x0C "sha384WithRSAEncryption" OID_SHA384_WITH_RSA
+ 0x0D "sha512WithRSAEncryption" OID_SHA512_WITH_RSA
+ 0x07 "PKCS-7"
+ 0x01 "data" OID_PKCS7_DATA
+ 0x02 "signedData" OID_PKCS7_SIGNED_DATA
+ 0x03 "envelopedData" OID_PKCS7_ENVELOPED_DATA
+ 0x04 "signedAndEnvelopedData" OID_PKCS7_SIGNED_ENVELOPED_DATA
+ 0x05 "digestedData" OID_PKCS7_DIGESTED_DATA
+ 0x06 "encryptedData" OID_PKCS7_ENCRYPTED_DATA
+ 0x09 "PKCS-9"
+ 0x01 "E" OID_PKCS9_EMAIL
+ 0x02 "unstructuredName"
+ 0x03 "contentType" OID_PKCS9_CONTENT_TYPE
+ 0x04 "messageDigest" OID_PKCS9_MESSAGE_DIGEST
+ 0x05 "signingTime" OID_PKCS9_SIGNING_TIME
+ 0x06 "counterSignature"
+ 0x07 "challengePassword"
+ 0x08 "unstructuredAddress"
+ 0x0E "extensionRequest"
+ 0x02 "digestAlgorithm"
+ 0x02 "md2" OID_MD2
+ 0x05 "md5" OID_MD5
+ 0x03 "encryptionAlgorithm"
+ 0x07 "3des-ede-cbc" OID_3DES_EDE_CBC
+0x2B ""
+ 0x06 "dod"
+ 0x01 "internet"
+ 0x04 "private"
+ 0x01 "enterprise"
+ 0x82 ""
+ 0x37 "Microsoft"
+ 0x0A ""
+ 0x03 ""
+ 0x03 "msSGC"
+ 0x89 ""
+ 0x31 ""
+ 0x01 ""
+ 0x01 ""
+ 0x02 ""
+ 0x02 ""
+ 0x4B "TCGID"
+ 0x05 "security"
+ 0x05 "mechanisms"
+ 0x07 "id-pkix"
+ 0x01 "id-pe"
+ 0x01 "authorityInfoAccess" OID_AUTHORITY_INFO_ACCESS
+ 0x03 "id-kp"
+ 0x01 "serverAuth"
+ 0x02 "clientAuth"
+ 0x03 "codeSigning"
+ 0x04 "emailProtection"
+ 0x05 "ipsecEndSystem"
+ 0x06 "ipsecTunnel"
+ 0x07 "ipsecUser"
+ 0x08 "timeStamping"
+ 0x09 "ocspSigning" OID_OCSP_SIGNING
+ 0x08 "id-otherNames"
+ 0x05 "xmppAddr" OID_XMPP_ADDR
+ 0x0A "id-aca"
+ 0x01 "authenticationInfo" OID_AUTHENTICATION_INFO
+ 0x02 "accessIdentity" OID_ACCESS_IDENTITY
+ 0x03 "chargingIdentity" OID_CHARGING_IDENTITY
+ 0x04 "group" OID_GROUP
+ 0x30 "id-ad"
+ 0x01 "ocsp" OID_OCSP
+ 0x01 "basic" OID_BASIC
+ 0x02 "nonce" OID_NONCE
+ 0x03 "crl" OID_CRL
+ 0x04 "response" OID_RESPONSE
+ 0x05 "noCheck" OID_NO_CHECK
+ 0x06 "archiveCutoff" OID_ARCHIVE_CUTOFF
+ 0x07 "serviceLocator" OID_SERVICE_LOCATOR
+ 0x0E "oiw"
+ 0x03 "secsig"
+ 0x02 "algorithms"
+ 0x07 "des-cbc" OID_DES_CBC
+ 0x1A "sha-1" OID_SHA1
+ 0x1D "sha-1WithRSASignature" OID_SHA1_WITH_RSA_OIW
+ 0x24 "TeleTrusT"
+ 0x03 "algorithm"
+ 0x03 "signatureAlgorithm"
+ 0x01 "rsaSignature"
+ 0x02 "rsaSigWithripemd160"
+ 0x03 "rsaSigWithripemd128"
+ 0x04 "rsaSigWithripemd256"
+0x60 ""
+ 0x86 ""
+ 0x48 ""
+ 0x01 "organization"
+ 0x65 "gov"
+ 0x03 "csor"
+ 0x04 "nistalgorithm"
+ 0x02 "hashalgs"
+ 0x01 "id-SHA-256"
+ 0x02 "id-SHA-384"
+ 0x03 "id-SHA-512"
+ 0x86 ""
+ 0xf8 ""
+ 0x42 "netscape"
+ 0x01 ""
+ 0x01 "nsCertType"
+ 0x03 "nsRevocationUrl" OID_NS_REVOCATION_URL
+ 0x04 "nsCaRevocationUrl" OID_NS_CA_REVOCATION_URL
+ 0x08 "nsCaPolicyUrl" OID_NS_CA_POLICY_URL
+ 0x0d "nsComment" OID_NS_COMMENT
+ 0x03 "directory"
+ 0x01 ""
+ 0x03 "employeeNumber"
+ 0x04 "policy"
+ 0x01 "nsSGC"
+ 0x45 "verisign"
+ 0x01 "pki"
+ 0x09 "attributes"
+ 0x02 "messageType" OID_PKI_MESSAGE_TYPE
+ 0x03 "pkiStatus" OID_PKI_STATUS
+ 0x04 "failInfo" OID_PKI_FAIL_INFO
+ 0x05 "senderNonce" OID_PKI_SENDER_NONCE
+ 0x06 "recipientNonce" OID_PKI_RECIPIENT_NONCE
+ 0x07 "transID" OID_PKI_TRANS_ID
+ 0x08 "extensionReq"
diff --git a/src/libstrongswan/asn1/pem.c b/src/libstrongswan/asn1/pem.c
new file mode 100755
index 000000000..e88db249d
--- /dev/null
+++ b/src/libstrongswan/asn1/pem.c
@@ -0,0 +1,366 @@
+/*
+ * Copyright (C) 2001-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stddef.h>
+#include <sys/types.h>
+
+#include "pem.h"
+
+#include <library.h>
+#include <debug.h>
+#include <asn1/asn1.h>
+#include <asn1/ttodata.h>
+
+#include <utils/lexparser.h>
+#include <crypto/hashers/hasher.h>
+#include <crypto/crypters/crypter.h>
+
+#define PKCS5_SALT_LEN 8 /* bytes */
+
+/**
+ * check the presence of a pattern in a character string
+ */
+static bool present(const char* pattern, chunk_t* ch)
+{
+ u_int pattern_len = strlen(pattern);
+
+ if (ch->len >= pattern_len && strncmp(ch->ptr, pattern, pattern_len) == 0)
+ {
+ ch->ptr += pattern_len;
+ ch->len -= pattern_len;
+ return TRUE;
+ }
+ return FALSE;
+}
+
+/**
+ * find a boundary of the form -----tag name-----
+ */
+static bool find_boundary(const char* tag, chunk_t *line)
+{
+ chunk_t name = chunk_empty;
+
+ if (!present("-----", line))
+ return FALSE;
+ if (!present(tag, line))
+ return FALSE;
+ if (*line->ptr != ' ')
+ return FALSE;
+ line->ptr++; line->len--;
+
+ /* extract name */
+ name.ptr = line->ptr;
+ while (line->len > 0)
+ {
+ if (present("-----", line))
+ {
+ DBG2(" -----%s %.*s-----", tag, (int)name.len, name.ptr);
+ return TRUE;
+ }
+ line->ptr++; line->len--; name.len++;
+ }
+ return FALSE;
+}
+
+/*
+ * decrypts a passphrase protected encrypted data block
+ */
+static err_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_size,
+ chunk_t *iv, chunk_t *passphrase)
+{
+ hasher_t *hasher;
+ crypter_t *crypter;
+ chunk_t salt = { iv->ptr, PKCS5_SALT_LEN };
+ chunk_t hash;
+ chunk_t decrypted;
+ chunk_t key = {alloca(key_size), key_size};
+ u_int8_t padding, *last_padding_pos, *first_padding_pos;
+
+ if (passphrase == NULL || passphrase->len == 0)
+ return "missing passphrase";
+
+ /* build key from passphrase and IV */
+ hasher = hasher_create(HASH_MD5);
+ hash.len = hasher->get_hash_size(hasher);
+ hash.ptr = alloca(hash.len);
+ hasher->get_hash(hasher, *passphrase, NULL);
+ hasher->get_hash(hasher, salt, hash.ptr);
+ memcpy(key.ptr, hash.ptr, hash.len);
+
+ if (key.len > hash.len)
+ {
+ hasher->get_hash(hasher, hash, NULL);
+ hasher->get_hash(hasher, *passphrase, NULL);
+ hasher->get_hash(hasher, salt, hash.ptr);
+ memcpy(key.ptr + hash.len, hash.ptr, key.len - hash.len);
+ }
+ hasher->destroy(hasher);
+
+ /* decrypt blob */
+ crypter = crypter_create(alg, key_size);
+ crypter->set_key(crypter, key);
+ if (crypter->decrypt(crypter, *blob, *iv, &decrypted) != SUCCESS)
+ {
+ return "data size is not multiple of block size";
+ }
+ memcpy(blob->ptr, decrypted.ptr, blob->len);
+ chunk_free(&decrypted);
+
+ /* determine amount of padding */
+ last_padding_pos = blob->ptr + blob->len - 1;
+ padding = *last_padding_pos;
+ first_padding_pos = (padding > blob->len) ? blob->ptr : last_padding_pos - padding;
+
+ /* check the padding pattern */
+ while (--last_padding_pos > first_padding_pos)
+ {
+ if (*last_padding_pos != padding)
+ return "invalid passphrase";
+ }
+ /* remove padding */
+ blob->len -= padding;
+ return NULL;
+}
+
+/* Converts a PEM encoded file into its binary form
+ *
+ * RFC 1421 Privacy Enhancement for Electronic Mail, February 1993
+ * RFC 934 Message Encapsulation, January 1985
+ */
+err_t pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp)
+{
+ typedef enum {
+ PEM_PRE = 0,
+ PEM_MSG = 1,
+ PEM_HEADER = 2,
+ PEM_BODY = 3,
+ PEM_POST = 4,
+ PEM_ABORT = 5
+ } state_t;
+
+ encryption_algorithm_t alg = ENCR_UNDEFINED;
+ size_t key_size = 0;
+
+ bool encrypted = FALSE;
+
+ state_t state = PEM_PRE;
+
+ chunk_t src = *blob;
+ chunk_t dst = *blob;
+ chunk_t line = chunk_empty;
+ chunk_t iv = chunk_empty;
+
+ u_char iv_buf[16]; /* MD5 digest size */
+
+ /* zero size of converted blob */
+ dst.len = 0;
+
+ /* zero size of IV */
+ iv.ptr = iv_buf;
+ iv.len = 0;
+
+ while (fetchline(&src, &line))
+ {
+ if (state == PEM_PRE)
+ {
+ if (find_boundary("BEGIN", &line))
+ {
+ state = PEM_MSG;
+ }
+ continue;
+ }
+ else
+ {
+ if (find_boundary("END", &line))
+ {
+ state = PEM_POST;
+ break;
+ }
+ if (state == PEM_MSG)
+ {
+ state = (memchr(line.ptr, ':', line.len) == NULL) ? PEM_BODY : PEM_HEADER;
+ }
+ if (state == PEM_HEADER)
+ {
+ err_t ugh = NULL;
+ chunk_t name = chunk_empty;
+ chunk_t value = chunk_empty;
+
+ /* an empty line separates HEADER and BODY */
+ if (line.len == 0)
+ {
+ state = PEM_BODY;
+ continue;
+ }
+
+ /* we are looking for a parameter: value pair */
+ DBG2(" %.*s", (int)line.len, line.ptr);
+ ugh = extract_parameter_value(&name, &value, &line);
+ if (ugh != NULL)
+ continue;
+
+ if (match("Proc-Type", &name) && *value.ptr == '4')
+ encrypted = TRUE;
+ else if (match("DEK-Info", &name))
+ {
+ size_t len = 0;
+ chunk_t dek;
+
+ if (!extract_token(&dek, ',', &value))
+ dek = value;
+
+ if (match("DES-EDE3-CBC", &dek))
+ {
+ alg = ENCR_3DES;
+ key_size = 24;
+ }
+ else if (match("AES-128-CBC", &dek))
+ {
+ alg = ENCR_AES_CBC;
+ key_size = 16;
+ }
+ else if (match("AES-192-CBC", &dek))
+ {
+ alg = ENCR_AES_CBC;
+ key_size = 24;
+ }
+ else if (match("AES-256-CBC", &dek))
+ {
+ alg = ENCR_AES_CBC;
+ key_size = 32;
+ }
+ else
+ {
+ return "encryption algorithm not supported";
+ }
+
+ eat_whitespace(&value);
+ ugh = ttodata(value.ptr, value.len, 16, iv.ptr, 16, &len);
+ if (ugh)
+ return "error in IV";
+
+ iv.len = len;
+ }
+ }
+ else /* state is PEM_BODY */
+ {
+ const char *ugh = NULL;
+ size_t len = 0;
+ chunk_t data;
+
+ /* remove any trailing whitespace */
+ if (!extract_token(&data ,' ', &line))
+ {
+ data = line;
+ }
+
+ /* check for PGP armor checksum */
+ if (*data.ptr == '=')
+ {
+ *pgp = TRUE;
+ data.ptr++;
+ data.len--;
+ DBG2(" Armor checksum: %.*s", (int)data.len, data.ptr);
+ continue;
+ }
+
+ ugh = ttodata(data.ptr, data.len, 64, dst.ptr, blob->len - dst.len, &len);
+ if (ugh)
+ {
+ state = PEM_ABORT;
+ break;
+ }
+ else
+ {
+ dst.ptr += len;
+ dst.len += len;
+ }
+ }
+ }
+ }
+ /* set length to size of binary blob */
+ blob->len = dst.len;
+
+ if (state != PEM_POST)
+ return "file coded in unknown format, discarded";
+
+ return (encrypted)? pem_decrypt(blob, alg, key_size, &iv, passphrase) : NULL;
+}
+
+/* load a coded key or certificate file with autodetection
+ * of binary DER or base64 PEM ASN.1 formats and armored PGP format
+ */
+bool pem_asn1_load_file(const char *filename, chunk_t *passphrase,
+ const char *type, chunk_t *blob, bool *pgp)
+{
+ err_t ugh = NULL;
+
+ FILE *fd = fopen(filename, "r");
+
+ if (fd)
+ {
+ int bytes;
+ fseek(fd, 0, SEEK_END );
+ blob->len = ftell(fd);
+ rewind(fd);
+ blob->ptr = malloc(blob->len);
+ bytes = fread(blob->ptr, 1, blob->len, fd);
+ fclose(fd);
+ DBG1(" loading %s file '%s' (%d bytes)", type, filename, bytes);
+
+ *pgp = FALSE;
+
+ /* try DER format */
+ if (is_asn1(*blob))
+ {
+ DBG2(" file coded in DER format");
+ return TRUE;
+ }
+
+ if (passphrase != NULL)
+ DBG4(" passphrase:", passphrase->ptr, passphrase->len);
+
+ /* try PEM format */
+ ugh = pem_to_bin(blob, passphrase, pgp);
+
+ if (ugh == NULL)
+ {
+ if (*pgp)
+ {
+ DBG2(" file coded in armored PGP format");
+ return TRUE;
+ }
+ if (is_asn1(*blob))
+ {
+ DBG2(" file coded in PEM format");
+ return TRUE;
+ }
+ ugh = "file coded in unknown format, discarded";
+ }
+
+ /* a conversion error has occured */
+ DBG1(" %s", ugh);
+ chunk_free(blob);
+ }
+ else
+ {
+ DBG1(" could not open %s file '%s'", type, filename);
+ }
+ return FALSE;
+}
diff --git a/src/libstrongswan/asn1/pem.h b/src/libstrongswan/asn1/pem.h
new file mode 100755
index 000000000..0f4b7202c
--- /dev/null
+++ b/src/libstrongswan/asn1/pem.h
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) 2001-2004 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PEM_H_
+#define PEM_H_
+
+#include <stdio.h>
+
+#include <library.h>
+
+err_t pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp);
+
+bool pem_asn1_load_file(const char *filename, chunk_t *passphrase,
+ const char *type, chunk_t *blob, bool *pgp);
+
+#endif /*PEM_H_*/
diff --git a/src/libstrongswan/asn1/ttodata.c b/src/libstrongswan/asn1/ttodata.c
new file mode 100644
index 000000000..8114b12c5
--- /dev/null
+++ b/src/libstrongswan/asn1/ttodata.c
@@ -0,0 +1,378 @@
+/*
+ * convert from text form of arbitrary data (e.g., keys) to binary
+ * Copyright (C) 2000 Henry Spencer.
+ *
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Library General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
+ * License for more details.
+ */
+
+#include "ttodata.h"
+
+#include <string.h>
+#include <ctype.h>
+
+/* converters and misc */
+static int unhex(const char *, char *, size_t);
+static int unb64(const char *, char *, size_t);
+static int untext(const char *, char *, size_t);
+static const char *badch(const char *, int, char *, size_t);
+
+/* internal error codes for converters */
+#define SHORT (-2) /* internal buffer too short */
+#define BADPAD (-3) /* bad base64 padding */
+#define BADCH0 (-4) /* invalid character 0 */
+#define BADCH1 (-5) /* invalid character 1 */
+#define BADCH2 (-6) /* invalid character 2 */
+#define BADCH3 (-7) /* invalid character 3 */
+#define BADOFF(code) (BADCH0-(code))
+
+/**
+ * @brief convert text to data, with verbose error reports
+ *
+ * If some of this looks slightly odd, it's because it has changed
+ * repeatedly (from the original atodata()) without a major rewrite.
+ *
+ * @param src
+ * @param srclen 0 means apply strlen()
+ * @param base 0 means figure it out
+ * @param dst need not be valid if dstlen is 0
+ * @param dstlen
+ * @param lenp where to record length (NULL is nowhere)
+ * @param errp error buffer
+ * @param flags
+ * @return NULL on success, else literal or errp
+ */
+const char *ttodatav(const char *src, size_t srclen, int base, char *dst, size_t dstlen, size_t *lenp, char *errp, size_t errlen, unsigned int flags)
+{
+ size_t ingroup; /* number of input bytes converted at once */
+ char buf[4]; /* output from conversion */
+ int nbytes; /* size of output */
+ int (*decode)(const char *, char *, size_t);
+ char *stop;
+ int ndone;
+ int i;
+ int underscoreok;
+ int skipSpace = 0;
+
+ if (srclen == 0)
+ srclen = strlen(src);
+ if (dstlen == 0)
+ dst = buf; /* point it somewhere valid */
+ stop = dst + dstlen;
+
+ if (base == 0) {
+ if (srclen < 2)
+ return "input too short to be valid";
+ if (*src++ != '0')
+ return "input does not begin with format prefix";
+ switch (*src++) {
+ case 'x':
+ case 'X':
+ base = 16;
+ break;
+ case 's':
+ case 'S':
+ base = 64;
+ break;
+ case 't':
+ case 'T':
+ base = 256;
+ break;
+ default:
+ return "unknown format prefix";
+ }
+ srclen -= 2;
+ }
+ switch (base) {
+ case 16:
+ decode = unhex;
+ underscoreok = 1;
+ ingroup = 2;
+ break;
+ case 64:
+ decode = unb64;
+ underscoreok = 0;
+ ingroup = 4;
+ if(flags & TTODATAV_IGNORESPACE) {
+ skipSpace = 1;
+ }
+ break;
+
+ case 256:
+ decode = untext;
+ ingroup = 1;
+ underscoreok = 0;
+ break;
+ default:
+ return "unknown base";
+ }
+
+ /* proceed */
+ ndone = 0;
+ while (srclen > 0) {
+ char stage[4]; /* staging area for group */
+ size_t sl = 0;
+
+ /* Grab ingroup characters into stage,
+ * squeezing out blanks if we are supposed to ignore them.
+ */
+ for (sl = 0; sl < ingroup; src++, srclen--) {
+ if (srclen == 0)
+ return "input ends in mid-byte, perhaps truncated";
+ else if (!(skipSpace && (*src == ' ' || *src == '\t')))
+ stage[sl++] = *src;
+ }
+
+ nbytes = (*decode)(stage, buf, sizeof(buf));
+ switch (nbytes) {
+ case BADCH0:
+ case BADCH1:
+ case BADCH2:
+ case BADCH3:
+ return badch(stage, nbytes, errp, errlen);
+ case SHORT:
+ return "internal buffer too short (\"can't happen\")";
+ case BADPAD:
+ return "bad (non-zero) padding at end of base64 input";
+ }
+ if (nbytes <= 0)
+ return "unknown internal error";
+ for (i = 0; i < nbytes; i++) {
+ if (dst < stop)
+ *dst++ = buf[i];
+ ndone++;
+ }
+ while (srclen >= 1 && skipSpace && (*src == ' ' || *src == '\t')){
+ src++;
+ srclen--;
+ }
+ if (underscoreok && srclen > 1 && *src == '_') {
+ /* srclen > 1 means not last character */
+ src++;
+ srclen--;
+ }
+ }
+
+ if (ndone == 0)
+ return "no data bytes specified by input";
+ if (lenp != NULL)
+ *lenp = ndone;
+ return NULL;
+}
+
+/**
+ * @brief ttodata - convert text to data
+ *
+ * @param src
+ * @param srclen 0 means apply strlen()
+ * @param base 0 means figure it out
+ * @param dst need not be valid if dstlen is 0
+ * @param dstlen
+ * @param lenp where to record length (NULL is nowhere)
+ * @return NULL on success, else literal
+ */
+const char *ttodata(const char *src, size_t srclen, int base, char *dst, size_t dstlen, size_t *lenp)
+{
+ return ttodatav(src, srclen, base, dst, dstlen, lenp, (char *)NULL,
+ (size_t)0, TTODATAV_SPACECOUNTS);
+}
+
+/**
+ * @brief atodata - convert ASCII to data
+ *
+ * backward-compatibility interface
+ *
+ * @param src
+ * @param srclen
+ * @param dst
+ * @param dstlen
+ * @return 0 for failure, true length for success
+ */
+size_t atodata(const char *src, size_t srclen, char *dst, size_t dstlen)
+{
+ size_t len;
+ const char *err;
+
+ err = ttodata(src, srclen, 0, dst, dstlen, &len);
+ if (err != NULL)
+ return 0;
+ return len;
+}
+
+/**
+ * @brief atobytes - convert ASCII to data bytes
+ *
+ * another backward-compatibility interface
+ */
+const char *atobytes(const char *src, size_t srclen, char *dst, size_t dstlen, size_t *lenp)
+{
+ return ttodata(src, srclen, 0, dst, dstlen, lenp);
+}
+
+/**
+ * @brief unhex - convert two ASCII hex digits to byte
+ *
+ * @param src known to be full length
+ * @param dstnumber of result bytes, or error code
+ * @param dstlen not large enough is a failure
+ * @return
+ */
+static int unhex(const char *src, char *dst, size_t dstlen)
+{
+ char *p;
+ unsigned byte;
+ static char hex[] = "0123456789abcdef";
+
+ if (dstlen < 1)
+ return SHORT;
+
+ p = strchr(hex, *src);
+ if (p == NULL)
+ p = strchr(hex, tolower(*src));
+ if (p == NULL)
+ return BADCH0;
+ byte = (p - hex) << 4;
+ src++;
+
+ p = strchr(hex, *src);
+ if (p == NULL)
+ p = strchr(hex, tolower(*src));
+ if (p == NULL)
+ return BADCH1;
+ byte |= (p - hex);
+
+ *dst = byte;
+ return 1;
+}
+
+/**
+ * @brief unb64 - convert four ASCII base64 digits to three bytes
+ *
+ * Note that a base64 digit group is padded out with '=' if it represents
+ * less than three bytes: one byte is dd==, two is ddd=, three is dddd.
+ *
+ * @param src known to be full length
+ * @param dst
+ * @param dstlen
+ * @return number of result bytes, or error code
+ */
+static int unb64(const char *src, char *dst, size_t dstlen)
+{
+ char *p;
+ unsigned byte1;
+ unsigned byte2;
+ static char base64[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+
+ if (dstlen < 3)
+ return SHORT;
+
+ p = strchr(base64, *src++);
+
+ if (p == NULL)
+ return BADCH0;
+ byte1 = (p - base64) << 2; /* first six bits */
+
+ p = strchr(base64, *src++);
+ if (p == NULL) {
+ return BADCH1;
+ }
+
+ byte2 = p - base64; /* next six: two plus four */
+ *dst++ = byte1 | (byte2 >> 4);
+ byte1 = (byte2 & 0xf) << 4;
+
+ p = strchr(base64, *src++);
+ if (p == NULL) {
+ if (*(src-1) == '=' && *src == '=') {
+ if (byte1 != 0) /* bad padding */
+ return BADPAD;
+ return 1;
+ }
+ return BADCH2;
+ }
+
+ byte2 = p - base64; /* next six: four plus two */
+ *dst++ = byte1 | (byte2 >> 2);
+ byte1 = (byte2 & 0x3) << 6;
+
+ p = strchr(base64, *src++);
+ if (p == NULL) {
+ if (*(src-1) == '=') {
+ if (byte1 != 0) /* bad padding */
+ return BADPAD;
+ return 2;
+ }
+ return BADCH3;
+ }
+ byte2 = p - base64; /* last six */
+ *dst++ = byte1 | byte2;
+
+ return 3;
+}
+
+/**
+ * @brief untext - convert one ASCII character to byte
+ *
+ * @param src known to be full length
+ * @param dst
+ * @param dstlen not large enough is a failure
+ * @return number of result bytes, or error code
+ */
+static int untext(const char *src, char *dst, size_t dstlen)
+{
+ if (dstlen < 1)
+ return SHORT;
+
+ *dst = *src;
+ return 1;
+}
+
+/**
+ * @brief badch - produce a nice complaint about an unknown character
+ *
+ * If the compiler complains that the array bigenough[] has a negative
+ * size, that means the TTODATAV_BUF constant has been set too small.
+ *
+ * @param src
+ * @param errcode
+ * @param errp might be NULL
+ * @param errlen
+ * @return literal or errp
+ */
+static const char *badch(const char *src, int errcode, char *errp, size_t errlen)
+{
+ static const char pre[] = "unknown character (`";
+ static const char suf[] = "') in input";
+ char buf[5];
+# define REQD (sizeof(pre) - 1 + sizeof(buf) - 1 + sizeof(suf))
+ struct sizecheck {
+ char bigenough[TTODATAV_BUF - REQD]; /* see above */
+ };
+ char ch;
+
+ if (errp == NULL || errlen < REQD)
+ return "unknown character in input";
+ strcpy(errp, pre);
+ ch = *(src + BADOFF(errcode));
+ if (isprint(ch)) {
+ buf[0] = ch;
+ buf[1] = '\0';
+ } else {
+ buf[0] = '\\';
+ buf[1] = ((ch & 0700) >> 6) + '0';
+ buf[2] = ((ch & 0070) >> 3) + '0';
+ buf[3] = ((ch & 0007) >> 0) + '0';
+ buf[4] = '\0';
+ }
+ strcat(errp, buf);
+ strcat(errp, suf);
+ return (const char *)errp;
+}
diff --git a/src/libstrongswan/asn1/ttodata.h b/src/libstrongswan/asn1/ttodata.h
new file mode 100644
index 000000000..6125c6b82
--- /dev/null
+++ b/src/libstrongswan/asn1/ttodata.h
@@ -0,0 +1,28 @@
+/*
+ * convert from text form of arbitrary data (e.g., keys) to binary
+ * Copyright (C) 2000 Henry Spencer.
+ *
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Library General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/lgpl.txt>.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public
+ * License for more details.
+ */
+
+#ifndef TTODATA_H_
+#define TTODATA_H_
+
+#include <library.h>
+
+#define TTODATAV_BUF 40 /* ttodatav's largest non-literal message */
+#define TTODATAV_IGNORESPACE (1<<1) /* ignore spaces in base64 encodings*/
+#define TTODATAV_SPACECOUNTS 0 /* do not ignore spaces in base64 */
+
+err_t ttodata(const char *src, size_t srclen, int base, char *buf, size_t buflen, size_t *needed);
+
+
+#endif /* TTODATA_H_ */
diff --git a/src/libstrongswan/chunk.c b/src/libstrongswan/chunk.c
new file mode 100644
index 000000000..cba823c22
--- /dev/null
+++ b/src/libstrongswan/chunk.c
@@ -0,0 +1,410 @@
+/**
+ * @file chunk.c
+ *
+ * @brief Pointer/lenght abstraction and its functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdio.h>
+
+#include "chunk.h"
+
+#include <debug.h>
+#include <printf_hook.h>
+
+/**
+ * Empty chunk.
+ */
+chunk_t chunk_empty = { NULL, 0 };
+
+/**
+ * Described in header.
+ */
+chunk_t chunk_create(u_char *ptr, size_t len)
+{
+ chunk_t chunk = {ptr, len};
+ return chunk;
+}
+
+/**
+ * Described in header.
+ */
+chunk_t chunk_create_clone(u_char *ptr, chunk_t chunk)
+{
+ chunk_t clone = chunk_empty;
+
+ if (chunk.ptr && chunk.len > 0)
+ {
+ clone.ptr = ptr;
+ clone.len = chunk.len;
+ memcpy(clone.ptr, chunk.ptr, chunk.len);
+ }
+
+ return clone;
+}
+
+/**
+ * Decribed in header.
+ */
+size_t chunk_length(const char* mode, ...)
+{
+ va_list chunks;
+ size_t length = 0;
+
+ va_start(chunks, mode);
+ while (TRUE)
+ {
+ switch (*mode++)
+ {
+ case 'm':
+ case 'c':
+ {
+ chunk_t ch = va_arg(chunks, chunk_t);
+ length += ch.len;
+ continue;
+ }
+ default:
+ break;
+ }
+ break;
+ }
+ va_end(chunks);
+ return length;
+}
+
+/**
+ * Decribed in header.
+ */
+chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...)
+{
+ va_list chunks;
+ chunk_t construct = chunk_create(ptr, 0);
+
+ va_start(chunks, mode);
+ while (TRUE)
+ {
+ bool free_chunk = FALSE;
+ switch (*mode++)
+ {
+ case 'm':
+ {
+ free_chunk = TRUE;
+ }
+ case 'c':
+ {
+ chunk_t ch = va_arg(chunks, chunk_t);
+ memcpy(ptr, ch.ptr, ch.len);
+ ptr += ch.len;
+ construct.len += ch.len;
+ if (free_chunk)
+ {
+ free(ch.ptr);
+ }
+ continue;
+ }
+ default:
+ break;
+ }
+ break;
+ }
+ va_end(chunks);
+
+ return construct;
+}
+
+/**
+ * Decribed in header.
+ */
+void chunk_split(chunk_t chunk, const char *mode, ...)
+{
+ va_list chunks;
+ size_t len;
+ chunk_t *ch;
+
+ va_start(chunks, mode);
+ while (TRUE)
+ {
+ if (*mode == '\0')
+ {
+ break;
+ }
+ len = va_arg(chunks, size_t);
+ ch = va_arg(chunks, chunk_t*);
+ /* a null chunk means skip len bytes */
+ if (ch == NULL)
+ {
+ chunk = chunk_skip(chunk, len);
+ continue;
+ }
+ switch (*mode++)
+ {
+ case 'm':
+ {
+ ch->len = min(chunk.len, len);
+ if (ch->len)
+ {
+ ch->ptr = chunk.ptr;
+ }
+ else
+ {
+ ch->ptr = NULL;
+ }
+ chunk = chunk_skip(chunk, ch->len);
+ continue;
+ }
+ case 'a':
+ {
+ ch->len = min(chunk.len, len);
+ if (ch->len)
+ {
+ ch->ptr = malloc(ch->len);
+ memcpy(ch->ptr, chunk.ptr, ch->len);
+ }
+ else
+ {
+ ch->ptr = NULL;
+ }
+ chunk = chunk_skip(chunk, ch->len);
+ continue;
+ }
+ case 'c':
+ {
+ ch->len = min(ch->len, chunk.len);
+ ch->len = min(ch->len, len);
+ if (ch->len)
+ {
+ memcpy(ch->ptr, chunk.ptr, ch->len);
+ }
+ else
+ {
+ ch->ptr = NULL;
+ }
+ chunk = chunk_skip(chunk, ch->len);
+ continue;
+ }
+ default:
+ break;
+ }
+ break;
+ }
+ va_end(chunks);
+}
+
+/**
+ * Described in header.
+ */
+bool chunk_write(chunk_t chunk, const char *path, const char *label, mode_t mask, bool force)
+{
+ mode_t oldmask;
+ FILE *fd;
+
+ if (!force)
+ {
+ fd = fopen(path, "r");
+ if (fd)
+ {
+ fclose(fd);
+ DBG1(" %s file '%s' already exists", label, path);
+ return FALSE;
+ }
+ }
+
+ /* set umask */
+ oldmask = umask(mask);
+
+ fd = fopen(path, "w");
+
+ if (fd)
+ {
+ fwrite(chunk.ptr, sizeof(u_char), chunk.len, fd);
+ fclose(fd);
+ DBG1(" written %s file '%s' (%u bytes)", label, path, chunk.len);
+ umask(oldmask);
+ return TRUE;
+ }
+ else
+ {
+ DBG1(" could not open %s file '%s' for writing", label, path);
+ umask(oldmask);
+ return FALSE;
+ }
+}
+
+/**
+ * Described in header.
+ */
+void chunk_free(chunk_t *chunk)
+{
+ free(chunk->ptr);
+ chunk->ptr = NULL;
+ chunk->len = 0;
+}
+
+/**
+ * Described in header.
+ */
+chunk_t chunk_skip(chunk_t chunk, size_t bytes)
+{
+ if (chunk.len > bytes)
+ {
+ chunk.ptr += bytes;
+ chunk.len -= bytes;
+ return chunk;
+ }
+ return chunk_empty;
+}
+
+/**
+ * Described in header.
+ */
+int chunk_compare(chunk_t a, chunk_t b)
+{
+ int compare_len = a.len - b.len;
+ int len = (compare_len < 0)? a.len : b.len;
+
+ if (compare_len != 0 || len == 0)
+ {
+ return compare_len;
+ }
+ return memcmp(a.ptr, b.ptr, len);
+};
+
+/**
+ * Described in header.
+ */
+bool chunk_equals(chunk_t a, chunk_t b)
+{
+ return a.ptr != NULL && b.ptr != NULL &&
+ a.len == b.len && memeq(a.ptr, b.ptr, a.len);
+}
+
+/**
+ * Described in header.
+ */
+bool chunk_equals_or_null(chunk_t a, chunk_t b)
+{
+ if (a.ptr == NULL || b.ptr == NULL)
+ return TRUE;
+ return a.len == b.len && memeq(a.ptr, b.ptr, a.len);
+}
+
+/**
+ * Number of bytes per line to dump raw data
+ */
+#define BYTES_PER_LINE 16
+
+/**
+ * output handler in printf() for byte ranges
+ */
+static int print_bytes(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ char *bytes = *((void**)(args[0]));
+ int len = *((size_t*)(args[1]));
+
+ char buffer[BYTES_PER_LINE * 3];
+ char ascii_buffer[BYTES_PER_LINE + 1];
+ char *buffer_pos = buffer;
+ char *bytes_pos = bytes;
+ char *bytes_roof = bytes + len;
+ int line_start = 0;
+ int i = 0;
+ int written = 0;
+
+ written += fprintf(stream, "=> %d bytes @ %p", len, bytes);
+
+ while (bytes_pos < bytes_roof)
+ {
+ static char hexdig[] = "0123456789ABCDEF";
+
+ *buffer_pos++ = hexdig[(*bytes_pos >> 4) & 0xF];
+ *buffer_pos++ = hexdig[ *bytes_pos & 0xF];
+
+ ascii_buffer[i++] =
+ (*bytes_pos > 31 && *bytes_pos < 127) ? *bytes_pos : '.';
+
+ if (++bytes_pos == bytes_roof || i == BYTES_PER_LINE)
+ {
+ int padding = 3 * (BYTES_PER_LINE - i);
+ int written;
+
+ while (padding--)
+ {
+ *buffer_pos++ = ' ';
+ }
+ *buffer_pos++ = '\0';
+ ascii_buffer[i] = '\0';
+
+ written += fprintf(stream, "\n%4d: %s %s",
+ line_start, buffer, ascii_buffer);
+
+
+ buffer_pos = buffer;
+ line_start += BYTES_PER_LINE;
+ i = 0;
+ }
+ else
+ {
+ *buffer_pos++ = ' ';
+ }
+ }
+ return written;
+}
+
+/**
+ * output handler in printf() for chunks
+ */
+static int print_chunk(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ chunk_t *chunk = *((chunk_t**)(args[0]));
+ bool first = TRUE;
+ chunk_t copy = *chunk;
+ int written = 0;
+
+ if (!info->alt)
+ {
+ const void *new_args[] = {&chunk->ptr, &chunk->len};
+ return print_bytes(stream, info, new_args);
+ }
+
+ while (copy.len > 0)
+ {
+ if (first)
+ {
+ first = FALSE;
+ }
+ else
+ {
+ written += fprintf(stream, ":");
+ }
+ written += fprintf(stream, "%02x", *copy.ptr++);
+ copy.len--;
+ }
+ return written;
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_CHUNK, print_chunk, arginfo_ptr);
+ register_printf_function(PRINTF_BYTES, print_bytes, arginfo_ptr_int);
+}
diff --git a/src/libstrongswan/chunk.h b/src/libstrongswan/chunk.h
new file mode 100644
index 000000000..a13ccfc22
--- /dev/null
+++ b/src/libstrongswan/chunk.h
@@ -0,0 +1,154 @@
+/**
+ * @file chunk.h
+ *
+ * @brief Pointer/length abstraction and its functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CHUNK_H_
+#define CHUNK_H_
+
+#include <string.h>
+#include <stdarg.h>
+
+#include <library.h>
+
+typedef struct chunk_t chunk_t;
+
+/**
+ * General purpose pointer/length abstraction.
+ */
+struct chunk_t {
+ /** Pointer to start of data */
+ u_char *ptr;
+ /** Length of data in bytes */
+ size_t len;
+};
+
+/**
+ * A { NULL, 0 }-chunk handy for initialization.
+ */
+extern chunk_t chunk_empty;
+
+/**
+ * Create a new chunk pointing to "ptr" with length "len"
+ */
+chunk_t chunk_create(u_char *ptr, size_t len);
+
+/**
+ * Create a clone of a chunk pointing to "ptr"
+ */
+chunk_t chunk_create_clone(u_char *ptr, chunk_t chunk);
+
+/**
+ * Calculate length of multiple chunks
+ */
+size_t chunk_length(const char *mode, ...);
+
+/**
+ * Concatenate chunks into a chunk pointing to "ptr",
+ * "mode" is a string of "c" (copy) and "m" (move), which says
+ * how to handle to chunks in "..."
+ */
+chunk_t chunk_create_cat(u_char *ptr, const char* mode, ...);
+
+/**
+ * Split up a chunk into parts, "mode" is a string of "a" (alloc),
+ * "c" (copy) and "m" (move). Each letter say for the corresponding chunk if
+ * it should get allocated on heap, copied into existing chunk, or the chunk
+ * should point into "chunk". The length of each part is an argument before
+ * each target chunk. E.g.:
+ * chunk_split(chunk, "mcac", 3, &a, 7, &b, 5, &c, d.len, &d);
+ */
+void chunk_split(chunk_t chunk, const char *mode, ...);
+
+/**
+ * Write the binary contents of a chunk_t to a file
+ */
+bool chunk_write(chunk_t chunk, const char *path, const char *label, mode_t mask, bool force);
+
+/**
+ * Free contents of a chunk
+ */
+void chunk_free(chunk_t *chunk);
+
+/**
+ * Initialize a chunk to point to buffer inspectable by sizeof()
+ */
+#define chunk_from_buf(str) { str, sizeof(str) }
+
+/**
+ * Initialize a chunk to point to a thing
+ */
+#define chunk_from_thing(thing) chunk_create((char*)&(thing), sizeof(thing))
+
+/**
+ * Allocate a chunk on the heap
+ */
+#define chunk_alloc(bytes) chunk_create(malloc(bytes), bytes)
+
+/**
+ * Allocate a chunk on the stack
+ */
+#define chunk_alloca(bytes) chunk_create(alloca(bytes), bytes)
+
+/**
+ * Clone a chunk on heap
+ */
+#define chunk_clone(chunk) chunk_create_clone(malloc(chunk.len), chunk)
+
+/**
+ * Clone a chunk on stack
+ */
+#define chunk_clonea(chunk) chunk_create_clone(alloca(chunk.len), chunk)
+
+/**
+ * Concatenate chunks into a chunk on heap
+ */
+#define chunk_cat(mode, ...) chunk_create_cat(malloc(chunk_length(mode, __VA_ARGS__)), mode, __VA_ARGS__)
+
+/**
+ * Concatenate chunks into a chunk on stack
+ */
+#define chunk_cata(mode, ...) chunk_create_cat(alloca(chunk_length(mode, __VA_ARGS__)), mode, __VA_ARGS__)
+
+/**
+ * Skip n bytes in chunk (forward pointer, shorten length)
+ */
+chunk_t chunk_skip(chunk_t chunk, size_t bytes);
+
+/**
+ * Compare two chunks, returns zero if a equals b
+ * or negative/positive if a is small/greater than b
+ */
+int chunk_compare(chunk_t a, chunk_t b);
+
+/**
+ * Compare two chunks for equality,
+ * NULL chunks are never equal.
+ */
+bool chunk_equals(chunk_t a, chunk_t b);
+
+/**
+ * Compare two chunks for equality,
+ * NULL chunks are always equal.
+ */
+bool chunk_equals_or_null(chunk_t a, chunk_t b);
+
+#endif /* CHUNK_H_ */
diff --git a/src/libstrongswan/credential_store.h b/src/libstrongswan/credential_store.h
new file mode 100755
index 000000000..5d51981ec
--- /dev/null
+++ b/src/libstrongswan/credential_store.h
@@ -0,0 +1,294 @@
+/**
+ * @file credential_store.h
+ *
+ * @brief Interface credential_store_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CREDENTIAL_STORE_H_
+#define CREDENTIAL_STORE_H_
+
+typedef struct credential_store_t credential_store_t;
+
+#include <library.h>
+#include <crypto/x509.h>
+#include <crypto/ca.h>
+#include <crypto/rsa/rsa_private_key.h>
+#include <crypto/rsa/rsa_public_key.h>
+#include <utils/identification.h>
+
+
+/**
+ * @brief The interface for a credential_store backend.
+ *
+ * @b Constructors:
+ * - stroke_create()
+ *
+ * @ingroup config
+ */
+struct credential_store_t {
+
+ /**
+ * @brief Returns the secret shared by two specific IDs.
+ *
+ * The returned chunk must be destroyed by the caller after usage.
+ *
+ * @param this calling object
+ * @param my_id my ID identifiying the secret.
+ * @param other_id peer ID identifying the secret.
+ * @param[out] secret the pre-shared secret will be written there.
+ * @return
+ * - NOT_FOUND if no preshared secrets for specific ID could be found
+ * - SUCCESS
+ *
+ */
+ status_t (*get_shared_key) (credential_store_t *this, identification_t *my_id,
+ identification_t *other_id, chunk_t *shared_key);
+
+ /**
+ * @brief Returns the EAP secret for two specified IDs.
+ *
+ * The returned chunk must be destroyed by the caller after usage.
+ *
+ * @param this calling object
+ * @param my_id my ID identifiying the secret.
+ * @param other_id peer ID identifying the secret.
+ * @param[out] eap_key the EAP secret will be written here
+ * @return
+ * - NOT_FOUND if no preshared secrets for specific ID could be found
+ * - SUCCESS
+ *
+ */
+ status_t (*get_eap_key) (credential_store_t *this, identification_t *my_id,
+ identification_t *other_id, chunk_t *eap_key);
+
+ /**
+ * @brief Returns the RSA public key of a specific ID.
+ *
+ * @param this calling object
+ * @param id identification_t object identifiying the key.
+ * @return public key, or NULL if not found
+ */
+ rsa_public_key_t* (*get_rsa_public_key) (credential_store_t *this, identification_t *id);
+
+ /**
+ * @brief Returns the RSA public key of a specific ID if is trusted
+ *
+ * @param this calling object
+ * @param id identification_t object identifiying the key.
+ * @return public key, or NULL if not found or not trusted
+ */
+ rsa_public_key_t* (*get_trusted_public_key) (credential_store_t *this, identification_t *id);
+
+ /**
+ * @brief Returns the RSA private key belonging to an RSA public key
+ *
+ * The returned rsa_private_key_t must be destroyed by the caller after usage.
+ *
+ * @param this calling object
+ * @param pubkey public key
+ * @return private key, or NULL if not found
+ */
+ rsa_private_key_t* (*get_rsa_private_key) (credential_store_t *this, rsa_public_key_t *pubkey);
+
+ /**
+ * @brief Is there a matching RSA private key belonging to an RSA public key?
+ *
+ * @param this calling object
+ * @param pubkey public key
+ * @return TRUE if matching private key was found
+ */
+ bool (*has_rsa_private_key) (credential_store_t *this, rsa_public_key_t *pubkey);
+
+ /**
+ * @brief Returns the certificate of a specific ID.
+ *
+ * @param this calling object
+ * @param id identification_t object identifiying the cert.
+ * @return certificate, or NULL if not found
+ */
+ x509_t* (*get_certificate) (credential_store_t *this, identification_t *id);
+
+ /**
+ * @brief Returns the auth certificate of a specific subject distinguished name.
+ *
+ * @param this calling object
+ * @param auth_flags set of allowed authority types
+ * @param id identification_t object identifiying the cacert.
+ * @return certificate, or NULL if not found
+ */
+ x509_t* (*get_auth_certificate) (credential_store_t *this, u_int auth_flags, identification_t *id);
+
+ /**
+ * @brief Returns the ca certificate of a specific keyID.
+ *
+ * @param this calling object
+ * @param keyid identification_t object identifiying the cacert.
+ * @return certificate, or NULL if not found
+ */
+ x509_t* (*get_ca_certificate_by_keyid) (credential_store_t *this, chunk_t keyid);
+
+ /**
+ * @brief Returns the issuing ca of a given certificate.
+ *
+ * @param this calling object
+ * @param cert certificate for which issuer ca info is required
+ * @return ca info, or NULL if not found
+ */
+ ca_info_t* (*get_issuer) (credential_store_t *this, const x509_t* cert);
+
+ /**
+ * @brief Verify an X.509 certificate up to trust anchor without any status checks
+ *
+ * @param this calling object
+ * @param cert certificate to be verified
+ * @return TRUE if trusted
+ */
+ bool (*is_trusted) (credential_store_t *this, x509_t *cert);
+
+ /**
+ * @brief Verify an X.509 certificate up to trust anchor including status checks
+ *
+ * @param this calling object
+ * @param cert certificate to be verified
+ * @param found found a certificate copy in the credential store
+ * @return TRUE if valid, trusted, and current status is good
+ */
+ bool (*verify) (credential_store_t *this, x509_t *cert, bool *found);
+
+ /**
+ * @brief If an end certificate does not already exists in the credential store then add it.
+ *
+ * @param this calling object
+ * @param cert certificate to be added
+ * @return pointer to the added or already existing certificate
+ */
+ x509_t* (*add_end_certificate) (credential_store_t *this, x509_t *cert);
+
+ /**
+ * @brief If an authority certificate does not already exists in the credential store then add it.
+ *
+ * @param this calling object
+ * @param cert authority certificate to be added
+ * @param auth_flag authority flags to add to the certificate
+ * @return pointer to the added or already existing certificate
+ */
+ x509_t* (*add_auth_certificate) (credential_store_t *this, x509_t *cert, u_int auth_flag);
+
+ /**
+ * @brief If a ca info record does not already exists in the credential store then add it.
+ *
+ * @param this calling object
+ * @param ca_info ca info record to be added
+ */
+ void (*add_ca_info) (credential_store_t *this, ca_info_t *ca_info);
+
+ /**
+ * @brief Release a ca info record with a given name.
+ *
+ * @param this calling object
+ * @param name name of the ca info record to be released
+ * @return
+ * - SUCCESS, or
+ * - NOT_FOUND
+ */
+ status_t (*release_ca_info) (credential_store_t *this, const char *name);
+
+ /**
+ * @brief Create an iterator over all end certificates.
+ *
+ * @param this calling object
+ * @return iterator
+ */
+ iterator_t* (*create_cert_iterator) (credential_store_t *this);
+
+ /**
+ * @brief Create an iterator over all authority certificates.
+ *
+ * @param this calling object
+ * @return iterator
+ */
+ iterator_t* (*create_auth_cert_iterator) (credential_store_t *this);
+
+ /**
+ * @brief Create an iterator over all CA info records
+ *
+ * @param this calling object
+ * @return iterator
+ */
+ iterator_t* (*create_cainfo_iterator) (credential_store_t *this);
+
+ /**
+ * @brief Loads ca certificates from a default directory.
+ *
+ * Certificates in both DER and PEM format are accepted
+ *
+ * @param this calling object
+ */
+ void (*load_ca_certificates) (credential_store_t *this);
+
+ /**
+ * @brief Loads ocsp certificates from a default directory.
+ *
+ * Certificates in both DER and PEM format are accepted
+ *
+ * @param this calling object
+ */
+ void (*load_ocsp_certificates) (credential_store_t *this);
+
+ /**
+ * @brief Loads CRLs from a default directory.
+ *
+ * Certificates in both DER and PEM format are accepted
+ *
+ * @param this calling object
+ * @param path directory to load crls from
+ */
+ void (*load_crls) (credential_store_t *this);
+
+ /**
+ * @brief Loads secrets in ipsec.secrets
+ *
+ * Currently, all RSA private key files must be in unencrypted form
+ * either in DER or PEM format.
+ *
+ * @param this calling object
+ */
+ void (*load_secrets) (credential_store_t *this);
+
+ /**
+ * @brief Destroys a credential_store_t object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (credential_store_t *this);
+};
+
+/**
+ * @brief Creates a credential_store_t instance.
+ *
+ * @param strict enforce a strict crl policy
+ * @return credential store instance.
+ *
+ * @ingroup config
+ */
+credential_store_t *credential_store_create(bool strict);
+
+
+#endif /*CREDENTIAL_STORE_H_*/
diff --git a/src/libstrongswan/crypto/ca.c b/src/libstrongswan/crypto/ca.c
new file mode 100644
index 000000000..1f566a098
--- /dev/null
+++ b/src/libstrongswan/crypto/ca.c
@@ -0,0 +1,788 @@
+/**
+ * @file ca.c
+ *
+ * @brief Implementation of ca_info_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+#include <pthread.h>
+
+#include "x509.h"
+#include "crl.h"
+#include "ca.h"
+#include "certinfo.h"
+#include "ocsp.h"
+
+#include <library.h>
+#include <debug.h>
+#include <utils/linked_list.h>
+#include <utils/identification.h>
+#include <utils/fetcher.h>
+
+typedef struct private_ca_info_t private_ca_info_t;
+
+/**
+ * Private data of a ca_info_t object.
+ */
+struct private_ca_info_t {
+ /**
+ * Public interface for this ca info record
+ */
+ ca_info_t public;
+
+ /**
+ * Name of the ca info record
+ */
+ char *name;
+
+ /**
+ * Time when ca info record was installed
+ */
+ time_t installed;
+
+ /**
+ * Distinguished Name of the CA
+ */
+ x509_t *cacert;
+
+ /**
+ * List of crl URIs
+ */
+ linked_list_t *crluris;
+
+ /**
+ * List of ocsp URIs
+ */
+ linked_list_t *ocspuris;
+
+ /**
+ * CRL issued by this ca
+ */
+ crl_t *crl;
+
+ /**
+ * List of certificate info records
+ */
+ linked_list_t *certinfos;
+
+ /**
+ * mutex controls access to the elements:
+ * name, crluris, ocspuris, crl, and certinfos
+ */
+ pthread_mutex_t mutex;
+};
+
+/**
+ * static options set by ca_info_set_options()
+ */
+static bool cache_crls = FALSE;
+static u_int crl_check_interval = 0;
+
+/**
+ * Implements ca_info_t.equals
+ */
+static bool equals(const private_ca_info_t *this, const private_ca_info_t *that)
+{
+ return chunk_equals(this->cacert->get_keyid(this->cacert),
+ that->cacert->get_keyid(that->cacert));
+}
+
+/**
+ * Implements ca_info_t.equals_name_release_info
+ */
+static bool equals_name_release_info(private_ca_info_t *this, const char *name)
+{
+ bool found;
+
+ pthread_mutex_lock(&(this->mutex));
+ found = this->name != NULL && streq(this->name, name);
+
+ if (found)
+ {
+ this->crluris->destroy_offset(this->crluris,
+ offsetof(identification_t, destroy));
+ this->crluris = linked_list_create();
+
+ this->ocspuris->destroy_offset(this->ocspuris,
+ offsetof(identification_t, destroy));
+ this->ocspuris = linked_list_create();
+
+ free(this->name);
+ this->name = NULL;
+ }
+
+ pthread_mutex_unlock(&(this->mutex));
+ return found;
+}
+
+/**
+ * Implements ca_info_t.is_crl_issuer
+ */
+static bool is_cert_issuer(private_ca_info_t *this, const x509_t *cert)
+{
+ return cert->is_issuer(cert, this->cacert);
+}
+
+/**
+ * Implements ca_info_t.is_crl_issuer
+ */
+static bool is_crl_issuer(private_ca_info_t *this, const crl_t *crl)
+{
+ return crl->is_issuer(crl, this->cacert);
+}
+
+/**
+ * Implements ca_info_t.has_crl
+ */
+static bool has_crl(private_ca_info_t *this)
+{
+ bool found;
+
+ pthread_mutex_lock(&(this->mutex));
+ found = this->crl != NULL;
+ pthread_mutex_unlock(&(this->mutex));
+
+ return found;
+}
+
+/**
+ * Implements ca_info_t.has_certinfos
+ */
+static bool has_certinfos(private_ca_info_t *this)
+{
+ bool found;
+
+ pthread_mutex_lock(&(this->mutex));
+ found = this->certinfos->get_count(this->certinfos) > 0;
+ pthread_mutex_unlock(&(this->mutex));
+
+ return found;
+}
+
+/**
+ * Implements ca_info_t.add_crl
+ */
+static void add_crl(private_ca_info_t *this, crl_t *crl)
+{
+ pthread_mutex_lock(&(this->mutex));
+
+ if (this->crl)
+ {
+ if (crl->is_newer(crl, this->crl))
+ {
+ this->crl->destroy(this->crl);
+ this->crl = crl;
+ DBG1(" this crl is newer - existing crl replaced");
+ }
+ else
+ {
+ crl->destroy(crl);
+ DBG1(" this crl is not newer - existing crl retained");
+ }
+ }
+ else
+ {
+ this->crl = crl;
+ DBG2(" crl added");
+ }
+
+ pthread_mutex_unlock(&(this->mutex));
+}
+
+/**
+ * Implements ca_info_t.list_crl
+ */
+static void list_crl(private_ca_info_t *this, FILE *out, bool utc)
+{
+ pthread_mutex_lock(&(this->mutex));
+
+ fprintf(out, "%#U\n", this->crl, utc);
+
+ pthread_mutex_unlock(&(this->mutex));
+}
+
+/**
+ * Implements ca_info_t.list_certinfos
+ */
+static void list_certinfos(private_ca_info_t *this, FILE *out, bool utc)
+{
+ pthread_mutex_lock(&(this->mutex));
+
+ fprintf(out," authname: '%D'\n", this->cacert->get_subject(this->cacert));
+ {
+ chunk_t authkey = this->cacert->get_subjectKeyID(this->cacert);
+
+ fprintf(out," authkey: %#B\n", &authkey);
+ }
+ {
+ iterator_t *iterator = this->certinfos->create_iterator(this->certinfos, TRUE);
+ certinfo_t *certinfo;
+
+ while (iterator->iterate(iterator, (void**)&certinfo))
+ {
+ fprintf(out, "%#Y\n", certinfo, utc);
+ }
+ iterator->destroy(iterator);
+ }
+
+ pthread_mutex_unlock(&(this->mutex));
+}
+
+/**
+ * Find an exact copy of an identification in a linked list
+ */
+static identification_t* find_identification(linked_list_t *list, identification_t *id)
+{
+ identification_t *found_id = NULL, *current_id;
+
+ iterator_t *iterator = list->create_iterator(list, TRUE);
+
+ while (iterator->iterate(iterator, (void**)&current_id))
+ {
+ if (id->equals(id, current_id))
+ {
+ found_id = current_id;
+ break;
+ }
+ }
+ iterator->destroy(iterator);
+
+ return found_id;
+}
+
+/**
+ * Add a unique identification to a linked list
+ */
+static identification_t *add_identification(linked_list_t *list, identification_t *id)
+{
+ identification_t *found_id = find_identification(list, id);
+
+ if (found_id)
+ {
+ id->destroy(id);
+ return found_id;
+ }
+ else
+ {
+ list->insert_last(list, (void*)id);
+ return id;
+ }
+}
+
+/**
+ * Implements ca_info_t.add_crluri
+ */
+static void add_crluri(private_ca_info_t *this, chunk_t uri)
+{
+ if (uri.len < 6 ||
+ (strncasecmp(uri.ptr, "http", 4) != 0 &&
+ strncasecmp(uri.ptr, "ldap", 4) != 0 &&
+ strncasecmp(uri.ptr, "file", 4) != 0 &&
+ strncasecmp(uri.ptr, "ftp", 3) != 0))
+ {
+ DBG1(" invalid crl uri '%#B'", uri);
+ return;
+ }
+ else
+ {
+ identification_t *crluri = identification_create_from_encoding(ID_DER_ASN1_GN_URI, uri);
+
+ pthread_mutex_lock(&(this->mutex));
+ add_identification(this->crluris, crluri);
+ pthread_mutex_unlock(&(this->mutex));
+ }
+}
+
+/**
+ * Implements ca_info_t.add_ocspuri
+ */
+static void add_ocspuri(private_ca_info_t *this, chunk_t uri)
+{
+ if (uri.len < 7 || strncasecmp(uri.ptr, "http", 4) != 0)
+ {
+ DBG1(" invalid ocsp uri '%.*s'", uri.len, uri.ptr);
+ return;
+ }
+ else
+ {
+ identification_t *ocspuri = identification_create_from_encoding(ID_DER_ASN1_GN_URI, uri);
+
+ pthread_mutex_lock(&(this->mutex));
+ add_identification(this->ocspuris, ocspuri);
+ pthread_mutex_unlock(&(this->mutex));
+ }
+}
+
+/**
+ * Implements ca_info_t.add_info.
+ */
+void add_info (private_ca_info_t *this, const private_ca_info_t *that)
+{
+ pthread_mutex_lock(&(this->mutex));
+
+ if (this->name == NULL && that->name != NULL)
+ {
+ this->name = strdup(that->name);
+ }
+
+ pthread_mutex_unlock(&(this->mutex));
+
+ {
+ identification_t *uri;
+
+ iterator_t *iterator = that->crluris->create_iterator(that->crluris, TRUE);
+
+ while (iterator->iterate(iterator, (void**)&uri))
+ {
+ add_crluri(this, uri->get_encoding(uri));
+ }
+ iterator->destroy(iterator);
+ }
+
+ {
+ identification_t *uri;
+
+ iterator_t *iterator = that->ocspuris->create_iterator(that->ocspuris, TRUE);
+
+ while (iterator->iterate(iterator, (void**)&uri))
+ {
+ add_ocspuri(this, uri->get_encoding(uri));
+ }
+ iterator->destroy(iterator);
+ }
+}
+
+/**
+ * Implements ca_info_t.get_certificate.
+ */
+static x509_t* get_certificate(private_ca_info_t* this)
+{
+ return this->cacert;
+}
+
+/**
+ * caches a crl by saving it to a given crl directory
+ */
+void cache_crl(private_ca_info_t* this, const char *crl_dir, crl_t *crl)
+{
+ char buffer[BUF_LEN];
+ char *path;
+ char *pos = buffer;
+ int len = BUF_LEN;
+ int n;
+
+ chunk_t authKeyID = this->cacert->get_subjectKeyID(this->cacert);
+ chunk_t uri;
+
+ uri.ptr = buffer;
+ uri.len = 7 + strlen(crl_dir) + 1 + 2*authKeyID.len + 4;
+
+ if (uri.len >= BUF_LEN)
+ {
+ DBG1("file uri exceeds buffer length of %d bytes - crl not saved", BUF_LEN);
+ return;
+ }
+
+ /* print the file uri prefix */
+ n = snprintf(pos, len, "file://");
+ pos += n; len -= n;
+
+ /* remember the start of the path string */
+ path = pos;
+
+ /* print the default crl directory path */
+ n = snprintf(pos, len, "%s/", crl_dir);
+ pos += n; len -= n;
+
+ /* create and print a unique crl filename derived from the authKeyID */
+ while (authKeyID.len-- > 0)
+ {
+ n = snprintf(pos, len, "%02x", *authKeyID.ptr++);
+ pos += n; len -= n;
+ }
+
+ /* add the file suffix */
+ n = snprintf(pos, len, ".crl");
+
+ if (crl->write_to_file(crl, path, 0022, TRUE))
+ {
+ identification_t *crluri = identification_create_from_encoding(ID_DER_ASN1_GN_URI, uri);
+
+ add_identification(this->crluris, crluri);
+ }
+}
+
+/**
+ * Implements ca_info_t.verify_by_crl.
+ */
+static cert_status_t verify_by_crl(private_ca_info_t* this, certinfo_t *certinfo,
+ const char *crl_dir)
+{
+ rsa_public_key_t *issuer_public_key = this->cacert->get_public_key(this->cacert);
+ bool stale;
+
+ pthread_mutex_lock(&(this->mutex));
+ if (this->crl == NULL)
+ {
+ stale = TRUE;
+ DBG1("no crl is locally available");
+ }
+ else
+ {
+ stale = !this->crl->is_valid(this->crl);
+ DBG1("crl is %s", stale? "stale":"valid");
+ }
+
+ if (stale && crl_check_interval > 0)
+ {
+ iterator_t *iterator = this->crluris->create_iterator(this->crluris, TRUE);
+ identification_t *uri;
+
+ while (iterator->iterate(iterator, (void**)&uri))
+ {
+ fetcher_t *fetcher;
+ char uri_string[BUF_LEN];
+ chunk_t uri_chunk = uri->get_encoding(uri);
+ chunk_t response_chunk;
+
+ snprintf(uri_string, BUF_LEN, "%.*s", uri_chunk.len, uri_chunk.ptr);
+ fetcher = fetcher_create(uri_string);
+
+ response_chunk = fetcher->get(fetcher);
+ fetcher->destroy(fetcher);
+ if (response_chunk.ptr != NULL)
+ {
+ crl_t *crl = crl_create_from_chunk(response_chunk);
+
+ if (crl == NULL)
+ {
+ free(response_chunk.ptr);
+ continue;
+ }
+ if (!is_crl_issuer(this, crl))
+ {
+ DBG1(" fetched crl has wrong issuer");
+ crl->destroy(crl);
+ continue;
+ }
+ if (!crl->verify(crl, issuer_public_key))
+ {
+ DBG1("fetched crl signature is invalid");
+ crl->destroy(crl);
+ continue;
+ }
+ DBG2("fetched crl signature is valid");
+
+ if (this->crl == NULL)
+ {
+ this->crl = crl;
+ }
+ else if (crl->is_newer(crl, this->crl))
+ {
+ this->crl->destroy(this->crl);
+ this->crl = crl;
+ DBG1("this crl is newer - existing crl replaced");
+ }
+ else
+ {
+ crl->destroy(crl);
+ DBG1("this crl is not newer - existing crl retained");
+ continue;
+ }
+ if (crl->is_valid(crl))
+ {
+ if (cache_crls && strncasecmp(uri_string, "file", 4) != 0)
+ {
+ cache_crl(this, crl_dir, crl);
+ }
+ /* we found a valid crl and therefore exit the fetch loop */
+ break;
+ }
+ else
+ {
+ DBG1("fetched crl is stale");
+ }
+ }
+ }
+ iterator->destroy(iterator);
+ }
+
+ if (this->crl)
+ {
+ if (!this->crl->verify(this->crl, issuer_public_key))
+ {
+ DBG1("crl signature is invalid");
+ goto ret;
+ }
+ DBG2("crl signature is valid");
+
+ this->crl->get_status(this->crl, certinfo);
+ }
+
+ret:
+ pthread_mutex_unlock(&(this->mutex));
+ return certinfo->get_status(certinfo);
+}
+
+/**
+ * Implements ca_info_t.verify_by_ocsp.
+ */
+static cert_status_t verify_by_ocsp(private_ca_info_t* this,
+ certinfo_t *certinfo,
+ credential_store_t *credentials)
+{
+ bool stale;
+ iterator_t *iterator;
+ certinfo_t *cached_certinfo = NULL;
+ int comparison = 1;
+
+ pthread_mutex_lock(&(this->mutex));
+
+ /* do we support OCSP at all? */
+ if (this->ocspuris->get_count(this->ocspuris) == 0)
+ {
+ goto ret;
+ }
+
+ iterator = this->certinfos->create_iterator(this->certinfos, TRUE);
+
+ /* find the list insertion point in alphabetical order */
+ while(iterator->iterate(iterator, (void**)&cached_certinfo))
+ {
+ comparison = certinfo->compare_serialNumber(certinfo, cached_certinfo);
+
+ if (comparison <= 0)
+ {
+ break;
+ }
+ }
+
+ /* do we have a valid certinfo_t for this serial number in our cache? */
+ if (comparison == 0)
+ {
+ stale = cached_certinfo->get_nextUpdate(cached_certinfo) < time(NULL);
+ DBG1("ocsp status in cache is %s", stale ? "stale":"fresh");
+ }
+ else
+ {
+ stale = TRUE;
+ DBG1("ocsp status is not in cache");
+ }
+
+ if (stale)
+ {
+ ocsp_t *ocsp;
+
+ ocsp = ocsp_create(this->cacert, this->ocspuris);
+ ocsp->fetch(ocsp, certinfo, credentials);
+ if (certinfo->get_status(certinfo) != CERT_UNDEFINED)
+ {
+ if (comparison != 0)
+ {
+ cached_certinfo = certinfo_create(certinfo->get_serialNumber(certinfo));
+
+ if (comparison > 0)
+ {
+ iterator->insert_after(iterator, (void *)cached_certinfo);
+ }
+ else
+ {
+ iterator->insert_before(iterator, (void *)cached_certinfo);
+ }
+ }
+ cached_certinfo->update(cached_certinfo, certinfo);
+ }
+ ocsp->destroy(ocsp);
+ }
+ else
+ {
+ certinfo->update(certinfo, cached_certinfo);
+ }
+
+ iterator->destroy(iterator);
+
+ret:
+ pthread_mutex_unlock(&(this->mutex));
+ return certinfo->get_status(certinfo);
+}
+
+/**
+ * Implements ca_info_t.purge_ocsp
+ */
+static void purge_ocsp(private_ca_info_t *this)
+{
+ pthread_mutex_lock(&(this->mutex));
+
+ this->certinfos->destroy_offset(this->certinfos,
+ offsetof(certinfo_t, destroy));
+ this->certinfos = linked_list_create();
+
+ pthread_mutex_unlock(&(this->mutex));
+}
+
+/**
+ * Implements ca_info_t.destroy
+ */
+static void destroy(private_ca_info_t *this)
+{
+ this->crluris->destroy_offset(this->crluris,
+ offsetof(identification_t, destroy));
+ this->ocspuris->destroy_offset(this->ocspuris,
+ offsetof(identification_t, destroy));
+ this->certinfos->destroy_offset(this->certinfos,
+ offsetof(certinfo_t, destroy));
+ DESTROY_IF(this->crl);
+ free(this->name);
+ free(this);
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_ca_info_t *this = *((private_ca_info_t**)(args[0]));
+ bool utc = TRUE;
+ int written = 0;
+ const x509_t *cacert;
+
+ if (info->alt)
+ {
+ utc = *((bool*)args[1]);
+ }
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ pthread_mutex_lock(&(this->mutex));
+ written += fprintf(stream, "%#T", &this->installed, utc);
+
+ if (this->name)
+ {
+ written += fprintf(stream, ", \"%s\"\n", this->name);
+ }
+ else
+ {
+ written += fprintf(stream, "\n");
+ }
+
+ cacert = this->cacert;
+ written += fprintf(stream, " authname: '%D'\n", cacert->get_subject(cacert));
+ {
+ chunk_t authkey = cacert->get_subjectKeyID(cacert);
+
+ written += fprintf(stream, " authkey: %#B\n", &authkey);
+ }
+ {
+ chunk_t keyid = cacert->get_keyid(cacert);
+
+ written += fprintf(stream, " keyid: %#B\n", &keyid);
+ }
+ {
+ identification_t *crluri;
+ iterator_t *iterator = this->crluris->create_iterator(this->crluris, TRUE);
+ bool first = TRUE;
+
+ while (iterator->iterate(iterator, (void**)&crluri))
+ {
+ written += fprintf(stream, " %s '%D'\n",
+ first? "crluris:":" ", crluri);
+ first = FALSE;
+ }
+ iterator->destroy(iterator);
+ }
+ {
+ identification_t *ocspuri;
+ iterator_t *iterator = this->ocspuris->create_iterator(this->ocspuris, TRUE);
+ bool first = TRUE;
+
+ while (iterator->iterate(iterator, (void**)&ocspuri))
+ {
+ written += fprintf(stream, " %s '%D'\n",
+ first? "ocspuris:":" ", ocspuri);
+ first = FALSE;
+ }
+ iterator->destroy(iterator);
+ }
+ pthread_mutex_unlock(&(this->mutex));
+ return written;
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_CAINFO, print, arginfo_ptr_alt_ptr_int);
+}
+
+/*
+ * Described in header.
+ */
+void ca_info_set_options(bool cache, u_int interval)
+{
+ cache_crls = cache;
+ crl_check_interval = interval;
+}
+
+/*
+ * Described in header.
+ */
+ca_info_t *ca_info_create(const char *name, x509_t *cacert)
+{
+ private_ca_info_t *this = malloc_thing(private_ca_info_t);
+
+ /* initialize */
+ this->installed = time(NULL);
+ this->name = (name == NULL)? NULL:strdup(name);
+ this->cacert = cacert;
+ this->crluris = linked_list_create();
+ this->ocspuris = linked_list_create();
+ this->certinfos = linked_list_create();
+ this->crl = NULL;
+
+ /* initialize the mutex */
+ pthread_mutex_init(&(this->mutex), NULL);
+
+ /* public functions */
+ this->public.equals = (bool (*) (const ca_info_t*,const ca_info_t*))equals;
+ this->public.equals_name_release_info = (bool (*) (ca_info_t*,const char*))equals_name_release_info;
+ this->public.is_cert_issuer = (bool (*) (ca_info_t*,const x509_t*))is_cert_issuer;
+ this->public.is_crl_issuer = (bool (*) (ca_info_t*,const crl_t*))is_crl_issuer;
+ this->public.add_info = (void (*) (ca_info_t*,const ca_info_t*))add_info;
+ this->public.add_crl = (void (*) (ca_info_t*,crl_t*))add_crl;
+ this->public.has_crl = (bool (*) (ca_info_t*))has_crl;
+ this->public.has_certinfos = (bool (*) (ca_info_t*))has_certinfos;
+ this->public.list_crl = (void (*) (ca_info_t*,FILE*,bool))list_crl;
+ this->public.list_certinfos = (void (*) (ca_info_t*,FILE*,bool))list_certinfos;
+ this->public.add_crluri = (void (*) (ca_info_t*,chunk_t))add_crluri;
+ this->public.add_ocspuri = (void (*) (ca_info_t*,chunk_t))add_ocspuri;
+ this->public.get_certificate = (x509_t* (*) (ca_info_t*))get_certificate;
+ this->public.verify_by_crl = (cert_status_t (*) (ca_info_t*,certinfo_t*, const char*))verify_by_crl;
+ this->public.verify_by_ocsp = (cert_status_t (*) (ca_info_t*,certinfo_t*,credential_store_t*))verify_by_ocsp;
+ this->public.purge_ocsp = (void (*) (ca_info_t*))purge_ocsp;
+ this->public.destroy = (void (*) (ca_info_t*))destroy;
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/crypto/ca.h b/src/libstrongswan/crypto/ca.h
new file mode 100644
index 000000000..c494a4468
--- /dev/null
+++ b/src/libstrongswan/crypto/ca.h
@@ -0,0 +1,215 @@
+/**
+ * @file ca.h
+ *
+ * @brief Interface of ca_info_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CA_H_
+#define CA_H_
+
+typedef struct ca_info_t ca_info_t;
+
+#include <library.h>
+#include <chunk.h>
+
+#include <credential_store.h>
+
+#include "x509.h"
+#include "crl.h"
+
+/**
+ * @brief X.509 certification authority information record
+ *
+ * @b Constructors:
+ * - ca_info_create()
+ *
+ * @ingroup transforms
+ */
+struct ca_info_t {
+
+ /**
+ * @brief Compare two ca info records
+ *
+ * Comparison is done via the keyid of the ca certificate
+ *
+ * @param this first ca info object
+ * @param that second ca info objct
+ * @return TRUE if a match is found
+ */
+ bool (*equals) (const ca_info_t *this, const ca_info_t* that);
+
+ /**
+ * @brief If the ca info record has the same name then release the name and URIs
+ *
+ * @param this ca info object
+ * @return TRUE if a match is found
+ */
+ bool (*equals_name_release_info) (ca_info_t *this, const char *name);
+
+ /**
+ * @brief Checks if a certificate was issued by this ca
+ *
+ * @param this ca info object
+ * @param cert certificate to be checked
+ * @return TRUE if the issuing ca has been found
+ */
+ bool (*is_cert_issuer) (ca_info_t *this, const x509_t *cert);
+
+ /**
+ * @brief Checks if a crl was issued by this ca
+ *
+ * @param this ca info object
+ * @param crl crl to be checked
+ * @return TRUE if the issuing ca has been found
+ */
+ bool (*is_crl_issuer) (ca_info_t *this, const crl_t *crl);
+
+ /**
+ * @brief Merges info from a secondary ca info object
+ *
+ * @param this primary ca info object
+ * @param that secondary ca info object
+ */
+ void (*add_info) (ca_info_t *this, const ca_info_t *that);
+
+ /**
+ * @brief Adds a new or replaces an obsoleted CRL
+ *
+ * @param this ca info object
+ * @param crl crl to be added
+ */
+ void (*add_crl) (ca_info_t *this, crl_t *crl);
+
+ /**
+ * @brief Does the CA have a CRL?
+ *
+ * @param this ca info object
+ * @return TRUE if crl is available
+ */
+ bool (*has_crl) (ca_info_t *this);
+
+ /**
+ * @brief Does the CA have OCSP certinfos?
+ *
+ * @param this ca info object
+ * @return TRUE if there are any certinfos
+ */
+ bool (*has_certinfos) (ca_info_t *this);
+
+ /**
+ * @brief List the CRL onto the console
+ *
+ * @param this ca info object
+ * @param out output stream
+ * @param utc TRUE - utc
+ FALSE - local time
+ */
+ void (*list_crl) (ca_info_t *this, FILE *out, bool utc);
+
+ /**
+ * @brief List the OCSP certinfos onto the console
+ *
+ * @param this ca info object
+ * @param out output stream
+ * @param utc TRUE - utc
+ FALSE - local time
+ */
+ void (*list_certinfos) (ca_info_t *this, FILE *out, bool utc);
+
+ /**
+ * @brief Adds a CRL URI to a list
+ *
+ * @param this ca info object
+ * @param uri crl uri to be added
+ */
+ void (*add_crluri) (ca_info_t *this, chunk_t uri);
+
+ /**
+ * @brief Adds a OCSP URI to a list
+ *
+ * @param this ca info object
+ * @param uri ocsp uri to be added
+ */
+ void (*add_ocspuri) (ca_info_t *this, chunk_t uri);
+
+ /**
+ * @brief Get the ca certificate
+ *
+ * @param this ca info object
+ * @return ca certificate
+ */
+ x509_t* (*get_certificate) (ca_info_t *this);
+
+ /**
+ * @brief Verify the status of a certificate by CRL
+ *
+ * @param this ca info object
+ * @param certinfo detailed certificate status information
+ * @param crl_dir directory where fetched crls should be stored
+ * @return certificate status
+ */
+ cert_status_t (*verify_by_crl) (ca_info_t *this, certinfo_t *certinfo, const char *crl_dir);
+
+ /**
+ * @brief Verify the status of a certificate by OCSP
+ *
+ * @param this ca info object
+ * @param certinfo detailed certificate status information
+ * @param credentials credential store needed for trust path verification
+ * @return certificate status
+ */
+ cert_status_t (*verify_by_ocsp) (ca_info_t* this, certinfo_t* certinfo, credential_store_t* credentials);
+
+ /**
+ * @brief Purge the OCSP certinfos of a ca info record
+ *
+ * @param this ca info object
+ */
+ void (*purge_ocsp) (ca_info_t *this);
+
+ /**
+ * @brief Destroys a ca info record
+ *
+ * @param this ca info to destroy
+ */
+ void (*destroy) (ca_info_t *this);
+};
+
+/**
+ * @brief Set ca info options
+ *
+ * @param cache TRUE if crls shall be cached by storing them
+ * @param interval crl_check_interval to be set in seconds
+ *
+ * @ingroup crypto
+ */
+void ca_info_set_options(bool cache, u_int interval);
+
+/**
+ * @brief Create a ca info record
+ *
+ * @param name name of the ca info record
+ * @param cacert path to the ca certificate
+ * @return created ca_info_t, or NULL if invalid.
+ *
+ * @ingroup crypto
+ */
+ca_info_t *ca_info_create(const char *name, x509_t *cacert);
+
+#endif /* CA_H_ */
diff --git a/src/libstrongswan/crypto/certinfo.c b/src/libstrongswan/crypto/certinfo.c
new file mode 100644
index 000000000..654e4c2bd
--- /dev/null
+++ b/src/libstrongswan/crypto/certinfo.c
@@ -0,0 +1,305 @@
+/**
+ * @file certinfo.c
+ *
+ * @brief Implementation of certinfo_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <time.h>
+#include <stdio.h>
+
+#include <library.h>
+
+#include "certinfo.h"
+
+typedef struct private_certinfo_t private_certinfo_t;
+
+/**
+ * Private data of a certinfo_t object.
+ */
+struct private_certinfo_t {
+ /**
+ * Public interface for this certificate status information object.
+ */
+ certinfo_t public;
+
+ /**
+ * Serial number of the certificate
+ */
+ chunk_t serialNumber;
+
+ /**
+ * Certificate status
+ */
+ cert_status_t status;
+
+ /**
+ * Certificate status is for one-time use only
+ */
+ bool once;
+
+ /**
+ * Time when the certificate status info was generated
+ */
+ time_t thisUpdate;
+
+ /**
+ * Time when an updated certifcate status info will be available
+ */
+ time_t nextUpdate;
+
+ /**
+ * Time of certificate revocation
+ */
+ time_t revocationTime;
+
+ /**
+ * Reason of certificate revocation
+ */
+ crl_reason_t revocationReason;
+};
+
+ENUM(cert_status_names, CERT_GOOD, CERT_UNTRUSTED,
+ "good",
+ "revoked",
+ "unknown",
+ "unknown",
+ "untrusted",
+);
+
+ENUM(crl_reason_names, REASON_UNSPECIFIED, REASON_REMOVE_FROM_CRL,
+ "unspecified",
+ "key compromise",
+ "ca compromise",
+ "affiliation changed",
+ "superseded",
+ "cessation of operation",
+ "certificate hold",
+ "reason #7",
+ "remove from crl",
+);
+
+/**
+ * Implements certinfo_t.compare_serialNumber
+ */
+static int compare_serialNumber(const private_certinfo_t *this, const private_certinfo_t *that)
+{
+ return chunk_compare(this->serialNumber, that->serialNumber);
+}
+
+/**
+ * Implements certinfo_t.equals_serialNumber
+ */
+static bool equals_serialNumber(const private_certinfo_t *this, const private_certinfo_t *that)
+{
+ return chunk_equals(this->serialNumber, that->serialNumber);
+}
+
+/**
+ * Implements certinfo_t.get_serialNumber
+ */
+static chunk_t get_serialNumber(const private_certinfo_t *this)
+{
+ return this->serialNumber;
+}
+
+/**
+ * Implements certinfo_t.set_status
+ */
+static void set_status(private_certinfo_t *this, cert_status_t status)
+{
+ this->status = status;
+}
+
+/**
+ * Implements certinfo_t.get_status
+ */
+static cert_status_t get_status(const private_certinfo_t *this)
+{
+ return this->status;
+}
+
+/**
+ * Implements certinfo_t.set_thisUpdate
+ */
+static void set_thisUpdate(private_certinfo_t *this, time_t thisUpdate)
+{
+ this->thisUpdate = thisUpdate;
+}
+
+/**
+ * Implements certinfo_t.get_thisUpdate
+ */
+static time_t get_thisUpdate(const private_certinfo_t *this)
+{
+ return this->thisUpdate;
+}
+
+/**
+ * Implements certinfo_t.set_nextUpdate
+ */
+static void set_nextUpdate(private_certinfo_t *this, time_t nextUpdate)
+{
+ this->nextUpdate = nextUpdate;
+}
+
+/**
+ * Implements certinfo_t.get_nextUpdate
+ */
+static time_t get_nextUpdate(const private_certinfo_t *this)
+{
+ return this->nextUpdate;
+}
+
+/**
+ * Implements certinfo_t.set_revocationTime
+ */
+static void set_revocationTime(private_certinfo_t *this, time_t revocationTime)
+{
+ this->revocationTime = revocationTime;
+}
+
+/**
+ * Implements certinfo_t.get_revocationTime
+ */
+static time_t get_revocationTime(const private_certinfo_t *this)
+{
+ return this->revocationTime;
+}
+
+/**
+ * Implements certinfo_t.set_revocationReason
+ */
+static void set_revocationReason(private_certinfo_t *this, crl_reason_t reason)
+{
+ this->revocationReason = reason;
+}
+
+/**
+ * Implements certinfo_t.get_revocationReason
+ */
+static crl_reason_t get_revocationReason(const private_certinfo_t *this)
+{
+ return this->revocationReason;
+}
+
+/**
+ * Implements certinfo_t.update
+ */
+static void update(private_certinfo_t *this, const private_certinfo_t *that)
+{
+ if (equals_serialNumber(this, that))
+ {
+ chunk_t this_serialNumber = this->serialNumber;
+
+ *this = *that;
+ this->serialNumber = this_serialNumber;
+ }
+}
+
+/**
+ * Implements certinfo_t.destroy
+ */
+static void destroy(private_certinfo_t *this)
+{
+ free(this->serialNumber.ptr);
+ free(this);
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_certinfo_t *this = *((private_certinfo_t**)(args[0]));
+ bool utc = TRUE;
+ int written = 0;
+ time_t now;
+
+ if (info->alt)
+ {
+ utc = *((bool*)args[1]);
+ }
+
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ now = time(NULL);
+
+ written += fprintf(stream, "%#T, until %#T, ",
+ &this->thisUpdate, utc,
+ &this->nextUpdate, utc);
+ if (now > this->nextUpdate)
+ {
+ written += fprintf(stream, "expired (%V ago)\n", &now, &this->nextUpdate);
+ }
+ else
+ {
+ written += fprintf(stream, "ok (expires in %V)\n", &now, &this->nextUpdate);
+ }
+ written += fprintf(stream, " serial: %#B, %N",
+ &this->serialNumber,
+ cert_status_names, this->status);
+ return written;
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_CERTINFO, print, arginfo_ptr_alt_ptr_int);
+}
+
+/*
+ * Described in header.
+ */
+certinfo_t *certinfo_create(chunk_t serial)
+{
+ private_certinfo_t *this = malloc_thing(private_certinfo_t);
+
+ /* initialize */
+ this->serialNumber = chunk_clone(serial);
+ this->status = CERT_UNDEFINED;
+ this->thisUpdate = UNDEFINED_TIME;
+ this->nextUpdate = UNDEFINED_TIME;
+ this->revocationTime = UNDEFINED_TIME;
+ this->revocationReason = REASON_UNSPECIFIED;
+
+ /* public functions */
+ this->public.compare_serialNumber = (int (*) (const certinfo_t*,const certinfo_t*))compare_serialNumber;
+ this->public.equals_serialNumber = (bool (*) (const certinfo_t*,const certinfo_t*))equals_serialNumber;
+ this->public.get_serialNumber = (chunk_t (*) (const certinfo_t*))get_serialNumber;
+ this->public.set_status = (void (*) (certinfo_t*,cert_status_t))set_status;
+ this->public.get_status = (cert_status_t (*) (const certinfo_t*))get_status;
+ this->public.set_thisUpdate = (void (*) (certinfo_t*,time_t))set_thisUpdate;
+ this->public.get_thisUpdate = (time_t (*) (const certinfo_t*))get_thisUpdate;
+ this->public.set_nextUpdate = (void (*) (certinfo_t*,time_t))set_nextUpdate;
+ this->public.get_nextUpdate = (time_t (*) (const certinfo_t*))get_nextUpdate;
+ this->public.set_revocationTime = (void (*) (certinfo_t*,time_t))set_revocationTime;
+ this->public.get_revocationTime = (time_t (*) (const certinfo_t*))get_revocationTime;
+ this->public.set_revocationReason = (void (*) (certinfo_t*, crl_reason_t))set_revocationReason;
+ this->public.get_revocationReason = (crl_reason_t(*) (const certinfo_t*))get_revocationReason;
+ this->public.update = (void (*) (certinfo_t*, const certinfo_t*))update;
+ this->public.destroy = (void (*) (certinfo_t*))destroy;
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/crypto/certinfo.h b/src/libstrongswan/crypto/certinfo.h
new file mode 100644
index 000000000..476befda8
--- /dev/null
+++ b/src/libstrongswan/crypto/certinfo.h
@@ -0,0 +1,203 @@
+/**
+ * @file certinfo.h
+ *
+ * @brief Interface of certinfo_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CERTINFO_H_
+#define CERTINFO_H_
+
+typedef enum cert_status_t cert_status_t;
+typedef enum crl_reason_t crl_reason_t;
+typedef struct certinfo_t certinfo_t;
+
+#include <library.h>
+
+/**
+ * RFC 2560 OCSP - certificate status
+ */
+enum cert_status_t {
+ CERT_GOOD = 0,
+ CERT_REVOKED = 1,
+ CERT_UNKNOWN = 2,
+ CERT_UNDEFINED = 3,
+ CERT_UNTRUSTED = 4 /* private use */
+};
+
+extern enum_name_t *cert_status_names;
+
+/**
+ * RFC 2459 CRL reason codes
+ */
+enum crl_reason_t {
+ REASON_UNSPECIFIED = 0,
+ REASON_KEY_COMPROMISE = 1,
+ REASON_CA_COMPROMISE = 2,
+ REASON_AFFILIATION_CHANGED = 3,
+ REASON_SUPERSEDED = 4,
+ REASON_CESSATION_OF_OPERATON = 5,
+ REASON_CERTIFICATE_HOLD = 6,
+ REASON_REMOVE_FROM_CRL = 8
+};
+
+extern enum_name_t *crl_reason_names;
+
+/**
+ * @brief X.509 certificate status information
+ *
+ * @ingroup transforms
+ */
+struct certinfo_t {
+
+ /**
+ * @brief Check if both certinfo objects have the same serialNumber.
+ *
+ * @param this calling object
+ * @param that second certinfo_t object
+ * @return TRUE if the same serialNumber
+ */
+ bool (*equals_serialNumber) (const certinfo_t *this, const certinfo_t *that);
+
+ /**
+ * @brief Compares two serial numbers.
+ *
+ * @param this calling object
+ * @param that second certinfo_t object
+ * @return negative if this is smaller than that
+ * zero if this equals that
+ * positive if this is greater than that
+ */
+ int (*compare_serialNumber) (const certinfo_t *this, const certinfo_t *that);
+
+ /**
+ * @brief Get serial number.
+ *
+ * @param this calling object
+ * @return serialNumber
+ */
+ chunk_t (*get_serialNumber) (const certinfo_t *this);
+
+ /**
+ * @brief Set certificate status.
+ *
+ * @param this calling object
+ * @param status status
+ */
+ void (*set_status) (certinfo_t *this, cert_status_t status);
+
+ /**
+ * @brief Get certificate status.
+ *
+ * @param this calling object
+ * @return status
+ */
+ cert_status_t (*get_status) (const certinfo_t *this);
+
+ /**
+ * @brief Set thisUpdate.
+ *
+ * @param this calling object
+ * @param thisUpdate thisUpdate
+ */
+ void (*set_thisUpdate) (certinfo_t *this, time_t thisUpdate);
+
+ /**
+ * @brief Get thisUpdate.
+ *
+ * @param this calling object
+ * @return thisUpdate
+ */
+ time_t (*get_thisUpdate) (const certinfo_t *this);
+
+ /**
+ * @brief Set nextUpdate.
+ *
+ * @param this calling object
+ * @param nextUpdate
+ */
+ void (*set_nextUpdate) (certinfo_t *this, time_t nextUpdate);
+
+ /**
+ * @brief Get nextUpdate.
+ *
+ * @param this calling object
+ * @return nextUpdate
+ */
+ time_t (*get_nextUpdate) (const certinfo_t *this);
+
+ /**
+ * @brief Set revocationTime.
+ *
+ * @param this calling object
+ * @param revocationTime revocationTime
+ */
+ void (*set_revocationTime) (certinfo_t *this, time_t revocationTime);
+
+ /**
+ * @brief Get revocationTime.
+ *
+ * @param this calling object
+ * @return revocationTime
+ */
+ time_t (*get_revocationTime) (const certinfo_t *this);
+
+ /**
+ * @brief Set revocationReason.
+ *
+ * @param this calling object
+ * @param reason revocationReason
+ */
+ void (*set_revocationReason) (certinfo_t *this, crl_reason_t reason);
+
+ /**
+ * @brief Get revocationReason.
+ *
+ * @param this calling object
+ * @return revocationReason
+ */
+ crl_reason_t (*get_revocationReason) (const certinfo_t *this);
+
+ /**
+ * @brief Set revocationReason.
+ *
+ * @param this calling object to be updated
+ * @param that object containing updated information
+ */
+ void (*update) (certinfo_t *this, const certinfo_t *that);
+
+ /**
+ * @brief Destroys the certinfo_t object.
+ *
+ * @param this certinfo_t to destroy
+ */
+ void (*destroy) (certinfo_t *this);
+
+};
+
+/**
+ * @brief Create a certinfo_t object.
+ *
+ * @param serial chunk serial number of the certificate
+ * @return created certinfo_t object
+ *
+ * @ingroup transforms
+ */
+certinfo_t *certinfo_create(chunk_t serial);
+
+#endif /* CERTINFO_H_ */
diff --git a/src/libstrongswan/crypto/crl.c b/src/libstrongswan/crypto/crl.c
new file mode 100755
index 000000000..00d6a3ac3
--- /dev/null
+++ b/src/libstrongswan/crypto/crl.c
@@ -0,0 +1,533 @@
+/**
+ * @file crl.c
+ *
+ * @brief Implementation of crl_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+#include <library.h>
+#include <debug.h>
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <asn1/pem.h>
+#include <utils/linked_list.h>
+#include <utils/identification.h>
+
+#include "certinfo.h"
+#include "x509.h"
+#include "crl.h"
+
+#define CRL_WARNING_INTERVAL 7 /* days */
+
+extern char* check_expiry(time_t expiration_date, int warning_interval, bool strict);
+extern time_t parse_time(chunk_t blob, int level0);
+extern void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber);
+
+/* access structure for a revoked certificate */
+
+typedef struct revokedCert_t revokedCert_t;
+
+struct revokedCert_t {
+ chunk_t userCertificate;
+ time_t revocationDate;
+ crl_reason_t revocationReason;
+};
+
+typedef struct private_crl_t private_crl_t;
+
+/**
+ * Private data of a crl_t object.
+ */
+struct private_crl_t {
+ /**
+ * Public interface for this crl.
+ */
+ crl_t public;
+
+ /**
+ * Time when crl was installed
+ */
+ time_t installed;
+
+ /**
+ * List of crlDistributionPoints
+ */
+ linked_list_t *crlDistributionPoints;
+
+ /**
+ * X.509 crl in DER format
+ */
+ chunk_t certificateList;
+
+ /**
+ * X.509 crl body over which signature is computed
+ */
+ chunk_t tbsCertList;
+
+ /**
+ * Version of the X.509 crl
+ */
+ u_int version;
+
+ /**
+ * Signature algorithm
+ */
+ int sigAlg;
+
+ /**
+ * ID representing the crl issuer
+ */
+ identification_t *issuer;
+
+ /**
+ * Time when the crl was generated
+ */
+ time_t thisUpdate;
+
+ /**
+ * Time when an update crl will be available
+ */
+ time_t nextUpdate;
+
+ /**
+ * List of identification_t's representing subjectAltNames
+ */
+ linked_list_t *revokedCertificates;
+
+ /**
+ * Authority Key Identifier
+ */
+ chunk_t authKeyID;
+
+ /**
+ * Authority Key Serial Number
+ */
+ chunk_t authKeySerialNumber;
+
+ /**
+ * Signature algorithm (must be identical to sigAlg)
+ */
+ int algorithm;
+
+ /**
+ * Signature
+ */
+ chunk_t signature;
+};
+
+/**
+ * ASN.1 definition of an X.509 certificate revocation list
+ */
+static const asn1Object_t crlObjects[] = {
+ { 0, "certificateList", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
+ { 1, "tbsCertList", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
+ { 2, "version", ASN1_INTEGER, ASN1_OPT |
+ ASN1_BODY }, /* 2 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
+ { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 4 */
+ { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */
+ { 2, "thisUpdate", ASN1_EOC, ASN1_RAW }, /* 6 */
+ { 2, "nextUpdate", ASN1_EOC, ASN1_RAW }, /* 7 */
+ { 2, "revokedCertificates", ASN1_SEQUENCE, ASN1_OPT |
+ ASN1_LOOP }, /* 8 */
+ { 3, "certList", ASN1_SEQUENCE, ASN1_NONE }, /* 9 */
+ { 4, "userCertificate", ASN1_INTEGER, ASN1_BODY }, /* 10 */
+ { 4, "revocationDate", ASN1_EOC, ASN1_RAW }, /* 11 */
+ { 4, "crlEntryExtensions", ASN1_SEQUENCE, ASN1_OPT |
+ ASN1_LOOP }, /* 12 */
+ { 5, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 13 */
+ { 6, "extnID", ASN1_OID, ASN1_BODY }, /* 14 */
+ { 6, "critical", ASN1_BOOLEAN, ASN1_DEF |
+ ASN1_BODY }, /* 15 */
+ { 6, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 16 */
+ { 4, "end opt or loop", ASN1_EOC, ASN1_END }, /* 17 */
+ { 2, "end opt or loop", ASN1_EOC, ASN1_END }, /* 18 */
+ { 2, "optional extensions", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 19 */
+ { 3, "crlExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
+ { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
+ { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
+ { 5, "critical", ASN1_BOOLEAN, ASN1_DEF |
+ ASN1_BODY }, /* 23 */
+ { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
+ { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
+ { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
+ { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
+ };
+
+#define CRL_OBJ_CERTIFICATE_LIST 0
+#define CRL_OBJ_TBS_CERT_LIST 1
+#define CRL_OBJ_VERSION 2
+#define CRL_OBJ_SIG_ALG 4
+#define CRL_OBJ_ISSUER 5
+#define CRL_OBJ_THIS_UPDATE 6
+#define CRL_OBJ_NEXT_UPDATE 7
+#define CRL_OBJ_USER_CERTIFICATE 10
+#define CRL_OBJ_REVOCATION_DATE 11
+#define CRL_OBJ_CRL_ENTRY_EXTN_ID 14
+#define CRL_OBJ_CRL_ENTRY_CRITICAL 15
+#define CRL_OBJ_CRL_ENTRY_EXTN_VALUE 16
+#define CRL_OBJ_EXTN_ID 22
+#define CRL_OBJ_CRITICAL 23
+#define CRL_OBJ_EXTN_VALUE 24
+#define CRL_OBJ_ALGORITHM 27
+#define CRL_OBJ_SIGNATURE 28
+#define CRL_OBJ_ROOF 29
+
+/**
+ * Parses a CRL revocation reason code
+ */
+static crl_reason_t parse_crl_reasonCode(chunk_t object)
+{
+ crl_reason_t reason = REASON_UNSPECIFIED;
+
+ if (*object.ptr == ASN1_ENUMERATED && asn1_length(&object) == 1)
+ {
+ reason = *object.ptr;
+ }
+ DBG2(" '%N'", crl_reason_names, reason);
+
+ return reason;
+}
+
+/**
+ * Parses an X.509 Certificate Revocation List (CRL)
+ */
+bool parse_x509crl(chunk_t blob, u_int level0, private_crl_t *crl)
+{
+ asn1_ctx_t ctx;
+ bool critical;
+ chunk_t extnID;
+ chunk_t userCertificate = chunk_empty;
+ revokedCert_t *revokedCert = NULL;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < CRL_OBJ_ROOF)
+ {
+ if (!extract_object(crlObjects, &objectID, &object, &level, &ctx))
+ return FALSE;
+
+ /* those objects which will parsed further need the next higher level */
+ level++;
+
+ switch (objectID)
+ {
+ case CRL_OBJ_CERTIFICATE_LIST:
+ crl->certificateList = object;
+ break;
+ case CRL_OBJ_TBS_CERT_LIST:
+ crl->tbsCertList = object;
+ break;
+ case CRL_OBJ_VERSION:
+ crl->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
+ DBG2(" v%d", crl->version);
+ break;
+ case CRL_OBJ_SIG_ALG:
+ crl->sigAlg = parse_algorithmIdentifier(object, level, NULL);
+ break;
+ case CRL_OBJ_ISSUER:
+ crl->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
+ DBG2(" '%D'", crl->issuer);
+ break;
+ case CRL_OBJ_THIS_UPDATE:
+ crl->thisUpdate = parse_time(object, level);
+ break;
+ case CRL_OBJ_NEXT_UPDATE:
+ crl->nextUpdate = parse_time(object, level);
+ break;
+ case CRL_OBJ_USER_CERTIFICATE:
+ userCertificate = object;
+ break;
+ case CRL_OBJ_REVOCATION_DATE:
+ revokedCert = malloc_thing(revokedCert_t);
+ revokedCert->userCertificate = userCertificate;
+ revokedCert->revocationDate = parse_time(object, level);
+ revokedCert->revocationReason = REASON_UNSPECIFIED;
+ crl->revokedCertificates->insert_last(crl->revokedCertificates, (void *)revokedCert);
+ break;
+ case CRL_OBJ_CRL_ENTRY_EXTN_ID:
+ case CRL_OBJ_EXTN_ID:
+ extnID = object;
+ break;
+ case CRL_OBJ_CRL_ENTRY_CRITICAL:
+ case CRL_OBJ_CRITICAL:
+ critical = object.len && *object.ptr;
+ DBG2(" %s",(critical)?"TRUE":"FALSE");
+ break;
+ case CRL_OBJ_CRL_ENTRY_EXTN_VALUE:
+ case CRL_OBJ_EXTN_VALUE:
+ {
+ int extn_oid = known_oid(extnID);
+
+ if (revokedCert && extn_oid == OID_CRL_REASON_CODE)
+ {
+ revokedCert->revocationReason = parse_crl_reasonCode(object);
+ }
+ else if (extn_oid == OID_AUTHORITY_KEY_ID)
+ {
+ parse_authorityKeyIdentifier(object, level, &crl->authKeyID, &crl->authKeySerialNumber);
+ }
+ }
+ break;
+ case CRL_OBJ_ALGORITHM:
+ crl->algorithm = parse_algorithmIdentifier(object, level, NULL);
+ break;
+ case CRL_OBJ_SIGNATURE:
+ crl->signature = object;
+ break;
+ default:
+ break;
+ }
+ objectID++;
+ }
+ time(&crl->installed);
+ return TRUE;
+}
+
+/**
+ * Implements crl_t.is_valid
+ */
+static bool is_valid(const private_crl_t *this)
+{
+ time_t current_time = time(NULL);
+
+ DBG2(" this update : %T", &this->thisUpdate);
+ DBG2(" current time: %T", &current_time);
+ DBG2(" next update: %T", &this->nextUpdate);
+
+ return current_time < this->nextUpdate;
+}
+
+/**
+ * Implements crl_t.get_issuer
+ */
+static identification_t *get_issuer(const private_crl_t *this)
+{
+ return this->issuer;
+}
+
+/**
+ * Implements crl_t.equals_issuer
+ */
+static bool equals_issuer(const private_crl_t *this, const private_crl_t *other)
+{
+ return (this->authKeyID.ptr)
+ ? chunk_equals(this->authKeyID, other->authKeyID)
+ : (this->issuer->equals(this->issuer, other->issuer)
+ && chunk_equals_or_null(this->authKeySerialNumber, other->authKeySerialNumber));
+}
+
+/**
+ * Implements crl_t.is_issuer
+ */
+static bool is_issuer(const private_crl_t *this, const x509_t *issuer)
+{
+ return (this->authKeyID.ptr)
+ ? chunk_equals(this->authKeyID, issuer->get_subjectKeyID(issuer))
+ : (this->issuer->equals(this->issuer, issuer->get_subject(issuer))
+ && chunk_equals_or_null(this->authKeySerialNumber, issuer->get_serialNumber(issuer)));
+}
+
+/**
+ * Implements crl_t.is_newer
+ */
+static bool is_newer(const private_crl_t *this, const private_crl_t *other)
+{
+ return (this->nextUpdate > other->nextUpdate);
+}
+
+/**
+ * Implements crl_t.verify
+ */
+static bool verify(const private_crl_t *this, const rsa_public_key_t *signer)
+{
+ return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertList, this->signature) == SUCCESS;
+}
+
+/**
+ * Implements crl_t.get_status
+ */
+static void get_status(const private_crl_t *this, certinfo_t *certinfo)
+{
+ chunk_t serialNumber = certinfo->get_serialNumber(certinfo);
+ iterator_t *iterator;
+ revokedCert_t *revokedCert;
+
+ certinfo->set_nextUpdate(certinfo, this->nextUpdate);
+ certinfo->set_status(certinfo, CERT_GOOD);
+
+ iterator = this->revokedCertificates->create_iterator(this->revokedCertificates, TRUE);
+ while (iterator->iterate(iterator, (void**)&revokedCert))
+ {
+ if (chunk_equals(serialNumber, revokedCert->userCertificate))
+ {
+ certinfo->set_status(certinfo, CERT_REVOKED);
+ certinfo->set_revocationTime(certinfo, revokedCert->revocationDate);
+ certinfo->set_revocationReason(certinfo, revokedCert->revocationReason);
+ break;
+ }
+ }
+ iterator->destroy(iterator);
+}
+
+/**
+ * Implements crl_t.write_to_file.
+ */
+static bool write_to_file(private_crl_t *this, const char *path, mode_t mask, bool force)
+{
+ return chunk_write(this->certificateList, path, "crl", mask, force);
+}
+
+/**
+ * Implements crl_t.destroy
+ */
+static void destroy(private_crl_t *this)
+{
+ this->revokedCertificates->destroy_function(this->revokedCertificates, free);
+ this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
+ offsetof(identification_t, destroy));
+ DESTROY_IF(this->issuer);
+ free(this->certificateList.ptr);
+ free(this);
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_crl_t *this = *((private_crl_t**)(args[0]));
+ bool utc = TRUE;
+ int written = 0;
+ time_t now;
+
+ if (info->alt)
+ {
+ utc = *((bool*)args[1]);
+ }
+
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ now = time(NULL);
+
+ written += fprintf(stream, "%#T, revoked certs: %d\n", &this->installed, utc,
+ this->revokedCertificates->get_count(this->revokedCertificates));
+ written += fprintf(stream, " issuer: '%D'\n", this->issuer);
+ written += fprintf(stream, " updates: this %#T\n", &this->thisUpdate, utc);
+ written += fprintf(stream, " next %#T ", &this->nextUpdate, utc);
+ if (this->nextUpdate == UNDEFINED_TIME)
+ {
+ written += fprintf(stream, "ok (expires never)");
+ }
+ else if (now > this->nextUpdate)
+ {
+ written += fprintf(stream, "expired (%V ago)", &now, &this->nextUpdate);
+ }
+ else if (now > this->nextUpdate - CRL_WARNING_INTERVAL * 60 * 60 * 24)
+ {
+ written += fprintf(stream, "ok (expires in %V)", &now, &this->nextUpdate);
+ }
+ else
+ {
+ written += fprintf(stream, "ok");
+ }
+ if (this->authKeyID.ptr)
+ {
+ written += fprintf(stream, "\n authkey: %#B", &this->authKeyID);
+ }
+ if (this->authKeySerialNumber.ptr)
+ {
+ written += fprintf(stream, "\n aserial: %#B", &this->authKeySerialNumber);
+ }
+ return written;
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_CRL, print, arginfo_ptr_alt_ptr_int);
+}
+
+/*
+ * Described in header.
+ */
+crl_t *crl_create_from_chunk(chunk_t chunk)
+{
+ private_crl_t *this = malloc_thing(private_crl_t);
+
+ /* initialize */
+ this->crlDistributionPoints = linked_list_create();
+ this->tbsCertList = chunk_empty;
+ this->issuer = NULL;
+ this->revokedCertificates = linked_list_create();
+ this->authKeyID = chunk_empty;
+ this->authKeySerialNumber = chunk_empty;
+
+ /* public functions */
+ this->public.get_issuer = (identification_t* (*) (const crl_t*))get_issuer;
+ this->public.equals_issuer = (bool (*) (const crl_t*,const crl_t*))equals_issuer;
+ this->public.is_issuer = (bool (*) (const crl_t*,const x509_t*))is_issuer;
+ this->public.is_valid = (bool (*) (const crl_t*))is_valid;
+ this->public.is_newer = (bool (*) (const crl_t*,const crl_t*))is_newer;
+ this->public.verify = (bool (*) (const crl_t*,const rsa_public_key_t*))verify;
+ this->public.get_status = (void (*) (const crl_t*,certinfo_t*))get_status;
+ this->public.write_to_file = (bool (*) (const crl_t*,const char*,mode_t,bool))write_to_file;
+ this->public.destroy = (void (*) (crl_t*))destroy;
+
+ if (!parse_x509crl(chunk, 0, this))
+ {
+ destroy(this);
+ return NULL;
+ }
+
+ return &this->public;
+}
+
+/*
+ * Described in header.
+ */
+crl_t *crl_create_from_file(const char *filename)
+{
+ bool pgp = FALSE;
+ chunk_t chunk = chunk_empty;
+ crl_t *crl = NULL;
+
+ if (!pem_asn1_load_file(filename, NULL, "crl", &chunk, &pgp))
+ return NULL;
+
+ crl = crl_create_from_chunk(chunk);
+
+ if (crl == NULL)
+ free(chunk.ptr);
+ return crl;
+}
diff --git a/src/libstrongswan/crypto/crl.h b/src/libstrongswan/crypto/crl.h
new file mode 100755
index 000000000..8a11fc390
--- /dev/null
+++ b/src/libstrongswan/crypto/crl.h
@@ -0,0 +1,147 @@
+/**
+ * @file crl.h
+ *
+ * @brief Interface of crl_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CRL_H_
+#define CRL_H_
+
+typedef struct crl_t crl_t;
+
+#include <library.h>
+#include <crypto/rsa/rsa_public_key.h>
+#include <crypto/certinfo.h>
+#include <utils/identification.h>
+#include <utils/iterator.h>
+
+/**
+ * @brief X.509 certificate revocation list
+ *
+ * @b Constructors:
+ * - crl_create_from_chunk()
+ * - crl_create_from_file()
+ *
+ * @ingroup transforms
+ */
+struct crl_t {
+
+ /**
+ * @brief Get the crl's issuer ID.
+ *
+ * The resulting ID is always a identification_t
+ * of type ID_DER_ASN1_DN.
+ *
+ * @param this calling object
+ * @return issuers ID
+ */
+ identification_t *(*get_issuer) (const crl_t *this);
+
+ /**
+ * @brief Check if both crls have the same issuer.
+ *
+ * @param this calling object
+ * @param other other crl
+ * @return TRUE if the same issuer
+ */
+ bool (*equals_issuer) (const crl_t *this, const crl_t *other);
+
+ /**
+ * @brief Check if ia candidate cert is the issuer of the crl
+ *
+ * @param this calling object
+ * @param issuer candidate issuer of the crl
+ * @return TRUE if issuer
+ */
+ bool (*is_issuer) (const crl_t *this, const x509_t *issuer);
+
+ /**
+ * @brief Checks the validity interval of the crl
+ *
+ * @param this calling object
+ * @return TRUE if the crl is valid
+ */
+ bool (*is_valid) (const crl_t *this);
+
+ /**
+ * @brief Checks if this crl is newer (thisUpdate) than the other crl
+ *
+ * @param this calling object
+ * @param other other crl object
+ * @return TRUE if this was issued more recently than other
+ */
+ bool (*is_newer) (const crl_t *this, const crl_t *other);
+
+ /**
+ * @brief Check if a crl is trustworthy.
+ *
+ * @param this calling object
+ * @param signer signer's RSA public key
+ * @return TRUE if crl is trustworthy
+ */
+ bool (*verify) (const crl_t *this, const rsa_public_key_t *signer);
+
+ /**
+ * @brief Get the certificate status
+ *
+ * @param this calling object
+ * @param certinfo certinfo is updated
+ */
+ void (*get_status) (const crl_t *this, certinfo_t *certinfo);
+
+ /**
+ * @brief Write a der-encoded crl to a file
+ *
+ * @param this calling object
+ * @param path path where the file is to be stored
+ * @param mask file access control rights
+ * @param force overwrite the file if it already exists
+ * @return TRUE if successfully written
+ */
+ bool (*write_to_file) (const crl_t *this, const char *path, mode_t mask, bool force);
+
+ /**
+ * @brief Destroys the crl.
+ *
+ * @param this crl to destroy
+ */
+ void (*destroy) (crl_t *this);
+};
+
+/**
+ * @brief Read a x509 crl from a DER encoded blob.
+ *
+ * @param chunk chunk containing DER encoded data
+ * @return created crl_t, or NULL if invalid.
+ *
+ * @ingroup transforms
+ */
+crl_t *crl_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Read a x509 crl from a DER encoded file.
+ *
+ * @param filename file containing DER encoded data
+ * @return created crl_t, or NULL if invalid.
+ *
+ * @ingroup transforms
+ */
+crl_t *crl_create_from_file(const char *filename);
+
+#endif /* CRL_H_ */
diff --git a/src/libstrongswan/crypto/crypters/aes_cbc_crypter.c b/src/libstrongswan/crypto/crypters/aes_cbc_crypter.c
new file mode 100644
index 000000000..947188af3
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/aes_cbc_crypter.c
@@ -0,0 +1,1620 @@
+/**
+ * @file aes_cbc_crypter.c
+ *
+ * @brief Implementation of aes_cbc_crypter_t
+ *
+ */
+
+ /*
+ * Copyright (C) 2001 Dr B. R. Gladman <brg@gladman.uk.net>
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "aes_cbc_crypter.h"
+
+
+
+/*
+ * The number of key schedule words for different block and key lengths
+ * allowing for method of computation which requires the length to be a
+ * multiple of the key length. This version of AES implementation supports
+ * all three keylengths 16, 24 and 32 bytes!
+ *
+ * Nk = 4 6 8
+ * -------------
+ * Nb = 4 | 60 60 64
+ * 6 | 96 90 96
+ * 8 | 120 120 120
+ */
+#define AES_KS_LENGTH 120
+#define AES_RC_LENGTH 29
+
+#define AES_BLOCK_SIZE 16
+
+typedef struct private_aes_cbc_crypter_t private_aes_cbc_crypter_t;
+
+/**
+ * @brief Class implementing the AES symmetric encryption algorithm.
+ *
+ * @ingroup crypters
+ */
+struct private_aes_cbc_crypter_t {
+
+ /**
+ * Public part of this class.
+ */
+ aes_cbc_crypter_t public;
+
+ /**
+ * Number of words in the key input block.
+ */
+ u_int32_t aes_Nkey;
+
+ /**
+ * The number of cipher rounds.
+ */
+ u_int32_t aes_Nrnd;
+
+ /**
+ * The encryption key schedule.
+ */
+ u_int32_t aes_e_key[AES_KS_LENGTH];
+
+ /**
+ * The decryption key schedule.
+ */
+ u_int32_t aes_d_key[AES_KS_LENGTH];
+
+ /**
+ * Key size of this AES cypher object.
+ */
+ u_int32_t key_size;
+
+ /**
+ * Decrypts a block.
+ *
+ * No memory gets allocated.
+ *
+ * @param this calling object
+ * @param[in] in_blk block to decrypt
+ * @param[out] out_blk decrypted data are written to this location
+ */
+ void (*decrypt_block) (const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[]);
+
+ /**
+ * Encrypts a block.
+ *
+ * No memory gets allocated.
+ *
+ * @param this calling object
+ * @param[in] in_blk block to encrypt
+ * @param[out] out_blk encrypted data are written to this location
+ */
+ void (*encrypt_block) (const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[]);
+};
+
+
+/* ugly macro stuff */
+
+/* 1. Define UNROLL for full loop unrolling in encryption and decryption.
+ * 2. Define PARTIAL_UNROLL to unroll two loops in encryption and decryption.
+ * 3. Define FIXED_TABLES for compiled rather than dynamic tables.
+ * 4. Define FF_TABLES to use tables for field multiplies and inverses.
+ * Do not enable this without understanding stack space requirements.
+ * 5. Define ARRAYS to use arrays to hold the local state block. If this
+ * is not defined, individually declared 32-bit words are used.
+ * 6. Define FAST_VARIABLE if a high speed variable block implementation
+ * is needed (essentially three separate fixed block size code sequences)
+ * 7. Define either ONE_TABLE or FOUR_TABLES for a fast table driven
+ * version using 1 table (2 kbytes of table space) or 4 tables (8
+ * kbytes of table space) for higher speed.
+ * 8. Define either ONE_LR_TABLE or FOUR_LR_TABLES for a further speed
+ * increase by using tables for the last rounds but with more table
+ * space (2 or 8 kbytes extra).
+ * 9. If neither ONE_TABLE nor FOUR_TABLES is defined, a compact but
+ * slower version is provided.
+ * 10. If fast decryption key scheduling is needed define ONE_IM_TABLE
+ * or FOUR_IM_TABLES for higher speed (2 or 8 kbytes extra).
+ */
+
+#define UNROLL
+//#define PARTIAL_UNROLL
+
+#define FIXED_TABLES
+//#define FF_TABLES
+//#define ARRAYS
+#define FAST_VARIABLE
+
+//#define ONE_TABLE
+#define FOUR_TABLES
+
+//#define ONE_LR_TABLE
+#define FOUR_LR_TABLES
+
+//#define ONE_IM_TABLE
+#define FOUR_IM_TABLES
+
+#if defined(UNROLL) && defined (PARTIAL_UNROLL)
+#error both UNROLL and PARTIAL_UNROLL are defined
+#endif
+
+#if defined(ONE_TABLE) && defined (FOUR_TABLES)
+#error both ONE_TABLE and FOUR_TABLES are defined
+#endif
+
+#if defined(ONE_LR_TABLE) && defined (FOUR_LR_TABLES)
+#error both ONE_LR_TABLE and FOUR_LR_TABLES are defined
+#endif
+
+#if defined(ONE_IM_TABLE) && defined (FOUR_IM_TABLES)
+#error both ONE_IM_TABLE and FOUR_IM_TABLES are defined
+#endif
+
+#if defined(AES_BLOCK_SIZE) && AES_BLOCK_SIZE != 16 && AES_BLOCK_SIZE != 24 && AES_BLOCK_SIZE != 32
+#error an illegal block size has been specified
+#endif
+
+/**
+ * Rotates bytes within words by n positions, moving bytes
+ * to higher index positions with wrap around into low positions.
+ */
+#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n))))
+/**
+ * Moves bytes by n positions to higher index positions in
+ * words but without wrap around.
+ */
+#define ups(x,n) ((x) << 8 * (n))
+
+/**
+ * Extracts a byte from a word.
+ */
+#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
+#define bytes2word(b0, b1, b2, b3) \
+ ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))
+
+
+/* little endian processor without data alignment restrictions: AES_LE_OK */
+/* original code: i386 */
+#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386)
+#define AES_LE_OK 1
+/* added (tested): alpha --jjo */
+#elif defined(__alpha__)|| defined (__alpha)
+#define AES_LE_OK 1
+/* added (tested): ia64 --jjo */
+#elif defined(__ia64__)|| defined (__ia64)
+#define AES_LE_OK 1
+#endif
+
+#ifdef AES_LE_OK
+/* little endian processor without data alignment restrictions */
+#define word_in(x) *(u_int32_t*)(x)
+#define const_word_in(x) *(const u_int32_t*)(x)
+#define word_out(x,v) *(u_int32_t*)(x) = (v)
+#define const_word_out(x,v) *(const u_int32_t*)(x) = (v)
+#else
+/* slower but generic big endian or with data alignment restrictions */
+/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */
+#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
+#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24))
+#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
+#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24)
+#endif
+
+// Disable at least some poor combinations of options
+
+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
+#define FIXED_TABLES
+#undef UNROLL
+#undef ONE_LR_TABLE
+#undef FOUR_LR_TABLES
+#undef ONE_IM_TABLE
+#undef FOUR_IM_TABLES
+#elif !defined(FOUR_TABLES)
+#ifdef FOUR_LR_TABLES
+#undef FOUR_LR_TABLES
+#define ONE_LR_TABLE
+#endif
+#ifdef FOUR_IM_TABLES
+#undef FOUR_IM_TABLES
+#define ONE_IM_TABLE
+#endif
+#elif !defined(AES_BLOCK_SIZE)
+#if defined(UNROLL)
+#define PARTIAL_UNROLL
+#undef UNROLL
+#endif
+#endif
+
+// the finite field modular polynomial and elements
+
+#define ff_poly 0x011b
+#define ff_hi 0x80
+
+// multiply four bytes in GF(2^8) by 'x' {02} in parallel
+
+#define m1 0x80808080
+#define m2 0x7f7f7f7f
+#define m3 0x0000001b
+#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * m3))
+
+// The following defines provide alternative definitions of FFmulX that might
+// give improved performance if a fast 32-bit multiply is not available. Note
+// that a temporary variable u needs to be defined where FFmulX is used.
+
+// #define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
+// #define m4 0x1b1b1b1b
+// #define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
+
+// perform column mix operation on four bytes in parallel
+
+#define fwd_mcol(x) (f2 = FFmulX(x), f2 ^ upr(x ^ f2,3) ^ upr(x,2) ^ upr(x,1))
+
+#if defined(FIXED_TABLES)
+
+// the S-Box table
+
+static const unsigned char s_box[256] =
+{
+ 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
+ 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
+ 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
+ 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
+ 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
+ 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
+ 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
+ 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
+ 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
+ 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
+ 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
+ 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
+ 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
+ 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
+ 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
+ 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
+ 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
+ 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
+ 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
+ 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
+ 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
+ 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
+ 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
+ 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
+ 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
+ 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
+ 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
+ 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
+ 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
+ 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
+ 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
+ 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+};
+
+// the inverse S-Box table
+
+static const unsigned char inv_s_box[256] =
+{
+ 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+ 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+ 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+ 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+ 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+ 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+ 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+ 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+ 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+ 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+ 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+ 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+ 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+ 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+ 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+ 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+ 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+ 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+ 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+ 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+ 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+ 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+ 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+ 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+ 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+ 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+ 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+ 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+ 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+ 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+ 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+};
+
+#define w0(p) 0x000000##p
+
+// Number of elements required in this table for different
+// block and key lengths is:
+//
+// Nk = 4 6 8
+// ----------
+// Nb = 4 | 10 8 7
+// 6 | 19 12 11
+// 8 | 29 19 14
+//
+// this table can be a table of bytes if the key schedule
+// code is adjusted accordingly
+
+static const u_int32_t rcon_tab[29] =
+{
+ w0(01), w0(02), w0(04), w0(08),
+ w0(10), w0(20), w0(40), w0(80),
+ w0(1b), w0(36), w0(6c), w0(d8),
+ w0(ab), w0(4d), w0(9a), w0(2f),
+ w0(5e), w0(bc), w0(63), w0(c6),
+ w0(97), w0(35), w0(6a), w0(d4),
+ w0(b3), w0(7d), w0(fa), w0(ef),
+ w0(c5)
+};
+
+#undef w0
+
+#define r0(p,q,r,s) 0x##p##q##r##s
+#define r1(p,q,r,s) 0x##q##r##s##p
+#define r2(p,q,r,s) 0x##r##s##p##q
+#define r3(p,q,r,s) 0x##s##p##q##r
+#define w0(p) 0x000000##p
+#define w1(p) 0x0000##p##00
+#define w2(p) 0x00##p##0000
+#define w3(p) 0x##p##000000
+
+#if defined(FIXED_TABLES) && (defined(ONE_TABLE) || defined(FOUR_TABLES))
+
+// data for forward tables (other than last round)
+
+#define f_table \
+ r(a5,63,63,c6), r(84,7c,7c,f8), r(99,77,77,ee), r(8d,7b,7b,f6),\
+ r(0d,f2,f2,ff), r(bd,6b,6b,d6), r(b1,6f,6f,de), r(54,c5,c5,91),\
+ r(50,30,30,60), r(03,01,01,02), r(a9,67,67,ce), r(7d,2b,2b,56),\
+ r(19,fe,fe,e7), r(62,d7,d7,b5), r(e6,ab,ab,4d), r(9a,76,76,ec),\
+ r(45,ca,ca,8f), r(9d,82,82,1f), r(40,c9,c9,89), r(87,7d,7d,fa),\
+ r(15,fa,fa,ef), r(eb,59,59,b2), r(c9,47,47,8e), r(0b,f0,f0,fb),\
+ r(ec,ad,ad,41), r(67,d4,d4,b3), r(fd,a2,a2,5f), r(ea,af,af,45),\
+ r(bf,9c,9c,23), r(f7,a4,a4,53), r(96,72,72,e4), r(5b,c0,c0,9b),\
+ r(c2,b7,b7,75), r(1c,fd,fd,e1), r(ae,93,93,3d), r(6a,26,26,4c),\
+ r(5a,36,36,6c), r(41,3f,3f,7e), r(02,f7,f7,f5), r(4f,cc,cc,83),\
+ r(5c,34,34,68), r(f4,a5,a5,51), r(34,e5,e5,d1), r(08,f1,f1,f9),\
+ r(93,71,71,e2), r(73,d8,d8,ab), r(53,31,31,62), r(3f,15,15,2a),\
+ r(0c,04,04,08), r(52,c7,c7,95), r(65,23,23,46), r(5e,c3,c3,9d),\
+ r(28,18,18,30), r(a1,96,96,37), r(0f,05,05,0a), r(b5,9a,9a,2f),\
+ r(09,07,07,0e), r(36,12,12,24), r(9b,80,80,1b), r(3d,e2,e2,df),\
+ r(26,eb,eb,cd), r(69,27,27,4e), r(cd,b2,b2,7f), r(9f,75,75,ea),\
+ r(1b,09,09,12), r(9e,83,83,1d), r(74,2c,2c,58), r(2e,1a,1a,34),\
+ r(2d,1b,1b,36), r(b2,6e,6e,dc), r(ee,5a,5a,b4), r(fb,a0,a0,5b),\
+ r(f6,52,52,a4), r(4d,3b,3b,76), r(61,d6,d6,b7), r(ce,b3,b3,7d),\
+ r(7b,29,29,52), r(3e,e3,e3,dd), r(71,2f,2f,5e), r(97,84,84,13),\
+ r(f5,53,53,a6), r(68,d1,d1,b9), r(00,00,00,00), r(2c,ed,ed,c1),\
+ r(60,20,20,40), r(1f,fc,fc,e3), r(c8,b1,b1,79), r(ed,5b,5b,b6),\
+ r(be,6a,6a,d4), r(46,cb,cb,8d), r(d9,be,be,67), r(4b,39,39,72),\
+ r(de,4a,4a,94), r(d4,4c,4c,98), r(e8,58,58,b0), r(4a,cf,cf,85),\
+ r(6b,d0,d0,bb), r(2a,ef,ef,c5), r(e5,aa,aa,4f), r(16,fb,fb,ed),\
+ r(c5,43,43,86), r(d7,4d,4d,9a), r(55,33,33,66), r(94,85,85,11),\
+ r(cf,45,45,8a), r(10,f9,f9,e9), r(06,02,02,04), r(81,7f,7f,fe),\
+ r(f0,50,50,a0), r(44,3c,3c,78), r(ba,9f,9f,25), r(e3,a8,a8,4b),\
+ r(f3,51,51,a2), r(fe,a3,a3,5d), r(c0,40,40,80), r(8a,8f,8f,05),\
+ r(ad,92,92,3f), r(bc,9d,9d,21), r(48,38,38,70), r(04,f5,f5,f1),\
+ r(df,bc,bc,63), r(c1,b6,b6,77), r(75,da,da,af), r(63,21,21,42),\
+ r(30,10,10,20), r(1a,ff,ff,e5), r(0e,f3,f3,fd), r(6d,d2,d2,bf),\
+ r(4c,cd,cd,81), r(14,0c,0c,18), r(35,13,13,26), r(2f,ec,ec,c3),\
+ r(e1,5f,5f,be), r(a2,97,97,35), r(cc,44,44,88), r(39,17,17,2e),\
+ r(57,c4,c4,93), r(f2,a7,a7,55), r(82,7e,7e,fc), r(47,3d,3d,7a),\
+ r(ac,64,64,c8), r(e7,5d,5d,ba), r(2b,19,19,32), r(95,73,73,e6),\
+ r(a0,60,60,c0), r(98,81,81,19), r(d1,4f,4f,9e), r(7f,dc,dc,a3),\
+ r(66,22,22,44), r(7e,2a,2a,54), r(ab,90,90,3b), r(83,88,88,0b),\
+ r(ca,46,46,8c), r(29,ee,ee,c7), r(d3,b8,b8,6b), r(3c,14,14,28),\
+ r(79,de,de,a7), r(e2,5e,5e,bc), r(1d,0b,0b,16), r(76,db,db,ad),\
+ r(3b,e0,e0,db), r(56,32,32,64), r(4e,3a,3a,74), r(1e,0a,0a,14),\
+ r(db,49,49,92), r(0a,06,06,0c), r(6c,24,24,48), r(e4,5c,5c,b8),\
+ r(5d,c2,c2,9f), r(6e,d3,d3,bd), r(ef,ac,ac,43), r(a6,62,62,c4),\
+ r(a8,91,91,39), r(a4,95,95,31), r(37,e4,e4,d3), r(8b,79,79,f2),\
+ r(32,e7,e7,d5), r(43,c8,c8,8b), r(59,37,37,6e), r(b7,6d,6d,da),\
+ r(8c,8d,8d,01), r(64,d5,d5,b1), r(d2,4e,4e,9c), r(e0,a9,a9,49),\
+ r(b4,6c,6c,d8), r(fa,56,56,ac), r(07,f4,f4,f3), r(25,ea,ea,cf),\
+ r(af,65,65,ca), r(8e,7a,7a,f4), r(e9,ae,ae,47), r(18,08,08,10),\
+ r(d5,ba,ba,6f), r(88,78,78,f0), r(6f,25,25,4a), r(72,2e,2e,5c),\
+ r(24,1c,1c,38), r(f1,a6,a6,57), r(c7,b4,b4,73), r(51,c6,c6,97),\
+ r(23,e8,e8,cb), r(7c,dd,dd,a1), r(9c,74,74,e8), r(21,1f,1f,3e),\
+ r(dd,4b,4b,96), r(dc,bd,bd,61), r(86,8b,8b,0d), r(85,8a,8a,0f),\
+ r(90,70,70,e0), r(42,3e,3e,7c), r(c4,b5,b5,71), r(aa,66,66,cc),\
+ r(d8,48,48,90), r(05,03,03,06), r(01,f6,f6,f7), r(12,0e,0e,1c),\
+ r(a3,61,61,c2), r(5f,35,35,6a), r(f9,57,57,ae), r(d0,b9,b9,69),\
+ r(91,86,86,17), r(58,c1,c1,99), r(27,1d,1d,3a), r(b9,9e,9e,27),\
+ r(38,e1,e1,d9), r(13,f8,f8,eb), r(b3,98,98,2b), r(33,11,11,22),\
+ r(bb,69,69,d2), r(70,d9,d9,a9), r(89,8e,8e,07), r(a7,94,94,33),\
+ r(b6,9b,9b,2d), r(22,1e,1e,3c), r(92,87,87,15), r(20,e9,e9,c9),\
+ r(49,ce,ce,87), r(ff,55,55,aa), r(78,28,28,50), r(7a,df,df,a5),\
+ r(8f,8c,8c,03), r(f8,a1,a1,59), r(80,89,89,09), r(17,0d,0d,1a),\
+ r(da,bf,bf,65), r(31,e6,e6,d7), r(c6,42,42,84), r(b8,68,68,d0),\
+ r(c3,41,41,82), r(b0,99,99,29), r(77,2d,2d,5a), r(11,0f,0f,1e),\
+ r(cb,b0,b0,7b), r(fc,54,54,a8), r(d6,bb,bb,6d), r(3a,16,16,2c)
+
+// data for inverse tables (other than last round)
+
+#define i_table \
+ r(50,a7,f4,51), r(53,65,41,7e), r(c3,a4,17,1a), r(96,5e,27,3a),\
+ r(cb,6b,ab,3b), r(f1,45,9d,1f), r(ab,58,fa,ac), r(93,03,e3,4b),\
+ r(55,fa,30,20), r(f6,6d,76,ad), r(91,76,cc,88), r(25,4c,02,f5),\
+ r(fc,d7,e5,4f), r(d7,cb,2a,c5), r(80,44,35,26), r(8f,a3,62,b5),\
+ r(49,5a,b1,de), r(67,1b,ba,25), r(98,0e,ea,45), r(e1,c0,fe,5d),\
+ r(02,75,2f,c3), r(12,f0,4c,81), r(a3,97,46,8d), r(c6,f9,d3,6b),\
+ r(e7,5f,8f,03), r(95,9c,92,15), r(eb,7a,6d,bf), r(da,59,52,95),\
+ r(2d,83,be,d4), r(d3,21,74,58), r(29,69,e0,49), r(44,c8,c9,8e),\
+ r(6a,89,c2,75), r(78,79,8e,f4), r(6b,3e,58,99), r(dd,71,b9,27),\
+ r(b6,4f,e1,be), r(17,ad,88,f0), r(66,ac,20,c9), r(b4,3a,ce,7d),\
+ r(18,4a,df,63), r(82,31,1a,e5), r(60,33,51,97), r(45,7f,53,62),\
+ r(e0,77,64,b1), r(84,ae,6b,bb), r(1c,a0,81,fe), r(94,2b,08,f9),\
+ r(58,68,48,70), r(19,fd,45,8f), r(87,6c,de,94), r(b7,f8,7b,52),\
+ r(23,d3,73,ab), r(e2,02,4b,72), r(57,8f,1f,e3), r(2a,ab,55,66),\
+ r(07,28,eb,b2), r(03,c2,b5,2f), r(9a,7b,c5,86), r(a5,08,37,d3),\
+ r(f2,87,28,30), r(b2,a5,bf,23), r(ba,6a,03,02), r(5c,82,16,ed),\
+ r(2b,1c,cf,8a), r(92,b4,79,a7), r(f0,f2,07,f3), r(a1,e2,69,4e),\
+ r(cd,f4,da,65), r(d5,be,05,06), r(1f,62,34,d1), r(8a,fe,a6,c4),\
+ r(9d,53,2e,34), r(a0,55,f3,a2), r(32,e1,8a,05), r(75,eb,f6,a4),\
+ r(39,ec,83,0b), r(aa,ef,60,40), r(06,9f,71,5e), r(51,10,6e,bd),\
+ r(f9,8a,21,3e), r(3d,06,dd,96), r(ae,05,3e,dd), r(46,bd,e6,4d),\
+ r(b5,8d,54,91), r(05,5d,c4,71), r(6f,d4,06,04), r(ff,15,50,60),\
+ r(24,fb,98,19), r(97,e9,bd,d6), r(cc,43,40,89), r(77,9e,d9,67),\
+ r(bd,42,e8,b0), r(88,8b,89,07), r(38,5b,19,e7), r(db,ee,c8,79),\
+ r(47,0a,7c,a1), r(e9,0f,42,7c), r(c9,1e,84,f8), r(00,00,00,00),\
+ r(83,86,80,09), r(48,ed,2b,32), r(ac,70,11,1e), r(4e,72,5a,6c),\
+ r(fb,ff,0e,fd), r(56,38,85,0f), r(1e,d5,ae,3d), r(27,39,2d,36),\
+ r(64,d9,0f,0a), r(21,a6,5c,68), r(d1,54,5b,9b), r(3a,2e,36,24),\
+ r(b1,67,0a,0c), r(0f,e7,57,93), r(d2,96,ee,b4), r(9e,91,9b,1b),\
+ r(4f,c5,c0,80), r(a2,20,dc,61), r(69,4b,77,5a), r(16,1a,12,1c),\
+ r(0a,ba,93,e2), r(e5,2a,a0,c0), r(43,e0,22,3c), r(1d,17,1b,12),\
+ r(0b,0d,09,0e), r(ad,c7,8b,f2), r(b9,a8,b6,2d), r(c8,a9,1e,14),\
+ r(85,19,f1,57), r(4c,07,75,af), r(bb,dd,99,ee), r(fd,60,7f,a3),\
+ r(9f,26,01,f7), r(bc,f5,72,5c), r(c5,3b,66,44), r(34,7e,fb,5b),\
+ r(76,29,43,8b), r(dc,c6,23,cb), r(68,fc,ed,b6), r(63,f1,e4,b8),\
+ r(ca,dc,31,d7), r(10,85,63,42), r(40,22,97,13), r(20,11,c6,84),\
+ r(7d,24,4a,85), r(f8,3d,bb,d2), r(11,32,f9,ae), r(6d,a1,29,c7),\
+ r(4b,2f,9e,1d), r(f3,30,b2,dc), r(ec,52,86,0d), r(d0,e3,c1,77),\
+ r(6c,16,b3,2b), r(99,b9,70,a9), r(fa,48,94,11), r(22,64,e9,47),\
+ r(c4,8c,fc,a8), r(1a,3f,f0,a0), r(d8,2c,7d,56), r(ef,90,33,22),\
+ r(c7,4e,49,87), r(c1,d1,38,d9), r(fe,a2,ca,8c), r(36,0b,d4,98),\
+ r(cf,81,f5,a6), r(28,de,7a,a5), r(26,8e,b7,da), r(a4,bf,ad,3f),\
+ r(e4,9d,3a,2c), r(0d,92,78,50), r(9b,cc,5f,6a), r(62,46,7e,54),\
+ r(c2,13,8d,f6), r(e8,b8,d8,90), r(5e,f7,39,2e), r(f5,af,c3,82),\
+ r(be,80,5d,9f), r(7c,93,d0,69), r(a9,2d,d5,6f), r(b3,12,25,cf),\
+ r(3b,99,ac,c8), r(a7,7d,18,10), r(6e,63,9c,e8), r(7b,bb,3b,db),\
+ r(09,78,26,cd), r(f4,18,59,6e), r(01,b7,9a,ec), r(a8,9a,4f,83),\
+ r(65,6e,95,e6), r(7e,e6,ff,aa), r(08,cf,bc,21), r(e6,e8,15,ef),\
+ r(d9,9b,e7,ba), r(ce,36,6f,4a), r(d4,09,9f,ea), r(d6,7c,b0,29),\
+ r(af,b2,a4,31), r(31,23,3f,2a), r(30,94,a5,c6), r(c0,66,a2,35),\
+ r(37,bc,4e,74), r(a6,ca,82,fc), r(b0,d0,90,e0), r(15,d8,a7,33),\
+ r(4a,98,04,f1), r(f7,da,ec,41), r(0e,50,cd,7f), r(2f,f6,91,17),\
+ r(8d,d6,4d,76), r(4d,b0,ef,43), r(54,4d,aa,cc), r(df,04,96,e4),\
+ r(e3,b5,d1,9e), r(1b,88,6a,4c), r(b8,1f,2c,c1), r(7f,51,65,46),\
+ r(04,ea,5e,9d), r(5d,35,8c,01), r(73,74,87,fa), r(2e,41,0b,fb),\
+ r(5a,1d,67,b3), r(52,d2,db,92), r(33,56,10,e9), r(13,47,d6,6d),\
+ r(8c,61,d7,9a), r(7a,0c,a1,37), r(8e,14,f8,59), r(89,3c,13,eb),\
+ r(ee,27,a9,ce), r(35,c9,61,b7), r(ed,e5,1c,e1), r(3c,b1,47,7a),\
+ r(59,df,d2,9c), r(3f,73,f2,55), r(79,ce,14,18), r(bf,37,c7,73),\
+ r(ea,cd,f7,53), r(5b,aa,fd,5f), r(14,6f,3d,df), r(86,db,44,78),\
+ r(81,f3,af,ca), r(3e,c4,68,b9), r(2c,34,24,38), r(5f,40,a3,c2),\
+ r(72,c3,1d,16), r(0c,25,e2,bc), r(8b,49,3c,28), r(41,95,0d,ff),\
+ r(71,01,a8,39), r(de,b3,0c,08), r(9c,e4,b4,d8), r(90,c1,56,64),\
+ r(61,84,cb,7b), r(70,b6,32,d5), r(74,5c,6c,48), r(42,57,b8,d0)
+
+// generate the required tables in the desired endian format
+
+#undef r
+#define r r0
+
+#if defined(ONE_TABLE)
+static const u_int32_t ft_tab[256] =
+ { f_table };
+#elif defined(FOUR_TABLES)
+static const u_int32_t ft_tab[4][256] =
+{ { f_table },
+#undef r
+#define r r1
+ { f_table },
+#undef r
+#define r r2
+ { f_table },
+#undef r
+#define r r3
+ { f_table }
+};
+#endif
+
+#undef r
+#define r r0
+#if defined(ONE_TABLE)
+static const u_int32_t it_tab[256] =
+ { i_table };
+#elif defined(FOUR_TABLES)
+static const u_int32_t it_tab[4][256] =
+{ { i_table },
+#undef r
+#define r r1
+ { i_table },
+#undef r
+#define r r2
+ { i_table },
+#undef r
+#define r r3
+ { i_table }
+};
+#endif
+
+#endif
+
+#if defined(FIXED_TABLES) && (defined(ONE_LR_TABLE) || defined(FOUR_LR_TABLES))
+
+// data for inverse tables (last round)
+
+#define li_table \
+ w(52), w(09), w(6a), w(d5), w(30), w(36), w(a5), w(38),\
+ w(bf), w(40), w(a3), w(9e), w(81), w(f3), w(d7), w(fb),\
+ w(7c), w(e3), w(39), w(82), w(9b), w(2f), w(ff), w(87),\
+ w(34), w(8e), w(43), w(44), w(c4), w(de), w(e9), w(cb),\
+ w(54), w(7b), w(94), w(32), w(a6), w(c2), w(23), w(3d),\
+ w(ee), w(4c), w(95), w(0b), w(42), w(fa), w(c3), w(4e),\
+ w(08), w(2e), w(a1), w(66), w(28), w(d9), w(24), w(b2),\
+ w(76), w(5b), w(a2), w(49), w(6d), w(8b), w(d1), w(25),\
+ w(72), w(f8), w(f6), w(64), w(86), w(68), w(98), w(16),\
+ w(d4), w(a4), w(5c), w(cc), w(5d), w(65), w(b6), w(92),\
+ w(6c), w(70), w(48), w(50), w(fd), w(ed), w(b9), w(da),\
+ w(5e), w(15), w(46), w(57), w(a7), w(8d), w(9d), w(84),\
+ w(90), w(d8), w(ab), w(00), w(8c), w(bc), w(d3), w(0a),\
+ w(f7), w(e4), w(58), w(05), w(b8), w(b3), w(45), w(06),\
+ w(d0), w(2c), w(1e), w(8f), w(ca), w(3f), w(0f), w(02),\
+ w(c1), w(af), w(bd), w(03), w(01), w(13), w(8a), w(6b),\
+ w(3a), w(91), w(11), w(41), w(4f), w(67), w(dc), w(ea),\
+ w(97), w(f2), w(cf), w(ce), w(f0), w(b4), w(e6), w(73),\
+ w(96), w(ac), w(74), w(22), w(e7), w(ad), w(35), w(85),\
+ w(e2), w(f9), w(37), w(e8), w(1c), w(75), w(df), w(6e),\
+ w(47), w(f1), w(1a), w(71), w(1d), w(29), w(c5), w(89),\
+ w(6f), w(b7), w(62), w(0e), w(aa), w(18), w(be), w(1b),\
+ w(fc), w(56), w(3e), w(4b), w(c6), w(d2), w(79), w(20),\
+ w(9a), w(db), w(c0), w(fe), w(78), w(cd), w(5a), w(f4),\
+ w(1f), w(dd), w(a8), w(33), w(88), w(07), w(c7), w(31),\
+ w(b1), w(12), w(10), w(59), w(27), w(80), w(ec), w(5f),\
+ w(60), w(51), w(7f), w(a9), w(19), w(b5), w(4a), w(0d),\
+ w(2d), w(e5), w(7a), w(9f), w(93), w(c9), w(9c), w(ef),\
+ w(a0), w(e0), w(3b), w(4d), w(ae), w(2a), w(f5), w(b0),\
+ w(c8), w(eb), w(bb), w(3c), w(83), w(53), w(99), w(61),\
+ w(17), w(2b), w(04), w(7e), w(ba), w(77), w(d6), w(26),\
+ w(e1), w(69), w(14), w(63), w(55), w(21), w(0c), w(7d),
+
+// generate the required tables in the desired endian format
+
+#undef r
+#define r(p,q,r,s) w0(q)
+#if defined(ONE_LR_TABLE)
+static const u_int32_t fl_tab[256] =
+ { f_table };
+#elif defined(FOUR_LR_TABLES)
+static const u_int32_t fl_tab[4][256] =
+{ { f_table },
+#undef r
+#define r(p,q,r,s) w1(q)
+ { f_table },
+#undef r
+#define r(p,q,r,s) w2(q)
+ { f_table },
+#undef r
+#define r(p,q,r,s) w3(q)
+ { f_table }
+};
+#endif
+
+#undef w
+#define w w0
+#if defined(ONE_LR_TABLE)
+static const u_int32_t il_tab[256] =
+ { li_table };
+#elif defined(FOUR_LR_TABLES)
+static const u_int32_t il_tab[4][256] =
+{ { li_table },
+#undef w
+#define w w1
+ { li_table },
+#undef w
+#define w w2
+ { li_table },
+#undef w
+#define w w3
+ { li_table }
+};
+#endif
+
+#endif
+
+#if defined(FIXED_TABLES) && (defined(ONE_IM_TABLE) || defined(FOUR_IM_TABLES))
+
+#define m_table \
+ r(00,00,00,00), r(0b,0d,09,0e), r(16,1a,12,1c), r(1d,17,1b,12),\
+ r(2c,34,24,38), r(27,39,2d,36), r(3a,2e,36,24), r(31,23,3f,2a),\
+ r(58,68,48,70), r(53,65,41,7e), r(4e,72,5a,6c), r(45,7f,53,62),\
+ r(74,5c,6c,48), r(7f,51,65,46), r(62,46,7e,54), r(69,4b,77,5a),\
+ r(b0,d0,90,e0), r(bb,dd,99,ee), r(a6,ca,82,fc), r(ad,c7,8b,f2),\
+ r(9c,e4,b4,d8), r(97,e9,bd,d6), r(8a,fe,a6,c4), r(81,f3,af,ca),\
+ r(e8,b8,d8,90), r(e3,b5,d1,9e), r(fe,a2,ca,8c), r(f5,af,c3,82),\
+ r(c4,8c,fc,a8), r(cf,81,f5,a6), r(d2,96,ee,b4), r(d9,9b,e7,ba),\
+ r(7b,bb,3b,db), r(70,b6,32,d5), r(6d,a1,29,c7), r(66,ac,20,c9),\
+ r(57,8f,1f,e3), r(5c,82,16,ed), r(41,95,0d,ff), r(4a,98,04,f1),\
+ r(23,d3,73,ab), r(28,de,7a,a5), r(35,c9,61,b7), r(3e,c4,68,b9),\
+ r(0f,e7,57,93), r(04,ea,5e,9d), r(19,fd,45,8f), r(12,f0,4c,81),\
+ r(cb,6b,ab,3b), r(c0,66,a2,35), r(dd,71,b9,27), r(d6,7c,b0,29),\
+ r(e7,5f,8f,03), r(ec,52,86,0d), r(f1,45,9d,1f), r(fa,48,94,11),\
+ r(93,03,e3,4b), r(98,0e,ea,45), r(85,19,f1,57), r(8e,14,f8,59),\
+ r(bf,37,c7,73), r(b4,3a,ce,7d), r(a9,2d,d5,6f), r(a2,20,dc,61),\
+ r(f6,6d,76,ad), r(fd,60,7f,a3), r(e0,77,64,b1), r(eb,7a,6d,bf),\
+ r(da,59,52,95), r(d1,54,5b,9b), r(cc,43,40,89), r(c7,4e,49,87),\
+ r(ae,05,3e,dd), r(a5,08,37,d3), r(b8,1f,2c,c1), r(b3,12,25,cf),\
+ r(82,31,1a,e5), r(89,3c,13,eb), r(94,2b,08,f9), r(9f,26,01,f7),\
+ r(46,bd,e6,4d), r(4d,b0,ef,43), r(50,a7,f4,51), r(5b,aa,fd,5f),\
+ r(6a,89,c2,75), r(61,84,cb,7b), r(7c,93,d0,69), r(77,9e,d9,67),\
+ r(1e,d5,ae,3d), r(15,d8,a7,33), r(08,cf,bc,21), r(03,c2,b5,2f),\
+ r(32,e1,8a,05), r(39,ec,83,0b), r(24,fb,98,19), r(2f,f6,91,17),\
+ r(8d,d6,4d,76), r(86,db,44,78), r(9b,cc,5f,6a), r(90,c1,56,64),\
+ r(a1,e2,69,4e), r(aa,ef,60,40), r(b7,f8,7b,52), r(bc,f5,72,5c),\
+ r(d5,be,05,06), r(de,b3,0c,08), r(c3,a4,17,1a), r(c8,a9,1e,14),\
+ r(f9,8a,21,3e), r(f2,87,28,30), r(ef,90,33,22), r(e4,9d,3a,2c),\
+ r(3d,06,dd,96), r(36,0b,d4,98), r(2b,1c,cf,8a), r(20,11,c6,84),\
+ r(11,32,f9,ae), r(1a,3f,f0,a0), r(07,28,eb,b2), r(0c,25,e2,bc),\
+ r(65,6e,95,e6), r(6e,63,9c,e8), r(73,74,87,fa), r(78,79,8e,f4),\
+ r(49,5a,b1,de), r(42,57,b8,d0), r(5f,40,a3,c2), r(54,4d,aa,cc),\
+ r(f7,da,ec,41), r(fc,d7,e5,4f), r(e1,c0,fe,5d), r(ea,cd,f7,53),\
+ r(db,ee,c8,79), r(d0,e3,c1,77), r(cd,f4,da,65), r(c6,f9,d3,6b),\
+ r(af,b2,a4,31), r(a4,bf,ad,3f), r(b9,a8,b6,2d), r(b2,a5,bf,23),\
+ r(83,86,80,09), r(88,8b,89,07), r(95,9c,92,15), r(9e,91,9b,1b),\
+ r(47,0a,7c,a1), r(4c,07,75,af), r(51,10,6e,bd), r(5a,1d,67,b3),\
+ r(6b,3e,58,99), r(60,33,51,97), r(7d,24,4a,85), r(76,29,43,8b),\
+ r(1f,62,34,d1), r(14,6f,3d,df), r(09,78,26,cd), r(02,75,2f,c3),\
+ r(33,56,10,e9), r(38,5b,19,e7), r(25,4c,02,f5), r(2e,41,0b,fb),\
+ r(8c,61,d7,9a), r(87,6c,de,94), r(9a,7b,c5,86), r(91,76,cc,88),\
+ r(a0,55,f3,a2), r(ab,58,fa,ac), r(b6,4f,e1,be), r(bd,42,e8,b0),\
+ r(d4,09,9f,ea), r(df,04,96,e4), r(c2,13,8d,f6), r(c9,1e,84,f8),\
+ r(f8,3d,bb,d2), r(f3,30,b2,dc), r(ee,27,a9,ce), r(e5,2a,a0,c0),\
+ r(3c,b1,47,7a), r(37,bc,4e,74), r(2a,ab,55,66), r(21,a6,5c,68),\
+ r(10,85,63,42), r(1b,88,6a,4c), r(06,9f,71,5e), r(0d,92,78,50),\
+ r(64,d9,0f,0a), r(6f,d4,06,04), r(72,c3,1d,16), r(79,ce,14,18),\
+ r(48,ed,2b,32), r(43,e0,22,3c), r(5e,f7,39,2e), r(55,fa,30,20),\
+ r(01,b7,9a,ec), r(0a,ba,93,e2), r(17,ad,88,f0), r(1c,a0,81,fe),\
+ r(2d,83,be,d4), r(26,8e,b7,da), r(3b,99,ac,c8), r(30,94,a5,c6),\
+ r(59,df,d2,9c), r(52,d2,db,92), r(4f,c5,c0,80), r(44,c8,c9,8e),\
+ r(75,eb,f6,a4), r(7e,e6,ff,aa), r(63,f1,e4,b8), r(68,fc,ed,b6),\
+ r(b1,67,0a,0c), r(ba,6a,03,02), r(a7,7d,18,10), r(ac,70,11,1e),\
+ r(9d,53,2e,34), r(96,5e,27,3a), r(8b,49,3c,28), r(80,44,35,26),\
+ r(e9,0f,42,7c), r(e2,02,4b,72), r(ff,15,50,60), r(f4,18,59,6e),\
+ r(c5,3b,66,44), r(ce,36,6f,4a), r(d3,21,74,58), r(d8,2c,7d,56),\
+ r(7a,0c,a1,37), r(71,01,a8,39), r(6c,16,b3,2b), r(67,1b,ba,25),\
+ r(56,38,85,0f), r(5d,35,8c,01), r(40,22,97,13), r(4b,2f,9e,1d),\
+ r(22,64,e9,47), r(29,69,e0,49), r(34,7e,fb,5b), r(3f,73,f2,55),\
+ r(0e,50,cd,7f), r(05,5d,c4,71), r(18,4a,df,63), r(13,47,d6,6d),\
+ r(ca,dc,31,d7), r(c1,d1,38,d9), r(dc,c6,23,cb), r(d7,cb,2a,c5),\
+ r(e6,e8,15,ef), r(ed,e5,1c,e1), r(f0,f2,07,f3), r(fb,ff,0e,fd),\
+ r(92,b4,79,a7), r(99,b9,70,a9), r(84,ae,6b,bb), r(8f,a3,62,b5),\
+ r(be,80,5d,9f), r(b5,8d,54,91), r(a8,9a,4f,83), r(a3,97,46,8d)
+
+#undef r
+#define r r0
+
+#if defined(ONE_IM_TABLE)
+static const u_int32_t im_tab[256] =
+ { m_table };
+#elif defined(FOUR_IM_TABLES)
+static const u_int32_t im_tab[4][256] =
+{ { m_table },
+#undef r
+#define r r1
+ { m_table },
+#undef r
+#define r r2
+ { m_table },
+#undef r
+#define r r3
+ { m_table }
+};
+#endif
+
+#endif
+
+#else
+
+static int tab_gen = 0;
+
+static unsigned char s_box[256]; // the S box
+static unsigned char inv_s_box[256]; // the inverse S box
+static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants
+
+#if defined(ONE_TABLE)
+static u_int32_t ft_tab[256];
+static u_int32_t it_tab[256];
+#elif defined(FOUR_TABLES)
+static u_int32_t ft_tab[4][256];
+static u_int32_t it_tab[4][256];
+#endif
+
+#if defined(ONE_LR_TABLE)
+static u_int32_t fl_tab[256];
+static u_int32_t il_tab[256];
+#elif defined(FOUR_LR_TABLES)
+static u_int32_t fl_tab[4][256];
+static u_int32_t il_tab[4][256];
+#endif
+
+#if defined(ONE_IM_TABLE)
+static u_int32_t im_tab[256];
+#elif defined(FOUR_IM_TABLES)
+static u_int32_t im_tab[4][256];
+#endif
+
+// Generate the tables for the dynamic table option
+
+#if !defined(FF_TABLES)
+
+// It will generally be sensible to use tables to compute finite
+// field multiplies and inverses but where memory is scarse this
+// code might sometimes be better.
+
+// return 2 ^ (n - 1) where n is the bit number of the highest bit
+// set in x with x in the range 1 < x < 0x00000200. This form is
+// used so that locals within FFinv can be bytes rather than words
+
+static unsigned char hibit(const u_int32_t x)
+{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2));
+
+ r |= (r >> 2);
+ r |= (r >> 4);
+ return (r + 1) >> 1;
+}
+
+// return the inverse of the finite field element x
+
+static unsigned char FFinv(const unsigned char x)
+{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
+
+ if(x < 2) return x;
+
+ for(;;)
+ {
+ if(!n1) return v1;
+
+ while(n2 >= n1)
+ {
+ n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
+ }
+
+ if(!n2) return v2;
+
+ while(n1 >= n2)
+ {
+ n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
+ }
+ }
+}
+
+// define the finite field multiplies required for Rijndael
+
+#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
+#define FFmul03(x) ((x) ^ FFmul02(x))
+#define FFmul09(x) ((x) ^ FFmul02(FFmul02(FFmul02(x))))
+#define FFmul0b(x) ((x) ^ FFmul02((x) ^ FFmul02(FFmul02(x))))
+#define FFmul0d(x) ((x) ^ FFmul02(FFmul02((x) ^ FFmul02(x))))
+#define FFmul0e(x) FFmul02((x) ^ FFmul02((x) ^ FFmul02(x)))
+
+#else
+
+#define FFinv(x) ((x) ? pow[255 - log[x]]: 0)
+
+#define FFmul02(x) (x ? pow[log[x] + 0x19] : 0)
+#define FFmul03(x) (x ? pow[log[x] + 0x01] : 0)
+#define FFmul09(x) (x ? pow[log[x] + 0xc7] : 0)
+#define FFmul0b(x) (x ? pow[log[x] + 0x68] : 0)
+#define FFmul0d(x) (x ? pow[log[x] + 0xee] : 0)
+#define FFmul0e(x) (x ? pow[log[x] + 0xdf] : 0)
+
+#endif
+
+// The forward and inverse affine transformations used in the S-box
+
+#define fwd_affine(x) \
+ (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))
+
+#define inv_affine(x) \
+ (w = (u_int32_t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(unsigned char)(w^(w>>8)))
+
+static void gen_tabs(void)
+{ u_int32_t i, w;
+
+#if defined(FF_TABLES)
+
+ unsigned char pow[512], log[256];
+
+ // log and power tables for GF(2^8) finite field with
+ // 0x011b as modular polynomial - the simplest primitive
+ // root is 0x03, used here to generate the tables
+
+ i = 0; w = 1;
+ do
+ {
+ pow[i] = (unsigned char)w;
+ pow[i + 255] = (unsigned char)w;
+ log[w] = (unsigned char)i++;
+ w ^= (w << 1) ^ (w & ff_hi ? ff_poly : 0);
+ }
+ while (w != 1);
+
+#endif
+
+ for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
+ {
+ rcon_tab[i] = bytes2word(w, 0, 0, 0);
+ w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
+ }
+
+ for(i = 0; i < 256; ++i)
+ { unsigned char b;
+
+ s_box[i] = b = fwd_affine(FFinv((unsigned char)i));
+
+ w = bytes2word(b, 0, 0, 0);
+#if defined(ONE_LR_TABLE)
+ fl_tab[i] = w;
+#elif defined(FOUR_LR_TABLES)
+ fl_tab[0][i] = w;
+ fl_tab[1][i] = upr(w,1);
+ fl_tab[2][i] = upr(w,2);
+ fl_tab[3][i] = upr(w,3);
+#endif
+ w = bytes2word(FFmul02(b), b, b, FFmul03(b));
+#if defined(ONE_TABLE)
+ ft_tab[i] = w;
+#elif defined(FOUR_TABLES)
+ ft_tab[0][i] = w;
+ ft_tab[1][i] = upr(w,1);
+ ft_tab[2][i] = upr(w,2);
+ ft_tab[3][i] = upr(w,3);
+#endif
+ inv_s_box[i] = b = FFinv(inv_affine((unsigned char)i));
+
+ w = bytes2word(b, 0, 0, 0);
+#if defined(ONE_LR_TABLE)
+ il_tab[i] = w;
+#elif defined(FOUR_LR_TABLES)
+ il_tab[0][i] = w;
+ il_tab[1][i] = upr(w,1);
+ il_tab[2][i] = upr(w,2);
+ il_tab[3][i] = upr(w,3);
+#endif
+ w = bytes2word(FFmul0e(b), FFmul09(b), FFmul0d(b), FFmul0b(b));
+#if defined(ONE_TABLE)
+ it_tab[i] = w;
+#elif defined(FOUR_TABLES)
+ it_tab[0][i] = w;
+ it_tab[1][i] = upr(w,1);
+ it_tab[2][i] = upr(w,2);
+ it_tab[3][i] = upr(w,3);
+#endif
+#if defined(ONE_IM_TABLE)
+ im_tab[b] = w;
+#elif defined(FOUR_IM_TABLES)
+ im_tab[0][b] = w;
+ im_tab[1][b] = upr(w,1);
+ im_tab[2][b] = upr(w,2);
+ im_tab[3][b] = upr(w,3);
+#endif
+
+ }
+}
+
+#endif
+
+#define no_table(x,box,vf,rf,c) bytes2word( \
+ box[bval(vf(x,0,c),rf(0,c))], \
+ box[bval(vf(x,1,c),rf(1,c))], \
+ box[bval(vf(x,2,c),rf(2,c))], \
+ box[bval(vf(x,3,c),rf(3,c))])
+
+#define one_table(x,op,tab,vf,rf,c) \
+ ( tab[bval(vf(x,0,c),rf(0,c))] \
+ ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
+ ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
+ ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
+
+#define four_tables(x,tab,vf,rf,c) \
+ ( tab[0][bval(vf(x,0,c),rf(0,c))] \
+ ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
+ ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
+ ^ tab[3][bval(vf(x,3,c),rf(3,c))])
+
+#define vf1(x,r,c) (x)
+#define rf1(r,c) (r)
+#define rf2(r,c) ((r-c)&3)
+
+#if defined(FOUR_LR_TABLES)
+#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
+#elif defined(ONE_LR_TABLE)
+#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
+#else
+#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
+#endif
+
+#if defined(FOUR_IM_TABLES)
+#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
+#elif defined(ONE_IM_TABLE)
+#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
+#else
+#define inv_mcol(x) \
+ (f9 = (x),f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
+ f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
+#endif
+
+#define nc (AES_BLOCK_SIZE/4)
+
+// Initialise the key schedule from the user supplied key. The key
+// length is now specified in bytes - 16, 24 or 32 as appropriate.
+// This corresponds to bit lengths of 128, 192 and 256 bits, and
+// to Nk values of 4, 6 and 8 respectively.
+
+#define mx(t,f) (*t++ = inv_mcol(*f),f++)
+#define cp(t,f) *t++ = *f++
+
+#if AES_BLOCK_SIZE == 16
+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s)
+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s)
+#elif AES_BLOCK_SIZE == 24
+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
+ cp(d,s); cp(d,s)
+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
+ mx(d,s); mx(d,s)
+#elif AES_BLOCK_SIZE == 32
+#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
+ cp(d,s); cp(d,s); cp(d,s); cp(d,s)
+#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
+ mx(d,s); mx(d,s); mx(d,s); mx(d,s)
+#else
+
+#define cpy(d,s) \
+switch(nc) \
+{ case 8: cp(d,s); cp(d,s); \
+ case 6: cp(d,s); cp(d,s); \
+ case 4: cp(d,s); cp(d,s); \
+ cp(d,s); cp(d,s); \
+}
+
+#define mix(d,s) \
+switch(nc) \
+{ case 8: mx(d,s); mx(d,s); \
+ case 6: mx(d,s); mx(d,s); \
+ case 4: mx(d,s); mx(d,s); \
+ mx(d,s); mx(d,s); \
+}
+
+#endif
+
+// y = output word, x = input word, r = row, c = column
+// for r = 0, 1, 2 and 3 = column accessed for row r
+
+#if defined(ARRAYS)
+#define s(x,c) x[c]
+#else
+#define s(x,c) x##c
+#endif
+
+// I am grateful to Frank Yellin for the following constructions
+// which, given the column (c) of the output state variable that
+// is being computed, return the input state variables which are
+// needed for each row (r) of the state
+
+// For the fixed block size options, compilers reduce these two
+// expressions to fixed variable references. For variable block
+// size code conditional clauses will sometimes be returned
+
+#define unused 77 // Sunset Strip
+
+#define fwd_var(x,r,c) \
+ ( r==0 ? \
+ ( c==0 ? s(x,0) \
+ : c==1 ? s(x,1) \
+ : c==2 ? s(x,2) \
+ : c==3 ? s(x,3) \
+ : c==4 ? s(x,4) \
+ : c==5 ? s(x,5) \
+ : c==6 ? s(x,6) \
+ : s(x,7)) \
+ : r==1 ? \
+ ( c==0 ? s(x,1) \
+ : c==1 ? s(x,2) \
+ : c==2 ? s(x,3) \
+ : c==3 ? nc==4 ? s(x,0) : s(x,4) \
+ : c==4 ? s(x,5) \
+ : c==5 ? nc==8 ? s(x,6) : s(x,0) \
+ : c==6 ? s(x,7) \
+ : s(x,0)) \
+ : r==2 ? \
+ ( c==0 ? nc==8 ? s(x,3) : s(x,2) \
+ : c==1 ? nc==8 ? s(x,4) : s(x,3) \
+ : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
+ : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
+ : c==4 ? nc==8 ? s(x,7) : s(x,0) \
+ : c==5 ? nc==8 ? s(x,0) : s(x,1) \
+ : c==6 ? s(x,1) \
+ : s(x,2)) \
+ : \
+ ( c==0 ? nc==8 ? s(x,4) : s(x,3) \
+ : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
+ : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
+ : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
+ : c==6 ? s(x,2) \
+ : s(x,3)))
+
+#define inv_var(x,r,c) \
+ ( r==0 ? \
+ ( c==0 ? s(x,0) \
+ : c==1 ? s(x,1) \
+ : c==2 ? s(x,2) \
+ : c==3 ? s(x,3) \
+ : c==4 ? s(x,4) \
+ : c==5 ? s(x,5) \
+ : c==6 ? s(x,6) \
+ : s(x,7)) \
+ : r==1 ? \
+ ( c==0 ? nc==4 ? s(x,3) : nc==8 ? s(x,7) : s(x,5) \
+ : c==1 ? s(x,0) \
+ : c==2 ? s(x,1) \
+ : c==3 ? s(x,2) \
+ : c==4 ? s(x,3) \
+ : c==5 ? s(x,4) \
+ : c==6 ? s(x,5) \
+ : s(x,6)) \
+ : r==2 ? \
+ ( c==0 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
+ : c==1 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
+ : c==2 ? nc==8 ? s(x,7) : s(x,0) \
+ : c==3 ? nc==8 ? s(x,0) : s(x,1) \
+ : c==4 ? nc==8 ? s(x,1) : s(x,2) \
+ : c==5 ? nc==8 ? s(x,2) : s(x,3) \
+ : c==6 ? s(x,3) \
+ : s(x,4)) \
+ : \
+ ( c==0 ? nc==4 ? s(x,1) : nc==8 ? s(x,4) : s(x,3) \
+ : c==1 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
+ : c==2 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
+ : c==3 ? nc==8 ? s(x,7) : s(x,0) \
+ : c==4 ? nc==8 ? s(x,0) : s(x,1) \
+ : c==5 ? nc==8 ? s(x,1) : s(x,2) \
+ : c==6 ? s(x,2) \
+ : s(x,3)))
+
+#define si(y,x,k,c) s(y,c) = const_word_in(x + 4 * c) ^ k[c]
+#define so(y,x,c) word_out(y + 4 * c, s(x,c))
+
+#if defined(FOUR_TABLES)
+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,it_tab,inv_var,rf1,c)
+#elif defined(ONE_TABLE)
+#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,ft_tab,fwd_var,rf1,c)
+#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,it_tab,inv_var,rf1,c)
+#else
+#define fwd_rnd(y,x,k,c) s(y,c) = fwd_mcol(no_table(x,s_box,fwd_var,rf1,c)) ^ (k)[c]
+#define inv_rnd(y,x,k,c) s(y,c) = inv_mcol(no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c])
+#endif
+
+#if defined(FOUR_LR_TABLES)
+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)
+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,il_tab,inv_var,rf1,c)
+#elif defined(ONE_LR_TABLE)
+#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,fl_tab,fwd_var,rf1,c)
+#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,il_tab,inv_var,rf1,c)
+#else
+#define fwd_lrnd(y,x,k,c) s(y,c) = no_table(x,s_box,fwd_var,rf1,c) ^ (k)[c]
+#define inv_lrnd(y,x,k,c) s(y,c) = no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c]
+#endif
+
+#if AES_BLOCK_SIZE == 16
+
+#if defined(ARRAYS)
+#define locals(y,x) x[4],y[4]
+#else
+#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
+// the following defines prevent the compiler requiring the declaration
+// of generated but unused variables in the fwd_var and inv_var macros
+#define b04 unused
+#define b05 unused
+#define b06 unused
+#define b07 unused
+#define b14 unused
+#define b15 unused
+#define b16 unused
+#define b17 unused
+#endif
+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
+ s(y,2) = s(x,2); s(y,3) = s(x,3);
+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
+
+#elif AES_BLOCK_SIZE == 24
+
+#if defined(ARRAYS)
+#define locals(y,x) x[6],y[6]
+#else
+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5, \
+ y##0,y##1,y##2,y##3,y##4,y##5
+#define b06 unused
+#define b07 unused
+#define b16 unused
+#define b17 unused
+#endif
+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
+ s(y,4) = s(x,4); s(y,5) = s(x,5);
+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); \
+ si(y,x,k,3); si(y,x,k,4); si(y,x,k,5)
+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); \
+ so(y,x,3); so(y,x,4); so(y,x,5)
+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); \
+ rm(y,x,k,3); rm(y,x,k,4); rm(y,x,k,5)
+#else
+
+#if defined(ARRAYS)
+#define locals(y,x) x[8],y[8]
+#else
+#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5,x##6,x##7, \
+ y##0,y##1,y##2,y##3,y##4,y##5,y##6,y##7
+#endif
+#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
+ s(y,2) = s(x,2); s(y,3) = s(x,3); \
+ s(y,4) = s(x,4); s(y,5) = s(x,5); \
+ s(y,6) = s(x,6); s(y,7) = s(x,7);
+
+#if AES_BLOCK_SIZE == 32
+
+#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3); \
+ si(y,x,k,4); si(y,x,k,5); si(y,x,k,6); si(y,x,k,7)
+#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3); \
+ so(y,x,4); so(y,x,5); so(y,x,6); so(y,x,7)
+#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3); \
+ rm(y,x,k,4); rm(y,x,k,5); rm(y,x,k,6); rm(y,x,k,7)
+#else
+
+#define state_in(y,x,k) \
+switch(nc) \
+{ case 8: si(y,x,k,7); si(y,x,k,6); \
+ case 6: si(y,x,k,5); si(y,x,k,4); \
+ case 4: si(y,x,k,3); si(y,x,k,2); \
+ si(y,x,k,1); si(y,x,k,0); \
+}
+
+#define state_out(y,x) \
+switch(nc) \
+{ case 8: so(y,x,7); so(y,x,6); \
+ case 6: so(y,x,5); so(y,x,4); \
+ case 4: so(y,x,3); so(y,x,2); \
+ so(y,x,1); so(y,x,0); \
+}
+
+#if defined(FAST_VARIABLE)
+
+#define round(rm,y,x,k) \
+switch(nc) \
+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
+ rm(y,x,k,5); rm(y,x,k,4); \
+ rm(y,x,k,3); rm(y,x,k,2); \
+ rm(y,x,k,1); rm(y,x,k,0); \
+ break; \
+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
+ rm(y,x,k,3); rm(y,x,k,2); \
+ rm(y,x,k,1); rm(y,x,k,0); \
+ break; \
+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
+ rm(y,x,k,1); rm(y,x,k,0); \
+ break; \
+}
+#else
+
+#define round(rm,y,x,k) \
+switch(nc) \
+{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
+ case 6: rm(y,x,k,5); rm(y,x,k,4); \
+ case 4: rm(y,x,k,3); rm(y,x,k,2); \
+ rm(y,x,k,1); rm(y,x,k,0); \
+}
+
+#endif
+
+#endif
+#endif
+
+/**
+ * Implementation of private_aes_cbc_crypter_t.encrypt_block.
+ */
+static void encrypt_block(const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[])
+{ u_int32_t locals(b0, b1);
+ const u_int32_t *kp = this->aes_e_key;
+
+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
+ u_int32_t f2;
+#endif
+
+ state_in(b0, in_blk, kp); kp += nc;
+
+#if defined(UNROLL)
+
+ switch(this->aes_Nrnd)
+ {
+ case 14: round(fwd_rnd, b1, b0, kp );
+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
+ case 12: round(fwd_rnd, b1, b0, kp );
+ round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
+ case 10: round(fwd_rnd, b1, b0, kp );
+ round(fwd_rnd, b0, b1, kp + nc);
+ round(fwd_rnd, b1, b0, kp + 2 * nc);
+ round(fwd_rnd, b0, b1, kp + 3 * nc);
+ round(fwd_rnd, b1, b0, kp + 4 * nc);
+ round(fwd_rnd, b0, b1, kp + 5 * nc);
+ round(fwd_rnd, b1, b0, kp + 6 * nc);
+ round(fwd_rnd, b0, b1, kp + 7 * nc);
+ round(fwd_rnd, b1, b0, kp + 8 * nc);
+ round(fwd_lrnd, b0, b1, kp + 9 * nc);
+ }
+
+#elif defined(PARTIAL_UNROLL)
+ { u_int32_t rnd;
+
+ for(rnd = 0; rnd < (this->aes_Nrnd >> 1) - 1; ++rnd)
+ {
+ round(fwd_rnd, b1, b0, kp);
+ round(fwd_rnd, b0, b1, kp + nc); kp += 2 * nc;
+ }
+
+ round(fwd_rnd, b1, b0, kp);
+ round(fwd_lrnd, b0, b1, kp + nc);
+ }
+#else
+ { u_int32_t rnd;
+
+ for(rnd = 0; rnd < this->aes_Nrnd - 1; ++rnd)
+ {
+ round(fwd_rnd, b1, b0, kp);
+ l_copy(b0, b1); kp += nc;
+ }
+
+ round(fwd_lrnd, b0, b1, kp);
+ }
+#endif
+
+ state_out(out_blk, b0);
+}
+
+/**
+ * Implementation of private_aes_cbc_crypter_t.decrypt_block.
+ */
+static void decrypt_block(const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[])
+{ u_int32_t locals(b0, b1);
+ const u_int32_t *kp = this->aes_d_key;
+
+#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
+ u_int32_t f2, f4, f8, f9;
+#endif
+
+ state_in(b0, in_blk, kp); kp += nc;
+
+#if defined(UNROLL)
+
+ switch(this->aes_Nrnd)
+ {
+ case 14: round(inv_rnd, b1, b0, kp );
+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
+ case 12: round(inv_rnd, b1, b0, kp );
+ round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
+ case 10: round(inv_rnd, b1, b0, kp );
+ round(inv_rnd, b0, b1, kp + nc);
+ round(inv_rnd, b1, b0, kp + 2 * nc);
+ round(inv_rnd, b0, b1, kp + 3 * nc);
+ round(inv_rnd, b1, b0, kp + 4 * nc);
+ round(inv_rnd, b0, b1, kp + 5 * nc);
+ round(inv_rnd, b1, b0, kp + 6 * nc);
+ round(inv_rnd, b0, b1, kp + 7 * nc);
+ round(inv_rnd, b1, b0, kp + 8 * nc);
+ round(inv_lrnd, b0, b1, kp + 9 * nc);
+ }
+
+#elif defined(PARTIAL_UNROLL)
+ { u_int32_t rnd;
+
+ for(rnd = 0; rnd < (this->aes_Nrnd >> 1) - 1; ++rnd)
+ {
+ round(inv_rnd, b1, b0, kp);
+ round(inv_rnd, b0, b1, kp + nc); kp += 2 * nc;
+ }
+
+ round(inv_rnd, b1, b0, kp);
+ round(inv_lrnd, b0, b1, kp + nc);
+ }
+#else
+ { u_int32_t rnd;
+
+ for(rnd = 0; rnd < this->aes_Nrnd - 1; ++rnd)
+ {
+ round(inv_rnd, b1, b0, kp);
+ l_copy(b0, b1); kp += nc;
+ }
+
+ round(inv_lrnd, b0, b1, kp);
+ }
+#endif
+
+ state_out(out_blk, b0);
+}
+
+/**
+ * Implementation of crypter_t.decrypt.
+ */
+static status_t decrypt (private_aes_cbc_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
+{
+ int ret, pos;
+ const u_int32_t *iv_i;
+ u_int8_t *in, *out;
+
+ ret = data.len;
+ if (((data.len) % 16) != 0)
+ {
+ /* data length must be padded to a multiple of blocksize */
+ return INVALID_ARG;
+ }
+
+ decrypted->ptr = malloc(data.len);
+ if (decrypted->ptr == NULL)
+ {
+ return OUT_OF_RES;
+ }
+ decrypted->len = data.len;
+
+ in = data.ptr;
+ out = decrypted->ptr;
+
+ pos=data.len-16;
+ in+=pos;
+ out+=pos;
+ while(pos>=0) {
+ this->decrypt_block(this,in,out);
+ if (pos==0)
+ iv_i=(const u_int32_t*) (iv.ptr);
+ else
+ iv_i=(const u_int32_t*) (in-16);
+ *((u_int32_t *)(&out[ 0])) ^= iv_i[0];
+ *((u_int32_t *)(&out[ 4])) ^= iv_i[1];
+ *((u_int32_t *)(&out[ 8])) ^= iv_i[2];
+ *((u_int32_t *)(&out[12])) ^= iv_i[3];
+ in-=16;
+ out-=16;
+ pos-=16;
+ }
+
+ return SUCCESS;
+}
+
+
+/**
+ * Implementation of crypter_t.decrypt.
+ */
+static status_t encrypt (private_aes_cbc_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
+{
+ int ret, pos;
+ const u_int32_t *iv_i;
+ u_int8_t *in, *out;
+
+ ret = data.len;
+ if (((data.len) % 16) != 0)
+ {
+ /* data length must be padded to a multiple of blocksize */
+ return INVALID_ARG;
+ }
+
+ encrypted->ptr = malloc(data.len);
+ if (encrypted->ptr == NULL)
+ {
+ return OUT_OF_RES;
+ }
+ encrypted->len = data.len;
+
+ in = data.ptr;
+ out = encrypted->ptr;
+
+ pos=0;
+ while(pos<data.len)
+ {
+ if (pos==0)
+ iv_i=(const u_int32_t*) iv.ptr;
+ else
+ iv_i=(const u_int32_t*) (out-16);
+ *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0]));
+ *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4]));
+ *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8]));
+ *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12]));
+ this->encrypt_block(this,out,out);
+ in+=16;
+ out+=16;
+ pos+=16;
+ }
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.get_block_size.
+ */
+static size_t get_block_size (private_aes_cbc_crypter_t *this)
+{
+ return AES_BLOCK_SIZE;
+}
+
+/**
+ * Implementation of crypter_t.get_key_size.
+ */
+static size_t get_key_size (private_aes_cbc_crypter_t *this)
+{
+ return this->key_size;
+}
+
+/**
+ * Implementation of crypter_t.set_key.
+ */
+static status_t set_key (private_aes_cbc_crypter_t *this, chunk_t key)
+{
+ u_int32_t *kf, *kt, rci, f = 0;
+ u_int8_t *in_key = key.ptr;
+
+ if (key.len != this->key_size)
+ {
+ return INVALID_ARG;
+ }
+
+ this->aes_Nrnd = (this->aes_Nkey > (nc) ? this->aes_Nkey : (nc)) + 6;
+
+ this->aes_e_key[0] = const_word_in(in_key );
+ this->aes_e_key[1] = const_word_in(in_key + 4);
+ this->aes_e_key[2] = const_word_in(in_key + 8);
+ this->aes_e_key[3] = const_word_in(in_key + 12);
+
+ kf = this->aes_e_key;
+ kt = kf + nc * (this->aes_Nrnd + 1) - this->aes_Nkey;
+ rci = 0;
+
+ switch(this->aes_Nkey)
+ {
+ case 4: do
+ { kf[4] = kf[0] ^ ls_box(kf[3],3) ^ rcon_tab[rci++];
+ kf[5] = kf[1] ^ kf[4];
+ kf[6] = kf[2] ^ kf[5];
+ kf[7] = kf[3] ^ kf[6];
+ kf += 4;
+ }
+ while(kf < kt);
+ break;
+
+ case 6: this->aes_e_key[4] = const_word_in(in_key + 16);
+ this->aes_e_key[5] = const_word_in(in_key + 20);
+ do
+ { kf[ 6] = kf[0] ^ ls_box(kf[5],3) ^ rcon_tab[rci++];
+ kf[ 7] = kf[1] ^ kf[ 6];
+ kf[ 8] = kf[2] ^ kf[ 7];
+ kf[ 9] = kf[3] ^ kf[ 8];
+ kf[10] = kf[4] ^ kf[ 9];
+ kf[11] = kf[5] ^ kf[10];
+ kf += 6;
+ }
+ while(kf < kt);
+ break;
+
+ case 8: this->aes_e_key[4] = const_word_in(in_key + 16);
+ this->aes_e_key[5] = const_word_in(in_key + 20);
+ this->aes_e_key[6] = const_word_in(in_key + 24);
+ this->aes_e_key[7] = const_word_in(in_key + 28);
+ do
+ { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
+ kf[ 9] = kf[1] ^ kf[ 8];
+ kf[10] = kf[2] ^ kf[ 9];
+ kf[11] = kf[3] ^ kf[10];
+ kf[12] = kf[4] ^ ls_box(kf[11],0);
+ kf[13] = kf[5] ^ kf[12];
+ kf[14] = kf[6] ^ kf[13];
+ kf[15] = kf[7] ^ kf[14];
+ kf += 8;
+ }
+ while (kf < kt);
+ break;
+ }
+
+ if(!f)
+ {
+ u_int32_t i;
+
+ kt = this->aes_d_key + nc * this->aes_Nrnd;
+ kf = this->aes_e_key;
+
+ cpy(kt, kf); kt -= 2 * nc;
+
+ for(i = 1; i < this->aes_Nrnd; ++i)
+ {
+#if defined(ONE_TABLE) || defined(FOUR_TABLES)
+#if !defined(ONE_IM_TABLE) && !defined(FOUR_IM_TABLES)
+ u_int32_t f2, f4, f8, f9;
+#endif
+ mix(kt, kf);
+#else
+ cpy(kt, kf);
+#endif
+ kt -= 2 * nc;
+ }
+ cpy(kt, kf);
+ }
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.destroy and aes_cbc_crypter_t.destroy.
+ */
+static void destroy (private_aes_cbc_crypter_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+aes_cbc_crypter_t *aes_cbc_crypter_create(size_t key_size)
+{
+ private_aes_cbc_crypter_t *this = malloc_thing(private_aes_cbc_crypter_t);
+
+ #if !defined(FIXED_TABLES)
+ if(!tab_gen) { gen_tabs(); tab_gen = 1; }
+ #endif
+
+ this->key_size = key_size;
+ switch(key_size) {
+ case 32: /* bytes */
+ this->aes_Nkey = 8;
+ break;
+ case 24: /* bytes */
+ this->aes_Nkey = 6;
+ break;
+ case 16: /* bytes */
+ this->aes_Nkey = 4;
+ break;
+ default:
+ free(this);
+ return NULL;
+ }
+
+ /* functions of crypter_t interface */
+ this->public.crypter_interface.encrypt = (status_t (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt;
+ this->public.crypter_interface.decrypt = (status_t (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt;
+ this->public.crypter_interface.get_block_size = (size_t (*) (crypter_t *)) get_block_size;
+ this->public.crypter_interface.get_key_size = (size_t (*) (crypter_t *)) get_key_size;
+ this->public.crypter_interface.set_key = (status_t (*) (crypter_t *,chunk_t)) set_key;
+ this->public.crypter_interface.destroy = (void (*) (crypter_t *)) destroy;
+
+ /* private functions */
+ this->decrypt_block = decrypt_block;
+ this->encrypt_block = encrypt_block;
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/crypters/aes_cbc_crypter.h b/src/libstrongswan/crypto/crypters/aes_cbc_crypter.h
new file mode 100644
index 000000000..5da248b8c
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/aes_cbc_crypter.h
@@ -0,0 +1,61 @@
+/**
+ * @file aes_cbc_crypter.h
+ *
+ * @brief Interface of aes_cbc_crypter_t
+ *
+ */
+
+/*
+ * Copyright (C) 2001 Dr B. R. Gladman <brg@gladman.uk.net>
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef AES_CBC_CRYPTER_H_
+#define AES_CBC_CRYPTER_H_
+
+typedef struct aes_cbc_crypter_t aes_cbc_crypter_t;
+
+#include <crypto/crypters/crypter.h>
+
+/**
+ * @brief Class implementing the AES symmetric encryption algorithm.
+ *
+ * @b Constructors:
+ * - aes_cbc_crypter_create()
+ *
+ * @ingroup crypters
+ */
+struct aes_cbc_crypter_t {
+
+ /**
+ * The crypter_t interface.
+ */
+ crypter_t crypter_interface;
+};
+
+/**
+ * @brief Constructor to create aes_cbc_crypter_t objects.
+ *
+ * Supported key sizes are: 16, 24 or 32.
+ *
+ * @param key_size key size in bytes
+ * @return
+ * - aes_cbc_crypter_t object
+ * - NULL if key size not supported
+ */
+aes_cbc_crypter_t *aes_cbc_crypter_create(size_t key_size);
+
+
+#endif /* AES_CBC_CRYPTER_H_ */
diff --git a/src/libstrongswan/crypto/crypters/crypter.c b/src/libstrongswan/crypto/crypters/crypter.c
new file mode 100644
index 000000000..7f62741a7
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/crypter.c
@@ -0,0 +1,68 @@
+/**
+ * @file crypter.c
+ *
+ * @brief Generic constructor for crypter_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "crypter.h"
+
+#include <crypto/crypters/aes_cbc_crypter.h>
+#include <crypto/crypters/des_crypter.h>
+
+
+ENUM_BEGIN(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_UNDEFINED,
+ "UNDEFINED");
+ENUM_NEXT(encryption_algorithm_names, ENCR_DES_IV64, ENCR_DES_IV32, ENCR_UNDEFINED,
+ "DES_IV64",
+ "DES",
+ "3DES",
+ "RC5",
+ "IDEA",
+ "CAST",
+ "BLOWFISH",
+ "3IDEA",
+ "DES_IV32");
+ENUM_NEXT(encryption_algorithm_names, ENCR_NULL, ENCR_AES_CTR, ENCR_DES_IV32,
+ "NULL",
+ "AES_CBC",
+ "AES_CTR");
+ENUM_END(encryption_algorithm_names, ENCR_AES_CTR);
+
+/*
+ * Described in header.
+ */
+crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm, size_t key_size)
+{
+ switch (encryption_algorithm)
+ {
+ case ENCR_AES_CBC:
+ {
+ return (crypter_t*)aes_cbc_crypter_create(key_size);
+ }
+ case ENCR_DES:
+ case ENCR_3DES:
+ {
+ return (crypter_t*)des_crypter_create(encryption_algorithm);
+ }
+ default:
+ return NULL;
+ }
+}
diff --git a/src/libstrongswan/crypto/crypters/crypter.h b/src/libstrongswan/crypto/crypters/crypter.h
new file mode 100644
index 000000000..46d94ce93
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/crypter.h
@@ -0,0 +1,155 @@
+/**
+ * @file crypter.h
+ *
+ * @brief Interface crypter_t
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CRYPTER_H_
+#define CRYPTER_H_
+
+typedef enum encryption_algorithm_t encryption_algorithm_t;
+typedef struct crypter_t crypter_t;
+
+#include <library.h>
+
+/**
+ * @brief Encryption algorithm, as in IKEv2 RFC 3.3.2.
+ *
+ * Currently only the following algorithms are implemented:
+ * - ENCR_AES_CBC
+ * - ENCR_DES
+ * - ENCR_3DES
+ *
+ * @ingroup crypters
+ */
+enum encryption_algorithm_t {
+ ENCR_UNDEFINED = 1024,
+ ENCR_DES_IV64 = 1,
+ /** Implemented in class des_crypter_t */
+ ENCR_DES = 2,
+ /** Implemented in class des_crypter_t */
+ ENCR_3DES = 3,
+ ENCR_RC5 = 4,
+ ENCR_IDEA = 5,
+ ENCR_CAST = 6,
+ ENCR_BLOWFISH = 7,
+ ENCR_3IDEA = 8,
+ ENCR_DES_IV32 = 9,
+ ENCR_NULL = 11,
+ /** Implemented in class aes_cbc_crypter_t */
+ ENCR_AES_CBC = 12,
+ ENCR_AES_CTR = 13
+};
+
+/**
+ * enum name for encryption_algorithm_t.
+ */
+extern enum_name_t *encryption_algorithm_names;
+
+/**
+ * @brief Generic interface for symmetric encryption algorithms.
+ *
+ * @b Constructors:
+ * - crypter_create()
+ *
+ * @ingroup crypters
+ */
+struct crypter_t {
+
+ /**
+ * @brief Encrypt a chunk of data and allocate space for the encrypted value.
+ *
+ * @param this calling object
+ * @param data data to encrypt
+ * @param iv initializing vector
+ * @param[out] encrypted pointer where the encrypted bytes will be written
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if data size not a multiple of block size
+ */
+ status_t (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted);
+
+ /**
+ * @brief Decrypt a chunk of data and allocate space for the decrypted value.
+ *
+ * @param this calling object
+ * @param data data to decrypt
+ * @param iv initializing vector
+ * @param[out] encrypted pointer where the decrypted bytes will be written
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if data size not a multiple of block size
+ */
+ status_t (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted);
+
+ /**
+ * @brief Get the block size of this crypter_t object.
+ *
+ * @param this calling object
+ * @return block size in bytes
+ */
+ size_t (*get_block_size) (crypter_t *this);
+
+ /**
+ * @brief Get the key size of this crypter_t object.
+ *
+ * @param this calling object
+ * @return key size in bytes
+ */
+ size_t (*get_key_size) (crypter_t *this);
+
+ /**
+ * @brief Set the key for this crypter_t object.
+ *
+ * @param this calling object
+ * @param key key to set
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if key length invalid
+ */
+ status_t (*set_key) (crypter_t *this, chunk_t key);
+
+ /**
+ * @brief Destroys a crypter_t object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (crypter_t *this);
+};
+
+/**
+ * @brief Generic constructor for crypter_t objects.
+ *
+ * Currently only the following algorithms are implemented:
+ * - ENCR_AES_CBC
+ * - ENCR_DES
+ * - ENCR_3DES
+ *
+ * The key_size is ignored for algorithms with fixed key size.
+ *
+ * @param encryption_algorithm Algorithm to use for crypter
+ * @param key_size size of the key in bytes
+ * @return
+ * - crypter_t object
+ * - NULL if encryption algorithm/key_size is not supported
+ */
+crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm, size_t key_size);
+
+#endif /*CRYPTER_H_*/
diff --git a/src/libstrongswan/crypto/crypters/des_crypter.c b/src/libstrongswan/crypto/crypters/des_crypter.c
new file mode 100644
index 000000000..dc5a8ff55
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/des_crypter.c
@@ -0,0 +1,1535 @@
+/**
+ * @file des_crypter.c
+ *
+ * @brief Implementation of des_crypter_t
+ *
+ */
+
+/* Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * Derived from Plutos DES library by Eric Young.
+ *
+ * Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_crypter.h"
+
+typedef u_char des_cblock[8];
+
+typedef struct des_ks_struct {
+ des_cblock _;
+} des_key_schedule[16];
+
+
+typedef struct private_des_crypter_t private_des_crypter_t;
+
+/**
+ * Private data for des_crypter_t
+ */
+struct private_des_crypter_t {
+
+ /**
+ * Public part of this class.
+ */
+ des_crypter_t public;
+
+ /**
+ * Key size, depends on algoritm...
+ */
+ size_t key_size;
+
+ union {
+ /** key schedule for single des */
+ des_key_schedule ks;
+ /** key schedule for 3des */
+ des_key_schedule ks3[3];
+ };
+};
+
+
+#define DES_ENCRYPT 1
+#define DES_DECRYPT 0
+
+#define DES_LONG u_int32_t
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#define DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#define DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+#define DES_PTR
+#define DES_RISC1
+#define DES_UNROLL
+#elif defined( __ultrix ) /* Older MIPS */
+#define DES_PTR
+#define DES_RISC2
+#define DES_UNROLL
+#elif defined( __osf1__ ) /* Alpha */
+#define DES_PTR
+#define DES_RISC2
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* Unknown */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+#define DES_UNROLL
+#elif defined( __sgi ) /* Newer MIPS */
+#define DES_PTR
+#define DES_RISC2
+#define DES_UNROLL
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+#define DES_PTR
+#define DES_RISC1
+#define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+
+#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#ifndef __KERNEL__
+#include <string.h>
+#else
+#include <linux/string.h>
+#endif
+#endif
+
+#ifndef RAND
+#define RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define getpid() 2
+#define RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define srandom(s) srand(s)
+#define random rand
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE (1024*16)
+#define BSIZE (MAXWRITE+4)
+
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 5: l2|=((DES_LONG)(*(--(c)))); \
+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 1: l1|=((DES_LONG)(*(--(c)))); \
+} \
+}
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+} \
+}
+
+#if defined(WIN32)
+#define ROTATE(a,n) (_lrotr(a,n))
+#else
+#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ t=R^(R>>16L); \
+ u=t&E0; t&=E1; \
+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ u=R^s[S ]; \
+ t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture. gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together. This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ u>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ u3=(int)(u>>8L); \
+ u1=(int)u&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ t>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ u3=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ s1=(int)(u>>16L); \
+ s2=(int)(u>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ s1=(int)(t>>16L); \
+ s2=(int)(t>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^= \
+ *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ u>>=16L; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ u3=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[4][u1]; \
+ LL^=des_SPtrans[6][u3]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ t>>=16L; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ u3=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[5][u1]; \
+ LL^=des_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ s1=(int)u>>16L; \
+ s2=(int)u>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[4][s1]; \
+ LL^=des_SPtrans[6][s2]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ s1=(int)t>>16; \
+ s2=(int)t>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[5][s1]; \
+ LL^=des_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^=\
+ des_SPtrans[0][(u>> 2L)&0x3f]^ \
+ des_SPtrans[2][(u>>10L)&0x3f]^ \
+ des_SPtrans[4][(u>>18L)&0x3f]^ \
+ des_SPtrans[6][(u>>26L)&0x3f]^ \
+ des_SPtrans[1][(t>> 2L)&0x3f]^ \
+ des_SPtrans[3][(t>>10L)&0x3f]^ \
+ des_SPtrans[5][(t>>18L)&0x3f]^ \
+ des_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+ /* IP and FP
+ * The problem is more of a geometric problem that random bit fiddling.
+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
+
+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
+
+ The output has been subject to swaps of the form
+ 0 1 -> 3 1 but the odd and even bits have been put into
+ 2 3 2 0
+ different words. The main trick is to remember that
+ t=((l>>size)^r)&(mask);
+ r^=t;
+ l^=(t<<size);
+ can be used to swap and move bits between words.
+
+ So l = 0 1 2 3 r = 16 17 18 19
+ 4 5 6 7 20 21 22 23
+ 8 9 10 11 24 25 26 27
+ 12 13 14 15 28 29 30 31
+ becomes (for size == 2 and mask == 0x3333)
+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
+
+ Thanks for hints from Richard Outerbridge - he told me IP&FP
+ could be done in 15 xor, 10 shifts and 5 ands.
+ When I finally started to think of the problem in 2D
+ I first got ~42 operations without xors. When I remembered
+ how to use xors :-) I got it to its final state.
+ */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+{ \
+ register DES_LONG tt; \
+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+ PERM_OP(l,r,tt,16,0x0000ffffL); \
+ PERM_OP(r,l,tt, 2,0x33333333L); \
+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+ PERM_OP(r,l,tt, 1,0x55555555L); \
+}
+
+#define FP(l,r) \
+{ \
+ register DES_LONG tt; \
+ PERM_OP(l,r,tt, 1,0x55555555L); \
+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+ PERM_OP(l,r,tt, 2,0x33333333L); \
+ PERM_OP(r,l,tt,16,0x0000ffffL); \
+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+}
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+#else
+void fcrypt_body();
+#endif
+
+static const DES_LONG des_skb[8][64]={
+ { /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+ 0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+ 0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+ 0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+ 0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+ 0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+ 0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+ 0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+ 0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+ 0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+ 0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+ 0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+ 0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+ 0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+ 0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+ 0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+ 0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+ },
+ { /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+ 0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+ 0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+ 0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+ 0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+ 0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+ 0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+ 0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+ 0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+ 0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+ 0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+ 0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+ 0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+ 0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+ 0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+ 0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+ 0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+ },
+ { /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+ 0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+ 0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+ 0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+ 0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+ 0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+ 0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+ 0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+ 0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+ 0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+ 0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+ 0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+ 0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+ 0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+ 0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+ 0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+ 0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+ },
+ { /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+ 0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+ 0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+ 0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+ 0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+ 0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+ 0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+ 0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+ 0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+ 0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+ 0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+ 0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+ 0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+ 0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+ 0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+ 0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+ 0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+ },
+ { /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+ 0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+ 0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+ 0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+ 0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+ 0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+ 0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+ 0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+ 0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+ 0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+ 0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+ 0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+ 0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+ 0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+ 0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+ 0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+ 0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+ },
+ { /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+ 0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+ 0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+ 0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+ 0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+ 0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+ 0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+ 0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+ 0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+ 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+ 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+ 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+ 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+ 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+ 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+ 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+ 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+ },
+ { /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+ 0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+ 0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+ 0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+ 0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+ 0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+ 0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+ 0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+ 0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+ 0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+ 0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+ 0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+ 0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+ 0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+ 0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+ 0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+ 0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+ },
+ { /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+ 0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+ 0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+ 0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+ 0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+ 0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+ 0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+ 0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+ 0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+ 0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+ 0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+ 0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+ 0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+ 0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+ 0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+ 0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+ 0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+ }
+};
+
+const DES_LONG des_SPtrans[8][64]={
+ {
+ /* nibble 0 */
+ 0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+ 0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+ 0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+ 0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+ 0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+ 0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+ 0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+ 0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+ 0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+ 0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+ 0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+ 0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+ 0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+ 0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+ 0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+ 0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+ },
+ { /* nibble 1 */
+ 0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+ 0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+ 0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+ 0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+ 0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+ 0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+ 0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+ 0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+ 0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+ 0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+ 0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+ 0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+ 0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+ 0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+ 0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+ 0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+ },
+ { /* nibble 2 */
+ 0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+ 0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+ 0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+ 0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+ 0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+ 0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+ 0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+ 0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+ 0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+ 0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+ 0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+ 0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+ 0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+ 0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+ 0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+ 0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+ },
+ { /* nibble 3 */
+ 0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+ 0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+ 0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+ 0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+ 0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+ 0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+ 0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+ 0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+ 0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+ 0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+ 0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+ 0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+ 0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+ 0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+ 0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+ 0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+ },
+ { /* nibble 4 */
+ 0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+ 0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+ 0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+ 0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+ 0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+ 0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+ 0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+ 0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+ 0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+ 0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+ 0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+ 0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+ 0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+ 0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+ 0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+ 0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+ },
+ { /* nibble 5 */
+ 0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+ 0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+ 0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+ 0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+ 0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+ 0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+ 0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+ 0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+ 0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+ 0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+ 0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+ 0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+ 0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+ 0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+ 0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+ 0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+ },
+ { /* nibble 6 */
+ 0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+ 0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+ 0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+ 0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+ 0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+ 0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+ 0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+ 0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+ 0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+ 0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+ 0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+ 0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+ 0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+ 0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+ 0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+ 0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+ },
+ { /* nibble 7 */
+ 0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+ 0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+ 0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+ 0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+ 0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+ 0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+ 0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+ 0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+ 0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+ 0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+ 0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+ 0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+ 0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+ 0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+ 0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+ 0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+ }
+};
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+ (a)=(a)^(t)^(t>>(16-(n))))
+
+static const unsigned char odd_parity[256]={
+ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+ 112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+ 128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+ 145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+ 161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+ 176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+ 193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+ 208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+ 224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+ 241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254
+};
+
+/**
+ * Create key schedule for a single DES 64Bit key
+ */
+static int des_set_key(des_cblock *key, des_key_schedule *schedule)
+{
+ static int shifts2[16] = {0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+ register DES_LONG c,d,t,s,t2;
+ register unsigned char *in;
+ register DES_LONG *k;
+ register int i;
+
+ for (i = 0; i < sizeof(des_cblock); i++)
+ {
+ (*key)[i] = odd_parity[(*key)[i]];
+ }
+
+ k=(DES_LONG *)schedule;
+ in=(unsigned char *)key;
+
+ c2l(in,c);
+ c2l(in,d);
+
+ /* do PC1 in 60 simple operations */
+/* PERM_OP(d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2, 0xcccc0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(c,t, 8, 0x00ff0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(d,t,-8, 0xff000000L);
+ HPERM_OP(d,t, 8, 0x00ff0000L);
+ HPERM_OP(d,t, 2, 0x33330000L);
+ d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
+ d=(d>>8)|((c&0xf0000000L)>>4);
+ c&=0x0fffffffL; */
+
+ /* I now do it in 47 simple operations :-)
+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ * for the inspiration. :-) */
+ PERM_OP (d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2,0xcccc0000L);
+ HPERM_OP(d,t,-2,0xcccc0000L);
+ PERM_OP (d,c,t,1,0x55555555L);
+ PERM_OP (c,d,t,8,0x00ff00ffL);
+ PERM_OP (d,c,t,1,0x55555555L);
+ d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
+ ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+ c&=0x0fffffffL;
+
+ for (i=0; i<ITERATIONS; i++)
+ {
+ if (shifts2[i])
+ { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+ else
+ { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+ c&=0x0fffffffL;
+ d&=0x0fffffffL;
+ /* could be a few less shifts but I am to lazy at this
+ * point in time to investigate */
+ s= des_skb[0][ (c )&0x3f ]|
+ des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
+ des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
+ des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
+ ((c>>22L)&0x38)];
+ t= des_skb[4][ (d )&0x3f ]|
+ des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+ des_skb[6][ (d>>15L)&0x3f ]|
+ des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+ /* table contained 0213 4657 */
+ t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+ *(k++)=ROTATE(t2,30)&0xffffffffL;
+
+ t2=((s>>16L)|(t&0xffff0000L));
+ *(k++)=ROTATE(t2,26)&0xffffffffL;
+ }
+ return(0);
+}
+
+
+static void des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
+{
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ IP(r,l);
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out. */
+ /* clear the top bits on machines with 8byte longs */
+ /* shift left by 2 */
+ r=ROTATE(r,29)&0xffffffffL;
+ l=ROTATE(l,29)&0xffffffffL;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+{
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+}
+#endif
+ }
+ else
+{
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+{
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+}
+#endif
+}
+
+ /* rotate and clear the top bits on machines with 8byte longs */
+ l=ROTATE(l,3)&0xffffffffL;
+ r=ROTATE(r,3)&0xffffffffL;
+
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ l=r=t=u=0;
+}
+
+/**
+ * DES CBC encrypt decrypt routine
+ */
+static void des_cbc_encrypt(des_cblock *input, des_cblock *output, long length,
+ des_key_schedule schedule, des_cblock *ivec, int enc)
+{
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ /* xor0=tin0;
+ xor1=tin1; */
+ }
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+}
+
+static void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
+{
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out.
+ * clear the top bits on machines with 8byte longs */
+ r=ROTATE(r,29)&0xffffffffL;
+ l=ROTATE(l,29)&0xffffffffL;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+{
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+}
+#endif
+ }
+ else
+{
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+{
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+}
+#endif
+}
+ /* rotate and clear the top bits on machines with 8byte longs */
+ data[0]=ROTATE(l,3)&0xffffffffL;
+ data[1]=ROTATE(r,3)&0xffffffffL;
+ l=r=t=u=0;
+}
+
+/**
+ * Single block 3DES EDE encrypt routine
+ */
+static void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3)
+{
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+}
+
+/**
+ * Single block 3DES EDE decrypt routine
+ */
+static void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3)
+{
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+}
+
+/**
+ * 3DES EDE CBC encrypt/decrypt routine
+ */
+static void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output, long length,
+ des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int enc)
+{
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ register DES_LONG t0,t1;
+
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=t0;
+ xor1=t1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=t0;
+ xor1=t1;
+ }
+
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+}
+
+/**
+ * Implementation of crypter_t.decrypt for DES.
+ */
+static status_t decrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
+{
+ des_cblock ivb;
+
+ if (data.len % sizeof(des_cblock) != 0 ||
+ iv.len != sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ *decrypted = chunk_alloc(data.len);
+ memcpy(&ivb, iv.ptr, sizeof(des_cblock));
+ des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+ data.len, this->ks, &ivb, DES_DECRYPT);
+ return SUCCESS;
+}
+
+
+/**
+ * Implementation of crypter_t.decrypt for DES.
+ */
+static status_t encrypt(private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
+{
+ des_cblock ivb;
+
+ if (data.len % sizeof(des_cblock) != 0 ||
+ iv.len != sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ *encrypted = chunk_alloc(data.len);
+ memcpy(&ivb, iv.ptr, sizeof(des_cblock));
+ des_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+ data.len, this->ks, &ivb, DES_ENCRYPT);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.decrypt for 3DES.
+ */
+static status_t decrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
+{
+ des_cblock ivb;
+
+ if (data.len % sizeof(des_cblock) != 0 ||
+ iv.len != sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ *decrypted = chunk_alloc(data.len);
+ memcpy(&ivb, iv.ptr, sizeof(des_cblock));
+ des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(decrypted->ptr),
+ data.len, this->ks3[0], this->ks3[1], this->ks3[2],
+ &ivb, DES_DECRYPT);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.decrypt for 3DES.
+ */
+static status_t encrypt3(private_des_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
+{
+ des_cblock ivb;
+
+ if (data.len % sizeof(des_cblock) != 0 ||
+ iv.len != sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ *encrypted = chunk_alloc(data.len);
+ memcpy(&ivb, iv.ptr, sizeof(des_cblock));
+ des_ede3_cbc_encrypt((des_cblock*)(data.ptr), (des_cblock*)(encrypted->ptr),
+ data.len, this->ks3[0], this->ks3[1], this->ks3[2],
+ &ivb, DES_ENCRYPT);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.get_block_size.
+ */
+static size_t get_block_size (private_des_crypter_t *this)
+{
+ return sizeof(des_cblock);
+}
+
+/**
+ * Implementation of crypter_t.get_key_size.
+ */
+static size_t get_key_size (private_des_crypter_t *this)
+{
+ return this->key_size;
+}
+
+/**
+ * Implementation of crypter_t.set_key for DES.
+ */
+static status_t set_key(private_des_crypter_t *this, chunk_t key)
+{
+ if (key.len != sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ des_set_key((des_cblock*)(key.ptr), &this->ks);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.set_key for 3DES.
+ */
+static status_t set_key3(private_des_crypter_t *this, chunk_t key)
+{
+ if (key.len != 3 * sizeof(des_cblock))
+ {
+ return INVALID_ARG;
+ }
+
+ des_set_key((des_cblock*)(key.ptr) + 0, &this->ks3[0]);
+ des_set_key((des_cblock*)(key.ptr) + 1, &this->ks3[1]);
+ des_set_key((des_cblock*)(key.ptr) + 2, &this->ks3[2]);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of crypter_t.destroy and des_crypter_t.destroy.
+ */
+static void destroy(private_des_crypter_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+des_crypter_t *des_crypter_create(encryption_algorithm_t algo)
+{
+ private_des_crypter_t *this = malloc_thing(private_des_crypter_t);
+
+ /* functions of crypter_t interface */
+ this->public.crypter_interface.get_block_size = (size_t (*) (crypter_t *)) get_block_size;
+ this->public.crypter_interface.get_key_size = (size_t (*) (crypter_t *)) get_key_size;
+ this->public.crypter_interface.destroy = (void (*) (crypter_t *)) destroy;
+
+ /* use functions depending on algorithm */
+ switch (algo)
+ {
+ case ENCR_DES:
+ this->key_size = sizeof(des_cblock);
+ this->public.crypter_interface.set_key = (status_t (*) (crypter_t *,chunk_t)) set_key;
+ this->public.crypter_interface.encrypt = (status_t (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt;
+ this->public.crypter_interface.decrypt = (status_t (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt;
+ break;
+ case ENCR_3DES:
+ this->key_size = 3 * sizeof(des_cblock);
+ this->public.crypter_interface.set_key = (status_t (*) (crypter_t *,chunk_t)) set_key3;
+ this->public.crypter_interface.encrypt = (status_t (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt3;
+ this->public.crypter_interface.decrypt = (status_t (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt3;
+ break;
+ default:
+ free(this);
+ return NULL;
+ }
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/crypters/des_crypter.h b/src/libstrongswan/crypto/crypters/des_crypter.h
new file mode 100644
index 000000000..0c87b0a9c
--- /dev/null
+++ b/src/libstrongswan/crypto/crypters/des_crypter.h
@@ -0,0 +1,58 @@
+/**
+ * @file des_crypter.h
+ *
+ * @brief Interface of des_crypter_t
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef DES_CRYPTER_H_
+#define DES_CRYPTER_H_
+
+typedef struct des_crypter_t des_crypter_t;
+
+#include <crypto/crypters/crypter.h>
+
+
+/**
+ * @brief Class implementing the DES and 3DES encryption algorithms.
+ *
+ * @b Constructors:
+ * - des_crypter_create()
+ *
+ * @ingroup crypters
+ */
+struct des_crypter_t {
+
+ /**
+ * The crypter_t interface.
+ */
+ crypter_t crypter_interface;
+};
+
+/**
+ * @brief Constructor to create des_crypter_t objects.
+ *
+ * @param algo ENCR_DES for single DES, ENCR_3DES for triple DES
+ * @return
+ * - des_crypter_t object
+ * - NULL if algo not supported
+ */
+des_crypter_t *des_crypter_create(encryption_algorithm_t algo);
+
+
+#endif /* DES_CRYPTER_H_ */
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
new file mode 100644
index 000000000..e4062066c
--- /dev/null
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -0,0 +1,612 @@
+/**
+ * @file diffie_hellman.c
+ *
+ * @brief Implementation of diffie_hellman_t.
+ *
+ */
+
+/*
+ * Copyright (C) 1998-2002 D. Hugh Redelmeier.
+ * Copyright (C) 1999, 2000, 2001 Henry Spencer.
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <gmp.h>
+#include <stdio.h>
+
+#include "diffie_hellman.h"
+
+#include <utils/randomizer.h>
+
+ENUM_BEGIN(diffie_hellman_group_names, MODP_NONE, MODP_1024_BIT,
+ "MODP_NONE",
+ "MODP_768_BIT",
+ "MODP_1024_BIT");
+ENUM_NEXT(diffie_hellman_group_names, MODP_1536_BIT, MODP_1536_BIT, MODP_1024_BIT,
+ "MODP_1536_BIT");
+ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, MODP_8192_BIT, MODP_1536_BIT,
+ "MODP_2048_BIT",
+ "MODP_3072_BIT",
+ "MODP_4096_BIT",
+ "MODP_6144_BIT",
+ "MODP_8192_BIT");
+ENUM_END(diffie_hellman_group_names, MODP_8192_BIT);
+
+
+/**
+ * Modulus of Group 1 (MODP_768_BIT).
+ */
+static u_int8_t group1_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80 ,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 2 (MODP_1024_BIT).
+ */
+static u_int8_t group2_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 5 (MODP_1536_BIT).
+ */
+static u_int8_t group5_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+/**
+ * Modulus of Group 14 (MODP_2048_BIT).
+ */
+static u_int8_t group14_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 15 (MODP_3072_BIT).
+ */
+static u_int8_t group15_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 16 (MODP_4096_BIT).
+ */
+static u_int8_t group16_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 17 (MODP_6144_BIT).
+ */
+static u_int8_t group17_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
+ 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+ 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
+ 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
+ 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+ 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
+ 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
+ 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+ 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
+ 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
+ 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+ 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
+ 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
+ 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+ 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
+ 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
+ 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
+};
+
+/**
+ * Modulus of Group 18 (MODP_8192_BIT).
+ */
+static u_int8_t group18_modulus[] = {
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
+ 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
+ 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
+ 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
+ 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
+ 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
+ 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
+ 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
+ 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
+ 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
+ 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
+ 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
+ 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
+ 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
+ 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
+ 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
+ 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
+ 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
+ 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
+ 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
+ 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
+ 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
+ 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
+ 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
+ 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
+ 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
+ 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
+ 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
+ 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
+ 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
+ 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
+ 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
+ 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
+ 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
+ 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
+ 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
+ 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
+ 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
+ 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
+ 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
+ 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
+ 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
+ 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
+ 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
+ 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
+ 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
+ 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
+ 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
+ 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA,
+ 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,
+ 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
+ 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D,
+ 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,
+ 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
+ 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8,
+ 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,
+ 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
+ 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D,
+ 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,
+ 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
+ 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B,
+ 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,
+ 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
+ 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+};
+
+typedef struct modulus_info_entry_t modulus_info_entry_t;
+
+/**
+ * Entry of the modulus list.
+ */
+struct modulus_info_entry_t {
+ /**
+ * Group number as it is defined in file transform_substructure.h.
+ */
+ diffie_hellman_group_t group;
+
+ /**
+ * Pointer to first byte of modulus (network order).
+ */
+ u_int8_t *modulus;
+
+ /*
+ * Length of modulus in bytes.
+ */
+ size_t modulus_length;
+
+ /*
+ * Generator value.
+ */
+ u_int16_t generator;
+};
+
+
+/**
+ * All supported modulus values.
+ */
+static modulus_info_entry_t modulus_info_entries[] = {
+ {MODP_768_BIT,group1_modulus,sizeof(group1_modulus),2},
+ {MODP_1024_BIT,group2_modulus,sizeof(group2_modulus),2},
+ {MODP_1536_BIT,group5_modulus,sizeof(group5_modulus),2},
+ {MODP_2048_BIT,group14_modulus,sizeof(group14_modulus),2},
+ {MODP_3072_BIT,group15_modulus,sizeof(group15_modulus),2},
+ {MODP_4096_BIT,group16_modulus,sizeof(group16_modulus),2},
+ {MODP_6144_BIT,group17_modulus,sizeof(group17_modulus),2},
+ {MODP_8192_BIT,group18_modulus,sizeof(group18_modulus),2},
+};
+
+typedef struct private_diffie_hellman_t private_diffie_hellman_t;
+
+/**
+ * Private data of an diffie_hellman_t object.
+ *
+ */
+struct private_diffie_hellman_t {
+ /**
+ * Public diffie_hellman_t interface.
+ */
+ diffie_hellman_t public;
+
+ /**
+ * Diffie Hellman group number.
+ */
+ u_int16_t dh_group_number;
+
+ /**
+ * Modulus.
+ */
+ mpz_t modulus;
+
+ /**
+ * Modulus length.
+ */
+ size_t modulus_length;
+
+ /*
+ * Generator value.
+ */
+ u_int16_t generator;
+
+ /**
+ * My private value .
+ */
+ mpz_t my_private_value;
+
+ /**
+ * My public value.
+ */
+ mpz_t my_public_value;
+
+ /**
+ * Other public value.
+ */
+ mpz_t other_public_value;
+
+ /**
+ * Shared secret.
+ */
+ mpz_t shared_secret;
+
+ /**
+ * True if shared secret is computed and stored in my_public_value.
+ */
+ bool shared_secret_is_computed;
+
+ /**
+ * Sets the modulus for a specific diffie hellman group.
+ *
+ * @param this calling object
+ * @return
+ * SUCCESS if modulus could be found
+ * NOT_FOUND if modulus not supported
+ */
+ status_t (*set_modulus) (private_diffie_hellman_t *this);
+
+ /**
+ * Makes sure my public value is computed.
+ *
+ * @param this calling object
+ */
+ void (*compute_public_value) (private_diffie_hellman_t *this);
+
+ /**
+ * Computes shared secret (other public value must be available).
+ *
+ * @param this calling object
+ */
+ void (*compute_shared_secret) (private_diffie_hellman_t *this);
+};
+
+/**
+ * Implementation of private_diffie_hellman_t.set_modulus.
+ */
+static status_t set_modulus(private_diffie_hellman_t *this)
+{
+ int i;
+ status_t status = NOT_FOUND;
+
+ for (i = 0; i < (sizeof(modulus_info_entries) / sizeof(modulus_info_entry_t)); i++)
+ {
+ if (modulus_info_entries[i].group == this->dh_group_number)
+ {
+ chunk_t modulus_chunk;
+ modulus_chunk.ptr = modulus_info_entries[i].modulus;
+ modulus_chunk.len = modulus_info_entries[i].modulus_length;
+ mpz_import(this->modulus, modulus_chunk.len, 1, 1, 1, 0, modulus_chunk.ptr);
+ this->modulus_length = modulus_chunk.len;
+ this->generator = modulus_info_entries[i].generator;
+ status = SUCCESS;
+ break;
+ }
+ }
+ return status;
+}
+
+/**
+ * Implementation of diffie_hellman_t.set_other_public_value.
+ */
+static void set_other_public_value(private_diffie_hellman_t *this,chunk_t public_value)
+{
+ mpz_import(this->other_public_value, public_value.len, 1, 1, 1, 0, public_value.ptr);
+ this->compute_shared_secret(this);
+}
+
+/**
+ * Implementation of diffie_hellman_t.get_other_public_value.
+ */
+static status_t get_other_public_value(private_diffie_hellman_t *this,chunk_t *public_value)
+{
+ if (!this->shared_secret_is_computed)
+ {
+ return FAILED;
+ }
+ public_value->len = this->modulus_length;
+ public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->other_public_value);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of private_diffie_hellman_t.compute_shared_secret.
+ */
+static void compute_shared_secret (private_diffie_hellman_t *this)
+{
+ /* initialize my public value */
+ mpz_init(this->shared_secret);
+ /* calculate my public value */
+ mpz_powm(this->shared_secret,this->other_public_value,this->my_private_value,this->modulus);
+
+ this->shared_secret_is_computed = TRUE;
+}
+
+/**
+ * Implementation of private_diffie_hellman_t.compute_public_value.
+ */
+static void compute_public_value (private_diffie_hellman_t *this)
+{
+ mpz_t generator;
+ /* initialize generator and set it*/
+ mpz_init_set_ui (generator,this->generator);
+ /* initialize my public value */
+ mpz_init(this->my_public_value);
+ /* calculate my public value */
+ mpz_powm(this->my_public_value,generator,this->my_private_value,this->modulus);
+ /* generator not used anymore */
+ mpz_clear(generator);
+}
+
+/**
+ * Implementation of diffie_hellman_t.get_my_public_value.
+ */
+static void get_my_public_value(private_diffie_hellman_t *this,chunk_t *public_value)
+{
+ public_value->len = this->modulus_length;
+ public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->my_public_value);
+}
+
+/**
+ * Implementation of diffie_hellman_t.get_shared_secret.
+ */
+static status_t get_shared_secret(private_diffie_hellman_t *this,chunk_t *secret)
+{
+ if (!this->shared_secret_is_computed)
+ {
+ return FAILED;
+ }
+ secret->len = this->modulus_length;
+ secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->shared_secret);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of diffie_hellman_t.get_dh_group.
+ */
+static diffie_hellman_group_t get_dh_group(private_diffie_hellman_t *this)
+{
+ return this->dh_group_number;
+}
+
+/**
+ * Implementation of diffie_hellman_t.destroy.
+ */
+static void destroy(private_diffie_hellman_t *this)
+{
+ mpz_clear(this->modulus);
+ mpz_clear(this->my_private_value);
+ mpz_clear(this->my_public_value);
+ mpz_clear(this->other_public_value);
+
+ if (this->shared_secret_is_computed)
+ {
+ /* other public value gets initialized together with shared secret */
+ mpz_clear(this->shared_secret);
+ }
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number)
+{
+ private_diffie_hellman_t *this = malloc_thing(private_diffie_hellman_t);
+ randomizer_t *randomizer;
+ chunk_t random_bytes;
+
+ /* public functions */
+ this->public.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret;
+ this->public.set_other_public_value = (void (*)(diffie_hellman_t *, chunk_t )) set_other_public_value;
+ this->public.get_other_public_value = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_other_public_value;
+ this->public.get_my_public_value = (void (*)(diffie_hellman_t *, chunk_t *)) get_my_public_value;
+ this->public.get_dh_group = (diffie_hellman_group_t (*)(diffie_hellman_t *)) get_dh_group;
+ this->public.destroy = (void (*)(diffie_hellman_t *)) destroy;
+
+ /* private functions */
+ this->set_modulus = set_modulus;
+ this->compute_public_value = compute_public_value;
+ this->compute_shared_secret = compute_shared_secret;
+
+ /* private variables */
+ this->dh_group_number = dh_group_number;
+ mpz_init(this->modulus);
+ mpz_init(this->other_public_value);
+ mpz_init(this->my_private_value);
+
+ /* set this->modulus */
+ if (this->set_modulus(this) != SUCCESS)
+ {
+ free(this);
+ return NULL;
+ }
+ randomizer = randomizer_create();
+ if (randomizer == NULL)
+ {
+ free(this);
+ return NULL;
+ }
+ if (randomizer->allocate_pseudo_random_bytes(randomizer, this->modulus_length, &random_bytes) != SUCCESS)
+ {
+ randomizer->destroy(randomizer);
+ free(this);
+ return NULL;
+ }
+
+ mpz_import(this->my_private_value, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+ chunk_free(&random_bytes);
+
+ randomizer->destroy(randomizer);
+
+ this->compute_public_value(this);
+
+ this->shared_secret_is_computed = FALSE;
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
new file mode 100644
index 000000000..29a2ab45b
--- /dev/null
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -0,0 +1,147 @@
+/**
+ * @file diffie_hellman.h
+ *
+ * @brief Interface of diffie_hellman_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef DIFFIE_HELLMAN_H_
+#define DIFFIE_HELLMAN_H_
+
+typedef enum diffie_hellman_group_t diffie_hellman_group_t;
+typedef struct diffie_hellman_t diffie_hellman_t;
+
+#include <library.h>
+
+/**
+ * @brief Diffie-Hellman group.
+ *
+ * The modulus (or group) to use for a Diffie-Hellman calculation.
+ *
+ * See IKEv2 RFC 3.3.2 and RFC 3526.
+ *
+ * @ingroup transforms
+ */
+enum diffie_hellman_group_t {
+ MODP_NONE = 0,
+ MODP_768_BIT = 1,
+ MODP_1024_BIT = 2,
+ MODP_1536_BIT = 5,
+ MODP_2048_BIT = 14,
+ MODP_3072_BIT = 15,
+ MODP_4096_BIT = 16,
+ MODP_6144_BIT = 17,
+ MODP_8192_BIT = 18
+};
+
+/**
+ * enum name for diffie_hellman_group_t.
+ */
+extern enum_name_t *diffie_hellman_group_names;
+
+/**
+ * @brief Implementation of the widely used Diffie-Hellman algorithm.
+ *
+ * @b Constructors:
+ * - diffie_hellman_create()
+ *
+ * @ingroup transforms
+ */
+struct diffie_hellman_t {
+
+ /**
+ * @brief Returns the shared secret of this diffie hellman exchange.
+ *
+ * @warning Space for returned secret is allocated and must be
+ * freed by the caller.
+ *
+ * @param this calling diffie_hellman_t object
+ * @param[out] secret shared secret will be written into this chunk
+ * @return
+ * - SUCCESS
+ * - FAILED if not both DH values are set
+ */
+ status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
+
+ /**
+ * @brief Sets the public value of partner.
+ *
+ * chunk gets cloned and can be destroyed afterwards.
+ *
+ * @param this calling diffie_hellman_t object
+ * @param public_value public value of partner
+ */
+ void (*set_other_public_value) (diffie_hellman_t *this, chunk_t public_value);
+
+ /**
+ * @brief Gets the public value of partner.
+ *
+ * @warning Space for returned chunk is allocated and must be
+ * freed by the caller.
+ *
+ * @param this calling diffie_hellman_t object
+ * @param[out] public_value public value of partner is stored at this location
+ * @return
+ * - SUCCESS
+ * - FAILED if other public value not set
+ */
+ status_t (*get_other_public_value) (diffie_hellman_t *this, chunk_t *public_value);
+
+ /**
+ * @brief Gets the public value of caller
+ *
+ * @warning Space for returned chunk is allocated and must be
+ * freed by the caller.
+ *
+ * @param this calling diffie_hellman_t object
+ * @param[out] public_value public value of caller is stored at this location
+ */
+ void (*get_my_public_value) (diffie_hellman_t *this, chunk_t *public_value);
+
+ /**
+ * @brief Get the DH group used.
+ *
+ * @param this calling diffie_hellman_t object
+ * @return DH group set in construction
+ */
+ diffie_hellman_group_t (*get_dh_group) (diffie_hellman_t *this);
+
+ /**
+ * @brief Destroys an diffie_hellman_t object.
+ *
+ * @param this diffie_hellman_t object to destroy
+ */
+ void (*destroy) (diffie_hellman_t *this);
+};
+
+/**
+ * @brief Creates a new diffie_hellman_t object.
+ *
+ * The first diffie hellman public value gets automatically created.
+ *
+ * @param dh_group_number Diffie Hellman group number to use
+ * @return
+ * - diffie_hellman_t object
+ * - NULL if dh group not supported
+ *
+ * @ingroup transforms
+ */
+diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number);
+
+#endif /*DIFFIE_HELLMAN_H_*/
diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c
new file mode 100644
index 000000000..7fa6346d6
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/hasher.c
@@ -0,0 +1,65 @@
+/**
+ * @file hasher.c
+ *
+ * @brief Generic constructor for hasher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "hasher.h"
+
+#include <crypto/hashers/sha1_hasher.h>
+#include <crypto/hashers/sha2_hasher.h>
+#include <crypto/hashers/md5_hasher.h>
+
+
+ENUM(hash_algorithm_names, HASH_MD2, HASH_SHA512,
+ "HASH_MD2",
+ "HASH_MD5",
+ "HASH_SHA1",
+ "HASH_SHA256",
+ "HASH_SHA384",
+ "HASH_SHA512"
+);
+
+/*
+ * Described in header.
+ */
+hasher_t *hasher_create(hash_algorithm_t hash_algorithm)
+{
+ switch (hash_algorithm)
+ {
+ case HASH_SHA1:
+ {
+ return (hasher_t*)sha1_hasher_create();
+ }
+ case HASH_SHA256:
+ case HASH_SHA384:
+ case HASH_SHA512:
+ {
+ return (hasher_t*)sha2_hasher_create(hash_algorithm);
+ }
+ case HASH_MD5:
+ {
+ return (hasher_t*)md5_hasher_create();
+ }
+ default:
+ return NULL;
+ }
+}
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
new file mode 100644
index 000000000..6c17f892d
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -0,0 +1,159 @@
+/**
+ * @file hasher.h
+ *
+ * @brief Interface hasher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef HASHER_H_
+#define HASHER_H_
+
+typedef enum hash_algorithm_t hash_algorithm_t;
+typedef struct hasher_t hasher_t;
+
+#include <library.h>
+
+/**
+ * @brief Algorithms to use for hashing.
+ *
+ * Currently only the following algorithms are implemented:
+ * - HASH_MD5
+ * - HASH_SHA1
+ * - HASH_SHA256
+ * - HASH_SHA384
+ * - HASH_SHA512
+ *
+ * @ingroup hashers
+ */
+enum hash_algorithm_t {
+ HASH_MD2 = 0,
+ /** Implemented in class md5_hasher_t */
+ HASH_MD5 = 1,
+ /** Implemented in class sha1_hasher_t */
+ HASH_SHA1 = 2,
+ /** Implemented in class sha2_hasher_t */
+ HASH_SHA256 = 3,
+ /** Implemented in class sha2_hasher_t */
+ HASH_SHA384 = 4,
+ /** Implemented in class sha2_hasher_t */
+ HASH_SHA512 = 5,
+};
+
+#define HASH_SIZE_MD2 16
+#define HASH_SIZE_MD5 16
+#define HASH_SIZE_SHA1 20
+#define HASH_SIZE_SHA256 32
+#define HASH_SIZE_SHA384 48
+#define HASH_SIZE_SHA512 64
+#define HASH_SIZE_MAX 64
+
+/**
+ * enum names for hash_algorithm_t.
+ */
+extern enum_name_t *hash_algorithm_names;
+
+
+/**
+ * @brief Generic interface for all hash functions.
+ *
+ * @b Constructors:
+ * - hasher_create()
+ *
+ * @ingroup hashers
+ */
+struct hasher_t {
+ /**
+ * @brief Hash data and write it in the buffer.
+ *
+ * If the parameter hash is NULL, no result is written back
+ * an more data can be appended to already hashed data.
+ * If not, the result is written back and the hasher is reset.
+ *
+ * The hash output parameter must hold at least
+ * hash_t.get_block_size() bytes.
+ *
+ * @param this calling object
+ * @param data data to hash
+ * @param[out] hash pointer where the hash will be written
+ */
+ void (*get_hash) (hasher_t *this, chunk_t data, u_int8_t *hash);
+
+ /**
+ * @brief Hash data and allocate space for the hash.
+ *
+ * If the parameter hash is NULL, no result is written back
+ * an more data can be appended to already hashed data.
+ * If not, the result is written back and the hasher is reset.
+ *
+ * @param this calling object
+ * @param data chunk with data to hash
+ * @param[out] hash chunk which will hold allocated hash
+ */
+ void (*allocate_hash) (hasher_t *this, chunk_t data, chunk_t *hash);
+
+ /**
+ * @brief Get the size of the resulting hash.
+ *
+ * @param this calling object
+ * @return hash size in bytes
+ */
+ size_t (*get_hash_size) (hasher_t *this);
+
+ /**
+ * @brief Resets the hashers state.
+ *
+ * @param this calling object
+ */
+ void (*reset) (hasher_t *this);
+
+ /**
+ * @brief Get the state of the hasher.
+ *
+ * A hasher stores internal state information. This state may be
+ * manipulated to include a "seed" into the hashing operation. It used by
+ * some exotic protocols (such as AKA).
+ * The data pointed by chunk may be manipulated, but not replaced nor freed.
+ * This is more a hack than a feature. The hasher's state may be byte
+ * order dependant; use with care.
+ *
+ * @param this calling object
+ */
+ chunk_t (*get_state) (hasher_t *this);
+
+ /**
+ * @brief Destroys a hasher object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (hasher_t *this);
+};
+
+/**
+ * @brief Generic interface to create a hasher_t.
+ *
+ * @param hash_algorithm Algorithm to use for hashing
+ * @return
+ * - hasher_t object
+ * - NULL if algorithm not supported
+ *
+ * @ingroup hashers
+ */
+hasher_t *hasher_create(hash_algorithm_t hash_algorithm);
+
+#endif /* HASHER_H_ */
diff --git a/src/libstrongswan/crypto/hashers/md5_hasher.c b/src/libstrongswan/crypto/hashers/md5_hasher.c
new file mode 100644
index 000000000..d4dde3693
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/md5_hasher.c
@@ -0,0 +1,405 @@
+/**
+ * @file md5_hasher.c
+ *
+ * @brief Implementation of md5_hasher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 1991-1992, RSA Data Security, Inc. Created 1991.
+ * All rights reserved.
+ *
+ * Derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.
+ * Ported to fulfill hasher_t interface.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "md5_hasher.h"
+
+
+/* Constants for MD5Transform routine. */
+#define S11 7
+#define S12 12
+#define S13 17
+#define S14 22
+#define S21 5
+#define S22 9
+#define S23 14
+#define S24 20
+#define S31 4
+#define S32 11
+#define S33 16
+#define S34 23
+#define S41 6
+#define S42 10
+#define S43 15
+#define S44 21
+
+static u_int8_t PADDING[64] = {
+ 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * ugly macro stuff
+ */
+/* F, G, H and I are basic MD5 functions.
+ */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+#define I(x, y, z) ((y) ^ ((x) | (~z)))
+
+/* ROTATE_LEFT rotates x left n bits.
+ */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+
+/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
+Rotation is separate from addition to prevent recomputation.
+ */
+#define FF(a, b, c, d, x, s, ac) { \
+ (a) += F ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ }
+#define GG(a, b, c, d, x, s, ac) { \
+ (a) += G ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ }
+#define HH(a, b, c, d, x, s, ac) { \
+ (a) += H ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ }
+#define II(a, b, c, d, x, s, ac) { \
+ (a) += I ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+ }
+
+
+
+typedef struct private_md5_hasher_t private_md5_hasher_t;
+
+/**
+ * Private data structure with hasing context.
+ */
+struct private_md5_hasher_t {
+ /**
+ * Public interface for this hasher.
+ */
+ md5_hasher_t public;
+
+ /*
+ * State of the hasher.
+ */
+ u_int32_t state[5];
+ u_int32_t count[2];
+ u_int8_t buffer[64];
+};
+
+
+#if BYTE_ORDER != LITTLE_ENDIAN
+
+/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is
+ * a multiple of 4.
+ */
+static void Encode (u_int8_t *output, u_int32_t *input, size_t len)
+{
+ size_t i, j;
+
+ for (i = 0, j = 0; j < len; i++, j += 4)
+ {
+ output[j] = (u_int8_t)(input[i] & 0xff);
+ output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff);
+ output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff);
+ output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff);
+ }
+}
+
+/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is
+ * a multiple of 4.
+ */
+static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
+{
+ size_t i, j;
+
+ for (i = 0, j = 0; j < len; i++, j += 4)
+ {
+ output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) |
+ (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24);
+ }
+}
+
+#elif BYTE_ORDER == LITTLE_ENDIAN
+ #define Encode memcpy
+ #define Decode memcpy
+#endif
+
+/* MD5 basic transformation. Transforms state based on block.
+ */
+static void MD5Transform(u_int32_t state[4], u_int8_t block[64])
+{
+ u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+
+ Decode(x, block, 64);
+
+ /* Round 1 */
+ FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
+ FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
+ FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
+ FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
+ FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
+ FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
+ FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
+ FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
+ FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
+ FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
+ FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
+ FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
+ FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
+ FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
+ FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
+ FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
+
+ /* Round 2 */
+ GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
+ GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
+ GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
+ GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
+ GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
+ GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
+ GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
+ GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
+ GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
+ GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
+ GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
+ GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
+ GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
+ GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
+ GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
+ GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
+
+ /* Round 3 */
+ HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
+ HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
+ HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
+ HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
+ HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
+ HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
+ HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
+ HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
+ HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
+ HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
+ HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
+ HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
+ HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
+ HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
+ HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
+ HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
+
+ /* Round 4 */
+ II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
+ II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
+ II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
+ II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
+ II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
+ II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
+ II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
+ II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
+ II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
+ II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
+ II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
+ II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
+ II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
+ II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
+ II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
+ II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
+
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+}
+
+/* MD5 block update operation. Continues an MD5 message-digest
+ * operation, processing another message block, and updating the
+ * context.
+ */
+static void MD5Update(private_md5_hasher_t *this, u_int8_t *input, size_t inputLen)
+{
+ u_int32_t i;
+ size_t index, partLen;
+
+ /* Compute number of bytes mod 64 */
+ index = (u_int8_t)((this->count[0] >> 3) & 0x3F);
+
+ /* Update number of bits */
+ if ((this->count[0] += (inputLen << 3)) < (inputLen << 3))
+ {
+ this->count[1]++;
+ }
+ this->count[1] += (inputLen >> 29);
+
+ partLen = 64 - index;
+
+ /* Transform as many times as possible. */
+ if (inputLen >= partLen)
+ {
+ memcpy(&this->buffer[index], input, partLen);
+ MD5Transform (this->state, this->buffer);
+
+ for (i = partLen; i + 63 < inputLen; i += 64)
+ {
+ MD5Transform (this->state, &input[i]);
+ }
+ index = 0;
+ }
+ else
+ {
+ i = 0;
+ }
+
+ /* Buffer remaining input */
+ memcpy(&this->buffer[index], &input[i], inputLen-i);
+}
+
+/* MD5 finalization. Ends an MD5 message-digest operation, writing the
+ * the message digest and zeroizing the context.
+ */
+static void MD5Final (private_md5_hasher_t *this, u_int8_t digest[16])
+{
+ u_int8_t bits[8];
+ size_t index, padLen;
+
+ /* Save number of bits */
+ Encode (bits, this->count, 8);
+
+ /* Pad out to 56 mod 64. */
+ index = (size_t)((this->count[0] >> 3) & 0x3f);
+ padLen = (index < 56) ? (56 - index) : (120 - index);
+ MD5Update (this, PADDING, padLen);
+
+ /* Append length (before padding) */
+ MD5Update (this, bits, 8);
+
+ if (digest != NULL) /* Bill Simpson's padding */
+ {
+ /* store state in digest */
+ Encode (digest, this->state, 16);
+ }
+}
+
+
+
+/**
+ * Implementation of hasher_t.get_hash.
+ */
+static void get_hash(private_md5_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+{
+ MD5Update(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ MD5Final(this, buffer);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+
+/**
+ * Implementation of hasher_t.allocate_hash.
+ */
+static void allocate_hash(private_md5_hasher_t *this, chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ MD5Update(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ allocated_hash.ptr = malloc(HASH_SIZE_MD5);
+ allocated_hash.len = HASH_SIZE_MD5;
+
+ MD5Final(this, allocated_hash.ptr);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size.
+ */
+static size_t get_hash_size(private_md5_hasher_t *this)
+{
+ return HASH_SIZE_MD5;
+}
+
+/**
+ * Implementation of hasher_t.reset.
+ */
+static void reset(private_md5_hasher_t *this)
+{
+ this->state[0] = 0x67452301;
+ this->state[1] = 0xefcdab89;
+ this->state[2] = 0x98badcfe;
+ this->state[3] = 0x10325476;
+ this->count[0] = 0;
+ this->count[1] = 0;
+}
+
+/**
+ * Implementation of hasher_t.get_state
+ */
+static chunk_t get_state(private_md5_hasher_t *this)
+{
+ chunk_t chunk;
+
+ chunk.ptr = (u_char*)&this->state[0];
+ chunk.len = sizeof(this->state);
+
+ return chunk;
+}
+
+/**
+ * Implementation of hasher_t.destroy.
+ */
+static void destroy(private_md5_hasher_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+md5_hasher_t *md5_hasher_create(void)
+{
+ private_md5_hasher_t *this = malloc_thing(private_md5_hasher_t);
+
+ this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
+ this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
+ this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
+ this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
+ this->public.hasher_interface.get_state = (chunk_t (*) (hasher_t*))get_state;
+ this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
+
+ /* initialize */
+ reset(this);
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/hashers/md5_hasher.h b/src/libstrongswan/crypto/hashers/md5_hasher.h
new file mode 100644
index 000000000..715f11663
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/md5_hasher.h
@@ -0,0 +1,60 @@
+/**
+ * @file md5_hasher.h
+ *
+ * @brief Interface for md5_hasher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef MD5_HASHER_H_
+#define MD5_HASHER_H_
+
+typedef struct md5_hasher_t md5_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of hasher_t interface using the
+ * MD5 algorithm.
+ *
+ * @b Constructors:
+ * - hasher_create() using HASH_MD5 as algorithm
+ * - md5_hasher_create()
+ *
+ * @see hasher_t
+ *
+ * @ingroup hashers
+ */
+struct md5_hasher_t {
+
+ /**
+ * Generic hasher_t interface for this hasher.
+ */
+ hasher_t hasher_interface;
+};
+
+/**
+ * @brief Creates a new md5_hasher_t.
+ *
+ * @return md5_hasher_t object
+ *
+ * @ingroup hashers
+ */
+md5_hasher_t *md5_hasher_create(void);
+
+#endif /*MD5_HASHER_H_*/
diff --git a/src/libstrongswan/crypto/hashers/sha1_hasher.c b/src/libstrongswan/crypto/hashers/sha1_hasher.c
new file mode 100644
index 000000000..6a86937ae
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/sha1_hasher.c
@@ -0,0 +1,280 @@
+/**
+ * @file sha1_hasher.c
+ *
+ * @brief Implementation of hasher_sha_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * Ported from Steve Reid's <steve@edmweb.com> implementation
+ * "SHA1 in C" found in strongSwan.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "sha1_hasher.h"
+
+/*
+ * ugly macro stuff
+ */
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+#if BYTE_ORDER == LITTLE_ENDIAN
+ #define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) |(rol(block->l[i],8)&0x00FF00FF))
+#elif BYTE_ORDER == BIG_ENDIAN
+ #define blk0(i) block->l[i]
+#else
+ #error "Endianness not defined!"
+#endif
+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] ^block->l[(i+2)&15]^block->l[i&15],1))
+
+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+
+
+typedef struct private_sha1_hasher_t private_sha1_hasher_t;
+
+/**
+ * Private data structure with hasing context.
+ */
+struct private_sha1_hasher_t {
+ /**
+ * Public interface for this hasher.
+ */
+ sha1_hasher_t public;
+
+ /*
+ * State of the hasher.
+ */
+ u_int32_t state[5];
+ u_int32_t count[2];
+ u_int8_t buffer[64];
+};
+
+/*
+ * Hash a single 512-bit block. This is the core of the algorithm. *
+ */
+static void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64])
+{
+ u_int32_t a, b, c, d, e;
+ typedef union {
+ u_int8_t c[64];
+ u_int32_t l[16];
+ } CHAR64LONG16;
+ CHAR64LONG16 block[1]; /* use array to appear as a pointer */
+ memcpy(block, buffer, 64);
+
+ /* Copy context->state[] to working vars */
+ a = state[0];
+ b = state[1];
+ c = state[2];
+ d = state[3];
+ e = state[4];
+ /* 4 rounds of 20 operations each. Loop unrolled. */
+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+ /* Add the working vars back into context.state[] */
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+ state[4] += e;
+ /* Wipe variables */
+ a = b = c = d = e = 0;
+ memset(block, '\0', sizeof(block));
+}
+
+/*
+ * Run your data through this.
+ */
+static void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
+{
+ u_int32_t i;
+ u_int32_t j;
+
+ j = this->count[0];
+ if ((this->count[0] += len << 3) < j)
+ {
+ this->count[1]++;
+ }
+ this->count[1] += (len>>29);
+ j = (j >> 3) & 63;
+ if ((j + len) > 63)
+ {
+ memcpy(&this->buffer[j], data, (i = 64-j));
+ SHA1Transform(this->state, this->buffer);
+ for ( ; i + 63 < len; i += 64)
+ {
+ SHA1Transform(this->state, &data[i]);
+ }
+ j = 0;
+ }
+ else
+ {
+ i = 0;
+ }
+ memcpy(&this->buffer[j], &data[i], len - i);
+}
+
+
+/*
+ * Add padding and return the message digest.
+ */
+static void SHA1Final(private_sha1_hasher_t *this, u_int8_t *digest)
+{
+ u_int32_t i;
+ u_int8_t finalcount[8];
+ u_int8_t c;
+
+ for (i = 0; i < 8; i++)
+ {
+ finalcount[i] = (u_int8_t)((this->count[(i >= 4 ? 0 : 1)]
+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
+ }
+ c = 0200;
+ SHA1Update(this, &c, 1);
+ while ((this->count[0] & 504) != 448)
+ {
+ c = 0000;
+ SHA1Update(this, &c, 1);
+ }
+ SHA1Update(this, finalcount, 8); /* Should cause a SHA1Transform() */
+ for (i = 0; i < 20; i++)
+ {
+ digest[i] = (u_int8_t)((this->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+ }
+}
+
+
+/**
+ * Implementation of hasher_t.get_hash.
+ */
+static void get_hash(private_sha1_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
+{
+ SHA1Update(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ SHA1Final(this, buffer);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+
+/**
+ * Implementation of hasher_t.allocate_hash.
+ */
+static void allocate_hash(private_sha1_hasher_t *this, chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ SHA1Update(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ allocated_hash.ptr = malloc(HASH_SIZE_SHA1);
+ allocated_hash.len = HASH_SIZE_SHA1;
+
+ SHA1Final(this, allocated_hash.ptr);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size.
+ */
+static size_t get_hash_size(private_sha1_hasher_t *this)
+{
+ return HASH_SIZE_SHA1;
+}
+
+/**
+ * Implementation of hasher_t.reset.
+ */
+static void reset(private_sha1_hasher_t *this)
+{
+ this->state[0] = 0x67452301;
+ this->state[1] = 0xEFCDAB89;
+ this->state[2] = 0x98BADCFE;
+ this->state[3] = 0x10325476;
+ this->state[4] = 0xC3D2E1F0;
+ this->count[0] = 0;
+ this->count[1] = 0;
+}
+
+/**
+ * Implementation of hasher_t.get_state
+ */
+static chunk_t get_state(private_sha1_hasher_t *this)
+{
+ chunk_t chunk;
+
+ chunk.ptr = (u_char*)&this->state[0];
+ chunk.len = sizeof(this->state);
+
+ return chunk;
+}
+
+/**
+ * Implementation of hasher_t.destroy.
+ */
+static void destroy(private_sha1_hasher_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+sha1_hasher_t *sha1_hasher_create(void)
+{
+ private_sha1_hasher_t *this = malloc_thing(private_sha1_hasher_t);
+
+ this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
+ this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
+ this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
+ this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
+ this->public.hasher_interface.get_state = (chunk_t (*) (hasher_t*))get_state;
+ this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
+
+ /* initialize */
+ reset(this);
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/hashers/sha1_hasher.h b/src/libstrongswan/crypto/hashers/sha1_hasher.h
new file mode 100644
index 000000000..380fa9845
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/sha1_hasher.h
@@ -0,0 +1,60 @@
+/**
+ * @file sha1_hasher.h
+ *
+ * @brief Interface of sha1_hasher_t
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef SHA1_HASHER_H_
+#define SHA1_HASHER_H_
+
+typedef struct sha1_hasher_t sha1_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of hasher_t interface using the
+ * SHA1 algorithm.
+ *
+ * @b Constructors:
+ * - hasher_create() using HASH_SHA1 as algorithm
+ * - sha1_hasher_create()
+ *
+ * @see hasher_t
+ *
+ * @ingroup hashers
+ */
+struct sha1_hasher_t {
+
+ /**
+ * Generic hasher_t interface for this hasher.
+ */
+ hasher_t hasher_interface;
+};
+
+/**
+ * @brief Creates a new sha1_hasher_t.
+ *
+ * @return sha1_hasher_t object
+ *
+ * @ingroup hashers
+ */
+sha1_hasher_t *sha1_hasher_create(void);
+
+#endif /*SHA1_HASHER_H_*/
diff --git a/src/libstrongswan/crypto/hashers/sha2_hasher.c b/src/libstrongswan/crypto/hashers/sha2_hasher.c
new file mode 100644
index 000000000..b68972cec
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/sha2_hasher.c
@@ -0,0 +1,672 @@
+/**
+ * @file sha2_hasher.c
+ *
+ * @brief Implementation of hasher_sha_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ * Copyright (C) 2001 Jari Ruusu.
+ *
+ * Ported from strongSwans implementation written by Jari Ruusu.
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "sha2_hasher.h"
+
+
+typedef struct private_sha512_hasher_t private_sha512_hasher_t;
+
+/**
+ * Private data structure with hasing context for SHA384 and SHA512
+ */
+struct private_sha512_hasher_t {
+ /**
+ * Public interface for this hasher.
+ */
+ sha2_hasher_t public;
+
+ unsigned char sha_out[128]; /* results are here, bytes 0..47/0..63 */
+ u_int64_t sha_H[8];
+ u_int64_t sha_blocks;
+ u_int64_t sha_blocksMSB;
+ int sha_bufCnt;
+};
+
+
+typedef struct private_sha256_hasher_t private_sha256_hasher_t;
+
+/**
+ * Private data structure with hasing context for SHA256
+ */
+struct private_sha256_hasher_t {
+ /**
+ * Public interface for this hasher.
+ */
+ sha2_hasher_t public;
+
+ unsigned char sha_out[64]; /* results are here, bytes 0...31 */
+ u_int32_t sha_H[8];
+ u_int64_t sha_blocks;
+ int sha_bufCnt;
+};
+
+
+static const u_int32_t sha256_hashInit[8] = {
+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c,
+ 0x1f83d9ab, 0x5be0cd19
+};
+
+static const u_int32_t sha256_K[64] = {
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1,
+ 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786,
+ 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147,
+ 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b,
+ 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a,
+ 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+};
+
+static const u_int64_t sha512_hashInit[8] = {
+ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL,
+ 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
+ 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
+};
+
+static const u_int64_t sha384_hashInit[8] = {
+ 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL,
+ 0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL,
+ 0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL
+};
+
+static const u_int64_t sha512_K[80] = {
+ 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
+ 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
+ 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
+ 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
+ 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL,
+ 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
+ 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL,
+ 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
+ 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL,
+ 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
+ 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL,
+ 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
+ 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL,
+ 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
+ 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
+ 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
+ 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL,
+ 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
+ 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL,
+ 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
+ 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL,
+ 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
+ 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL,
+ 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
+ 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
+ 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
+ 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
+};
+
+
+/* set macros for SHA256 */
+#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
+#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+#define R(x,y) ((y) >> (x))
+
+#define S(x,y) (((y) >> (x)) | ((y) << (32 - (x))))
+#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x))))
+#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x))))
+#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x))))
+#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x))))
+
+/**
+ * Single block SHA256 transformation
+ */
+static void sha256_transform(private_sha256_hasher_t *ctx,
+ const unsigned char *datap)
+{
+ register int j;
+ u_int32_t a, b, c, d, e, f, g, h;
+ u_int32_t T1, T2, W[64], Wm2, Wm15;
+
+ /* read the data, big endian byte order */
+ j = 0;
+ do {
+ W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) |
+ (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3]));
+ datap += 4;
+ } while(++j < 16);
+
+ /* initialize variables a...h */
+ a = ctx->sha_H[0];
+ b = ctx->sha_H[1];
+ c = ctx->sha_H[2];
+ d = ctx->sha_H[3];
+ e = ctx->sha_H[4];
+ f = ctx->sha_H[5];
+ g = ctx->sha_H[6];
+ h = ctx->sha_H[7];
+
+ /* apply compression function */
+ j = 0;
+ do
+ {
+ if(j >= 16)
+ {
+ Wm2 = W[j - 2];
+ Wm15 = W[j - 15];
+ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
+ }
+ T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j];
+ T2 = uSig0(a) + Maj(a,b,c);
+ h = g; g = f; f = e;
+ e = d + T1;
+ d = c; c = b; b = a;
+ a = T1 + T2;
+ } while(++j < 64);
+
+ /* compute intermediate hash value */
+ ctx->sha_H[0] += a;
+ ctx->sha_H[1] += b;
+ ctx->sha_H[2] += c;
+ ctx->sha_H[3] += d;
+ ctx->sha_H[4] += e;
+ ctx->sha_H[5] += f;
+ ctx->sha_H[6] += g;
+ ctx->sha_H[7] += h;
+
+ ctx->sha_blocks++;
+}
+
+/**
+ * Update SHA256 hash
+ */
+static void sha256_write(private_sha256_hasher_t *ctx,
+ const unsigned char *datap, int length)
+{
+ while(length > 0)
+ {
+ if(!ctx->sha_bufCnt)
+ {
+ while(length >= sizeof(ctx->sha_out))
+ {
+ sha256_transform(ctx, datap);
+ datap += sizeof(ctx->sha_out);
+ length -= sizeof(ctx->sha_out);
+ }
+ if(!length) return;
+ }
+ ctx->sha_out[ctx->sha_bufCnt] = *datap++;
+ length--;
+ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out))
+ {
+ sha256_transform(ctx, &ctx->sha_out[0]);
+ ctx->sha_bufCnt = 0;
+ }
+ }
+}
+
+/**
+ * finalize SHA256 hash
+ */
+static void sha256_final(private_sha256_hasher_t *ctx)
+{
+ register int j;
+ u_int64_t bitLength;
+ u_int32_t i;
+ unsigned char padByte, *datap;
+
+ bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3);
+ padByte = 0x80;
+ sha256_write(ctx, &padByte, 1);
+
+ /* pad extra space with zeroes */
+ padByte = 0;
+ while(ctx->sha_bufCnt != 56)
+ {
+ sha256_write(ctx, &padByte, 1);
+ }
+
+ /* write bit length, big endian byte order */
+ ctx->sha_out[56] = bitLength >> 56;
+ ctx->sha_out[57] = bitLength >> 48;
+ ctx->sha_out[58] = bitLength >> 40;
+ ctx->sha_out[59] = bitLength >> 32;
+ ctx->sha_out[60] = bitLength >> 24;
+ ctx->sha_out[61] = bitLength >> 16;
+ ctx->sha_out[62] = bitLength >> 8;
+ ctx->sha_out[63] = bitLength;
+ sha256_transform(ctx, &ctx->sha_out[0]);
+
+ /* return results in ctx->sha_out[0...31] */
+ datap = &ctx->sha_out[0];
+ j = 0;
+ do {
+ i = ctx->sha_H[j];
+ datap[0] = i >> 24;
+ datap[1] = i >> 16;
+ datap[2] = i >> 8;
+ datap[3] = i;
+ datap += 4;
+ } while(++j < 8);
+}
+
+/* update macros for SHA512 */
+#undef S
+#undef uSig0
+#undef uSig1
+#undef lSig0
+#undef lSig1
+#define S(x,y) (((y) >> (x)) | ((y) << (64 - (x))))
+#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x))))
+#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x))))
+#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x))))
+#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x))))
+
+/**
+ * Single block SHA384/SHA512 transformation
+ */
+static void sha512_transform(private_sha512_hasher_t *ctx,
+ const unsigned char *datap)
+{
+ register int j;
+ u_int64_t a, b, c, d, e, f, g, h;
+ u_int64_t T1, T2, W[80], Wm2, Wm15;
+
+ /* read the data, big endian byte order */
+ j = 0;
+ do {
+ W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) |
+ (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) |
+ (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) |
+ (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7]));
+ datap += 8;
+ } while(++j < 16);
+
+ /* initialize variables a...h */
+ a = ctx->sha_H[0];
+ b = ctx->sha_H[1];
+ c = ctx->sha_H[2];
+ d = ctx->sha_H[3];
+ e = ctx->sha_H[4];
+ f = ctx->sha_H[5];
+ g = ctx->sha_H[6];
+ h = ctx->sha_H[7];
+
+ /* apply compression function */
+ j = 0;
+ do {
+ if(j >= 16) {
+ Wm2 = W[j - 2];
+ Wm15 = W[j - 15];
+ W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16];
+ }
+ T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j];
+ T2 = uSig0(a) + Maj(a,b,c);
+ h = g; g = f; f = e;
+ e = d + T1;
+ d = c; c = b; b = a;
+ a = T1 + T2;
+ } while(++j < 80);
+
+ /* compute intermediate hash value */
+ ctx->sha_H[0] += a;
+ ctx->sha_H[1] += b;
+ ctx->sha_H[2] += c;
+ ctx->sha_H[3] += d;
+ ctx->sha_H[4] += e;
+ ctx->sha_H[5] += f;
+ ctx->sha_H[6] += g;
+ ctx->sha_H[7] += h;
+
+ ctx->sha_blocks++;
+ if(!ctx->sha_blocks) ctx->sha_blocksMSB++;
+}
+
+/**
+ * Update a SHA384/SHA512 hash
+ */
+static void sha512_write(private_sha512_hasher_t *ctx,
+ const unsigned char *datap, int length)
+{
+ while(length > 0)
+ {
+ if(!ctx->sha_bufCnt)
+ {
+ while(length >= sizeof(ctx->sha_out))
+ {
+ sha512_transform(ctx, datap);
+ datap += sizeof(ctx->sha_out);
+ length -= sizeof(ctx->sha_out);
+ }
+ if(!length) return;
+ }
+ ctx->sha_out[ctx->sha_bufCnt] = *datap++;
+ length--;
+ if(++ctx->sha_bufCnt == sizeof(ctx->sha_out))
+ {
+ sha512_transform(ctx, &ctx->sha_out[0]);
+ ctx->sha_bufCnt = 0;
+ }
+ }
+}
+
+/**
+ * Finalize a SHA384/SHA512 hash
+ */
+static void sha512_final(private_sha512_hasher_t *ctx)
+{
+ register int j;
+ u_int64_t bitLength, bitLengthMSB;
+ u_int64_t i;
+ unsigned char padByte, *datap;
+
+ bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3);
+ bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54);
+ padByte = 0x80;
+ sha512_write(ctx, &padByte, 1);
+
+ /* pad extra space with zeroes */
+ padByte = 0;
+ while(ctx->sha_bufCnt != 112)
+ {
+ sha512_write(ctx, &padByte, 1);
+ }
+
+ /* write bit length, big endian byte order */
+ ctx->sha_out[112] = bitLengthMSB >> 56;
+ ctx->sha_out[113] = bitLengthMSB >> 48;
+ ctx->sha_out[114] = bitLengthMSB >> 40;
+ ctx->sha_out[115] = bitLengthMSB >> 32;
+ ctx->sha_out[116] = bitLengthMSB >> 24;
+ ctx->sha_out[117] = bitLengthMSB >> 16;
+ ctx->sha_out[118] = bitLengthMSB >> 8;
+ ctx->sha_out[119] = bitLengthMSB;
+ ctx->sha_out[120] = bitLength >> 56;
+ ctx->sha_out[121] = bitLength >> 48;
+ ctx->sha_out[122] = bitLength >> 40;
+ ctx->sha_out[123] = bitLength >> 32;
+ ctx->sha_out[124] = bitLength >> 24;
+ ctx->sha_out[125] = bitLength >> 16;
+ ctx->sha_out[126] = bitLength >> 8;
+ ctx->sha_out[127] = bitLength;
+ sha512_transform(ctx, &ctx->sha_out[0]);
+
+ /* return results in ctx->sha_out[0...63] */
+ datap = &ctx->sha_out[0];
+ j = 0;
+ do {
+ i = ctx->sha_H[j];
+ datap[0] = i >> 56;
+ datap[1] = i >> 48;
+ datap[2] = i >> 40;
+ datap[3] = i >> 32;
+ datap[4] = i >> 24;
+ datap[5] = i >> 16;
+ datap[6] = i >> 8;
+ datap[7] = i;
+ datap += 8;
+ } while(++j < 8);
+}
+
+/**
+ * Implementation of hasher_t.get_hash for SHA256.
+ */
+static void get_hash256(private_sha256_hasher_t *this,
+ chunk_t chunk, u_int8_t *buffer)
+{
+ sha256_write(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ sha256_final(this);
+ memcpy(buffer, this->sha_out, HASH_SIZE_SHA256);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash for SHA384.
+ */
+static void get_hash384(private_sha512_hasher_t *this,
+ chunk_t chunk, u_int8_t *buffer)
+{
+ sha512_write(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ sha512_final(this);
+ memcpy(buffer, this->sha_out, HASH_SIZE_SHA384);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash for SHA512.
+ */
+static void get_hash512(private_sha512_hasher_t *this,
+ chunk_t chunk, u_int8_t *buffer)
+{
+ sha512_write(this, chunk.ptr, chunk.len);
+ if (buffer != NULL)
+ {
+ sha512_final(this);
+ memcpy(buffer, this->sha_out, HASH_SIZE_SHA512);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ }
+}
+
+/**
+ * Implementation of hasher_t.allocate_hash for SHA256.
+ */
+static void allocate_hash256(private_sha256_hasher_t *this,
+ chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ sha256_write(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ sha256_final(this);
+ allocated_hash = chunk_alloc(HASH_SIZE_SHA256);
+ memcpy(allocated_hash.ptr, this->sha_out, HASH_SIZE_SHA256);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.allocate_hash for SHA384.
+ */
+static void allocate_hash384(private_sha512_hasher_t *this,
+ chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ sha512_write(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ sha512_final(this);
+ allocated_hash = chunk_alloc(HASH_SIZE_SHA384);
+ memcpy(allocated_hash.ptr, this->sha_out, HASH_SIZE_SHA384);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.allocate_hash for SHA512.
+ */
+static void allocate_hash512(private_sha512_hasher_t *this,
+ chunk_t chunk, chunk_t *hash)
+{
+ chunk_t allocated_hash;
+
+ sha512_write(this, chunk.ptr, chunk.len);
+ if (hash != NULL)
+ {
+ sha512_final(this);
+ allocated_hash = chunk_alloc(HASH_SIZE_SHA512);
+ memcpy(allocated_hash.ptr, this->sha_out, HASH_SIZE_SHA512);
+ this->public.hasher_interface.reset(&(this->public.hasher_interface));
+ *hash = allocated_hash;
+ }
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size for SHA256.
+ */
+static size_t get_hash_size256(private_sha256_hasher_t *this)
+{
+ return HASH_SIZE_SHA256;
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size for SHA384.
+ */
+static size_t get_hash_size384(private_sha512_hasher_t *this)
+{
+ return HASH_SIZE_SHA384;
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size for SHA512.
+ */
+static size_t get_hash_size512(private_sha512_hasher_t *this)
+{
+ return HASH_SIZE_SHA512;
+}
+
+/**
+ * Implementation of hasher_t.reset for SHA256
+ */
+static void reset256(private_sha256_hasher_t *ctx)
+{
+ memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H));
+ ctx->sha_blocks = 0;
+ ctx->sha_bufCnt = 0;
+}
+
+/**
+ * Implementation of hasher_t.reset for SHA384
+ */
+static void reset384(private_sha512_hasher_t *ctx)
+{
+ memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H));
+ ctx->sha_blocks = 0;
+ ctx->sha_blocksMSB = 0;
+ ctx->sha_bufCnt = 0;
+}
+
+/**
+ * Implementation of hasher_t.reset for SHA512
+ */
+static void reset512(private_sha512_hasher_t *ctx)
+{
+ memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H));
+ ctx->sha_blocks = 0;
+ ctx->sha_blocksMSB = 0;
+ ctx->sha_bufCnt = 0;
+}
+
+/**
+ * Implementation of hasher_t.get_state for SHA256
+ */
+static chunk_t get_state256(private_sha256_hasher_t *ctx)
+{
+ chunk_t chunk;
+ chunk.ptr = (u_char*)&ctx->sha_H[0];
+ chunk.len = HASH_SIZE_SHA256;
+ return chunk;
+}
+
+/**
+ * Implementation of hasher_t.get_state for SHA384
+ */
+static chunk_t get_state384(private_sha512_hasher_t *ctx)
+{
+ chunk_t chunk;
+ chunk.ptr = (u_char*)&ctx->sha_H[0];
+ chunk.len = HASH_SIZE_SHA384;
+ return chunk;
+}
+/**
+ * Implementation of hasher_t.get_state for SHA512
+ */
+static chunk_t get_state512(private_sha512_hasher_t *ctx)
+{
+ chunk_t chunk;
+ chunk.ptr = (u_char*)&ctx->sha_H[0];
+ chunk.len = HASH_SIZE_SHA512;
+ return chunk;
+}
+
+/**
+ * Implementation of hasher_t.destroy.
+ */
+static void destroy(sha2_hasher_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+sha2_hasher_t *sha2_hasher_create(hash_algorithm_t algorithm)
+{
+ sha2_hasher_t *this;
+
+ switch (algorithm)
+ {
+ case HASH_SHA256:
+ this = (sha2_hasher_t*)malloc_thing(private_sha256_hasher_t);
+ this->hasher_interface.reset = (void(*)(hasher_t*))reset256;
+ this->hasher_interface.get_state = (chunk_t(*)(hasher_t*))get_state256;
+ this->hasher_interface.get_hash_size = (size_t(*)(hasher_t*))get_hash_size256;
+ this->hasher_interface.get_hash = (void(*)(hasher_t*,chunk_t,u_int8_t*))get_hash256;
+ this->hasher_interface.allocate_hash = (void(*)(hasher_t*,chunk_t,chunk_t*))allocate_hash256;
+ break;
+ case HASH_SHA384:
+ /* uses SHA512 data structure */
+ this = (sha2_hasher_t*)malloc_thing(private_sha512_hasher_t);
+ this->hasher_interface.reset = (void(*)(hasher_t*))reset384;
+ this->hasher_interface.get_state = (chunk_t(*)(hasher_t*))get_state384;
+ this->hasher_interface.get_hash_size = (size_t(*)(hasher_t*))get_hash_size384;
+ this->hasher_interface.get_hash = (void(*)(hasher_t*,chunk_t,u_int8_t*))get_hash384;
+ this->hasher_interface.allocate_hash = (void(*)(hasher_t*,chunk_t,chunk_t*))allocate_hash384;
+ break;
+ case HASH_SHA512:
+ this = (sha2_hasher_t*)malloc_thing(private_sha512_hasher_t);
+ this->hasher_interface.reset = (void(*)(hasher_t*))reset512;
+ this->hasher_interface.get_state = (chunk_t(*)(hasher_t*))get_state512;
+ this->hasher_interface.get_hash_size = (size_t(*)(hasher_t*))get_hash_size512;
+ this->hasher_interface.get_hash = (void(*)(hasher_t*,chunk_t,u_int8_t*))get_hash512;
+ this->hasher_interface.allocate_hash = (void(*)(hasher_t*,chunk_t,chunk_t*))allocate_hash512;
+ break;
+ default:
+ return NULL;
+ }
+ this->hasher_interface.destroy = (void(*)(hasher_t*))destroy;
+
+ /* initialize */
+ this->hasher_interface.reset(&this->hasher_interface);
+
+ return this;
+}
diff --git a/src/libstrongswan/crypto/hashers/sha2_hasher.h b/src/libstrongswan/crypto/hashers/sha2_hasher.h
new file mode 100644
index 000000000..91e82fedb
--- /dev/null
+++ b/src/libstrongswan/crypto/hashers/sha2_hasher.h
@@ -0,0 +1,62 @@
+/**
+ * @file sha2_hasher.h
+ *
+ * @brief Interface of sha2_hasher_t
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef SHA2_HASHER_H_
+#define SHA2_HASHER_H_
+
+typedef struct sha2_hasher_t sha2_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of hasher_t interface using the SHA2 algorithms.
+ *
+ * SHA2 is an other name for the SHA-256, SHA-384 and SHA-512 variants of
+ * the SHA hash algorithm.
+ *
+ * @b Constructors:
+ * - hasher_create() using HASH_SHA256, HASH_SHA384 or HASH_SHA512 as algorithm
+ * - sha2_hasher_create()
+ *
+ * @see hasher_t
+ *
+ * @ingroup hashers
+ */
+struct sha2_hasher_t {
+
+ /**
+ * Generic hasher_t interface for this hasher.
+ */
+ hasher_t hasher_interface;
+};
+
+/**
+ * @brief Creates a new sha2_hasher_t.
+ *
+ * @param algorithm HASH_SHA256, HASH_SHA384 or HASH_SHA512
+ * @return sha2_hasher_t object
+ *
+ * @ingroup hashers
+ */
+sha2_hasher_t *sha2_hasher_create(hash_algorithm_t algorithm);
+
+#endif /* SHA2_HASHER_H_ */
diff --git a/src/libstrongswan/crypto/hmac.c b/src/libstrongswan/crypto/hmac.c
new file mode 100644
index 000000000..df4f90bc8
--- /dev/null
+++ b/src/libstrongswan/crypto/hmac.c
@@ -0,0 +1,215 @@
+/**
+ * @file hmac.c
+ *
+ * @brief Implementation of hmac_t.
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General hmac License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General hmac License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "hmac.h"
+
+
+typedef struct private_hmac_t private_hmac_t;
+
+/**
+ * Private data of a hmac_t object.
+ *
+ * The variable names are the same as in the RFC.
+ */
+struct private_hmac_t {
+ /**
+ * Public hmac_t interface.
+ */
+ hmac_t hmac;
+
+ /**
+ * Block size, as in RFC.
+ */
+ u_int8_t b;
+
+ /**
+ * Hash function.
+ */
+ hasher_t *h;
+
+ /**
+ * Previously xor'ed key using opad.
+ */
+ chunk_t opaded_key;
+
+ /**
+ * Previously xor'ed key using ipad.
+ */
+ chunk_t ipaded_key;
+};
+
+/**
+ * Implementation of hmac_t.get_mac.
+ */
+static void get_mac(private_hmac_t *this, chunk_t data, u_int8_t *out)
+{
+ /* H(K XOR opad, H(K XOR ipad, text))
+ *
+ * if out is NULL, we append text to the inner hash.
+ * else, we complete the inner and do the outer.
+ *
+ */
+
+ u_int8_t buffer[this->h->get_hash_size(this->h)];
+ chunk_t inner;
+
+ if (out == NULL)
+ {
+ /* append data to inner */
+ this->h->get_hash(this->h, data, NULL);
+ }
+ else
+ {
+ /* append and do outer hash */
+ inner.ptr = buffer;
+ inner.len = this->h->get_hash_size(this->h);
+
+ /* complete inner */
+ this->h->get_hash(this->h, data, buffer);
+
+ /* do outer */
+ this->h->get_hash(this->h, this->opaded_key, NULL);
+ this->h->get_hash(this->h, inner, out);
+
+ /* reinit for next call */
+ this->h->get_hash(this->h, this->ipaded_key, NULL);
+ }
+}
+
+/**
+ * Implementation of hmac_t.allocate_mac.
+ */
+static void allocate_mac(private_hmac_t *this, chunk_t data, chunk_t *out)
+{
+ /* allocate space and use get_mac */
+ if (out == NULL)
+ {
+ /* append mode */
+ this->hmac.get_mac(&(this->hmac), data, NULL);
+ }
+ else
+ {
+ out->len = this->h->get_hash_size(this->h);
+ out->ptr = malloc(out->len);
+ this->hmac.get_mac(&(this->hmac), data, out->ptr);
+ }
+}
+
+/**
+ * Implementation of hmac_t.get_block_size.
+ */
+static size_t get_block_size(private_hmac_t *this)
+{
+ return this->h->get_hash_size(this->h);
+}
+
+/**
+ * Implementation of hmac_t.set_key.
+ */
+static void set_key(private_hmac_t *this, chunk_t key)
+{
+ int i;
+ u_int8_t buffer[this->b];
+
+ memset(buffer, 0, this->b);
+
+ if (key.len > this->b)
+ {
+ /* if key is too long, it will be hashed */
+ this->h->get_hash(this->h, key, buffer);
+ }
+ else
+ {
+ /* if not, just copy it in our pre-padded k */
+ memcpy(buffer, key.ptr, key.len);
+ }
+
+ /* apply ipad and opad to key */
+ for (i = 0; i < this->b; i++)
+ {
+ this->ipaded_key.ptr[i] = buffer[i] ^ 0x36;
+ this->opaded_key.ptr[i] = buffer[i] ^ 0x5C;
+ }
+
+ /* begin hashing of inner pad */
+ this->h->reset(this->h);
+ this->h->get_hash(this->h, this->ipaded_key, NULL);
+}
+
+/**
+ * Implementation of hmac_t.destroy.
+ */
+static void destroy(private_hmac_t *this)
+{
+ this->h->destroy(this->h);
+ free(this->opaded_key.ptr);
+ free(this->ipaded_key.ptr);
+ free(this);
+}
+
+/*
+ * Described in header
+ */
+hmac_t *hmac_create(hash_algorithm_t hash_algorithm)
+{
+ private_hmac_t *this;
+
+ this = malloc_thing(private_hmac_t);
+
+ /* set hmac_t methods */
+ this->hmac.get_mac = (void (*)(hmac_t *,chunk_t,u_int8_t*))get_mac;
+ this->hmac.allocate_mac = (void (*)(hmac_t *,chunk_t,chunk_t*))allocate_mac;
+ this->hmac.get_block_size = (size_t (*)(hmac_t *))get_block_size;
+ this->hmac.set_key = (void (*)(hmac_t *,chunk_t))set_key;
+ this->hmac.destroy = (void (*)(hmac_t *))destroy;
+
+ /* set b, according to hasher */
+ switch (hash_algorithm)
+ {
+ case HASH_SHA1:
+ case HASH_MD5:
+ case HASH_SHA256:
+ this->b = 64;
+ break;
+ case HASH_SHA384:
+ case HASH_SHA512:
+ this->b = 128;
+ break;
+ default:
+ free(this);
+ return NULL;
+ }
+
+ /* build the hasher */
+ this->h = hasher_create(hash_algorithm);
+
+ /* build ipad and opad */
+ this->opaded_key.ptr = malloc(this->b);
+ this->opaded_key.len = this->b;
+
+ this->ipaded_key.ptr = malloc(this->b);
+ this->ipaded_key.len = this->b;
+
+ return &(this->hmac);
+}
diff --git a/src/libstrongswan/crypto/hmac.h b/src/libstrongswan/crypto/hmac.h
new file mode 100644
index 000000000..d320bc5aa
--- /dev/null
+++ b/src/libstrongswan/crypto/hmac.h
@@ -0,0 +1,117 @@
+/**
+ * @file hmac.h
+ *
+ * @brief Interface of hmac_t.
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef HMAC_H_
+#define HMAC_H_
+
+typedef struct hmac_t hmac_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Message authentication using hash functions.
+ *
+ * This class implements the message authenticaion algorithm
+ * described in RFC2104. It uses a hash function, wich must
+ * be implemented as a hasher_t class.
+ *
+ * See http://www.faqs.org/rfcs/rfc2104.html for RFC.
+ * @see
+ * - hasher_t
+ * - prf_hmac_t
+ *
+ * @b Constructors:
+ * - hmac_create()
+ *
+ * @ingroup transforms
+ */
+struct hmac_t {
+ /**
+ * @brief Generate message authentication code.
+ *
+ * If buffer is NULL, no result is given back. A next call will
+ * append the data to already supplied data. If buffer is not NULL,
+ * the mac of all apended data is calculated, returned and the
+ * state of the hmac_t is reseted.
+ *
+ * @param this calling object
+ * @param data chunk of data to authenticate
+ * @param[out] buffer pointer where the generated bytes will be written
+ */
+ void (*get_mac) (hmac_t *this, chunk_t data, u_int8_t *buffer);
+
+ /**
+ * @brief Generates message authentication code and
+ * allocate space for them.
+ *
+ * If chunk is NULL, no result is given back. A next call will
+ * append the data to already supplied. If chunk is not NULL,
+ * the mac of all apended data is calculated, returned and the
+ * state of the hmac_t reset;
+ *
+ * @param this calling object
+ * @param data chunk of data to authenticate
+ * @param[out] chunk chunk which will hold generated bytes
+ */
+ void (*allocate_mac) (hmac_t *this, chunk_t data, chunk_t *chunk);
+
+ /**
+ * @brief Get the block size of this hmac_t object.
+ *
+ * @param this calling object
+ * @return block size in bytes
+ */
+ size_t (*get_block_size) (hmac_t *this);
+
+ /**
+ * @brief Set the key for this hmac_t object.
+ *
+ * Any key length is accepted.
+ *
+ * @param this calling object
+ * @param key key to set
+ */
+ void (*set_key) (hmac_t *this, chunk_t key);
+
+ /**
+ * @brief Destroys a hmac_t object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (hmac_t *this);
+};
+
+/**
+ * @brief Creates a new hmac_t object.
+ *
+ * Creates a hasher_t object internally.
+ *
+ * @param hash_algorithm hash algorithm to use
+ * @return
+ * - hmac_t object
+ * - NULL if hash algorithm is not supported
+ *
+ * @ingroup transforms
+ */
+hmac_t *hmac_create(hash_algorithm_t hash_algorithm);
+
+#endif /*HMAC_H_*/
diff --git a/src/libstrongswan/crypto/ocsp.c b/src/libstrongswan/crypto/ocsp.c
new file mode 100644
index 000000000..471996c8e
--- /dev/null
+++ b/src/libstrongswan/crypto/ocsp.c
@@ -0,0 +1,924 @@
+/**
+ * @file ocsp.c
+ *
+ * @brief Implementation of ocsp_t.
+ *
+ */
+
+/* Support of the Online Certificate Status Protocol (OCSP)
+ * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen
+ * Zuercher Hochschule Winterthur
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <utils/identification.h>
+#include <utils/randomizer.h>
+#include <utils/fetcher.h>
+#include <debug.h>
+
+#include "hashers/hasher.h"
+#include "rsa/rsa_public_key.h"
+#include "certinfo.h"
+#include "x509.h"
+#include "ocsp.h"
+
+#define NONCE_LENGTH 16
+
+typedef struct private_ocsp_t private_ocsp_t;
+
+/**
+ * Private data of a ocsp_t object.
+ */
+struct private_ocsp_t {
+ /**
+ * Public interface for this ocsp object.
+ */
+ ocsp_t public;
+
+ /**
+ * CA certificate.
+ */
+ x509_t *cacert;
+
+ /**
+ * Requestor certificate
+ */
+ x509_t *requestor_cert;
+
+ /**
+ * Linked list of ocsp uris
+ */
+ linked_list_t *uris;
+
+ /**
+ * Linked list of certinfos to be requested
+ */
+ linked_list_t *certinfos;
+
+ /**
+ * Nonce required for ocsp request and response
+ */
+ chunk_t nonce;
+
+ /**
+ * SHA-1 hash over issuer distinguished name
+ */
+ chunk_t authNameID;
+
+ /**
+ * SHA-1 hash over issuer public key
+ */
+ chunk_t authKeyID;
+};
+
+ENUM(response_status_names, STATUS_SUCCESSFUL, STATUS_UNAUTHORIZED,
+ "successful",
+ "malformed request",
+ "internal error",
+ "try later",
+ "signature required",
+ "unauthorized"
+);
+
+/* response container */
+typedef struct response_t response_t;
+
+struct response_t {
+ chunk_t chunk;
+ chunk_t tbs;
+ identification_t *responder_id_name;
+ chunk_t responder_id_key;
+ time_t produced_at;
+ chunk_t responses;
+ chunk_t nonce;
+ int algorithm;
+ chunk_t signature;
+ x509_t *responder_cert;
+
+ /**
+ * @brief Destroys the response_t object
+ *
+ * @param this response_t to destroy
+ */
+ void (*destroy) (response_t *this);
+};
+
+/**
+ * Implements response_t.destroy.
+ */
+static void response_destroy(response_t *this)
+{
+ DESTROY_IF(this->responder_id_name);
+ DESTROY_IF(this->responder_cert);
+ free(this->chunk.ptr);
+ free(this);
+}
+
+/**
+ * Creates a response_t object
+ */
+static response_t* response_create_from_chunk(chunk_t chunk)
+{
+ response_t *this = malloc_thing(response_t);
+
+ this->chunk = chunk;
+ this->tbs = chunk_empty;
+ this->responder_id_name = NULL;
+ this->responder_id_key = chunk_empty;
+ this->produced_at = UNDEFINED_TIME;
+ this->responses = chunk_empty;
+ this->nonce = chunk_empty;
+ this->algorithm = OID_UNKNOWN;
+ this->signature = chunk_empty;
+ this->responder_cert = NULL;
+
+ this->destroy = (void (*) (response_t*))response_destroy;
+
+ return this;
+}
+
+/* some OCSP specific prefabricated ASN.1 constants */
+
+static u_char ASN1_nonce_oid_str[] = {
+ 0x06, 0x09,
+ 0x2B, 0x06,
+ 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
+};
+
+static u_char ASN1_response_oid_str[] = {
+ 0x06, 0x09,
+ 0x2B, 0x06,
+ 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
+};
+
+static u_char ASN1_response_content_str[] = {
+ 0x04, 0x0D,
+ 0x30, 0x0B,
+ 0x06, 0x09,
+ 0x2B, 0x06,
+ 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
+};
+
+static const chunk_t ASN1_nonce_oid = chunk_from_buf(ASN1_nonce_oid_str);
+static const chunk_t ASN1_response_oid = chunk_from_buf(ASN1_response_oid_str);
+static const chunk_t ASN1_response_content = chunk_from_buf(ASN1_response_content_str);
+
+/* asn.1 definitions for parsing */
+
+static const asn1Object_t ocspResponseObjects[] = {
+ { 0, "OCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "responseStatus", ASN1_ENUMERATED, ASN1_BODY }, /* 1 */
+ { 1, "responseBytesContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 2 */
+ { 2, "responseBytes", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */
+ { 3, "responseType", ASN1_OID, ASN1_BODY }, /* 4 */
+ { 3, "response", ASN1_OCTET_STRING, ASN1_BODY }, /* 5 */
+ { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
+};
+
+#define OCSP_RESPONSE_STATUS 1
+#define OCSP_RESPONSE_TYPE 4
+#define OCSP_RESPONSE 5
+#define OCSP_RESPONSE_ROOF 7
+
+static const asn1Object_t basicResponseObjects[] = {
+ { 0, "BasicOCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "tbsResponseData", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
+ { 2, "versionContext", ASN1_CONTEXT_C_0, ASN1_NONE |
+ ASN1_DEF }, /* 2 */
+ { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
+ { 2, "responderIdContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 4 */
+ { 3, "responderIdByName", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */
+ { 2, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
+ { 2, "responderIdContext", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 7 */
+ { 3, "responderIdByKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 8 */
+ { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
+ { 2, "producedAt", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 10 */
+ { 2, "responses", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
+ { 2, "responseExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
+ { 3, "responseExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 13 */
+ { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 14 */
+ { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 15 */
+ { 5, "critical", ASN1_BOOLEAN, ASN1_BODY |
+ ASN1_DEF }, /* 16 */
+ { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */
+ { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
+ { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */
+ { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */
+ { 1, "certsContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 22 */
+ { 2, "certs", ASN1_SEQUENCE, ASN1_LOOP }, /* 23 */
+ { 3, "certificate", ASN1_SEQUENCE, ASN1_RAW }, /* 24 */
+ { 2, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
+ { 1, "end opt", ASN1_EOC, ASN1_END } /* 26 */
+};
+
+#define BASIC_RESPONSE_TBS_DATA 1
+#define BASIC_RESPONSE_VERSION 3
+#define BASIC_RESPONSE_ID_BY_NAME 5
+#define BASIC_RESPONSE_ID_BY_KEY 8
+#define BASIC_RESPONSE_PRODUCED_AT 10
+#define BASIC_RESPONSE_RESPONSES 11
+#define BASIC_RESPONSE_EXT_ID 15
+#define BASIC_RESPONSE_CRITICAL 16
+#define BASIC_RESPONSE_EXT_VALUE 17
+#define BASIC_RESPONSE_ALGORITHM 20
+#define BASIC_RESPONSE_SIGNATURE 21
+#define BASIC_RESPONSE_CERTIFICATE 24
+#define BASIC_RESPONSE_ROOF 27
+
+static const asn1Object_t responsesObjects[] = {
+ { 0, "responses", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "singleResponse", ASN1_EOC, ASN1_RAW }, /* 1 */
+ { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
+};
+
+#define RESPONSES_SINGLE_RESPONSE 1
+#define RESPONSES_ROOF 3
+
+static const asn1Object_t singleResponseObjects[] = {
+ { 0, "singleResponse", ASN1_SEQUENCE, ASN1_BODY }, /* 0 */
+ { 1, "certID", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
+ { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 2 */
+ { 2, "issuerNameHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 3 */
+ { 2, "issuerKeyHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 4 */
+ { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 5 */
+ { 1, "certStatusGood", ASN1_CONTEXT_S_0, ASN1_OPT }, /* 6 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
+ { 1, "certStatusRevoked", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 8 */
+ { 2, "revocationTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 9 */
+ { 2, "revocationReason", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 10 */
+ { 3, "crlReason", ASN1_ENUMERATED, ASN1_BODY }, /* 11 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
+ { 1, "certStatusUnknown", ASN1_CONTEXT_S_2, ASN1_OPT }, /* 14 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
+ { 1, "thisUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 16 */
+ { 1, "nextUpdateContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 17 */
+ { 2, "nextUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 18 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
+ { 1, "singleExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 20 */
+ { 2, "singleExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 21 */
+ { 3, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */
+ { 4, "extnID", ASN1_OID, ASN1_BODY }, /* 23 */
+ { 4, "critical", ASN1_BOOLEAN, ASN1_BODY |
+ ASN1_DEF }, /* 24 */
+ { 4, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 25 */
+ { 2, "end loop", ASN1_EOC, ASN1_END }, /* 26 */
+ { 1, "end opt", ASN1_EOC, ASN1_END } /* 27 */
+};
+
+#define SINGLE_RESPONSE_ALGORITHM 2
+#define SINGLE_RESPONSE_ISSUER_NAME_HASH 3
+#define SINGLE_RESPONSE_ISSUER_KEY_HASH 4
+#define SINGLE_RESPONSE_SERIAL_NUMBER 5
+#define SINGLE_RESPONSE_CERT_STATUS_GOOD 6
+#define SINGLE_RESPONSE_CERT_STATUS_REVOKED 8
+#define SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME 9
+#define SINGLE_RESPONSE_CERT_STATUS_CRL_REASON 11
+#define SINGLE_RESPONSE_CERT_STATUS_UNKNOWN 14
+#define SINGLE_RESPONSE_THIS_UPDATE 16
+#define SINGLE_RESPONSE_NEXT_UPDATE 18
+#define SINGLE_RESPONSE_EXT_ID 23
+#define SINGLE_RESPONSE_CRITICAL 24
+#define SINGLE_RESPONSE_EXT_VALUE 25
+#define SINGLE_RESPONSE_ROOF 28
+
+/**
+ * build requestorName (into TBSRequest)
+ */
+static chunk_t build_requestor_name(private_ocsp_t *this)
+{
+ identification_t *requestor_name = this->requestor_cert->get_subject(this->requestor_cert);
+
+ return asn1_wrap(ASN1_CONTEXT_C_1, "m",
+ asn1_simple_object(ASN1_CONTEXT_C_4,
+ requestor_name->get_encoding(requestor_name)));
+}
+
+/**
+ * build request (into requestList)
+ * no singleRequestExtensions used
+ */
+static chunk_t build_request(private_ocsp_t *this, certinfo_t *certinfo)
+{
+ chunk_t serialNumber = certinfo->get_serialNumber(certinfo);
+
+ chunk_t reqCert = asn1_wrap(ASN1_SEQUENCE, "cmmm",
+ ASN1_sha1_id,
+ asn1_simple_object(ASN1_OCTET_STRING, this->authNameID),
+ asn1_simple_object(ASN1_OCTET_STRING, this->authKeyID),
+ asn1_simple_object(ASN1_INTEGER, serialNumber));
+
+ return asn1_wrap(ASN1_SEQUENCE, "m", reqCert);
+}
+
+/**
+ * build requestList (into TBSRequest)
+ */
+static chunk_t build_request_list(private_ocsp_t *this)
+{
+ chunk_t requestList;
+ size_t datalen = 0;
+ linked_list_t *request_list = linked_list_create();
+
+ {
+ iterator_t *iterator = this->certinfos->create_iterator(this->certinfos, TRUE);
+ certinfo_t *certinfo;
+
+ while (iterator->iterate(iterator, (void**)&certinfo))
+ {
+ chunk_t *request = malloc_thing(chunk_t);
+
+ *request = build_request(this, certinfo);
+ request_list->insert_last(request_list, (void*)request);
+ datalen += request->len;
+ }
+ iterator->destroy(iterator);
+ }
+ {
+ iterator_t *iterator = request_list->create_iterator(request_list, TRUE);
+ chunk_t *request;
+
+ u_char *pos = build_asn1_object(&requestList, ASN1_SEQUENCE, datalen);
+
+ while (iterator->iterate(iterator, (void**)&request))
+ {
+ memcpy(pos, request->ptr, request->len);
+ pos += request->len;
+ free(request->ptr);
+ free(request);
+ }
+ iterator->destroy(iterator);
+ request_list->destroy(request_list);
+ }
+ return requestList;
+}
+
+/**
+ * build nonce extension (into requestExtensions)
+ */
+static chunk_t build_nonce_extension(private_ocsp_t *this)
+{
+ randomizer_t *randomizer = randomizer_create();
+
+ /* generate a random nonce */
+ randomizer->allocate_pseudo_random_bytes(randomizer, NONCE_LENGTH, &this->nonce);
+ randomizer->destroy(randomizer);
+
+ return asn1_wrap(ASN1_SEQUENCE, "cm",
+ ASN1_nonce_oid,
+ asn1_simple_object(ASN1_OCTET_STRING, this->nonce));
+}
+
+/**
+ * build requestExtensions (into TBSRequest)
+ */
+static chunk_t build_request_ext(private_ocsp_t *this)
+{
+ return asn1_wrap(ASN1_CONTEXT_C_2, "m",
+ asn1_wrap(ASN1_SEQUENCE, "mm",
+ build_nonce_extension(this),
+ asn1_wrap(ASN1_SEQUENCE, "cc",
+ ASN1_response_oid,
+ ASN1_response_content
+ )
+ )
+ );
+}
+
+/**
+ * build TBSRequest (into OCSPRequest)
+ */
+static chunk_t build_tbs_request(private_ocsp_t *this, bool has_requestor_cert)
+{
+ /* version is skipped since the default is ok */
+ return asn1_wrap(ASN1_SEQUENCE, "mmm",
+ (has_requestor_cert)? build_requestor_name(this): chunk_empty,
+ build_request_list(this),
+ build_request_ext(this));
+}
+
+/**
+ * build signature into ocsp request
+ * gets built only if a request cert with a corresponding private key is found
+ */
+static chunk_t build_signature(private_ocsp_t *this, chunk_t tbsRequest)
+{
+ /* TODO */
+ return chunk_empty;
+}
+
+/**
+ * assembles an ocsp request and sets the nonce field in private_ocsp_t to the sent nonce
+ */
+static chunk_t ocsp_build_request(private_ocsp_t *this)
+{
+ bool has_requestor_cert;
+ chunk_t keyid = this->cacert->get_keyid(this->cacert);
+ chunk_t tbsRequest, signature;
+
+ DBG2("assembling ocsp request");
+ DBG2("issuer: '%D'", this->cacert->get_subject(this->cacert));
+ DBG2("keyid: %#B", &keyid);
+
+ /* looks for requestor cert and matching private key */
+ has_requestor_cert = FALSE;
+
+ /* TODO has_requestor_cert = get_ocsp_requestor_cert(location); */
+
+ /* build content */
+ tbsRequest = build_tbs_request(this, has_requestor_cert);
+
+ /* sign tbsReuqest */
+ signature = (has_requestor_cert)? build_signature(this, tbsRequest): chunk_empty;
+
+ return asn1_wrap(ASN1_SEQUENCE, "mm",
+ tbsRequest,
+ signature);
+
+ return signature;
+}
+
+/**
+ * parse a basic OCSP response
+ */
+static bool ocsp_parse_basic_response(chunk_t blob, int level0, response_t *res)
+{
+ u_int level, version;
+ u_int extn_oid = OID_UNKNOWN;
+ asn1_ctx_t ctx;
+ bool critical;
+ chunk_t object;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < BASIC_RESPONSE_ROOF)
+ {
+ if (!extract_object(basicResponseObjects, &objectID, &object, &level, &ctx))
+ {
+ return FALSE;
+ }
+
+ switch (objectID)
+ {
+ case BASIC_RESPONSE_TBS_DATA:
+ res->tbs = object;
+ break;
+ case BASIC_RESPONSE_VERSION:
+ version = (object.len)? (1 + (u_int)*object.ptr) : 1;
+ if (version != OCSP_BASIC_RESPONSE_VERSION)
+ {
+ DBG1("wrong ocsp basic response version (version= %i)", version);
+ return FALSE;
+ }
+ break;
+ case BASIC_RESPONSE_ID_BY_NAME:
+ res->responder_id_name = identification_create_from_encoding(ID_DER_ASN1_DN, object);
+ DBG2(" '%D'", res->responder_id_name);
+ break;
+ case BASIC_RESPONSE_ID_BY_KEY:
+ res->responder_id_key = object;
+ break;
+ case BASIC_RESPONSE_PRODUCED_AT:
+ res->produced_at = asn1totime(&object, ASN1_GENERALIZEDTIME);
+ break;
+ case BASIC_RESPONSE_RESPONSES:
+ res->responses = object;
+ break;
+ case BASIC_RESPONSE_EXT_ID:
+ extn_oid = known_oid(object);
+ break;
+ case BASIC_RESPONSE_CRITICAL:
+ critical = object.len && *object.ptr;
+ DBG2(" %s", critical? "TRUE" : "FALSE");
+ break;
+ case BASIC_RESPONSE_EXT_VALUE:
+ if (extn_oid == OID_NONCE)
+ res->nonce = object;
+ break;
+ case BASIC_RESPONSE_ALGORITHM:
+ res->algorithm = parse_algorithmIdentifier(object, level+1, NULL);
+ break;
+ case BASIC_RESPONSE_SIGNATURE:
+ res->signature = object;
+ break;
+ case BASIC_RESPONSE_CERTIFICATE:
+ {
+ chunk_t blob = chunk_clone(object);
+
+ res->responder_cert = x509_create_from_chunk(blob, level+1);
+ }
+ break;
+ }
+ objectID++;
+ }
+ return TRUE;
+}
+
+/**
+ * parse an ocsp response and return the result as a response_t struct
+ */
+static response_status ocsp_parse_response(response_t *res)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ response_status rStatus = STATUS_INTERNALERROR;
+ u_int ocspResponseType = OID_UNKNOWN;
+
+ asn1_init(&ctx, res->chunk, 0, FALSE, FALSE);
+
+ while (objectID < OCSP_RESPONSE_ROOF)
+ {
+ if (!extract_object(ocspResponseObjects, &objectID, &object, &level, &ctx))
+ {
+ return STATUS_INTERNALERROR;
+ }
+
+ switch (objectID)
+ {
+ case OCSP_RESPONSE_STATUS:
+ rStatus = (response_status) *object.ptr;
+ DBG2(" '%N'", response_status_names, rStatus);
+
+ switch (rStatus)
+ {
+ case STATUS_SUCCESSFUL:
+ break;
+ case STATUS_MALFORMEDREQUEST:
+ case STATUS_INTERNALERROR:
+ case STATUS_TRYLATER:
+ case STATUS_SIGREQUIRED:
+ case STATUS_UNAUTHORIZED:
+ DBG1("unsuccessful ocsp response: server said '%N'",
+ response_status_names, rStatus);
+ return rStatus;
+ default:
+ return STATUS_INTERNALERROR;
+ }
+ break;
+ case OCSP_RESPONSE_TYPE:
+ ocspResponseType = known_oid(object);
+ break;
+ case OCSP_RESPONSE:
+ {
+ switch (ocspResponseType)
+ {
+ case OID_BASIC:
+ if (!ocsp_parse_basic_response(object, level+1, res))
+ {
+ return STATUS_INTERNALERROR;
+ }
+ break;
+ default:
+ DBG1("ocsp response is not of type BASIC");
+ DBG1("ocsp response OID: %#B", &object);
+ return STATUS_INTERNALERROR;
+ }
+ }
+ break;
+ }
+ objectID++;
+ }
+ return rStatus;
+}
+
+/**
+ * Check if the OCSP response has a valid signature
+ */
+static bool ocsp_valid_response(response_t *res, x509_t *ocsp_cert)
+{
+ rsa_public_key_t *public_key;
+ time_t until = UNDEFINED_TIME;
+ err_t ugh;
+
+ DBG2("verifying ocsp response signature:");
+ DBG2("signer: '%D'", ocsp_cert->get_subject(ocsp_cert));
+ DBG2("issuer: '%D'", ocsp_cert->get_issuer(ocsp_cert));
+
+ ugh = ocsp_cert->is_valid(ocsp_cert, &until);
+ if (ugh != NULL)
+ {
+ DBG1("ocsp signer certificate %s", ugh);
+ return FALSE;
+ }
+ public_key = ocsp_cert->get_public_key(ocsp_cert);
+
+ return public_key->verify_emsa_pkcs1_signature(public_key, res->tbs, res->signature) == SUCCESS;
+}
+
+/**
+ * parse a single OCSP response
+ */
+static bool ocsp_parse_single_response(private_ocsp_t *this, chunk_t blob, int level0)
+{
+ u_int level, extn_oid;
+ asn1_ctx_t ctx;
+ bool critical;
+ chunk_t object;
+ int objectID = 0;
+
+ certinfo_t *certinfo = NULL;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < SINGLE_RESPONSE_ROOF)
+ {
+ if (!extract_object(singleResponseObjects, &objectID, &object, &level, &ctx))
+ {
+ return FALSE;
+ }
+
+ switch (objectID)
+ {
+ case SINGLE_RESPONSE_ALGORITHM:
+ if (parse_algorithmIdentifier(object, level+1, NULL) != OID_SHA1)
+ {
+ DBG1("only sha-1 hash supported in ocsp single response");
+ return FALSE;
+ }
+ break;
+ case SINGLE_RESPONSE_ISSUER_NAME_HASH:
+ if (!chunk_equals(object, this->authNameID))
+ {
+ DBG1("ocsp single response has wrong issuer name hash");
+ return FALSE;
+ }
+ break;
+ case SINGLE_RESPONSE_ISSUER_KEY_HASH:
+ if (!chunk_equals(object, this->authKeyID))
+ {
+ DBG1("ocsp single response has wrong issuer key hash");
+ return FALSE;
+ }
+ break;
+ case SINGLE_RESPONSE_SERIAL_NUMBER:
+ {
+ iterator_t *iterator = this->certinfos->create_iterator(this->certinfos, TRUE);
+ certinfo_t *current_certinfo;
+
+ while (iterator->iterate(iterator, (void**)&current_certinfo))
+ {
+ if (chunk_equals(object, current_certinfo->get_serialNumber(current_certinfo)))
+ {
+ certinfo = current_certinfo;
+ }
+ }
+ iterator->destroy(iterator);
+ if (certinfo == NULL)
+ {
+ DBG1("unrequested serial number in ocsp single response");
+ return FALSE;
+ }
+ }
+ break;
+ case SINGLE_RESPONSE_CERT_STATUS_GOOD:
+ certinfo->set_status(certinfo, CERT_GOOD);
+ break;
+ case SINGLE_RESPONSE_CERT_STATUS_REVOKED:
+ certinfo->set_status(certinfo, CERT_REVOKED);
+ break;
+ case SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME:
+ certinfo->set_revocationTime(certinfo,
+ asn1totime(&object, ASN1_GENERALIZEDTIME));
+ break;
+ case SINGLE_RESPONSE_CERT_STATUS_CRL_REASON:
+ certinfo->set_revocationReason(certinfo,
+ (object.len == 1) ? *object.ptr : REASON_UNSPECIFIED);
+ break;
+ case SINGLE_RESPONSE_CERT_STATUS_UNKNOWN:
+ certinfo->set_status(certinfo, CERT_UNKNOWN);
+ break;
+ case SINGLE_RESPONSE_THIS_UPDATE:
+ certinfo->set_thisUpdate(certinfo,
+ asn1totime(&object, ASN1_GENERALIZEDTIME));
+ break;
+ case SINGLE_RESPONSE_NEXT_UPDATE:
+ certinfo->set_nextUpdate(certinfo,
+ asn1totime(&object, ASN1_GENERALIZEDTIME));
+ break;
+ case SINGLE_RESPONSE_EXT_ID:
+ extn_oid = known_oid(object);
+ break;
+ case SINGLE_RESPONSE_CRITICAL:
+ critical = object.len && *object.ptr;
+ DBG2(" %s", critical ? "TRUE" : "FALSE");
+ case SINGLE_RESPONSE_EXT_VALUE:
+ break;
+ }
+ objectID++;
+ }
+ return TRUE;
+}
+
+/**
+ * verify and process ocsp response and update the ocsp cache
+ */
+static void ocsp_process_response(private_ocsp_t *this, response_t *res, credential_store_t *credentials)
+{
+ x509_t *ocsp_cert = NULL;
+
+ /* parse the ocsp response without looking at the single responses yet */
+ response_status status = ocsp_parse_response(res);
+
+ if (status != STATUS_SUCCESSFUL)
+ {
+ DBG1("error in ocsp response");
+ return;
+ }
+
+ /* check if there was a nonce in the request */
+ if (this->nonce.ptr != NULL && res->nonce.ptr == NULL)
+ {
+ DBG1("ocsp response contains no nonce, replay attack possible");
+ }
+
+ /* check if the nonces are identical */
+ if (res->nonce.ptr != NULL && !chunk_equals(res->nonce, this->nonce))
+ {
+ DBG1("invalid nonce in ocsp response");
+ return;
+ }
+
+ /* check if we received a trusted responder certificate */
+ if (res->responder_cert)
+ {
+ if (res->responder_cert->is_ocsp_signer(res->responder_cert))
+ {
+ DBG2("received certificate is ocsp signer");
+ if (credentials->is_trusted(credentials, res->responder_cert))
+ {
+ DBG1("received ocsp signer certificate is trusted");
+ ocsp_cert = credentials->add_auth_certificate(credentials,
+ res->responder_cert, AUTH_OCSP);
+ res->responder_cert = NULL;
+ }
+ else
+ {
+ DBG1("received ocsp signer certificate is not trusted - rejected");
+ }
+ }
+ else
+ {
+ DBG1("received certificate is no ocsp signer - rejected");
+ }
+ }
+
+ /* if we didn't receive a trusted responder cert, search the credential store */
+ if (ocsp_cert == NULL)
+ {
+ ocsp_cert = credentials->get_auth_certificate(credentials,
+ AUTH_OCSP|AUTH_CA, res->responder_id_name);
+ if (ocsp_cert == NULL)
+ {
+ DBG1("no ocsp signer certificate found");
+ return;
+ }
+ }
+
+ /* check the response signature */
+ if (!ocsp_valid_response(res, ocsp_cert))
+ {
+ DBG1("ocsp response signature is invalid");
+ return;
+ }
+ DBG2("ocsp response signature is valid");
+
+ /* now parse the single responses one at a time */
+ {
+ u_int level;
+ asn1_ctx_t ctx;
+ chunk_t object;
+ int objectID = 0;
+
+ asn1_init(&ctx, res->responses, 0, FALSE, FALSE);
+
+ while (objectID < RESPONSES_ROOF)
+ {
+ if (!extract_object(responsesObjects, &objectID, &object, &level, &ctx))
+ {
+ return;
+ }
+ if (objectID == RESPONSES_SINGLE_RESPONSE)
+ {
+ ocsp_parse_single_response(this, object, level+1);
+ }
+ objectID++;
+ }
+ }
+}
+
+/**
+ * Implements ocsp_t.fetch.
+ */
+static void fetch(private_ocsp_t *this, certinfo_t *certinfo, credential_store_t *credentials)
+{
+ chunk_t request;
+ response_t *response = NULL;
+
+ if (this->uris->get_count(this->uris) == 0)
+ {
+ return;
+ }
+ this->certinfos->insert_last(this->certinfos, (void*)certinfo);
+
+ request = ocsp_build_request(this);
+ DBG3("ocsp request: %B", &request);
+ {
+ iterator_t *iterator = this->uris->create_iterator(this->uris, TRUE);
+ identification_t *uri;
+
+ while (iterator->iterate(iterator, (void**)&uri))
+ {
+ fetcher_t *fetcher;
+ char uri_string[BUF_LEN];
+ chunk_t uri_chunk = uri->get_encoding(uri);
+ chunk_t response_chunk;
+
+ snprintf(uri_string, BUF_LEN, "%.*s", uri_chunk.len, uri_chunk.ptr);
+ fetcher = fetcher_create(uri_string);
+
+ response_chunk = fetcher->post(fetcher, "application/ocsp-request", request);
+ fetcher->destroy(fetcher);
+ if (response_chunk.ptr != NULL)
+ {
+ response = response_create_from_chunk(response_chunk);
+ break;
+ }
+ }
+ iterator->destroy(iterator);
+ }
+ free(request.ptr);
+
+ if (response == NULL)
+ {
+ return;
+ }
+ DBG3("ocsp response: %B", &response->chunk);
+ ocsp_process_response(this, response, credentials);
+ response->destroy(response);
+}
+
+/**
+ * Implements ocsp_t.destroy.
+ */
+static void destroy(private_ocsp_t *this)
+{
+ this->certinfos->destroy(this->certinfos);
+ free(this->authNameID.ptr);
+ free(this->nonce.ptr);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+ocsp_t *ocsp_create(x509_t *cacert, linked_list_t *uris)
+{
+ private_ocsp_t *this = malloc_thing(private_ocsp_t);
+
+ /* initialize */
+ this->cacert = cacert;
+ this->uris = uris;
+ this->certinfos = linked_list_create();
+ this->nonce = chunk_empty;
+ this->authKeyID = cacert->get_subjectKeyID(cacert);
+ {
+ hasher_t *hasher = hasher_create(HASH_SHA1);
+ identification_t *issuer = cacert->get_subject(cacert);
+
+ hasher->allocate_hash(hasher, issuer->get_encoding(issuer),
+ &this->authNameID);
+ hasher->destroy(hasher);
+ }
+
+ /* public functions */
+ this->public.fetch = (void (*) (ocsp_t*,certinfo_t*,credential_store_t*))fetch;
+ this->public.destroy = (void (*) (ocsp_t*))destroy;
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/crypto/ocsp.h b/src/libstrongswan/crypto/ocsp.h
new file mode 100644
index 000000000..42059e1c6
--- /dev/null
+++ b/src/libstrongswan/crypto/ocsp.h
@@ -0,0 +1,86 @@
+/**
+ * @file ocsp.h
+ *
+ * @brief Interface of ocsp_t
+ *
+ */
+
+/* Support of the Online Certificate Status Protocol (OCSP) Support
+ * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen
+ * Copyright (C) 2007 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil, Switzerland
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ *
+ */
+
+#ifndef OCSP_H_
+#define OCSP_H_
+
+typedef struct ocsp_t ocsp_t;
+
+#include <credential_store.h>
+#include <utils/linked_list.h>
+
+#include "certinfo.h"
+
+/* constants */
+#define OCSP_BASIC_RESPONSE_VERSION 1
+#define OCSP_DEFAULT_VALID_TIME 120 /* validity of one-time response in seconds */
+#define OCSP_WARNING_INTERVAL 2 /* days */
+
+/* OCSP response status */
+typedef enum {
+ STATUS_SUCCESSFUL = 0,
+ STATUS_MALFORMEDREQUEST = 1,
+ STATUS_INTERNALERROR = 2,
+ STATUS_TRYLATER = 3,
+ STATUS_SIGREQUIRED = 5,
+ STATUS_UNAUTHORIZED= 6
+} response_status;
+
+/**
+ * @brief Online Certficate Status Protocol (OCSP)
+ *
+ * @ingroup transforms
+ */
+struct ocsp_t {
+
+ /**
+ * @brief Fetches the actual certificate status via OCSP
+ *
+ * @param uris linked list of ocsp uris
+ * @param certinfo certificate status info to be updated
+ * @param credentials credential store needed for trust path verification
+ */
+ void (*fetch) (ocsp_t *this, certinfo_t *certinfo, credential_store_t *credentials);
+
+ /**
+ * @brief Destroys the ocsp_t object.
+ *
+ * @param this ocsp object to destroy
+ */
+ void (*destroy) (ocsp_t *this);
+
+};
+
+/**
+ * @brief Create an ocsp_t object.
+ *
+ * @param cacert ca certificate
+ * @param uris linked list of ocsp uris
+ * @return created ocsp_t object
+ *
+ * @ingroup transforms
+ */
+ocsp_t *ocsp_create(x509_t *cacert, linked_list_t *uris);
+
+#endif /* OCSP_H_ */
diff --git a/src/libstrongswan/crypto/prf_plus.c b/src/libstrongswan/crypto/prf_plus.c
new file mode 100644
index 000000000..6bd444b1f
--- /dev/null
+++ b/src/libstrongswan/crypto/prf_plus.c
@@ -0,0 +1,156 @@
+/**
+ * @file prf_plus.c
+ *
+ * @brief Implementation of prf_plus_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "prf_plus.h"
+
+typedef struct private_prf_plus_t private_prf_plus_t;
+
+/**
+ * Private data of an prf_plus_t object.
+ *
+ */
+struct private_prf_plus_t {
+ /**
+ * Public interface of prf_plus_t.
+ */
+ prf_plus_t public;
+
+ /**
+ * PRF to use.
+ */
+ prf_t *prf;
+
+ /**
+ * Initial seed.
+ */
+ chunk_t seed;
+
+ /**
+ * Buffer to store current PRF result.
+ */
+ chunk_t buffer;
+
+ /**
+ * Already given out bytes in current buffer.
+ */
+ size_t given_out;
+
+ /**
+ * Octet which will be appended to the seed.
+ */
+ u_int8_t appending_octet;
+};
+
+/**
+ * Implementation of prf_plus_t.get_bytes.
+ */
+static void get_bytes(private_prf_plus_t *this, size_t length, u_int8_t *buffer)
+{
+ chunk_t appending_chunk;
+ size_t bytes_in_round;
+ size_t total_bytes_written = 0;
+
+ appending_chunk.ptr = &(this->appending_octet);
+ appending_chunk.len = 1;
+
+ while (length > 0)
+ { /* still more to do... */
+ if (this->buffer.len == this->given_out)
+ { /* no bytes left in buffer, get next*/
+ this->prf->get_bytes(this->prf, this->buffer, NULL);
+ this->prf->get_bytes(this->prf, this->seed, NULL);
+ this->prf->get_bytes(this->prf, appending_chunk, this->buffer.ptr);
+ this->given_out = 0;
+ this->appending_octet++;
+ }
+ /* how many bytes can we write in this round ? */
+ bytes_in_round = min(length, this->buffer.len - this->given_out);
+ /* copy bytes from buffer with offset */
+ memcpy(buffer + total_bytes_written, this->buffer.ptr + this->given_out, bytes_in_round);
+
+ length -= bytes_in_round;
+ this->given_out += bytes_in_round;
+ total_bytes_written += bytes_in_round;
+ }
+}
+
+/**
+ * Implementation of prf_plus_t.allocate_bytes.
+ */
+static void allocate_bytes(private_prf_plus_t *this, size_t length, chunk_t *chunk)
+{
+ chunk->ptr = malloc(length);
+ chunk->len = length;
+ this->public.get_bytes(&(this->public), length, chunk->ptr);
+}
+
+/**
+ * Implementation of prf_plus_t.destroy.
+ */
+static void destroy(private_prf_plus_t *this)
+{
+ free(this->buffer.ptr);
+ free(this->seed.ptr);
+ free(this);
+}
+
+/*
+ * Description in header.
+ */
+prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed)
+{
+ private_prf_plus_t *this;
+ chunk_t appending_chunk;
+
+ this = malloc_thing(private_prf_plus_t);
+
+ /* set public methods */
+ this->public.get_bytes = (void (*)(prf_plus_t *,size_t,u_int8_t*))get_bytes;
+ this->public.allocate_bytes = (void (*)(prf_plus_t *,size_t,chunk_t*))allocate_bytes;
+ this->public.destroy = (void (*)(prf_plus_t *))destroy;
+
+ /* take over prf */
+ this->prf = prf;
+
+ /* allocate buffer for prf output */
+ this->buffer.len = prf->get_block_size(prf);
+ this->buffer.ptr = malloc(this->buffer.len);
+
+ this->appending_octet = 0x01;
+
+ /* clone seed */
+ this->seed.ptr = clalloc(seed.ptr, seed.len);
+ this->seed.len = seed.len;
+
+ /* do the first run */
+ appending_chunk.ptr = &(this->appending_octet);
+ appending_chunk.len = 1;
+ this->prf->get_bytes(this->prf, this->seed, NULL);
+ this->prf->get_bytes(this->prf, appending_chunk, this->buffer.ptr);
+ this->given_out = 0;
+ this->appending_octet++;
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/prf_plus.h b/src/libstrongswan/crypto/prf_plus.h
new file mode 100644
index 000000000..90f9ce2eb
--- /dev/null
+++ b/src/libstrongswan/crypto/prf_plus.h
@@ -0,0 +1,92 @@
+/**
+ * @file prf_plus.h
+ *
+ * @brief Interface for prf_plus.h.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRF_PLUS_H_
+#define PRF_PLUS_H_
+
+typedef struct prf_plus_t prf_plus_t;
+
+#include <crypto/prfs/prf.h>
+
+/**
+ * @brief Implementation of the prf+ function described in IKEv2 RFC.
+ *
+ * This class implements the prf+ algorithm. Internally it uses a pseudo random
+ * function, which implements the prf_t interface.
+ *
+ * See IKEv2 RFC 2.13.
+ *
+ * @b Constructors:
+ * - prf_plus_create()
+ *
+ * @ingroup transforms
+ */
+struct prf_plus_t {
+ /**
+ * @brief Get pseudo random bytes.
+ *
+ * Get the next few bytes of the prf+ output. Space
+ * must be allocated by the caller.
+ *
+ * @param this calling object
+ * @param length number of bytes to get
+ * @param[out] buffer pointer where the generated bytes will be written
+ */
+ void (*get_bytes) (prf_plus_t *this, size_t length, u_int8_t *buffer);
+
+ /**
+ * @brief Allocate pseudo random bytes.
+ *
+ * Get the next few bytes of the prf+ output. This function
+ * will allocate the required space.
+ *
+ * @param this calling object
+ * @param length number of bytes to get
+ * @param[out] chunk chunk which will hold generated bytes
+ */
+ void (*allocate_bytes) (prf_plus_t *this, size_t length, chunk_t *chunk);
+
+ /**
+ * @brief Destroys a prf_plus_t object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (prf_plus_t *this);
+};
+
+/**
+ * @brief Creates a new prf_plus_t object.
+ *
+ * Seed will be cloned. prf will
+ * not be cloned, must be destroyed outside after
+ * prf_plus_t usage.
+ *
+ * @param prf prf object to use
+ * @param seed input seed for prf
+ * @return prf_plus_t object
+ *
+ * @ingroup transforms
+ */
+prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed);
+
+#endif /*PRF_PLUS_H_*/
diff --git a/src/libstrongswan/crypto/prfs/fips_prf.c b/src/libstrongswan/crypto/prfs/fips_prf.c
new file mode 100644
index 000000000..0ab80b089
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/fips_prf.c
@@ -0,0 +1,258 @@
+/**
+ * @file fips_prf.c
+ *
+ * @brief Implementation for fips_prf_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "fips_prf.h"
+
+#include <arpa/inet.h>
+
+#include <debug.h>
+
+typedef struct private_fips_prf_t private_fips_prf_t;
+
+/**
+ * Private data of a fips_prf_t object.
+ */
+struct private_fips_prf_t {
+ /**
+ * Public fips_prf_t interface.
+ */
+ fips_prf_t public;
+
+ /**
+ * key of prf function, "b" long
+ */
+ u_int8_t *key;
+
+ /**
+ * size of "b" in bytes
+ */
+ size_t b;
+
+ /**
+ * G function, either SHA1 or DES
+ */
+ void (*g)(u_int8_t t[], chunk_t c, u_int8_t res[]);
+};
+
+/**
+ * t used in G(), equals to initial SHA1 value
+ */
+static u_int8_t t[] = {
+ 0x67,0x45,0x23,0x01,0xEF,0xCD,0xAB,0x89,0x98,0xBA,
+ 0xDC,0xFE,0x10,0x32,0x54,0x76,0xC3,0xD2,0xE1,0xF0,
+};
+
+/**
+ * sum = (a + b) mod 2 ^ (length * 8)
+ */
+static void add_mod(size_t length, u_int8_t a[], u_int8_t b[], u_int8_t sum[])
+{
+ int i, c = 0;
+
+ for(i = length - 1; i >= 0; i--)
+ {
+ u_int32_t tmp;
+
+ tmp = a[i] + b[i] + c;
+ sum[i] = 0xff & tmp;
+ c = tmp >> 8;
+ }
+}
+
+/**
+ * calculate "chunk mod 2^(length*8)" and save it into buffer
+ */
+static void chunk_mod(size_t length, chunk_t chunk, u_int8_t buffer[])
+{
+ if (chunk.len < length)
+ {
+ /* apply seed as least significant bits, others are zero */
+ memset(buffer, 0, length - chunk.len);
+ memcpy(buffer + length - chunk.len, chunk.ptr, chunk.len);
+ }
+ else
+ {
+ /* use least significant bytes from seed, as we use mod 2^b */
+ memcpy(buffer, chunk.ptr + chunk.len - length, length);
+ }
+}
+
+/**
+ * Implementation of prf_t.get_bytes.
+ *
+ * Test vector:
+ *
+ * key:
+ * 0xbd, 0x02, 0x9b, 0xbe, 0x7f, 0x51, 0x96, 0x0b,
+ * 0xcf, 0x9e, 0xdb, 0x2b, 0x61, 0xf0, 0x6f, 0x0f,
+ * 0xeb, 0x5a, 0x38, 0xb6
+ *
+ * seed:
+ * 0x00
+ *
+ * result:
+ * 0x20, 0x70, 0xb3, 0x22, 0x3d, 0xba, 0x37, 0x2f,
+ * 0xde, 0x1c, 0x0f, 0xfc, 0x7b, 0x2e, 0x3b, 0x49,
+ * 0x8b, 0x26, 0x06, 0x14, 0x3c, 0x6c, 0x18, 0xba,
+ * 0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78,
+ * 0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16
+ */
+static void get_bytes(private_fips_prf_t *this, chunk_t seed, u_int8_t w[])
+{
+ int i;
+ u_int8_t xval[this->b];
+ u_int8_t xseed[this->b];
+ u_int8_t sum[this->b];
+ u_int8_t *xkey = this->key;
+ u_int8_t one[this->b];
+ chunk_t xval_chunk = chunk_from_buf(xval);
+
+ memset(one, 0, this->b);
+ one[this->b - 1] = 0x01;
+
+ /* 3.1 */
+ chunk_mod(this->b, seed, xseed);
+
+ /* 3.2 */
+ for (i = 0; i < 2; i++) /* twice */
+ {
+ /* a. XVAL = (XKEY + XSEED j) mod 2^b */
+ add_mod(this->b, xkey, xseed, xval);
+ DBG3("XVAL %b", xval, this->b);
+ /* b. wi = G(t, XVAL ) */
+ this->g(t, xval_chunk, &w[i * this->b]);
+ DBG3("w[%d] %b", i, &w[i * this->b], this->b);
+ /* c. XKEY = (1 + XKEY + wi) mod 2b */
+ add_mod(this->b, xkey, &w[i * this->b], sum);
+ add_mod(this->b, sum, one, xkey);
+ DBG3("XKEY %b", xkey, this->b);
+ }
+
+ /* 3.3 done already, mod q not used */
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_block_size(private_fips_prf_t *this)
+{
+ return 2 * this->b;
+}
+/**
+ * Implementation of prf_t.allocate_bytes.
+ */
+static void allocate_bytes(private_fips_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+ *chunk = chunk_alloc(get_block_size(this));
+ get_bytes(this, seed, chunk->ptr);
+}
+
+/**
+ * Implementation of prf_t.get_key_size.
+ */
+static size_t get_key_size(private_fips_prf_t *this)
+{
+ return this->b;
+}
+
+/**
+ * Implementation of prf_t.set_key.
+ */
+static void set_key(private_fips_prf_t *this, chunk_t key)
+{
+ /* save key as "key mod 2^b" */
+ chunk_mod(this->b, key, this->key);
+}
+
+/**
+ * Implementation of the G() function based on SHA1
+ */
+void g_sha1(u_int8_t t[], chunk_t c, u_int8_t res[])
+{
+ hasher_t *hasher;
+ u_int8_t buf[64];
+ chunk_t state_chunk;
+ u_int32_t *state, *iv, *hash;
+
+ if (c.len < sizeof(buf))
+ {
+ /* pad c with zeros */
+ memset(buf, 0, sizeof(buf));
+ memcpy(buf, c.ptr, c.len);
+ c.ptr = buf;
+ c.len = sizeof(buf);
+ }
+ else
+ {
+ /* not more than 512 bits can be G()-ed */
+ c.len = sizeof(buf);
+ }
+
+ /* our SHA1 hasher's state is 32-Bit integers in host order. We must
+ * convert them */
+ hasher = hasher_create(HASH_SHA1);
+ state_chunk = hasher->get_state(hasher);
+ state = (u_int32_t*)state_chunk.ptr;
+ iv = (u_int32_t*)t;
+ hash = (u_int32_t*)res;
+ state[0] = htonl(iv[0]);
+ state[1] = htonl(iv[1]);
+ state[2] = htonl(iv[2]);
+ state[3] = htonl(iv[3]);
+ hasher->get_hash(hasher, c, NULL);
+ hash[0] = htonl(state[0]);
+ hash[1] = htonl(state[1]);
+ hash[2] = htonl(state[2]);
+ hash[3] = htonl(state[3]);
+ hash[4] = htonl(state[4]);
+ hasher->destroy(hasher);
+}
+
+/**
+ * Implementation of prf_t.destroy.
+ */
+static void destroy(private_fips_prf_t *this)
+{
+ free(this->key);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+fips_prf_t *fips_prf_create(size_t b, void(*g)(u_int8_t[],chunk_t,u_int8_t[]))
+{
+ private_fips_prf_t *this = malloc_thing(private_fips_prf_t);
+
+ this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
+ this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
+ this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
+ this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
+ this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
+ this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
+
+ this->g = g;
+ this->b = b;
+ this->key = malloc(b);
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/prfs/fips_prf.h b/src/libstrongswan/crypto/prfs/fips_prf.h
new file mode 100644
index 000000000..283ee1f61
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/fips_prf.h
@@ -0,0 +1,80 @@
+/**
+ * @file fips_prf.h
+ *
+ * @brief Interface of fips_prf_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef FIPS_PRF_H_
+#define FIPS_PRF_H_
+
+typedef struct fips_prf_t fips_prf_t;
+
+#include <library.h>
+#include <crypto/prfs/prf.h>
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of prf_t using the FIPS 186-2-change1 standard.
+ *
+ * FIPS defines a "General Purpose Random Number Generator" (Revised
+ * Algorithm for Computing m values of x (Appendix 3.1 of FIPS 186-2)). This
+ * implementation is not intended for private key generation and therefore does
+ * not include the "mod q" operation (see FIPS 186-2-change1 p74).
+ * The FIPS PRF is stateful; the key changes every time when bytes are acquired.
+ *
+ * @b Constructors:
+ * - fips_prf_create()
+ * - prf_create() using one of the FIPS algorithms
+ *
+ * @ingroup prfs
+ */
+struct fips_prf_t {
+
+ /**
+ * Generic prf_t interface for this fips_prf_t class.
+ */
+ prf_t prf_interface;
+};
+
+/**
+ * @brief Creates a new fips_prf_t object.
+ *
+ * FIPS 186-2 defines G() functions used in the PRF function. It can
+ * be implemented either based on SHA1 or DES.
+ *
+ * @param b size of b (in bytes, not bits)
+ * @param g G() function to use (e.g. g_sha1)
+ * @return
+ * - fips_prf_t object
+ * - NULL if b invalid not supported
+ *
+ * @ingroup prfs
+ */
+fips_prf_t *fips_prf_create(size_t b, void(*g)(u_int8_t[],chunk_t,u_int8_t[]));
+
+/**
+ * @brief Implementation of the G() function based on SHA1.
+ *
+ * @param t initialization vector for SHA1 hasher, 20 bytes long
+ * @param c value to hash, not longer than 512 bit
+ * @param res result of G(), requries 20 bytes
+ */
+void g_sha1(u_int8_t t[], chunk_t c, u_int8_t res[]);
+
+#endif /* FIPS_PRF_H_ */
diff --git a/src/libstrongswan/crypto/prfs/hmac_prf.c b/src/libstrongswan/crypto/prfs/hmac_prf.c
new file mode 100644
index 000000000..f315f880d
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/hmac_prf.c
@@ -0,0 +1,118 @@
+/**
+ * @file hmac_prf.c
+ *
+ * @brief Implementation for hmac_prf_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "hmac_prf.h"
+
+#include <crypto/hmac.h>
+
+
+typedef struct private_hmac_prf_t private_hmac_prf_t;
+
+/**
+ * Private data of a hma_prf_t object.
+ */
+struct private_hmac_prf_t {
+ /**
+ * Public hmac_prf_t interface.
+ */
+ hmac_prf_t public;
+
+ /**
+ * Hmac to use for generation.
+ */
+ hmac_t *hmac;
+};
+
+/**
+ * Implementation of prf_t.get_bytes.
+ */
+static void get_bytes(private_hmac_prf_t *this, chunk_t seed, u_int8_t *buffer)
+{
+ this->hmac->get_mac(this->hmac, seed, buffer);
+}
+
+/**
+ * Implementation of prf_t.allocate_bytes.
+ */
+static void allocate_bytes(private_hmac_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+ this->hmac->allocate_mac(this->hmac, seed, chunk);
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_block_size(private_hmac_prf_t *this)
+{
+ return this->hmac->get_block_size(this->hmac);
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_key_size(private_hmac_prf_t *this)
+{
+ /* for HMAC prfs, IKEv2 uses block size as key size */
+ return this->hmac->get_block_size(this->hmac);
+}
+
+/**
+ * Implementation of prf_t.set_key.
+ */
+static void set_key(private_hmac_prf_t *this, chunk_t key)
+{
+ this->hmac->set_key(this->hmac, key);
+}
+
+/**
+ * Implementation of prf_t.destroy.
+ */
+static void destroy(private_hmac_prf_t *this)
+{
+ this->hmac->destroy(this->hmac);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm)
+{
+ private_hmac_prf_t *this = malloc_thing(private_hmac_prf_t);
+
+ this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
+ this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
+ this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
+ this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
+ this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
+ this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
+
+ this->hmac = hmac_create(hash_algorithm);
+ if (this->hmac == NULL)
+ {
+ free(this);
+ return NULL;
+ }
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/prfs/hmac_prf.h b/src/libstrongswan/crypto/prfs/hmac_prf.h
new file mode 100644
index 000000000..9b06ee3a2
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/hmac_prf.h
@@ -0,0 +1,65 @@
+/**
+ * @file hmac_prf.h
+ *
+ * @brief Interface of hmac_prf_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRF_HMAC_H_
+#define PRF_HMAC_H_
+
+typedef struct hmac_prf_t hmac_prf_t;
+
+#include <library.h>
+#include <crypto/prfs/prf.h>
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of prf_t interface using the
+ * HMAC algorithm.
+ *
+ * This simply wraps a hmac_t in a prf_t. More a question of
+ * interface matching.
+ *
+ * @b Constructors:
+ * - hmac_prf_create()
+ *
+ * @ingroup prfs
+ */
+struct hmac_prf_t {
+
+ /**
+ * Generic prf_t interface for this hmac_prf_t class.
+ */
+ prf_t prf_interface;
+};
+
+/**
+ * @brief Creates a new hmac_prf_t object.
+ *
+ * @param hash_algorithm hmac's hash algorithm
+ * @return
+ * - hmac_prf_t object
+ * - NULL if hash not supported
+ *
+ * @ingroup prfs
+ */
+hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm);
+
+#endif /*PRF_HMAC_SHA1_H_*/
diff --git a/src/libstrongswan/crypto/prfs/prf.c b/src/libstrongswan/crypto/prfs/prf.c
new file mode 100644
index 000000000..f803829af
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/prf.c
@@ -0,0 +1,70 @@
+/**
+ * @file prf.c
+ *
+ * @brief Generic constructor for all prf_t
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "prf.h"
+
+#include <crypto/hashers/hasher.h>
+#include <crypto/prfs/hmac_prf.h>
+#include <crypto/prfs/fips_prf.h>
+
+ENUM_BEGIN(pseudo_random_function_names, PRF_UNDEFINED, PRF_FIPS_DES,
+ "PRF_UNDEFINED",
+ "PRF_FIPS_SHA1_160",
+ "PRF_FIPS_DES");
+ENUM_NEXT(pseudo_random_function_names, PRF_HMAC_MD5, PRF_HMAC_SHA2_512, PRF_FIPS_DES,
+ "PRF_HMAC_MD5",
+ "PRF_HMAC_SHA1",
+ "PRF_HMAC_TIGER",
+ "PRF_AES128_CBC",
+ "PRF_HMAC_SHA2_256",
+ "PRF_HMAC_SHA2_384",
+ "PRF_HMAC_SHA2_512");
+ENUM_END(pseudo_random_function_names, PRF_HMAC_SHA2_512);
+
+/*
+ * Described in header.
+ */
+prf_t *prf_create(pseudo_random_function_t pseudo_random_function)
+{
+ switch (pseudo_random_function)
+ {
+ case PRF_HMAC_SHA1:
+ return (prf_t*)hmac_prf_create(HASH_SHA1);
+ case PRF_HMAC_MD5:
+ return (prf_t*)hmac_prf_create(HASH_MD5);
+ case PRF_HMAC_SHA2_256:
+ return (prf_t*)hmac_prf_create(HASH_SHA256);
+ case PRF_HMAC_SHA2_384:
+ return (prf_t*)hmac_prf_create(HASH_SHA384);
+ case PRF_HMAC_SHA2_512:
+ return (prf_t*)hmac_prf_create(HASH_SHA512);
+ case PRF_FIPS_SHA1_160:
+ return (prf_t*)fips_prf_create(20, g_sha1);
+ case PRF_FIPS_DES:
+ case PRF_HMAC_TIGER:
+ case PRF_AES128_CBC:
+ default:
+ return NULL;
+ }
+}
diff --git a/src/libstrongswan/crypto/prfs/prf.h b/src/libstrongswan/crypto/prfs/prf.h
new file mode 100644
index 000000000..8560a4a9c
--- /dev/null
+++ b/src/libstrongswan/crypto/prfs/prf.h
@@ -0,0 +1,142 @@
+/**
+ * @file prf.h
+ *
+ * @brief Interface prf_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRF_H_
+#define PRF_H_
+
+typedef enum pseudo_random_function_t pseudo_random_function_t;
+typedef struct prf_t prf_t;
+
+#include <library.h>
+
+/**
+ * @brief Pseudo random function, as in IKEv2 RFC 3.3.2.
+ *
+ * PRF algorithms not defined in IKEv2 are allocated in "private use"
+ * space.
+ *
+ * @ingroup prfs
+ */
+enum pseudo_random_function_t {
+ PRF_UNDEFINED = 1024,
+ /** Implemented via hmac_prf_t. */
+ PRF_HMAC_MD5 = 1,
+ /** Implemented via hmac_prf_t. */
+ PRF_HMAC_SHA1 = 2,
+ PRF_HMAC_TIGER = 3,
+ PRF_AES128_CBC = 4,
+ /** Implemented via hmac_prf_t. */
+ PRF_HMAC_SHA2_256 = 5,
+ /** Implemented via hmac_prf_t. */
+ PRF_HMAC_SHA2_384 = 6,
+ /** Implemented via hmac_prf_t. */
+ PRF_HMAC_SHA2_512 = 7,
+ /** Implemented via fips_prf_t, other output sizes would be possible */
+ PRF_FIPS_SHA1_160 = 1025,
+ /** Could be implemented via fips_prf_t, uses fixed output size of 160bit */
+ PRF_FIPS_DES = 1026,
+};
+
+/**
+ * enum name for encryption_algorithm_t.
+ */
+extern enum_name_t *pseudo_random_function_names;
+
+/**
+ * @brief Generic interface for pseudo-random-functions.
+ *
+ * @b Constructors:
+ * - prf_create()
+ * - hmac_prf_create()
+ *
+ * @todo Implement more prf algorithms
+ *
+ * @ingroup prfs
+ */
+struct prf_t {
+ /**
+ * @brief Generates pseudo random bytes and writes them in the buffer.
+ *
+ * @param this calling object
+ * @param seed a chunk containing the seed for the next bytes
+ * @param[out] buffer pointer where the generated bytes will be written
+ */
+ void (*get_bytes) (prf_t *this, chunk_t seed, u_int8_t *buffer);
+
+ /**
+ * @brief Generates pseudo random bytes and allocate space for them.
+ *
+ * @param this calling object
+ * @param seed a chunk containing the seed for the next bytes
+ * @param[out] chunk chunk which will hold generated bytes
+ */
+ void (*allocate_bytes) (prf_t *this, chunk_t seed, chunk_t *chunk);
+
+ /**
+ * @brief Get the block size of this prf_t object.
+ *
+ * @param this calling object
+ * @return block size in bytes
+ */
+ size_t (*get_block_size) (prf_t *this);
+
+ /**
+ * @brief Get the key size of this prf_t object.
+ *
+ * This is a suggestion only, all implemented PRFs accept variable key
+ * length.
+ *
+ * @param this calling object
+ * @return key size in bytes
+ */
+ size_t (*get_key_size) (prf_t *this);
+
+ /**
+ * @brief Set the key for this prf_t object.
+ *
+ * @param this calling object
+ * @param key key to set
+ */
+ void (*set_key) (prf_t *this, chunk_t key);
+
+ /**
+ * @brief Destroys a prf object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (prf_t *this);
+};
+
+/**
+ * @brief Generic constructor for a prf_t oject.
+ *
+ * @param pseudo_random_function Algorithm to use
+ * @return
+ * - prf_t object
+ * - NULL if prf algorithm not supported
+ *
+ * @ingroup prfs
+ */
+prf_t *prf_create(pseudo_random_function_t pseudo_random_function);
+
+#endif /*PRF_H_*/
diff --git a/src/libstrongswan/crypto/rsa/rsa_private_key.c b/src/libstrongswan/crypto/rsa/rsa_private_key.c
new file mode 100644
index 000000000..5b1647965
--- /dev/null
+++ b/src/libstrongswan/crypto/rsa/rsa_private_key.c
@@ -0,0 +1,774 @@
+/**
+ * @file rsa_private_key.c
+ *
+ * @brief Implementation of rsa_private_key_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <gmp.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+
+#include "rsa_public_key.h"
+#include "rsa_private_key.h"
+
+#include <asn1/asn1.h>
+#include <asn1/pem.h>
+#include <utils/randomizer.h>
+
+/**
+ * OIDs for hash algorithms are defined in rsa_public_key.c.
+ */
+extern u_int8_t md2_oid[18];
+extern u_int8_t md5_oid[18];
+extern u_int8_t sha1_oid[15];
+extern u_int8_t sha256_oid[19];
+extern u_int8_t sha384_oid[19];
+extern u_int8_t sha512_oid[19];
+
+
+/**
+ * defined in rsa_public_key.c
+ */
+extern chunk_t rsa_public_key_info_to_asn1(const mpz_t n, const mpz_t e);
+
+
+/**
+ * Public exponent to use for key generation.
+ */
+#define PUBLIC_EXPONENT 0x10001
+
+
+typedef struct private_rsa_private_key_t private_rsa_private_key_t;
+
+/**
+ * Private data of a rsa_private_key_t object.
+ */
+struct private_rsa_private_key_t {
+ /**
+ * Public interface for this signer.
+ */
+ rsa_private_key_t public;
+
+ /**
+ * Version of key, as encoded in PKCS#1
+ */
+ u_int version;
+
+ /**
+ * Public modulus.
+ */
+ mpz_t n;
+
+ /**
+ * Public exponent.
+ */
+ mpz_t e;
+
+ /**
+ * Private prime 1.
+ */
+ mpz_t p;
+
+ /**
+ * Private Prime 2.
+ */
+ mpz_t q;
+
+ /**
+ * Private exponent.
+ */
+ mpz_t d;
+
+ /**
+ * Private exponent 1.
+ */
+ mpz_t exp1;
+
+ /**
+ * Private exponent 2.
+ */
+ mpz_t exp2;
+
+ /**
+ * Private coefficient.
+ */
+ mpz_t coeff;
+
+ /**
+ * Keysize in bytes.
+ */
+ size_t k;
+
+ /**
+ * Keyid formed as a SHA-1 hash of a publicKeyInfo object
+ */
+ chunk_t keyid;
+
+
+ /**
+ * @brief Implements the RSADP algorithm specified in PKCS#1.
+ *
+ * @param this calling object
+ * @param data data to process
+ * @return processed data
+ */
+ chunk_t (*rsadp) (private_rsa_private_key_t *this, chunk_t data);
+
+ /**
+ * @brief Implements the RSASP1 algorithm specified in PKCS#1.
+ * @param this calling object
+ * @param data data to process
+ * @return processed data
+ */
+ chunk_t (*rsasp1) (private_rsa_private_key_t *this, chunk_t data);
+
+ /**
+ * @brief Generate a prime value.
+ *
+ * @param this calling object
+ * @param prime_size size of the prime, in bytes
+ * @param[out] prime uninitialized mpz
+ */
+ status_t (*compute_prime) (private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime);
+
+};
+
+/* ASN.1 definition of a PKCS#1 RSA private key */
+static const asn1Object_t privkey_objects[] = {
+ { 0, "RSAPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
+ { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 2 */
+ { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 3 */
+ { 1, "privateExponent", ASN1_INTEGER, ASN1_BODY }, /* 4 */
+ { 1, "prime1", ASN1_INTEGER, ASN1_BODY }, /* 5 */
+ { 1, "prime2", ASN1_INTEGER, ASN1_BODY }, /* 6 */
+ { 1, "exponent1", ASN1_INTEGER, ASN1_BODY }, /* 7 */
+ { 1, "exponent2", ASN1_INTEGER, ASN1_BODY }, /* 8 */
+ { 1, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 9 */
+ { 1, "otherPrimeInfos", ASN1_SEQUENCE, ASN1_OPT |
+ ASN1_LOOP }, /* 10 */
+ { 2, "otherPrimeInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
+ { 3, "prime", ASN1_INTEGER, ASN1_BODY }, /* 12 */
+ { 3, "exponent", ASN1_INTEGER, ASN1_BODY }, /* 13 */
+ { 3, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 14 */
+ { 1, "end opt or loop", ASN1_EOC, ASN1_END } /* 15 */
+};
+
+#define PRIV_KEY_VERSION 1
+#define PRIV_KEY_MODULUS 2
+#define PRIV_KEY_PUB_EXP 3
+#define PRIV_KEY_PRIV_EXP 4
+#define PRIV_KEY_PRIME1 5
+#define PRIV_KEY_PRIME2 6
+#define PRIV_KEY_EXP1 7
+#define PRIV_KEY_EXP2 8
+#define PRIV_KEY_COEFF 9
+#define PRIV_KEY_ROOF 16
+
+static private_rsa_private_key_t *rsa_private_key_create_empty(void);
+
+/**
+ * Implementation of private_rsa_private_key_t.compute_prime.
+ */
+static status_t compute_prime(private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime)
+{
+ randomizer_t *randomizer;
+ chunk_t random_bytes;
+ status_t status;
+
+ randomizer = randomizer_create();
+ mpz_init(*prime);
+
+ do
+ {
+ status = randomizer->allocate_random_bytes(randomizer, prime_size, &random_bytes);
+ if (status != SUCCESS)
+ {
+ randomizer->destroy(randomizer);
+ mpz_clear(*prime);
+ return FAILED;
+ }
+
+ /* make sure most significant bit is set */
+ random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80;
+
+ /* convert chunk to mpz value */
+ mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
+
+ /* get next prime */
+ mpz_nextprime (*prime, *prime);
+
+ free(random_bytes.ptr);
+ }
+ /* check if it isnt too large */
+ while (((mpz_sizeinbase(*prime, 2) + 7) / 8) > prime_size);
+
+ randomizer->destroy(randomizer);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of private_rsa_private_key_t.rsadp and private_rsa_private_key_t.rsasp1.
+ */
+static chunk_t rsadp(private_rsa_private_key_t *this, chunk_t data)
+{
+ mpz_t t1, t2;
+ chunk_t decrypted;
+
+ mpz_init(t1);
+ mpz_init(t2);
+
+ mpz_import(t1, data.len, 1, 1, 1, 0, data.ptr);
+
+ mpz_powm(t2, t1, this->exp1, this->p); /* m1 = c^dP mod p */
+ mpz_powm(t1, t1, this->exp2, this->q); /* m2 = c^dQ mod Q */
+ mpz_sub(t2, t2, t1); /* h = qInv (m1 - m2) mod p */
+ mpz_mod(t2, t2, this->p);
+ mpz_mul(t2, t2, this->coeff);
+ mpz_mod(t2, t2, this->p);
+
+ mpz_mul(t2, t2, this->q); /* m = m2 + h q */
+ mpz_add(t1, t1, t2);
+
+ decrypted.len = this->k;
+ decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1);
+
+ mpz_clear(t1);
+ mpz_clear(t2);
+
+ return decrypted;
+}
+
+/**
+ * Implementation of rsa_private_key.build_emsa_signature.
+ */
+static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature)
+{
+ hasher_t *hasher;
+ chunk_t hash;
+ chunk_t em;
+ chunk_t oid;
+
+ /* get oid string prepended to hash */
+ switch (hash_algorithm)
+ {
+ case HASH_MD2:
+ {
+ oid.ptr = md2_oid;
+ oid.len = sizeof(md2_oid);
+ break;
+ }
+ case HASH_MD5:
+ {
+ oid.ptr = md5_oid;
+ oid.len = sizeof(md5_oid);
+ break;
+ }
+ case HASH_SHA1:
+ {
+ oid.ptr = sha1_oid;
+ oid.len = sizeof(sha1_oid);
+ break;
+ }
+ case HASH_SHA256:
+ {
+ oid.ptr = sha256_oid;
+ oid.len = sizeof(sha256_oid);
+ break;
+ }
+ case HASH_SHA384:
+ {
+ oid.ptr = sha384_oid;
+ oid.len = sizeof(sha384_oid);
+ break;
+ }
+ case HASH_SHA512:
+ {
+ oid.ptr = sha512_oid;
+ oid.len = sizeof(sha512_oid);
+ break;
+ }
+ default:
+ {
+ return NOT_SUPPORTED;
+ }
+ }
+
+ /* get hasher */
+ hasher = hasher_create(hash_algorithm);
+ if (hasher == NULL)
+ {
+ return NOT_SUPPORTED;
+ }
+
+ /* build hash */
+ hasher->allocate_hash(hasher, data, &hash);
+ hasher->destroy(hasher);
+
+ /* build chunk to rsa-decrypt:
+ * EM = 0x00 || 0x01 || PS || 0x00 || T.
+ * PS = 0xFF padding, with length to fill em
+ * T = oid || hash
+ */
+ em.len = this->k;
+ em.ptr = malloc(em.len);
+
+ /* fill em with padding */
+ memset(em.ptr, 0xFF, em.len);
+ /* set magic bytes */
+ *(em.ptr) = 0x00;
+ *(em.ptr+1) = 0x01;
+ *(em.ptr + em.len - hash.len - oid.len - 1) = 0x00;
+ /* set hash */
+ memcpy(em.ptr + em.len - hash.len, hash.ptr, hash.len);
+ /* set oid */
+ memcpy(em.ptr + em.len - hash.len - oid.len, oid.ptr, oid.len);
+
+ /* build signature */
+ *signature = this->rsasp1(this, em);
+
+ free(hash.ptr);
+ free(em.ptr);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of rsa_private_key.get_key.
+ */
+static status_t get_key(private_rsa_private_key_t *this, chunk_t *key)
+{
+ chunk_t n, e, p, q, d, exp1, exp2, coeff;
+
+ n.len = this->k;
+ n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
+ e.len = this->k;
+ e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
+ p.len = this->k;
+ p.ptr = mpz_export(NULL, NULL, 1, p.len, 1, 0, this->p);
+ q.len = this->k;
+ q.ptr = mpz_export(NULL, NULL, 1, q.len, 1, 0, this->q);
+ d.len = this->k;
+ d.ptr = mpz_export(NULL, NULL, 1, d.len, 1, 0, this->d);
+ exp1.len = this->k;
+ exp1.ptr = mpz_export(NULL, NULL, 1, exp1.len, 1, 0, this->exp1);
+ exp2.len = this->k;
+ exp2.ptr = mpz_export(NULL, NULL, 1, exp2.len, 1, 0, this->exp2);
+ coeff.len = this->k;
+ coeff.ptr = mpz_export(NULL, NULL, 1, coeff.len, 1, 0, this->coeff);
+
+ key->len = this->k * 8;
+ key->ptr = malloc(key->len);
+ memcpy(key->ptr + this->k * 0, n.ptr , n.len);
+ memcpy(key->ptr + this->k * 1, e.ptr, e.len);
+ memcpy(key->ptr + this->k * 2, p.ptr, p.len);
+ memcpy(key->ptr + this->k * 3, q.ptr, q.len);
+ memcpy(key->ptr + this->k * 4, d.ptr, d.len);
+ memcpy(key->ptr + this->k * 5, exp1.ptr, exp1.len);
+ memcpy(key->ptr + this->k * 6, exp2.ptr, exp2.len);
+ memcpy(key->ptr + this->k * 7, coeff.ptr, coeff.len);
+
+ free(n.ptr);
+ free(e.ptr);
+ free(p.ptr);
+ free(q.ptr);
+ free(d.ptr);
+ free(exp1.ptr);
+ free(exp2.ptr);
+ free(coeff.ptr);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of rsa_private_key.save_key.
+ */
+static status_t save_key(private_rsa_private_key_t *this, char *file)
+{
+ return NOT_SUPPORTED;
+}
+
+/**
+ * Implementation of rsa_private_key.get_public_key.
+ */
+rsa_public_key_t *get_public_key(private_rsa_private_key_t *this)
+{
+ return NULL;
+}
+
+/**
+ * Implementation of rsa_private_key.belongs_to.
+ */
+static bool belongs_to(private_rsa_private_key_t *this, rsa_public_key_t *public)
+{
+ return chunk_equals(this->keyid, public->get_keyid(public));
+}
+
+/**
+ * Check the loaded key if it is valid and usable
+ * TODO: Log errors
+ */
+static status_t check(private_rsa_private_key_t *this)
+{
+ mpz_t t, u, q1;
+ status_t status = SUCCESS;
+
+ /* PKCS#1 1.5 section 6 requires modulus to have at least 12 octets.
+ * We actually require more (for security).
+ */
+ if (this->k < 512/8)
+ {
+ return FAILED;
+ }
+
+ /* we picked a max modulus size to simplify buffer allocation */
+ if (this->k > 8192/8)
+ {
+ return FAILED;
+ }
+
+ mpz_init(t);
+ mpz_init(u);
+ mpz_init(q1);
+
+ /* check that n == p * q */
+ mpz_mul(u, this->p, this->q);
+ if (mpz_cmp(u, this->n) != 0)
+ {
+ status = FAILED;
+ }
+
+ /* check that e divides neither p-1 nor q-1 */
+ mpz_sub_ui(t, this->p, 1);
+ mpz_mod(t, t, this->e);
+ if (mpz_cmp_ui(t, 0) == 0)
+ {
+ status = FAILED;
+ }
+
+ mpz_sub_ui(t, this->q, 1);
+ mpz_mod(t, t, this->e);
+ if (mpz_cmp_ui(t, 0) == 0)
+ {
+ status = FAILED;
+ }
+
+ /* check that d is e^-1 (mod lcm(p-1, q-1)) */
+ /* see PKCS#1v2, aka RFC 2437, for the "lcm" */
+ mpz_sub_ui(q1, this->q, 1);
+ mpz_sub_ui(u, this->p, 1);
+ mpz_gcd(t, u, q1); /* t := gcd(p-1, q-1) */
+ mpz_mul(u, u, q1); /* u := (p-1) * (q-1) */
+ mpz_divexact(u, u, t); /* u := lcm(p-1, q-1) */
+
+ mpz_mul(t, this->d, this->e);
+ mpz_mod(t, t, u);
+ if (mpz_cmp_ui(t, 1) != 0)
+ {
+ status = FAILED;
+ }
+
+ /* check that exp1 is d mod (p-1) */
+ mpz_sub_ui(u, this->p, 1);
+ mpz_mod(t, this->d, u);
+ if (mpz_cmp(t, this->exp1) != 0)
+ {
+ status = FAILED;
+ }
+
+ /* check that exp2 is d mod (q-1) */
+ mpz_sub_ui(u, this->q, 1);
+ mpz_mod(t, this->d, u);
+ if (mpz_cmp(t, this->exp2) != 0)
+ {
+ status = FAILED;
+ }
+
+ /* check that coeff is (q^-1) mod p */
+ mpz_mul(t, this->coeff, this->q);
+ mpz_mod(t, t, this->p);
+ if (mpz_cmp_ui(t, 1) != 0)
+ {
+ status = FAILED;
+ }
+
+ mpz_clear(t);
+ mpz_clear(u);
+ mpz_clear(q1);
+ return status;
+}
+
+/**
+ * Implementation of rsa_private_key.clone.
+ */
+static rsa_private_key_t* _clone(private_rsa_private_key_t *this)
+{
+ private_rsa_private_key_t *clone = rsa_private_key_create_empty();
+
+ mpz_init_set(clone->n, this->n);
+ mpz_init_set(clone->e, this->e);
+ mpz_init_set(clone->p, this->p);
+ mpz_init_set(clone->q, this->q);
+ mpz_init_set(clone->d, this->d);
+ mpz_init_set(clone->exp1, this->exp1);
+ mpz_init_set(clone->exp2, this->exp2);
+ mpz_init_set(clone->coeff, this->coeff);
+ clone->keyid = chunk_clone(this->keyid);
+ clone->k = this->k;
+
+ return &clone->public;
+}
+
+/**
+ * Implementation of rsa_private_key.destroy.
+ */
+static void destroy(private_rsa_private_key_t *this)
+{
+ mpz_clear(this->n);
+ mpz_clear(this->e);
+ mpz_clear(this->p);
+ mpz_clear(this->q);
+ mpz_clear(this->d);
+ mpz_clear(this->exp1);
+ mpz_clear(this->exp2);
+ mpz_clear(this->coeff);
+ free(this->keyid.ptr);
+ free(this);
+}
+
+/**
+ * Internal generic constructor
+ */
+static private_rsa_private_key_t *rsa_private_key_create_empty(void)
+{
+ private_rsa_private_key_t *this = malloc_thing(private_rsa_private_key_t);
+
+ /* public functions */
+ this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature;
+ this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key;
+ this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key;
+ this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key;
+ this->public.belongs_to = (bool (*) (rsa_private_key_t*,rsa_public_key_t*))belongs_to;
+ this->public.clone = (rsa_private_key_t*(*)(rsa_private_key_t*))_clone;
+ this->public.destroy = (void (*) (rsa_private_key_t*))destroy;
+
+ /* private functions */
+ this->rsadp = rsadp;
+ this->rsasp1 = rsadp; /* same algorithm */
+ this->compute_prime = compute_prime;
+
+ return this;
+}
+
+/*
+ * See header
+ */
+rsa_private_key_t *rsa_private_key_create(size_t key_size)
+{
+ mpz_t p, q, n, e, d, exp1, exp2, coeff;
+ mpz_t m, q1, t;
+ private_rsa_private_key_t *this;
+
+ this = rsa_private_key_create_empty();
+ key_size = key_size / 8;
+
+ /* Get values of primes p and q */
+ if (this->compute_prime(this, key_size/2, &p) != SUCCESS)
+ {
+ free(this);
+ return NULL;
+ }
+ if (this->compute_prime(this, key_size/2, &q) != SUCCESS)
+ {
+ mpz_clear(p);
+ free(this);
+ return NULL;
+ }
+
+ mpz_init(t);
+ mpz_init(n);
+ mpz_init(d);
+ mpz_init(exp1);
+ mpz_init(exp2);
+ mpz_init(coeff);
+
+ /* Swapping Primes so p is larger then q */
+ if (mpz_cmp(p, q) < 0)
+ {
+ mpz_set(t, p);
+ mpz_set(p, q);
+ mpz_set(q, t);
+ }
+
+ mpz_mul(n, p, q); /* n = p*q */
+ mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */
+ mpz_init_set(m, p); /* m = p */
+ mpz_sub_ui(m, m, 1); /* m = m -1 */
+ mpz_init_set(q1, q); /* q1 = q */
+ mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */
+ mpz_gcd(t, m, q1); /* t = gcd(p-1, q-1) */
+ mpz_mul(m, m, q1); /* m = (p-1)*(q-1) */
+ mpz_divexact(m, m, t); /* m = m / t */
+ mpz_gcd(t, m, e); /* t = gcd(m, e) (greatest common divisor) */
+
+ mpz_invert(d, e, m); /* e has an inverse mod m */
+ if (mpz_cmp_ui(d, 0) < 0) /* make sure d is positive */
+ {
+ mpz_add(d, d, m);
+ }
+ mpz_sub_ui(t, p, 1); /* t = p-1 */
+ mpz_mod(exp1, d, t); /* exp1 = d mod p-1 */
+ mpz_sub_ui(t, q, 1); /* t = q-1 */
+ mpz_mod(exp2, d, t); /* exp2 = d mod q-1 */
+
+ mpz_invert(coeff, q, p); /* coeff = q^-1 mod p */
+ if (mpz_cmp_ui(coeff, 0) < 0) /* make coeff d is positive */
+ {
+ mpz_add(coeff, coeff, p);
+ }
+
+ mpz_clear(q1);
+ mpz_clear(m);
+ mpz_clear(t);
+
+ /* apply values */
+ *(this->p) = *p;
+ *(this->q) = *q;
+ *(this->n) = *n;
+ *(this->e) = *e;
+ *(this->d) = *d;
+ *(this->exp1) = *exp1;
+ *(this->exp2) = *exp2;
+ *(this->coeff) = *coeff;
+
+ /* set key size in bytes */
+ this->k = key_size;
+
+ return &this->public;
+}
+
+/*
+ * see header
+ */
+rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t blob)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+ private_rsa_private_key_t *this;
+
+ this = rsa_private_key_create_empty();
+
+ mpz_init(this->n);
+ mpz_init(this->e);
+ mpz_init(this->p);
+ mpz_init(this->q);
+ mpz_init(this->d);
+ mpz_init(this->exp1);
+ mpz_init(this->exp2);
+ mpz_init(this->coeff);
+
+ asn1_init(&ctx, blob, 0, FALSE, TRUE);
+
+ while (objectID < PRIV_KEY_ROOF)
+ {
+ if (!extract_object(privkey_objects, &objectID, &object, &level, &ctx))
+ {
+ destroy(this);
+ return FALSE;
+ }
+ switch (objectID)
+ {
+ case PRIV_KEY_VERSION:
+ if (object.len > 0 && *object.ptr != 0)
+ {
+ destroy(this);
+ return NULL;
+ }
+ break;
+ case PRIV_KEY_MODULUS:
+ mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_PUB_EXP:
+ mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_PRIV_EXP:
+ mpz_import(this->d, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_PRIME1:
+ mpz_import(this->p, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_PRIME2:
+ mpz_import(this->q, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_EXP1:
+ mpz_import(this->exp1, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_EXP2:
+ mpz_import(this->exp2, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PRIV_KEY_COEFF:
+ mpz_import(this->coeff, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ }
+ objectID++;
+ }
+
+ this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
+
+ /* form the keyid as a SHA-1 hash of a publicKeyInfo object */
+ {
+ chunk_t publicKeyInfo = rsa_public_key_info_to_asn1(this->n, this->e);
+ hasher_t *hasher = hasher_create(HASH_SHA1);
+
+ hasher->allocate_hash(hasher, publicKeyInfo, &this->keyid);
+ hasher->destroy(hasher);
+ free(publicKeyInfo.ptr);
+ }
+
+ if (check(this) != SUCCESS)
+ {
+ destroy(this);
+ return NULL;
+ }
+ else
+ {
+ return &this->public;
+ }
+}
+
+/*
+ * see header
+ */
+rsa_private_key_t *rsa_private_key_create_from_file(char *filename, chunk_t *passphrase)
+{
+ bool pgp = FALSE;
+ chunk_t chunk = chunk_empty;
+ rsa_private_key_t *key = NULL;
+
+ if (!pem_asn1_load_file(filename, passphrase, "private key", &chunk, &pgp))
+ return NULL;
+
+ key = rsa_private_key_create_from_chunk(chunk);
+ free(chunk.ptr);
+ return key;
+}
diff --git a/src/libstrongswan/crypto/rsa/rsa_private_key.h b/src/libstrongswan/crypto/rsa/rsa_private_key.h
new file mode 100644
index 000000000..9ec07704e
--- /dev/null
+++ b/src/libstrongswan/crypto/rsa/rsa_private_key.h
@@ -0,0 +1,184 @@
+/**
+ * @file rsa_private_key.h
+ *
+ * @brief Interface of rsa_private_key_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef RSA_PRIVATE_KEY_H_
+#define RSA_PRIVATE_KEY_H_
+
+typedef struct rsa_private_key_t rsa_private_key_t;
+
+#include <library.h>
+#include <crypto/rsa/rsa_public_key.h>
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief RSA private key with associated functions.
+ *
+ * Currently only supports signing using EMSA encoding.
+ *
+ * @b Constructors:
+ * - rsa_private_key_create()
+ * - rsa_private_key_create_from_chunk()
+ * - rsa_private_key_create_from_file()
+ *
+ * @see rsa_public_key_t
+ *
+ * @todo Implement get_key(), save_key(), get_public_key()
+ *
+ * @ingroup rsa
+ */
+struct rsa_private_key_t {
+
+ /**
+ * @brief Build a signature over a chunk using EMSA-PKCS1 encoding.
+ *
+ * This signature creates a hash using the specified hash algorithm, concatenates
+ * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
+ * on it.
+ *
+ * @param this calling object
+ * @param hash_algorithm hash algorithm to use for hashing
+ * @param data data to sign
+ * @param[out] signature allocated signature
+ * @return
+ * - SUCCESS
+ * - INVALID_STATE, if key not set
+ * - NOT_SUPPORTED, if hash algorithm not supported
+ */
+ status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
+
+ /**
+ * @brief Gets the key.
+ *
+ * UNIMPLEMENTED!
+ *
+ * @param this calling object
+ * @param key key (in a propriarity format)
+ * @return
+ * - SUCCESS
+ * - INVALID_STATE, if key not set
+ */
+ status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
+
+ /**
+ * @brief Saves a key to a file.
+ *
+ * Not implemented!
+ *
+ * @param this calling object
+ * @param file file to which the key should be written.
+ * @return NOT_SUPPORTED
+ */
+ status_t (*save_key) (rsa_private_key_t *this, char *file);
+
+ /**
+ * @brief Generate a new key.
+ *
+ * Generates a new private_key with specified key size
+ *
+ * @param this calling object
+ * @param key_size size of the key in bits
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if key_size invalid
+ */
+ status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
+
+ /**
+ * @brief Create a rsa_public_key_t with the public
+ * parts of the key.
+ *
+ * @param this calling object
+ * @return public_key
+ */
+ rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
+
+ /**
+ * @brief Check if a private key belongs to a public key.
+ *
+ * Compares the public part of the private key with the
+ * public key, return TRUE if it equals.
+ *
+ * @param this private key
+ * @param public public key
+ * @return TRUE, if keys belong together
+ */
+ bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public);
+
+ /**
+ * @brief Clone the private key.
+ *
+ * @param this private key to clone
+ * @return clone of this
+ */
+ rsa_private_key_t *(*clone) (rsa_private_key_t *this);
+
+ /**
+ * @brief Destroys the private key.
+ *
+ * @param this private key to destroy
+ */
+ void (*destroy) (rsa_private_key_t *this);
+};
+
+/**
+ * @brief Generate a new RSA key with specified key length.
+ *
+ * @param key_size size of the key in bits
+ * @return generated rsa_private_key_t.
+ *
+ * @ingroup rsa
+ */
+rsa_private_key_t *rsa_private_key_create(size_t key_size);
+
+/**
+ * @brief Load an RSA private key from a chunk.
+ *
+ * Load a key from a chunk, encoded as described in PKCS#1
+ * (ASN1 DER encoded).
+ *
+ * @param chunk chunk containing the DER encoded key
+ * @return loaded rsa_private_key_t, or NULL
+ *
+ * @ingroup rsa
+ */
+rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Load an RSA private key from a file.
+ *
+ * Load a key from a file, which is either in a unencrypted binary
+ * format (DER), or in a (encrypted) PEM format. The supplied
+ * passphrase is used to decrypt an ecrypted key.
+ *
+ * @param filename filename which holds the key
+ * @param passphrase optional passphase for decryption, can be NULL
+ * @return loaded rsa_private_key_t, or NULL
+ *
+ * @todo Implement PEM file loading
+ * @todo Implement key decryption
+ *
+ * @ingroup rsa
+ */
+rsa_private_key_t *rsa_private_key_create_from_file(char *filename, chunk_t *passphrase);
+
+#endif /*RSA_PRIVATE_KEY_H_*/
diff --git a/src/libstrongswan/crypto/rsa/rsa_public_key.c b/src/libstrongswan/crypto/rsa/rsa_public_key.c
new file mode 100644
index 000000000..38899670f
--- /dev/null
+++ b/src/libstrongswan/crypto/rsa/rsa_public_key.c
@@ -0,0 +1,497 @@
+/**
+ * @file rsa_public_key.c
+ *
+ * @brief Implementation of rsa_public_key_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <gmp.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "rsa_public_key.h"
+
+#include <crypto/hashers/hasher.h>
+#include <asn1/asn1.h>
+#include <asn1/pem.h>
+
+/*
+ * For simplicity, we use these predefined values for hash algorithm OIDs
+ * These also contain the length of the appended hash
+ * These values are also used in rsa_private_key.c.
+ */
+
+const u_int8_t md2_oid[] = {
+ 0x30,0x20,
+ 0x30,0x0c,
+ 0x06,0x08,
+ 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x02,
+ 0x05,0x00,
+ 0x04,0x10
+};
+
+const u_int8_t md5_oid[] = {
+ 0x30,0x20,
+ 0x30,0x0c,
+ 0x06,0x08,
+ 0x2a,0x86,0x48,0x86,0xf7,0x0d,0x02,0x05,
+ 0x05,0x00,
+ 0x04,0x10
+};
+
+const u_int8_t sha1_oid[] = {
+ 0x30,0x21,
+ 0x30,0x09,
+ 0x06,0x05,
+ 0x2b,0x0e,0x03,0x02,0x1a,
+ 0x05,0x00,
+ 0x04,0x14
+};
+
+const u_int8_t sha256_oid[] = {
+ 0x30,0x31,
+ 0x30,0x0d,
+ 0x06,0x09,
+ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,
+ 0x05,0x00,
+ 0x04,0x20
+};
+
+const u_int8_t sha384_oid[] = {
+ 0x30,0x41,
+ 0x30,0x0d,
+ 0x06,0x09,
+ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,
+ 0x05,0x00,
+ 0x04,0x30
+};
+
+const u_int8_t sha512_oid[] = {
+ 0x30,0x51,
+ 0x30,0x0d,
+ 0x06,0x09,
+ 0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,
+ 0x05,0x00,
+ 0x04,0x40
+};
+
+#define LARGEST_HASH_OID_SIZE sizeof(sha512_oid)
+
+/* ASN.1 definition public key */
+static const asn1Object_t pubkey_objects[] = {
+ { 0, "RSAPublicKey", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
+ { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 1 */
+ { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 2 */
+};
+
+#define PUB_KEY_RSA_PUBLIC_KEY 0
+#define PUB_KEY_MODULUS 1
+#define PUB_KEY_EXPONENT 2
+#define PUB_KEY_ROOF 3
+
+typedef struct private_rsa_public_key_t private_rsa_public_key_t;
+
+/**
+ * Private data structure with signing context.
+ */
+struct private_rsa_public_key_t {
+ /**
+ * Public interface for this signer.
+ */
+ rsa_public_key_t public;
+
+ /**
+ * Public modulus.
+ */
+ mpz_t n;
+
+ /**
+ * Public exponent.
+ */
+ mpz_t e;
+
+ /**
+ * Keysize in bytes.
+ */
+ size_t k;
+
+ /**
+ * Keyid formed as a SHA-1 hash of a publicKeyInfo object
+ */
+ chunk_t keyid;
+
+ /**
+ * @brief Implements the RSAEP algorithm specified in PKCS#1.
+ *
+ * @param this calling object
+ * @param data data to process
+ * @return processed data
+ */
+ chunk_t (*rsaep) (const private_rsa_public_key_t *this, chunk_t data);
+
+ /**
+ * @brief Implements the RSASVP1 algorithm specified in PKCS#1.
+ *
+ * @param this calling object
+ * @param data data to process
+ * @return processed data
+ */
+ chunk_t (*rsavp1) (const private_rsa_public_key_t *this, chunk_t data);
+};
+
+private_rsa_public_key_t *rsa_public_key_create_empty(void);
+
+/**
+ * Implementation of private_rsa_public_key_t.rsaep and private_rsa_public_key_t.rsavp1
+ */
+static chunk_t rsaep(const private_rsa_public_key_t *this, chunk_t data)
+{
+ mpz_t m, c;
+ chunk_t encrypted;
+
+ mpz_init(c);
+ mpz_init(m);
+
+ mpz_import(m, data.len, 1, 1, 1, 0, data.ptr);
+
+ mpz_powm(c, m, this->e, this->n);
+
+ encrypted.len = this->k;
+ encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
+
+ mpz_clear(c);
+ mpz_clear(m);
+
+ return encrypted;
+}
+
+/**
+ * Implementation of rsa_public_key.verify_emsa_pkcs1_signature.
+ */
+static status_t verify_emsa_pkcs1_signature(const private_rsa_public_key_t *this, chunk_t data, chunk_t signature)
+{
+ hasher_t *hasher = NULL;
+ chunk_t hash;
+ chunk_t em;
+ u_int8_t *pos;
+ status_t res = FAILED;
+
+ /* remove any preceding 0-bytes from signature */
+ while (signature.len && *(signature.ptr) == 0x00)
+ {
+ signature.len -= 1;
+ signature.ptr++;
+ }
+
+ if (signature.len > this->k)
+ {
+ return INVALID_ARG;
+ }
+
+ /* unpack signature */
+ em = this->rsavp1(this, signature);
+
+ /* result should look like this:
+ * EM = 0x00 || 0x01 || PS || 0x00 || T.
+ * PS = 0xFF padding, with length to fill em
+ * T = oid || hash
+ */
+
+ /* check magic bytes */
+ if ((*(em.ptr) != 0x00) || (*(em.ptr+1) != 0x01))
+ {
+ goto end;
+ }
+
+ /* find magic 0x00 */
+ pos = em.ptr + 2;
+ while (pos <= em.ptr + em.len)
+ {
+ if (*pos == 0x00)
+ {
+ /* found magic byte, stop */
+ pos++;
+ break;
+ }
+ else if (*pos != 0xFF)
+ {
+ /* bad padding, decryption failed ?!*/
+ goto end;
+ }
+ pos++;
+ }
+
+ if (pos + LARGEST_HASH_OID_SIZE > em.ptr + em.len)
+ {
+ /* not enought room for oid compare */
+ goto end;
+ }
+
+ if (memeq(md2_oid, pos, sizeof(md2_oid)))
+ {
+ hasher = hasher_create(HASH_MD2);
+ pos += sizeof(md2_oid);
+ }
+ else if (memeq(md5_oid, pos, sizeof(md5_oid)))
+ {
+ hasher = hasher_create(HASH_MD5);
+ pos += sizeof(md5_oid);
+ }
+ else if (memeq(sha1_oid, pos, sizeof(sha1_oid)))
+ {
+ hasher = hasher_create(HASH_SHA1);
+ pos += sizeof(sha1_oid);
+ }
+ else if (memeq(sha256_oid, pos, sizeof(sha256_oid)))
+ {
+ hasher = hasher_create(HASH_SHA256);
+ pos += sizeof(sha256_oid);
+ }
+ else if (memeq(sha384_oid, pos, sizeof(sha384_oid)))
+ {
+ hasher = hasher_create(HASH_SHA384);
+ pos += sizeof(sha384_oid);
+ }
+ else if (memeq(sha512_oid, pos, sizeof(sha512_oid)))
+ {
+ hasher = hasher_create(HASH_SHA512);
+ pos += sizeof(sha512_oid);
+ }
+
+ if (hasher == NULL)
+ {
+ /* unsupported hash algorithm */
+ res = NOT_SUPPORTED;;
+ goto end;
+ }
+
+ if (pos + hasher->get_hash_size(hasher) != em.ptr + em.len)
+ {
+ /* bad length */
+ hasher->destroy(hasher);
+ goto end;
+ }
+
+ /* build our own hash */
+ hasher->allocate_hash(hasher, data, &hash);
+ hasher->destroy(hasher);
+
+ /* compare the hashes */
+ res = memeq(hash.ptr, pos, hash.len) ? SUCCESS : FAILED;
+ free(hash.ptr);
+
+end:
+ free(em.ptr);
+ return res;
+}
+
+/**
+ * Implementation of rsa_public_key.get_key.
+ */
+static status_t get_key(const private_rsa_public_key_t *this, chunk_t *key)
+{
+ chunk_t n, e;
+
+ n.len = this->k;
+ n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
+ e.len = this->k;
+ e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
+
+ key->len = this->k * 2;
+ key->ptr = malloc(key->len);
+ memcpy(key->ptr, n.ptr, n.len);
+ memcpy(key->ptr + n.len, e.ptr, e.len);
+ free(n.ptr);
+ free(e.ptr);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of rsa_public_key.save_key.
+ */
+static status_t save_key(const private_rsa_public_key_t *this, char *file)
+{
+ return NOT_SUPPORTED;
+}
+
+/**
+ * Implementation of rsa_public_key.get_modulus.
+ */
+static mpz_t *get_modulus(const private_rsa_public_key_t *this)
+{
+ return (mpz_t*)&this->n;
+}
+
+/**
+ * Implementation of rsa_public_key.get_keysize.
+ */
+static size_t get_keysize(const private_rsa_public_key_t *this)
+{
+ return this->k;
+}
+
+/**
+ * Implementation of rsa_public_key.get_keyid.
+ */
+static chunk_t get_keyid(const private_rsa_public_key_t *this)
+{
+ return this->keyid;
+}
+
+/**
+ * Implementation of rsa_public_key.clone.
+ */
+static rsa_public_key_t* _clone(const private_rsa_public_key_t *this)
+{
+ private_rsa_public_key_t *clone = rsa_public_key_create_empty();
+
+ mpz_init_set(clone->n, this->n);
+ mpz_init_set(clone->e, this->e);
+ clone->keyid = chunk_clone(this->keyid);
+ clone->k = this->k;
+
+ return &clone->public;
+}
+
+/**
+ * Implementation of rsa_public_key.destroy.
+ */
+static void destroy(private_rsa_public_key_t *this)
+{
+ mpz_clear(this->n);
+ mpz_clear(this->e);
+ free(this->keyid.ptr);
+ free(this);
+}
+
+/**
+ * Generic private constructor
+ */
+private_rsa_public_key_t *rsa_public_key_create_empty(void)
+{
+ private_rsa_public_key_t *this = malloc_thing(private_rsa_public_key_t);
+
+ /* public functions */
+ this->public.verify_emsa_pkcs1_signature = (status_t (*) (const rsa_public_key_t*,chunk_t,chunk_t))verify_emsa_pkcs1_signature;
+ this->public.get_key = (status_t (*) (const rsa_public_key_t*,chunk_t*))get_key;
+ this->public.save_key = (status_t (*) (const rsa_public_key_t*,char*))save_key;
+ this->public.get_modulus = (mpz_t *(*) (const rsa_public_key_t*))get_modulus;
+ this->public.get_keysize = (size_t (*) (const rsa_public_key_t*))get_keysize;
+ this->public.get_keyid = (chunk_t (*) (const rsa_public_key_t*))get_keyid;
+ this->public.clone = (rsa_public_key_t* (*) (const rsa_public_key_t*))_clone;
+ this->public.destroy = (void (*) (rsa_public_key_t*))destroy;
+
+ /* private functions */
+ this->rsaep = rsaep;
+ this->rsavp1 = rsaep; /* same algorithm */
+
+ return this;
+}
+
+/**
+ * Build a DER-encoded publicKeyInfo object from an RSA public key.
+ * Also used in rsa_private_key.c.
+ */
+chunk_t rsa_public_key_info_to_asn1(const mpz_t n, const mpz_t e)
+{
+ chunk_t rawKey = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_integer_from_mpz(n),
+ asn1_integer_from_mpz(e));
+ chunk_t publicKey;
+
+ u_char *pos = build_asn1_object(&publicKey, ASN1_BIT_STRING, 1 + rawKey.len);
+
+ *pos++ = 0x00;
+ memcpy(pos, rawKey.ptr, rawKey.len);
+ free(rawKey.ptr);
+
+ return asn1_wrap(ASN1_SEQUENCE, "cm", ASN1_rsaEncryption_id,
+ publicKey);
+}
+
+/*
+ * See header
+ */
+rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t blob)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ private_rsa_public_key_t *this = rsa_public_key_create_empty();
+
+ mpz_init(this->n);
+ mpz_init(this->e);
+
+ asn1_init(&ctx, blob, 0, FALSE, FALSE);
+
+ while (objectID < PUB_KEY_ROOF)
+ {
+ if (!extract_object(pubkey_objects, &objectID, &object, &level, &ctx))
+ {
+ destroy(this);
+ return FALSE;
+ }
+ switch (objectID)
+ {
+ case PUB_KEY_MODULUS:
+ mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ case PUB_KEY_EXPONENT:
+ mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr);
+ break;
+ }
+ objectID++;
+ }
+
+ this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
+
+ /* form the keyid as a SHA-1 hash of a publicKeyInfo object */
+ {
+ chunk_t publicKeyInfo = rsa_public_key_info_to_asn1(this->n, this->e);
+ hasher_t *hasher = hasher_create(HASH_SHA1);
+
+ hasher->allocate_hash(hasher, publicKeyInfo, &this->keyid);
+ hasher->destroy(hasher);
+ free(publicKeyInfo.ptr);
+ }
+
+ return &this->public;
+}
+
+/*
+ * See header
+ */
+rsa_public_key_t *rsa_public_key_create_from_file(char *filename)
+{
+ bool pgp = FALSE;
+ chunk_t chunk = chunk_empty;
+ rsa_public_key_t *pubkey = NULL;
+
+ if (!pem_asn1_load_file(filename, NULL, "public key", &chunk, &pgp))
+ return NULL;
+
+ pubkey = rsa_public_key_create_from_chunk(chunk);
+ free(chunk.ptr);
+ return pubkey;
+}
diff --git a/src/libstrongswan/crypto/rsa/rsa_public_key.h b/src/libstrongswan/crypto/rsa/rsa_public_key.h
new file mode 100644
index 000000000..1ee54dcc3
--- /dev/null
+++ b/src/libstrongswan/crypto/rsa/rsa_public_key.h
@@ -0,0 +1,164 @@
+/**
+ * @file rsa_public_key.h
+ *
+ * @brief Interface of rsa_public_key_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef RSA_PUBLIC_KEY_H_
+#define RSA_PUBLIC_KEY_H_
+
+typedef struct rsa_public_key_t rsa_public_key_t;
+
+#include <gmp.h>
+
+#include <library.h>
+
+/**
+ * @brief RSA public key with associated functions.
+ *
+ * Currently only supports signature verification using
+ * the EMSA encoding (see PKCS1)
+ *
+ * @b Constructors:
+ * - rsa_public_key_create_from_chunk()
+ * - rsa_public_key_create_from_file()
+ * - rsa_private_key_t.get_public_key()
+ *
+ * @see rsa_private_key_t
+ *
+ * @todo Implement getkey() and savekey()
+ *
+ * @ingroup rsa
+ */
+struct rsa_public_key_t {
+
+ /**
+ * @brief Verify a EMSA-PKCS1 encodined signature.
+ *
+ * Processes the supplied signature with the RSAVP1 function,
+ * selects the hash algorithm form the resultign ASN1-OID and
+ * verifies the hash against the supplied data.
+ *
+ * @param this rsa_public_key to use
+ * @param data data to sign
+ * @param signature signature to verify
+ * @return
+ * - SUCCESS, if signature ok
+ * - INVALID_STATE, if key not set
+ * - NOT_SUPPORTED, if hash algorithm not supported
+ * - INVALID_ARG, if signature is not a signature
+ * - FAILED if signature invalid or unable to verify
+ */
+ status_t (*verify_emsa_pkcs1_signature) (const rsa_public_key_t *this, chunk_t data, chunk_t signature);
+
+ /**
+ * @brief Gets the key.
+ *
+ * Currently uses a proprietary format which is only inteded
+ * for testing. This should be replaced with a proper
+ * ASN1 encoded key format, when charon gets the ASN1
+ * capabilities.
+ *
+ * @param this calling object
+ * @param key key (in a propriarity format)
+ * @return
+ * - SUCCESS
+ * - INVALID_STATE, if key not set
+ */
+ status_t (*get_key) (const rsa_public_key_t *this, chunk_t *key);
+
+ /**
+ * @brief Saves a key to a file.
+ *
+ * Not implemented!
+ *
+ * @param this calling object
+ * @param file file to which the key should be written.
+ * @return NOT_SUPPORTED
+ */
+ status_t (*save_key) (const rsa_public_key_t *this, char *file);
+
+ /**
+ * @brief Get the modulus of the key.
+ *
+ * @param this calling object
+ * @return modulus (n) of the key
+ */
+ mpz_t *(*get_modulus) (const rsa_public_key_t *this);
+
+ /**
+ * @brief Get the size of the modulus in bytes.
+ *
+ * @param this calling object
+ * @return size of the modulus (n) in bytes
+ */
+ size_t (*get_keysize) (const rsa_public_key_t *this);
+
+ /**
+ * @brief Get the keyid formed as the SHA-1 hash of a publicKeyInfo object.
+ *
+ * @param this calling object
+ * @return keyid in the form of a SHA-1 hash
+ */
+ chunk_t (*get_keyid) (const rsa_public_key_t *this);
+
+ /**
+ * @brief Clone the public key.
+ *
+ * @param this public key to clone
+ * @return clone of this
+ */
+ rsa_public_key_t *(*clone) (const rsa_public_key_t *this);
+
+ /**
+ * @brief Destroys the public key.
+ *
+ * @param this public key to destroy
+ */
+ void (*destroy) (rsa_public_key_t *this);
+};
+
+/**
+ * @brief Load an RSA public key from a chunk.
+ *
+ * Load a key from a chunk, encoded in the more frequently
+ * used publicKeyInfo object (ASN1 DER encoded).
+ *
+ * @param chunk chunk containing the DER encoded key
+ * @return loaded rsa_public_key_t, or NULL
+ *
+ * @ingroup rsa
+ */
+rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk);
+
+/**
+ * @brief Load an RSA public key from a file.
+ *
+ * Load a key from a file, which is either in binary
+ * format (DER), or in PEM format.
+ *
+ * @param filename filename which holds the key
+ * @return loaded rsa_public_key_t, or NULL
+ *
+ * @ingroup rsa
+ */
+rsa_public_key_t *rsa_public_key_create_from_file(char *filename);
+
+#endif /*RSA_PUBLIC_KEY_H_*/
diff --git a/src/libstrongswan/crypto/signers/hmac_signer.c b/src/libstrongswan/crypto/signers/hmac_signer.c
new file mode 100644
index 000000000..76e1ce50e
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/hmac_signer.c
@@ -0,0 +1,174 @@
+/**
+ * @file hmac_signer.c
+ *
+ * @brief Implementation of hmac_signer_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "hmac_signer.h"
+
+#include <crypto/prfs/hmac_prf.h>
+
+typedef struct private_hmac_signer_t private_hmac_signer_t;
+
+/**
+ * Private data structure with signing context.
+ */
+struct private_hmac_signer_t {
+ /**
+ * Public interface of hmac_signer_t.
+ */
+ hmac_signer_t public;
+
+ /**
+ * Assigned hmac function.
+ */
+ prf_t *hmac_prf;
+
+ /**
+ * Block size (truncation of HMAC Hash)
+ */
+ size_t block_size;
+};
+
+/**
+ * Implementation of signer_t.get_signature.
+ */
+static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
+{
+ u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+
+ this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
+
+ /* copy MAC depending on truncation */
+ memcpy(buffer, full_mac, this->block_size);
+}
+
+/**
+ * Implementation of signer_t.allocate_signature.
+ */
+static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
+{
+ chunk_t signature;
+ u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+
+ this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
+
+ signature.ptr = malloc(this->block_size);
+ signature.len = this->block_size;
+
+ /* copy signature */
+ memcpy(signature.ptr, full_mac, this->block_size);
+
+ *chunk = signature;
+}
+
+/**
+ * Implementation of signer_t.verify_signature.
+ */
+static bool verify_signature(private_hmac_signer_t *this, chunk_t data, chunk_t signature)
+{
+ u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+
+ this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
+
+ if (signature.len != this->block_size)
+ {
+ return FALSE;
+ }
+
+ /* compare mac aka signature :-) */
+ if (memcmp(signature.ptr, full_mac, this->block_size) == 0)
+ {
+ return TRUE;
+ }
+ else
+ {
+ return FALSE;
+ }
+}
+
+/**
+ * Implementation of signer_t.get_key_size.
+ */
+static size_t get_key_size(private_hmac_signer_t *this)
+{
+ /* for HMAC signer, IKEv2 uses block size as key size */
+ return this->hmac_prf->get_block_size(this->hmac_prf);
+}
+
+/**
+ * Implementation of signer_t.get_block_size.
+ */
+static size_t get_block_size(private_hmac_signer_t *this)
+{
+ return this->block_size;
+}
+
+/**
+ * Implementation of signer_t.set_key.
+ */
+static void set_key(private_hmac_signer_t *this, chunk_t key)
+{
+ this->hmac_prf->set_key(this->hmac_prf, key);
+}
+
+/**
+ * Implementation of signer_t.destroy.
+ */
+static status_t destroy(private_hmac_signer_t *this)
+{
+ this->hmac_prf->destroy(this->hmac_prf);
+ free(this);
+ return SUCCESS;
+}
+
+/*
+ * Described in header
+ */
+hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm, size_t block_size)
+{
+ size_t hmac_block_size;
+ private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);
+
+ this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);
+ if (this->hmac_prf == NULL)
+ {
+ /* algorithm not supported */
+ free(this);
+ return NULL;
+ }
+
+ /* prevent invalid truncation */
+ hmac_block_size = this->hmac_prf->get_block_size(this->hmac_prf);
+ this->block_size = min(block_size, hmac_block_size);
+
+ /* interface functions */
+ this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
+ this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
+ this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
+ this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
+ this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
+ this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
+ this->public.signer_interface.destroy = (void (*) (signer_t*))destroy;
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/signers/hmac_signer.h b/src/libstrongswan/crypto/signers/hmac_signer.h
new file mode 100644
index 000000000..2449069bd
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/hmac_signer.h
@@ -0,0 +1,68 @@
+/**
+ * @file hmac_signer.h
+ *
+ * @brief Interface of hmac_signer_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef HMAC_SIGNER_H_
+#define HMAC_SIGNER_H_
+
+typedef struct hmac_signer_t hmac_signer_t;
+
+#include <crypto/signers/signer.h>
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of signer_t interface using HMAC.
+ *
+ * HMAC uses a standard hash function implemented in a hasher_t to build
+ * a MAC.
+ *
+ * @ingroup signers
+ */
+struct hmac_signer_t {
+
+ /**
+ * generic signer_t interface for this signer
+ */
+ signer_t signer_interface;
+};
+
+/**
+ * @brief Creates a new hmac_signer_t.
+ *
+ * HMAC signatures are often truncated to shorten them to a more usable, but
+ * still secure enough length.
+ * Block size must be equal or smaller then the hash algorithms
+ * hash.
+ *
+ * @param hash_algoritm Hash algorithm to use with signer
+ * @param block_size Size of resulting signature (truncated to block_size)
+ * @return
+ * - hmac_signer_t
+ * - NULL if hash algorithm not supported
+ *
+ * @ingroup signers
+ */
+hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm,
+ size_t block_size);
+
+
+#endif /*HMAC_SIGNER_H_*/
diff --git a/src/libstrongswan/crypto/signers/signer.c b/src/libstrongswan/crypto/signers/signer.c
new file mode 100644
index 000000000..747bc5efa
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/signer.c
@@ -0,0 +1,65 @@
+/**
+ * @file signer.c
+ *
+ * @brief Implementation of generic signer_t constructor.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "signer.h"
+
+#include <crypto/signers/hmac_signer.h>
+
+ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA1_128,
+ "UNDEFINED",
+ "AUTH_HMAC_SHA1_128");
+ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_AES_XCBC_96, AUTH_HMAC_SHA1_128,
+ "HMAC_MD5_96",
+ "HMAC_SHA1_96",
+ "DES_MAC",
+ "KPDK_MD5",
+ "AES_XCBC_96");
+ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_SHA2_256_128, AUTH_HMAC_SHA2_512_256, AUTH_AES_XCBC_96,
+ "AUTH_HMAC_SHA2_256_128",
+ "AUTH_HMAC_SHA2_384_192",
+ "AUTH_HMAC_SHA2_512_256");
+ENUM_END(integrity_algorithm_names, AUTH_HMAC_SHA2_512_256);
+
+/*
+ * Described in header.
+ */
+signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
+{
+ switch(integrity_algorithm)
+ {
+ case AUTH_HMAC_SHA1_96:
+ return (signer_t *)hmac_signer_create(HASH_SHA1, 12);
+ case AUTH_HMAC_SHA1_128:
+ return (signer_t *)hmac_signer_create(HASH_SHA1, 16);
+ case AUTH_HMAC_MD5_96:
+ return (signer_t *)hmac_signer_create(HASH_MD5, 12);
+ case AUTH_HMAC_SHA2_256_128:
+ return (signer_t *)hmac_signer_create(HASH_SHA256, 16);
+ case AUTH_HMAC_SHA2_384_192:
+ return (signer_t *)hmac_signer_create(HASH_SHA384, 24);
+ case AUTH_HMAC_SHA2_512_256:
+ return (signer_t *)hmac_signer_create(HASH_SHA512, 32);
+ default:
+ return NULL;
+ }
+}
diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h
new file mode 100644
index 000000000..0f3709712
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/signer.h
@@ -0,0 +1,147 @@
+/**
+ * @file signer.h
+ *
+ * @brief Interface for signer_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef SIGNER_H_
+#define SIGNER_H_
+
+typedef enum integrity_algorithm_t integrity_algorithm_t;
+typedef struct signer_t signer_t;
+
+#include <library.h>
+
+/**
+ * @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
+ *
+ * Algorithms not specified in IKEv2 are allocated in private use space.
+ *
+ * @ingroup signers
+ */
+enum integrity_algorithm_t {
+ AUTH_UNDEFINED = 1024,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_MD5_96 = 1,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA1_96 = 2,
+ AUTH_DES_MAC = 3,
+ AUTH_KPDK_MD5 = 4,
+ AUTH_AES_XCBC_96 = 5,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_256_128 = 12,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_384_192 = 13,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA2_512_256 = 14,
+ /** Implemented via hmac_signer_t */
+ AUTH_HMAC_SHA1_128 = 1025,
+};
+
+/**
+ * enum names for integrity_algorithm_t.
+ */
+extern enum_name_t *integrity_algorithm_names;
+
+/**
+ * @brief Generig interface for a symmetric signature algorithm.
+ *
+ * @b Constructors:
+ * - signer_create()
+ * - hmac_signer_create()
+ *
+ * @todo Implement more integrity algorithms
+ *
+ * @ingroup signers
+ */
+struct signer_t {
+ /**
+ * @brief Generate a signature.
+ *
+ * @param this calling object
+ * @param data a chunk containing the data to sign
+ * @param[out] buffer pointer where the signature will be written
+ */
+ void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
+
+ /**
+ * @brief Generate a signature and allocate space for it.
+ *
+ * @param this calling object
+ * @param data a chunk containing the data to sign
+ * @param[out] chunk chunk which will hold the allocated signature
+ */
+ void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
+
+ /**
+ * @brief Verify a signature.
+ *
+ * @param this calling object
+ * @param data a chunk containing the data to verify
+ * @param signature a chunk containing the signature
+ * @return TRUE, if signature is valid, FALSE otherwise
+ */
+ bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
+
+ /**
+ * @brief Get the block size of this signature algorithm.
+ *
+ * @param this calling object
+ * @return block size in bytes
+ */
+ size_t (*get_block_size) (signer_t *this);
+
+ /**
+ * @brief Get the key size of the signature algorithm.
+ *
+ * @param this calling object
+ * @return key size in bytes
+ */
+ size_t (*get_key_size) (signer_t *this);
+
+ /**
+ * @brief Set the key for this object.
+ *
+ * @param this calling object
+ * @param key key to set
+ */
+ void (*set_key) (signer_t *this, chunk_t key);
+
+ /**
+ * @brief Destroys a signer_t object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (signer_t *this);
+};
+
+/**
+ * @brief Creates a new signer_t object.
+ *
+ * @param integrity_algorithm Algorithm to use for signing and verifying.
+ * @return
+ * - signer_t object
+ * - NULL if signer not supported
+ *
+ * @ingroup signers
+ */
+signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
+
+#endif /*SIGNER_H_*/
diff --git a/src/libstrongswan/crypto/x509.c b/src/libstrongswan/crypto/x509.c
new file mode 100755
index 000000000..58fcff16d
--- /dev/null
+++ b/src/libstrongswan/crypto/x509.c
@@ -0,0 +1,1354 @@
+/**
+ * @file x509.c
+ *
+ * @brief Implementation of x509_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <gmp.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "x509.h"
+#include "hashers/hasher.h"
+#include <library.h>
+#include <debug.h>
+#include <asn1/oid.h>
+#include <asn1/asn1.h>
+#include <asn1/pem.h>
+#include <utils/linked_list.h>
+#include <utils/identification.h>
+
+#define CERT_WARNING_INTERVAL 30 /* days */
+
+/**
+ * Different kinds of generalNames
+ */
+typedef enum generalNames_t generalNames_t;
+
+enum generalNames_t {
+ GN_OTHER_NAME = 0,
+ GN_RFC822_NAME = 1,
+ GN_DNS_NAME = 2,
+ GN_X400_ADDRESS = 3,
+ GN_DIRECTORY_NAME = 4,
+ GN_EDI_PARTY_NAME = 5,
+ GN_URI = 6,
+ GN_IP_ADDRESS = 7,
+ GN_REGISTERED_ID = 8,
+};
+
+typedef struct private_x509_t private_x509_t;
+
+/**
+ * Private data of a x509_t object.
+ */
+struct private_x509_t {
+ /**
+ * Public interface for this certificate.
+ */
+ x509_t public;
+
+ /**
+ * Time when certificate was installed
+ */
+ time_t installed;
+
+ /**
+ * Time until certificate can be trusted
+ */
+ time_t until;
+
+ /**
+ * Certificate status
+ */
+ cert_status_t status;
+
+ /**
+ * Authority flags
+ */
+ u_int authority_flags;
+
+ /**
+ * X.509 Certificate in DER format
+ */
+ chunk_t certificate;
+
+ /**
+ * X.509 certificate body over which signature is computed
+ */
+ chunk_t tbsCertificate;
+
+ /**
+ * Version of the X.509 certificate
+ */
+ u_int version;
+
+ /**
+ * Serial number of the X.509 certificate
+ */
+ chunk_t serialNumber;
+
+ /**
+ * Signature algorithm
+ */
+ int sigAlg;
+
+ /**
+ * ID representing the certificate issuer
+ */
+ identification_t *issuer;
+
+ /**
+ * Start time of certificate validity
+ */
+ time_t notBefore;
+
+ /**
+ * End time of certificate validity
+ */
+ time_t notAfter;
+
+ /**
+ * ID representing the certificate subject
+ */
+ identification_t *subject;
+
+ /**
+ * List of identification_t's representing subjectAltNames
+ */
+ linked_list_t *subjectAltNames;
+
+ /**
+ * List of identification_t's representing crlDistributionPoints
+ */
+ linked_list_t *crlDistributionPoints;
+
+ /**
+ * List of identification_t's representing ocspAccessLocations
+ */
+ linked_list_t *ocspAccessLocations;
+
+ /**
+ * Subject public key
+ */
+ chunk_t subjectPublicKey;
+
+ /**
+ * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
+ */
+ rsa_public_key_t *public_key;
+
+ /**
+ * Subject Key Identifier
+ */
+ chunk_t subjectKeyID;
+
+ /**
+ * Authority Key Identifier
+ */
+ chunk_t authKeyID;
+
+ /**
+ * Authority Key Serial Number
+ */
+ chunk_t authKeySerialNumber;
+
+ /**
+ * CA basic constraints flag
+ */
+ bool isCA;
+
+ /**
+ * OCSPSigner extended key usage flag
+ */
+ bool isOcspSigner;
+
+ /**
+ * Signature algorithm (must be identical to sigAlg)
+ */
+ int algorithm;
+
+ /**
+ * Signature
+ */
+ chunk_t signature;
+
+};
+
+/**
+ * ASN.1 definition of generalName
+ */
+static const asn1Object_t generalNameObjects[] = {
+ { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
+ { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
+ { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
+ { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
+ { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
+ { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
+ { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
+ { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
+ { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
+ { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
+ { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
+};
+#define GN_OBJ_OTHER_NAME 0
+#define GN_OBJ_RFC822_NAME 2
+#define GN_OBJ_DNS_NAME 4
+#define GN_OBJ_X400_ADDRESS 6
+#define GN_OBJ_DIRECTORY_NAME 8
+#define GN_OBJ_EDI_PARTY_NAME 10
+#define GN_OBJ_URI 12
+#define GN_OBJ_IP_ADDRESS 14
+#define GN_OBJ_REGISTERED_ID 16
+#define GN_OBJ_ROOF 18
+
+/**
+ * ASN.1 definition of otherName
+ */
+static const asn1Object_t otherNameObjects[] = {
+ {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
+ {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
+};
+#define ON_OBJ_ID_TYPE 0
+#define ON_OBJ_VALUE 1
+#define ON_OBJ_ROOF 2
+/**
+ * ASN.1 definition of a basicConstraints extension
+ */
+static const asn1Object_t basicConstraintsObjects[] = {
+ { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
+ { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
+ { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
+};
+#define BASIC_CONSTRAINTS_CA 1
+#define BASIC_CONSTRAINTS_ROOF 4
+
+/**
+ * ASN.1 definition of time
+ */
+static const asn1Object_t timeObjects[] = {
+ { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
+ { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
+ { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
+ { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
+};
+#define TIME_UTC 0
+#define TIME_GENERALIZED 2
+#define TIME_ROOF 4
+
+/**
+ * ASN.1 definition of a keyIdentifier
+ */
+static const asn1Object_t keyIdentifierObjects[] = {
+ { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
+};
+
+/**
+ * ASN.1 definition of a authorityKeyIdentifier extension
+ */
+static const asn1Object_t authorityKeyIdentifierObjects[] = {
+ { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
+ { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
+ { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
+ { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
+ { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
+ { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
+};
+#define AUTH_KEY_ID_KEY_ID 1
+#define AUTH_KEY_ID_CERT_ISSUER 3
+#define AUTH_KEY_ID_CERT_SERIAL 5
+#define AUTH_KEY_ID_ROOF 7
+
+/**
+ * ASN.1 definition of a authorityInfoAccess extension
+ */
+static const asn1Object_t authorityInfoAccessObjects[] = {
+ { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
+ { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
+ { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
+ { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
+};
+#define AUTH_INFO_ACCESS_METHOD 2
+#define AUTH_INFO_ACCESS_LOCATION 3
+#define AUTH_INFO_ACCESS_ROOF 5
+
+/**
+ * ASN.1 definition of a extendedKeyUsage extension
+ */
+static const asn1Object_t extendedKeyUsageObjects[] = {
+ { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
+ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
+};
+
+#define EXT_KEY_USAGE_PURPOSE_ID 1
+#define EXT_KEY_USAGE_ROOF 3
+
+/**
+ * ASN.1 definition of generalNames
+ */
+static const asn1Object_t generalNamesObjects[] = {
+ { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
+ { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
+};
+#define GENERAL_NAMES_GN 1
+#define GENERAL_NAMES_ROOF 3
+
+
+/**
+ * ASN.1 definition of crlDistributionPoints
+ */
+static const asn1Object_t crlDistributionPointsObjects[] = {
+ { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
+ { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
+ { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
+ { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
+ { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
+ { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
+ { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
+ { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
+ { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
+ { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
+};
+#define CRL_DIST_POINTS_FULLNAME 3
+#define CRL_DIST_POINTS_ROOF 13
+
+/**
+ * ASN.1 definition of an X.509v3 x509
+ */
+static const asn1Object_t certObjects[] = {
+ { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
+ { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
+ { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
+ { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
+ { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
+ { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
+ { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
+ { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
+ { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
+ { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
+ { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
+ { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
+ { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
+ { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
+ { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
+ { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
+ { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
+ { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
+ { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
+ { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
+ { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
+ { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
+ { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
+ { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
+ { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
+ { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
+ { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
+};
+#define X509_OBJ_CERTIFICATE 0
+#define X509_OBJ_TBS_CERTIFICATE 1
+#define X509_OBJ_VERSION 3
+#define X509_OBJ_SERIAL_NUMBER 4
+#define X509_OBJ_SIG_ALG 5
+#define X509_OBJ_ISSUER 6
+#define X509_OBJ_NOT_BEFORE 8
+#define X509_OBJ_NOT_AFTER 9
+#define X509_OBJ_SUBJECT 10
+#define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
+#define X509_OBJ_SUBJECT_PUBLIC_KEY 13
+#define X509_OBJ_RSA_PUBLIC_KEY 14
+#define X509_OBJ_EXTN_ID 22
+#define X509_OBJ_CRITICAL 23
+#define X509_OBJ_EXTN_VALUE 24
+#define X509_OBJ_ALGORITHM 27
+#define X509_OBJ_SIGNATURE 28
+#define X509_OBJ_ROOF 29
+
+
+static u_char ASN1_subjectAltName_oid_str[] = {
+ 0x06, 0x03, 0x55, 0x1D, 0x11
+};
+
+static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
+
+
+/**
+ * compare two X.509 x509s by comparing their signatures
+ */
+static bool equals(const private_x509_t *this, const private_x509_t *other)
+{
+ return chunk_equals(this->signature, other->signature);
+}
+
+/**
+ * extracts the basicConstraints extension
+ */
+static bool parse_basicConstraints(chunk_t blob, int level0)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+ bool isCA = FALSE;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < BASIC_CONSTRAINTS_ROOF) {
+
+ if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
+ {
+ break;
+ }
+ if (objectID == BASIC_CONSTRAINTS_CA)
+ {
+ isCA = object.len && *object.ptr;
+ DBG2(" %s", isCA ? "TRUE" : "FALSE");
+ }
+ objectID++;
+ }
+ return isCA;
+}
+
+/*
+ * extracts an otherName
+ */
+static bool
+parse_otherName(chunk_t blob, int level0)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ int objectID = 0;
+ u_int level;
+ int oid = OID_UNKNOWN;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < ON_OBJ_ROOF)
+ {
+ if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
+ return FALSE;
+
+ switch (objectID)
+ {
+ case ON_OBJ_ID_TYPE:
+ oid = known_oid(object);
+ break;
+ case ON_OBJ_VALUE:
+ if (oid == OID_XMPP_ADDR)
+ {
+ if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
+ return FALSE;
+ }
+ break;
+ default:
+ break;
+ }
+ objectID++;
+ }
+ return TRUE;
+}
+
+/*
+ * extracts a generalName
+ */
+static identification_t *parse_generalName(chunk_t blob, int level0)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ int objectID = 0;
+ u_int level;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < GN_OBJ_ROOF)
+ {
+ id_type_t id_type = ID_ANY;
+
+ if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
+ return NULL;
+
+ switch (objectID)
+ {
+ case GN_OBJ_RFC822_NAME:
+ id_type = ID_RFC822_ADDR;
+ break;
+ case GN_OBJ_DNS_NAME:
+ id_type = ID_FQDN;
+ break;
+ case GN_OBJ_URI:
+ id_type = ID_DER_ASN1_GN_URI;
+ break;
+ case GN_OBJ_DIRECTORY_NAME:
+ id_type = ID_DER_ASN1_DN;
+ break;
+ case GN_OBJ_IP_ADDRESS:
+ id_type = ID_IPV4_ADDR;
+ break;
+ case GN_OBJ_OTHER_NAME:
+ if (!parse_otherName(object, level + 1))
+ return NULL;
+ break;
+ case GN_OBJ_X400_ADDRESS:
+ case GN_OBJ_EDI_PARTY_NAME:
+ case GN_OBJ_REGISTERED_ID:
+ break;
+ default:
+ break;
+ }
+
+ if (id_type != ID_ANY)
+ {
+ identification_t *gn = identification_create_from_encoding(id_type, object);
+ DBG2(" '%D'", gn);
+ return gn;
+ }
+ objectID++;
+ }
+ return NULL;
+}
+
+
+/**
+ * extracts one or several GNs and puts them into a chained list
+ */
+static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, implicit, FALSE);
+
+ while (objectID < GENERAL_NAMES_ROOF)
+ {
+ if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
+ return;
+
+ if (objectID == GENERAL_NAMES_GN)
+ {
+ identification_t *gn = parse_generalName(object, level+1);
+
+ if (gn != NULL)
+ list->insert_last(list, (void *)gn);
+ }
+ objectID++;
+ }
+ return;
+}
+
+/**
+ * extracts and converts a UTCTIME or GENERALIZEDTIME object
+ */
+time_t parse_time(chunk_t blob, int level0)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+
+ while (objectID < TIME_ROOF)
+ {
+ if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
+ return 0;
+
+ if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
+ {
+ return asn1totime(&object, (objectID == TIME_UTC)
+ ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
+ }
+ objectID++;
+ }
+ return 0;
+}
+
+/**
+ * extracts a keyIdentifier
+ */
+static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, implicit, FALSE);
+
+ extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
+ return object;
+}
+
+/**
+ * extracts an authoritykeyIdentifier
+ */
+void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+ while (objectID < AUTH_KEY_ID_ROOF)
+ {
+ if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
+ {
+ return;
+ }
+ switch (objectID)
+ {
+ case AUTH_KEY_ID_KEY_ID:
+ *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
+ break;
+ case AUTH_KEY_ID_CERT_ISSUER:
+ {
+ /* TODO: parse_generalNames(object, level+1, TRUE); */
+ break;
+ }
+ case AUTH_KEY_ID_CERT_SERIAL:
+ *authKeySerialNumber = object;
+ break;
+ default:
+ break;
+ }
+ objectID++;
+ }
+}
+
+/**
+ * extracts an authorityInfoAcess location
+ */
+static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ u_int accessMethod = OID_UNKNOWN;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+ while (objectID < AUTH_INFO_ACCESS_ROOF)
+ {
+ if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
+ {
+ return;
+ }
+ switch (objectID)
+ {
+ case AUTH_INFO_ACCESS_METHOD:
+ accessMethod = known_oid(object);
+ break;
+ case AUTH_INFO_ACCESS_LOCATION:
+ {
+ switch (accessMethod)
+ {
+ case OID_OCSP:
+ if (*object.ptr == ASN1_CONTEXT_S_6)
+ {
+ identification_t *accessLocation;
+
+ if (asn1_length(&object) == ASN1_INVALID_LENGTH)
+ return;
+ DBG2(" '%.*s'",(int)object.len, object.ptr);
+ accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
+ list->insert_last(list, (void *)accessLocation);
+ }
+ break;
+ default:
+ /* unkown accessMethod, ignoring */
+ break;
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ objectID++;
+ }
+}
+
+/**
+ * extracts extendedKeyUsage OIDs
+ */
+static bool parse_extendedKeyUsage(chunk_t blob, int level0)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+ while (objectID < EXT_KEY_USAGE_ROOF)
+ {
+ if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
+ {
+ return FALSE;
+ }
+ if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
+ known_oid(object) == OID_OCSP_SIGNING)
+ {
+ return TRUE;
+ }
+ objectID++;
+ }
+ return FALSE;
+}
+
+/**
+ * extracts one or several crlDistributionPoints and puts them into
+ * a chained list
+ */
+static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
+{
+ asn1_ctx_t ctx;
+ chunk_t object;
+ u_int level;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+ while (objectID < CRL_DIST_POINTS_ROOF)
+ {
+ if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
+ {
+ return;
+ }
+ if (objectID == CRL_DIST_POINTS_FULLNAME)
+ {
+ /* append extracted generalNames to existing chained list */
+ parse_generalNames(object, level+1, TRUE, list);
+
+ }
+ objectID++;
+ }
+}
+
+
+/**
+ * Parses an X.509v3 certificate
+ */
+static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *cert)
+{
+ asn1_ctx_t ctx;
+ bool critical;
+ chunk_t object;
+ u_int level;
+ u_int extn_oid = OID_UNKNOWN;
+ int objectID = 0;
+
+ asn1_init(&ctx, blob, level0, FALSE, FALSE);
+ while (objectID < X509_OBJ_ROOF)
+ {
+ if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
+ {
+ return FALSE;
+ }
+ /* those objects which will parsed further need the next higher level */
+ level++;
+ switch (objectID) {
+ case X509_OBJ_CERTIFICATE:
+ cert->certificate = object;
+ break;
+ case X509_OBJ_TBS_CERTIFICATE:
+ cert->tbsCertificate = object;
+ break;
+ case X509_OBJ_VERSION:
+ cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
+ DBG2(" v%d", cert->version);
+ break;
+ case X509_OBJ_SERIAL_NUMBER:
+ cert->serialNumber = object;
+ break;
+ case X509_OBJ_SIG_ALG:
+ cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
+ break;
+ case X509_OBJ_ISSUER:
+ cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
+ DBG2(" '%D'", cert->issuer);
+ break;
+ case X509_OBJ_NOT_BEFORE:
+ cert->notBefore = parse_time(object, level);
+ break;
+ case X509_OBJ_NOT_AFTER:
+ cert->notAfter = parse_time(object, level);
+ break;
+ case X509_OBJ_SUBJECT:
+ cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
+ DBG2(" '%D'", cert->subject);
+ break;
+ case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
+ if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
+ {
+ DBG2(" unsupported public key algorithm");
+ return FALSE;
+ }
+ break;
+ case X509_OBJ_SUBJECT_PUBLIC_KEY:
+ if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
+ {
+ /* skip initial bit string octet defining 0 unused bits */
+ ctx.blobs[4].ptr++; ctx.blobs[4].len--;
+ }
+ else
+ {
+ DBG2(" invalid RSA public key format");
+ return FALSE;
+ }
+ break;
+ case X509_OBJ_RSA_PUBLIC_KEY:
+ cert->subjectPublicKey = object;
+ break;
+ case X509_OBJ_EXTN_ID:
+ extn_oid = known_oid(object);
+ break;
+ case X509_OBJ_CRITICAL:
+ critical = object.len && *object.ptr;
+ DBG2(" %s", critical ? "TRUE" : "FALSE");
+ break;
+ case X509_OBJ_EXTN_VALUE:
+ {
+ switch (extn_oid) {
+ case OID_SUBJECT_KEY_ID:
+ cert->subjectKeyID = chunk_clone(parse_keyIdentifier(object, level, FALSE));
+ break;
+ case OID_SUBJECT_ALT_NAME:
+ parse_generalNames(object, level, FALSE, cert->subjectAltNames);
+ break;
+ case OID_BASIC_CONSTRAINTS:
+ cert->isCA = parse_basicConstraints(object, level);
+ break;
+ case OID_CRL_DISTRIBUTION_POINTS:
+ parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
+ break;
+ case OID_AUTHORITY_KEY_ID:
+ parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
+ break;
+ case OID_AUTHORITY_INFO_ACCESS:
+ parse_authorityInfoAccess(object, level, cert->ocspAccessLocations);
+ break;
+ case OID_EXTENDED_KEY_USAGE:
+ cert->isOcspSigner = parse_extendedKeyUsage(object, level);
+ break;
+ case OID_NS_REVOCATION_URL:
+ case OID_NS_CA_REVOCATION_URL:
+ case OID_NS_CA_POLICY_URL:
+ case OID_NS_COMMENT:
+ if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
+ return FALSE;
+ break;
+ default:
+ break;
+ }
+ break;
+ }
+ case X509_OBJ_ALGORITHM:
+ cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
+ break;
+ case X509_OBJ_SIGNATURE:
+ cert->signature = object;
+ break;
+ default:
+ break;
+ }
+ objectID++;
+ }
+
+ if (cert->subjectKeyID.ptr == NULL)
+ {
+ hasher_t *hasher = hasher_create(HASH_SHA1);
+
+ hasher->allocate_hash(hasher, cert->subjectPublicKey, &cert->subjectKeyID);
+ hasher->destroy(hasher);
+ }
+
+ time(&cert->installed);
+ return TRUE;
+}
+
+/**
+ * Implements x509_t.is_valid
+ */
+static err_t is_valid(const private_x509_t *this, time_t *until)
+{
+ time_t current_time = time(NULL);
+
+ DBG2(" not before : %T", &this->notBefore);
+ DBG2(" current time: %T", &current_time);
+ DBG2(" not after : %T", &this->notAfter);
+
+ if (until != NULL &&
+ (*until == UNDEFINED_TIME || this->notAfter < *until))
+ {
+ *until = this->notAfter;
+ }
+ if (current_time < this->notBefore)
+ {
+ return "is not valid yet";
+ }
+ if (current_time > this->notAfter)
+ {
+ return "has expired";
+ }
+ DBG2(" certificate is valid");
+ return NULL;
+}
+
+/**
+ * Implements x509_t.is_ca
+ */
+static bool is_ca(const private_x509_t *this)
+{
+ return this->isCA;
+}
+
+/**
+ * Implements x509_t.is_ocsp_signer
+ */
+static bool is_ocsp_signer(const private_x509_t *this)
+{
+ return this->isOcspSigner;
+}
+
+/**
+ * Implements x509_t.is_self_signed
+ */
+static bool is_self_signed(const private_x509_t *this)
+{
+ return this->subject->equals(this->subject, this->issuer);
+}
+
+/**
+ * Implements x509_t.equals_subjectAltName
+ */
+static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
+{
+ bool found = FALSE;
+ identification_t *subjectAltName;
+ iterator_t *iterator;
+
+ iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
+ while (iterator->iterate(iterator, (void**)&subjectAltName))
+ {
+ if (id->equals(id, subjectAltName))
+ {
+ found = TRUE;
+ break;
+ }
+ }
+ iterator->destroy(iterator);
+ return found;
+}
+
+/**
+ * Implements x509_t.is_issuer
+ */
+static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
+{
+ return (this->authKeyID.ptr)
+ ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
+ : (this->issuer->equals(this->issuer, issuer->subject)
+ && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
+}
+
+/**
+ * Implements x509_t.get_certificate
+ */
+static chunk_t get_certificate(const private_x509_t *this)
+{
+ return this->certificate;
+}
+
+/**
+ * Implements x509_t.get_public_key
+ */
+static rsa_public_key_t *get_public_key(const private_x509_t *this)
+{
+ return this->public_key;
+}
+
+/**
+ * Implements x509_t.get_serialNumber
+ */
+static chunk_t get_serialNumber(const private_x509_t *this)
+{
+ return this->serialNumber;
+}
+
+/**
+ * Implements x509_t.get_subjectKeyID
+ */
+static chunk_t get_subjectKeyID(const private_x509_t *this)
+{
+ return this->subjectKeyID;
+}
+
+/**
+ * Implements x509_t.get_keyid
+ */
+static chunk_t get_keyid(const private_x509_t *this)
+{
+ return this->public_key->get_keyid(this->public_key);
+}
+
+/**
+ * Implements x509_t.get_issuer
+ */
+static identification_t *get_issuer(const private_x509_t *this)
+{
+ return this->issuer;
+}
+
+/**
+ * Implements x509_t.get_subject
+ */
+static identification_t *get_subject(const private_x509_t *this)
+{
+ return this->subject;
+}
+
+/**
+ * Implements x509_t.set_until
+ */
+static void set_until(private_x509_t *this, time_t until)
+{
+ this->until = until;
+}
+
+/**
+ * Implements x509_t.get_until
+ */
+static time_t get_until(const private_x509_t *this)
+{
+ return this->until;
+}
+
+/**
+ * Implements x509_t.set_status
+ */
+static void set_status(private_x509_t *this, cert_status_t status)
+{
+ this->status = status;
+}
+
+/**
+ * Implements x509_t.get_status
+ */
+static cert_status_t get_status(const private_x509_t *this)
+{
+ return this->status;
+}
+
+/**
+ * Implements x509_t.add_authority_flags
+ */
+static void add_authority_flags(private_x509_t *this, u_int flags)
+{
+ this->authority_flags |= flags;
+}
+
+/**
+ * Implements x509_t.add_authority_flags
+ */
+static u_int get_authority_flags(private_x509_t *this)
+{
+ return this->authority_flags;
+}
+
+/**
+ * Implements x509_t.has_authority_flag
+ */
+static bool has_authority_flag(private_x509_t *this, u_int flags)
+{
+ return (this->authority_flags & flags) != AUTH_NONE;
+}
+
+/**
+ * Implements x509_t.create_crluri_iterator
+ */
+static iterator_t *create_crluri_iterator(const private_x509_t *this)
+{
+ return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
+}
+
+/**
+ * Implements x509_t.create_crluri_iterator
+ */
+static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
+{
+ return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
+}
+
+/**
+ * Implements x509_t.verify
+ */
+static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
+{
+ return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_x509_t *this = *((private_x509_t**)(args[0]));
+ iterator_t *iterator;
+ bool utc = TRUE;
+ int written = 0;
+
+ if (info->alt)
+ {
+ utc = *((bool*)(args[1]));
+ }
+
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ /* determine the current time */
+ time_t now = time(NULL);
+
+ written += fprintf(stream, "%#T\n", &this->installed, utc);
+
+ if (this->subjectAltNames->get_count(this->subjectAltNames))
+ {
+ identification_t *subjectAltName;
+ bool first = TRUE;
+
+ written += fprintf(stream, " altNames: ");
+ iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
+ while (iterator->iterate(iterator, (void**)&subjectAltName))
+ {
+ if (first)
+ {
+ first = FALSE;
+ }
+ else
+ {
+ written += fprintf(stream, ", ");
+ }
+ written += fprintf(stream, "'%D'", subjectAltName);
+ }
+ iterator->destroy(iterator);
+ written += fprintf(stream, "\n");
+ }
+ written += fprintf(stream, " subject: '%D'\n", this->subject);
+ written += fprintf(stream, " issuer: '%D'\n", this->issuer);
+ written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
+ written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
+ if (now < this->notBefore)
+ {
+ written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
+ }
+ else
+ {
+ written += fprintf(stream, "ok\n");
+ }
+
+ written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
+ if (now > this->notAfter)
+ {
+ written += fprintf(stream, "expired (%V ago)\n", &now, &this->notAfter);
+ }
+ else
+ {
+ written += fprintf(stream, "ok");
+ if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
+ {
+ written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
+ }
+ written += fprintf(stream, " \n");
+ }
+
+ {
+ chunk_t keyid = this->public_key->get_keyid(this->public_key);
+ written += fprintf(stream, " keyid: %#B\n", &keyid);
+ }
+
+ if (this->subjectKeyID.ptr)
+ {
+ written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
+ }
+ if (this->authKeyID.ptr)
+ {
+ written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
+ }
+ if (this->authKeySerialNumber.ptr)
+ {
+ written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
+ }
+
+ written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
+ this->public_key->get_keysize(this->public_key));
+ written += fprintf(stream, ", status %N",
+ cert_status_names, this->status);
+
+ switch (this->status)
+ {
+ case CERT_GOOD:
+ written += fprintf(stream, " until %#T", &this->until, utc);
+ break;
+ case CERT_REVOKED:
+ written += fprintf(stream, " on %#T", &this->until, utc);
+ break;
+ case CERT_UNKNOWN:
+ case CERT_UNDEFINED:
+ case CERT_UNTRUSTED:
+ default:
+ break;
+ }
+ return written;
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
+}
+
+/**
+ * Implements x509_t.destroy
+ */
+static void destroy(private_x509_t *this)
+{
+ this->subjectAltNames->destroy_offset(this->subjectAltNames,
+ offsetof(identification_t, destroy));
+ this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
+ offsetof(identification_t, destroy));
+ this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
+ offsetof(identification_t, destroy));
+ DESTROY_IF(this->issuer);
+ DESTROY_IF(this->subject);
+ DESTROY_IF(this->public_key);
+ free(this->subjectKeyID.ptr);
+ free(this->certificate.ptr);
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
+{
+ private_x509_t *this = malloc_thing(private_x509_t);
+
+ /* initialize */
+ this->subjectPublicKey = chunk_empty;
+ this->public_key = NULL;
+ this->subject = NULL;
+ this->issuer = NULL;
+ this->subjectAltNames = linked_list_create();
+ this->crlDistributionPoints = linked_list_create();
+ this->ocspAccessLocations = linked_list_create();
+ this->subjectKeyID = chunk_empty;
+ this->authKeyID = chunk_empty;
+ this->authKeySerialNumber = chunk_empty;
+ this->authority_flags = AUTH_NONE;
+
+ /* public functions */
+ this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
+ this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
+ this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
+ this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
+ this->public.is_ca = (bool (*) (const x509_t*))is_ca;
+ this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
+ this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
+ this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
+ this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
+ this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
+ this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
+ this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
+ this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
+ this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
+ this->public.set_until = (void (*) (x509_t*,time_t))set_until;
+ this->public.get_until = (time_t (*) (const x509_t*))get_until;
+ this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
+ this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
+ this->public.add_authority_flags = (void (*) (x509_t*,u_int))add_authority_flags;
+ this->public.get_authority_flags = (u_int (*) (x509_t*))get_authority_flags;
+ this->public.has_authority_flag = (bool (*) (x509_t*,u_int))has_authority_flag;
+ this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
+ this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
+ this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
+ this->public.destroy = (void (*) (x509_t*))destroy;
+
+ if (!parse_certificate(chunk, level, this))
+ {
+ destroy(this);
+ return NULL;
+ }
+
+ /* extract public key from certificate */
+ this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
+ if (this->public_key == NULL)
+ {
+ destroy(this);
+ return NULL;
+ }
+ /* set trusted lifetime of public key to notAfter */
+ this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
+ this->until = this->notAfter;
+ return &this->public;
+}
+
+/*
+ * Described in header.
+ */
+x509_t *x509_create_from_file(const char *filename, const char *label)
+{
+ bool pgp = FALSE;
+ chunk_t chunk = chunk_empty;
+ x509_t *cert = NULL;
+ char cert_label[BUF_LEN];
+
+ snprintf(cert_label, BUF_LEN, "%s certificate", label);
+
+ if (!pem_asn1_load_file(filename, NULL, cert_label, &chunk, &pgp))
+ return NULL;
+
+ cert = x509_create_from_chunk(chunk, 0);
+
+ if (cert == NULL)
+ free(chunk.ptr);
+ return cert;
+}
diff --git a/src/libstrongswan/crypto/x509.h b/src/libstrongswan/crypto/x509.h
new file mode 100755
index 000000000..a949d99d2
--- /dev/null
+++ b/src/libstrongswan/crypto/x509.h
@@ -0,0 +1,290 @@
+/**
+ * @file x509.h
+ *
+ * @brief Interface of x509_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi, Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef X509_H_
+#define X509_H_
+
+typedef struct x509_t x509_t;
+
+#include <library.h>
+#include <crypto/rsa/rsa_public_key.h>
+#include <crypto/certinfo.h>
+#include <utils/identification.h>
+#include <utils/iterator.h>
+
+/* authority flags */
+
+#define AUTH_NONE 0x00 /* no authorities */
+#define AUTH_CA 0x01 /* certification authority */
+#define AUTH_AA 0x02 /* authorization authority */
+#define AUTH_OCSP 0x04 /* ocsp signing authority */
+
+/**
+ * @brief X.509 certificate.
+ *
+ * @b Constructors:
+ * - x509_create_from_chunk()
+ * - x509_create_from_file()
+ *
+ * @todo more code cleanup needed!
+ * @todo fix unimplemented functions...
+ * @todo handle memory management
+ *
+ * @ingroup transforms
+ */
+struct x509_t {
+
+ /**
+ * @brief Set trusted public key life.
+ *
+ * @param this calling object
+ * @param until time until public key is trusted
+ */
+ void (*set_until) (x509_t *this, time_t until);
+
+ /**
+ * @brief Get trusted public key life.
+ *
+ * @param this calling object
+ * @return time until public key is trusted
+ */
+ time_t (*get_until) (const x509_t *this);
+
+ /**
+ * @brief Set the certificate status
+ *
+ * @param this calling object
+ * @param status certificate status
+ */
+ void (*set_status) (x509_t *this, cert_status_t status);
+
+ /**
+ * @brief Get the certificate status
+ *
+ * @param this calling object
+ * @return certificate status
+ */
+ cert_status_t (*get_status) (const x509_t *this);
+
+ /**
+ * @brief Add authority flags
+ *
+ * @param this calling object
+ * @param flag flags to be added
+ */
+ void (*add_authority_flags) (x509_t *this, u_int flags);
+
+ /**
+ * @brief Get authority flags
+ *
+ * @param this calling object
+ * @return authority flags
+ */
+ u_int (*get_authority_flags) (x509_t *this);
+
+ /**
+ * @brief Check a specific authority flag
+ *
+ * @param this calling object
+ * @param flag flag to be checked
+ * @return TRUE if flag is present
+ */
+ bool (*has_authority_flag) (x509_t *this, u_int flag);
+
+ /**
+ * @brief Get the DER-encoded X.509 certificate body
+ *
+ * @param this calling object
+ * @return DER-encoded X.509 certificate
+ */
+ chunk_t (*get_certificate) (const x509_t *this);
+
+ /**
+ * @brief Get the RSA public key from the certificate.
+ *
+ * @param this calling object
+ * @return public_key
+ */
+ rsa_public_key_t *(*get_public_key) (const x509_t *this);
+
+ /**
+ * @brief Get serial number from the certificate.
+ *
+ * @param this calling object
+ * @return serialNumber
+ */
+ chunk_t (*get_serialNumber) (const x509_t *this);
+
+ /**
+ * @brief Get subjectKeyID from the certificate.
+ *
+ * @param this calling object
+ * @return subjectKeyID
+ */
+ chunk_t (*get_subjectKeyID) (const x509_t *this);
+
+ /**
+ * @brief Get keyid from the certificate's public key.
+ *
+ * @param this calling object
+ * @return keyid
+ */
+ chunk_t (*get_keyid) (const x509_t *this);
+
+ /**
+ * @brief Get the certificate issuer's ID.
+ *
+ * The resulting ID is always a identification_t
+ * of type ID_DER_ASN1_DN.
+ *
+ * @param this calling object
+ * @return issuers ID
+ */
+ identification_t *(*get_issuer) (const x509_t *this);
+
+ /**
+ * @brief Get the subjectDistinguisheName.
+ *
+ * The resulting ID is always a identification_t
+ * of type ID_DER_ASN1_DN.
+ *
+ * @param this calling object
+ * @return subjects ID
+ */
+ identification_t *(*get_subject) (const x509_t *this);
+
+ /**
+ * @brief Create an iterator for the crlDistributionPoints.
+ *
+ * @param this calling object
+ * @return iterator for crlDistributionPoints
+ */
+ iterator_t *(*create_crluri_iterator) (const x509_t *this);
+
+ /**
+ * @brief Create an iterator for the ocspAccessLocations.
+ *
+ * @param this calling object
+ * @return iterator for ocspAccessLocations
+ */
+ iterator_t *(*create_ocspuri_iterator) (const x509_t *this);
+
+ /**
+ * @brief Check if a certificate is trustworthy
+ *
+ * @param this calling object
+ * @param signer signer's RSA public key
+ */
+ bool (*verify) (const x509_t *this, const rsa_public_key_t *signer);
+
+ /**
+ * @brief Compare two certificates.
+ *
+ * Comparison is done via the certificates signature.
+ *
+ * @param this first cert for compare
+ * @param other second cert for compare
+ * @return TRUE if signature is equal
+ */
+ bool (*equals) (const x509_t *this, const x509_t *that);
+
+ /**
+ * @brief Checks if the certificate contains a subjectAltName equal to id.
+ *
+ * @param this certificate being examined
+ * @param id id which is being compared to the subjectAltNames
+ * @return TRUE if a match is found
+ */
+ bool (*equals_subjectAltName) (const x509_t *this, identification_t *id);
+
+ /**
+ * @brief Checks if the subject of the other cert is the issuer of this cert.
+ *
+ * @param this certificate
+ * @param issuer potential issuer certificate
+ * @return TRUE if issuer is found
+ */
+ bool (*is_issuer) (const x509_t *this, const x509_t *issuer);
+
+ /**
+ * @brief Checks the validity interval of the certificate
+ *
+ * @param this certificate being examined
+ * @param until until = min(until, notAfter)
+ * @return NULL if the certificate is valid
+ */
+ err_t (*is_valid) (const x509_t *this, time_t *until);
+
+ /**
+ * @brief Returns the CA basic constraints flag
+ *
+ * @param this certificate being examined
+ * @return TRUE if the CA flag is set
+ */
+ bool (*is_ca) (const x509_t *this);
+
+ /**
+ * @brief Returns the OCSPSigner extended key usage flag
+ *
+ * @param this certificate being examined
+ * @return TRUE if the OCSPSigner flag is set
+ */
+ bool (*is_ocsp_signer) (const x509_t *this);
+
+ /**
+ * @brief Checks if the certificate is self-signed (subject equals issuer)
+ *
+ * @param this certificate being examined
+ * @return TRUE if self-signed
+ */
+ bool (*is_self_signed) (const x509_t *this);
+
+ /**
+ * @brief Destroys the certificate.
+ *
+ * @param this certificate to destroy
+ */
+ void (*destroy) (x509_t *this);
+};
+
+/**
+ * @brief Read a x509 certificate from a DER encoded blob.
+ *
+ * @param chunk chunk containing DER encoded data
+ * @return created x509_t certificate, or NULL if invlid.
+ *
+ * @ingroup transforms
+ */
+x509_t *x509_create_from_chunk(chunk_t chunk, u_int level);
+
+/**
+ * @brief Read a x509 certificate from a DER encoded file.
+ *
+ * @param filename file containing DER encoded data
+ * @param label label describing kind of certificate
+ * @return created x509_t certificate, or NULL if invalid.
+ *
+ * @ingroup transforms
+ */
+x509_t *x509_create_from_file(const char *filename, const char *label);
+
+#endif /* X509_H_ */
diff --git a/src/libstrongswan/debug.c b/src/libstrongswan/debug.c
new file mode 100644
index 000000000..996cae502
--- /dev/null
+++ b/src/libstrongswan/debug.c
@@ -0,0 +1,41 @@
+/**
+ * @file library.c
+ *
+ * @brief Logging functions for the library.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdarg.h>
+#include <stdio.h>
+
+#include "debug.h"
+
+/**
+ * default dbg function which printf all to stderr
+ */
+static void dbg_stderr(int level, char *fmt, ...)
+{
+ va_list args;
+
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ fprintf(stderr, "\n");
+ va_end(args);
+}
+
+void (*dbg) (int level, char *fmt, ...) = dbg_stderr;
diff --git a/src/libstrongswan/debug.h b/src/libstrongswan/debug.h
new file mode 100644
index 000000000..c424a1c11
--- /dev/null
+++ b/src/libstrongswan/debug.h
@@ -0,0 +1,60 @@
+/**
+ * @file log.h
+ *
+ * @brief Logging functions for the library.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef DEBUG_H_
+#define DEBUG_H_
+
+#ifndef DEBUG_LEVEL
+# define DEBUG_LEVEL 4
+#endif /* DEBUG_LEVEL */
+
+/** debug macros, they call the dbg function hook */
+#if DEBUG_LEVEL >= 1
+# define DBG1(fmt, ...) dbg(1, fmt, ##__VA_ARGS__)
+#endif /* DEBUG_LEVEL */
+#if DEBUG_LEVEL >= 2
+# define DBG2(fmt, ...) dbg(2, fmt, ##__VA_ARGS__)
+#endif /* DEBUG_LEVEL */
+#if DEBUG_LEVEL >= 3
+# define DBG3(fmt, ...) dbg(3, fmt, ##__VA_ARGS__)
+#endif /* DEBUG_LEVEL */
+#if DEBUG_LEVEL >= 4
+# define DBG4(fmt, ...) dbg(4, fmt, ##__VA_ARGS__)
+#endif /* DEBUG_LEVEL */
+
+#ifndef DBG1
+# define DBG1(...) {}
+#endif
+#ifndef DBG2
+# define DBG2(...) {}
+#endif
+#ifndef DBG3
+# define DBG3(...) {}
+#endif
+#ifndef DBG4
+# define DBG4(...) {}
+#endif
+
+/** dbg function hook, uses stderr logger by default */
+extern void (*dbg) (int level, char *fmt, ...);
+
+#endif /* DEBUG_H_ */
diff --git a/src/libstrongswan/enum.c b/src/libstrongswan/enum.c
new file mode 100644
index 000000000..ade7c16a1
--- /dev/null
+++ b/src/libstrongswan/enum.c
@@ -0,0 +1,73 @@
+/**
+ * @file library.c
+ *
+ * @brief enum value to string conversion functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stddef.h>
+#include <stdio.h>
+
+#include "enum.h"
+
+#include <printf_hook.h>
+
+/**
+ * get the name of an enum value in a enum_name_t list
+ */
+static char *enum_name(enum_name_t *e, int val)
+{
+ do
+ {
+ if (val >= e->first && val <= e->last)
+ {
+ return e->names[val - e->first];
+ }
+ }
+ while ((e = e->next));
+ return NULL;
+}
+
+/**
+ * output handler in printf() for enum names
+ */
+static int print_enum(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ enum_name_t *ed = *((enum_name_t**)(args[0]));
+ int val = *((int*)(args[1]));
+
+ char *name = enum_name(ed, val);
+
+ if (name == NULL)
+ {
+ return fprintf(stream, "(%d)", val);
+ }
+ else
+ {
+ return fprintf(stream, "%s", name);
+ }
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_ENUM, print_enum, arginfo_ptr_int);
+}
diff --git a/src/libstrongswan/enum.h b/src/libstrongswan/enum.h
new file mode 100644
index 000000000..cd06e424b
--- /dev/null
+++ b/src/libstrongswan/enum.h
@@ -0,0 +1,106 @@
+/**
+ * @file enum.h
+ *
+ * @brief enum value to string conversion functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef ENUM_H_
+#define ENUM_H_
+
+typedef struct enum_name_t enum_name_t;
+
+/**
+ * @brief Struct to store names for enums.
+ *
+ * To print the string representation of enumeration values, the strings
+ * are stored in these structures. Every enum_name contains a range
+ * of strings, multiple ranges are linked together.
+ * Use the convenience macros to define these linked ranges.
+ *
+ * For a single range, use:
+ * ENUM(name, first, last, string1, string2, ...)
+ *
+ * For multiple linked ranges, use:
+ * ENUM_BEGIN(name, first, last, string1, string2, ...)
+ * ENUM_NEXT(name, first, last, last_from_previous, string3, ...)
+ * ENUM_NEXT(name, first, last, last_from_previous, string4, ...)
+ * ENUM_END(name, last_from_previous)
+ *
+ * The ENUM and the ENUM_END define a enum_name_t pointer with the name supplied
+ * in "name".
+ *
+ * Resolving of enum names is done using a printf hook. A printf fromat
+ * character %N is replaced by the enum string. Printf needs two arguments to
+ * resolve a %N, the enum_name_t* (the defined name in ENUM_BEGIN) followed
+ * by the numerical enum value.
+ */
+struct enum_name_t {
+ /** value of the first enum string */
+ int first;
+ /** value of the last enum string */
+ int last;
+ /** next enum_name_t in list */
+ enum_name_t *next;
+ /** array of strings containing names from first to last */
+ char *names[];
+};
+
+/**
+ * @brief Begin a new enum_name list.
+ *
+ * @param name name of the enum_name list
+ * @param first enum value of the first enum string
+ * @param last enum value of the last enum string
+ * @param ... a list of strings
+ */
+#define ENUM_BEGIN(name, first, last, ...) static enum_name_t name##last = {first, last, NULL, { __VA_ARGS__ }}
+
+/**
+ * @brief Continue a enum name list startetd with ENUM_BEGIN.
+ *
+ * @param name name of the enum_name list
+ * @param first enum value of the first enum string
+ * @param last enum value of the last enum string
+ * @param prev enum value of the "last" defined in ENUM_BEGIN/previous ENUM_NEXT
+ * @param ... a list of strings
+ */
+#define ENUM_NEXT(name, first, last, prev, ...) static enum_name_t name##last = {first, last, &name##prev, { __VA_ARGS__ }}
+
+/**
+ * @brief Complete enum name list started with ENUM_BEGIN.
+ *
+ * @param name name of the enum_name list
+ * @param prev enum value of the "last" defined in ENUM_BEGIN/previous ENUM_NEXT
+ */
+#define ENUM_END(name, prev) enum_name_t *name = &name##prev;
+
+/**
+ * @brief Define a enum name with only one range.
+ *
+ * This is a convenience macro to use when a enum_name list contains only
+ * one range, and is equal as defining ENUM_BEGIN followed by ENUM_END.
+ *
+ * @param name name of the enum_name list
+ * @param first enum value of the first enum string
+ * @param last enum value of the last enum string
+ * @param ... a list of strings
+ */
+#define ENUM(name, first, last, ...) ENUM_BEGIN(name, first, last, __VA_ARGS__); ENUM_END(name, last)
+
+#endif /* ENUM_H_ */
diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c
new file mode 100644
index 000000000..9f96d119c
--- /dev/null
+++ b/src/libstrongswan/library.c
@@ -0,0 +1,184 @@
+/**
+ * @file library.c
+ *
+ * @brief Helper functions and definitions.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <time.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <pthread.h>
+
+#include "library.h"
+
+#include <printf_hook.h>
+
+ENUM(status_names, SUCCESS, DESTROY_ME,
+ "SUCCESS",
+ "FAILED",
+ "OUT_OF_RES",
+ "ALREADY_DONE",
+ "NOT_SUPPORTED",
+ "INVALID_ARG",
+ "NOT_FOUND",
+ "PARSE_ERROR",
+ "VERIFY_ERROR",
+ "INVALID_STATE",
+ "DESTROY_ME",
+ "NEED_MORE",
+);
+
+/**
+ * Described in header.
+ */
+void *clalloc(void * pointer, size_t size)
+{
+ void *data;
+ data = malloc(size);
+
+ memcpy(data, pointer,size);
+
+ return (data);
+}
+
+/**
+ * Described in header.
+ */
+void memxor(u_int8_t dest[], u_int8_t src[], size_t n)
+{
+ size_t i;
+ for (i = 0; i < n; i++)
+ {
+ dest[i] ^= src[i];
+ }
+}
+
+/**
+ * We use a single mutex for all refcount variables. This
+ * is not optimal for performance, but the critical section
+ * is not that long...
+ * TODO: Consider to include a mutex in each refcount_t variable.
+ */
+static pthread_mutex_t ref_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+/**
+ * Described in header.
+ *
+ * TODO: May be implemented with atomic CPU instructions
+ * instead of a mutex.
+ */
+void ref_get(refcount_t *ref)
+{
+ pthread_mutex_lock(&ref_mutex);
+ (*ref)++;
+ pthread_mutex_unlock(&ref_mutex);
+}
+
+/**
+ * Described in header.
+ *
+ * TODO: May be implemented with atomic CPU instructions
+ * instead of a mutex.
+ */
+bool ref_put(refcount_t *ref)
+{
+ bool more_refs;
+
+ pthread_mutex_lock(&ref_mutex);
+ more_refs = --(*ref);
+ pthread_mutex_unlock(&ref_mutex);
+ return !more_refs;
+}
+
+/**
+ * output handler in printf() for time_t
+ */
+static int print_time(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ static const char* months[] = {
+ "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+ };
+ time_t *time = *((time_t**)(args[0]));
+ bool utc = TRUE;
+ struct tm t;
+
+ if (info->alt)
+ {
+ utc = *((bool*)(args[1]));
+ }
+ if (time == UNDEFINED_TIME)
+ {
+ return fprintf(stream, "--- -- --:--:--%s----",
+ info->alt ? " UTC " : " ");
+ }
+ if (utc)
+ {
+ gmtime_r(time, &t);
+ }
+ else
+ {
+ localtime_r(time, &t);
+ }
+ return fprintf(stream, "%s %02d %02d:%02d:%02d%s%04d",
+ months[t.tm_mon], t.tm_mday, t.tm_hour, t.tm_min,
+ t.tm_sec, utc ? " UTC " : " ", t.tm_year + 1900);
+}
+
+/**
+ * output handler in printf() for time deltas
+ */
+static int print_time_delta(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ time_t *start = *((time_t**)(args[0]));
+ time_t *end = *((time_t**)(args[1]));
+ u_int delta = abs(*end - *start);
+
+ char* unit = "second";
+
+ if (delta > 2 * 60 * 60 * 24)
+ {
+ delta /= 60 * 60 * 24;
+ unit = "day";
+ }
+ else if (delta > 2 * 60 * 60)
+ {
+ delta /= 60 * 60;
+ unit = "hour";
+ }
+ else if (delta > 2 * 60)
+ {
+ delta /= 60;
+ unit = "minute";
+ }
+ return fprintf(stream, "%d %s%s", delta, unit, (delta == 1)? "":"s");
+}
+
+/**
+ * register printf() handlers for time_t
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_TIME, print_time, arginfo_ptr_alt_ptr_int);
+ register_printf_function(PRINTF_TIME_DELTA, print_time_delta, arginfo_ptr_ptr);
+}
diff --git a/src/libstrongswan/library.h b/src/libstrongswan/library.h
new file mode 100644
index 000000000..7c7f087f0
--- /dev/null
+++ b/src/libstrongswan/library.h
@@ -0,0 +1,301 @@
+/**
+ * @file library.h
+ *
+ * @brief Helper functions and definitions.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef LIBRARY_H_
+#define LIBRARY_H_
+
+/**
+ * @defgroup libstrongswan libstrongswan
+ *
+ * libstrongswan: library with various crypto related things.
+ */
+
+/**
+ * @defgroup asn1 asn1
+ *
+ * ASN1 definitions, parser and generator functions.
+ *
+ * @ingroup libstrongswan
+ */
+
+/**
+ * @defgroup crypto crypto
+ *
+ * Crypto algorithms of different kind.
+ *
+ * @ingroup libstrongswan
+ */
+
+/**
+ * @defgroup crypters crypters
+ *
+ * Symmetric encryption algorithms, used for
+ * encryption and decryption.
+ *
+ * @ingroup crypto
+ */
+
+/**
+ * @defgroup hashers hashers
+ *
+ * Hashing algorithms, such as MD5 or SHA1
+ *
+ * @ingroup crypto
+ */
+
+/**
+ * @defgroup prfs prfs
+ *
+ * Pseudo random functions, used to generate
+ * pseude random byte sequences.
+ *
+ * @ingroup crypto
+ */
+
+/**
+ * @defgroup rsa rsa
+ *
+ * RSA private/public key algorithm.
+ *
+ * @ingroup crypto
+ */
+
+/**
+ * @defgroup signers signers
+ *
+ * Symmetric signing algorithms,
+ * used to ensure message integrity.
+ *
+ * @ingroup crypto
+ */
+
+/**
+ * @defgroup utils utils
+ *
+ * Generic helper classes.
+ *
+ * @ingroup libstrongswan
+ */
+
+#include <gmp.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <stddef.h>
+#include <printf.h>
+
+#include <enum.h>
+
+/**
+ * Number of bits in a byte
+ */
+#define BITS_PER_BYTE 8
+
+/**
+ * Default length for various auxiliary text buffers
+ */
+#define BUF_LEN 512
+
+/**
+ * Macro compares two strings for equality
+ */
+#define streq(x,y) (strcmp(x, y) == 0)
+
+/**
+ * Macro compares two binary blobs for equality
+ */
+#define memeq(x,y,len) (memcmp(x, y, len) == 0)
+
+/**
+ * Macro gives back larger of two values.
+ */
+#define max(x,y) ((x) > (y) ? (x):(y))
+
+/**
+ * Macro gives back smaller of two values.
+ */
+#define min(x,y) ((x) < (y) ? (x):(y))
+
+/**
+ * Call destructor of a object if object != NULL
+ */
+#define DESTROY_IF(obj) if (obj) obj->destroy(obj)
+
+/**
+ * Debug macro to follow control flow
+ */
+#define POS printf("%s, line %d\n", __FILE__, __LINE__)
+
+/**
+ * Macro to allocate a sized type.
+ */
+#define malloc_thing(thing) ((thing*)malloc(sizeof(thing)))
+
+/**
+ * Assign a function as a class method
+ */
+#define ASSIGN(method, function) (method = (typeof(method))function)
+
+/**
+ * time_t not defined
+ */
+#define UNDEFINED_TIME 0
+
+/**
+ * General purpose boolean type.
+ */
+typedef int bool;
+#define FALSE 0
+#define TRUE 1
+
+typedef enum status_t status_t;
+
+/**
+ * Return values of function calls.
+ */
+enum status_t {
+ /**
+ * Call succeeded.
+ */
+ SUCCESS,
+
+ /**
+ * Call failed.
+ */
+ FAILED,
+
+ /**
+ * Out of resources.
+ */
+ OUT_OF_RES,
+
+ /**
+ * The suggested operation is already done
+ */
+ ALREADY_DONE,
+
+ /**
+ * Not supported.
+ */
+ NOT_SUPPORTED,
+
+ /**
+ * One of the arguments is invalid.
+ */
+ INVALID_ARG,
+
+ /**
+ * Something could not be found.
+ */
+ NOT_FOUND,
+
+ /**
+ * Error while parsing.
+ */
+ PARSE_ERROR,
+
+ /**
+ * Error while verifying.
+ */
+ VERIFY_ERROR,
+
+ /**
+ * Object in invalid state.
+ */
+ INVALID_STATE,
+
+ /**
+ * Destroy object which called method belongs to.
+ */
+ DESTROY_ME,
+
+ /**
+ * Another call to the method is required.
+ */
+ NEED_MORE,
+};
+
+/**
+ * enum_names for type status_t.
+ */
+extern enum_name_t *status_names;
+
+/**
+ * deprecated pluto style return value:
+ * error message, NULL for success
+ */
+typedef const char *err_t;
+
+/**
+ * Handle struct timeval like an own type.
+ */
+typedef struct timeval timeval_t;
+
+/**
+ * Handle struct timespec like an own type.
+ */
+typedef struct timespec timespec_t;
+
+/**
+ * Handle struct chunk_t like an own type.
+ */
+typedef struct sockaddr sockaddr_t;
+
+/**
+ * Clone a data to a newly allocated buffer
+ */
+void *clalloc(void *pointer, size_t size);
+
+/**
+ * Same as memcpy, but XORs src into dst instead of copy
+ */
+void memxor(u_int8_t dest[], u_int8_t src[], size_t n);
+
+/**
+ * Special type to count references
+ */
+typedef volatile u_int refcount_t;
+
+/**
+ * @brief Get a new reference.
+ *
+ * Increments the reference counter atomic.
+ *
+ * @param ref pointer to ref counter
+ */
+void ref_get(refcount_t *ref);
+
+/**
+ * @brief Put back a unused reference.
+ *
+ * Decrements the reference counter atomic and
+ * says if more references available.
+ *
+ * @param ref pointer to ref counter
+ * @return TRUE if no more references counted
+ */
+bool ref_put(refcount_t *ref);
+
+
+#include <chunk.h>
+#include <printf_hook.h>
+
+#endif /* LIBRARY_H_ */
diff --git a/src/libstrongswan/printf_hook.c b/src/libstrongswan/printf_hook.c
new file mode 100644
index 000000000..0407e8c82
--- /dev/null
+++ b/src/libstrongswan/printf_hook.c
@@ -0,0 +1,118 @@
+/**
+ * @file printf_hook.c
+ *
+ * @brief Printf hook definitions and arginfo functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include "printf_hook.h"
+
+/**
+ * arginfo handler in printf() pointer
+ */
+int arginfo_ptr(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (n > 0)
+ {
+ argtypes[0] = PA_POINTER;
+ }
+ return 1;
+}
+
+/**
+ * arginfo handler for two prt arguments
+ */
+int arginfo_ptr_ptr(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (n > 1)
+ {
+ argtypes[0] = PA_POINTER;
+ argtypes[1] = PA_POINTER;
+ }
+ return 2;
+}
+
+/**
+ * arginfo handler for one ptr, one int
+ */
+int arginfo_ptr_int(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (n > 1)
+ {
+ argtypes[0] = PA_POINTER;
+ argtypes[1] = PA_INT;
+ }
+ return 2;
+}
+
+/**
+ * arginfo handler for two int arguments
+ */
+int arginfo_int_int(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (n > 1)
+ {
+ argtypes[0] = PA_INT;
+ argtypes[1] = PA_INT;
+ }
+ return 2;
+}
+
+/**
+ * special arginfo handler respecting alt flag
+ */
+int arginfo_int_alt_int_int(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (info->alt)
+ {
+ if (n > 1)
+ {
+ argtypes[0] = PA_INT;
+ argtypes[1] = PA_INT;
+ }
+ return 2;
+ }
+
+ if (n > 0)
+ {
+ argtypes[0] = PA_INT;
+ }
+ return 1;
+}
+
+/**
+ * special arginfo handler respecting alt flag
+ */
+int arginfo_ptr_alt_ptr_int(const struct printf_info *info, size_t n, int *argtypes)
+{
+ if (info->alt)
+ {
+ if (n > 1)
+ {
+ argtypes[0] = PA_POINTER;
+ argtypes[1] = PA_INT;
+ }
+ return 2;
+ }
+
+ if (n > 0)
+ {
+ argtypes[0] = PA_POINTER;
+ }
+ return 1;
+}
diff --git a/src/libstrongswan/printf_hook.h b/src/libstrongswan/printf_hook.h
new file mode 100644
index 000000000..45184a8f0
--- /dev/null
+++ b/src/libstrongswan/printf_hook.h
@@ -0,0 +1,76 @@
+/**
+ * @file printf_hook.h
+ *
+ * @brief Printf hook definitions and arginfo functions.
+ *
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRINTF_HOOK_H_
+#define PRINTF_HOOK_H_
+
+#include <printf.h>
+
+/**
+ * Printf() hook characters.
+ * We define all characters here to have them on a central place.
+ */
+
+/** 2 arguments: u_char *buffer, int size */
+#define PRINTF_BYTES 'b'
+/** 1 argument: chunk_t *chunk; use #-modifier to print inline */
+#define PRINTF_CHUNK 'B'
+/** 1 argument: identification_t *id */
+#define PRINTF_IDENTIFICATION 'D'
+/** 1 argumnet: host_t *host; use #-modifier to include port number */
+#define PRINTF_HOST 'H'
+/** 1 argument: ike_sa_id_t *id */
+#define PRINTF_IKE_SA_ID 'J'
+/** 1 argument: ike_sa_t *ike_sa */
+#define PRINTF_IKE_SA 'K'
+/** 1 argument: message_t *message */
+#define PRINTF_MESSAGE 'M'
+/** 2 arguments: enum_name_t *name, long value */
+#define PRINTF_ENUM 'N'
+/** 1 argument: child_sa_t *child_sa */
+#define PRINTF_CHILD_SA 'P'
+/** 1 argument: traffic_selector_t *ts */
+#define PRINTF_TRAFFIC_SELECTOR 'R'
+/** 1 argument: time_t *time; with #-modifier 2 arguments: time_t *time, bool utc */
+#define PRINTF_TIME 'T'
+/** 1 argument: x509_t *cert; with #-modifier 2 arguments: x509_t *cert, bool utc */
+#define PRINTF_X509 'Q'
+/** 1 argument: crl_t *crl; with #-modifier 2 arguments: crl_t *crl, bool utc */
+#define PRINTF_CRL 'U'
+/** 2 arguments: time_t *begin, time_t *end */
+#define PRINTF_TIME_DELTA 'V'
+/** 1 argument: ca_info_t *ca_info; with #-modifier 2 arguments: ca_info_t *ca_info, bool utc */
+#define PRINTF_CAINFO 'W'
+/** 1 argument: certinfo_t *certinfo; with #-modifier 2 arguments: certinfo_t *certinfo, bool utc */
+#define PRINTF_CERTINFO 'Y'
+
+/**
+ * Generic arginfo handlers for printf() hooks
+ */
+int arginfo_ptr(const struct printf_info *info, size_t n, int *argtypes);
+int arginfo_ptr_ptr(const struct printf_info *info, size_t n, int *argtypes);
+int arginfo_ptr_int(const struct printf_info *info, size_t n, int *argtypes);
+int arginfo_int_int(const struct printf_info *info, size_t n, int *argtypes);
+int arginfo_ptr_alt_ptr_int(const struct printf_info *info, size_t n, int *argtypes);
+int arginfo_int_alt_int_int(const struct printf_info *info, size_t n, int *argtypes);
+
+#endif /* PRINTF_HOOK_H_ */
diff --git a/src/libstrongswan/utils/fetcher.c b/src/libstrongswan/utils/fetcher.c
new file mode 100644
index 000000000..6165cc1e1
--- /dev/null
+++ b/src/libstrongswan/utils/fetcher.c
@@ -0,0 +1,421 @@
+/**
+ * @file fetcher.c
+ *
+ * @brief Implementation of fetcher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <fetcher://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifdef LIBCURL
+#include <curl/curl.h>
+#endif /* LIBCURL */
+
+#ifdef LIBLDAP
+#include <ldap.h>
+#endif /* LIBLDAP */
+
+#include <library.h>
+#include <debug.h>
+
+#include "fetcher.h"
+
+typedef struct private_fetcher_t private_fetcher_t;
+
+/**
+ * @brief Private Data of a fetcher_t object.
+ */
+struct private_fetcher_t {
+ /**
+ * Public data
+ */
+ fetcher_t public;
+
+ /**
+ * URI of the information source
+ */
+ const char *uri;
+
+#ifdef LIBCURL
+ /**
+ * we use libcurl from http://curl.haxx.se/ as a fetcher
+ */
+ CURL* curl;
+#endif /* LIBCURL */
+
+#ifdef LIBLDAP
+ /**
+ * we use libldap from http://www.openssl.org/ as a fetcher
+ */
+ LDAP *ldap;
+ LDAPURLDesc *lurl;
+#endif /* LIBLDAP */
+};
+
+/**
+ * writes data into a dynamically resizeable chunk_t
+ * needed for libcurl responses
+ */
+static size_t curl_write_buffer(void *ptr, size_t size, size_t nmemb, void *data)
+{
+ size_t realsize = size * nmemb;
+ chunk_t *mem = (chunk_t*)data;
+
+ mem->ptr = (u_char *)realloc(mem->ptr, mem->len + realsize);
+ if (mem->ptr) {
+ memcpy(&(mem->ptr[mem->len]), ptr, realsize);
+ mem->len += realsize;
+ }
+ return realsize;
+}
+
+/**
+ * Implements fetcher_t.get for curl methods
+ */
+static chunk_t curl_get(private_fetcher_t *this)
+{
+ chunk_t response = chunk_empty;
+
+#ifdef LIBCURL
+ if (this->curl)
+ {
+ CURLcode res;
+ chunk_t curl_response = chunk_empty;
+ char curl_error_buffer[CURL_ERROR_SIZE];
+
+ curl_easy_setopt(this->curl, CURLOPT_URL, this->uri);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, curl_write_buffer);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void *)&curl_response);
+ curl_easy_setopt(this->curl, CURLOPT_ERRORBUFFER, &curl_error_buffer);
+ curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE);
+ curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, FETCHER_TIMEOUT);
+ curl_easy_setopt(this->curl, CURLOPT_NOSIGNAL, TRUE);
+
+ DBG1("sending curl request to '%s'...", this->uri);
+ res = curl_easy_perform(this->curl);
+
+ if (res == CURLE_OK)
+ {
+ DBG1("received valid curl response");
+ response = chunk_clone(curl_response);
+ }
+ else
+ {
+ DBG1("curl request failed: %s", curl_error_buffer);
+ }
+ curl_free(curl_response.ptr);
+ }
+#else
+ DBG1("warning: libcurl fetching not compiled in");
+#endif /* LIBCURL */
+ return response;
+}
+
+/**
+ * Implements fetcher_t.post.
+ */
+static chunk_t http_post(private_fetcher_t *this, const char *request_type, chunk_t request)
+{
+ chunk_t response = chunk_empty;
+
+#ifdef LIBCURL
+ if (this->curl)
+ {
+ CURLcode res;
+ struct curl_slist *headers = NULL;
+ chunk_t curl_response = chunk_empty;
+ char curl_error_buffer[CURL_ERROR_SIZE];
+ char content_type[BUF_LEN];
+
+ /* set content type header */
+ snprintf(content_type, BUF_LEN, "Content-Type: %s", request_type);
+ headers = curl_slist_append(headers, content_type);
+
+ /* set options */
+ curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, headers);
+ curl_easy_setopt(this->curl, CURLOPT_URL, this->uri);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, curl_write_buffer);
+ curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void *)&curl_response);
+ curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, request.ptr);
+ curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, request.len);
+ curl_easy_setopt(this->curl, CURLOPT_ERRORBUFFER, &curl_error_buffer);
+ curl_easy_setopt(this->curl, CURLOPT_FAILONERROR, TRUE);
+ curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, FETCHER_TIMEOUT);
+ curl_easy_setopt(this->curl, CURLOPT_NOSIGNAL, TRUE);
+
+ DBG1("sending http post request to '%s'...", this->uri);
+ res = curl_easy_perform(this->curl);
+
+ if (res == CURLE_OK)
+ {
+ DBG1("received valid http response");
+ response = chunk_clone(curl_response);
+ }
+ else
+ {
+ DBG1("http post request using libcurl failed: %s", curl_error_buffer);
+ }
+ curl_slist_free_all(headers);
+ curl_free(curl_response.ptr);
+ }
+#else
+ DBG1("warning: libcurl fetching not compiled in");
+#endif /* LIBCURL */
+ return response;
+}
+
+#ifdef LIBLDAP
+/**
+ * Parses the result returned by an ldap query
+ */
+static chunk_t ldap_parse(LDAP *ldap, LDAPMessage *result)
+{
+ chunk_t response = chunk_empty;
+ err_t ugh = NULL;
+
+ LDAPMessage *entry = ldap_first_entry(ldap, result);
+
+ if (entry != NULL)
+ {
+ BerElement *ber = NULL;
+ char *attr;
+
+ attr = ldap_first_attribute(ldap, entry, &ber);
+
+ if (attr != NULL)
+ {
+ struct berval **values = ldap_get_values_len(ldap, entry, attr);
+
+ if (values != NULL)
+ {
+ if (values[0] != NULL)
+ {
+ response.len = values[0]->bv_len;
+ response.ptr = malloc(response.len);
+ memcpy(response.ptr, values[0]->bv_val, response.len);
+
+ if (values[1] != NULL)
+ {
+ ugh = "more than one value was fetched - first selected";
+ }
+ }
+ else
+ {
+ ugh = "no values in attribute";
+ }
+ ldap_value_free_len(values);
+ }
+ else
+ {
+ ugh = ldap_err2string(ldap_result2error(ldap, entry, 0));
+ }
+ ldap_memfree(attr);
+ }
+ else
+ {
+ ugh = ldap_err2string(ldap_result2error(ldap, entry, 0));
+ }
+ ber_free(ber, 0);
+ }
+ else
+ {
+ ugh = ldap_err2string(ldap_result2error(ldap, result, 0));
+ }
+ if (ugh)
+ {
+ DBG1("ldap request failed: %s", ugh);
+ }
+ return response;
+}
+#endif /* LIBLDAP */
+
+/**
+ * Implements fetcher_t.get for curl methods
+ */
+static chunk_t ldap_get(private_fetcher_t *this)
+{
+ chunk_t response = chunk_empty;
+
+#ifdef LIBLDAP
+ if (this->ldap)
+ {
+ err_t ugh = NULL;
+ int rc;
+ int ldap_version = LDAP_VERSION3;
+
+ struct timeval timeout;
+
+ timeout.tv_sec = FETCHER_TIMEOUT;
+ timeout.tv_usec = 0;
+
+ ldap_set_option(this->ldap, LDAP_OPT_PROTOCOL_VERSION, &ldap_version);
+ ldap_set_option(this->ldap, LDAP_OPT_NETWORK_TIMEOUT, &timeout);
+
+ DBG1("sending ldap request to '%s'...", this->uri);
+
+ rc = ldap_simple_bind_s(this->ldap, NULL, NULL);
+ if (rc == LDAP_SUCCESS)
+ {
+ LDAPMessage *result;
+
+ timeout.tv_sec = FETCHER_TIMEOUT;
+ timeout.tv_usec = 0;
+
+ rc = ldap_search_st(this->ldap, this->lurl->lud_dn,
+ this->lurl->lud_scope,
+ this->lurl->lud_filter,
+ this->lurl->lud_attrs,
+ 0, &timeout, &result);
+
+ if (rc == LDAP_SUCCESS)
+ {
+ response = ldap_parse(this->ldap, result);
+ if (response.ptr)
+ {
+ DBG1("received valid ldap response");
+ }
+ ldap_msgfree(result);
+ }
+ else
+ {
+ ugh = ldap_err2string(rc);
+ }
+ }
+ else
+ {
+ ugh = ldap_err2string(rc);
+ }
+ ldap_unbind_s(this->ldap);
+
+ if (ugh)
+ {
+ DBG1("ldap request failed: %s", ugh);
+ }
+ }
+#else /* !LIBLDAP */
+ DBG1("warning: libldap fetching not compiled in");
+#endif /* !LIBLDAP */
+ return response;
+}
+
+/**
+ * Implements fetcher_t.destroy
+ */
+static void destroy(private_fetcher_t *this)
+{
+#ifdef LIBCURL
+ if (this->curl)
+ {
+ curl_easy_cleanup(this->curl);
+ }
+#endif /* LIBCURL */
+
+#ifdef LIBLDAP
+ if (this->lurl)
+ {
+ ldap_free_urldesc(this->lurl);
+ }
+#endif /* LIBLDAP */
+
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+fetcher_t *fetcher_create(const char *uri)
+{
+ private_fetcher_t *this = malloc_thing(private_fetcher_t);
+
+ /* initialize */
+ this->uri = uri;
+
+#ifdef LIBCURL
+ this->curl = NULL;
+#endif /* LIBCURL */
+
+#ifdef LIBLDAP
+ this->lurl = NULL;
+ this->ldap = NULL;
+#endif /* LIBLDAP */
+
+ if (strlen(uri) >= 4 && strncasecmp(uri, "ldap", 4) == 0)
+ {
+#ifdef LIBLDAP
+ int rc = ldap_url_parse(uri, &this->lurl);
+
+ if (rc == LDAP_SUCCESS)
+ {
+ this->ldap = ldap_init(this->lurl->lud_host,
+ this->lurl->lud_port);
+ }
+ else
+ {
+ DBG1("ldap: %s", ldap_err2string(rc));
+ this->ldap = NULL;
+ }
+#endif /* LIBLDAP */
+ this->public.get = (chunk_t (*) (fetcher_t*))ldap_get;
+ }
+ else
+ {
+#ifdef LIBCURL
+ this->curl = curl_easy_init();
+ if (this->curl == NULL)
+ {
+ DBG1("curl_easy_init_failed()");
+ }
+#endif /* LIBCURL */
+ this->public.get = (chunk_t (*) (fetcher_t*))curl_get;
+ }
+
+ /* public functions */
+ this->public.post = (chunk_t (*) (fetcher_t*,const char*,chunk_t))http_post;
+ this->public.destroy = (void (*) (fetcher_t*))destroy;
+
+ return &this->public;
+}
+
+/**
+ * Described in header.
+ */
+void fetcher_initialize(void)
+{
+#ifdef LIBCURL
+ CURLcode res;
+
+ /* initialize libcurl */
+ DBG1("initializing libcurl");
+ res = curl_global_init(CURL_GLOBAL_NOTHING);
+ if (res != CURLE_OK)
+ {
+ DBG1("libcurl could not be initialized: %s", curl_easy_strerror(res));
+ }
+#endif /* LIBCURL */
+}
+
+/**
+ * Described in header.
+ */
+void fetcher_finalize(void)
+{
+#ifdef LIBCURL
+ /* finalize libcurl */
+ DBG1("finalizing libcurl");
+ curl_global_cleanup();
+#endif /* LIBCURL */
+}
+
diff --git a/src/libstrongswan/utils/fetcher.h b/src/libstrongswan/utils/fetcher.h
new file mode 100644
index 000000000..47b43a0b7
--- /dev/null
+++ b/src/libstrongswan/utils/fetcher.h
@@ -0,0 +1,95 @@
+/**
+ * @file fetcher.h
+ *
+ * @brief Interface of fetcher_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2007 Andreas Steffen
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <fetcher://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef FETCHER_H_
+#define FETCHER_H_
+
+typedef struct fetcher_t fetcher_t;
+
+#include <chunk.h>
+
+#define FETCHER_TIMEOUT 10 /* seconds */
+
+/**
+ * @brief Fetches information from an URI (http, file, ftp, etc.)
+ *
+ * @ingroup utils
+ */
+struct fetcher_t {
+
+ /**
+ * @brief Get information via a get request.
+ *
+ * @param this calling object
+ * @param uri uri specifying the information source
+ * @return chunk_t containing the information
+ */
+ chunk_t (*get) (fetcher_t *this);
+
+ /**
+ * @brief Get information via a get request.
+ *
+ * @param this calling object
+ * @param uri uri specifying the information source
+ * @param type content type of http post request
+ * @param request binary data for http post request
+ * @return chunk_t containing the information
+ */
+ chunk_t (*post) (fetcher_t *this, const char *type, chunk_t request);
+
+ /**
+ * @brief Destroys the fetcher_t object.
+ *
+ * @param this fetcher_t to destroy
+ */
+ void (*destroy) (fetcher_t *this);
+
+};
+
+/**
+ * @brief Create a fetcher_t object.
+ *
+ * @return created fetcher_t object
+ *
+ * @ingroup utils
+ */
+fetcher_t* fetcher_create(const char *uri);
+
+/**
+ * @brief Initializes the fetcher_t class
+ *
+ * call this function only once in the main program
+ *
+ * @ingroup utils
+ */
+void fetcher_initialize(void);
+
+/**
+ * @brief Finalizes the fetcher_t class
+ *
+ * call this function only once befor exiting the main program
+ *
+ * @ingroup utils
+ */
+void fetcher_finalize(void);
+
+#endif /*FETCHER_H_*/
diff --git a/src/libstrongswan/utils/host.c b/src/libstrongswan/utils/host.c
new file mode 100644
index 000000000..8cbfd6ab8
--- /dev/null
+++ b/src/libstrongswan/utils/host.c
@@ -0,0 +1,526 @@
+/**
+ * @file host.c
+ *
+ * @brief Implementation of host_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006-2007 Tobias Brunner
+ * Copyright (C) 2006 Daniel Roethlisberger
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <printf.h>
+
+#include "host.h"
+
+
+typedef struct private_host_t private_host_t;
+
+/**
+ * @brief Private Data of a host object.
+ */
+struct private_host_t {
+ /**
+ * Public data
+ */
+ host_t public;
+
+ /**
+ * low-lewel structure, wich stores the address
+ */
+ union {
+ /** generic type */
+ struct sockaddr address;
+ /** maximum sockaddr size */
+ struct sockaddr_storage address_max;
+ /** IPv4 address */
+ struct sockaddr_in address4;
+ /** IPv6 address */
+ struct sockaddr_in6 address6;
+ };
+ /**
+ * length of address structure
+ */
+ socklen_t socklen;
+};
+
+
+/**
+ * implements host_t.get_sockaddr
+ */
+static sockaddr_t *get_sockaddr(private_host_t *this)
+{
+ return &(this->address);
+}
+
+/**
+ * implements host_t.get_sockaddr_len
+ */
+static socklen_t *get_sockaddr_len(private_host_t *this)
+{
+ return &(this->socklen);
+}
+
+/**
+ * Implementation of host_t.is_anyaddr.
+ */
+static bool is_anyaddr(private_host_t *this)
+{
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ u_int8_t default_route[4];
+ memset(default_route, 0, sizeof(default_route));
+ return memeq(default_route, &(this->address4.sin_addr.s_addr),
+ sizeof(default_route));
+ }
+ case AF_INET6:
+ {
+ u_int8_t default_route[16];
+ memset(default_route, 0, sizeof(default_route));
+ return memeq(default_route, &(this->address6.sin6_addr.s6_addr),
+ sizeof(default_route));
+ }
+ default:
+ {
+ return FALSE;
+ }
+ }
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_host_t *this = *((private_host_t**)(args[0]));
+ char buffer[INET6_ADDRSTRLEN];
+ void *address;
+ u_int16_t port;
+
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ if (is_anyaddr(this))
+ {
+ return fprintf(stream, "%%any");
+ }
+
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ address = &this->address4.sin_addr;
+ port = this->address4.sin_port;
+ break;
+ case AF_INET6:
+ address = &this->address6.sin6_addr;
+ port = this->address6.sin6_port;
+ break;
+ default:
+ return fprintf(stream, "(family not supported)");
+ }
+
+ if (inet_ntop(this->address.sa_family, address,
+ buffer, sizeof(buffer)) == NULL)
+ {
+ return fprintf(stream, "(address conversion failed)");
+ }
+
+ if (info->alt)
+ {
+ return fprintf(stream, "%s[%d]", buffer, ntohs(port));
+ }
+ else
+ {
+ return fprintf(stream, "%s", buffer);
+ }
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_HOST, print, arginfo_ptr);
+}
+
+/**
+ * Implementation of host_t.get_address.
+ */
+static chunk_t get_address(private_host_t *this)
+{
+ chunk_t address = chunk_empty;
+
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ address.ptr = (char*)&(this->address4.sin_addr.s_addr);
+ address.len = 4;
+ return address;
+ }
+ case AF_INET6:
+ {
+ address.ptr = (char*)&(this->address6.sin6_addr.s6_addr);
+ address.len = 16;
+ return address;
+ }
+ default:
+ {
+ /* return empty chunk */
+ return address;
+ }
+ }
+}
+
+/**
+ * implements host_t.get_family
+ */
+static int get_family(private_host_t *this)
+{
+ return this->address.sa_family;
+}
+
+/**
+ * implements host_t.get_port
+ */
+static u_int16_t get_port(private_host_t *this)
+{
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ return ntohs(this->address4.sin_port);
+ }
+ case AF_INET6:
+ {
+ return ntohs(this->address6.sin6_port);
+ }
+ default:
+ {
+ return 0;
+ }
+ }
+}
+
+/**
+ * implements host_t.set_port
+ */
+static void set_port(private_host_t *this, u_int16_t port)
+{
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ this->address4.sin_port = htons(port);
+ break;
+ }
+ case AF_INET6:
+ {
+ this->address6.sin6_port = htons(port);
+ break;
+ }
+ default:
+ {
+ break;
+ }
+ }
+}
+
+/**
+ * Implements host_t.clone.
+ */
+static private_host_t *clone_(private_host_t *this)
+{
+ private_host_t *new = malloc_thing(private_host_t);
+
+ memcpy(new, this, sizeof(private_host_t));
+ return new;
+}
+
+/**
+ * Impelements host_t.ip_equals
+ */
+static bool ip_equals(private_host_t *this, private_host_t *other)
+{
+ if (this->address.sa_family != other->address.sa_family)
+ {
+ /* 0.0.0.0 and ::0 are equal */
+ if (is_anyaddr(this) && is_anyaddr(other))
+ {
+ return TRUE;
+ }
+
+ return FALSE;
+ }
+
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ if (memeq(&this->address4.sin_addr, &other->address4.sin_addr,
+ sizeof(this->address4.sin_addr)))
+ {
+ return TRUE;
+ }
+ break;
+ }
+ case AF_INET6:
+ {
+ if (memeq(&this->address6.sin6_addr, &other->address6.sin6_addr,
+ sizeof(this->address6.sin6_addr)))
+ {
+ return TRUE;
+ }
+ }
+ default:
+ break;
+ }
+ return FALSE;
+}
+
+/**
+ * Implements host_t.get_differences
+ */
+static host_diff_t get_differences(host_t *this, host_t *other)
+{
+ host_diff_t ret = HOST_DIFF_NONE;
+
+ if (!this->ip_equals(this, other))
+ {
+ ret |= HOST_DIFF_ADDR;
+ }
+
+ if (this->get_port(this) != other->get_port(other))
+ {
+ ret |= HOST_DIFF_PORT;
+ }
+
+ return ret;
+}
+
+/**
+ * Impelements host_t.equals
+ */
+static bool equals(private_host_t *this, private_host_t *other)
+{
+ if (!ip_equals(this, other))
+ {
+ return FAILED;
+ }
+
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ if (this->address4.sin_port == other->address4.sin_port)
+ {
+ return TRUE;
+ }
+ break;
+ }
+ case AF_INET6:
+ {
+ if (this->address6.sin6_port == other->address6.sin6_port)
+ {
+ return TRUE;
+ }
+ break;
+ }
+ default:
+ break;
+ }
+ return FALSE;
+}
+
+/**
+ * Implements host_t.destroy
+ */
+static void destroy(private_host_t *this)
+{
+ free(this);
+}
+
+/**
+ * Creates an empty host_t object
+ */
+static private_host_t *host_create_empty(void)
+{
+ private_host_t *this = malloc_thing(private_host_t);
+
+ this->public.get_sockaddr = (sockaddr_t* (*) (host_t*))get_sockaddr;
+ this->public.get_sockaddr_len = (socklen_t*(*) (host_t*))get_sockaddr_len;
+ this->public.clone = (host_t* (*) (host_t*))clone_;
+ this->public.get_family = (int (*) (host_t*))get_family;
+ this->public.get_address = (chunk_t (*) (host_t *)) get_address;
+ this->public.get_port = (u_int16_t (*) (host_t *))get_port;
+ this->public.set_port = (void (*) (host_t *,u_int16_t))set_port;
+ this->public.get_differences = get_differences;
+ this->public.ip_equals = (bool (*) (host_t *,host_t *)) ip_equals;
+ this->public.equals = (bool (*) (host_t *,host_t *)) equals;
+ this->public.is_anyaddr = (bool (*) (host_t *)) is_anyaddr;
+ this->public.destroy = (void (*) (host_t*))destroy;
+
+ return this;
+}
+
+/*
+ * Described in header.
+ */
+host_t *host_create_from_string(char *string, u_int16_t port)
+{
+ private_host_t *this = host_create_empty();
+
+ if (strchr(string, '.'))
+ {
+ this->address.sa_family = AF_INET;
+ }
+ else
+ {
+ this->address.sa_family = AF_INET6;
+ }
+
+ switch (this->address.sa_family)
+ {
+ case AF_INET:
+ {
+ if (inet_pton(AF_INET, string, &this->address4.sin_addr) <=0)
+ {
+ break;
+ }
+ this->address4.sin_port = htons(port);
+ this->socklen = sizeof(struct sockaddr_in);
+ return &this->public;
+ }
+ case AF_INET6:
+ {
+ if (inet_pton(AF_INET6, string, &this->address6.sin6_addr) <=0)
+ {
+ break;
+ }
+ this->address6.sin6_port = htons(port);
+ this->socklen = sizeof(struct sockaddr_in6);
+ return &this->public;
+ }
+ default:
+ {
+ break;
+ }
+ }
+ free(this);
+ return NULL;
+}
+
+/*
+ * Described in header.
+ */
+host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port)
+{
+ private_host_t *this = host_create_empty();
+
+ this->address.sa_family = family;
+ switch (family)
+ {
+ case AF_INET:
+ {
+ if (address.len != 4)
+ {
+ break;
+ }
+ memcpy(&(this->address4.sin_addr.s_addr), address.ptr,4);
+ this->address4.sin_port = htons(port);
+ this->socklen = sizeof(struct sockaddr_in);
+ return &(this->public);
+ }
+ case AF_INET6:
+ {
+ if (address.len != 16)
+ {
+ break;
+ }
+ memcpy(&(this->address6.sin6_addr.s6_addr), address.ptr, 16);
+ this->address6.sin6_port = htons(port);
+ this->socklen = sizeof(struct sockaddr_in6);
+ return &this->public;
+ }
+ default:
+ break;
+ }
+ free(this);
+ return NULL;
+}
+
+/*
+ * Described in header.
+ */
+host_t *host_create_from_sockaddr(sockaddr_t *sockaddr)
+{
+ private_host_t *this = host_create_empty();
+
+ switch (sockaddr->sa_family)
+ {
+ case AF_INET:
+ {
+ memcpy(&this->address4, sockaddr, sizeof(struct sockaddr_in));
+ this->socklen = sizeof(struct sockaddr_in);
+ return &this->public;
+ }
+ case AF_INET6:
+ {
+ memcpy(&this->address6, sockaddr, sizeof(struct sockaddr_in6));
+ this->socklen = sizeof(struct sockaddr_in6);
+ return &this->public;
+ }
+ default:
+ break;
+ }
+ free(this);
+ return NULL;
+}
+
+/*
+ * Described in header.
+ */
+host_t *host_create_any(int family)
+{
+ private_host_t *this = host_create_empty();
+
+ memset(&this->address_max, 0, sizeof(struct sockaddr_storage));
+ this->address.sa_family = family;
+
+ switch (family)
+ {
+ case AF_INET:
+ {
+ this->socklen = sizeof(struct sockaddr_in);
+ return &(this->public);
+ }
+ case AF_INET6:
+ {
+ this->socklen = sizeof(struct sockaddr_in6);
+ return &this->public;
+ }
+ default:
+ break;
+ }
+ return NULL;
+}
diff --git a/src/libstrongswan/utils/host.h b/src/libstrongswan/utils/host.h
new file mode 100644
index 000000000..ee9aa457f
--- /dev/null
+++ b/src/libstrongswan/utils/host.h
@@ -0,0 +1,231 @@
+/**
+ * @file host.h
+ *
+ * @brief Interface of host_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2006-2007 Tobias Brunner
+ * Copyright (C) 2006 Daniel Roethlisberger
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef HOST_H_
+#define HOST_H_
+
+typedef enum host_diff_t host_diff_t;
+typedef struct host_t host_t;
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include <library.h>
+
+/**
+ * Differences between two hosts. They differ in
+ * address, port, or both.
+ */
+enum host_diff_t {
+ HOST_DIFF_NONE = 0,
+ HOST_DIFF_ADDR = 1,
+ HOST_DIFF_PORT = 2,
+};
+
+/**
+ * @brief Representates a Host
+ *
+ * Host object, identifies a address:port pair and defines some
+ * useful functions on it.
+ *
+ * @b Constructors:
+ * - host_create()
+ * - host_create_from_chunk()
+ * - host_create_from_sockaddr()
+ *
+ * @todo Add IPv6 support
+ *
+ * @ingroup utils
+ */
+struct host_t {
+
+ /**
+ * @brief Build a clone of this host object.
+ *
+ * @param this object to clone
+ * @return cloned host
+ */
+ host_t *(*clone) (host_t *this);
+
+ /**
+ * @brief Get a pointer to the internal sockaddr struct.
+ *
+ * This is used for sending and receiving via sockets.
+ *
+ * @param this object to clone
+ * @return pointer to the internal sockaddr structure
+ */
+ sockaddr_t *(*get_sockaddr) (host_t *this);
+
+ /**
+ * @brief Get the length of the sockaddr struct.
+ *
+ * Depending on the family, the length of the sockaddr struct
+ * is different. Use this function to get the length of the sockaddr
+ * struct returned by get_sock_addr.
+ *
+ * This is used for sending and receiving via sockets.
+ *
+ * @param this object to clone
+ * @return length of the sockaddr struct
+ */
+ socklen_t *(*get_sockaddr_len) (host_t *this);
+
+ /**
+ * @brief Gets the family of the address
+ *
+ * @param this calling object
+ * @return family
+ */
+ int (*get_family) (host_t *this);
+
+ /**
+ * @brief Checks if the ip address of host is set to default route.
+ *
+ * @param this calling object
+ * @return
+ * - TRUE if host has IP 0.0.0.0 for default route
+ * - FALSE otherwise
+ */
+ bool (*is_anyaddr) (host_t *this);
+
+ /**
+ * @brief get the address of this host as chunk_t
+ *
+ * Returned chunk points to internal data.
+ *
+ * @param this object
+ * @return address string,
+ */
+ chunk_t (*get_address) (host_t *this);
+
+ /**
+ * @brief get the port of this host
+ *
+ * @param this object to clone
+ * @return port number
+ */
+ u_int16_t (*get_port) (host_t *this);
+
+ /**
+ * @brief set the port of this host
+ *
+ * @param this object to clone
+ * @param port port numer
+ */
+ void (*set_port) (host_t *this, u_int16_t port);
+
+ /**
+ * @brief Compare the ips of two hosts hosts.
+ *
+ * @param this object to compare
+ * @param other the other to compare
+ * @return TRUE if addresses are equal.
+ */
+ bool (*ip_equals) (host_t *this, host_t *other);
+
+ /**
+ * @brief Compare two hosts, with port.
+ *
+ * @param this object to compare
+ * @param other the other to compare
+ * @return TRUE if addresses and ports are equal.
+ */
+ bool (*equals) (host_t *this, host_t *other);
+
+ /**
+ * @brief Compare two hosts and return the differences.
+ *
+ * @param this object to compare
+ * @param other the other to compare
+ * @return differences in a combination of host_diff_t's
+ */
+ host_diff_t (*get_differences) (host_t *this, host_t *other);
+
+ /**
+ * @brief Destroy this host object
+ *
+ * @param this calling
+ * @return SUCCESS in any case
+ */
+ void (*destroy) (host_t *this);
+};
+
+/**
+ * @brief Constructor to create a host_t object from an address string.
+ *
+ * @param string string of an address, such as "152.96.193.130"
+ * @param port port number
+ * @return
+ * - host_t object
+ * - NULL, if string not an address.
+ *
+ * @ingroup network
+ */
+host_t *host_create_from_string(char *string, u_int16_t port);
+
+/**
+ * @brief Constructor to create a host_t object from an address chunk
+ *
+ * @param family Address family to use for this object, such as AF_INET or AF_INET6
+ * @param address address as 4 byte chunk_t in networ order
+ * @param port port number
+ * @return
+ * - host_t object
+ * - NULL, if family not supported or chunk_t length not 4 bytes.
+ *
+ * @ingroup network
+ */
+host_t *host_create_from_chunk(int family, chunk_t address, u_int16_t port);
+
+/**
+ * @brief Constructor to create a host_t object from a sockaddr struct
+ *
+ * @param sockaddr sockaddr struct which contains family, address and port
+ * @return
+ * - host_t object
+ * - NULL, if family not supported.
+ *
+ * @ingroup network
+ */
+host_t *host_create_from_sockaddr(sockaddr_t *sockaddr);
+
+/**
+ * @brief Create a host without an address, a "any" host.
+ *
+ * @param family family of the any host
+ * @return
+ * - host_t object
+ * - NULL, if family not supported.
+ *
+ * @ingroup network
+ */
+host_t *host_create_any(int family);
+
+#endif /*HOST_H_*/
diff --git a/src/libstrongswan/utils/identification.c b/src/libstrongswan/utils/identification.c
new file mode 100644
index 000000000..341af39c0
--- /dev/null
+++ b/src/libstrongswan/utils/identification.c
@@ -0,0 +1,1144 @@
+/**
+ * @file identification.c
+ *
+ * @brief Implementation of identification_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#define _GNU_SOURCE
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <string.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <printf.h>
+
+#include "identification.h"
+
+#include <asn1/asn1.h>
+
+ENUM_BEGIN(id_type_names, ID_ANY, ID_KEY_ID,
+ "ID_ANY",
+ "ID_IPV4_ADDR",
+ "ID_FQDN",
+ "ID_RFC822_ADDR",
+ "ID_IPV4_ADDR_SUBNET",
+ "ID_IPV6_ADDR",
+ "ID_IPV6_ADDR_SUBNET",
+ "ID_IPV4_ADDR_RANGE",
+ "ID_IPV6_ADDR_RANGE",
+ "ID_DER_ASN1_DN",
+ "ID_DER_ASN1_GN",
+ "ID_KEY_ID");
+ENUM_NEXT(id_type_names, ID_DER_ASN1_GN_URI, ID_DER_ASN1_GN_URI, ID_KEY_ID,
+ "ID_DER_ASN1_GN_URI");
+ENUM_END(id_type_names, ID_DER_ASN1_GN_URI);
+
+
+/**
+ * X.501 acronyms for well known object identifiers (OIDs)
+ */
+static u_char oid_ND[] = {
+ 0x02, 0x82, 0x06, 0x01, 0x0A, 0x07, 0x14
+};
+static u_char oid_UID[] = {
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01
+};
+static u_char oid_DC[] = {
+ 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19
+};
+static u_char oid_CN[] = {
+ 0x55, 0x04, 0x03
+};
+static u_char oid_S[] = {
+ 0x55, 0x04, 0x04
+};
+static u_char oid_SN[] = {
+ 0x55, 0x04, 0x05
+};
+static u_char oid_C[] = {
+ 0x55, 0x04, 0x06
+};
+static u_char oid_L[] = {
+ 0x55, 0x04, 0x07
+};
+static u_char oid_ST[] = {
+ 0x55, 0x04, 0x08
+};
+static u_char oid_O[] = {
+ 0x55, 0x04, 0x0A
+};
+static u_char oid_OU[] = {
+ 0x55, 0x04, 0x0B
+};
+static u_char oid_T[] = {
+ 0x55, 0x04, 0x0C
+};
+static u_char oid_D[] = {
+ 0x55, 0x04, 0x0D
+};
+static u_char oid_N[] = {
+ 0x55, 0x04, 0x29
+};
+static u_char oid_G[] = {
+ 0x55, 0x04, 0x2A
+};
+static u_char oid_I[] = {
+ 0x55, 0x04, 0x2B
+};
+static u_char oid_ID[] = {
+ 0x55, 0x04, 0x2D
+};
+static u_char oid_EN[] = {
+ 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x42, 0x03, 0x01, 0x03
+};
+static u_char oid_E[] = {
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01
+};
+static u_char oid_UN[] = {
+ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x02
+};
+static u_char oid_TCGID[] = {
+ 0x2B, 0x06, 0x01, 0x04, 0x01, 0x89, 0x31, 0x01, 0x01, 0x02, 0x02, 0x4B
+};
+
+/**
+ * coding of X.501 distinguished name
+ */
+typedef struct {
+ const u_char *name;
+ chunk_t oid;
+ u_char type;
+} x501rdn_t;
+
+static const x501rdn_t x501rdns[] = {
+ {"ND", {oid_ND, 7}, ASN1_PRINTABLESTRING},
+ {"UID", {oid_UID, 10}, ASN1_PRINTABLESTRING},
+ {"DC", {oid_DC, 10}, ASN1_PRINTABLESTRING},
+ {"CN", {oid_CN, 3}, ASN1_PRINTABLESTRING},
+ {"S", {oid_S, 3}, ASN1_PRINTABLESTRING},
+ {"SN", {oid_SN, 3}, ASN1_PRINTABLESTRING},
+ {"serialNumber", {oid_SN, 3}, ASN1_PRINTABLESTRING},
+ {"C", {oid_C, 3}, ASN1_PRINTABLESTRING},
+ {"L", {oid_L, 3}, ASN1_PRINTABLESTRING},
+ {"ST", {oid_ST, 3}, ASN1_PRINTABLESTRING},
+ {"O", {oid_O, 3}, ASN1_PRINTABLESTRING},
+ {"OU", {oid_OU, 3}, ASN1_PRINTABLESTRING},
+ {"T", {oid_T, 3}, ASN1_PRINTABLESTRING},
+ {"D", {oid_D, 3}, ASN1_PRINTABLESTRING},
+ {"N", {oid_N, 3}, ASN1_PRINTABLESTRING},
+ {"G", {oid_G, 3}, ASN1_PRINTABLESTRING},
+ {"I", {oid_I, 3}, ASN1_PRINTABLESTRING},
+ {"ID", {oid_ID, 3}, ASN1_PRINTABLESTRING},
+ {"EN", {oid_EN, 10}, ASN1_PRINTABLESTRING},
+ {"employeeNumber", {oid_EN, 10}, ASN1_PRINTABLESTRING},
+ {"E", {oid_E, 9}, ASN1_IA5STRING},
+ {"Email", {oid_E, 9}, ASN1_IA5STRING},
+ {"emailAddress", {oid_E, 9}, ASN1_IA5STRING},
+ {"UN", {oid_UN, 9}, ASN1_IA5STRING},
+ {"unstructuredName",{oid_UN, 9}, ASN1_IA5STRING},
+ {"TCGID", {oid_TCGID, 12}, ASN1_PRINTABLESTRING}
+};
+#define X501_RDN_ROOF 26
+
+/**
+ * maximum number of RDNs in atodn()
+ */
+#define RDN_MAX 20
+
+
+typedef struct private_identification_t private_identification_t;
+
+/**
+ * Private data of an identification_t object.
+ */
+struct private_identification_t {
+ /**
+ * Public interface.
+ */
+ identification_t public;
+
+ /**
+ * Encoded representation of this ID.
+ */
+ chunk_t encoded;
+
+ /**
+ * Type of this ID.
+ */
+ id_type_t type;
+};
+
+static private_identification_t *identification_create(void);
+
+/**
+ * updates a chunk (!????)
+ * TODO: We should reconsider this stuff, its not really clear
+ */
+static void update_chunk(chunk_t *ch, int n)
+{
+ n = (n > -1 && n < (int)ch->len)? n : (int)ch->len-1;
+ ch->ptr += n; ch->len -= n;
+}
+
+/**
+ * Prints a binary string in hexadecimal form
+ */
+void hex_str(chunk_t bin, chunk_t *str)
+{
+ u_int i;
+ update_chunk(str, snprintf(str->ptr,str->len,"0x"));
+ for (i = 0; i < bin.len; i++)
+ {
+ update_chunk(str, snprintf(str->ptr,str->len,"%02X",*bin.ptr++));
+ }
+}
+
+/**
+ * Remove any malicious characters from a chunk. We are very restrictive, but
+ * whe use these strings only to present it to the user.
+ */
+static chunk_t sanitize_chunk(chunk_t chunk)
+{
+ char *pos;
+ chunk_t clone = chunk_clone(chunk);
+
+ for (pos = clone.ptr; pos < (char*)(clone.ptr + clone.len); pos++)
+ {
+ switch (*pos)
+ {
+ case '\0':
+ case ' ':
+ case '*':
+ case '-':
+ case '.':
+ case '/':
+ case '0' ... '9':
+ case ':':
+ case '=':
+ case '@':
+ case 'A' ... 'Z':
+ case '_':
+ case 'a' ... 'z':
+ break;
+ default:
+ *pos = '?';
+ }
+ }
+ return clone;
+}
+
+/**
+ * Pointer is set to the first RDN in a DN
+ */
+static status_t init_rdn(chunk_t dn, chunk_t *rdn, chunk_t *attribute, bool *next)
+{
+ *rdn = chunk_empty;
+ *attribute = chunk_empty;
+
+ /* a DN is a SEQUENCE OF RDNs */
+ if (*dn.ptr != ASN1_SEQUENCE)
+ {
+ /* DN is not a SEQUENCE */
+ return FAILED;
+ }
+
+ rdn->len = asn1_length(&dn);
+
+ if (rdn->len == ASN1_INVALID_LENGTH)
+ {
+ /* Invalid RDN length */
+ return FAILED;
+ }
+
+ rdn->ptr = dn.ptr;
+
+ /* are there any RDNs ? */
+ *next = rdn->len > 0;
+
+ return SUCCESS;
+}
+
+/**
+ * Fetches the next RDN in a DN
+ */
+static status_t get_next_rdn(chunk_t *rdn, chunk_t * attribute, chunk_t *oid, chunk_t *value, asn1_t *type, bool *next)
+{
+ chunk_t body;
+
+ /* initialize return values */
+ *oid = chunk_empty;
+ *value = chunk_empty;
+
+ /* if all attributes have been parsed, get next rdn */
+ if (attribute->len <= 0)
+ {
+ /* an RDN is a SET OF attributeTypeAndValue */
+ if (*rdn->ptr != ASN1_SET)
+ {
+ /* RDN is not a SET */
+ return FAILED;
+ }
+ attribute->len = asn1_length(rdn);
+ if (attribute->len == ASN1_INVALID_LENGTH)
+ {
+ /* Invalid attribute length */
+ return FAILED;
+ }
+ attribute->ptr = rdn->ptr;
+ /* advance to start of next RDN */
+ rdn->ptr += attribute->len;
+ rdn->len -= attribute->len;
+ }
+
+ /* an attributeTypeAndValue is a SEQUENCE */
+ if (*attribute->ptr != ASN1_SEQUENCE)
+ {
+ /* attributeTypeAndValue is not a SEQUENCE */
+ return FAILED;
+ }
+
+ /* extract the attribute body */
+ body.len = asn1_length(attribute);
+
+ if (body.len == ASN1_INVALID_LENGTH)
+ {
+ /* Invalid attribute body length */
+ return FAILED;
+ }
+
+ body.ptr = attribute->ptr;
+
+ /* advance to start of next attribute */
+ attribute->ptr += body.len;
+ attribute->len -= body.len;
+
+ /* attribute type is an OID */
+ if (*body.ptr != ASN1_OID)
+ {
+ /* attributeType is not an OID */
+ return FAILED;
+ }
+ /* extract OID */
+ oid->len = asn1_length(&body);
+
+ if (oid->len == ASN1_INVALID_LENGTH)
+ {
+ /* Invalid attribute OID length */
+ return FAILED;
+ }
+ oid->ptr = body.ptr;
+
+ /* advance to the attribute value */
+ body.ptr += oid->len;
+ body.len -= oid->len;
+
+ /* extract string type */
+ *type = *body.ptr;
+
+ /* extract string value */
+ value->len = asn1_length(&body);
+
+ if (value->len == ASN1_INVALID_LENGTH)
+ {
+ /* Invalid attribute string length */
+ return FAILED;
+ }
+ value->ptr = body.ptr;
+
+ /* are there any RDNs left? */
+ *next = rdn->len > 0 || attribute->len > 0;
+ return SUCCESS;
+}
+
+/**
+ * Parses an ASN.1 distinguished name int its OID/value pairs
+ */
+static status_t dntoa(chunk_t dn, chunk_t *str)
+{
+ chunk_t rdn, oid, attribute, value, proper;
+ asn1_t type;
+ int oid_code;
+ bool next;
+ bool first = TRUE;
+
+ status_t status = init_rdn(dn, &rdn, &attribute, &next);
+
+ if (status != SUCCESS)
+ return status;
+
+ while (next)
+ {
+ status = get_next_rdn(&rdn, &attribute, &oid, &value, &type, &next);
+
+ if (status != SUCCESS)
+ return status;
+
+ if (first)
+ { /* first OID/value pair */
+ first = FALSE;
+ }
+ else
+ { /* separate OID/value pair by a comma */
+ update_chunk(str, snprintf(str->ptr,str->len,", "));
+ }
+
+ /* print OID */
+ oid_code = known_oid(oid);
+ if (oid_code == OID_UNKNOWN)
+ { /* OID not found in list */
+ hex_str(oid, str);
+ }
+ else
+ {
+ update_chunk(str, snprintf(str->ptr,str->len,"%s", oid_names[oid_code].name));
+ }
+ /* print value */
+ proper = sanitize_chunk(value);
+ update_chunk(str, snprintf(str->ptr,str->len,"=%.*s", (int)proper.len, proper.ptr));
+ chunk_free(&proper);
+ }
+ return SUCCESS;
+}
+
+/**
+ * compare two distinguished names by
+ * comparing the individual RDNs
+ */
+static bool same_dn(chunk_t a, chunk_t b)
+{
+ chunk_t rdn_a, rdn_b, attribute_a, attribute_b;
+ chunk_t oid_a, oid_b, value_a, value_b;
+ asn1_t type_a, type_b;
+ bool next_a, next_b;
+
+ /* same lengths for the DNs */
+ if (a.len != b.len)
+ return FALSE;
+
+ /* try a binary comparison first */
+ if (memeq(a.ptr, b.ptr, b.len))
+ return TRUE;
+
+ /* initialize DN parsing */
+ if (init_rdn(a, &rdn_a, &attribute_a, &next_a) != SUCCESS
+ || init_rdn(b, &rdn_b, &attribute_b, &next_b) != SUCCESS)
+ {
+ return FALSE;
+ }
+
+ /* fetch next RDN pair */
+ while (next_a && next_b)
+ {
+ /* parse next RDNs and check for errors */
+ if (get_next_rdn(&rdn_a, &attribute_a, &oid_a, &value_a, &type_a, &next_a) != SUCCESS
+ || get_next_rdn(&rdn_b, &attribute_b, &oid_b, &value_b, &type_b, &next_b) != SUCCESS)
+ {
+ return FALSE;
+ }
+
+ /* OIDs must agree */
+ if (oid_a.len != oid_b.len || memcmp(oid_a.ptr, oid_b.ptr, oid_b.len) != 0)
+ return FALSE;
+
+ /* same lengths for values */
+ if (value_a.len != value_b.len)
+ return FALSE;
+
+ /* printableStrings and email RDNs require uppercase comparison */
+ if (type_a == type_b && (type_a == ASN1_PRINTABLESTRING
+ || (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL)))
+ {
+ if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ return FALSE;
+ }
+ else
+ {
+ if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ return FALSE;
+ }
+ }
+ /* both DNs must have same number of RDNs */
+ if (next_a || next_b)
+ return FALSE;
+
+ /* the two DNs are equal! */
+ return TRUE;
+}
+
+
+/**
+ * compare two distinguished names by comparing the individual RDNs.
+ * A single'*' character designates a wildcard RDN in DN b.
+ * TODO: Add support for different RDN order in DN !!
+ */
+bool match_dn(chunk_t a, chunk_t b, int *wildcards)
+{
+ chunk_t rdn_a, rdn_b, attribute_a, attribute_b;
+ chunk_t oid_a, oid_b, value_a, value_b;
+ asn1_t type_a, type_b;
+ bool next_a, next_b;
+
+ /* initialize wildcard counter */
+ if (wildcards)
+ {
+ *wildcards = 0;
+ }
+
+ /* initialize DN parsing */
+ if (init_rdn(a, &rdn_a, &attribute_a, &next_a) != SUCCESS
+ || init_rdn(b, &rdn_b, &attribute_b, &next_b) != SUCCESS)
+ {
+ return FALSE;
+ }
+
+ /* fetch next RDN pair */
+ while (next_a && next_b)
+ {
+ /* parse next RDNs and check for errors */
+ if (get_next_rdn(&rdn_a, &attribute_a, &oid_a, &value_a, &type_a, &next_a) != SUCCESS
+ || get_next_rdn(&rdn_b, &attribute_b, &oid_b, &value_b, &type_b, &next_b) != SUCCESS)
+ {
+ return FALSE;
+ }
+ /* OIDs must agree */
+ if (oid_a.len != oid_b.len || memcmp(oid_a.ptr, oid_b.ptr, oid_b.len) != 0)
+ return FALSE;
+
+ /* does rdn_b contain a wildcard? */
+ if (value_b.len == 1 && *value_b.ptr == '*')
+ {
+ if (wildcards)
+ {
+ (*wildcards)++;
+ }
+ continue;
+ }
+ /* same lengths for values */
+ if (value_a.len != value_b.len)
+ return FALSE;
+
+ /* printableStrings and email RDNs require uppercase comparison */
+ if (type_a == type_b && (type_a == ASN1_PRINTABLESTRING
+ || (type_a == ASN1_IA5STRING && known_oid(oid_a) == OID_PKCS9_EMAIL)))
+ {
+ if (strncasecmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ return FALSE;
+ }
+ else
+ {
+ if (strncmp(value_a.ptr, value_b.ptr, value_b.len) != 0)
+ return FALSE;
+ }
+ }
+ /* both DNs must have same number of RDNs */
+ if (next_a || next_b)
+ {
+ return FALSE;
+ }
+
+ /* the two DNs match! */
+ if (wildcards)
+ {
+ *wildcards = min(*wildcards, MAX_WILDCARDS);
+ }
+ return TRUE;
+}
+
+/**
+ * Converts an LDAP-style human-readable ASCII-encoded
+ * ASN.1 distinguished name into binary DER-encoded format
+ */
+static status_t atodn(char *src, chunk_t *dn)
+{
+ /* finite state machine for atodn */
+ typedef enum {
+ SEARCH_OID = 0,
+ READ_OID = 1,
+ SEARCH_NAME = 2,
+ READ_NAME = 3,
+ UNKNOWN_OID = 4
+ } state_t;
+
+ chunk_t oid = chunk_empty;
+ chunk_t name = chunk_empty;
+ chunk_t rdns[RDN_MAX];
+ int rdn_count = 0;
+ int dn_len = 0;
+ int whitespace = 0;
+ int i = 0;
+ asn1_t rdn_type;
+ state_t state = SEARCH_OID;
+ status_t status = SUCCESS;
+
+ do
+ {
+ switch (state)
+ {
+ case SEARCH_OID:
+ if (*src != ' ' && *src != '/' && *src != ',')
+ {
+ oid.ptr = src;
+ oid.len = 1;
+ state = READ_OID;
+ }
+ break;
+ case READ_OID:
+ if (*src != ' ' && *src != '=')
+ {
+ oid.len++;
+ }
+ else
+ {
+ for (i = 0; i < X501_RDN_ROOF; i++)
+ {
+ if (strlen(x501rdns[i].name) == oid.len
+ && strncasecmp(x501rdns[i].name, oid.ptr, oid.len) == 0)
+ {
+ break; /* found a valid OID */
+ }
+ }
+ if (i == X501_RDN_ROOF)
+ {
+ status = NOT_SUPPORTED;
+ state = UNKNOWN_OID;
+ break;
+ }
+ /* reset oid and change state */
+ oid = chunk_empty;
+ state = SEARCH_NAME;
+ }
+ break;
+ case SEARCH_NAME:
+ if (*src != ' ' && *src != '=')
+ {
+ name.ptr = src;
+ name.len = 1;
+ whitespace = 0;
+ state = READ_NAME;
+ }
+ break;
+ case READ_NAME:
+ if (*src != ',' && *src != '/' && *src != '\0')
+ {
+ name.len++;
+ if (*src == ' ')
+ whitespace++;
+ else
+ whitespace = 0;
+ }
+ else
+ {
+ name.len -= whitespace;
+ rdn_type = (x501rdns[i].type == ASN1_PRINTABLESTRING
+ && !is_printablestring(name))? ASN1_T61STRING : x501rdns[i].type;
+
+ if (rdn_count < RDN_MAX)
+ {
+ rdns[rdn_count] =
+ asn1_wrap(ASN1_SET, "m",
+ asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_wrap(ASN1_OID, "c", x501rdns[i].oid),
+ asn1_wrap(rdn_type, "c", name)
+ )
+ );
+ dn_len += rdns[rdn_count++].len;
+ }
+ else
+ {
+ status = OUT_OF_RES;
+ }
+ /* reset name and change state */
+ name = chunk_empty;
+ state = SEARCH_OID;
+ }
+ break;
+ case UNKNOWN_OID:
+ break;
+ }
+ } while (*src++ != '\0');
+
+ /* build the distinguished name sequence */
+ {
+ int i;
+ u_char *pos = build_asn1_object(dn, ASN1_SEQUENCE, dn_len);
+
+ for (i = 0; i < rdn_count; i++)
+ {
+ memcpy(pos, rdns[i].ptr, rdns[i].len);
+ pos += rdns[i].len;
+ free(rdns[i].ptr);
+ }
+ }
+
+ if (status != SUCCESS)
+ {
+ free(dn->ptr);
+ *dn = chunk_empty;
+ }
+ return status;
+}
+
+/**
+ * Implementation of identification_t.get_encoding.
+ */
+static chunk_t get_encoding(private_identification_t *this)
+{
+ return this->encoded;
+}
+
+/**
+ * Implementation of identification_t.get_type.
+ */
+static id_type_t get_type(private_identification_t *this)
+{
+ return this->type;
+}
+
+/**
+ * Implementation of identification_t.contains_wildcards.
+ */
+static bool contains_wildcards(private_identification_t *this)
+{
+ switch (this->type)
+ {
+ case ID_ANY:
+ return TRUE;
+ case ID_FQDN:
+ case ID_RFC822_ADDR:
+ return memchr(this->encoded.ptr, '*', this->encoded.len) != NULL;
+ case ID_DER_ASN1_DN:
+ /* TODO */
+ default:
+ return FALSE;
+
+ }
+}
+
+/**
+ * Default implementation of identification_t.equals.
+ * compares encoded chunk for equality.
+ */
+static bool equals_binary(private_identification_t *this, private_identification_t *other)
+{
+ return this->type == other->type &&
+ chunk_equals(this->encoded, other->encoded);
+}
+
+/**
+ * Special implementation of identification_t.equals for ID_DER_ASN1_DN.
+ */
+static bool equals_dn(private_identification_t *this,
+ private_identification_t *other)
+{
+ return same_dn(this->encoded, other->encoded);
+}
+
+/**
+ * Default implementation of identification_t.matches.
+ */
+static bool matches_binary(private_identification_t *this,
+ private_identification_t *other, int *wildcards)
+{
+ if (other->type == ID_ANY)
+ {
+ if (wildcards)
+ {
+ *wildcards = MAX_WILDCARDS;
+ }
+ return TRUE;
+ }
+ if (wildcards)
+ {
+ *wildcards = 0;
+ }
+ return this->type == other->type &&
+ chunk_equals(this->encoded, other->encoded);
+}
+
+/**
+ * Special implementation of identification_t.matches for ID_RFC822_ADDR/ID_FQDN.
+ * Checks for a wildcard in other-string, and compares it against this-string.
+ */
+static bool matches_string(private_identification_t *this,
+ private_identification_t *other, int *wildcards)
+{
+ u_int len = other->encoded.len;
+
+ if (other->type == ID_ANY)
+ {
+ if (wildcards)
+ {
+ *wildcards = MAX_WILDCARDS;
+ }
+ return TRUE;
+ }
+
+ if (this->type != other->type)
+ return FALSE;
+
+ /* try a binary comparison first */
+ if (equals_binary(this, other))
+ {
+ if (wildcards)
+ {
+ *wildcards = 0;
+ }
+ return TRUE;
+ }
+
+ if (len == 0 || this->encoded.len < len)
+ return FALSE;
+
+ /* check for single wildcard at the head of the string */
+ if (*other->encoded.ptr == '*')
+ {
+ if (wildcards)
+ {
+ *wildcards = 1;
+ }
+
+ /* single asterisk matches any string */
+ if (len-- == 1)
+ return TRUE;
+
+ if (memeq(this->encoded.ptr + this->encoded.len - len, other->encoded.ptr + 1, len))
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+/**
+ * Special implementation of identification_t.matches for ID_ANY.
+ * ANY matches only another ANY, but nothing other
+ */
+static bool matches_any(private_identification_t *this,
+ private_identification_t *other, int *wildcards)
+{
+ if (wildcards)
+ {
+ *wildcards = 0;
+ }
+ return other->type == ID_ANY;
+}
+
+/**
+ * Special implementation of identification_t.matches for ID_DER_ASN1_DN.
+ * ANY matches any, even ANY, thats why its there...
+ */
+static bool matches_dn(private_identification_t *this,
+ private_identification_t *other, int *wildcards)
+{
+ if (other->type == ID_ANY)
+ {
+ if (wildcards)
+ {
+ *wildcards = MAX_WILDCARDS;
+ }
+ return TRUE;
+ }
+
+ if (this->type == other->type)
+ {
+ return match_dn(this->encoded, other->encoded, wildcards);
+ }
+ return FALSE;
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+ const void *const *args)
+{
+ private_identification_t *this = *((private_identification_t**)(args[0]));
+ char buf[BUF_LEN];
+ chunk_t proper, buf_chunk = chunk_from_buf(buf);
+ int written;
+
+ if (this == NULL)
+ {
+ return fprintf(stream, "(null)");
+ }
+
+ switch (this->type)
+ {
+ case ID_ANY:
+ return fprintf(stream, "%%any");
+ case ID_IPV4_ADDR:
+ if (this->encoded.len < sizeof(struct in_addr) ||
+ inet_ntop(AF_INET, this->encoded.ptr, buf, sizeof(buf)) == NULL)
+ {
+ return fprintf(stream, "(invalid ID_IPV4_ADDR)");
+ }
+ else
+ {
+ return fprintf(stream, "%s", buf);
+ }
+ case ID_IPV6_ADDR:
+ if (this->encoded.len < sizeof(struct in6_addr) ||
+ inet_ntop(AF_INET6, this->encoded.ptr, buf, INET6_ADDRSTRLEN) == NULL)
+ {
+ return fprintf(stream, "(invalid ID_IPV6_ADDR)");
+ }
+ else
+ {
+ return fprintf(stream, "%s", buf);
+ }
+ case ID_FQDN:
+ {
+ proper = sanitize_chunk(this->encoded);
+ written = fprintf(stream, "@%.*s", proper.len, proper.ptr);
+ chunk_free(&proper);
+ return written;
+ }
+ case ID_RFC822_ADDR:
+ {
+ proper = sanitize_chunk(this->encoded);
+ written = fprintf(stream, "%.*s", proper.len, proper.ptr);
+ chunk_free(&proper);
+ return written;
+ }
+ case ID_DER_ASN1_DN:
+ {
+ snprintf(buf, sizeof(buf), "%.*s", this->encoded.len, this->encoded.ptr);
+ /* TODO: whats returned on failure?*/
+ dntoa(this->encoded, &buf_chunk);
+ return fprintf(stream, "%s", buf);
+ }
+ case ID_DER_ASN1_GN:
+ return fprintf(stream, "(ASN.1 general Name");
+ case ID_KEY_ID:
+ return fprintf(stream, "(KEY_ID)");
+ case ID_DER_ASN1_GN_URI:
+ {
+ proper = sanitize_chunk(this->encoded);
+ written = fprintf(stream, "%.*s", proper.len, proper.ptr);
+ chunk_free(&proper);
+ return written;
+ }
+ default:
+ return fprintf(stream, "(unknown ID type: %d)", this->type);
+ }
+}
+
+/**
+ * register printf() handlers
+ */
+static void __attribute__ ((constructor))print_register()
+{
+ register_printf_function(PRINTF_IDENTIFICATION, print, arginfo_ptr);
+}
+
+/**
+ * Implementation of identification_t.clone.
+ */
+static identification_t *clone_(private_identification_t *this)
+{
+ private_identification_t *clone = identification_create();
+
+ clone->type = this->type;
+ clone->encoded = chunk_clone(this->encoded);
+ clone->public.equals = this->public.equals;
+ clone->public.matches = this->public.matches;
+
+ return &clone->public;
+}
+
+/**
+ * Implementation of identification_t.destroy.
+ */
+static void destroy(private_identification_t *this)
+{
+ chunk_free(&this->encoded);
+ free(this);
+}
+
+/**
+ * Generic constructor used for the other constructors.
+ */
+static private_identification_t *identification_create(void)
+{
+ private_identification_t *this = malloc_thing(private_identification_t);
+
+ this->public.get_encoding = (chunk_t (*) (identification_t*))get_encoding;
+ this->public.get_type = (id_type_t (*) (identification_t*))get_type;
+ this->public.contains_wildcards = (bool (*) (identification_t *this))contains_wildcards;
+ this->public.clone = (identification_t* (*) (identification_t*))clone_;
+ this->public.destroy = (void (*) (identification_t*))destroy;
+ /* we use these as defaults, the may be overloaded for special ID types */
+ this->public.equals = (bool (*) (identification_t*,identification_t*))equals_binary;
+ this->public.matches = (bool (*) (identification_t*,identification_t*,int*))matches_binary;
+
+ this->encoded = chunk_empty;
+
+ return this;
+}
+
+/*
+ * Described in header.
+ */
+identification_t *identification_create_from_string(char *string)
+{
+ private_identification_t *this = identification_create();
+
+ if (string == NULL)
+ {
+ string = "%any";
+ }
+ if (strchr(string, '=') != NULL)
+ {
+ /* we interpret this as an ASCII X.501 ID_DER_ASN1_DN.
+ * convert from LDAP style or openssl x509 -subject style to ASN.1 DN
+ */
+ if (atodn(string, &this->encoded) != SUCCESS)
+ {
+ free(this);
+ return NULL;
+ }
+ this->type = ID_DER_ASN1_DN;
+ this->public.equals = (bool (*) (identification_t*,identification_t*))equals_dn;
+ this->public.matches = (bool (*) (identification_t*,identification_t*,int*))matches_dn;
+ return &this->public;
+ }
+ else if (strchr(string, '@') == NULL)
+ {
+ if (streq(string, "%any")
+ || streq(string, "0.0.0.0")
+ || streq(string, "*")
+ || streq(string, "::")
+ || streq(string, "0::0"))
+ {
+ /* any ID will be accepted */
+ this->type = ID_ANY;
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_any;
+ return &this->public;
+ }
+ else
+ {
+ if (strchr(string, ':') == NULL)
+ {
+ /* try IPv4 */
+ struct in_addr address;
+ chunk_t chunk = {(void*)&address, sizeof(address)};
+
+ if (inet_pton(AF_INET, string, &address) <= 0)
+ {
+ free(this);
+ return NULL;
+ }
+ this->encoded = chunk_clone(chunk);
+ this->type = ID_IPV4_ADDR;
+ return &(this->public);
+ }
+ else
+ {
+ /* try IPv6 */
+ struct in6_addr address;
+ chunk_t chunk = {(void*)&address, sizeof(address)};
+
+ if (inet_pton(AF_INET6, string, &address) <= 0)
+ {
+ free(this);
+ return NULL;
+ }
+ this->encoded = chunk_clone(chunk);
+ this->type = ID_IPV6_ADDR;
+ return &(this->public);
+ }
+ }
+ }
+ else
+ {
+ if (*string == '@')
+ {
+ if (*(string + 1) == '#')
+ {
+ /* TODO: Pluto handles '#' as hex encoded ID_KEY_ID. */
+ free(this);
+ return NULL;
+ }
+ else
+ {
+ this->type = ID_FQDN;
+ this->encoded.ptr = strdup(string + 1);
+ this->encoded.len = strlen(string + 1);
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_string;
+ return &(this->public);
+ }
+ }
+ else
+ {
+ this->type = ID_RFC822_ADDR;
+ this->encoded.ptr = strdup(string);
+ this->encoded.len = strlen(string);
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_string;
+ return &(this->public);
+ }
+ }
+}
+
+/*
+ * Described in header.
+ */
+identification_t *identification_create_from_encoding(id_type_t type, chunk_t encoded)
+{
+ private_identification_t *this = identification_create();
+ this->type = type;
+ switch (type)
+ {
+ case ID_ANY:
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_any;
+ break;
+ case ID_FQDN:
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_string;
+ break;
+ case ID_RFC822_ADDR:
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_string;
+ break;
+ case ID_DER_ASN1_DN:
+ this->public.equals = (bool (*)
+ (identification_t*,identification_t*))equals_dn;
+ this->public.matches = (bool (*)
+ (identification_t*,identification_t*,int*))matches_dn;
+ break;
+ case ID_IPV4_ADDR:
+ case ID_IPV6_ADDR:
+ case ID_DER_ASN1_GN:
+ case ID_KEY_ID:
+ case ID_DER_ASN1_GN_URI:
+ default:
+ break;
+ }
+
+ /* apply encoded chunk */
+ if (type != ID_ANY)
+ {
+ this->encoded = chunk_clone(encoded);
+ }
+ return &(this->public);
+}
diff --git a/src/libstrongswan/utils/identification.h b/src/libstrongswan/utils/identification.h
new file mode 100644
index 000000000..59c568eaf
--- /dev/null
+++ b/src/libstrongswan/utils/identification.h
@@ -0,0 +1,261 @@
+/**
+ * @file identification.h
+ *
+ * @brief Interface of identification_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+
+#ifndef IDENTIFICATION_H_
+#define IDENTIFICATION_H_
+
+typedef enum id_type_t id_type_t;
+typedef struct identification_t identification_t;
+
+#include <library.h>
+
+#define MAX_WILDCARDS 14
+
+/**
+ * @brief ID Types in a ID payload.
+ *
+ * @ingroup utils
+ */
+enum id_type_t {
+
+ /**
+ * private type which matches any other id.
+ */
+ ID_ANY = 0,
+
+ /**
+ * ID data is a single four (4) octet IPv4 address.
+ */
+ ID_IPV4_ADDR = 1,
+
+ /**
+ * ID data is a fully-qualified domain name string.
+ * An example of a ID_FQDN is "example.com".
+ * The string MUST not contain any terminators (e.g., NULL, CR, etc.).
+ */
+ ID_FQDN = 2,
+
+ /**
+ * ID data is a fully-qualified RFC822 email address string.
+ * An example of an ID_RFC822_ADDR is "jsmith@example.com".
+ * The string MUST NOT contain any terminators.
+ */
+ ID_RFC822_ADDR = 3,
+
+ /**
+ * ID data is an IPv4 subnet (IKEv1 only)
+ */
+ ID_IPV4_ADDR_SUBNET = 4,
+
+ /**
+ * ID data is a single sixteen (16) octet IPv6 address.
+ */
+ ID_IPV6_ADDR = 5,
+
+ /**
+ * ID data is an IPv6 subnet (IKEv1 only)
+ */
+ ID_IPV6_ADDR_SUBNET = 6,
+
+ /**
+ * ID data is an IPv4 address range (IKEv1 only)
+ */
+ ID_IPV4_ADDR_RANGE = 7,
+
+ /**
+ * ID data is an IPv6 address range (IKEv1 only)
+ */
+ ID_IPV6_ADDR_RANGE = 8,
+
+ /**
+ * ID data is the binary DER encoding of an ASN.1 X.501 Distinguished Name
+ */
+ ID_DER_ASN1_DN = 9,
+
+ /**
+ * ID data is the binary DER encoding of an ASN.1 X.509 GeneralName
+ */
+ ID_DER_ASN1_GN = 10,
+
+ /**
+ * ID data is an opaque octet stream which may be used to pass vendor-
+ * specific information necessary to do certain proprietary
+ * types of identification.
+ */
+ ID_KEY_ID = 11,
+
+ /**
+ * private type which represents a GeneralName of type URI
+ */
+ ID_DER_ASN1_GN_URI = 201,
+
+};
+
+/**
+ * enum names for id_type_t.
+ */
+extern enum_name_t *id_type_names;
+
+/**
+ * @brief Generic identification, such as used in ID payload.
+ *
+ * The following types are possible:
+ * - ID_IPV4_ADDR
+ * - ID_FQDN
+ * - ID_RFC822_ADDR
+ * - ID_IPV6_ADDR
+ * - ID_DER_ASN1_DN
+ * - ID_DER_ASN1_GN
+ * - ID_KEY_ID
+ * - ID_DER_ASN1_GN_URI
+ *
+ * @b Constructors:
+ * - identification_create_from_string()
+ * - identification_create_from_encoding()
+ *
+ * @todo Support for ID_DER_ASN1_GN is minimal right now. Comparison
+ * between them and ID_IPV4_ADDR/RFC822_ADDR would be nice.
+ *
+ * @ingroup utils
+ */
+struct identification_t {
+
+ /**
+ * @brief Get the encoding of this id, to send over
+ * the network.
+ *
+ * @warning Result points to internal data, do NOT free!
+ *
+ * @param this the identification_t object
+ * @return a chunk containing the encoded bytes
+ */
+ chunk_t (*get_encoding) (identification_t *this);
+
+ /**
+ * @brief Get the type of this identification.
+ *
+ * @param this the identification_t object
+ * @return id_type_t
+ */
+ id_type_t (*get_type) (identification_t *this);
+
+ /**
+ * @brief Check if two identification_t objects are equal.
+ *
+ * @param this the identification_t object
+ * @param other other identification_t object
+ * @return TRUE if the IDs are equal
+ */
+ bool (*equals) (identification_t *this, identification_t *other);
+
+ /**
+ * @brief Check if an ID matches a wildcard ID.
+ *
+ * An identification_t may contain wildcards, such as
+ * *@strongswan.org. This call checks if a given ID
+ * (e.g. tester@strongswan.org) belongs to a such wildcard
+ * ID. Returns TRUE if
+ * - IDs are identical
+ * - other is of type ID_ANY
+ * - other contains a wildcard and matches this
+ *
+ * @param this the ID without wildcard
+ * @param other the ID containing a wildcard
+ * @param wildcards returns the number of wildcards, may be NULL
+ * @return TRUE if match is found
+ */
+ bool (*matches) (identification_t *this, identification_t *other, int *wildcards);
+
+ /**
+ * @brief Check if an ID is a wildcard ID.
+ *
+ * If the ID represents multiple IDs (with wildcards, or
+ * as the type ID_ANY), TRUE is returned. If it is unique,
+ * FALSE is returned.
+ *
+ * @param this identification_t object
+ * @return TRUE if ID contains wildcards
+ */
+ bool (*contains_wildcards) (identification_t *this);
+
+ /**
+ * @brief Clone a identification_t instance.
+ *
+ * @param this the identification_t object to clone
+ * @return clone of this
+ */
+ identification_t *(*clone) (identification_t *this);
+
+ /**
+ * @brief Destroys a identification_t object.
+ *
+ * @param this identification_t object
+ */
+ void (*destroy) (identification_t *this);
+};
+
+/**
+ * @brief Creates an identification_t object from a string.
+ *
+ * @param string input string, which will be converted
+ * @return
+ * - created identification_t object, or
+ * - NULL if unsupported string supplied.
+ *
+ * The input string may be e.g. one of the following:
+ * - ID_IPV4_ADDR: 192.168.0.1
+ * - ID_IPV6_ADDR: 2001:0db8:85a3:08d3:1319:8a2e:0370:7345
+ * - ID_FQDN: @www.strongswan.org (@indicates FQDN)
+ * - ID_RFC822_ADDR: alice@wonderland.org
+ * - ID_DER_ASN1_DN: C=CH, O=Linux strongSwan, CN=bob
+ *
+ * In favour of pluto, domainnames are prepended with an @, since
+ * pluto resolves domainnames without an @ to IPv4 addresses. Since
+ * we use a seperate host_t class for addresses, this doesn't
+ * make sense for us.
+ *
+ * A distinguished name may contain one or more of the following RDNs:
+ * ND, UID, DC, CN, S, SN, serialNumber, C, L, ST, O, OU, T, D,
+ * N, G, I, ID, EN, EmployeeNumber, E, Email, emailAddress, UN,
+ * unstructuredName, TCGID.
+ *
+ * @ingroup utils
+ */
+identification_t * identification_create_from_string(char *string);
+
+/**
+ * @brief Creates an identification_t object from an encoded chunk.
+ *
+ * @param type type of this id, such as ID_IPV4_ADDR
+ * @param encoded encoded bytes, such as from identification_t.get_encoding
+ * @return identification_t object
+ *
+ * In contrast to identification_create_from_string(), this constructor never
+ * returns NULL, even when the conversion to a string representation fails.
+ *
+ * @ingroup utils
+ */
+identification_t * identification_create_from_encoding(id_type_t type, chunk_t encoded);
+
+#endif /* IDENTIFICATION_H_ */
diff --git a/src/libstrongswan/utils/iterator.h b/src/libstrongswan/utils/iterator.h
new file mode 100644
index 000000000..02a15c534
--- /dev/null
+++ b/src/libstrongswan/utils/iterator.h
@@ -0,0 +1,166 @@
+/**
+ * @file iterator.h
+ *
+ * @brief Interface iterator_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef ITERATOR_H_
+#define ITERATOR_H_
+
+#include <library.h>
+
+/**
+ * @brief Iterator hook function prototype.
+ *
+ * @param param user supplied parameter
+ * @param in the value the hook receives from the iterator
+ * @param out the value supplied as a result to the iterator
+ * @return TRUE to return "out", FALSE to skip this value
+ */
+typedef bool (iterator_hook_t)(void *param, void *in, void **out);
+
+
+typedef struct iterator_t iterator_t;
+
+/**
+ * @brief Iterator interface, allows iteration over collections.
+ *
+ * iterator_t defines an interface for iterating over collections.
+ * It allows searching, deleting, updating and inserting.
+ *
+ * Thanks to JMP for iterator lessons :-)
+ *
+ * @b Constructors:
+ * - via linked_list_t.create_iterator, or
+ * - any other class which supports the iterator_t interface
+ *
+ * @see linked_list_t
+ *
+ * @ingroup utils
+ */
+struct iterator_t {
+
+ /**
+ * @brief Return number of list items.
+ *
+ * @param this calling object
+ * @return number of list items
+ */
+ int (*get_count) (iterator_t *this);
+
+ /**
+ * @brief Iterate over all items.
+ *
+ * The easy way to iterate over items.
+ *
+ * @param this calling object
+ * @param[out] value item
+ * @return
+ * - TRUE, if there was an element available,
+ * - FALSE otherwise
+ */
+ bool (*iterate) (iterator_t *this, void** value);
+
+ /**
+ * @brief Hook a function into the iterator.
+ *
+ * Sometimes it is useful to hook in an iterator. The hook function is
+ * called before any successful return of iterate(). It takes the
+ * iterator value, may manipulate it (or the references object), and returns
+ * the value that the iterate() function returns.
+ * A value of NULL deactivates the iterator hook.
+ *
+ * @param this calling object
+ * @param hook iterator hook which manipulates the iterated value
+ * @param param user supplied parameter to pass back to the hook
+ */
+ void (*set_iterator_hook) (iterator_t *this, iterator_hook_t *hook,
+ void *param);
+
+ /**
+ * @brief Inserts a new item before the given iterator position.
+ *
+ * The iterator position is not changed after inserting
+ *
+ * @param this calling iterator
+ * @param[in] item value to insert in list
+ */
+ void (*insert_before) (iterator_t *this, void *item);
+
+ /**
+ * @brief Inserts a new item after the given iterator position.
+ *
+ * The iterator position is not changed after inserting.
+ *
+ * @param this calling iterator
+ * @param[in] item value to insert in list
+ */
+ void (*insert_after) (iterator_t *this, void *item);
+
+ /**
+ * @brief Replace the current item at current iterator position.
+ *
+ * The iterator position is not changed after replacing.
+ *
+ * @param this calling iterator
+ * @param[out] old_item old value will be written here(can be NULL)
+ * @param[in] new_item new value
+ *
+ * @return
+ * - SUCCESS
+ * - FAILED if iterator is on an invalid position
+ */
+ status_t (*replace) (iterator_t *this, void **old_item, void *new_item);
+
+ /**
+ * @brief Removes an element from list at the given iterator position.
+ *
+ * The iterator is set the the following position:
+ * - to the item before, if available
+ * - it gets reseted, otherwise
+ *
+ * @param this calling object
+ * @return
+ * - SUCCESS
+ * - FAILED if iterator is on an invalid position
+ */
+ status_t (*remove) (iterator_t *this);
+
+ /**
+ * @brief Resets the iterator position.
+ *
+ * After reset, the iterator_t objects doesn't point to an element.
+ * A call to iterator_t.has_next is necessary to do any other operations
+ * with the resetted iterator.
+ *
+ * @param this calling object
+ */
+ void (*reset) (iterator_t *this);
+
+ /**
+ * @brief Destroys an iterator.
+ *
+ * @param this iterator to destroy
+ *
+ */
+ void (*destroy) (iterator_t *this);
+};
+
+#endif /*ITERATOR_H_*/
diff --git a/src/libstrongswan/utils/leak_detective.c b/src/libstrongswan/utils/leak_detective.c
new file mode 100644
index 000000000..b8a023270
--- /dev/null
+++ b/src/libstrongswan/utils/leak_detective.c
@@ -0,0 +1,459 @@
+/**
+ * @file leak_detective.c
+ *
+ * @brief Allocation hooks to find memory leaks.
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <stdio.h>
+#include <malloc.h>
+#include <signal.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <dlfcn.h>
+#include <unistd.h>
+#include <syslog.h>
+#include <pthread.h>
+#include <netdb.h>
+#include <printf.h>
+#ifdef HAVE_BACKTRACE
+# include <execinfo.h>
+#endif /* HAVE_BACKTRACE */
+
+#include "leak_detective.h"
+
+#include <library.h>
+#include <debug.h>
+
+#ifdef LEAK_DETECTIVE
+
+/**
+ * Magic value which helps to detect memory corruption. Yummy!
+ */
+#define MEMORY_HEADER_MAGIC 0x7ac0be11
+
+/**
+ * Pattern which is filled in memory before freeing it
+ */
+#define MEMORY_FREE_PATTERN 0xFF
+
+/**
+ * Pattern which is filled in newly allocated memory
+ */
+#define MEMORY_ALLOC_PATTERN 0xEE
+
+
+static void install_hooks(void);
+static void uninstall_hooks(void);
+static void *malloc_hook(size_t, const void *);
+static void *realloc_hook(void *, size_t, const void *);
+static void free_hook(void*, const void *);
+
+static u_int count_malloc = 0;
+static u_int count_free = 0;
+static u_int count_realloc = 0;
+
+typedef struct memory_header_t memory_header_t;
+
+/**
+ * Header which is prepended to each allocated memory block
+ */
+struct memory_header_t {
+ /**
+ * Magci byte which must(!) hold MEMORY_HEADER_MAGIC
+ */
+ u_int32_t magic;
+
+ /**
+ * Number of bytes following after the header
+ */
+ size_t bytes;
+
+ /**
+ * Stack frames at the time of allocation
+ */
+ void *stack_frames[STACK_FRAMES_COUNT];
+
+ /**
+ * Number of stacks frames obtained in stack_frames
+ */
+ int stack_frame_count;
+
+ /**
+ * Pointer to previous entry in linked list
+ */
+ memory_header_t *previous;
+
+ /**
+ * Pointer to next entry in linked list
+ */
+ memory_header_t *next;
+};
+
+/**
+ * first mem header is just a dummy to chain
+ * the others on it...
+ */
+static memory_header_t first_header = {
+ magic: MEMORY_HEADER_MAGIC,
+ bytes: 0,
+ stack_frame_count: 0,
+ previous: NULL,
+ next: NULL
+};
+
+/**
+ * standard hooks, used to temparily remove hooking
+ */
+static void *old_malloc_hook, *old_realloc_hook, *old_free_hook;
+
+/**
+ * are the hooks currently installed?
+ */
+static bool installed = FALSE;
+
+/**
+ * Mutex to exclusivly uninstall hooks, access heap list
+ */
+static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
+
+
+/**
+ * log stack frames queried by backtrace()
+ * TODO: Dump symbols of static functions. This could be done with
+ * the addr2line utility or the GNU BFD Library...
+ */
+static void log_stack_frames(void **stack_frames, int stack_frame_count)
+{
+#ifdef HAVE_BACKTRACE
+ char **strings;
+ size_t i;
+
+ strings = backtrace_symbols (stack_frames, stack_frame_count);
+
+ DBG1(" dumping %d stack frame addresses", stack_frame_count);
+
+ for (i = 0; i < stack_frame_count; i++)
+ {
+ DBG1(" %s", strings[i]);
+ }
+ free (strings);
+#endif /* HAVE_BACKTRACE */
+}
+
+/**
+ * Whitelist, which contains address ranges in stack frames ignored when leaking.
+ *
+ * This is necessary, as some function use allocation hacks (static buffers)
+ * and so on, which we want to suppress on leak reports.
+ *
+ * The range_size is calculated using the readelf utility, e.g.:
+ * readelf -s /lib/glibc.so.6
+ * The values are for glibc-2.4 and may or may not be correct on other systems.
+ */
+typedef struct whitelist_t whitelist_t;
+
+struct whitelist_t {
+ void* range_start;
+ size_t range_size;
+};
+
+#ifdef LIBCURL
+/* dummy declaration for whitelisting */
+void *Curl_getaddrinfo(void);
+#endif /* LIBCURL */
+
+whitelist_t whitelist[] = {
+ {pthread_create, 2542},
+ {pthread_setspecific, 217},
+ {mktime, 60},
+ {tzset, 123},
+ {inet_ntoa, 249},
+ {strerror, 180},
+ {getprotobynumber, 291},
+ {getservbyport, 311},
+ {register_printf_function, 159},
+ {syslog, 45},
+ {dlopen, 109},
+# ifdef LIBCURL
+ /* from /usr/lib/libcurl.so.3 */
+ {Curl_getaddrinfo, 480},
+# endif /* LIBCURL */
+};
+
+/**
+ * Check if this stack frame is whitelisted.
+ */
+static bool is_whitelisted(void **stack_frames, int stack_frame_count)
+{
+ int i, j;
+
+ for (i=0; i< stack_frame_count; i++)
+ {
+ for (j=0; j<sizeof(whitelist)/sizeof(whitelist_t); j++)
+ {
+ if (stack_frames[i] >= whitelist[j].range_start &&
+ stack_frames[i] <= (whitelist[j].range_start + whitelist[j].range_size))
+ {
+ return TRUE;
+ }
+ }
+ }
+ return FALSE;
+}
+
+/**
+ * Report leaks at library destruction
+ */
+void report_leaks()
+{
+ memory_header_t *hdr;
+ int leaks = 0;
+
+ for (hdr = first_header.next; hdr != NULL; hdr = hdr->next)
+ {
+ if (!is_whitelisted(hdr->stack_frames, hdr->stack_frame_count))
+ {
+ DBG1("Leak (%d bytes at %p):", hdr->bytes, hdr + 1);
+ log_stack_frames(hdr->stack_frames, hdr->stack_frame_count);
+ leaks++;
+ }
+ }
+
+ switch (leaks)
+ {
+ case 0:
+ DBG1("No leaks detected");
+ break;
+ case 1:
+ DBG1("One leak detected");
+ break;
+ default:
+ DBG1("%d leaks detected", leaks);
+ break;
+ }
+}
+
+/**
+ * Installs the malloc hooks, enables leak detection
+ */
+static void install_hooks()
+{
+ if (!installed)
+ {
+ old_malloc_hook = __malloc_hook;
+ old_realloc_hook = __realloc_hook;
+ old_free_hook = __free_hook;
+ __malloc_hook = malloc_hook;
+ __realloc_hook = realloc_hook;
+ __free_hook = free_hook;
+ installed = TRUE;
+ }
+}
+
+/**
+ * Uninstalls the malloc hooks, disables leak detection
+ */
+static void uninstall_hooks()
+{
+ if (installed)
+ {
+ __malloc_hook = old_malloc_hook;
+ __free_hook = old_free_hook;
+ __realloc_hook = old_realloc_hook;
+ installed = FALSE;
+ }
+}
+
+/**
+ * Hook function for malloc()
+ */
+void *malloc_hook(size_t bytes, const void *caller)
+{
+ memory_header_t *hdr;
+
+ pthread_mutex_lock(&mutex);
+ count_malloc++;
+ uninstall_hooks();
+ hdr = malloc(bytes + sizeof(memory_header_t));
+ /* set to something which causes crashes */
+ memset(hdr, MEMORY_ALLOC_PATTERN, bytes + sizeof(memory_header_t));
+
+ hdr->magic = MEMORY_HEADER_MAGIC;
+ hdr->bytes = bytes;
+ hdr->stack_frame_count = backtrace(hdr->stack_frames, STACK_FRAMES_COUNT);
+ install_hooks();
+
+ /* insert at the beginning of the list */
+ hdr->next = first_header.next;
+ if (hdr->next)
+ {
+ hdr->next->previous = hdr;
+ }
+ hdr->previous = &first_header;
+ first_header.next = hdr;
+ pthread_mutex_unlock(&mutex);
+ return hdr + 1;
+}
+
+/**
+ * Hook function for free()
+ */
+void free_hook(void *ptr, const void *caller)
+{
+ void *stack_frames[STACK_FRAMES_COUNT];
+ int stack_frame_count;
+ memory_header_t *hdr = ptr - sizeof(memory_header_t);
+
+ /* allow freeing of NULL */
+ if (ptr == NULL)
+ {
+ return;
+ }
+
+ pthread_mutex_lock(&mutex);
+ count_free++;
+ uninstall_hooks();
+ if (hdr->magic != MEMORY_HEADER_MAGIC)
+ {
+ DBG1("freeing of invalid memory (%p, MAGIC 0x%x != 0x%x):",
+ ptr, hdr->magic, MEMORY_HEADER_MAGIC);
+ stack_frame_count = backtrace(stack_frames, STACK_FRAMES_COUNT);
+ log_stack_frames(stack_frames, stack_frame_count);
+ install_hooks();
+ pthread_mutex_unlock(&mutex);
+ return;
+ }
+
+ /* remove item from list */
+ if (hdr->next)
+ {
+ hdr->next->previous = hdr->previous;
+ }
+ hdr->previous->next = hdr->next;
+
+ /* clear MAGIC, set mem to something remarkable */
+ memset(hdr, MEMORY_FREE_PATTERN, hdr->bytes + sizeof(memory_header_t));
+
+ free(hdr);
+ install_hooks();
+ pthread_mutex_unlock(&mutex);
+}
+
+/**
+ * Hook function for realloc()
+ */
+void *realloc_hook(void *old, size_t bytes, const void *caller)
+{
+ memory_header_t *hdr;
+ void *stack_frames[STACK_FRAMES_COUNT];
+ int stack_frame_count;
+
+ /* allow reallocation of NULL */
+ if (old == NULL)
+ {
+ return malloc_hook(bytes, caller);
+ }
+
+ hdr = old - sizeof(memory_header_t);
+
+ pthread_mutex_lock(&mutex);
+ count_realloc++;
+ uninstall_hooks();
+ if (hdr->magic != MEMORY_HEADER_MAGIC)
+ {
+ DBG1("reallocation of invalid memory (%p):", old);
+ stack_frame_count = backtrace(stack_frames, STACK_FRAMES_COUNT);
+ log_stack_frames(stack_frames, stack_frame_count);
+ install_hooks();
+ pthread_mutex_unlock(&mutex);
+ raise(SIGKILL);
+ return NULL;
+ }
+
+ hdr = realloc(hdr, bytes + sizeof(memory_header_t));
+
+ /* update statistics */
+ hdr->bytes = bytes;
+ hdr->stack_frame_count = backtrace(hdr->stack_frames, STACK_FRAMES_COUNT);
+
+ /* update header of linked list neighbours */
+ if (hdr->next)
+ {
+ hdr->next->previous = hdr;
+ }
+ hdr->previous->next = hdr;
+ install_hooks();
+ pthread_mutex_unlock(&mutex);
+ return hdr + 1;
+}
+
+/**
+ * Setup leak detective
+ */
+void __attribute__ ((constructor)) leak_detective_init()
+{
+ install_hooks();
+}
+
+/**
+ * Clean up leak detective
+ */
+void __attribute__ ((destructor)) leak_detective_cleanup()
+{
+ uninstall_hooks();
+ report_leaks();
+}
+
+/**
+ * Log memory allocation statistics
+ */
+void leak_detective_status(FILE *stream)
+{
+ u_int blocks = 0;
+ size_t bytes = 0;
+ memory_header_t *hdr = &first_header;
+
+ pthread_mutex_lock(&mutex);
+ while ((hdr = hdr->next))
+ {
+ blocks++;
+ bytes += hdr->bytes;
+ }
+ pthread_mutex_unlock(&mutex);
+
+ fprintf(stream, "allocation statistics:\n");
+ fprintf(stream, " call stats: malloc: %d, free: %d, realloc: %d\n",
+ count_malloc, count_free, count_realloc);
+ fprintf(stream, " allocated %d blocks, total size %d bytes (avg. %d bytes)\n",
+ blocks, bytes, bytes/blocks);
+}
+
+#else /* !LEAK_DETECTION */
+
+/**
+ * Dummy when !using LEAK_DETECTIVE
+ */
+void leak_detective_status(FILE *stream)
+{
+
+}
+
+#endif /* LEAK_DETECTION */
diff --git a/src/libstrongswan/utils/leak_detective.h b/src/libstrongswan/utils/leak_detective.h
new file mode 100644
index 000000000..d4016b06e
--- /dev/null
+++ b/src/libstrongswan/utils/leak_detective.h
@@ -0,0 +1,35 @@
+/**
+ * @file leak_detective.h
+ *
+ * @brief malloc/free hooks to detect leaks.
+ */
+
+/*
+ * Copyright (C) 2006 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef LEAK_DETECTIVE_H_
+#define LEAK_DETECTIVE_H_
+
+/**
+ * Log status information about allocation
+ */
+void leak_detective_status(FILE *stream);
+
+/**
+ * Max number of stack frames to include in a backtrace.
+ */
+#define STACK_FRAMES_COUNT 30
+
+#endif /* LEAK_DETECTIVE_H_ */
diff --git a/src/libstrongswan/utils/lexparser.c b/src/libstrongswan/utils/lexparser.c
new file mode 100644
index 000000000..9d3f06593
--- /dev/null
+++ b/src/libstrongswan/utils/lexparser.c
@@ -0,0 +1,137 @@
+/**
+ * @file lexparser.c
+ *
+ * @brief lexical parser for text-based configuration files
+ *
+ */
+
+/*
+ * Copyright (C) 2001-2006 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "lexparser.h"
+
+
+/**
+ * eat whitespace
+ */
+bool eat_whitespace(chunk_t *src)
+{
+ while (src->len > 0 && (*src->ptr == ' ' || *src->ptr == '\t'))
+ {
+ src->ptr++; src->len--;
+ }
+ return src->len > 0 && *src->ptr != '#';
+}
+
+/**
+ * compare string with chunk
+ */
+bool match(const char *pattern, const chunk_t *ch)
+{
+ return ch->len == strlen(pattern) && strncmp(pattern, ch->ptr, ch->len) == 0;
+}
+
+/**
+ * extracts a token ending with a given termination symbol
+ */
+bool extract_token(chunk_t *token, const char termination, chunk_t *src)
+{
+ u_char *eot = memchr(src->ptr, termination, src->len);
+
+ /* initialize empty token */
+ *token = chunk_empty;
+
+ if (eot == NULL) /* termination symbol not found */
+ {
+ return FALSE;
+ }
+
+ /* extract token */
+ token->ptr = src->ptr;
+ token->len = (u_int)(eot - src->ptr);
+
+ /* advance src pointer after termination symbol */
+ src->ptr = eot + 1;
+ src->len -= (token->len + 1);
+
+ return TRUE;
+}
+
+/**
+ * fetches a new line terminated by \n or \r\n
+ */
+bool fetchline(chunk_t *src, chunk_t *line)
+{
+ if (src->len == 0) /* end of src reached */
+ return FALSE;
+
+ if (extract_token(line, '\n', src))
+ {
+ if (line->len > 0 && *(line->ptr + line->len -1) == '\r')
+ line->len--; /* remove optional \r */
+ }
+ else /*last line ends without newline */
+ {
+ *line = *src;
+ src->ptr += src->len;
+ src->len = 0;
+ }
+ return TRUE;
+}
+
+err_t extract_value(chunk_t *value, chunk_t *line)
+{
+ char delimiter = ' ';
+
+ if (!eat_whitespace(line))
+ {
+ *value = chunk_empty;
+ return NULL;
+ }
+ if (*line->ptr == '\'' || *line->ptr == '"')
+ {
+ delimiter = *line->ptr;
+ line->ptr++; line->len--;
+ }
+ if (!extract_token(value, delimiter, line))
+ {
+ if (delimiter == ' ')
+ {
+ *value = *line;
+ line->len = 0;
+ }
+ else
+ {
+ return "missing second delimiter";
+ }
+ }
+ return NULL;
+}
+
+/**
+ * extracts a parameter: value pair
+ */
+err_t extract_parameter_value(chunk_t *name, chunk_t *value, chunk_t *line)
+{
+ /* extract name */
+ if (!extract_token(name,':', line))
+ {
+ return "missing ':'";
+ }
+
+ /* extract value */
+ return extract_value(value, line);
+}
diff --git a/src/libstrongswan/utils/lexparser.h b/src/libstrongswan/utils/lexparser.h
new file mode 100644
index 000000000..e3c2c4c70
--- /dev/null
+++ b/src/libstrongswan/utils/lexparser.h
@@ -0,0 +1,57 @@
+/**
+ * @file lexparser.h
+ *
+ * @brief lexical parser for text-based configuration files
+ *
+ */
+
+/*
+ * Copyright (C) 2001-2006 Andreas Steffen, Zuercher Hochschule Winterthur
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+
+/**
+ * @brief Eats whitespace
+ */
+bool eat_whitespace(chunk_t *src);
+
+/**
+ * @brief Compare null-terminated pattern with chunk
+ */
+bool match(const char *pattern, const chunk_t *ch);
+
+/**
+ * @brief Extracts a token ending with a given termination symbol
+ */
+bool extract_token(chunk_t *token, const char termination, chunk_t *src);
+
+/**
+ * @brief Fetches a new text line terminated by \n or \r\n
+ */
+bool fetchline(chunk_t *src, chunk_t *line);
+
+/**
+ * @brief Extracts a value that might be single or double quoted
+ */
+err_t extract_value(chunk_t *value, chunk_t *line);
+
+/**
+ * @brief extracts a name: value pair from a text line
+ */
+err_t extract_name_value(chunk_t *name, chunk_t *value, chunk_t *line);
+
+/**
+ * @brief extracts a parameter: value from a text line
+ */
+err_t extract_parameter_value(chunk_t *name, chunk_t *value, chunk_t *line);
diff --git a/src/libstrongswan/utils/linked_list.c b/src/libstrongswan/utils/linked_list.c
new file mode 100644
index 000000000..de043a02e
--- /dev/null
+++ b/src/libstrongswan/utils/linked_list.c
@@ -0,0 +1,763 @@
+/**
+ * @file linked_list.c
+ *
+ * @brief Implementation of linked_list_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <stdlib.h>
+
+#include "linked_list.h"
+
+typedef struct element_t element_t;
+
+/**
+ * This element holds a pointer to the value it represents.
+ */
+struct element_t {
+
+ /**
+ * Value of a list item.
+ */
+ void *value;
+
+ /**
+ * Previous list element.
+ *
+ * NULL if first element in list.
+ */
+ element_t *previous;
+
+ /**
+ * Next list element.
+ *
+ * NULL if last element in list.
+ */
+ element_t *next;
+};
+
+/**
+ * Creates an empty linked list object.
+ */
+element_t *element_create(void *value)
+{
+ element_t *this = malloc_thing(element_t);
+
+ this->previous = NULL;
+ this->next = NULL;
+ this->value = value;
+
+ return (this);
+}
+
+
+typedef struct private_linked_list_t private_linked_list_t;
+
+/**
+ * Private data of a linked_list_t object.
+ *
+ */
+struct private_linked_list_t {
+ /**
+ * Public part of linked list.
+ */
+ linked_list_t public;
+
+ /**
+ * Number of items in the list.
+ */
+ int count;
+
+ /**
+ * First element in list.
+ * NULL if no elements in list.
+ */
+ element_t *first;
+
+ /**
+ * Last element in list.
+ * NULL if no elements in list.
+ */
+ element_t *last;
+};
+
+
+typedef struct private_iterator_t private_iterator_t;
+
+/**
+ * Private variables and functions of linked list iterator.
+ */
+struct private_iterator_t {
+ /**
+ * Public part of linked list iterator.
+ */
+ iterator_t public;
+
+ /**
+ * Associated linked list.
+ */
+ private_linked_list_t * list;
+
+ /**
+ * Current element of the iterator.
+ */
+ element_t *current;
+
+ /**
+ * Direction of iterator.
+ */
+ bool forward;
+
+ /**
+ * Mutex to use to synchronize access
+ */
+ pthread_mutex_t *mutex;
+
+ /**
+ * iteration hook
+ */
+ iterator_hook_t *hook;
+
+ /**
+ * user parameter for iterator hook
+ */
+ void *hook_param;
+};
+
+/**
+ * Implementation of iterator_t.get_count.
+ */
+static int get_list_count(private_iterator_t *this)
+{
+ return this->list->count;
+}
+
+/**
+ * default iterator hook which does nothing
+ */
+static bool iterator_hook(void *param, void *in, void **out)
+{
+ *out = in;
+ return TRUE;
+}
+
+/**
+ * Implementation of iterator_t.set_iterator_hook.
+ */
+static void set_iterator_hook(private_iterator_t *this, iterator_hook_t *hook,
+ void* param)
+{
+ if (hook == NULL)
+ {
+ this->hook = iterator_hook;
+ this->hook_param = NULL;
+ }
+ else
+ {
+ this->hook = hook;
+ this->hook_param = param;
+ }
+}
+
+/**
+ * Implementation of iterator_t.iterate.
+ */
+static bool iterate(private_iterator_t *this, void** value)
+{
+ if (this->list->count == 0)
+ {
+ return FALSE;
+ }
+ if (this->current == NULL)
+ {
+ this->current = (this->forward) ? this->list->first : this->list->last;
+ if (!this->hook(this->hook_param, this->current->value, value))
+ {
+ return iterate(this, value);
+ }
+ return TRUE;
+ }
+ if (this->forward)
+ {
+ if (this->current->next == NULL)
+ {
+ return FALSE;
+ }
+ this->current = this->current->next;
+ if (!this->hook(this->hook_param, this->current->value, value))
+ {
+ return iterate(this, value);
+ }
+ return TRUE;
+ }
+ if (this->current->previous == NULL)
+ {
+ return FALSE;
+ }
+ this->current = this->current->previous;
+ if (!this->hook(this->hook_param, this->current->value, value))
+ {
+ return iterate(this, value);
+ }
+ return TRUE;
+}
+
+/**
+ * Implementation of iterator_t.reset.
+ */
+static void iterator_reset(private_iterator_t *this)
+{
+ this->current = NULL;
+}
+
+/**
+ * Implementation of iterator_t.remove.
+ */
+static status_t remove_(private_iterator_t *this)
+{
+ element_t *new_current;
+
+ if (this->current == NULL)
+ {
+ return NOT_FOUND;
+ }
+
+ if (this->list->count == 0)
+ {
+ return NOT_FOUND;
+ }
+ /* find out the new iterator position, depending on iterator direction */
+ if (this->forward && this->current->previous != NULL)
+ {
+ new_current = this->current->previous;
+ }
+ else if (!this->forward && this->current->next != NULL)
+ {
+ new_current = this->current->next;
+ }
+ else
+ {
+ new_current = NULL;
+ }
+
+ /* now delete the entry :-) */
+ if (this->current->previous == NULL)
+ {
+ if (this->current->next == NULL)
+ {
+ this->list->first = NULL;
+ this->list->last = NULL;
+ }
+ else
+ {
+ this->current->next->previous = NULL;
+ this->list->first = this->current->next;
+ }
+ }
+ else if (this->current->next == NULL)
+ {
+ this->current->previous->next = NULL;
+ this->list->last = this->current->previous;
+ }
+ else
+ {
+ this->current->previous->next = this->current->next;
+ this->current->next->previous = this->current->previous;
+ }
+
+ this->list->count--;
+ free(this->current);
+ /* set the new iterator position */
+ this->current = new_current;
+ return SUCCESS;
+}
+
+/**
+ * Implementation of iterator_t.insert_before.
+ */
+static void insert_before(private_iterator_t * iterator, void *item)
+{
+ if (iterator->current == NULL)
+ {
+ iterator->list->public.insert_first(&(iterator->list->public), item);
+ }
+
+ element_t *element = element_create(item);
+ if (iterator->current->previous == NULL)
+ {
+ iterator->current->previous = element;
+ element->next = iterator->current;
+ iterator->list->first = element;
+ }
+ else
+ {
+ iterator->current->previous->next = element;
+ element->previous = iterator->current->previous;
+ iterator->current->previous = element;
+ element->next = iterator->current;
+ }
+ iterator->list->count++;
+}
+
+/**
+ * Implementation of iterator_t.replace.
+ */
+static status_t replace(private_iterator_t *this, void **old_item, void *new_item)
+{
+ if (this->current == NULL)
+ {
+ return NOT_FOUND;
+ }
+ if (old_item != NULL)
+ {
+ *old_item = this->current->value;
+ }
+ this->current->value = new_item;
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of iterator_t.insert_after.
+ */
+static void insert_after(private_iterator_t *iterator, void *item)
+{
+ if (iterator->current == NULL)
+ {
+ iterator->list->public.insert_first(&(iterator->list->public),item);
+ return;
+ }
+
+ element_t *element = element_create(item);
+ if (iterator->current->next == NULL)
+ {
+ iterator->current->next = element;
+ element->previous = iterator->current;
+ iterator->list->last = element;
+ }
+ else
+ {
+ iterator->current->next->previous = element;
+ element->next = iterator->current->next;
+ iterator->current->next = element;
+ element->previous = iterator->current;
+ }
+ iterator->list->count++;
+}
+
+/**
+ * Implementation of iterator_t.destroy.
+ */
+static void iterator_destroy(private_iterator_t *this)
+{
+ if (this->mutex)
+ {
+ pthread_mutex_unlock(this->mutex);
+ }
+ free(this);
+}
+
+/**
+ * Implementation of linked_list_t.get_count.
+ */
+static int get_count(private_linked_list_t *this)
+{
+ return this->count;
+}
+
+/**
+ * Implementation of linked_list_t.insert_first.
+ */
+static void insert_first(private_linked_list_t *this, void *item)
+{
+ element_t *element;
+
+ element = element_create(item);
+ if (this->count == 0)
+ {
+ /* first entry in list */
+ this->first = element;
+ this->last = element;
+ element->previous = NULL;
+ element->next = NULL;
+ }
+ else
+ {
+ element_t *old_first_element = this->first;
+ element->next = old_first_element;
+ element->previous = NULL;
+ old_first_element->previous = element;
+ this->first = element;
+ }
+ this->count++;
+}
+
+/**
+ * Implementation of linked_list_t.remove_first.
+ */
+static status_t remove_first(private_linked_list_t *this, void **item)
+{
+ element_t *element = this->first;
+
+ if (element == NULL)
+ {
+ return NOT_FOUND;
+ }
+ if (element->next != NULL)
+ {
+ element->next->previous = NULL;
+ }
+ this->first = element->next;
+
+ if (item != NULL)
+ {
+ *item = element->value;
+ }
+ if (--this->count == 0)
+ {
+ this->last = NULL;
+ }
+
+ free(element);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.get_first.
+ */
+static status_t get_first(private_linked_list_t *this, void **item)
+{
+ if (this->count == 0)
+ {
+ return NOT_FOUND;
+ }
+ *item = this->first->value;
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.insert_last.
+ */
+static void insert_last(private_linked_list_t *this, void *item)
+{
+ element_t *element = element_create(item);
+
+ if (this->count == 0)
+ {
+ /* first entry in list */
+ this->first = element;
+ this->last = element;
+ element->previous = NULL;
+ element->next = NULL;
+ }
+ else
+ {
+ element_t *old_last_element = this->last;
+ element->previous = old_last_element;
+ element->next = NULL;
+ old_last_element->next = element;
+ this->last = element;
+ }
+ this->count++;
+}
+
+/**
+ * Implementation of linked_list_t.remove_last.
+ */
+static status_t remove_last(private_linked_list_t *this, void **item)
+{
+ element_t *element = this->last;
+
+ if (element == NULL)
+ {
+ return NOT_FOUND;
+ }
+ if (element->previous != NULL)
+ {
+ element->previous->next = NULL;
+ }
+ this->last = element->previous;
+
+ if (item != NULL)
+ {
+ *item = element->value;
+ }
+ if (--this->count == 0)
+ {
+ this->first = NULL;
+ }
+
+ free(element);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.insert_at_position.
+ */
+static status_t insert_at_position (private_linked_list_t *this,size_t position, void *item)
+{
+ element_t *current_element;
+ int i;
+
+ if (this->count <= position)
+ {
+ return INVALID_ARG;
+ }
+
+ current_element = this->first;
+
+ for (i = 0; i < position;i++)
+ {
+ current_element = current_element->next;
+ }
+
+ if (current_element == NULL)
+ {
+ this->public.insert_last(&(this->public),item);
+ return SUCCESS;
+ }
+
+ element_t *element = element_create(item);
+ if (current_element->previous == NULL)
+ {
+ current_element->previous = element;
+ element->next = current_element;
+ this->first = element;
+ }
+ else
+ {
+ current_element->previous->next = element;
+ element->previous = current_element->previous;
+ current_element->previous = element;
+ element->next = current_element;
+ }
+
+
+ this->count++;
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.remove_at_position.
+ */
+static status_t remove_at_position(private_linked_list_t *this,size_t position, void **item)
+{
+ iterator_t *iterator;
+ int i;
+
+ if (this->count <= position)
+ {
+ return INVALID_ARG;
+ }
+
+ iterator = this->public.create_iterator(&(this->public),TRUE);
+ iterator->iterate(iterator, item);
+ for (i = 0; i < position; i++)
+ {
+ if (!iterator->iterate(iterator, item))
+ {
+ iterator->destroy(iterator);
+ return INVALID_ARG;
+ }
+ }
+ iterator->remove(iterator);
+ iterator->destroy(iterator);
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.get_at_position.
+ */
+static status_t get_at_position(private_linked_list_t *this,size_t position, void **item)
+{
+ int i;
+ iterator_t *iterator;
+
+ if (this->count <= position)
+ {
+ return INVALID_ARG;
+ }
+
+ iterator = this->public.create_iterator(&(this->public),TRUE);
+ iterator->iterate(iterator, item);
+ for (i = 0; i < position; i++)
+ {
+ if (!iterator->iterate(iterator, item))
+ {
+ iterator->destroy(iterator);
+ return INVALID_ARG;
+ }
+ }
+ iterator->destroy(iterator);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.get_last.
+ */
+static status_t get_last(private_linked_list_t *this, void **item)
+{
+ if (this->count == 0)
+ {
+ return NOT_FOUND;
+ }
+
+ *item = this->last->value;
+
+ return SUCCESS;
+}
+
+/**
+ * Implementation of linked_list_t.invoke.
+ */
+static void invoke(private_linked_list_t *this, size_t offset)
+{
+ element_t *current = this->first;
+
+ while (current)
+ {
+ void (**method)(void*) = current->value + offset;
+ (*method)(current->value);
+ current = current->next;
+ }
+}
+
+/**
+ * Implementation of linked_list_t.destroy.
+ */
+static void destroy(private_linked_list_t *this)
+{
+ void *value;
+ /* Remove all list items before destroying list */
+ while (this->public.remove_first(&(this->public), &value) == SUCCESS)
+ {
+ /* values are not destroyed so memory leaks are possible
+ * if list is not empty when deleting */
+ }
+ free(this);
+}
+
+/**
+ * Implementation of linked_list_t.destroy_offset.
+ */
+static void destroy_offset(private_linked_list_t *this, size_t offset)
+{
+ element_t *current = this->first, *next;
+
+ while (current)
+ {
+ void (**method)(void*) = current->value + offset;
+ (*method)(current->value);
+ next = current->next;
+ free(current);
+ current = next;
+ }
+ free(this);
+}
+
+/**
+ * Implementation of linked_list_t.destroy_function.
+ */
+static void destroy_function(private_linked_list_t *this, void (*fn)(void*))
+{
+ element_t *current = this->first, *next;
+
+ while (current)
+ {
+ fn(current->value);
+ next = current->next;
+ free(current);
+ current = next;
+ }
+ free(this);
+}
+
+/**
+ * Implementation of linked_list_t.create_iterator.
+ */
+static iterator_t *create_iterator(private_linked_list_t *linked_list, bool forward)
+{
+ private_iterator_t *this = malloc_thing(private_iterator_t);
+
+ this->public.get_count = (int (*) (iterator_t*)) get_list_count;
+ this->public.iterate = (bool (*) (iterator_t*, void **value)) iterate;
+ this->public.set_iterator_hook = (void(*)(iterator_t*, iterator_hook_t*, void*))set_iterator_hook;
+ this->public.insert_before = (void (*) (iterator_t*, void *item)) insert_before;
+ this->public.insert_after = (void (*) (iterator_t*, void *item)) insert_after;
+ this->public.replace = (status_t (*) (iterator_t*, void **, void *)) replace;
+ this->public.remove = (status_t (*) (iterator_t*)) remove_;
+ this->public.reset = (void (*) (iterator_t*)) iterator_reset;
+ this->public.destroy = (void (*) (iterator_t*)) iterator_destroy;
+
+ this->forward = forward;
+ this->current = NULL;
+ this->list = linked_list;
+ this->mutex = NULL;
+ this->hook = iterator_hook;
+
+ return &this->public;
+}
+
+/**
+ * Implementation of linked_list_t.create_iterator_locked.
+ */
+static iterator_t *create_iterator_locked(private_linked_list_t *linked_list,
+ pthread_mutex_t *mutex)
+{
+ private_iterator_t *this = (private_iterator_t*)create_iterator(linked_list, TRUE);
+ this->mutex = mutex;
+
+ pthread_mutex_lock(mutex);
+
+ return &this->public;
+}
+
+/*
+ * Described in header.
+ */
+linked_list_t *linked_list_create()
+{
+ private_linked_list_t *this = malloc_thing(private_linked_list_t);
+
+ this->public.get_count = (int (*) (linked_list_t *)) get_count;
+ this->public.create_iterator = (iterator_t * (*) (linked_list_t *,bool))create_iterator;
+ this->public.create_iterator_locked = (iterator_t * (*) (linked_list_t *,pthread_mutex_t*))create_iterator_locked;
+ this->public.get_first = (status_t (*) (linked_list_t *, void **item))get_first;
+ this->public.get_last = (status_t (*) (linked_list_t *, void **item))get_last;
+ this->public.insert_first = (void (*) (linked_list_t *, void *item))insert_first;
+ this->public.insert_last = (void (*) (linked_list_t *, void *item))insert_last;
+ this->public.remove_first = (status_t (*) (linked_list_t *, void **item))remove_first;
+ this->public.remove_last = (status_t (*) (linked_list_t *, void **item))remove_last;
+ this->public.insert_at_position = (status_t (*) (linked_list_t *,size_t, void *))insert_at_position;
+ this->public.remove_at_position = (status_t (*) (linked_list_t *,size_t, void **))remove_at_position;
+ this->public.get_at_position = (status_t (*) (linked_list_t *,size_t, void **))get_at_position;
+ this->public.invoke = (void (*)(linked_list_t*,size_t))invoke;
+ this->public.destroy = (void (*) (linked_list_t *))destroy;
+ this->public.destroy_offset = (void (*) (linked_list_t *,size_t))destroy_offset;
+ this->public.destroy_function = (void (*)(linked_list_t*,void(*)(void*)))destroy_function;
+
+ this->count = 0;
+ this->first = NULL;
+ this->last = NULL;
+
+ return &this->public;
+}
diff --git a/src/libstrongswan/utils/linked_list.h b/src/libstrongswan/utils/linked_list.h
new file mode 100644
index 000000000..58bcbbdaa
--- /dev/null
+++ b/src/libstrongswan/utils/linked_list.h
@@ -0,0 +1,232 @@
+/**
+ * @file linked_list.h
+ *
+ * @brief Interface of linked_list_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef LINKED_LIST_H_
+#define LINKED_LIST_H_
+
+typedef struct linked_list_t linked_list_t;
+
+#include <pthread.h>
+
+#include <library.h>
+#include <utils/iterator.h>
+
+/**
+ * @brief Class implementing a double linked list.
+ *
+ * General purpose linked list. This list is not synchronized.
+ *
+ * @b Costructors:
+ * - linked_list_create()
+ *
+ * @ingroup utils
+ */
+struct linked_list_t {
+
+ /**
+ * @brief Gets the count of items in the list.
+ *
+ * @param this calling object
+ * @return number of items in list
+ */
+ int (*get_count) (linked_list_t *this);
+
+ /**
+ * @brief Creates a iterator for the given list.
+ *
+ * @warning Created iterator_t object has to get destroyed by the caller.
+ *
+ * @param this calling object
+ * @param forward iterator direction (TRUE: front to end)
+ * @return new iterator_t object
+ */
+ iterator_t *(*create_iterator) (linked_list_t *this, bool forward);
+
+ /**
+ * @brief Creates a iterator, locking a mutex.
+ *
+ * The supplied mutex is acquired immediately, and released
+ * when the iterator gets destroyed.
+ *
+ * @param this calling object
+ * @param mutex mutex to use for exclusive access
+ * @return new iterator_t object
+ */
+ iterator_t *(*create_iterator_locked) (linked_list_t *this,
+ pthread_mutex_t *mutex);
+
+ /**
+ * @brief Inserts a new item at the beginning of the list.
+ *
+ * @param this calling object
+ * @param[in] item item value to insert in list
+ */
+ void (*insert_first) (linked_list_t *this, void *item);
+
+ /**
+ * @brief Removes the first item in the list and returns its value.
+ *
+ * @param this calling object
+ * @param[out] item returned value of first item, or NULL
+ * @return
+ * - SUCCESS
+ * - NOT_FOUND, if list is empty
+ */
+ status_t (*remove_first) (linked_list_t *this, void **item);
+
+ /**
+ * @brief Returns the value of the first list item without removing it.
+ *
+ * @param this calling object
+ * @param[out] item returned value of first item
+ * @return
+ * - SUCCESS
+ * - NOT_FOUND, if list is empty
+ */
+ status_t (*get_first) (linked_list_t *this, void **item);
+
+ /**
+ * @brief Inserts a new item at the end of the list.
+ *
+ * @param this calling object
+ * @param[in] item value to insert into list
+ */
+ void (*insert_last) (linked_list_t *this, void *item);
+
+ /**
+ * @brief Inserts a new item at a given position in the list.
+ *
+ * @param this calling object
+ * @param position position starting at 0 to insert new entry
+ * @param[in] item value to insert into list
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if position not existing
+ */
+ status_t (*insert_at_position) (linked_list_t *this,size_t position, void *item);
+
+ /**
+ * @brief Removes an item from a given position in the list.
+ *
+ * @param this calling object
+ * @param position position starting at 0 to remove entry from
+ * @param[out] item removed item will be stored at this location
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if position not existing
+ */
+ status_t (*remove_at_position) (linked_list_t *this, size_t position, void **item);
+
+ /**
+ * @brief Get an item from a given position in the list.
+ *
+ * @param this calling object
+ * @param position position starting at 0 to get entry from
+ * @param[out] item item will be stored at this location
+ * @return
+ * - SUCCESS
+ * - INVALID_ARG if position not existing
+ */
+ status_t (*get_at_position) (linked_list_t *this, size_t position, void **item);
+
+ /**
+ * @brief Removes the last item in the list and returns its value.
+ *
+ * @param this calling object
+ * @param[out] item returned value of last item, or NULL
+ * @return
+ * - SUCCESS
+ * - NOT_FOUND if list is empty
+ */
+ status_t (*remove_last) (linked_list_t *this, void **item);
+
+ /**
+ * @brief Returns the value of the last list item without removing it.
+ *
+ * @param this calling object
+ * @param[out] item returned value of last item
+ * @return
+ * - SUCCESS
+ * - NOT_FOUND if list is empty
+ */
+ status_t (*get_last) (linked_list_t *this, void **item);
+
+ /**
+ * @brief Invoke a method on all of the contained objects.
+ *
+ * If a linked list contains objects with function pointers,
+ * invoke() can call a method on each of the objects. The
+ * method is specified by an offset of the function pointer,
+ * which can be evalutated at compile time using the offsetof
+ * macro, e.g.: list->invoke(list, offsetof(object_t, method));
+ *
+ * @param this calling object
+ * @param offset offset of the method to invoke on objects
+ */
+ void (*invoke) (linked_list_t *this, size_t offset);
+
+ /**
+ * @brief Destroys a linked_list object.
+ *
+ * @param this calling object
+ */
+ void (*destroy) (linked_list_t *this);
+
+ /**
+ * @brief Destroys a list and its objects using the destructor.
+ *
+ * If a linked list and the contained objects should be destroyed, use
+ * destroy_offset. The supplied offset specifies the destructor to
+ * call on each object. The offset may be calculated using the offsetof
+ * macro, e.g.: list->destroy_offset(list, offsetof(object_t, destroy));
+ *
+ * @param this calling object
+ * @param offset offset of the objects destructor
+ */
+ void (*destroy_offset) (linked_list_t *this, size_t offset);
+
+ /**
+ * @brief Destroys a list and its contents using a a cleanup function.
+ *
+ * If a linked list and its contents should get destroyed using a specific
+ * cleanup function, use destroy_function. This is useful when the
+ * list contains malloc()-ed blocks which should get freed,
+ * e.g.: list->destroy_function(list, free);
+ *
+ * @param this calling object
+ * @param function function to call on each object
+ */
+ void (*destroy_function) (linked_list_t *this, void (*)(void*));
+};
+
+/**
+ * @brief Creates an empty linked list object.
+ *
+ * @return linked_list_t object.
+ *
+ * @ingroup utils
+ */
+linked_list_t *linked_list_create(void);
+
+
+#endif /*LINKED_LIST_H_*/
diff --git a/src/libstrongswan/utils/randomizer.c b/src/libstrongswan/utils/randomizer.c
new file mode 100644
index 000000000..c15d108c7
--- /dev/null
+++ b/src/libstrongswan/utils/randomizer.c
@@ -0,0 +1,165 @@
+/**
+ * @file randomizer.c
+ *
+ * @brief Implementation of randomizer_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#include "randomizer.h"
+
+
+typedef struct private_randomizer_t private_randomizer_t;
+
+/**
+ * Private data of an randomizer_t object.
+ */
+struct private_randomizer_t {
+
+ /**
+ * Public randomizer_t interface.
+ */
+ randomizer_t public;
+
+ /**
+ * @brief Reads a specific number of bytes from random or pseudo random device.
+ *
+ * @param this calling object
+ * @param pseudo_random TRUE, if from pseudo random bytes should be read,
+ * FALSE for true random bytes
+ * @param bytes number of bytes to read
+ * @param[out] buffer pointer to buffer where to write the data in.
+ * Size of buffer has to be at least bytes.
+ */
+ status_t (*get_bytes_from_device) (private_randomizer_t *this,bool pseudo_random, size_t bytes, u_int8_t *buffer);
+};
+
+
+/**
+ * Implementation of private_randomizer_t.get_bytes_from_device.
+ */
+static status_t get_bytes_from_device(private_randomizer_t *this,bool pseudo_random, size_t bytes, u_int8_t *buffer)
+{
+ size_t ndone;
+ int device;
+ size_t got;
+ char * device_name;
+
+ device_name = pseudo_random ? DEV_URANDOM : DEV_RANDOM;
+
+ device = open(device_name, 0);
+ if (device < 0) {
+ return FAILED;
+ }
+ ndone = 0;
+
+ /* read until nbytes are read */
+ while (ndone < bytes)
+ {
+ got = read(device, buffer + ndone, bytes - ndone);
+ if (got <= 0) {
+ close(device);
+ return FAILED;
+ }
+ ndone += got;
+ }
+ close(device);
+ return SUCCESS;
+}
+
+/**
+ * Implementation of randomizer_t.get_random_bytes.
+ */
+static status_t get_random_bytes(private_randomizer_t *this,size_t bytes, u_int8_t *buffer)
+{
+ return this->get_bytes_from_device(this, FALSE, bytes, buffer);
+}
+
+/**
+ * Implementation of randomizer_t.allocate_random_bytes.
+ */
+static status_t allocate_random_bytes(private_randomizer_t *this, size_t bytes, chunk_t *chunk)
+{
+ status_t status;
+ chunk->len = bytes;
+ chunk->ptr = malloc(bytes);
+ status = this->get_bytes_from_device(this, FALSE, bytes, chunk->ptr);
+ if (status != SUCCESS)
+ {
+ free(chunk->ptr);
+ }
+ return status;
+}
+
+/**
+ * Implementation of randomizer_t.get_pseudo_random_bytes.
+ */
+static status_t get_pseudo_random_bytes(private_randomizer_t *this,size_t bytes, u_int8_t *buffer)
+{
+ return (this->get_bytes_from_device(this, TRUE, bytes, buffer));
+}
+
+/**
+ * Implementation of randomizer_t.allocate_pseudo_random_bytes.
+ */
+static status_t allocate_pseudo_random_bytes(private_randomizer_t *this, size_t bytes, chunk_t *chunk)
+{
+ status_t status;
+ chunk->len = bytes;
+ chunk->ptr = malloc(bytes);
+ status = this->get_bytes_from_device(this, TRUE, bytes, chunk->ptr);
+ if (status != SUCCESS)
+ {
+ free(chunk->ptr);
+ }
+ return status;
+}
+
+/**
+ * Implementation of randomizer_t.destroy.
+ */
+static void destroy(private_randomizer_t *this)
+{
+ free(this);
+}
+
+/*
+ * Described in header.
+ */
+randomizer_t *randomizer_create(void)
+{
+ private_randomizer_t *this = malloc_thing(private_randomizer_t);
+
+ /* public functions */
+ this->public.get_random_bytes = (status_t (*) (randomizer_t *,size_t, u_int8_t *)) get_random_bytes;
+ this->public.allocate_random_bytes = (status_t (*) (randomizer_t *,size_t, chunk_t *)) allocate_random_bytes;
+ this->public.get_pseudo_random_bytes = (status_t (*) (randomizer_t *,size_t, u_int8_t *)) get_pseudo_random_bytes;
+ this->public.allocate_pseudo_random_bytes = (status_t (*) (randomizer_t *,size_t, chunk_t *)) allocate_pseudo_random_bytes;
+ this->public.destroy = (void (*) (randomizer_t *))destroy;
+
+ /* private functions */
+ this->get_bytes_from_device = get_bytes_from_device;
+
+ return &(this->public);
+}
diff --git a/src/libstrongswan/utils/randomizer.h b/src/libstrongswan/utils/randomizer.h
new file mode 100644
index 000000000..afbade059
--- /dev/null
+++ b/src/libstrongswan/utils/randomizer.h
@@ -0,0 +1,114 @@
+/**
+ * @file randomizer.h
+ *
+ * @brief Interface of randomizer_t.
+ *
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef RANDOMIZER_H_
+#define RANDOMIZER_H_
+
+typedef struct randomizer_t randomizer_t;
+
+#include <library.h>
+
+#ifndef DEV_RANDOM
+/**
+ * Device to read real random bytes
+ */
+# define DEV_RANDOM "/dev/random"
+#endif
+
+#ifndef DEV_URANDOM
+/**
+ * Device to read pseudo random bytes
+ */
+# define DEV_URANDOM "/dev/urandom"
+#endif
+
+/**
+ * @brief Class used to get random and pseudo random values.
+ *
+ * @b Constructors:
+ * - randomizer_create()
+ *
+ * @ingroup utils
+ */
+struct randomizer_t {
+
+ /**
+ * @brief Reads a specific number of bytes from random device.
+ *
+ * @param this calling randomizer_t object
+ * @param bytes number of bytes to read
+ * @param[out] buffer pointer to buffer where to write the data in.
+ * Size of buffer has to be at least bytes.
+ * @return SUCCESS, or FAILED
+ */
+ status_t (*get_random_bytes) (randomizer_t *this, size_t bytes, u_int8_t *buffer);
+
+ /**
+ * @brief Allocates space and writes in random bytes.
+ *
+ * @param this calling randomizer_t object
+ * @param bytes number of bytes to allocate
+ * @param[out] chunk chunk which will hold the allocated random bytes
+ * @return SUCCESS, or FAILED
+ */
+ status_t (*allocate_random_bytes) (randomizer_t *this, size_t bytes, chunk_t *chunk);
+
+ /**
+ * @brief Reads a specific number of bytes from pseudo random device.
+ *
+ * @param this calling randomizer_t object
+ * @param bytes number of bytes to read
+ * @param[out] buffer pointer to buffer where to write the data in.
+ * size of buffer has to be at least bytes.
+ * @return SUCCESS, or FAILED
+ */
+ status_t (*get_pseudo_random_bytes) (randomizer_t *this,size_t bytes, u_int8_t *buffer);
+
+ /**
+ * @brief Allocates space and writes in pseudo random bytes.
+ *
+ * @param this calling randomizer_t object
+ * @param bytes number of bytes to allocate
+ * @param[out] chunk chunk which will hold the allocated random bytes
+ * @return SUCCESS, or FAILED
+ */
+ status_t (*allocate_pseudo_random_bytes) (randomizer_t *this, size_t bytes, chunk_t *chunk);
+
+ /**
+ * @brief Destroys a randomizer_t object.
+ *
+ * @param this randomizer_t object to destroy
+ */
+ void (*destroy) (randomizer_t *this);
+};
+
+/**
+ * @brief Creates a randomizer_t object.
+ *
+ * @return created randomizer_t, or
+ *
+ * @ingroup utils
+ */
+randomizer_t *randomizer_create(void);
+
+#endif /*RANDOMIZER_H_*/
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 17:51:11 +0000