From f73fba54dc8b30c6482e1e8abf15bbf455592fcd Mon Sep 17 00:00:00 2001 From: Rene Mayrhofer Date: Sun, 28 Nov 2010 11:42:20 +0000 Subject: [svn-upgrade] new version strongswan (4.5.0) --- scripts/Makefile.am | 16 ++++++-- scripts/Makefile.in | 52 ++++++++++++++++++++----- scripts/crypt_burn.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++ scripts/key2keyid.c | 4 +- scripts/pubkey_speed.c | 10 ++--- 5 files changed, 164 insertions(+), 20 deletions(-) create mode 100644 scripts/crypt_burn.c (limited to 'scripts') diff --git a/scripts/Makefile.am b/scripts/Makefile.am index 70a56f697..827fb7dfb 100644 --- a/scripts/Makefile.am +++ b/scripts/Makefile.am @@ -1,9 +1,17 @@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan +INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libtls AM_CFLAGS = \ --DPLUGINS="\"${libstrongswan_plugins}\"" +-DPLUGINS="\"${scripts_plugins}\"" noinst_PROGRAMS = bin2array bin2sql id2sql key2keyid keyid2sql \ - thread_analysis dh_speed pubkey_speed + thread_analysis dh_speed pubkey_speed crypt_burn + +if USE_TLS + noinst_PROGRAMS += tls_test + tls_test_SOURCES = tls_test.c + tls_test_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la \ + $(top_builddir)/src/libtls/libtls.la +endif + bin2array_SOURCES = bin2array.c bin2sql_SOURCES = bin2sql.c id2sql_SOURCES = id2sql.c @@ -12,11 +20,13 @@ keyid2sql_SOURCES = keyid2sql.c thread_analysis_SOURCES = thread_analysis.c dh_speed_SOURCES = dh_speed.c pubkey_speed_SOURCES = pubkey_speed.c +crypt_burn_SOURCES = crypt_burn.c id2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la key2keyid_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la keyid2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la dh_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt pubkey_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt +crypt_burn_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la key2keyid.o : $(top_builddir)/config.status diff --git a/scripts/Makefile.in b/scripts/Makefile.in index 20e6df94c..e28424350 100644 --- a/scripts/Makefile.in +++ b/scripts/Makefile.in @@ -36,7 +36,7 @@ build_triplet = @build@ host_triplet = @host@ noinst_PROGRAMS = bin2array$(EXEEXT) bin2sql$(EXEEXT) id2sql$(EXEEXT) \ key2keyid$(EXEEXT) keyid2sql$(EXEEXT) thread_analysis$(EXEEXT) \ - dh_speed$(EXEEXT) pubkey_speed$(EXEEXT) + dh_speed$(EXEEXT) pubkey_speed$(EXEEXT) crypt_burn$(EXEEXT) subdir = scripts DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 @@ -47,6 +47,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ $(top_srcdir)/m4/config/lt~obsolete.m4 \ $(top_srcdir)/m4/macros/with.m4 \ $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ $(top_srcdir)/configure.in am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) @@ -60,6 +61,10 @@ bin2array_LDADD = $(LDADD) am_bin2sql_OBJECTS = bin2sql.$(OBJEXT) bin2sql_OBJECTS = $(am_bin2sql_OBJECTS) bin2sql_LDADD = $(LDADD) +am_crypt_burn_OBJECTS = crypt_burn.$(OBJEXT) +crypt_burn_OBJECTS = $(am_crypt_burn_OBJECTS) +crypt_burn_DEPENDENCIES = \ + $(top_builddir)/src/libstrongswan/libstrongswan.la am_dh_speed_OBJECTS = dh_speed.$(OBJEXT) dh_speed_OBJECTS = $(am_dh_speed_OBJECTS) dh_speed_DEPENDENCIES = \ @@ -96,13 +101,14 @@ CCLD = $(CC) LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ -SOURCES = $(bin2array_SOURCES) $(bin2sql_SOURCES) $(dh_speed_SOURCES) \ - $(id2sql_SOURCES) $(key2keyid_SOURCES) $(keyid2sql_SOURCES) \ +SOURCES = $(bin2array_SOURCES) $(bin2sql_SOURCES) \ + $(crypt_burn_SOURCES) $(dh_speed_SOURCES) $(id2sql_SOURCES) \ + $(key2keyid_SOURCES) $(keyid2sql_SOURCES) \ $(pubkey_speed_SOURCES) $(thread_analysis_SOURCES) DIST_SOURCES = $(bin2array_SOURCES) $(bin2sql_SOURCES) \ - $(dh_speed_SOURCES) $(id2sql_SOURCES) $(key2keyid_SOURCES) \ - $(keyid2sql_SOURCES) $(pubkey_speed_SOURCES) \ - $(thread_analysis_SOURCES) + $(crypt_burn_SOURCES) $(dh_speed_SOURCES) $(id2sql_SOURCES) \ + $(key2keyid_SOURCES) $(keyid2sql_SOURCES) \ + $(pubkey_speed_SOURCES) $(thread_analysis_SOURCES) ETAGS = etags CTAGS = ctags DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) @@ -171,6 +177,8 @@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREADLIB = @PTHREADLIB@ RANLIB = @RANLIB@ RTLIB = @RTLIB@ @@ -202,14 +210,17 @@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ +c_plugins = @c_plugins@ datadir = @datadir@ datarootdir = @datarootdir@ +dbusservicedir = @dbusservicedir@ default_pkcs11 = @default_pkcs11@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ gtk_CFLAGS = @gtk_CFLAGS@ gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ @@ -224,24 +235,31 @@ ipsecgid = @ipsecgid@ ipsecgroup = @ipsecgroup@ ipsecuid = @ipsecuid@ ipsecuser = @ipsecuser@ +libcharon_plugins = @libcharon_plugins@ libdir = @libdir@ libexecdir = @libexecdir@ -libhydra_plugins = @libhydra_plugins@ -libstrongswan_plugins = @libstrongswan_plugins@ linux_headers = @linux_headers@ localedir = @localedir@ localstatedir = @localstatedir@ lt_ECHO = @lt_ECHO@ +maemo_CFLAGS = @maemo_CFLAGS@ +maemo_LIBS = @maemo_LIBS@ +manager_plugins = @manager_plugins@ mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ mkdir_p = @mkdir_p@ nm_CFLAGS = @nm_CFLAGS@ nm_LIBS = @nm_LIBS@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ +openac_plugins = @openac_plugins@ +p_plugins = @p_plugins@ pdfdir = @pdfdir@ piddir = @piddir@ +pki_plugins = @pki_plugins@ plugindir = @plugindir@ pluto_plugins = @pluto_plugins@ +pool_plugins = @pool_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -249,7 +267,10 @@ random_device = @random_device@ resolv_conf = @resolv_conf@ routing_table = @routing_table@ routing_table_prio = @routing_table_prio@ +s_plugins = @s_plugins@ sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ @@ -261,9 +282,9 @@ top_srcdir = @top_srcdir@ urandom_device = @urandom_device@ xml_CFLAGS = @xml_CFLAGS@ xml_LIBS = @xml_LIBS@ -INCLUDES = -I$(top_srcdir)/src/libstrongswan +INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libtls AM_CFLAGS = \ --DPLUGINS="\"${libstrongswan_plugins}\"" +-DPLUGINS="\"${scripts_plugins}\"" bin2array_SOURCES = bin2array.c bin2sql_SOURCES = bin2sql.c @@ -273,11 +294,13 @@ keyid2sql_SOURCES = keyid2sql.c thread_analysis_SOURCES = thread_analysis.c dh_speed_SOURCES = dh_speed.c pubkey_speed_SOURCES = pubkey_speed.c +crypt_burn_SOURCES = crypt_burn.c id2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la key2keyid_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la keyid2sql_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la dh_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt pubkey_speed_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la -lrt +crypt_burn_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la all: all-am .SUFFIXES: @@ -327,6 +350,9 @@ bin2array$(EXEEXT): $(bin2array_OBJECTS) $(bin2array_DEPENDENCIES) bin2sql$(EXEEXT): $(bin2sql_OBJECTS) $(bin2sql_DEPENDENCIES) @rm -f bin2sql$(EXEEXT) $(LINK) $(bin2sql_OBJECTS) $(bin2sql_LDADD) $(LIBS) +crypt_burn$(EXEEXT): $(crypt_burn_OBJECTS) $(crypt_burn_DEPENDENCIES) + @rm -f crypt_burn$(EXEEXT) + $(LINK) $(crypt_burn_OBJECTS) $(crypt_burn_LDADD) $(LIBS) dh_speed$(EXEEXT): $(dh_speed_OBJECTS) $(dh_speed_DEPENDENCIES) @rm -f dh_speed$(EXEEXT) $(LINK) $(dh_speed_OBJECTS) $(dh_speed_LDADD) $(LIBS) @@ -354,6 +380,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bin2array.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bin2sql.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/crypt_burn.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dh_speed.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/id2sql.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/key2keyid.Po@am__quote@ @@ -586,6 +613,11 @@ uninstall-am: pdf pdf-am ps ps-am tags uninstall uninstall-am +@USE_TLS_TRUE@ noinst_PROGRAMS += tls_test +@USE_TLS_TRUE@ tls_test_SOURCES = tls_test.c +@USE_TLS_TRUE@ tls_test_LDADD = $(top_builddir)/src/libstrongswan/libstrongswan.la \ +@USE_TLS_TRUE@ $(top_builddir)/src/libtls/libtls.la + key2keyid.o : $(top_builddir)/config.status keyid2sql.o : $(top_builddir)/config.status diff --git a/scripts/crypt_burn.c b/scripts/crypt_burn.c new file mode 100644 index 000000000..25f18d47e --- /dev/null +++ b/scripts/crypt_burn.c @@ -0,0 +1,102 @@ + +#include +#include +#include + +int main(int argc, char *argv[]) +{ + const proposal_token_t *token; + aead_t *aead; + crypter_t *crypter; + char buffer[1024], assoc[8], iv[32]; + size_t bs; + int i = 0, limit = 0; + + + library_init(NULL); + lib->plugins->load(lib->plugins, NULL, PLUGINS); + atexit(library_deinit); + + printf("loaded: %s\n", PLUGINS); + + memset(buffer, 0x12, sizeof(buffer)); + memset(assoc, 0x34, sizeof(assoc)); + memset(iv, 0x56, sizeof(iv)); + + if (argc < 2) + { + fprintf(stderr, "usage: %s !\n", argv[0]); + return 1; + } + if (argc > 2) + { + limit = atoi(argv[2]); + } + + token = proposal_get_token(argv[1], strlen(argv[1])); + if (!token) + { + fprintf(stderr, "algorithm '%s' unknown!\n", argv[1]); + return 1; + } + if (token->type != ENCRYPTION_ALGORITHM) + { + fprintf(stderr, "'%s' is not an encryption/aead algorithm!\n", argv[1]); + return 1; + } + + if (encryption_algorithm_is_aead(token->algorithm)) + { + aead = lib->crypto->create_aead(lib->crypto, + token->algorithm, token->keysize / 8); + if (!aead) + { + fprintf(stderr, "aead '%s' not supported!\n", argv[1]); + return 1; + } + while (TRUE) + { + aead->encrypt(aead, + chunk_create(buffer, sizeof(buffer) - aead->get_icv_size(aead)), + chunk_from_thing(assoc), + chunk_create(iv, aead->get_iv_size(aead)), NULL); + if (!aead->decrypt(aead, chunk_create(buffer, sizeof(buffer)), + chunk_from_thing(assoc), + chunk_create(iv, aead->get_iv_size(aead)), NULL)) + { + fprintf(stderr, "aead integrity check failed!\n"); + return FALSE; + } + if (limit && ++i == limit) + { + break; + } + } + } + else + { + crypter = lib->crypto->create_crypter(lib->crypto, + token->algorithm, token->keysize / 8); + if (!crypter) + { + fprintf(stderr, "crypter '%s' not supported!\n", argv[1]); + return 1; + } + bs = crypter->get_block_size(crypter); + + while (i--) + { + crypter->encrypt(crypter, + chunk_create(buffer, sizeof(buffer) / bs * bs), + chunk_create(iv, crypter->get_iv_size(crypter)), NULL); + crypter->decrypt(crypter, + chunk_create(buffer, sizeof(buffer) / bs * bs), + chunk_create(iv, crypter->get_iv_size(crypter)), NULL); + if (limit && ++i == limit) + { + break; + } + } + } + return 0; +} diff --git a/scripts/key2keyid.c b/scripts/key2keyid.c index 551d031c6..6a8301c6a 100644 --- a/scripts/key2keyid.c +++ b/scripts/key2keyid.c @@ -35,7 +35,7 @@ int main(int argc, char *argv[]) if (private) { printf("parsed %d bits %N private key.\n", - private->get_keysize(private)*8, + private->get_keysize(private), key_type_names, private->get_type(private)); if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &chunk)) { @@ -65,7 +65,7 @@ int main(int argc, char *argv[]) if (public) { printf("parsed %d bits %N public key.\n", - public->get_keysize(public)*8, + public->get_keysize(public), key_type_names, public->get_type(public)); if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &chunk)) { diff --git a/scripts/pubkey_speed.c b/scripts/pubkey_speed.c index 255f650f5..6402e606d 100644 --- a/scripts/pubkey_speed.c +++ b/scripts/pubkey_speed.c @@ -79,23 +79,23 @@ int main(int argc, char *argv[]) { switch (private->get_keysize(private)) { - case 32: + case 256: scheme = SIGN_ECDSA_256; break; - case 48: + case 384: scheme = SIGN_ECDSA_384; break; - case 66: + case 521: scheme = SIGN_ECDSA_521; break; default: printf("%d bit ECDSA private key size not supported", - private->get_keysize(private) * 8); + private->get_keysize(private)); exit(1); } } - printf("%4d bit %N: ", private->get_keysize(private)*8, + printf("%4d bit %N: ", private->get_keysize(private), key_type_names, type); sigs = malloc(sizeof(chunk_t) * rounds); -- cgit v1.2.3