From 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Wed, 18 Nov 2015 14:49:27 +0100 Subject: Imported Upstream version 5.3.4 --- src/libstrongswan/Android.mk | 4 +- src/libstrongswan/AndroidConfigLocal.h | 22 - src/libstrongswan/Makefile.am | 14 +- src/libstrongswan/Makefile.in | 257 +++---- src/libstrongswan/asn1/oid.c | 511 +++++++------- src/libstrongswan/asn1/oid.h | 201 +++--- src/libstrongswan/asn1/oid.txt | 17 +- src/libstrongswan/credentials/auth_cfg.c | 6 +- src/libstrongswan/credentials/keys/public_key.c | 64 +- src/libstrongswan/credentials/keys/public_key.h | 20 +- src/libstrongswan/crypto/hashers/hasher.c | 75 +- src/libstrongswan/crypto/hashers/hasher.h | 4 + src/libstrongswan/crypto/iv/iv_gen.c | 5 + src/libstrongswan/crypto/iv/iv_gen_null.c | 63 ++ src/libstrongswan/crypto/iv/iv_gen_null.h | 32 + src/libstrongswan/plugins/bliss/bliss_plugin.c | 24 +- .../plugins/bliss/bliss_private_key.c | 12 +- src/libstrongswan/plugins/bliss/bliss_public_key.c | 12 +- .../plugins/bliss/tests/suites/test_bliss_sign.c | 10 +- src/libstrongswan/plugins/curl/curl_fetcher.c | 6 +- .../plugins/openssl/openssl_diffie_hellman.c | 1 + .../plugins/openssl/openssl_ec_diffie_hellman.c | 1 + .../plugins/openssl/openssl_rsa_private_key.c | 1 + .../plugins/openssl/openssl_rsa_public_key.c | 1 + src/libstrongswan/plugins/openssl/openssl_util.c | 1 + src/libstrongswan/plugins/plugin_loader.c | 17 +- src/libstrongswan/plugins/random/random_rng.c | 1 + .../plugins/revocation/revocation_validator.c | 2 +- src/libstrongswan/plugins/sha3/Makefile.am | 16 + src/libstrongswan/plugins/sha3/Makefile.in | 774 +++++++++++++++++++++ src/libstrongswan/plugins/sha3/sha3_hasher.c | 527 ++++++++++++++ src/libstrongswan/plugins/sha3/sha3_hasher.h | 48 ++ src/libstrongswan/plugins/sha3/sha3_plugin.c | 79 +++ src/libstrongswan/plugins/sha3/sha3_plugin.h | 42 ++ src/libstrongswan/plugins/test_vectors/Makefile.am | 1 + src/libstrongswan/plugins/test_vectors/Makefile.in | 11 +- .../plugins/test_vectors/test_vectors.h | 24 + .../plugins/test_vectors/test_vectors/sha3.c | 328 +++++++++ src/libstrongswan/plugins/x509/x509_ocsp_request.c | 4 +- src/libstrongswan/selectors/traffic_selector.c | 9 +- src/libstrongswan/settings/settings.c | 25 + src/libstrongswan/settings/settings.h | 9 + src/libstrongswan/tests/suites/test_hasher.c | 137 +++- .../tests/suites/test_identification.c | 1 + src/libstrongswan/tests/suites/test_settings.c | 24 + .../tests/suites/test_traffic_selector.c | 6 +- src/libstrongswan/tests/suites/test_utils.c | 6 +- src/libstrongswan/utils/compat/android.h | 31 + src/libstrongswan/utils/compat/windows.h | 5 + src/libstrongswan/utils/utils.c | 25 +- src/libstrongswan/utils/utils.h | 19 +- 51 files changed, 2906 insertions(+), 629 deletions(-) delete mode 100644 src/libstrongswan/AndroidConfigLocal.h create mode 100644 src/libstrongswan/crypto/iv/iv_gen_null.c create mode 100644 src/libstrongswan/crypto/iv/iv_gen_null.h create mode 100644 src/libstrongswan/plugins/sha3/Makefile.am create mode 100644 src/libstrongswan/plugins/sha3/Makefile.in create mode 100644 src/libstrongswan/plugins/sha3/sha3_hasher.c create mode 100644 src/libstrongswan/plugins/sha3/sha3_hasher.h create mode 100644 src/libstrongswan/plugins/sha3/sha3_plugin.c create mode 100644 src/libstrongswan/plugins/sha3/sha3_plugin.h create mode 100644 src/libstrongswan/plugins/test_vectors/test_vectors/sha3.c create mode 100644 src/libstrongswan/utils/compat/android.h (limited to 'src/libstrongswan') diff --git a/src/libstrongswan/Android.mk b/src/libstrongswan/Android.mk index d019d96e1..db3da8e15 100644 --- a/src/libstrongswan/Android.mk +++ b/src/libstrongswan/Android.mk @@ -15,6 +15,7 @@ crypto/rngs/rng.c crypto/prf_plus.c crypto/signers/signer.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c crypto/crypto_tester.c \ crypto/diffie_hellman.c crypto/aead.c crypto/transform.c \ crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c \ +crypto/iv/iv_gen_null.c \ crypto/mgf1/mgf1.c crypto/mgf1/mgf1_bitspender.c \ credentials/credential_factory.c credentials/builder.c \ credentials/cred_encoding.c credentials/keys/private_key.c \ @@ -116,8 +117,7 @@ LOCAL_SRC_FILES += $(call add_plugin, xcbc) # build libstrongswan ---------------------------------------------------------- -LOCAL_CFLAGS := $(strongswan_CFLAGS) \ - -include $(LOCAL_PATH)/AndroidConfigLocal.h +LOCAL_CFLAGS := $(strongswan_CFLAGS) LOCAL_MODULE := libstrongswan diff --git a/src/libstrongswan/AndroidConfigLocal.h b/src/libstrongswan/AndroidConfigLocal.h deleted file mode 100644 index ae0e60633..000000000 --- a/src/libstrongswan/AndroidConfigLocal.h +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright (C) 2010 Tobias Brunner - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/* stuff defined in AndroidConfig.h, which is included using the -include - * command-line option, thus cannot be undefined using -U CFLAGS options. - * the reason we have to undefine these flags in the first place, is that - * AndroidConfig.h defines them as 0, which in turn means that they are - * actually defined. */ - -#undef HAVE_BACKTRACE diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index adf3687ae..ed3b85dd4 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -13,6 +13,7 @@ crypto/rngs/rng.c crypto/prf_plus.c crypto/signers/signer.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c crypto/crypto_tester.c \ crypto/diffie_hellman.c crypto/aead.c crypto/transform.c \ crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c crypto/iv/iv_gen_seq.c \ +crypto/iv/iv_gen_null.c \ crypto/mgf1/mgf1.c crypto/mgf1/mgf1_bitspender.c \ credentials/credential_factory.c credentials/builder.c \ credentials/cred_encoding.c credentials/keys/private_key.c \ @@ -72,7 +73,7 @@ crypto/prfs/prf.h crypto/prfs/mac_prf.h crypto/rngs/rng.h crypto/nonce_gen.h \ crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \ crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \ crypto/aead.h crypto/transform.h crypto/pkcs5.h crypto/iv/iv_gen.h \ -crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h \ +crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h crypto/iv/iv_gen_null.h \ crypto/mgf1/mgf1.h crypto/mgf1/mgf1_bitspender.h \ credentials/credential_factory.h credentials/builder.h \ credentials/cred_encoding.h credentials/keys/private_key.h \ @@ -109,7 +110,7 @@ utils/lexparser.h utils/optionsfrom.h utils/capabilities.h utils/backtrace.h \ utils/cpu_feature.h utils/leak_detective.h utils/printf_hook/printf_hook.h \ utils/printf_hook/printf_hook_vstr.h utils/printf_hook/printf_hook_builtin.h \ utils/parser_helper.h utils/test.h utils/integrity_checker.h utils/process.h \ -utils/utils/strerror.h utils/compat/windows.h utils/compat/apple.h \ +utils/utils/strerror.h utils/compat/windows.h utils/compat/apple.h utils/compat/android.h \ utils/utils/atomics.h utils/utils/types.h utils/utils/byteorder.h \ utils/utils/string.h utils/utils/memory.h utils/utils/tty.h utils/utils/path.h \ utils/utils/status.h utils/utils/object.h utils/utils/time.h utils/utils/align.h @@ -190,7 +191,7 @@ endif EXTRA_DIST = \ asn1/oid.txt asn1/oid.pl \ crypto/proposal/proposal_keywords_static.txt \ -Android.mk AndroidConfigLocal.h +Android.mk BUILT_SOURCES = \ $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \ @@ -288,6 +289,13 @@ if MONOLITHIC endif endif +if USE_SHA3 + SUBDIRS += plugins/sha3 +if MONOLITHIC + libstrongswan_la_LIBADD += plugins/sha3/libstrongswan-sha3.la +endif +endif + if USE_GMP SUBDIRS += plugins/gmp if MONOLITHIC diff --git a/src/libstrongswan/Makefile.in b/src/libstrongswan/Makefile.in index 9598c8b51..284960f5c 100644 --- a/src/libstrongswan/Makefile.in +++ b/src/libstrongswan/Makefile.in @@ -131,93 +131,95 @@ host_triplet = @host@ @MONOLITHIC_TRUE@@USE_SHA1_TRUE@am__append_33 = plugins/sha1/libstrongswan-sha1.la @USE_SHA2_TRUE@am__append_34 = plugins/sha2 @MONOLITHIC_TRUE@@USE_SHA2_TRUE@am__append_35 = plugins/sha2/libstrongswan-sha2.la -@USE_GMP_TRUE@am__append_36 = plugins/gmp -@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_37 = plugins/gmp/libstrongswan-gmp.la -@USE_RDRAND_TRUE@am__append_38 = plugins/rdrand -@MONOLITHIC_TRUE@@USE_RDRAND_TRUE@am__append_39 = plugins/rdrand/libstrongswan-rdrand.la -@USE_AESNI_TRUE@am__append_40 = plugins/aesni -@MONOLITHIC_TRUE@@USE_AESNI_TRUE@am__append_41 = plugins/aesni/libstrongswan-aesni.la -@USE_RANDOM_TRUE@am__append_42 = plugins/random -@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_43 = plugins/random/libstrongswan-random.la -@USE_NONCE_TRUE@am__append_44 = plugins/nonce -@MONOLITHIC_TRUE@@USE_NONCE_TRUE@am__append_45 = plugins/nonce/libstrongswan-nonce.la -@USE_HMAC_TRUE@am__append_46 = plugins/hmac -@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_47 = plugins/hmac/libstrongswan-hmac.la -@USE_CMAC_TRUE@am__append_48 = plugins/cmac -@MONOLITHIC_TRUE@@USE_CMAC_TRUE@am__append_49 = plugins/cmac/libstrongswan-cmac.la -@USE_XCBC_TRUE@am__append_50 = plugins/xcbc -@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_51 = plugins/xcbc/libstrongswan-xcbc.la -@USE_X509_TRUE@am__append_52 = plugins/x509 -@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_53 = plugins/x509/libstrongswan-x509.la -@USE_REVOCATION_TRUE@am__append_54 = plugins/revocation -@MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_55 = plugins/revocation/libstrongswan-revocation.la -@USE_CONSTRAINTS_TRUE@am__append_56 = plugins/constraints -@MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_57 = plugins/constraints/libstrongswan-constraints.la -@USE_ACERT_TRUE@am__append_58 = plugins/acert -@MONOLITHIC_TRUE@@USE_ACERT_TRUE@am__append_59 = plugins/acert/libstrongswan-acert.la -@USE_PUBKEY_TRUE@am__append_60 = plugins/pubkey -@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_61 = plugins/pubkey/libstrongswan-pubkey.la -@USE_PKCS1_TRUE@am__append_62 = plugins/pkcs1 -@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_63 = plugins/pkcs1/libstrongswan-pkcs1.la -@USE_PKCS7_TRUE@am__append_64 = plugins/pkcs7 -@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_65 = plugins/pkcs7/libstrongswan-pkcs7.la -@USE_PKCS8_TRUE@am__append_66 = plugins/pkcs8 -@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_67 = plugins/pkcs8/libstrongswan-pkcs8.la -@USE_PKCS12_TRUE@am__append_68 = plugins/pkcs12 -@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_69 = plugins/pkcs12/libstrongswan-pkcs12.la -@USE_PGP_TRUE@am__append_70 = plugins/pgp -@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_71 = plugins/pgp/libstrongswan-pgp.la -@USE_DNSKEY_TRUE@am__append_72 = plugins/dnskey -@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_73 = plugins/dnskey/libstrongswan-dnskey.la -@USE_SSHKEY_TRUE@am__append_74 = plugins/sshkey -@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_75 = plugins/sshkey/libstrongswan-sshkey.la -@USE_PEM_TRUE@am__append_76 = plugins/pem -@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_77 = plugins/pem/libstrongswan-pem.la -@USE_CURL_TRUE@am__append_78 = plugins/curl -@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_79 = plugins/curl/libstrongswan-curl.la -@USE_FILES_TRUE@am__append_80 = plugins/files -@MONOLITHIC_TRUE@@USE_FILES_TRUE@am__append_81 = plugins/files/libstrongswan-files.la -@USE_WINHTTP_TRUE@am__append_82 = plugins/winhttp -@MONOLITHIC_TRUE@@USE_WINHTTP_TRUE@am__append_83 = plugins/winhttp/libstrongswan-winhttp.la -@USE_UNBOUND_TRUE@am__append_84 = plugins/unbound -@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_85 = plugins/unbound/libstrongswan-unbound.la -@USE_SOUP_TRUE@am__append_86 = plugins/soup -@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_87 = plugins/soup/libstrongswan-soup.la -@USE_LDAP_TRUE@am__append_88 = plugins/ldap -@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_89 = plugins/ldap/libstrongswan-ldap.la -@USE_MYSQL_TRUE@am__append_90 = plugins/mysql -@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_91 = plugins/mysql/libstrongswan-mysql.la -@USE_SQLITE_TRUE@am__append_92 = plugins/sqlite -@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_93 = plugins/sqlite/libstrongswan-sqlite.la -@USE_PADLOCK_TRUE@am__append_94 = plugins/padlock -@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_95 = plugins/padlock/libstrongswan-padlock.la -@USE_OPENSSL_TRUE@am__append_96 = plugins/openssl -@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_97 = plugins/openssl/libstrongswan-openssl.la -@USE_GCRYPT_TRUE@am__append_98 = plugins/gcrypt -@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_99 = plugins/gcrypt/libstrongswan-gcrypt.la -@USE_FIPS_PRF_TRUE@am__append_100 = plugins/fips_prf -@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_101 = plugins/fips_prf/libstrongswan-fips-prf.la -@USE_AGENT_TRUE@am__append_102 = plugins/agent -@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_103 = plugins/agent/libstrongswan-agent.la -@USE_KEYCHAIN_TRUE@am__append_104 = plugins/keychain -@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_105 = plugins/keychain/libstrongswan-keychain.la -@USE_PKCS11_TRUE@am__append_106 = plugins/pkcs11 -@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_107 = plugins/pkcs11/libstrongswan-pkcs11.la -@USE_CHAPOLY_TRUE@am__append_108 = plugins/chapoly -@MONOLITHIC_TRUE@@USE_CHAPOLY_TRUE@am__append_109 = plugins/chapoly/libstrongswan-chapoly.la -@USE_CTR_TRUE@am__append_110 = plugins/ctr -@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_111 = plugins/ctr/libstrongswan-ctr.la -@USE_CCM_TRUE@am__append_112 = plugins/ccm -@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_113 = plugins/ccm/libstrongswan-ccm.la -@USE_GCM_TRUE@am__append_114 = plugins/gcm -@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_115 = plugins/gcm/libstrongswan-gcm.la -@USE_NTRU_TRUE@am__append_116 = plugins/ntru -@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_117 = plugins/ntru/libstrongswan-ntru.la -@USE_BLISS_TRUE@am__append_118 = plugins/bliss -@MONOLITHIC_TRUE@@USE_BLISS_TRUE@am__append_119 = plugins/bliss/libstrongswan-bliss.la -@USE_TEST_VECTORS_TRUE@am__append_120 = plugins/test_vectors -@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_121 = plugins/test_vectors/libstrongswan-test-vectors.la -@USE_BLISS_TRUE@am__append_122 = plugins/bliss/tests +@USE_SHA3_TRUE@am__append_36 = plugins/sha3 +@MONOLITHIC_TRUE@@USE_SHA3_TRUE@am__append_37 = plugins/sha3/libstrongswan-sha3.la +@USE_GMP_TRUE@am__append_38 = plugins/gmp +@MONOLITHIC_TRUE@@USE_GMP_TRUE@am__append_39 = plugins/gmp/libstrongswan-gmp.la +@USE_RDRAND_TRUE@am__append_40 = plugins/rdrand +@MONOLITHIC_TRUE@@USE_RDRAND_TRUE@am__append_41 = plugins/rdrand/libstrongswan-rdrand.la +@USE_AESNI_TRUE@am__append_42 = plugins/aesni +@MONOLITHIC_TRUE@@USE_AESNI_TRUE@am__append_43 = plugins/aesni/libstrongswan-aesni.la +@USE_RANDOM_TRUE@am__append_44 = plugins/random +@MONOLITHIC_TRUE@@USE_RANDOM_TRUE@am__append_45 = plugins/random/libstrongswan-random.la +@USE_NONCE_TRUE@am__append_46 = plugins/nonce +@MONOLITHIC_TRUE@@USE_NONCE_TRUE@am__append_47 = plugins/nonce/libstrongswan-nonce.la +@USE_HMAC_TRUE@am__append_48 = plugins/hmac +@MONOLITHIC_TRUE@@USE_HMAC_TRUE@am__append_49 = plugins/hmac/libstrongswan-hmac.la +@USE_CMAC_TRUE@am__append_50 = plugins/cmac +@MONOLITHIC_TRUE@@USE_CMAC_TRUE@am__append_51 = plugins/cmac/libstrongswan-cmac.la +@USE_XCBC_TRUE@am__append_52 = plugins/xcbc +@MONOLITHIC_TRUE@@USE_XCBC_TRUE@am__append_53 = plugins/xcbc/libstrongswan-xcbc.la +@USE_X509_TRUE@am__append_54 = plugins/x509 +@MONOLITHIC_TRUE@@USE_X509_TRUE@am__append_55 = plugins/x509/libstrongswan-x509.la +@USE_REVOCATION_TRUE@am__append_56 = plugins/revocation +@MONOLITHIC_TRUE@@USE_REVOCATION_TRUE@am__append_57 = plugins/revocation/libstrongswan-revocation.la +@USE_CONSTRAINTS_TRUE@am__append_58 = plugins/constraints +@MONOLITHIC_TRUE@@USE_CONSTRAINTS_TRUE@am__append_59 = plugins/constraints/libstrongswan-constraints.la +@USE_ACERT_TRUE@am__append_60 = plugins/acert +@MONOLITHIC_TRUE@@USE_ACERT_TRUE@am__append_61 = plugins/acert/libstrongswan-acert.la +@USE_PUBKEY_TRUE@am__append_62 = plugins/pubkey +@MONOLITHIC_TRUE@@USE_PUBKEY_TRUE@am__append_63 = plugins/pubkey/libstrongswan-pubkey.la +@USE_PKCS1_TRUE@am__append_64 = plugins/pkcs1 +@MONOLITHIC_TRUE@@USE_PKCS1_TRUE@am__append_65 = plugins/pkcs1/libstrongswan-pkcs1.la +@USE_PKCS7_TRUE@am__append_66 = plugins/pkcs7 +@MONOLITHIC_TRUE@@USE_PKCS7_TRUE@am__append_67 = plugins/pkcs7/libstrongswan-pkcs7.la +@USE_PKCS8_TRUE@am__append_68 = plugins/pkcs8 +@MONOLITHIC_TRUE@@USE_PKCS8_TRUE@am__append_69 = plugins/pkcs8/libstrongswan-pkcs8.la +@USE_PKCS12_TRUE@am__append_70 = plugins/pkcs12 +@MONOLITHIC_TRUE@@USE_PKCS12_TRUE@am__append_71 = plugins/pkcs12/libstrongswan-pkcs12.la +@USE_PGP_TRUE@am__append_72 = plugins/pgp +@MONOLITHIC_TRUE@@USE_PGP_TRUE@am__append_73 = plugins/pgp/libstrongswan-pgp.la +@USE_DNSKEY_TRUE@am__append_74 = plugins/dnskey +@MONOLITHIC_TRUE@@USE_DNSKEY_TRUE@am__append_75 = plugins/dnskey/libstrongswan-dnskey.la +@USE_SSHKEY_TRUE@am__append_76 = plugins/sshkey +@MONOLITHIC_TRUE@@USE_SSHKEY_TRUE@am__append_77 = plugins/sshkey/libstrongswan-sshkey.la +@USE_PEM_TRUE@am__append_78 = plugins/pem +@MONOLITHIC_TRUE@@USE_PEM_TRUE@am__append_79 = plugins/pem/libstrongswan-pem.la +@USE_CURL_TRUE@am__append_80 = plugins/curl +@MONOLITHIC_TRUE@@USE_CURL_TRUE@am__append_81 = plugins/curl/libstrongswan-curl.la +@USE_FILES_TRUE@am__append_82 = plugins/files +@MONOLITHIC_TRUE@@USE_FILES_TRUE@am__append_83 = plugins/files/libstrongswan-files.la +@USE_WINHTTP_TRUE@am__append_84 = plugins/winhttp +@MONOLITHIC_TRUE@@USE_WINHTTP_TRUE@am__append_85 = plugins/winhttp/libstrongswan-winhttp.la +@USE_UNBOUND_TRUE@am__append_86 = plugins/unbound +@MONOLITHIC_TRUE@@USE_UNBOUND_TRUE@am__append_87 = plugins/unbound/libstrongswan-unbound.la +@USE_SOUP_TRUE@am__append_88 = plugins/soup +@MONOLITHIC_TRUE@@USE_SOUP_TRUE@am__append_89 = plugins/soup/libstrongswan-soup.la +@USE_LDAP_TRUE@am__append_90 = plugins/ldap +@MONOLITHIC_TRUE@@USE_LDAP_TRUE@am__append_91 = plugins/ldap/libstrongswan-ldap.la +@USE_MYSQL_TRUE@am__append_92 = plugins/mysql +@MONOLITHIC_TRUE@@USE_MYSQL_TRUE@am__append_93 = plugins/mysql/libstrongswan-mysql.la +@USE_SQLITE_TRUE@am__append_94 = plugins/sqlite +@MONOLITHIC_TRUE@@USE_SQLITE_TRUE@am__append_95 = plugins/sqlite/libstrongswan-sqlite.la +@USE_PADLOCK_TRUE@am__append_96 = plugins/padlock +@MONOLITHIC_TRUE@@USE_PADLOCK_TRUE@am__append_97 = plugins/padlock/libstrongswan-padlock.la +@USE_OPENSSL_TRUE@am__append_98 = plugins/openssl +@MONOLITHIC_TRUE@@USE_OPENSSL_TRUE@am__append_99 = plugins/openssl/libstrongswan-openssl.la +@USE_GCRYPT_TRUE@am__append_100 = plugins/gcrypt +@MONOLITHIC_TRUE@@USE_GCRYPT_TRUE@am__append_101 = plugins/gcrypt/libstrongswan-gcrypt.la +@USE_FIPS_PRF_TRUE@am__append_102 = plugins/fips_prf +@MONOLITHIC_TRUE@@USE_FIPS_PRF_TRUE@am__append_103 = plugins/fips_prf/libstrongswan-fips-prf.la +@USE_AGENT_TRUE@am__append_104 = plugins/agent +@MONOLITHIC_TRUE@@USE_AGENT_TRUE@am__append_105 = plugins/agent/libstrongswan-agent.la +@USE_KEYCHAIN_TRUE@am__append_106 = plugins/keychain +@MONOLITHIC_TRUE@@USE_KEYCHAIN_TRUE@am__append_107 = plugins/keychain/libstrongswan-keychain.la +@USE_PKCS11_TRUE@am__append_108 = plugins/pkcs11 +@MONOLITHIC_TRUE@@USE_PKCS11_TRUE@am__append_109 = plugins/pkcs11/libstrongswan-pkcs11.la +@USE_CHAPOLY_TRUE@am__append_110 = plugins/chapoly +@MONOLITHIC_TRUE@@USE_CHAPOLY_TRUE@am__append_111 = plugins/chapoly/libstrongswan-chapoly.la +@USE_CTR_TRUE@am__append_112 = plugins/ctr +@MONOLITHIC_TRUE@@USE_CTR_TRUE@am__append_113 = plugins/ctr/libstrongswan-ctr.la +@USE_CCM_TRUE@am__append_114 = plugins/ccm +@MONOLITHIC_TRUE@@USE_CCM_TRUE@am__append_115 = plugins/ccm/libstrongswan-ccm.la +@USE_GCM_TRUE@am__append_116 = plugins/gcm +@MONOLITHIC_TRUE@@USE_GCM_TRUE@am__append_117 = plugins/gcm/libstrongswan-gcm.la +@USE_NTRU_TRUE@am__append_118 = plugins/ntru +@MONOLITHIC_TRUE@@USE_NTRU_TRUE@am__append_119 = plugins/ntru/libstrongswan-ntru.la +@USE_BLISS_TRUE@am__append_120 = plugins/bliss +@MONOLITHIC_TRUE@@USE_BLISS_TRUE@am__append_121 = plugins/bliss/libstrongswan-bliss.la +@USE_TEST_VECTORS_TRUE@am__append_122 = plugins/test_vectors +@MONOLITHIC_TRUE@@USE_TEST_VECTORS_TRUE@am__append_123 = plugins/test_vectors/libstrongswan-test-vectors.la +@USE_BLISS_TRUE@am__append_124 = plugins/bliss/tests subdir = src/libstrongswan DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ settings/settings_parser.h settings/settings_parser.c \ @@ -297,7 +299,7 @@ libstrongswan_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ $(am__append_101) $(am__append_103) $(am__append_105) \ $(am__append_107) $(am__append_109) $(am__append_111) \ $(am__append_113) $(am__append_115) $(am__append_117) \ - $(am__append_119) $(am__append_121) + $(am__append_119) $(am__append_121) $(am__append_123) am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \ asn1/asn1_parser.c asn1/oid.c bio/bio_reader.c \ bio/bio_writer.c collections/blocking_queue.c \ @@ -312,11 +314,11 @@ am__libstrongswan_la_SOURCES_DIST = library.c asn1/asn1.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c \ crypto/crypto_tester.c crypto/diffie_hellman.c crypto/aead.c \ crypto/transform.c crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c \ - crypto/iv/iv_gen_seq.c crypto/mgf1/mgf1.c \ - crypto/mgf1/mgf1_bitspender.c credentials/credential_factory.c \ - credentials/builder.c credentials/cred_encoding.c \ - credentials/keys/private_key.c credentials/keys/public_key.c \ - credentials/keys/shared_key.c \ + crypto/iv/iv_gen_seq.c crypto/iv/iv_gen_null.c \ + crypto/mgf1/mgf1.c crypto/mgf1/mgf1_bitspender.c \ + credentials/credential_factory.c credentials/builder.c \ + credentials/cred_encoding.c credentials/keys/private_key.c \ + credentials/keys/public_key.c credentials/keys/shared_key.c \ credentials/certificates/certificate.c \ credentials/certificates/crl.c \ credentials/certificates/ocsp_response.c \ @@ -397,7 +399,8 @@ am_libstrongswan_la_OBJECTS = library.lo asn1/asn1.lo \ crypto/crypto_tester.lo crypto/diffie_hellman.lo \ crypto/aead.lo crypto/transform.lo crypto/iv/iv_gen.lo \ crypto/iv/iv_gen_rand.lo crypto/iv/iv_gen_seq.lo \ - crypto/mgf1/mgf1.lo crypto/mgf1/mgf1_bitspender.lo \ + crypto/iv/iv_gen_null.lo crypto/mgf1/mgf1.lo \ + crypto/mgf1/mgf1_bitspender.lo \ credentials/credential_factory.lo credentials/builder.lo \ credentials/cred_encoding.lo credentials/keys/private_key.lo \ credentials/keys/public_key.lo credentials/keys/shared_key.lo \ @@ -524,10 +527,11 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \ crypto/crypto_tester.h crypto/diffie_hellman.h crypto/aead.h \ crypto/transform.h crypto/pkcs5.h crypto/iv/iv_gen.h \ crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h \ - crypto/mgf1/mgf1.h crypto/mgf1/mgf1_bitspender.h \ - credentials/credential_factory.h credentials/builder.h \ - credentials/cred_encoding.h credentials/keys/private_key.h \ - credentials/keys/public_key.h credentials/keys/shared_key.h \ + crypto/iv/iv_gen_null.h crypto/mgf1/mgf1.h \ + crypto/mgf1/mgf1_bitspender.h credentials/credential_factory.h \ + credentials/builder.h credentials/cred_encoding.h \ + credentials/keys/private_key.h credentials/keys/public_key.h \ + credentials/keys/shared_key.h \ credentials/certificates/certificate.h \ credentials/certificates/x509.h credentials/certificates/ac.h \ credentials/certificates/crl.h \ @@ -574,7 +578,8 @@ am__nobase_strongswan_include_HEADERS_DIST = library.h asn1/asn1.h \ utils/printf_hook/printf_hook_builtin.h utils/parser_helper.h \ utils/test.h utils/integrity_checker.h utils/process.h \ utils/utils/strerror.h utils/compat/windows.h \ - utils/compat/apple.h utils/utils/atomics.h utils/utils/types.h \ + utils/compat/apple.h utils/compat/android.h \ + utils/utils/atomics.h utils/utils/types.h \ utils/utils/byteorder.h utils/utils/string.h \ utils/utils/memory.h utils/utils/tty.h utils/utils/path.h \ utils/utils/status.h utils/utils/object.h utils/utils/time.h \ @@ -609,18 +614,19 @@ ETAGS = etags CTAGS = ctags DIST_SUBDIRS = . plugins/af_alg plugins/aes plugins/des \ plugins/blowfish plugins/rc2 plugins/md4 plugins/md5 \ - plugins/sha1 plugins/sha2 plugins/gmp plugins/rdrand \ - plugins/aesni plugins/random plugins/nonce plugins/hmac \ - plugins/cmac plugins/xcbc plugins/x509 plugins/revocation \ - plugins/constraints plugins/acert plugins/pubkey plugins/pkcs1 \ - plugins/pkcs7 plugins/pkcs8 plugins/pkcs12 plugins/pgp \ - plugins/dnskey plugins/sshkey plugins/pem plugins/curl \ - plugins/files plugins/winhttp plugins/unbound plugins/soup \ - plugins/ldap plugins/mysql plugins/sqlite plugins/padlock \ - plugins/openssl plugins/gcrypt plugins/fips_prf plugins/agent \ - plugins/keychain plugins/pkcs11 plugins/chapoly plugins/ctr \ - plugins/ccm plugins/gcm plugins/ntru plugins/bliss \ - plugins/test_vectors tests plugins/bliss/tests + plugins/sha1 plugins/sha2 plugins/sha3 plugins/gmp \ + plugins/rdrand plugins/aesni plugins/random plugins/nonce \ + plugins/hmac plugins/cmac plugins/xcbc plugins/x509 \ + plugins/revocation plugins/constraints plugins/acert \ + plugins/pubkey plugins/pkcs1 plugins/pkcs7 plugins/pkcs8 \ + plugins/pkcs12 plugins/pgp plugins/dnskey plugins/sshkey \ + plugins/pem plugins/curl plugins/files plugins/winhttp \ + plugins/unbound plugins/soup plugins/ldap plugins/mysql \ + plugins/sqlite plugins/padlock plugins/openssl plugins/gcrypt \ + plugins/fips_prf plugins/agent plugins/keychain plugins/pkcs11 \ + plugins/chapoly plugins/ctr plugins/ccm plugins/gcm \ + plugins/ntru plugins/bliss plugins/test_vectors tests \ + plugins/bliss/tests DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ dir0=`pwd`; \ @@ -886,11 +892,11 @@ libstrongswan_la_SOURCES = library.c asn1/asn1.c asn1/asn1_parser.c \ crypto/signers/mac_signer.c crypto/crypto_factory.c \ crypto/crypto_tester.c crypto/diffie_hellman.c crypto/aead.c \ crypto/transform.c crypto/iv/iv_gen.c crypto/iv/iv_gen_rand.c \ - crypto/iv/iv_gen_seq.c crypto/mgf1/mgf1.c \ - crypto/mgf1/mgf1_bitspender.c credentials/credential_factory.c \ - credentials/builder.c credentials/cred_encoding.c \ - credentials/keys/private_key.c credentials/keys/public_key.c \ - credentials/keys/shared_key.c \ + crypto/iv/iv_gen_seq.c crypto/iv/iv_gen_null.c \ + crypto/mgf1/mgf1.c crypto/mgf1/mgf1_bitspender.c \ + credentials/credential_factory.c credentials/builder.c \ + credentials/cred_encoding.c credentials/keys/private_key.c \ + credentials/keys/public_key.c credentials/keys/shared_key.c \ credentials/certificates/certificate.c \ credentials/certificates/crl.c \ credentials/certificates/ocsp_response.c \ @@ -945,7 +951,7 @@ settings/settings_types.h @USE_DEV_HEADERS_TRUE@crypto/prf_plus.h crypto/signers/signer.h crypto/signers/mac_signer.h \ @USE_DEV_HEADERS_TRUE@crypto/crypto_factory.h crypto/crypto_tester.h crypto/diffie_hellman.h \ @USE_DEV_HEADERS_TRUE@crypto/aead.h crypto/transform.h crypto/pkcs5.h crypto/iv/iv_gen.h \ -@USE_DEV_HEADERS_TRUE@crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h \ +@USE_DEV_HEADERS_TRUE@crypto/iv/iv_gen_rand.h crypto/iv/iv_gen_seq.h crypto/iv/iv_gen_null.h \ @USE_DEV_HEADERS_TRUE@crypto/mgf1/mgf1.h crypto/mgf1/mgf1_bitspender.h \ @USE_DEV_HEADERS_TRUE@credentials/credential_factory.h credentials/builder.h \ @USE_DEV_HEADERS_TRUE@credentials/cred_encoding.h credentials/keys/private_key.h \ @@ -982,7 +988,7 @@ settings/settings_types.h @USE_DEV_HEADERS_TRUE@utils/cpu_feature.h utils/leak_detective.h utils/printf_hook/printf_hook.h \ @USE_DEV_HEADERS_TRUE@utils/printf_hook/printf_hook_vstr.h utils/printf_hook/printf_hook_builtin.h \ @USE_DEV_HEADERS_TRUE@utils/parser_helper.h utils/test.h utils/integrity_checker.h utils/process.h \ -@USE_DEV_HEADERS_TRUE@utils/utils/strerror.h utils/compat/windows.h utils/compat/apple.h \ +@USE_DEV_HEADERS_TRUE@utils/utils/strerror.h utils/compat/windows.h utils/compat/apple.h utils/compat/android.h \ @USE_DEV_HEADERS_TRUE@utils/utils/atomics.h utils/utils/types.h utils/utils/byteorder.h \ @USE_DEV_HEADERS_TRUE@utils/utils/string.h utils/utils/memory.h utils/utils/tty.h utils/utils/path.h \ @USE_DEV_HEADERS_TRUE@utils/utils/status.h utils/utils/object.h utils/utils/time.h utils/utils/align.h @@ -1007,7 +1013,7 @@ libstrongswan_la_LIBADD = $(DLLIB) $(BTLIB) $(SOCKLIB) $(RTLIB) \ $(am__append_101) $(am__append_103) $(am__append_105) \ $(am__append_107) $(am__append_109) $(am__append_111) \ $(am__append_113) $(am__append_115) $(am__append_117) \ - $(am__append_119) $(am__append_121) + $(am__append_119) $(am__append_121) $(am__append_123) AM_CPPFLAGS = -I$(top_srcdir)/src/libstrongswan \ -DIPSEC_DIR=\"${ipsecdir}\" -DIPSEC_LIB_DIR=\"${ipseclibdir}\" \ -DPLUGINDIR=\"${plugindir}\" \ @@ -1023,7 +1029,7 @@ AM_YFLAGS = -v -d EXTRA_DIST = \ asn1/oid.txt asn1/oid.pl \ crypto/proposal/proposal_keywords_static.txt \ -Android.mk AndroidConfigLocal.h +Android.mk BUILT_SOURCES = \ $(srcdir)/asn1/oid.c $(srcdir)/asn1/oid.h \ @@ -1059,8 +1065,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c @MONOLITHIC_FALSE@ $(am__append_106) $(am__append_108) \ @MONOLITHIC_FALSE@ $(am__append_110) $(am__append_112) \ @MONOLITHIC_FALSE@ $(am__append_114) $(am__append_116) \ -@MONOLITHIC_FALSE@ $(am__append_118) $(am__append_120) tests \ -@MONOLITHIC_FALSE@ $(am__append_122) +@MONOLITHIC_FALSE@ $(am__append_118) $(am__append_120) \ +@MONOLITHIC_FALSE@ $(am__append_122) tests $(am__append_124) # build plugins with their own Makefile ####################################### @@ -1089,8 +1095,8 @@ $(srcdir)/crypto/proposal/proposal_keywords_static.c @MONOLITHIC_TRUE@ $(am__append_106) $(am__append_108) \ @MONOLITHIC_TRUE@ $(am__append_110) $(am__append_112) \ @MONOLITHIC_TRUE@ $(am__append_114) $(am__append_116) \ -@MONOLITHIC_TRUE@ $(am__append_118) $(am__append_120) . tests \ -@MONOLITHIC_TRUE@ $(am__append_122) +@MONOLITHIC_TRUE@ $(am__append_118) $(am__append_120) \ +@MONOLITHIC_TRUE@ $(am__append_122) . tests $(am__append_124) all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -1284,6 +1290,8 @@ crypto/iv/iv_gen_rand.lo: crypto/iv/$(am__dirstamp) \ crypto/iv/$(DEPDIR)/$(am__dirstamp) crypto/iv/iv_gen_seq.lo: crypto/iv/$(am__dirstamp) \ crypto/iv/$(DEPDIR)/$(am__dirstamp) +crypto/iv/iv_gen_null.lo: crypto/iv/$(am__dirstamp) \ + crypto/iv/$(DEPDIR)/$(am__dirstamp) crypto/mgf1/$(am__dirstamp): @$(MKDIR_P) crypto/mgf1 @: > crypto/mgf1/$(am__dirstamp) @@ -1750,6 +1758,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@crypto/hashers/$(DEPDIR)/hash_algorithm_set.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@crypto/hashers/$(DEPDIR)/hasher.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@crypto/iv/$(DEPDIR)/iv_gen.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@crypto/iv/$(DEPDIR)/iv_gen_null.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@crypto/iv/$(DEPDIR)/iv_gen_rand.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@crypto/iv/$(DEPDIR)/iv_gen_seq.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@crypto/mgf1/$(DEPDIR)/mgf1.Plo@am__quote@ diff --git a/src/libstrongswan/asn1/oid.c b/src/libstrongswan/asn1/oid.c index a750f7fcb..a088b0527 100644 --- a/src/libstrongswan/asn1/oid.c +++ b/src/libstrongswan/asn1/oid.c @@ -199,12 +199,12 @@ const oid_t oid_names[] = { { 0x02, 187, 0, 7, "ecdsa-with-SHA256" }, /* 186 */ { 0x03, 188, 0, 7, "ecdsa-with-SHA384" }, /* 187 */ { 0x04, 0, 0, 7, "ecdsa-with-SHA512" }, /* 188 */ - {0x2B, 413, 1, 0, "" }, /* 189 */ - { 0x06, 327, 1, 1, "dod" }, /* 190 */ + {0x2B, 416, 1, 0, "" }, /* 189 */ + { 0x06, 330, 1, 1, "dod" }, /* 190 */ { 0x01, 0, 1, 2, "internet" }, /* 191 */ - { 0x04, 278, 1, 3, "private" }, /* 192 */ + { 0x04, 281, 1, 3, "private" }, /* 192 */ { 0x01, 0, 1, 4, "enterprise" }, /* 193 */ - { 0x82, 228, 1, 5, "" }, /* 194 */ + { 0x82, 231, 1, 5, "" }, /* 194 */ { 0x37, 207, 1, 6, "Microsoft" }, /* 195 */ { 0x0A, 200, 1, 7, "" }, /* 196 */ { 0x03, 0, 1, 8, "" }, /* 197 */ @@ -235,254 +235,257 @@ const oid_t oid_names[] = { { 0x07, 223, 0, 10, "BLISS-B-III" }, /* 222 */ { 0x08, 0, 0, 10, "BLISS-B-IV" }, /* 223 */ { 0x03, 0, 1, 9, "blissSigType" }, /* 224 */ - { 0x01, 226, 0, 10, "BLISS-with-SHA512" }, /* 225 */ - { 0x02, 227, 0, 10, "BLISS-with-SHA384" }, /* 226 */ - { 0x03, 0, 0, 10, "BLISS-with-SHA256" }, /* 227 */ - { 0x89, 235, 1, 5, "" }, /* 228 */ - { 0x31, 0, 1, 6, "" }, /* 229 */ - { 0x01, 0, 1, 7, "" }, /* 230 */ - { 0x01, 0, 1, 8, "" }, /* 231 */ - { 0x02, 0, 1, 9, "" }, /* 232 */ - { 0x02, 0, 1, 10, "" }, /* 233 */ - { 0x4B, 0, 0, 11, "TCGID" }, /* 234 */ - { 0x97, 239, 1, 5, "" }, /* 235 */ - { 0x55, 0, 1, 6, "" }, /* 236 */ - { 0x01, 0, 1, 7, "" }, /* 237 */ - { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 238 */ - { 0xC1, 0, 1, 5, "" }, /* 239 */ - { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 240 */ - { 0x01, 0, 1, 7, "eess" }, /* 241 */ - { 0x01, 0, 1, 8, "eess1" }, /* 242 */ - { 0x01, 247, 1, 9, "eess1-algs" }, /* 243 */ - { 0x01, 245, 0, 10, "ntru-EESS1v1-SVES" }, /* 244 */ - { 0x02, 246, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 245 */ - { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 246 */ - { 0x02, 277, 1, 9, "eess1-params" }, /* 247 */ - { 0x01, 249, 0, 10, "ees251ep1" }, /* 248 */ - { 0x02, 250, 0, 10, "ees347ep1" }, /* 249 */ - { 0x03, 251, 0, 10, "ees503ep1" }, /* 250 */ - { 0x07, 252, 0, 10, "ees251sp2" }, /* 251 */ - { 0x0C, 253, 0, 10, "ees251ep4" }, /* 252 */ - { 0x0D, 254, 0, 10, "ees251ep5" }, /* 253 */ - { 0x0E, 255, 0, 10, "ees251sp3" }, /* 254 */ - { 0x0F, 256, 0, 10, "ees251sp4" }, /* 255 */ - { 0x10, 257, 0, 10, "ees251sp5" }, /* 256 */ - { 0x11, 258, 0, 10, "ees251sp6" }, /* 257 */ - { 0x12, 259, 0, 10, "ees251sp7" }, /* 258 */ - { 0x13, 260, 0, 10, "ees251sp8" }, /* 259 */ - { 0x14, 261, 0, 10, "ees251sp9" }, /* 260 */ - { 0x22, 262, 0, 10, "ees401ep1" }, /* 261 */ - { 0x23, 263, 0, 10, "ees449ep1" }, /* 262 */ - { 0x24, 264, 0, 10, "ees677ep1" }, /* 263 */ - { 0x25, 265, 0, 10, "ees1087ep2" }, /* 264 */ - { 0x26, 266, 0, 10, "ees541ep1" }, /* 265 */ - { 0x27, 267, 0, 10, "ees613ep1" }, /* 266 */ - { 0x28, 268, 0, 10, "ees887ep1" }, /* 267 */ - { 0x29, 269, 0, 10, "ees1171ep1" }, /* 268 */ - { 0x2A, 270, 0, 10, "ees659ep1" }, /* 269 */ - { 0x2B, 271, 0, 10, "ees761ep1" }, /* 270 */ - { 0x2C, 272, 0, 10, "ees1087ep1" }, /* 271 */ - { 0x2D, 273, 0, 10, "ees1499ep1" }, /* 272 */ - { 0x2E, 274, 0, 10, "ees401ep2" }, /* 273 */ - { 0x2F, 275, 0, 10, "ees439ep1" }, /* 274 */ - { 0x30, 276, 0, 10, "ees593ep1" }, /* 275 */ - { 0x31, 0, 0, 10, "ees743ep1" }, /* 276 */ - { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 277 */ - { 0x05, 0, 1, 3, "security" }, /* 278 */ - { 0x05, 0, 1, 4, "mechanisms" }, /* 279 */ - { 0x07, 324, 1, 5, "id-pkix" }, /* 280 */ - { 0x01, 285, 1, 6, "id-pe" }, /* 281 */ - { 0x01, 283, 0, 7, "authorityInfoAccess" }, /* 282 */ - { 0x03, 284, 0, 7, "qcStatements" }, /* 283 */ - { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 284 */ - { 0x02, 288, 1, 6, "id-qt" }, /* 285 */ - { 0x01, 287, 0, 7, "cps" }, /* 286 */ - { 0x02, 0, 0, 7, "unotice" }, /* 287 */ - { 0x03, 298, 1, 6, "id-kp" }, /* 288 */ - { 0x01, 290, 0, 7, "serverAuth" }, /* 289 */ - { 0x02, 291, 0, 7, "clientAuth" }, /* 290 */ - { 0x03, 292, 0, 7, "codeSigning" }, /* 291 */ - { 0x04, 293, 0, 7, "emailProtection" }, /* 292 */ - { 0x05, 294, 0, 7, "ipsecEndSystem" }, /* 293 */ - { 0x06, 295, 0, 7, "ipsecTunnel" }, /* 294 */ - { 0x07, 296, 0, 7, "ipsecUser" }, /* 295 */ - { 0x08, 297, 0, 7, "timeStamping" }, /* 296 */ - { 0x09, 0, 0, 7, "ocspSigning" }, /* 297 */ - { 0x08, 306, 1, 6, "id-otherNames" }, /* 298 */ - { 0x01, 300, 0, 7, "personalData" }, /* 299 */ - { 0x02, 301, 0, 7, "userGroup" }, /* 300 */ - { 0x03, 302, 0, 7, "id-on-permanentIdentifier" }, /* 301 */ - { 0x04, 303, 0, 7, "id-on-hardwareModuleName" }, /* 302 */ - { 0x05, 304, 0, 7, "xmppAddr" }, /* 303 */ - { 0x06, 305, 0, 7, "id-on-SIM" }, /* 304 */ - { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 305 */ - { 0x0A, 311, 1, 6, "id-aca" }, /* 306 */ - { 0x01, 308, 0, 7, "authenticationInfo" }, /* 307 */ - { 0x02, 309, 0, 7, "accessIdentity" }, /* 308 */ - { 0x03, 310, 0, 7, "chargingIdentity" }, /* 309 */ - { 0x04, 0, 0, 7, "group" }, /* 310 */ - { 0x0B, 312, 0, 6, "subjectInfoAccess" }, /* 311 */ - { 0x30, 0, 1, 6, "id-ad" }, /* 312 */ - { 0x01, 321, 1, 7, "ocsp" }, /* 313 */ - { 0x01, 315, 0, 8, "basic" }, /* 314 */ - { 0x02, 316, 0, 8, "nonce" }, /* 315 */ - { 0x03, 317, 0, 8, "crl" }, /* 316 */ - { 0x04, 318, 0, 8, "response" }, /* 317 */ - { 0x05, 319, 0, 8, "noCheck" }, /* 318 */ - { 0x06, 320, 0, 8, "archiveCutoff" }, /* 319 */ - { 0x07, 0, 0, 8, "serviceLocator" }, /* 320 */ - { 0x02, 322, 0, 7, "caIssuers" }, /* 321 */ - { 0x03, 323, 0, 7, "timeStamping" }, /* 322 */ - { 0x05, 0, 0, 7, "caRepository" }, /* 323 */ - { 0x08, 0, 1, 5, "ipsec" }, /* 324 */ - { 0x02, 0, 1, 6, "certificate" }, /* 325 */ - { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 326 */ - { 0x0E, 333, 1, 1, "oiw" }, /* 327 */ - { 0x03, 0, 1, 2, "secsig" }, /* 328 */ - { 0x02, 0, 1, 3, "algorithms" }, /* 329 */ - { 0x07, 331, 0, 4, "des-cbc" }, /* 330 */ - { 0x1A, 332, 0, 4, "sha-1" }, /* 331 */ - { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 332 */ - { 0x24, 379, 1, 1, "TeleTrusT" }, /* 333 */ - { 0x03, 0, 1, 2, "algorithm" }, /* 334 */ - { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 335 */ - { 0x01, 340, 1, 4, "rsaSignature" }, /* 336 */ - { 0x02, 338, 0, 5, "rsaSigWithripemd160" }, /* 337 */ - { 0x03, 339, 0, 5, "rsaSigWithripemd128" }, /* 338 */ - { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 339 */ - { 0x02, 0, 1, 4, "ecSign" }, /* 340 */ - { 0x01, 342, 0, 5, "ecSignWithsha1" }, /* 341 */ - { 0x02, 343, 0, 5, "ecSignWithripemd160" }, /* 342 */ - { 0x03, 344, 0, 5, "ecSignWithmd2" }, /* 343 */ - { 0x04, 345, 0, 5, "ecSignWithmd5" }, /* 344 */ - { 0x05, 362, 1, 5, "ttt-ecg" }, /* 345 */ - { 0x01, 350, 1, 6, "fieldType" }, /* 346 */ - { 0x01, 0, 1, 7, "characteristictwoField" }, /* 347 */ - { 0x01, 0, 1, 8, "basisType" }, /* 348 */ - { 0x01, 0, 0, 9, "ipBasis" }, /* 349 */ - { 0x02, 352, 1, 6, "keyType" }, /* 350 */ - { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 351 */ - { 0x03, 353, 0, 6, "curve" }, /* 352 */ - { 0x04, 360, 1, 6, "signatures" }, /* 353 */ - { 0x01, 355, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 354 */ - { 0x02, 356, 0, 7, "ecgdsa-with-SHA1" }, /* 355 */ - { 0x03, 357, 0, 7, "ecgdsa-with-SHA224" }, /* 356 */ - { 0x04, 358, 0, 7, "ecgdsa-with-SHA256" }, /* 357 */ - { 0x05, 359, 0, 7, "ecgdsa-with-SHA384" }, /* 358 */ - { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 359 */ - { 0x05, 0, 1, 6, "module" }, /* 360 */ - { 0x01, 0, 0, 7, "1" }, /* 361 */ - { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 362 */ - { 0x01, 0, 1, 6, "ellipticCurve" }, /* 363 */ - { 0x01, 0, 1, 7, "versionOne" }, /* 364 */ - { 0x01, 366, 0, 8, "brainpoolP160r1" }, /* 365 */ - { 0x02, 367, 0, 8, "brainpoolP160t1" }, /* 366 */ - { 0x03, 368, 0, 8, "brainpoolP192r1" }, /* 367 */ - { 0x04, 369, 0, 8, "brainpoolP192t1" }, /* 368 */ - { 0x05, 370, 0, 8, "brainpoolP224r1" }, /* 369 */ - { 0x06, 371, 0, 8, "brainpoolP224t1" }, /* 370 */ - { 0x07, 372, 0, 8, "brainpoolP256r1" }, /* 371 */ - { 0x08, 373, 0, 8, "brainpoolP256t1" }, /* 372 */ - { 0x09, 374, 0, 8, "brainpoolP320r1" }, /* 373 */ - { 0x0A, 375, 0, 8, "brainpoolP320t1" }, /* 374 */ - { 0x0B, 376, 0, 8, "brainpoolP384r1" }, /* 375 */ - { 0x0C, 377, 0, 8, "brainpoolP384t1" }, /* 376 */ - { 0x0D, 378, 0, 8, "brainpoolP512r1" }, /* 377 */ - { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 378 */ - { 0x81, 0, 1, 1, "" }, /* 379 */ - { 0x04, 0, 1, 2, "Certicom" }, /* 380 */ - { 0x00, 0, 1, 3, "curve" }, /* 381 */ - { 0x01, 383, 0, 4, "sect163k1" }, /* 382 */ - { 0x02, 384, 0, 4, "sect163r1" }, /* 383 */ - { 0x03, 385, 0, 4, "sect239k1" }, /* 384 */ - { 0x04, 386, 0, 4, "sect113r1" }, /* 385 */ - { 0x05, 387, 0, 4, "sect113r2" }, /* 386 */ - { 0x06, 388, 0, 4, "secp112r1" }, /* 387 */ - { 0x07, 389, 0, 4, "secp112r2" }, /* 388 */ - { 0x08, 390, 0, 4, "secp160r1" }, /* 389 */ - { 0x09, 391, 0, 4, "secp160k1" }, /* 390 */ - { 0x0A, 392, 0, 4, "secp256k1" }, /* 391 */ - { 0x0F, 393, 0, 4, "sect163r2" }, /* 392 */ - { 0x10, 394, 0, 4, "sect283k1" }, /* 393 */ - { 0x11, 395, 0, 4, "sect283r1" }, /* 394 */ - { 0x16, 396, 0, 4, "sect131r1" }, /* 395 */ - { 0x17, 397, 0, 4, "sect131r2" }, /* 396 */ - { 0x18, 398, 0, 4, "sect193r1" }, /* 397 */ - { 0x19, 399, 0, 4, "sect193r2" }, /* 398 */ - { 0x1A, 400, 0, 4, "sect233k1" }, /* 399 */ - { 0x1B, 401, 0, 4, "sect233r1" }, /* 400 */ - { 0x1C, 402, 0, 4, "secp128r1" }, /* 401 */ - { 0x1D, 403, 0, 4, "secp128r2" }, /* 402 */ - { 0x1E, 404, 0, 4, "secp160r2" }, /* 403 */ - { 0x1F, 405, 0, 4, "secp192k1" }, /* 404 */ - { 0x20, 406, 0, 4, "secp224k1" }, /* 405 */ - { 0x21, 407, 0, 4, "secp224r1" }, /* 406 */ - { 0x22, 408, 0, 4, "secp384r1" }, /* 407 */ - { 0x23, 409, 0, 4, "secp521r1" }, /* 408 */ - { 0x24, 410, 0, 4, "sect409k1" }, /* 409 */ - { 0x25, 411, 0, 4, "sect409r1" }, /* 410 */ - { 0x26, 412, 0, 4, "sect571k1" }, /* 411 */ - { 0x27, 0, 0, 4, "sect571r1" }, /* 412 */ - {0x60, 467, 1, 0, "" }, /* 413 */ - { 0x86, 0, 1, 1, "" }, /* 414 */ - { 0x48, 0, 1, 2, "" }, /* 415 */ - { 0x01, 0, 1, 3, "organization" }, /* 416 */ - { 0x65, 443, 1, 4, "gov" }, /* 417 */ - { 0x03, 0, 1, 5, "csor" }, /* 418 */ - { 0x04, 0, 1, 6, "nistalgorithm" }, /* 419 */ - { 0x01, 430, 1, 7, "aes" }, /* 420 */ - { 0x02, 422, 0, 8, "id-aes128-CBC" }, /* 421 */ - { 0x06, 423, 0, 8, "id-aes128-GCM" }, /* 422 */ - { 0x07, 424, 0, 8, "id-aes128-CCM" }, /* 423 */ - { 0x16, 425, 0, 8, "id-aes192-CBC" }, /* 424 */ - { 0x1A, 426, 0, 8, "id-aes192-GCM" }, /* 425 */ - { 0x1B, 427, 0, 8, "id-aes192-CCM" }, /* 426 */ - { 0x2A, 428, 0, 8, "id-aes256-CBC" }, /* 427 */ - { 0x2E, 429, 0, 8, "id-aes256-GCM" }, /* 428 */ - { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 429 */ - { 0x02, 0, 1, 7, "hashalgs" }, /* 430 */ - { 0x01, 432, 0, 8, "id-sha256" }, /* 431 */ - { 0x02, 433, 0, 8, "id-sha384" }, /* 432 */ - { 0x03, 434, 0, 8, "id-sha512" }, /* 433 */ - { 0x04, 435, 0, 8, "id-sha224" }, /* 434 */ - { 0x05, 436, 0, 8, "id-sha512-224" }, /* 435 */ - { 0x06, 437, 0, 8, "id-sha512-256" }, /* 436 */ - { 0x07, 438, 0, 8, "id-sha3-224" }, /* 437 */ - { 0x08, 439, 0, 8, "id-sha3-256" }, /* 438 */ - { 0x09, 440, 0, 8, "id-sha3-384" }, /* 439 */ - { 0x0A, 441, 0, 8, "id-sha3-512" }, /* 440 */ - { 0x0B, 442, 0, 8, "id-shake128" }, /* 441 */ - { 0x0C, 0, 0, 8, "id-shake256" }, /* 442 */ - { 0x86, 0, 1, 4, "" }, /* 443 */ - { 0xf8, 0, 1, 5, "" }, /* 444 */ - { 0x42, 457, 1, 6, "netscape" }, /* 445 */ - { 0x01, 452, 1, 7, "" }, /* 446 */ - { 0x01, 448, 0, 8, "nsCertType" }, /* 447 */ - { 0x03, 449, 0, 8, "nsRevocationUrl" }, /* 448 */ - { 0x04, 450, 0, 8, "nsCaRevocationUrl" }, /* 449 */ - { 0x08, 451, 0, 8, "nsCaPolicyUrl" }, /* 450 */ - { 0x0d, 0, 0, 8, "nsComment" }, /* 451 */ - { 0x03, 455, 1, 7, "directory" }, /* 452 */ - { 0x01, 0, 1, 8, "" }, /* 453 */ - { 0x03, 0, 0, 9, "employeeNumber" }, /* 454 */ - { 0x04, 0, 1, 7, "policy" }, /* 455 */ - { 0x01, 0, 0, 8, "nsSGC" }, /* 456 */ - { 0x45, 0, 1, 6, "verisign" }, /* 457 */ - { 0x01, 0, 1, 7, "pki" }, /* 458 */ - { 0x09, 0, 1, 8, "attributes" }, /* 459 */ - { 0x02, 461, 0, 9, "messageType" }, /* 460 */ - { 0x03, 462, 0, 9, "pkiStatus" }, /* 461 */ - { 0x04, 463, 0, 9, "failInfo" }, /* 462 */ - { 0x05, 464, 0, 9, "senderNonce" }, /* 463 */ - { 0x06, 465, 0, 9, "recipientNonce" }, /* 464 */ - { 0x07, 466, 0, 9, "transID" }, /* 465 */ - { 0x08, 0, 0, 9, "extensionReq" }, /* 466 */ - {0x67, 0, 1, 0, "" }, /* 467 */ - { 0x81, 0, 1, 1, "" }, /* 468 */ - { 0x05, 0, 1, 2, "" }, /* 469 */ - { 0x02, 0, 1, 3, "tcg-attribute" }, /* 470 */ - { 0x01, 472, 0, 4, "tcg-at-tpmManufacturer" }, /* 471 */ - { 0x02, 473, 0, 4, "tcg-at-tpmModel" }, /* 472 */ - { 0x03, 474, 0, 4, "tcg-at-tpmVersion" }, /* 473 */ - { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 474 */ + { 0x01, 226, 0, 10, "BLISS-with-SHA2-512" }, /* 225 */ + { 0x02, 227, 0, 10, "BLISS-with-SHA2-384" }, /* 226 */ + { 0x03, 228, 0, 10, "BLISS-with-SHA2-256" }, /* 227 */ + { 0x04, 229, 0, 10, "BLISS-with-SHA3-512" }, /* 228 */ + { 0x05, 230, 0, 10, "BLISS-with-SHA3-384" }, /* 229 */ + { 0x06, 0, 0, 10, "BLISS-with-SHA3-256" }, /* 230 */ + { 0x89, 238, 1, 5, "" }, /* 231 */ + { 0x31, 0, 1, 6, "" }, /* 232 */ + { 0x01, 0, 1, 7, "" }, /* 233 */ + { 0x01, 0, 1, 8, "" }, /* 234 */ + { 0x02, 0, 1, 9, "" }, /* 235 */ + { 0x02, 0, 1, 10, "" }, /* 236 */ + { 0x4B, 0, 0, 11, "TCGID" }, /* 237 */ + { 0x97, 242, 1, 5, "" }, /* 238 */ + { 0x55, 0, 1, 6, "" }, /* 239 */ + { 0x01, 0, 1, 7, "" }, /* 240 */ + { 0x02, 0, 0, 8, "blowfish-cbc" }, /* 241 */ + { 0xC1, 0, 1, 5, "" }, /* 242 */ + { 0x16, 0, 1, 6, "ntruCryptosystems" }, /* 243 */ + { 0x01, 0, 1, 7, "eess" }, /* 244 */ + { 0x01, 0, 1, 8, "eess1" }, /* 245 */ + { 0x01, 250, 1, 9, "eess1-algs" }, /* 246 */ + { 0x01, 248, 0, 10, "ntru-EESS1v1-SVES" }, /* 247 */ + { 0x02, 249, 0, 10, "ntru-EESS1v1-SVSSA" }, /* 248 */ + { 0x03, 0, 0, 10, "ntru-EESS1v1-NTRUSign" }, /* 249 */ + { 0x02, 280, 1, 9, "eess1-params" }, /* 250 */ + { 0x01, 252, 0, 10, "ees251ep1" }, /* 251 */ + { 0x02, 253, 0, 10, "ees347ep1" }, /* 252 */ + { 0x03, 254, 0, 10, "ees503ep1" }, /* 253 */ + { 0x07, 255, 0, 10, "ees251sp2" }, /* 254 */ + { 0x0C, 256, 0, 10, "ees251ep4" }, /* 255 */ + { 0x0D, 257, 0, 10, "ees251ep5" }, /* 256 */ + { 0x0E, 258, 0, 10, "ees251sp3" }, /* 257 */ + { 0x0F, 259, 0, 10, "ees251sp4" }, /* 258 */ + { 0x10, 260, 0, 10, "ees251sp5" }, /* 259 */ + { 0x11, 261, 0, 10, "ees251sp6" }, /* 260 */ + { 0x12, 262, 0, 10, "ees251sp7" }, /* 261 */ + { 0x13, 263, 0, 10, "ees251sp8" }, /* 262 */ + { 0x14, 264, 0, 10, "ees251sp9" }, /* 263 */ + { 0x22, 265, 0, 10, "ees401ep1" }, /* 264 */ + { 0x23, 266, 0, 10, "ees449ep1" }, /* 265 */ + { 0x24, 267, 0, 10, "ees677ep1" }, /* 266 */ + { 0x25, 268, 0, 10, "ees1087ep2" }, /* 267 */ + { 0x26, 269, 0, 10, "ees541ep1" }, /* 268 */ + { 0x27, 270, 0, 10, "ees613ep1" }, /* 269 */ + { 0x28, 271, 0, 10, "ees887ep1" }, /* 270 */ + { 0x29, 272, 0, 10, "ees1171ep1" }, /* 271 */ + { 0x2A, 273, 0, 10, "ees659ep1" }, /* 272 */ + { 0x2B, 274, 0, 10, "ees761ep1" }, /* 273 */ + { 0x2C, 275, 0, 10, "ees1087ep1" }, /* 274 */ + { 0x2D, 276, 0, 10, "ees1499ep1" }, /* 275 */ + { 0x2E, 277, 0, 10, "ees401ep2" }, /* 276 */ + { 0x2F, 278, 0, 10, "ees439ep1" }, /* 277 */ + { 0x30, 279, 0, 10, "ees593ep1" }, /* 278 */ + { 0x31, 0, 0, 10, "ees743ep1" }, /* 279 */ + { 0x03, 0, 0, 9, "eess1-encodingMethods" }, /* 280 */ + { 0x05, 0, 1, 3, "security" }, /* 281 */ + { 0x05, 0, 1, 4, "mechanisms" }, /* 282 */ + { 0x07, 327, 1, 5, "id-pkix" }, /* 283 */ + { 0x01, 288, 1, 6, "id-pe" }, /* 284 */ + { 0x01, 286, 0, 7, "authorityInfoAccess" }, /* 285 */ + { 0x03, 287, 0, 7, "qcStatements" }, /* 286 */ + { 0x07, 0, 0, 7, "ipAddrBlocks" }, /* 287 */ + { 0x02, 291, 1, 6, "id-qt" }, /* 288 */ + { 0x01, 290, 0, 7, "cps" }, /* 289 */ + { 0x02, 0, 0, 7, "unotice" }, /* 290 */ + { 0x03, 301, 1, 6, "id-kp" }, /* 291 */ + { 0x01, 293, 0, 7, "serverAuth" }, /* 292 */ + { 0x02, 294, 0, 7, "clientAuth" }, /* 293 */ + { 0x03, 295, 0, 7, "codeSigning" }, /* 294 */ + { 0x04, 296, 0, 7, "emailProtection" }, /* 295 */ + { 0x05, 297, 0, 7, "ipsecEndSystem" }, /* 296 */ + { 0x06, 298, 0, 7, "ipsecTunnel" }, /* 297 */ + { 0x07, 299, 0, 7, "ipsecUser" }, /* 298 */ + { 0x08, 300, 0, 7, "timeStamping" }, /* 299 */ + { 0x09, 0, 0, 7, "ocspSigning" }, /* 300 */ + { 0x08, 309, 1, 6, "id-otherNames" }, /* 301 */ + { 0x01, 303, 0, 7, "personalData" }, /* 302 */ + { 0x02, 304, 0, 7, "userGroup" }, /* 303 */ + { 0x03, 305, 0, 7, "id-on-permanentIdentifier" }, /* 304 */ + { 0x04, 306, 0, 7, "id-on-hardwareModuleName" }, /* 305 */ + { 0x05, 307, 0, 7, "xmppAddr" }, /* 306 */ + { 0x06, 308, 0, 7, "id-on-SIM" }, /* 307 */ + { 0x07, 0, 0, 7, "id-on-dnsSRV" }, /* 308 */ + { 0x0A, 314, 1, 6, "id-aca" }, /* 309 */ + { 0x01, 311, 0, 7, "authenticationInfo" }, /* 310 */ + { 0x02, 312, 0, 7, "accessIdentity" }, /* 311 */ + { 0x03, 313, 0, 7, "chargingIdentity" }, /* 312 */ + { 0x04, 0, 0, 7, "group" }, /* 313 */ + { 0x0B, 315, 0, 6, "subjectInfoAccess" }, /* 314 */ + { 0x30, 0, 1, 6, "id-ad" }, /* 315 */ + { 0x01, 324, 1, 7, "ocsp" }, /* 316 */ + { 0x01, 318, 0, 8, "basic" }, /* 317 */ + { 0x02, 319, 0, 8, "nonce" }, /* 318 */ + { 0x03, 320, 0, 8, "crl" }, /* 319 */ + { 0x04, 321, 0, 8, "response" }, /* 320 */ + { 0x05, 322, 0, 8, "noCheck" }, /* 321 */ + { 0x06, 323, 0, 8, "archiveCutoff" }, /* 322 */ + { 0x07, 0, 0, 8, "serviceLocator" }, /* 323 */ + { 0x02, 325, 0, 7, "caIssuers" }, /* 324 */ + { 0x03, 326, 0, 7, "timeStamping" }, /* 325 */ + { 0x05, 0, 0, 7, "caRepository" }, /* 326 */ + { 0x08, 0, 1, 5, "ipsec" }, /* 327 */ + { 0x02, 0, 1, 6, "certificate" }, /* 328 */ + { 0x02, 0, 0, 7, "iKEIntermediate" }, /* 329 */ + { 0x0E, 336, 1, 1, "oiw" }, /* 330 */ + { 0x03, 0, 1, 2, "secsig" }, /* 331 */ + { 0x02, 0, 1, 3, "algorithms" }, /* 332 */ + { 0x07, 334, 0, 4, "des-cbc" }, /* 333 */ + { 0x1A, 335, 0, 4, "sha-1" }, /* 334 */ + { 0x1D, 0, 0, 4, "sha-1WithRSASignature" }, /* 335 */ + { 0x24, 382, 1, 1, "TeleTrusT" }, /* 336 */ + { 0x03, 0, 1, 2, "algorithm" }, /* 337 */ + { 0x03, 0, 1, 3, "signatureAlgorithm" }, /* 338 */ + { 0x01, 343, 1, 4, "rsaSignature" }, /* 339 */ + { 0x02, 341, 0, 5, "rsaSigWithripemd160" }, /* 340 */ + { 0x03, 342, 0, 5, "rsaSigWithripemd128" }, /* 341 */ + { 0x04, 0, 0, 5, "rsaSigWithripemd256" }, /* 342 */ + { 0x02, 0, 1, 4, "ecSign" }, /* 343 */ + { 0x01, 345, 0, 5, "ecSignWithsha1" }, /* 344 */ + { 0x02, 346, 0, 5, "ecSignWithripemd160" }, /* 345 */ + { 0x03, 347, 0, 5, "ecSignWithmd2" }, /* 346 */ + { 0x04, 348, 0, 5, "ecSignWithmd5" }, /* 347 */ + { 0x05, 365, 1, 5, "ttt-ecg" }, /* 348 */ + { 0x01, 353, 1, 6, "fieldType" }, /* 349 */ + { 0x01, 0, 1, 7, "characteristictwoField" }, /* 350 */ + { 0x01, 0, 1, 8, "basisType" }, /* 351 */ + { 0x01, 0, 0, 9, "ipBasis" }, /* 352 */ + { 0x02, 355, 1, 6, "keyType" }, /* 353 */ + { 0x01, 0, 0, 7, "ecgPublicKey" }, /* 354 */ + { 0x03, 356, 0, 6, "curve" }, /* 355 */ + { 0x04, 363, 1, 6, "signatures" }, /* 356 */ + { 0x01, 358, 0, 7, "ecgdsa-with-RIPEMD160" }, /* 357 */ + { 0x02, 359, 0, 7, "ecgdsa-with-SHA1" }, /* 358 */ + { 0x03, 360, 0, 7, "ecgdsa-with-SHA224" }, /* 359 */ + { 0x04, 361, 0, 7, "ecgdsa-with-SHA256" }, /* 360 */ + { 0x05, 362, 0, 7, "ecgdsa-with-SHA384" }, /* 361 */ + { 0x06, 0, 0, 7, "ecgdsa-with-SHA512" }, /* 362 */ + { 0x05, 0, 1, 6, "module" }, /* 363 */ + { 0x01, 0, 0, 7, "1" }, /* 364 */ + { 0x08, 0, 1, 5, "ecStdCurvesAndGeneration" }, /* 365 */ + { 0x01, 0, 1, 6, "ellipticCurve" }, /* 366 */ + { 0x01, 0, 1, 7, "versionOne" }, /* 367 */ + { 0x01, 369, 0, 8, "brainpoolP160r1" }, /* 368 */ + { 0x02, 370, 0, 8, "brainpoolP160t1" }, /* 369 */ + { 0x03, 371, 0, 8, "brainpoolP192r1" }, /* 370 */ + { 0x04, 372, 0, 8, "brainpoolP192t1" }, /* 371 */ + { 0x05, 373, 0, 8, "brainpoolP224r1" }, /* 372 */ + { 0x06, 374, 0, 8, "brainpoolP224t1" }, /* 373 */ + { 0x07, 375, 0, 8, "brainpoolP256r1" }, /* 374 */ + { 0x08, 376, 0, 8, "brainpoolP256t1" }, /* 375 */ + { 0x09, 377, 0, 8, "brainpoolP320r1" }, /* 376 */ + { 0x0A, 378, 0, 8, "brainpoolP320t1" }, /* 377 */ + { 0x0B, 379, 0, 8, "brainpoolP384r1" }, /* 378 */ + { 0x0C, 380, 0, 8, "brainpoolP384t1" }, /* 379 */ + { 0x0D, 381, 0, 8, "brainpoolP512r1" }, /* 380 */ + { 0x0E, 0, 0, 8, "brainpoolP512t1" }, /* 381 */ + { 0x81, 0, 1, 1, "" }, /* 382 */ + { 0x04, 0, 1, 2, "Certicom" }, /* 383 */ + { 0x00, 0, 1, 3, "curve" }, /* 384 */ + { 0x01, 386, 0, 4, "sect163k1" }, /* 385 */ + { 0x02, 387, 0, 4, "sect163r1" }, /* 386 */ + { 0x03, 388, 0, 4, "sect239k1" }, /* 387 */ + { 0x04, 389, 0, 4, "sect113r1" }, /* 388 */ + { 0x05, 390, 0, 4, "sect113r2" }, /* 389 */ + { 0x06, 391, 0, 4, "secp112r1" }, /* 390 */ + { 0x07, 392, 0, 4, "secp112r2" }, /* 391 */ + { 0x08, 393, 0, 4, "secp160r1" }, /* 392 */ + { 0x09, 394, 0, 4, "secp160k1" }, /* 393 */ + { 0x0A, 395, 0, 4, "secp256k1" }, /* 394 */ + { 0x0F, 396, 0, 4, "sect163r2" }, /* 395 */ + { 0x10, 397, 0, 4, "sect283k1" }, /* 396 */ + { 0x11, 398, 0, 4, "sect283r1" }, /* 397 */ + { 0x16, 399, 0, 4, "sect131r1" }, /* 398 */ + { 0x17, 400, 0, 4, "sect131r2" }, /* 399 */ + { 0x18, 401, 0, 4, "sect193r1" }, /* 400 */ + { 0x19, 402, 0, 4, "sect193r2" }, /* 401 */ + { 0x1A, 403, 0, 4, "sect233k1" }, /* 402 */ + { 0x1B, 404, 0, 4, "sect233r1" }, /* 403 */ + { 0x1C, 405, 0, 4, "secp128r1" }, /* 404 */ + { 0x1D, 406, 0, 4, "secp128r2" }, /* 405 */ + { 0x1E, 407, 0, 4, "secp160r2" }, /* 406 */ + { 0x1F, 408, 0, 4, "secp192k1" }, /* 407 */ + { 0x20, 409, 0, 4, "secp224k1" }, /* 408 */ + { 0x21, 410, 0, 4, "secp224r1" }, /* 409 */ + { 0x22, 411, 0, 4, "secp384r1" }, /* 410 */ + { 0x23, 412, 0, 4, "secp521r1" }, /* 411 */ + { 0x24, 413, 0, 4, "sect409k1" }, /* 412 */ + { 0x25, 414, 0, 4, "sect409r1" }, /* 413 */ + { 0x26, 415, 0, 4, "sect571k1" }, /* 414 */ + { 0x27, 0, 0, 4, "sect571r1" }, /* 415 */ + {0x60, 470, 1, 0, "" }, /* 416 */ + { 0x86, 0, 1, 1, "" }, /* 417 */ + { 0x48, 0, 1, 2, "" }, /* 418 */ + { 0x01, 0, 1, 3, "organization" }, /* 419 */ + { 0x65, 446, 1, 4, "gov" }, /* 420 */ + { 0x03, 0, 1, 5, "csor" }, /* 421 */ + { 0x04, 0, 1, 6, "nistalgorithm" }, /* 422 */ + { 0x01, 433, 1, 7, "aes" }, /* 423 */ + { 0x02, 425, 0, 8, "id-aes128-CBC" }, /* 424 */ + { 0x06, 426, 0, 8, "id-aes128-GCM" }, /* 425 */ + { 0x07, 427, 0, 8, "id-aes128-CCM" }, /* 426 */ + { 0x16, 428, 0, 8, "id-aes192-CBC" }, /* 427 */ + { 0x1A, 429, 0, 8, "id-aes192-GCM" }, /* 428 */ + { 0x1B, 430, 0, 8, "id-aes192-CCM" }, /* 429 */ + { 0x2A, 431, 0, 8, "id-aes256-CBC" }, /* 430 */ + { 0x2E, 432, 0, 8, "id-aes256-GCM" }, /* 431 */ + { 0x2F, 0, 0, 8, "id-aes256-CCM" }, /* 432 */ + { 0x02, 0, 1, 7, "hashalgs" }, /* 433 */ + { 0x01, 435, 0, 8, "id-sha256" }, /* 434 */ + { 0x02, 436, 0, 8, "id-sha384" }, /* 435 */ + { 0x03, 437, 0, 8, "id-sha512" }, /* 436 */ + { 0x04, 438, 0, 8, "id-sha224" }, /* 437 */ + { 0x05, 439, 0, 8, "id-sha512-224" }, /* 438 */ + { 0x06, 440, 0, 8, "id-sha512-256" }, /* 439 */ + { 0x07, 441, 0, 8, "id-sha3-224" }, /* 440 */ + { 0x08, 442, 0, 8, "id-sha3-256" }, /* 441 */ + { 0x09, 443, 0, 8, "id-sha3-384" }, /* 442 */ + { 0x0A, 444, 0, 8, "id-sha3-512" }, /* 443 */ + { 0x0B, 445, 0, 8, "id-shake128" }, /* 444 */ + { 0x0C, 0, 0, 8, "id-shake256" }, /* 445 */ + { 0x86, 0, 1, 4, "" }, /* 446 */ + { 0xf8, 0, 1, 5, "" }, /* 447 */ + { 0x42, 460, 1, 6, "netscape" }, /* 448 */ + { 0x01, 455, 1, 7, "" }, /* 449 */ + { 0x01, 451, 0, 8, "nsCertType" }, /* 450 */ + { 0x03, 452, 0, 8, "nsRevocationUrl" }, /* 451 */ + { 0x04, 453, 0, 8, "nsCaRevocationUrl" }, /* 452 */ + { 0x08, 454, 0, 8, "nsCaPolicyUrl" }, /* 453 */ + { 0x0d, 0, 0, 8, "nsComment" }, /* 454 */ + { 0x03, 458, 1, 7, "directory" }, /* 455 */ + { 0x01, 0, 1, 8, "" }, /* 456 */ + { 0x03, 0, 0, 9, "employeeNumber" }, /* 457 */ + { 0x04, 0, 1, 7, "policy" }, /* 458 */ + { 0x01, 0, 0, 8, "nsSGC" }, /* 459 */ + { 0x45, 0, 1, 6, "verisign" }, /* 460 */ + { 0x01, 0, 1, 7, "pki" }, /* 461 */ + { 0x09, 0, 1, 8, "attributes" }, /* 462 */ + { 0x02, 464, 0, 9, "messageType" }, /* 463 */ + { 0x03, 465, 0, 9, "pkiStatus" }, /* 464 */ + { 0x04, 466, 0, 9, "failInfo" }, /* 465 */ + { 0x05, 467, 0, 9, "senderNonce" }, /* 466 */ + { 0x06, 468, 0, 9, "recipientNonce" }, /* 467 */ + { 0x07, 469, 0, 9, "transID" }, /* 468 */ + { 0x08, 0, 0, 9, "extensionReq" }, /* 469 */ + {0x67, 0, 1, 0, "" }, /* 470 */ + { 0x81, 0, 1, 1, "" }, /* 471 */ + { 0x05, 0, 1, 2, "" }, /* 472 */ + { 0x02, 0, 1, 3, "tcg-attribute" }, /* 473 */ + { 0x01, 475, 0, 4, "tcg-at-tpmManufacturer" }, /* 474 */ + { 0x02, 476, 0, 4, "tcg-at-tpmModel" }, /* 475 */ + { 0x03, 477, 0, 4, "tcg-at-tpmVersion" }, /* 476 */ + { 0x0F, 0, 0, 4, "tcg-at-tpmIdLabel" } /* 477 */ }; diff --git a/src/libstrongswan/asn1/oid.h b/src/libstrongswan/asn1/oid.h index 0f7c5d644..b9ed08d2e 100644 --- a/src/libstrongswan/asn1/oid.h +++ b/src/libstrongswan/asn1/oid.h @@ -150,103 +150,110 @@ extern const oid_t oid_names[]; #define OID_BLISS_B_II 221 #define OID_BLISS_B_III 222 #define OID_BLISS_B_IV 223 -#define OID_BLISS_WITH_SHA512 225 -#define OID_BLISS_WITH_SHA384 226 -#define OID_BLISS_WITH_SHA256 227 -#define OID_TCGID 234 -#define OID_BLOWFISH_CBC 238 -#define OID_AUTHORITY_INFO_ACCESS 282 -#define OID_IP_ADDR_BLOCKS 284 -#define OID_POLICY_QUALIFIER_CPS 286 -#define OID_POLICY_QUALIFIER_UNOTICE 287 -#define OID_SERVER_AUTH 289 -#define OID_CLIENT_AUTH 290 -#define OID_OCSP_SIGNING 297 -#define OID_XMPP_ADDR 303 -#define OID_AUTHENTICATION_INFO 307 -#define OID_ACCESS_IDENTITY 308 -#define OID_CHARGING_IDENTITY 309 -#define OID_GROUP 310 -#define OID_OCSP 313 -#define OID_BASIC 314 -#define OID_NONCE 315 -#define OID_CRL 316 -#define OID_RESPONSE 317 -#define OID_NO_CHECK 318 -#define OID_ARCHIVE_CUTOFF 319 -#define OID_SERVICE_LOCATOR 320 -#define OID_CA_ISSUERS 321 -#define OID_IKE_INTERMEDIATE 326 -#define OID_DES_CBC 330 -#define OID_SHA1 331 -#define OID_SHA1_WITH_RSA_OIW 332 -#define OID_ECGDSA_PUBKEY 351 -#define OID_ECGDSA_SIG_WITH_RIPEMD160 354 -#define OID_ECGDSA_SIG_WITH_SHA1 355 -#define OID_ECGDSA_SIG_WITH_SHA224 356 -#define OID_ECGDSA_SIG_WITH_SHA256 357 -#define OID_ECGDSA_SIG_WITH_SHA384 358 -#define OID_ECGDSA_SIG_WITH_SHA512 359 -#define OID_SECT163K1 382 -#define OID_SECT163R1 383 -#define OID_SECT239K1 384 -#define OID_SECT113R1 385 -#define OID_SECT113R2 386 -#define OID_SECT112R1 387 -#define OID_SECT112R2 388 -#define OID_SECT160R1 389 -#define OID_SECT160K1 390 -#define OID_SECT256K1 391 -#define OID_SECT163R2 392 -#define OID_SECT283K1 393 -#define OID_SECT283R1 394 -#define OID_SECT131R1 395 -#define OID_SECT131R2 396 -#define OID_SECT193R1 397 -#define OID_SECT193R2 398 -#define OID_SECT233K1 399 -#define OID_SECT233R1 400 -#define OID_SECT128R1 401 -#define OID_SECT128R2 402 -#define OID_SECT160R2 403 -#define OID_SECT192K1 404 -#define OID_SECT224K1 405 -#define OID_SECT224R1 406 -#define OID_SECT384R1 407 -#define OID_SECT521R1 408 -#define OID_SECT409K1 409 -#define OID_SECT409R1 410 -#define OID_SECT571K1 411 -#define OID_SECT571R1 412 -#define OID_AES128_CBC 421 -#define OID_AES128_GCM 422 -#define OID_AES128_CCM 423 -#define OID_AES192_CBC 424 -#define OID_AES192_GCM 425 -#define OID_AES192_CCM 426 -#define OID_AES256_CBC 427 -#define OID_AES256_GCM 428 -#define OID_AES256_CCM 429 -#define OID_SHA256 431 -#define OID_SHA384 432 -#define OID_SHA512 433 -#define OID_SHA224 434 -#define OID_NS_REVOCATION_URL 448 -#define OID_NS_CA_REVOCATION_URL 449 -#define OID_NS_CA_POLICY_URL 450 -#define OID_NS_COMMENT 451 -#define OID_EMPLOYEE_NUMBER 454 -#define OID_PKI_MESSAGE_TYPE 460 -#define OID_PKI_STATUS 461 -#define OID_PKI_FAIL_INFO 462 -#define OID_PKI_SENDER_NONCE 463 -#define OID_PKI_RECIPIENT_NONCE 464 -#define OID_PKI_TRANS_ID 465 -#define OID_TPM_MANUFACTURER 471 -#define OID_TPM_MODEL 472 -#define OID_TPM_VERSION 473 -#define OID_TPM_ID_LABEL 474 +#define OID_BLISS_WITH_SHA2_512 225 +#define OID_BLISS_WITH_SHA2_384 226 +#define OID_BLISS_WITH_SHA2_256 227 +#define OID_BLISS_WITH_SHA3_512 228 +#define OID_BLISS_WITH_SHA3_384 229 +#define OID_BLISS_WITH_SHA3_256 230 +#define OID_TCGID 237 +#define OID_BLOWFISH_CBC 241 +#define OID_AUTHORITY_INFO_ACCESS 285 +#define OID_IP_ADDR_BLOCKS 287 +#define OID_POLICY_QUALIFIER_CPS 289 +#define OID_POLICY_QUALIFIER_UNOTICE 290 +#define OID_SERVER_AUTH 292 +#define OID_CLIENT_AUTH 293 +#define OID_OCSP_SIGNING 300 +#define OID_XMPP_ADDR 306 +#define OID_AUTHENTICATION_INFO 310 +#define OID_ACCESS_IDENTITY 311 +#define OID_CHARGING_IDENTITY 312 +#define OID_GROUP 313 +#define OID_OCSP 316 +#define OID_BASIC 317 +#define OID_NONCE 318 +#define OID_CRL 319 +#define OID_RESPONSE 320 +#define OID_NO_CHECK 321 +#define OID_ARCHIVE_CUTOFF 322 +#define OID_SERVICE_LOCATOR 323 +#define OID_CA_ISSUERS 324 +#define OID_IKE_INTERMEDIATE 329 +#define OID_DES_CBC 333 +#define OID_SHA1 334 +#define OID_SHA1_WITH_RSA_OIW 335 +#define OID_ECGDSA_PUBKEY 354 +#define OID_ECGDSA_SIG_WITH_RIPEMD160 357 +#define OID_ECGDSA_SIG_WITH_SHA1 358 +#define OID_ECGDSA_SIG_WITH_SHA224 359 +#define OID_ECGDSA_SIG_WITH_SHA256 360 +#define OID_ECGDSA_SIG_WITH_SHA384 361 +#define OID_ECGDSA_SIG_WITH_SHA512 362 +#define OID_SECT163K1 385 +#define OID_SECT163R1 386 +#define OID_SECT239K1 387 +#define OID_SECT113R1 388 +#define OID_SECT113R2 389 +#define OID_SECT112R1 390 +#define OID_SECT112R2 391 +#define OID_SECT160R1 392 +#define OID_SECT160K1 393 +#define OID_SECT256K1 394 +#define OID_SECT163R2 395 +#define OID_SECT283K1 396 +#define OID_SECT283R1 397 +#define OID_SECT131R1 398 +#define OID_SECT131R2 399 +#define OID_SECT193R1 400 +#define OID_SECT193R2 401 +#define OID_SECT233K1 402 +#define OID_SECT233R1 403 +#define OID_SECT128R1 404 +#define OID_SECT128R2 405 +#define OID_SECT160R2 406 +#define OID_SECT192K1 407 +#define OID_SECT224K1 408 +#define OID_SECT224R1 409 +#define OID_SECT384R1 410 +#define OID_SECT521R1 411 +#define OID_SECT409K1 412 +#define OID_SECT409R1 413 +#define OID_SECT571K1 414 +#define OID_SECT571R1 415 +#define OID_AES128_CBC 424 +#define OID_AES128_GCM 425 +#define OID_AES128_CCM 426 +#define OID_AES192_CBC 427 +#define OID_AES192_GCM 428 +#define OID_AES192_CCM 429 +#define OID_AES256_CBC 430 +#define OID_AES256_GCM 431 +#define OID_AES256_CCM 432 +#define OID_SHA256 434 +#define OID_SHA384 435 +#define OID_SHA512 436 +#define OID_SHA224 437 +#define OID_SHA3_224 440 +#define OID_SHA3_256 441 +#define OID_SHA3_384 442 +#define OID_SHA3_512 443 +#define OID_NS_REVOCATION_URL 451 +#define OID_NS_CA_REVOCATION_URL 452 +#define OID_NS_CA_POLICY_URL 453 +#define OID_NS_COMMENT 454 +#define OID_EMPLOYEE_NUMBER 457 +#define OID_PKI_MESSAGE_TYPE 463 +#define OID_PKI_STATUS 464 +#define OID_PKI_FAIL_INFO 465 +#define OID_PKI_SENDER_NONCE 466 +#define OID_PKI_RECIPIENT_NONCE 467 +#define OID_PKI_TRANS_ID 468 +#define OID_TPM_MANUFACTURER 474 +#define OID_TPM_MODEL 475 +#define OID_TPM_VERSION 476 +#define OID_TPM_ID_LABEL 477 -#define OID_MAX 475 +#define OID_MAX 478 #endif /* OID_H_ */ diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index 919d24c43..64dedcb33 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -223,9 +223,12 @@ 0x07 "BLISS-B-III" OID_BLISS_B_III 0x08 "BLISS-B-IV" OID_BLISS_B_IV 0x03 "blissSigType" - 0x01 "BLISS-with-SHA512" OID_BLISS_WITH_SHA512 - 0x02 "BLISS-with-SHA384" OID_BLISS_WITH_SHA384 - 0x03 "BLISS-with-SHA256" OID_BLISS_WITH_SHA256 + 0x01 "BLISS-with-SHA2-512" OID_BLISS_WITH_SHA2_512 + 0x02 "BLISS-with-SHA2-384" OID_BLISS_WITH_SHA2_384 + 0x03 "BLISS-with-SHA2-256" OID_BLISS_WITH_SHA2_256 + 0x04 "BLISS-with-SHA3-512" OID_BLISS_WITH_SHA3_512 + 0x05 "BLISS-with-SHA3-384" OID_BLISS_WITH_SHA3_384 + 0x06 "BLISS-with-SHA3-256" OID_BLISS_WITH_SHA3_256 0x89 "" 0x31 "" 0x01 "" @@ -435,10 +438,10 @@ 0x04 "id-sha224" OID_SHA224 0x05 "id-sha512-224" 0x06 "id-sha512-256" - 0x07 "id-sha3-224" - 0x08 "id-sha3-256" - 0x09 "id-sha3-384" - 0x0A "id-sha3-512" + 0x07 "id-sha3-224" OID_SHA3_224 + 0x08 "id-sha3-256" OID_SHA3_256 + 0x09 "id-sha3-384" OID_SHA3_384 + 0x0A "id-sha3-512" OID_SHA3_512 0x0B "id-shake128" 0x0C "id-shake256" 0x86 "" diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c index 1e93f021a..9988d8021 100644 --- a/src/libstrongswan/credentials/auth_cfg.c +++ b/src/libstrongswan/credentials/auth_cfg.c @@ -951,9 +951,9 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy { entry_t entry; - while (array_remove(other->entries, ARRAY_HEAD, &entry)) - { - array_insert(this->entries, ARRAY_TAIL, &entry); + while (array_remove(other->entries, ARRAY_TAIL, &entry)) + { /* keep order but prefer new values (esp. for single valued ones) */ + array_insert(this->entries, ARRAY_HEAD, &entry); } array_compress(other->entries); } diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c index bd5915e60..d6f211a34 100644 --- a/src/libstrongswan/credentials/keys/public_key.c +++ b/src/libstrongswan/credentials/keys/public_key.c @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Copyright (C) 2014 Andreas Steffen + * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -27,7 +27,7 @@ ENUM(key_type_names, KEY_ANY, KEY_BLISS, "BLISS" ); -ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512, +ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512, "UNKNOWN", "RSA_EMSA_PKCS1_NULL", "RSA_EMSA_PKCS1_MD5", @@ -44,9 +44,12 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA512, "ECDSA-256", "ECDSA-384", "ECDSA-521", - "BLISS_WITH_SHA256", - "BLISS_WITH_SHA384", - "BLISS_WITH_SHA512", + "BLISS_WITH_SHA2_256", + "BLISS_WITH_SHA2_384", + "BLISS_WITH_SHA2_512", + "BLISS_WITH_SHA3_256", + "BLISS_WITH_SHA3_384", + "BLISS_WITH_SHA3_512", ); ENUM(encryption_scheme_names, ENCRYPT_UNKNOWN, ENCRYPT_RSA_OAEP_SHA512, @@ -137,12 +140,18 @@ signature_scheme_t signature_scheme_from_oid(int oid) case OID_ECDSA_WITH_SHA512: return SIGN_ECDSA_WITH_SHA512_DER; case OID_BLISS_PUBLICKEY: - case OID_BLISS_WITH_SHA512: - return SIGN_BLISS_WITH_SHA512; - case OID_BLISS_WITH_SHA256: - return SIGN_BLISS_WITH_SHA256; - case OID_BLISS_WITH_SHA384: - return SIGN_BLISS_WITH_SHA384; + case OID_BLISS_WITH_SHA2_512: + return SIGN_BLISS_WITH_SHA2_512; + case OID_BLISS_WITH_SHA2_384: + return SIGN_BLISS_WITH_SHA2_384; + case OID_BLISS_WITH_SHA2_256: + return SIGN_BLISS_WITH_SHA2_256; + case OID_BLISS_WITH_SHA3_512: + return SIGN_BLISS_WITH_SHA3_512; + case OID_BLISS_WITH_SHA3_384: + return SIGN_BLISS_WITH_SHA3_384; + case OID_BLISS_WITH_SHA3_256: + return SIGN_BLISS_WITH_SHA3_256; } return SIGN_UNKNOWN; } @@ -181,12 +190,18 @@ int signature_scheme_to_oid(signature_scheme_t scheme) return OID_ECDSA_WITH_SHA384; case SIGN_ECDSA_WITH_SHA512_DER: return OID_ECDSA_WITH_SHA512; - case SIGN_BLISS_WITH_SHA256: - return OID_BLISS_WITH_SHA256; - case SIGN_BLISS_WITH_SHA384: - return OID_BLISS_WITH_SHA384; - case SIGN_BLISS_WITH_SHA512: - return OID_BLISS_WITH_SHA512; + case SIGN_BLISS_WITH_SHA2_256: + return OID_BLISS_WITH_SHA2_256; + case SIGN_BLISS_WITH_SHA2_384: + return OID_BLISS_WITH_SHA2_384; + case SIGN_BLISS_WITH_SHA2_512: + return OID_BLISS_WITH_SHA2_512; + case SIGN_BLISS_WITH_SHA3_256: + return OID_BLISS_WITH_SHA3_256; + case SIGN_BLISS_WITH_SHA3_384: + return OID_BLISS_WITH_SHA3_384; + case SIGN_BLISS_WITH_SHA3_512: + return OID_BLISS_WITH_SHA3_512; } return OID_UNKNOWN; } @@ -207,9 +222,9 @@ static struct { { SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 }, { SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 }, { SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 }, - { SIGN_BLISS_WITH_SHA256, KEY_BLISS, 128 }, - { SIGN_BLISS_WITH_SHA384, KEY_BLISS, 192 }, - { SIGN_BLISS_WITH_SHA512, KEY_BLISS, 0 }, + { SIGN_BLISS_WITH_SHA2_256, KEY_BLISS, 128 }, + { SIGN_BLISS_WITH_SHA2_384, KEY_BLISS, 192 }, + { SIGN_BLISS_WITH_SHA2_512, KEY_BLISS, 0 } }; /** @@ -284,9 +299,12 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme) case SIGN_ECDSA_384: case SIGN_ECDSA_521: return KEY_ECDSA; - case SIGN_BLISS_WITH_SHA256: - case SIGN_BLISS_WITH_SHA384: - case SIGN_BLISS_WITH_SHA512: + case SIGN_BLISS_WITH_SHA2_256: + case SIGN_BLISS_WITH_SHA2_384: + case SIGN_BLISS_WITH_SHA2_512: + case SIGN_BLISS_WITH_SHA3_256: + case SIGN_BLISS_WITH_SHA3_384: + case SIGN_BLISS_WITH_SHA3_512: return KEY_BLISS; } return KEY_ANY; diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h index 66e98b294..ce48f9b7e 100644 --- a/src/libstrongswan/credentials/keys/public_key.h +++ b/src/libstrongswan/credentials/keys/public_key.h @@ -1,7 +1,7 @@ /* * Copyright (C) 2015 Tobias Brunner * Copyright (C) 2007 Martin Willi - * Copyright (C) 2014 Andreas Steffen + * Copyright (C) 2014-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -94,12 +94,18 @@ enum signature_scheme_t { SIGN_ECDSA_384, /** ECDSA on the P-521 curve with SHA-512 as in RFC 4754 */ SIGN_ECDSA_521, - /** BLISS with SHA-256 */ - SIGN_BLISS_WITH_SHA256, - /** BLISS with SHA-384 */ - SIGN_BLISS_WITH_SHA384, - /** BLISS with SHA-512 */ - SIGN_BLISS_WITH_SHA512, + /** BLISS with SHA-2_256 */ + SIGN_BLISS_WITH_SHA2_256, + /** BLISS with SHA-2_384 */ + SIGN_BLISS_WITH_SHA2_384, + /** BLISS with SHA-2_512 */ + SIGN_BLISS_WITH_SHA2_512, + /** BLISS with SHA-3_256 */ + SIGN_BLISS_WITH_SHA3_256, + /** BLISS with SHA-3_384 */ + SIGN_BLISS_WITH_SHA3_384, + /** BLISS with SHA-3_512 */ + SIGN_BLISS_WITH_SHA3_512, }; /** diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 38eebea9c..e220593d4 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -1,8 +1,9 @@ /* * Copyright (C) 2012-2015 Tobias Brunner + * Copyright (C) 2015 Andreas Steffen * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil + * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -24,26 +25,34 @@ ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_SHA512, "HASH_SHA256", "HASH_SHA384", "HASH_SHA512"); -ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA224, HASH_SHA512, +ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_SHA512, "HASH_UNKNOWN", "HASH_MD2", "HASH_MD4", "HASH_MD5", - "HASH_SHA224"); -ENUM_END(hash_algorithm_names, HASH_SHA224); + "HASH_SHA224", + "HASH_SHA3_224", + "HASH_SHA3_256", + "HASH_SHA3_384", + "HASH_SHA3_512"); +ENUM_END(hash_algorithm_names, HASH_SHA3_512); ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_SHA512, "sha1", "sha256", "sha384", "sha512"); -ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA224, HASH_SHA512, +ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_SHA512, "unknown", "md2", "md4", "md5", - "sha224"); -ENUM_END(hash_algorithm_short_names, HASH_SHA224); + "sha224", + "sha3_224", + "sha3_256", + "sha3_384", + "sha3_512"); +ENUM_END(hash_algorithm_short_names, HASH_SHA3_512); /* * Described in header. @@ -73,6 +82,14 @@ hash_algorithm_t hasher_algorithm_from_oid(int oid) case OID_SHA512: case OID_SHA512_WITH_RSA: return HASH_SHA512; + case OID_SHA3_224: + return HASH_SHA3_224; + case OID_SHA3_256: + return HASH_SHA3_256; + case OID_SHA3_384: + return HASH_SHA3_384; + case OID_SHA3_512: + return HASH_SHA3_512; default: return HASH_UNKNOWN; } @@ -242,6 +259,10 @@ integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg, case HASH_MD2: case HASH_MD4: case HASH_SHA224: + case HASH_SHA3_224: + case HASH_SHA3_256: + case HASH_SHA3_384: + case HASH_SHA3_512: case HASH_UNKNOWN: break; } @@ -265,6 +286,10 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg) case HASH_MD4: case HASH_MD5: case HASH_SHA224: + case HASH_SHA3_224: + case HASH_SHA3_256: + case HASH_SHA3_384: + case HASH_SHA3_512: break; } return FALSE; @@ -300,6 +325,18 @@ int hasher_algorithm_to_oid(hash_algorithm_t alg) case HASH_SHA512: oid = OID_SHA512; break; + case HASH_SHA3_224: + oid = OID_SHA3_224; + break; + case HASH_SHA3_256: + oid = OID_SHA3_256; + break; + case HASH_SHA3_384: + oid = OID_SHA3_384; + break; + case HASH_SHA3_512: + oid = OID_SHA3_512; + break; default: oid = OID_UNKNOWN; } @@ -351,11 +388,17 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key) switch (alg) { case HASH_SHA256: - return OID_BLISS_WITH_SHA256; + return OID_BLISS_WITH_SHA2_256; case HASH_SHA384: - return OID_BLISS_WITH_SHA384; + return OID_BLISS_WITH_SHA2_384; case HASH_SHA512: - return OID_BLISS_WITH_SHA512; + return OID_BLISS_WITH_SHA2_512; + case HASH_SHA3_256: + return OID_BLISS_WITH_SHA3_256; + case HASH_SHA3_384: + return OID_BLISS_WITH_SHA3_384; + case HASH_SHA3_512: + return OID_BLISS_WITH_SHA3_512; default: return OID_UNKNOWN; } @@ -385,18 +428,24 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme) case SIGN_RSA_EMSA_PKCS1_SHA256: case SIGN_ECDSA_WITH_SHA256_DER: case SIGN_ECDSA_256: - case SIGN_BLISS_WITH_SHA256: + case SIGN_BLISS_WITH_SHA2_256: return HASH_SHA256; case SIGN_RSA_EMSA_PKCS1_SHA384: case SIGN_ECDSA_WITH_SHA384_DER: case SIGN_ECDSA_384: - case SIGN_BLISS_WITH_SHA384: + case SIGN_BLISS_WITH_SHA2_384: return HASH_SHA384; case SIGN_RSA_EMSA_PKCS1_SHA512: case SIGN_ECDSA_WITH_SHA512_DER: case SIGN_ECDSA_521: - case SIGN_BLISS_WITH_SHA512: + case SIGN_BLISS_WITH_SHA2_512: return HASH_SHA512; + case SIGN_BLISS_WITH_SHA3_256: + return HASH_SHA3_256; + case SIGN_BLISS_WITH_SHA3_384: + return HASH_SHA3_384; + case SIGN_BLISS_WITH_SHA3_512: + return HASH_SHA3_512; } return HASH_UNKNOWN; } diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h index 772586308..272502cf0 100644 --- a/src/libstrongswan/crypto/hashers/hasher.h +++ b/src/libstrongswan/crypto/hashers/hasher.h @@ -45,6 +45,10 @@ enum hash_algorithm_t { HASH_MD4 = 1026, HASH_MD5 = 1027, HASH_SHA224 = 1028, + HASH_SHA3_224 = 1029, + HASH_SHA3_256 = 1030, + HASH_SHA3_384 = 1031, + HASH_SHA3_512 = 1032 }; #define HASH_SIZE_MD2 16 diff --git a/src/libstrongswan/crypto/iv/iv_gen.c b/src/libstrongswan/crypto/iv/iv_gen.c index 7d6570a74..c70627723 100644 --- a/src/libstrongswan/crypto/iv/iv_gen.c +++ b/src/libstrongswan/crypto/iv/iv_gen.c @@ -1,4 +1,7 @@ /* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * * Copyright (C) 2015 Martin Willi * Copyright (C) 2015 revosec AG * @@ -16,6 +19,7 @@ #include "iv_gen.h" #include "iv_gen_rand.h" #include "iv_gen_seq.h" +#include "iv_gen_null.h" /** * See header. @@ -52,6 +56,7 @@ iv_gen_t* iv_gen_create_for_alg(encryption_algorithm_t alg) case ENCR_NULL_AUTH_AES_GMAC: return iv_gen_seq_create(); case ENCR_NULL: + return iv_gen_null_create(); case ENCR_UNDEFINED: case ENCR_DES_ECB: case ENCR_DES_IV32: diff --git a/src/libstrongswan/crypto/iv/iv_gen_null.c b/src/libstrongswan/crypto/iv/iv_gen_null.c new file mode 100644 index 000000000..b13de0674 --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_null.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "iv_gen_null.h" + +typedef struct private_iv_gen_t private_iv_gen_t; + +/** + * Private data of an iv_gen_t object. + */ +struct private_iv_gen_t { + + /** + * Public iv_gen_t interface. + */ + iv_gen_t public; +}; + +METHOD(iv_gen_t, get_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer) +{ + return size == 0; +} + +METHOD(iv_gen_t, allocate_iv, bool, + private_iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk) +{ + *chunk = chunk_empty; + return size == 0; +} + +METHOD(iv_gen_t, destroy, void, + private_iv_gen_t *this) +{ + free(this); +} + +iv_gen_t *iv_gen_null_create() +{ + private_iv_gen_t *this; + + INIT(this, + .public = { + .get_iv = _get_iv, + .allocate_iv = _allocate_iv, + .destroy = _destroy, + }, + ); + + return &this->public; +} diff --git a/src/libstrongswan/crypto/iv/iv_gen_null.h b/src/libstrongswan/crypto/iv/iv_gen_null.h new file mode 100644 index 000000000..b63f0c3e9 --- /dev/null +++ b/src/libstrongswan/crypto/iv/iv_gen_null.h @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @{ @ingroup iv + */ + +#ifndef IV_GEN_NULL_H_ +#define IV_GEN_NULL_H_ + +#include + +/** + * Create an IV generator that does not actually generate an IV. + * + * @return IV generator + */ +iv_gen_t *iv_gen_null_create(); + +#endif /** IV_GEN_NULL_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_plugin.c b/src/libstrongswan/plugins/bliss/bliss_plugin.c index 07597c318..4adcf1e76 100644 --- a/src/libstrongswan/plugins/bliss/bliss_plugin.c +++ b/src/libstrongswan/plugins/bliss/bliss_plugin.c @@ -55,19 +55,31 @@ METHOD(plugin_t, get_features, int, PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE), PLUGIN_PROVIDE(PUBKEY, KEY_ANY), /* signature schemes, private */ - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA256), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_256), PLUGIN_DEPENDS(HASHER, HASH_SHA256), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA384), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_384), PLUGIN_DEPENDS(HASHER, HASH_SHA384), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA512), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_512), PLUGIN_DEPENDS(HASHER, HASH_SHA512), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_256), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_256), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_384), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_384), + PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_512), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_512), /* signature verification schemes */ - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA256), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_256), PLUGIN_DEPENDS(HASHER, HASH_SHA256), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA384), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_384), PLUGIN_DEPENDS(HASHER, HASH_SHA384), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA512), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_512), PLUGIN_DEPENDS(HASHER, HASH_SHA512), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_256), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_256), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_384), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_384), + PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_512), + PLUGIN_DEPENDS(HASHER, HASH_SHA3_512), }; *features = f; diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c index 1386eeb2d..20bbc6ac5 100644 --- a/src/libstrongswan/plugins/bliss/bliss_private_key.c +++ b/src/libstrongswan/plugins/bliss/bliss_private_key.c @@ -511,12 +511,18 @@ METHOD(private_key_t, sign, bool, { switch (scheme) { - case SIGN_BLISS_WITH_SHA256: + case SIGN_BLISS_WITH_SHA2_256: return sign_bliss(this, HASH_SHA256, data, signature); - case SIGN_BLISS_WITH_SHA384: + case SIGN_BLISS_WITH_SHA2_384: return sign_bliss(this, HASH_SHA384, data, signature); - case SIGN_BLISS_WITH_SHA512: + case SIGN_BLISS_WITH_SHA2_512: return sign_bliss(this, HASH_SHA512, data, signature); + case SIGN_BLISS_WITH_SHA3_256: + return sign_bliss(this, HASH_SHA3_256, data, signature); + case SIGN_BLISS_WITH_SHA3_384: + return sign_bliss(this, HASH_SHA3_384, data, signature); + case SIGN_BLISS_WITH_SHA3_512: + return sign_bliss(this, HASH_SHA3_512, data, signature); default: DBG1(DBG_LIB, "signature scheme %N not supported with BLISS", signature_scheme_names, scheme); diff --git a/src/libstrongswan/plugins/bliss/bliss_public_key.c b/src/libstrongswan/plugins/bliss/bliss_public_key.c index 2b305f6c2..93d1165eb 100644 --- a/src/libstrongswan/plugins/bliss/bliss_public_key.c +++ b/src/libstrongswan/plugins/bliss/bliss_public_key.c @@ -193,12 +193,18 @@ METHOD(public_key_t, verify, bool, { switch (scheme) { - case SIGN_BLISS_WITH_SHA256: + case SIGN_BLISS_WITH_SHA2_256: return verify_bliss(this, HASH_SHA256, data, signature); - case SIGN_BLISS_WITH_SHA384: + case SIGN_BLISS_WITH_SHA2_384: return verify_bliss(this, HASH_SHA384, data, signature); - case SIGN_BLISS_WITH_SHA512: + case SIGN_BLISS_WITH_SHA2_512: return verify_bliss(this, HASH_SHA512, data, signature); + case SIGN_BLISS_WITH_SHA3_256: + return verify_bliss(this, HASH_SHA3_256, data, signature); + case SIGN_BLISS_WITH_SHA3_384: + return verify_bliss(this, HASH_SHA3_384, data, signature); + case SIGN_BLISS_WITH_SHA3_512: + return verify_bliss(this, HASH_SHA3_512, data, signature); default: DBG1(DBG_LIB, "signature scheme %N not supported by BLISS", signature_scheme_names, scheme); diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c index 8b4e9cbf0..a3e4420a9 100644 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c +++ b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c @@ -36,13 +36,13 @@ START_TEST(test_bliss_sign_all) switch (k) { case 1: - signature_scheme = SIGN_BLISS_WITH_SHA256; + signature_scheme = SIGN_BLISS_WITH_SHA2_256; break; case 2: - signature_scheme = SIGN_BLISS_WITH_SHA384; + signature_scheme = SIGN_BLISS_WITH_SHA2_384; break; default: - signature_scheme = SIGN_BLISS_WITH_SHA512; + signature_scheme = SIGN_BLISS_WITH_SHA2_512; } /* enforce BLISS-B key for k = 2, 3 */ @@ -176,14 +176,14 @@ START_TEST(test_bliss_sign_fail) /* generate valid signature */ msg = chunk_from_str("Hello Dolly!"); - ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA512, msg, &signature)); + ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, msg, &signature)); /* verify with invalid signature scheme */ ck_assert(!pubkey->verify(pubkey, SIGN_UNKNOWN, msg, signature)); /* corrupt signature */ signature.ptr[signature.len - 1] ^= 0x80; - ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA512, msg, signature)); + ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA2_512, msg, signature)); free(signature.ptr); privkey->destroy(privkey); diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index 7653c1986..9207f11b6 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -123,7 +123,7 @@ METHOD(fetcher_t, fetch, status_t, curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); } - DBG2(DBG_LIB, " sending http request to '%s'...", uri); + DBG2(DBG_LIB, " sending request to '%s'...", uri); curl_status = curl_easy_perform(this->curl); switch (curl_status) { @@ -137,10 +137,10 @@ METHOD(fetcher_t, fetch, status_t, { *this->result = result; } - status = (result >= 200 && result < 300) ? SUCCESS : FAILED; + status = (result < 400) ? SUCCESS : FAILED; break; default: - DBG1(DBG_LIB, "libcurl http request failed [%d]: %s", curl_status, + DBG1(DBG_LIB, "libcurl request failed [%d]: %s", curl_status, error); status = FAILED; break; diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index cac442fc0..49ec48804 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -18,6 +18,7 @@ #ifndef OPENSSL_NO_DH +#include #include #include "openssl_diffie_hellman.h" diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index a1af500e2..11d6e8ec5 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -17,6 +17,7 @@ #ifndef OPENSSL_NO_EC +#include #include #include #include diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 10a35c1fd..de02f302d 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -23,6 +23,7 @@ #include +#include #include #include #ifndef OPENSSL_NO_ENGINE diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index aa54d3bbd..db928569f 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -23,6 +23,7 @@ #include +#include #include #include #include diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c index 0e61086b1..2f9813701 100644 --- a/src/libstrongswan/plugins/openssl/openssl_util.c +++ b/src/libstrongswan/plugins/openssl/openssl_util.c @@ -18,6 +18,7 @@ #include +#include #include #include diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index f7ac347d2..01d0495be 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -356,6 +356,7 @@ static plugin_entry_t *load_plugin(private_plugin_loader_t *this, char *name, { plugin_entry_t *entry; void *handle; + int flag = RTLD_LAZY; switch (create_plugin(this, RTLD_DEFAULT, name, FALSE, critical, &entry)) { @@ -380,15 +381,19 @@ static plugin_entry_t *load_plugin(private_plugin_loader_t *this, char *name, return NULL; } } - handle = dlopen(file, RTLD_LAZY + if (lib->settings->get_bool(lib->settings, "%s.dlopen_use_rtld_now", + lib->ns, FALSE)) + { + flag = RTLD_NOW; + } #ifdef RTLD_NODELETE - /* if supported, do not unload library when unloading a plugin. It really - * doesn't matter in productive systems, but causes many (dependency) - * library reloads during unit tests. Some libraries can't handle that, + /* If supported, do not unload the library when unloading a plugin. It + * really doesn't matter in productive systems, but causes many (dependency) + * library reloads during unit tests. Some libraries can't handle that, e.g. * GnuTLS leaks file descriptors in its library load/unload functions. */ - | RTLD_NODELETE + flag |= RTLD_NODELETE; #endif - ); + handle = dlopen(file, flag); if (handle == NULL) { DBG1(DBG_LIB, "plugin '%s' failed to load: %s", name, dlerror()); diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 36d5446b8..177b3c2e5 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -56,6 +56,7 @@ METHOD(rng_t, get_bytes, bool, DBG1(DBG_LIB, "reading from random FD %d failed: %s, retrying...", this->fd, strerror(errno)); sleep(1); + continue; } done += got; } diff --git a/src/libstrongswan/plugins/revocation/revocation_validator.c b/src/libstrongswan/plugins/revocation/revocation_validator.c index 9fd5b2a22..fdcb9902b 100644 --- a/src/libstrongswan/plugins/revocation/revocation_validator.c +++ b/src/libstrongswan/plugins/revocation/revocation_validator.c @@ -367,7 +367,7 @@ static certificate_t* fetch_crl(char *url) return NULL; } crl = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509_CRL, - BUILD_BLOB_ASN1_DER, chunk, BUILD_END); + BUILD_BLOB_PEM, chunk, BUILD_END); chunk_free(&chunk); if (!crl) { diff --git a/src/libstrongswan/plugins/sha3/Makefile.am b/src/libstrongswan/plugins/sha3/Makefile.am new file mode 100644 index 000000000..7ccf58ce6 --- /dev/null +++ b/src/libstrongswan/plugins/sha3/Makefile.am @@ -0,0 +1,16 @@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) + +if MONOLITHIC +noinst_LTLIBRARIES = libstrongswan-sha3.la +else +plugin_LTLIBRARIES = libstrongswan-sha3.la +endif + +libstrongswan_sha3_la_SOURCES = \ + sha3_plugin.h sha3_plugin.c sha3_hasher.c sha3_hasher.h + +libstrongswan_sha3_la_LDFLAGS = -module -avoid-version diff --git a/src/libstrongswan/plugins/sha3/Makefile.in b/src/libstrongswan/plugins/sha3/Makefile.in new file mode 100644 index 000000000..3034ea537 --- /dev/null +++ b/src/libstrongswan/plugins/sha3/Makefile.in @@ -0,0 +1,774 @@ +# Makefile.in generated by automake 1.14.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/sha3 +DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/depcomp +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/split-package-version.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/m4/macros/add-plugin.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } +am__installdirs = "$(DESTDIR)$(plugindir)" +LTLIBRARIES = $(noinst_LTLIBRARIES) $(plugin_LTLIBRARIES) +libstrongswan_sha3_la_LIBADD = +am_libstrongswan_sha3_la_OBJECTS = sha3_plugin.lo sha3_hasher.lo +libstrongswan_sha3_la_OBJECTS = $(am_libstrongswan_sha3_la_OBJECTS) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +libstrongswan_sha3_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_sha3_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +@MONOLITHIC_FALSE@am_libstrongswan_sha3_la_rpath = -rpath $(plugindir) +@MONOLITHIC_TRUE@am_libstrongswan_sha3_la_rpath = +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = +DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = +CCLD = $(CC) +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = +SOURCES = $(libstrongswan_sha3_la_SOURCES) +DIST_SOURCES = $(libstrongswan_sha3_la_SOURCES) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BFDLIB = @BFDLIB@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +COVERAGE_CFLAGS = @COVERAGE_CFLAGS@ +COVERAGE_LDFLAGS = @COVERAGE_LDFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +EASY_INSTALL = @EASY_INSTALL@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GEM = @GEM@ +GENHTML = @GENHTML@ +GPERF = @GPERF@ +GPRBUILD = @GPRBUILD@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LCOV = @LCOV@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB = @OPENSSL_LIB@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PACKAGE_VERSION_BUILD = @PACKAGE_VERSION_BUILD@ +PACKAGE_VERSION_MAJOR = @PACKAGE_VERSION_MAJOR@ +PACKAGE_VERSION_MINOR = @PACKAGE_VERSION_MINOR@ +PACKAGE_VERSION_REVIEW = @PACKAGE_VERSION_REVIEW@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +PLUGIN_CFLAGS = @PLUGIN_CFLAGS@ +PTHREADLIB = @PTHREADLIB@ +PYTHON = @PYTHON@ +PYTHONEGGINSTALLDIR = @PYTHONEGGINSTALLDIR@ +PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@ +PYTHON_PLATFORM = @PYTHON_PLATFORM@ +PYTHON_PREFIX = @PYTHON_PREFIX@ +PYTHON_VERSION = @PYTHON_VERSION@ +PY_TEST = @PY_TEST@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYGEMDIR = @RUBYGEMDIR@ +RUBYINCLUDE = @RUBYINCLUDE@ +RUBYLIB = @RUBYLIB@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +UNWINDLIB = @UNWINDLIB@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +aikgen_plugins = @aikgen_plugins@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +attest_plugins = @attest_plugins@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +c_plugins = @c_plugins@ +charon_natt_port = @charon_natt_port@ +charon_plugins = @charon_plugins@ +charon_udp_port = @charon_udp_port@ +clearsilver_LIBS = @clearsilver_LIBS@ +cmd_plugins = @cmd_plugins@ +datadir = @datadir@ +datarootdir = @datarootdir@ +dbusservicedir = @dbusservicedir@ +dev_headers = @dev_headers@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +fips_mode = @fips_mode@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +h_plugins = @h_plugins@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +imcvdir = @imcvdir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsec_script = @ipsec_script@ +ipsec_script_upper = @ipsec_script_upper@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipseclibdir = @ipseclibdir@ +ipsecuser = @ipsecuser@ +json_CFLAGS = @json_CFLAGS@ +json_LIBS = @json_LIBS@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libiptc_CFLAGS = @libiptc_CFLAGS@ +libiptc_LIBS = @libiptc_LIBS@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +maemo_CFLAGS = @maemo_CFLAGS@ +maemo_LIBS = @maemo_LIBS@ +manager_plugins = @manager_plugins@ +mandir = @mandir@ +medsrv_plugins = @medsrv_plugins@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +nm_plugins = @nm_plugins@ +oldincludedir = @oldincludedir@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ +pdfdir = @pdfdir@ +piddir = @piddir@ +pkgpyexecdir = @pkgpyexecdir@ +pkgpythondir = @pkgpythondir@ +pki_plugins = @pki_plugins@ +plugindir = @plugindir@ +pool_plugins = @pool_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +pyexecdir = @pyexecdir@ +pythondir = @pythondir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +s_plugins = @s_plugins@ +sbindir = @sbindir@ +scepclient_plugins = @scepclient_plugins@ +scripts_plugins = @scripts_plugins@ +sharedstatedir = @sharedstatedir@ +soup_CFLAGS = @soup_CFLAGS@ +soup_LIBS = @soup_LIBS@ +srcdir = @srcdir@ +starter_plugins = @starter_plugins@ +strongswan_conf = @strongswan_conf@ +strongswan_options = @strongswan_options@ +swanctldir = @swanctldir@ +sysconfdir = @sysconfdir@ +systemd_daemon_CFLAGS = @systemd_daemon_CFLAGS@ +systemd_daemon_LIBS = @systemd_daemon_LIBS@ +systemd_journal_CFLAGS = @systemd_journal_CFLAGS@ +systemd_journal_LIBS = @systemd_journal_LIBS@ +systemdsystemunitdir = @systemdsystemunitdir@ +t_plugins = @t_plugins@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +AM_CPPFLAGS = \ + -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = \ + $(PLUGIN_CFLAGS) + +@MONOLITHIC_TRUE@noinst_LTLIBRARIES = libstrongswan-sha3.la +@MONOLITHIC_FALSE@plugin_LTLIBRARIES = libstrongswan-sha3.la +libstrongswan_sha3_la_SOURCES = \ + sha3_plugin.h sha3_plugin.c sha3_hasher.c sha3_hasher.h + +libstrongswan_sha3_la_LDFLAGS = -module -avoid-version +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/sha3/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/sha3/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(plugindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(plugindir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + +libstrongswan-sha3.la: $(libstrongswan_sha3_la_OBJECTS) $(libstrongswan_sha3_la_DEPENDENCIES) $(EXTRA_libstrongswan_sha3_la_DEPENDENCIES) + $(AM_V_CCLD)$(libstrongswan_sha3_la_LINK) $(am_libstrongswan_sha3_la_rpath) $(libstrongswan_sha3_la_OBJECTS) $(libstrongswan_sha3_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha3_hasher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha3_plugin.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< + +.c.obj: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ + here=`pwd`; \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-noinstLTLIBRARIES \ + clean-pluginLTLIBRARIES mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-noinstLTLIBRARIES clean-pluginLTLIBRARIES \ + cscopelist-am ctags ctags-am distclean distclean-compile \ + distclean-generic distclean-libtool distclean-tags distdir dvi \ + dvi-am html html-am info info-am install install-am \ + install-data install-data-am install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-man install-pdf \ + install-pdf-am install-pluginLTLIBRARIES install-ps \ + install-ps-am install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags tags-am uninstall \ + uninstall-am uninstall-pluginLTLIBRARIES + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/sha3/sha3_hasher.c b/src/libstrongswan/plugins/sha3/sha3_hasher.c new file mode 100644 index 000000000..b34a02594 --- /dev/null +++ b/src/libstrongswan/plugins/sha3/sha3_hasher.c @@ -0,0 +1,527 @@ +/* + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * Based on the implementation by the Keccak, Keyak and Ketje Teams, namely, + * Guido Bertoni, Joan Daemen, Michaël Peeters, Gilles Van Assche and + * Ronny Van Keer, hereby denoted as "the implementer". + * + * To the extent possible under law, the implementer has waived all copyright + * and related or neighboring rights to the source code in this file. + * http://creativecommons.org/publicdomain/zero/1.0/ + */ + +#include + +#include "sha3_hasher.h" + +typedef struct private_sha3_hasher_t private_sha3_hasher_t; + +#define KECCAK_STATE_SIZE 200 /* bytes */ +#define KECCAK_MAX_RATE 144 /* bytes */ +#define DELIMITED_SUFFIX 0x06 + +static const uint64_t round_constants[] = { + 0x0000000000000001ULL, + 0x0000000000008082ULL, + 0x800000000000808aULL, + 0x8000000080008000ULL, + 0x000000000000808bULL, + 0x0000000080000001ULL, + 0x8000000080008081ULL, + 0x8000000000008009ULL, + 0x000000000000008aULL, + 0x0000000000000088ULL, + 0x0000000080008009ULL, + 0x000000008000000aULL, + 0x000000008000808bULL, + 0x800000000000008bULL, + 0x8000000000008089ULL, + 0x8000000000008003ULL, + 0x8000000000008002ULL, + 0x8000000000000080ULL, + 0x000000000000800aULL, + 0x800000008000000aULL, + 0x8000000080008081ULL, + 0x8000000000008080ULL, + 0x0000000080000001ULL, + 0x8000000080008008ULL +}; + +/** + * Private data structure with hashing context for SHA-3 + */ +struct private_sha3_hasher_t { + + /** + * Public interface for this hasher. + */ + sha3_hasher_t public; + + /** + * SHA-3 algorithm to be used + */ + hash_algorithm_t algorithm; + + /** + * Internal state of 1600 bits as defined by FIPS-202 + */ + uint8_t state[KECCAK_STATE_SIZE]; + + /** + * Rate in bytes + */ + u_int rate; + + /** + * Rate input buffer + */ + uint8_t rate_buffer[KECCAK_MAX_RATE]; + + /** + * Index pointing to the current position in the rate buffer + */ + u_int rate_index; + +}; + +#if BYTE_ORDER != LITTLE_ENDIAN +/** + * Function to load a 64-bit value using the little-endian (LE) convention. + * On a LE platform, this could be greatly simplified using a cast. + */ +static uint64_t load64(const uint8_t *x) +{ + int i; + uint64_t u = 0; + + for (i = 7; i >= 0; --i) + { + u <<= 8; + u |= x[i]; + } + return u; +} + +/** + * Function to store a 64-bit value using the little-endian (LE) convention. + * On a LE platform, this could be greatly simplified using a cast. + */ +static void store64(uint8_t *x, uint64_t u) +{ + u_int i; + + for (i = 0; i < 8; ++i) + { + x[i] = u; + u >>= 8; + } +} + +/** + * Function to XOR into a 64-bit value using the little-endian (LE) convention. + * On a LE platform, this could be greatly simplified using a cast. + */ +static void xor64(uint8_t *x, uint64_t u) +{ + u_int i; + + for (i = 0; i < 8; ++i) + { + x[i] ^= u; + u >>= 8; + } +} +#endif + +/** + * Some macros used by the Keccak-f[1600] permutation. + */ +#define ROL64(a, offset) ((((uint64_t)a) << offset) ^ (((uint64_t)a) >> (64-offset))) + +#if BYTE_ORDER == LITTLE_ENDIAN + #define readLane(i) (((uint64_t*)state)[i]) + #define writeLane(i, lane) (((uint64_t*)state)[i]) = (lane) + #define XORLane(i, lane) (((uint64_t*)state)[i]) ^= (lane) +#elif BYTE_ORDER == BIG_ENDIAN + #define readLane(i) load64((uint8_t*)state+sizeof(uint64_t)*i)) + #define writeLane(i, lane) store64((uint8_t*)state+sizeof(uint64_t)*i, lane) + #define XORLane(i, lane) xor64((uint8_t*)state+sizeof(uint64_t)*i, lane) +#endif + +/** + * Function that computes the Keccak-f[1600] permutation on the given state. + */ +static void keccak_f1600_state_permute(void *state) +{ + int round; + + for (round = 0; round < 24; round++) + { + { /* θ step (see [Keccak Reference, Section 2.3.2]) */ + + uint64_t C[5], D; + + /* Compute the parity of the columns */ + C[0] = readLane(0) ^ readLane( 5) ^ readLane(10) + ^ readLane(15) ^ readLane(20); + C[1] = readLane(1) ^ readLane( 6) ^ readLane(11) + ^ readLane(16) ^ readLane(21); + C[2] = readLane(2) ^ readLane( 7) ^ readLane(12) + ^ readLane(17) ^ readLane(22); + C[3] = readLane(3) ^ readLane( 8) ^ readLane(13) + ^ readLane(18) ^ readLane(23); + C[4] = readLane(4) ^ readLane( 9) ^ readLane(14) + ^ readLane(19) ^ readLane(24); + + /* Compute and add the θ effect to the whole column */ + D = C[4] ^ ROL64(C[1], 1); + XORLane( 0, D); + XORLane( 5, D); + XORLane(10, D); + XORLane(15, D); + XORLane(20, D); + + D = C[0] ^ ROL64(C[2], 1); + XORLane( 1, D); + XORLane( 6, D); + XORLane(11, D); + XORLane(16, D); + XORLane(21, D); + + D = C[1] ^ ROL64(C[3], 1); + XORLane( 2, D); + XORLane( 7, D); + XORLane(12, D); + XORLane(17, D); + XORLane(22, D); + + D = C[2] ^ ROL64(C[4], 1); + XORLane( 3, D); + XORLane( 8, D); + XORLane(13, D); + XORLane(18, D); + XORLane(23, D); + + D = C[3] ^ ROL64(C[0], 1); + XORLane( 4, D); + XORLane( 9, D); + XORLane(14, D); + XORLane(19, D); + XORLane(24, D); + } + + { /* ρ and π steps (see [Keccak Reference, Sections 2.3.3 and 2.3.4]) */ + + uint64_t t1, t2; + + t1 = readLane( 1); + + t2 = readLane(10); + writeLane(10, ROL64(t1, 1)); + + t1 = readLane( 7); + writeLane( 7, ROL64(t2, 3)); + + t2 = readLane(11); + writeLane(11, ROL64(t1, 6)); + + t1 = readLane(17); + writeLane(17, ROL64(t2, 10)); + + t2 = readLane(18); + writeLane(18, ROL64(t1, 15)); + + t1 = readLane( 3); + writeLane( 3, ROL64(t2, 21)); + + t2 = readLane( 5); + writeLane( 5, ROL64(t1, 28)); + + t1 = readLane(16); + writeLane(16, ROL64(t2, 36)); + + t2 = readLane( 8); + writeLane( 8, ROL64(t1, 45)); + + t1 = readLane(21); + writeLane(21, ROL64(t2, 55)); + + t2 = readLane(24); + writeLane(24, ROL64(t1, 2)); + + t1 = readLane( 4); + writeLane( 4, ROL64(t2, 14)); + + t2 = readLane(15); + writeLane(15, ROL64(t1, 27)); + + t1 = readLane(23); + writeLane(23, ROL64(t2, 41)); + + t2 = readLane(19); + writeLane(19, ROL64(t1, 56)); + + t1 = readLane(13); + writeLane(13, ROL64(t2, 8)); + + t2 = readLane(12); + writeLane(12, ROL64(t1, 25)); + + t1 = readLane( 2); + writeLane( 2, ROL64(t2, 43)); + + t2 = readLane(20); + writeLane(20, ROL64(t1, 62)); + + t1 = readLane(14); + writeLane(14, ROL64(t2, 18)); + + t2 = readLane(22); + writeLane(22, ROL64(t1, 39)); + + t1 = readLane( 9); + writeLane( 9, ROL64(t2, 61)); + + t2 = readLane( 6); + writeLane( 6, ROL64(t1, 20)); + + writeLane( 1, ROL64(t2, 44)); + } + + { /* χ step (see [Keccak Reference, Section 2.3.1]) */ + + uint64_t t[5]; + + t[0] = readLane(0); + t[1] = readLane(1); + t[2] = readLane(2); + t[3] = readLane(3); + t[4] = readLane(4); + + writeLane(0, t[0] ^ ((~t[1]) & t[2])); + writeLane(1, t[1] ^ ((~t[2]) & t[3])); + writeLane(2, t[2] ^ ((~t[3]) & t[4])); + writeLane(3, t[3] ^ ((~t[4]) & t[0])); + writeLane(4, t[4] ^ ((~t[0]) & t[1])); + + t[0] = readLane(5); + t[1] = readLane(6); + t[2] = readLane(7); + t[3] = readLane(8); + t[4] = readLane(9); + + writeLane(5, t[0] ^ ((~t[1]) & t[2])); + writeLane(6, t[1] ^ ((~t[2]) & t[3])); + writeLane(7, t[2] ^ ((~t[3]) & t[4])); + writeLane(8, t[3] ^ ((~t[4]) & t[0])); + writeLane(9, t[4] ^ ((~t[0]) & t[1])); + + t[0] = readLane(10); + t[1] = readLane(11); + t[2] = readLane(12); + t[3] = readLane(13); + t[4] = readLane(14); + + writeLane(10, t[0] ^ ((~t[1]) & t[2])); + writeLane(11, t[1] ^ ((~t[2]) & t[3])); + writeLane(12, t[2] ^ ((~t[3]) & t[4])); + writeLane(13, t[3] ^ ((~t[4]) & t[0])); + writeLane(14, t[4] ^ ((~t[0]) & t[1])); + + t[0] = readLane(15); + t[1] = readLane(16); + t[2] = readLane(17); + t[3] = readLane(18); + t[4] = readLane(19); + + writeLane(15, t[0] ^ ((~t[1]) & t[2])); + writeLane(16, t[1] ^ ((~t[2]) & t[3])); + writeLane(17, t[2] ^ ((~t[3]) & t[4])); + writeLane(18, t[3] ^ ((~t[4]) & t[0])); + writeLane(19, t[4] ^ ((~t[0]) & t[1])); + + t[0] = readLane(20); + t[1] = readLane(21); + t[2] = readLane(22); + t[3] = readLane(23); + t[4] = readLane(24); + + writeLane(20, t[0] ^ ((~t[1]) & t[2])); + writeLane(21, t[1] ^ ((~t[2]) & t[3])); + writeLane(22, t[2] ^ ((~t[3]) & t[4])); + writeLane(23, t[3] ^ ((~t[4]) & t[0])); + writeLane(24, t[4] ^ ((~t[0]) & t[1])); + } + + { /* ι step (see [Keccak Reference, Section 2.3.5]) */ + + XORLane(0, round_constants[round]); + } + } +} + +METHOD(hasher_t, reset, bool, + private_sha3_hasher_t *this) +{ + memset(this->state, 0x00, KECCAK_STATE_SIZE); + this->rate_index = 0; + + return TRUE; +} + +METHOD(hasher_t, get_hash_size, size_t, + private_sha3_hasher_t *this) +{ + switch (this->algorithm) + { + case HASH_SHA3_224: + return HASH_SIZE_SHA224; + case HASH_SHA3_256: + return HASH_SIZE_SHA256; + case HASH_SHA3_384: + return HASH_SIZE_SHA384; + case HASH_SHA3_512: + return HASH_SIZE_SHA512; + default: + return 0; + } +} + +static void sha3_absorb(private_sha3_hasher_t *this, chunk_t data) +{ + uint64_t *buffer_lanes, *state_lanes; + size_t len, rate_lanes; + int i; + + buffer_lanes = (uint64_t*)this->rate_buffer; + state_lanes = (uint64_t*)this->state; + rate_lanes = this->rate / sizeof(uint64_t); + + while (data.len) + { + len = min(data.len, this->rate - this->rate_index); + memcpy(this->rate_buffer + this->rate_index, data.ptr, len); + this->rate_index += len; + data.ptr += len; + data.len -= len; + + if (this->rate_index == this->rate) + { + for (i = 0; i < rate_lanes; i++) + { + state_lanes[i] ^= buffer_lanes[i]; + } + this->rate_index = 0; + + keccak_f1600_state_permute(this->state); + } + } +} + +static void sha3_final(private_sha3_hasher_t *this) +{ + uint64_t *buffer_lanes, *state_lanes; + size_t rate_lanes, remainder; + int i; + + /* Add the delimitedSuffix as the first bit of padding */ + this->rate_buffer[this->rate_index++] = DELIMITED_SUFFIX; + + buffer_lanes = (uint64_t*)this->rate_buffer; + state_lanes = (uint64_t*)this->state; + rate_lanes = this->rate_index / sizeof(uint64_t); + + remainder = this->rate_index - rate_lanes * sizeof(uint64_t); + if (remainder) + { + memset(this->rate_buffer + this->rate_index, 0x00, + sizeof(uint64_t) - remainder); + rate_lanes++; + } + for (i = 0; i < rate_lanes; i++) + { + state_lanes[i] ^= buffer_lanes[i]; + } + + /* Add the second bit of padding */ + this->state[this->rate - 1] ^= 0x80; + + /* Switch to the squeezing phase */ + keccak_f1600_state_permute(this->state); +} + +METHOD(hasher_t, get_hash, bool, + private_sha3_hasher_t *this, chunk_t chunk, uint8_t *buffer) +{ + sha3_absorb(this, chunk); + + if (buffer != NULL) + { + sha3_final(this); + memcpy(buffer, this->state, get_hash_size(this)); + reset(this); + } + return TRUE; +} + +METHOD(hasher_t, allocate_hash, bool, + private_sha3_hasher_t *this, chunk_t chunk, chunk_t *hash) +{ + chunk_t allocated_hash; + + sha3_absorb(this, chunk); + + if (hash != NULL) + { + sha3_final(this); + allocated_hash = chunk_alloc(get_hash_size(this)); + memcpy(allocated_hash.ptr, this->state, allocated_hash.len); + reset(this); + *hash = allocated_hash; + } + return TRUE; +} + +METHOD(hasher_t, destroy, void, + sha3_hasher_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +sha3_hasher_t *sha3_hasher_create(hash_algorithm_t algorithm) +{ + private_sha3_hasher_t *this; + + switch (algorithm) + { + case HASH_SHA3_224: + case HASH_SHA3_256: + case HASH_SHA3_384: + case HASH_SHA3_512: + break; + default: + return NULL; + } + + INIT(this, + .public = { + .hasher_interface = { + .reset = _reset, + .get_hash_size = _get_hash_size, + .get_hash = _get_hash, + .allocate_hash = _allocate_hash, + .destroy = _destroy, + }, + }, + .algorithm = algorithm, + ); + + this->rate = KECCAK_STATE_SIZE - 2*get_hash_size(this); + reset(this); + + return &this->public; +} diff --git a/src/libstrongswan/plugins/sha3/sha3_hasher.h b/src/libstrongswan/plugins/sha3/sha3_hasher.h new file mode 100644 index 000000000..2f18d35b0 --- /dev/null +++ b/src/libstrongswan/plugins/sha3/sha3_hasher.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup sha3_hasher sha3_hasher + * @{ @ingroup sha3_p + */ + +#ifndef SHA3_HASHER_H_ +#define SHA3_HASHER_H_ + +typedef struct sha3_hasher_t sha3_hasher_t; + +#include + +/** + * Implementation of hasher_t interface using the SHA-3 algorithm family + * SHA3_224, SHA3_256, SHA3_384 and SHA3_512 as defined by FIPS-202. + */ +struct sha3_hasher_t { + + /** + * Generic hasher_t interface for this hasher. + */ + hasher_t hasher_interface; +}; + +/** + * Creates a new sha3_hasher_t. + * + * @param algorithm HASH3_224, HASH_SHA3_256, HASH_SHA3_384 or HASH_SHA3_512 + * @return sha3_hasher_t object, NULL if not supported + */ +sha3_hasher_t *sha3_hasher_create(hash_algorithm_t algorithm); + +#endif /** SHA3_HASHER_H_ @}*/ diff --git a/src/libstrongswan/plugins/sha3/sha3_plugin.c b/src/libstrongswan/plugins/sha3/sha3_plugin.c new file mode 100644 index 000000000..28068f38e --- /dev/null +++ b/src/libstrongswan/plugins/sha3/sha3_plugin.c @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "sha3_plugin.h" + +#include +#include "sha3_hasher.h" + +typedef struct private_sha3_plugin_t private_sha3_plugin_t; + +/** + * private data of sha3_plugin + */ +struct private_sha3_plugin_t { + + /** + * public functions + */ + sha3_plugin_t public; +}; + +METHOD(plugin_t, get_name, char*, + private_sha3_plugin_t *this) +{ + return "sha3"; +} + +METHOD(plugin_t, get_features, int, + private_sha3_plugin_t *this, plugin_feature_t *features[]) +{ + static plugin_feature_t f[] = { + PLUGIN_REGISTER(HASHER, sha3_hasher_create), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_224), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_256), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_384), + PLUGIN_PROVIDE(HASHER, HASH_SHA3_512), + }; + *features = f; + return countof(f); +} + +METHOD(plugin_t, destroy, void, + private_sha3_plugin_t *this) +{ + free(this); +} + +/* + * see header file + */ +plugin_t *sha3_plugin_create() +{ + private_sha3_plugin_t *this; + + INIT(this, + .public = { + .plugin = { + .get_name = _get_name, + .get_features = _get_features, + .destroy = _destroy, + }, + }, + ); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/sha3/sha3_plugin.h b/src/libstrongswan/plugins/sha3/sha3_plugin.h new file mode 100644 index 000000000..09c8e5d81 --- /dev/null +++ b/src/libstrongswan/plugins/sha3/sha3_plugin.h @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup sha3_p sha3 + * @ingroup plugins + * + * @defgroup sha3_plugin sha3_plugin + * @{ @ingroup sha3_p + */ + +#ifndef SHA3_PLUGIN_H_ +#define SHA3_PLUGIN_H_ + +#include + +typedef struct sha3_plugin_t sha3_plugin_t; + +/** + * Plugin implementing the SHA356, SHA384 and SHA512 algorithms in software. + */ +struct sha3_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +#endif /** SHA3_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.am b/src/libstrongswan/plugins/test_vectors/Makefile.am index 72ba4ceef..ab540e78e 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.am +++ b/src/libstrongswan/plugins/test_vectors/Makefile.am @@ -40,6 +40,7 @@ libstrongswan_test_vectors_la_SOURCES = \ test_vectors/sha1_hmac.c \ test_vectors/sha2.c \ test_vectors/sha2_hmac.c \ + test_vectors/sha3.c \ test_vectors/fips_prf.c \ test_vectors/modp.c \ test_vectors/modpsub.c \ diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in index fa7c3cb82..100f3b15a 100644 --- a/src/libstrongswan/plugins/test_vectors/Makefile.in +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -142,9 +142,10 @@ am_libstrongswan_test_vectors_la_OBJECTS = test_vectors_plugin.lo \ test_vectors/md2.lo test_vectors/md4.lo test_vectors/md5.lo \ test_vectors/md5_hmac.lo test_vectors/sha1.lo \ test_vectors/sha1_hmac.lo test_vectors/sha2.lo \ - test_vectors/sha2_hmac.lo test_vectors/fips_prf.lo \ - test_vectors/modp.lo test_vectors/modpsub.lo \ - test_vectors/ecp.lo test_vectors/ecpbp.lo test_vectors/rng.lo + test_vectors/sha2_hmac.lo test_vectors/sha3.lo \ + test_vectors/fips_prf.lo test_vectors/modp.lo \ + test_vectors/modpsub.lo test_vectors/ecp.lo \ + test_vectors/ecpbp.lo test_vectors/rng.lo libstrongswan_test_vectors_la_OBJECTS = \ $(am_libstrongswan_test_vectors_la_OBJECTS) AM_V_lt = $(am__v_lt_@AM_V@) @@ -482,6 +483,7 @@ libstrongswan_test_vectors_la_SOURCES = \ test_vectors/sha1_hmac.c \ test_vectors/sha2.c \ test_vectors/sha2_hmac.c \ + test_vectors/sha3.c \ test_vectors/fips_prf.c \ test_vectors/modp.c \ test_vectors/modpsub.c \ @@ -632,6 +634,8 @@ test_vectors/sha2.lo: test_vectors/$(am__dirstamp) \ test_vectors/$(DEPDIR)/$(am__dirstamp) test_vectors/sha2_hmac.lo: test_vectors/$(am__dirstamp) \ test_vectors/$(DEPDIR)/$(am__dirstamp) +test_vectors/sha3.lo: test_vectors/$(am__dirstamp) \ + test_vectors/$(DEPDIR)/$(am__dirstamp) test_vectors/fips_prf.lo: test_vectors/$(am__dirstamp) \ test_vectors/$(DEPDIR)/$(am__dirstamp) test_vectors/modp.lo: test_vectors/$(am__dirstamp) \ @@ -690,6 +694,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@test_vectors/$(DEPDIR)/sha1_hmac.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@test_vectors/$(DEPDIR)/sha2.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@test_vectors/$(DEPDIR)/sha2_hmac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@test_vectors/$(DEPDIR)/sha3.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@test_vectors/$(DEPDIR)/twofish_cbc.Plo@am__quote@ .c.o: diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h index 57c218c16..3ff211da8 100644 --- a/src/libstrongswan/plugins/test_vectors/test_vectors.h +++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h @@ -184,6 +184,30 @@ TEST_VECTOR_HASHER(sha384_3) TEST_VECTOR_HASHER(sha512_1) TEST_VECTOR_HASHER(sha512_2) TEST_VECTOR_HASHER(sha512_3) +TEST_VECTOR_HASHER(sha3_224_0) +TEST_VECTOR_HASHER(sha3_256_0) +TEST_VECTOR_HASHER(sha3_384_0) +TEST_VECTOR_HASHER(sha3_512_0) +TEST_VECTOR_HASHER(sha3_224_1) +TEST_VECTOR_HASHER(sha3_256_1) +TEST_VECTOR_HASHER(sha3_384_1) +TEST_VECTOR_HASHER(sha3_512_1) +TEST_VECTOR_HASHER(sha3_224_2) +TEST_VECTOR_HASHER(sha3_256_2) +TEST_VECTOR_HASHER(sha3_384_2) +TEST_VECTOR_HASHER(sha3_512_2) +TEST_VECTOR_HASHER(sha3_224_143) +TEST_VECTOR_HASHER(sha3_256_135) +TEST_VECTOR_HASHER(sha3_384_103) +TEST_VECTOR_HASHER(sha3_512_71) +TEST_VECTOR_HASHER(sha3_224_144) +TEST_VECTOR_HASHER(sha3_256_136) +TEST_VECTOR_HASHER(sha3_384_104) +TEST_VECTOR_HASHER(sha3_512_72) +TEST_VECTOR_HASHER(sha3_224_255) +TEST_VECTOR_HASHER(sha3_256_255) +TEST_VECTOR_HASHER(sha3_384_255) +TEST_VECTOR_HASHER(sha3_512_255) TEST_VECTOR_PRF(aes_xcbc_p1) TEST_VECTOR_PRF(aes_xcbc_p2) diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha3.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha3.c new file mode 100644 index 000000000..e659f66f4 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha3.c @@ -0,0 +1,328 @@ +/* + * Copyright (C) 2015 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include + +/** + * SHA-3_224 vectors from "https://github.com/gvanas/KeccakCodePackage/" + */ +hasher_test_vector_t sha3_224_0 = { + .alg = HASH_SHA3_224, .len = 0, + .data = "", + .hash = "\x6B\x4E\x03\x42\x36\x67\xDB\xB7\x3B\x6E\x15\x45\x4F\x0E\xB1\xAB" + "\xD4\x59\x7F\x9A\x1B\x07\x8E\x3F\x5B\x5A\x6B\xC7" + +}; + +hasher_test_vector_t sha3_224_1 = { + .alg = HASH_SHA3_224, .len = 1, + .data = "\xCC", + .hash = "\xDF\x70\xAD\xC4\x9B\x2E\x76\xEE\xE3\xA6\x93\x1B\x93\xFA\x41\x84" + "\x1C\x3A\xF2\xCD\xF5\xB3\x2A\x18\xB5\x47\x8C\x39" +}; + +hasher_test_vector_t sha3_224_2 = { + .alg = HASH_SHA3_224, .len = 2, + .data = "\x41\xFB", + .hash = "\xBF\xF2\x95\x86\x1D\xAE\xDF\x33\xE7\x05\x19\xB1\xE2\xBC\xB4\xC2" + "\xE9\xFE\x33\x64\xD7\x89\xBC\x3B\x17\x30\x1C\x15" +}; + +hasher_test_vector_t sha3_224_143 = { + .alg = HASH_SHA3_224, .len = 143, + .data = "\xEA\x40\xE8\x3C\xB1\x8B\x3A\x24\x2C\x1E\xCC\x6C\xCD\x0B\x78\x53" + "\xA4\x39\xDA\xB2\xC5\x69\xCF\xC6\xDC\x38\xA1\x9F\x5C\x90\xAC\xBF" + "\x76\xAE\xF9\xEA\x37\x42\xFF\x3B\x54\xEF\x7D\x36\xEB\x7C\xE4\xFF" + "\x1C\x9A\xB3\xBC\x11\x9C\xFF\x6B\xE9\x3C\x03\xE2\x08\x78\x33\x35" + "\xC0\xAB\x81\x37\xBE\x5B\x10\xCD\xC6\x6F\xF3\xF8\x9A\x1B\xDD\xC6" + "\xA1\xEE\xD7\x4F\x50\x4C\xBE\x72\x90\x69\x0B\xB2\x95\xA8\x72\xB9" + "\xE3\xFE\x2C\xEE\x9E\x6C\x67\xC4\x1D\xB8\xEF\xD7\xD8\x63\xCF\x10" + "\xF8\x40\xFE\x61\x8E\x79\x36\xDA\x3D\xCA\x5C\xA6\xDF\x93\x3F\x24" + "\xF6\x95\x4B\xA0\x80\x1A\x12\x94\xCD\x8D\x7E\x66\xDF\xAF\xEC", + .hash = "\xAB\x0F\xD3\x08\x59\x05\x74\xD6\xF6\x13\x02\x32\xD9\xFA\xFA\x9F" + "\xFC\xFE\xA7\x85\x79\xA6\xA8\xF6\x7C\x59\x04\x20" +}; + +hasher_test_vector_t sha3_224_144 = { + .alg = HASH_SHA3_224, .len = 144, + .data = "\x15\x7D\x5B\x7E\x45\x07\xF6\x6D\x9A\x26\x74\x76\xD3\x38\x31\xE7" + "\xBB\x76\x8D\x4D\x04\xCC\x34\x38\xDA\x12\xF9\x01\x02\x63\xEA\x5F" + "\xCA\xFB\xDE\x25\x79\xDB\x2F\x6B\x58\xF9\x11\xD5\x93\xD5\xF7\x9F" + "\xB0\x5F\xE3\x59\x6E\x3F\xA8\x0F\xF2\xF7\x61\xD1\xB0\xE5\x70\x80" + "\x05\x5C\x11\x8C\x53\xE5\x3C\xDB\x63\x05\x52\x61\xD7\xC9\xB2\xB3" + "\x9B\xD9\x0A\xCC\x32\x52\x0C\xBB\xDB\xDA\x2C\x4F\xD8\x85\x6D\xBC" + "\xEE\x17\x31\x32\xA2\x67\x91\x98\xDA\xF8\x30\x07\xA9\xB5\xC5\x15" + "\x11\xAE\x49\x76\x6C\x79\x2A\x29\x52\x03\x88\x44\x4E\xBE\xFE\x28" + "\x25\x6F\xB3\x3D\x42\x60\x43\x9C\xBA\x73\xA9\x47\x9E\xE0\x0C\x63", + .hash = "\xD5\x13\x42\x00\xDC\x98\xF4\xCA\x48\x0C\xD2\x4D\x24\x49\x77\x37" + "\x25\x2B\x55\x97\x7A\xE5\xA8\x69\xBA\x27\x08\x9D" +}; + +hasher_test_vector_t sha3_224_255 = { + .alg = HASH_SHA3_224, .len = 255, + .data = "\x3A\x3A\x81\x9C\x48\xEF\xDE\x2A\xD9\x14\xFB\xF0\x0E\x18\xAB\x6B" + "\xC4\xF1\x45\x13\xAB\x27\xD0\xC1\x78\xA1\x88\xB6\x14\x31\xE7\xF5" + "\x62\x3C\xB6\x6B\x23\x34\x67\x75\xD3\x86\xB5\x0E\x98\x2C\x49\x3A" + "\xDB\xBF\xC5\x4B\x9A\x3C\xD3\x83\x38\x23\x36\xA1\xA0\xB2\x15\x0A" + "\x15\x35\x8F\x33\x6D\x03\xAE\x18\xF6\x66\xC7\x57\x3D\x55\xC4\xFD" + "\x18\x1C\x29\xE6\xCC\xFD\xE6\x3E\xA3\x5F\x0A\xDF\x58\x85\xCF\xC0" + "\xA3\xD8\x4A\x2B\x2E\x4D\xD2\x44\x96\xDB\x78\x9E\x66\x31\x70\xCE" + "\xF7\x47\x98\xAA\x1B\xBC\xD4\x57\x4E\xA0\xBB\xA4\x04\x89\xD7\x64" + "\xB2\xF8\x3A\xAD\xC6\x6B\x14\x8B\x4A\x0C\xD9\x52\x46\xC1\x27\xD5" + "\x87\x1C\x4F\x11\x41\x86\x90\xA5\xDD\xF0\x12\x46\xA0\xC8\x0A\x43" + "\xC7\x00\x88\xB6\x18\x36\x39\xDC\xFD\xA4\x12\x5B\xD1\x13\xA8\xF4" + "\x9E\xE2\x3E\xD3\x06\xFA\xAC\x57\x6C\x3F\xB0\xC1\xE2\x56\x67\x1D" + "\x81\x7F\xC2\x53\x4A\x52\xF5\xB4\x39\xF7\x2E\x42\x4D\xE3\x76\xF4" + "\xC5\x65\xCC\xA8\x23\x07\xDD\x9E\xF7\x6D\xA5\xB7\xC4\xEB\x7E\x08" + "\x51\x72\xE3\x28\x80\x7C\x02\xD0\x11\xFF\xBF\x33\x78\x53\x78\xD7" + "\x9D\xC2\x66\xF6\xA5\xBE\x6B\xB0\xE4\xA9\x2E\xCE\xEB\xAE\xB1", + .hash = "\x94\x68\x9E\xA9\xF3\x47\xDD\xA8\xDD\x79\x8A\x85\x86\x05\x86\x87" + "\x43\xC6\xBD\x03\xA6\xA6\x5C\x60\x85\xD5\x2B\xED" +}; + +/** + * SHA-3_256 vectors from "https://github.com/gvanas/KeccakCodePackage/" + */ +hasher_test_vector_t sha3_256_0 = { + .alg = HASH_SHA3_256, .len = 0, + .data = "", + .hash = "\xA7\xFF\xC6\xF8\xBF\x1E\xD7\x66\x51\xC1\x47\x56\xA0\x61\xD6\x62" + "\xF5\x80\xFF\x4D\xE4\x3B\x49\xFA\x82\xD8\x0A\x4B\x80\xF8\x43\x4A" +}; + +hasher_test_vector_t sha3_256_1 = { + .alg = HASH_SHA3_256, .len = 1, + .data = "\xCC", + .hash = "\x67\x70\x35\x39\x1C\xD3\x70\x12\x93\xD3\x85\xF0\x37\xBA\x32\x79" + "\x62\x52\xBB\x7C\xE1\x80\xB0\x0B\x58\x2D\xD9\xB2\x0A\xAA\xD7\xF0" +}; + +hasher_test_vector_t sha3_256_2 = { + .alg = HASH_SHA3_256, .len = 2, + .data = "\x41\xFB", + .hash = "\x39\xF3\x1B\x6E\x65\x3D\xFC\xD9\xCA\xED\x26\x02\xFD\x87\xF6\x1B" + "\x62\x54\xF5\x81\x31\x2F\xB6\xEE\xEC\x4D\x71\x48\xFA\x2E\x72\xAA" +}; + +hasher_test_vector_t sha3_256_135 = { + .alg = HASH_SHA3_256, .len = 135, + .data = "\xB7\x71\xD5\xCE\xF5\xD1\xA4\x1A\x93\xD1\x56\x43\xD7\x18\x1D\x2A" + "\x2E\xF0\xA8\xE8\x4D\x91\x81\x2F\x20\xED\x21\xF1\x47\xBE\xF7\x32" + "\xBF\x3A\x60\xEF\x40\x67\xC3\x73\x4B\x85\xBC\x8C\xD4\x71\x78\x0F" + "\x10\xDC\x9E\x82\x91\xB5\x83\x39\xA6\x77\xB9\x60\x21\x8F\x71\xE7" + "\x93\xF2\x79\x7A\xEA\x34\x94\x06\x51\x28\x29\x06\x5D\x37\xBB\x55" + "\xEA\x79\x6F\xA4\xF5\x6F\xD8\x89\x6B\x49\xB2\xCD\x19\xB4\x32\x15" + "\xAD\x96\x7C\x71\x2B\x24\xE5\x03\x2D\x06\x52\x32\xE0\x2C\x12\x74" + "\x09\xD2\xED\x41\x46\xB9\xD7\x5D\x76\x3D\x52\xDB\x98\xD9\x49\xD3" + "\xB0\xFE\xD6\xA8\x05\x2F\xBB", + .hash = "\xA1\x9E\xEE\x92\xBB\x20\x97\xB6\x4E\x82\x3D\x59\x77\x98\xAA\x18" + "\xBE\x9B\x7C\x73\x6B\x80\x59\xAB\xFD\x67\x79\xAC\x35\xAC\x81\xB5" +}; + +hasher_test_vector_t sha3_256_136 = { + .alg = HASH_SHA3_256, .len = 136, + .data = "\xB3\x2D\x95\xB0\xB9\xAA\xD2\xA8\x81\x6D\xE6\xD0\x6D\x1F\x86\x00" + "\x85\x05\xBD\x8C\x14\x12\x4F\x6E\x9A\x16\x3B\x5A\x2A\xDE\x55\xF8" + "\x35\xD0\xEC\x38\x80\xEF\x50\x70\x0D\x3B\x25\xE4\x2C\xC0\xAF\x05" + "\x0C\xCD\x1B\xE5\xE5\x55\xB2\x30\x87\xE0\x4D\x7B\xF9\x81\x36\x22" + "\x78\x0C\x73\x13\xA1\x95\x4F\x87\x40\xB6\xEE\x2D\x3F\x71\xF7\x68" + "\xDD\x41\x7F\x52\x04\x82\xBD\x3A\x08\xD4\xF2\x22\xB4\xEE\x9D\xBD" + "\x01\x54\x47\xB3\x35\x07\xDD\x50\xF3\xAB\x42\x47\xC5\xDE\x9A\x8A" + "\xBD\x62\xA8\xDE\xCE\xA0\x1E\x3B\x87\xC8\xB9\x27\xF5\xB0\x8B\xEB" + "\x37\x67\x4C\x6F\x8E\x38\x0C\x04", + .hash = "\xDF\x67\x3F\x41\x05\x37\x9F\xF6\xB7\x55\xEE\xAB\x20\xCE\xB0\xDC" + "\x77\xB5\x28\x63\x64\xFE\x16\xC5\x9C\xC8\xA9\x07\xAF\xF0\x77\x32" +}; + +hasher_test_vector_t sha3_256_255 = { + .alg = HASH_SHA3_256, .len = 255, + .data = "\x3A\x3A\x81\x9C\x48\xEF\xDE\x2A\xD9\x14\xFB\xF0\x0E\x18\xAB\x6B" + "\xC4\xF1\x45\x13\xAB\x27\xD0\xC1\x78\xA1\x88\xB6\x14\x31\xE7\xF5" + "\x62\x3C\xB6\x6B\x23\x34\x67\x75\xD3\x86\xB5\x0E\x98\x2C\x49\x3A" + "\xDB\xBF\xC5\x4B\x9A\x3C\xD3\x83\x38\x23\x36\xA1\xA0\xB2\x15\x0A" + "\x15\x35\x8F\x33\x6D\x03\xAE\x18\xF6\x66\xC7\x57\x3D\x55\xC4\xFD" + "\x18\x1C\x29\xE6\xCC\xFD\xE6\x3E\xA3\x5F\x0A\xDF\x58\x85\xCF\xC0" + "\xA3\xD8\x4A\x2B\x2E\x4D\xD2\x44\x96\xDB\x78\x9E\x66\x31\x70\xCE" + "\xF7\x47\x98\xAA\x1B\xBC\xD4\x57\x4E\xA0\xBB\xA4\x04\x89\xD7\x64" + "\xB2\xF8\x3A\xAD\xC6\x6B\x14\x8B\x4A\x0C\xD9\x52\x46\xC1\x27\xD5" + "\x87\x1C\x4F\x11\x41\x86\x90\xA5\xDD\xF0\x12\x46\xA0\xC8\x0A\x43" + "\xC7\x00\x88\xB6\x18\x36\x39\xDC\xFD\xA4\x12\x5B\xD1\x13\xA8\xF4" + "\x9E\xE2\x3E\xD3\x06\xFA\xAC\x57\x6C\x3F\xB0\xC1\xE2\x56\x67\x1D" + "\x81\x7F\xC2\x53\x4A\x52\xF5\xB4\x39\xF7\x2E\x42\x4D\xE3\x76\xF4" + "\xC5\x65\xCC\xA8\x23\x07\xDD\x9E\xF7\x6D\xA5\xB7\xC4\xEB\x7E\x08" + "\x51\x72\xE3\x28\x80\x7C\x02\xD0\x11\xFF\xBF\x33\x78\x53\x78\xD7" + "\x9D\xC2\x66\xF6\xA5\xBE\x6B\xB0\xE4\xA9\x2E\xCE\xEB\xAE\xB1", + .hash = "\xC1\x1F\x35\x22\xA8\xFB\x7B\x35\x32\xD8\x0B\x6D\x40\x02\x3A\x92" + "\xB4\x89\xAD\xDA\xD9\x3B\xF5\xD6\x4B\x23\xF3\x5E\x96\x63\x52\x1C" +}; + +/** + * SHA-3_384 vectors from "https://github.com/gvanas/KeccakCodePackage/" + */ +hasher_test_vector_t sha3_384_0 = { + .alg = HASH_SHA3_384, .len = 0, + .data = "", + .hash = "\x0C\x63\xA7\x5B\x84\x5E\x4F\x7D\x01\x10\x7D\x85\x2E\x4C\x24\x85" + "\xC5\x1A\x50\xAA\xAA\x94\xFC\x61\x99\x5E\x71\xBB\xEE\x98\x3A\x2A" + "\xC3\x71\x38\x31\x26\x4A\xDB\x47\xFB\x6B\xD1\xE0\x58\xD5\xF0\x04" +}; + +hasher_test_vector_t sha3_384_1 = { + .alg = HASH_SHA3_384, .len = 1, + .data = "\xCC", + .hash = "\x5E\xE7\xF3\x74\x97\x3C\xD4\xBB\x3D\xC4\x1E\x30\x81\x34\x67\x98" + "\x49\x7F\xF6\xE3\x6C\xB9\x35\x22\x81\xDF\xE0\x7D\x07\xFC\x53\x0C" + "\xA9\xAD\x8E\xF7\xAA\xD5\x6E\xF5\xD4\x1B\xE8\x3D\x5E\x54\x38\x07" +}; + +hasher_test_vector_t sha3_384_2 = { + .alg = HASH_SHA3_384, .len = 2, + .data = "\x41\xFB", + .hash = "\x1D\xD8\x16\x09\xDC\xC2\x90\xEF\xFD\x7A\xC0\xA9\x5D\x4A\x20\x82" + "\x15\x80\xE5\x6B\xD5\x0D\xBD\x84\x39\x20\x65\x0B\xE7\xA8\x0A\x17" + "\x19\x57\x7D\xA3\x37\xCF\xDF\x86\xE5\x1C\x76\x4C\xAA\x2E\x10\xBD" +}; + +hasher_test_vector_t sha3_384_103 = { + .alg = HASH_SHA3_384, .len = 103, + .data = "\xF1\x3C\x97\x2C\x52\xCB\x3C\xC4\xA4\xDF\x28\xC9\x7F\x2D\xF1\x1C" + "\xE0\x89\xB8\x15\x46\x6B\xE8\x88\x63\x24\x3E\xB3\x18\xC2\xAD\xB1" + "\xA4\x17\xCB\x10\x41\x30\x85\x98\x54\x17\x20\x19\x7B\x9B\x1C\xB5" + "\xBA\x23\x18\xBD\x55\x74\xD1\xDF\x21\x74\xAF\x14\x88\x41\x49\xBA" + "\x9B\x2F\x44\x6D\x60\x9D\xF2\x40\xCE\x33\x55\x99\x95\x7B\x8E\xC8" + "\x08\x76\xD9\xA0\x85\xAE\x08\x49\x07\xBC\x59\x61\xB2\x0B\xF5\xF6" + "\xCA\x58\xD5\xDA\xB3\x8A\xDB", + .hash = "\x0A\x83\x4E\x11\x1B\x4E\x84\x0E\x78\x7C\x19\x74\x84\x65\xA4\x7D" + "\x88\xB3\xF0\xF3\xDA\xAF\x15\xDB\x25\x53\x6B\xDC\x60\x78\xFA\x9C" + "\x05\xE6\xC9\x53\x83\x02\x74\x22\x39\x68\x84\x7D\xA8\xBF\xD2\x0D" +}; + +hasher_test_vector_t sha3_384_104 = { + .alg = HASH_SHA3_384, .len = 104, + .data = "\xE3\x57\x80\xEB\x97\x99\xAD\x4C\x77\x53\x5D\x4D\xDB\x68\x3C\xF3" + "\x3E\xF3\x67\x71\x53\x27\xCF\x4C\x4A\x58\xED\x9C\xBD\xCD\xD4\x86" + "\xF6\x69\xF8\x01\x89\xD5\x49\xA9\x36\x4F\xA8\x2A\x51\xA5\x26\x54" + "\xEC\x72\x1B\xB3\xAA\xB9\x5D\xCE\xB4\xA8\x6A\x6A\xFA\x93\x82\x6D" + "\xB9\x23\x51\x7E\x92\x8F\x33\xE3\xFB\xA8\x50\xD4\x56\x60\xEF\x83" + "\xB9\x87\x6A\xCC\xAF\xA2\xA9\x98\x7A\x25\x4B\x13\x7C\x6E\x14\x0A" + "\x21\x69\x1E\x10\x69\x41\x38\x48", + .hash = "\xD1\xC0\xFA\x85\xC8\xD1\x83\xBE\xFF\x99\xAD\x9D\x75\x2B\x26\x3E" + "\x28\x6B\x47\x7F\x79\xF0\x71\x0B\x01\x03\x17\x01\x73\x97\x81\x33" + "\x44\xB9\x9D\xAF\x3B\xB7\xB1\xBC\x5E\x8D\x72\x2B\xAC\x85\x94\x3A" +}; + +hasher_test_vector_t sha3_384_255 = { + .alg = HASH_SHA3_384, .len = 255, + .data = "\x3A\x3A\x81\x9C\x48\xEF\xDE\x2A\xD9\x14\xFB\xF0\x0E\x18\xAB\x6B" + "\xC4\xF1\x45\x13\xAB\x27\xD0\xC1\x78\xA1\x88\xB6\x14\x31\xE7\xF5" + "\x62\x3C\xB6\x6B\x23\x34\x67\x75\xD3\x86\xB5\x0E\x98\x2C\x49\x3A" + "\xDB\xBF\xC5\x4B\x9A\x3C\xD3\x83\x38\x23\x36\xA1\xA0\xB2\x15\x0A" + "\x15\x35\x8F\x33\x6D\x03\xAE\x18\xF6\x66\xC7\x57\x3D\x55\xC4\xFD" + "\x18\x1C\x29\xE6\xCC\xFD\xE6\x3E\xA3\x5F\x0A\xDF\x58\x85\xCF\xC0" + "\xA3\xD8\x4A\x2B\x2E\x4D\xD2\x44\x96\xDB\x78\x9E\x66\x31\x70\xCE" + "\xF7\x47\x98\xAA\x1B\xBC\xD4\x57\x4E\xA0\xBB\xA4\x04\x89\xD7\x64" + "\xB2\xF8\x3A\xAD\xC6\x6B\x14\x8B\x4A\x0C\xD9\x52\x46\xC1\x27\xD5" + "\x87\x1C\x4F\x11\x41\x86\x90\xA5\xDD\xF0\x12\x46\xA0\xC8\x0A\x43" + "\xC7\x00\x88\xB6\x18\x36\x39\xDC\xFD\xA4\x12\x5B\xD1\x13\xA8\xF4" + "\x9E\xE2\x3E\xD3\x06\xFA\xAC\x57\x6C\x3F\xB0\xC1\xE2\x56\x67\x1D" + "\x81\x7F\xC2\x53\x4A\x52\xF5\xB4\x39\xF7\x2E\x42\x4D\xE3\x76\xF4" + "\xC5\x65\xCC\xA8\x23\x07\xDD\x9E\xF7\x6D\xA5\xB7\xC4\xEB\x7E\x08" + "\x51\x72\xE3\x28\x80\x7C\x02\xD0\x11\xFF\xBF\x33\x78\x53\x78\xD7" + "\x9D\xC2\x66\xF6\xA5\xBE\x6B\xB0\xE4\xA9\x2E\xCE\xEB\xAE\xB1", + .hash = "\x12\x8D\xC6\x11\x76\x2B\xE9\xB1\x35\xB3\x73\x94\x84\xCF\xAA\xDC" + "\xA7\x48\x1D\x68\x51\x4F\x3D\xFD\x6F\x5D\x78\xBB\x18\x63\xAE\x68" + "\x13\x08\x35\xCD\xC7\x06\x1A\x7E\xD9\x64\xB3\x2F\x1D\xB7\x5E\xE1" +}; + +/** + * SHA-3_512 vectors from "https://github.com/gvanas/KeccakCodePackage/" + */ +hasher_test_vector_t sha3_512_0 = { + .alg = HASH_SHA3_512, .len = 0, + .data = "", + .hash = "\xA6\x9F\x73\xCC\xA2\x3A\x9A\xC5\xC8\xB5\x67\xDC\x18\x5A\x75\x6E" + "\x97\xC9\x82\x16\x4F\xE2\x58\x59\xE0\xD1\xDC\xC1\x47\x5C\x80\xA6" + "\x15\xB2\x12\x3A\xF1\xF5\xF9\x4C\x11\xE3\xE9\x40\x2C\x3A\xC5\x58" + "\xF5\x00\x19\x9D\x95\xB6\xD3\xE3\x01\x75\x85\x86\x28\x1D\xCD\x26" +}; + +hasher_test_vector_t sha3_512_1 = { + .alg = HASH_SHA3_512, .len = 1, + .data = "\xCC", + .hash = "\x39\x39\xFC\xC8\xB5\x7B\x63\x61\x25\x42\xDA\x31\xA8\x34\xE5\xDC" + "\xC3\x6E\x2E\xE0\xF6\x52\xAC\x72\xE0\x26\x24\xFA\x2E\x5A\xDE\xEC" + "\xC7\xDD\x6B\xB3\x58\x02\x24\xB4\xD6\x13\x87\x06\xFC\x6E\x80\x59" + "\x7B\x52\x80\x51\x23\x0B\x00\x62\x1C\xC2\xB2\x29\x99\xEA\xA2\x05" +}; + +hasher_test_vector_t sha3_512_2 = { + .alg = HASH_SHA3_512, .len = 2, + .data = "\x41\xFB", + .hash = "\xAA\x09\x28\x65\xA4\x06\x94\xD9\x17\x54\xDB\xC7\x67\xB5\x20\x2C" + "\x54\x6E\x22\x68\x77\x14\x7A\x95\xCB\x8B\x4C\x8F\x87\x09\xFE\x8C" + "\xD6\x90\x52\x56\xB0\x89\xDA\x37\x89\x6E\xA5\xCA\x19\xD2\xCD\x9A" + "\xB9\x4C\x71\x92\xFC\x39\xF7\xCD\x4D\x59\x89\x75\xA3\x01\x3C\x69" +}; + +hasher_test_vector_t sha3_512_71 = { + .alg = HASH_SHA3_512, .len = 71, + .data = "\x13\xBD\x28\x11\xF6\xED\x2B\x6F\x04\xFF\x38\x95\xAC\xEE\xD7\xBE" + "\xF8\xDC\xD4\x5E\xB1\x21\x79\x1B\xC1\x94\xA0\xF8\x06\x20\x6B\xFF" + "\xC3\xB9\x28\x1C\x2B\x30\x8B\x1A\x72\x9C\xE0\x08\x11\x9D\xD3\x06" + "\x6E\x93\x78\xAC\xDC\xC5\x0A\x98\xA8\x2E\x20\x73\x88\x00\xB6\xCD" + "\xDB\xE5\xFE\x96\x94\xAD\x6D", + .hash = "\xDE\xF4\xAB\x6C\xDA\x88\x39\x72\x9A\x03\xE0\x00\x84\x66\x04\xB1" + "\x7F\x03\xC5\xD5\xD7\xEC\x23\xC4\x83\x67\x0A\x13\xE1\x15\x73\xC1" + "\xE9\x34\x7A\x63\xEC\x69\xA5\xAB\xB2\x13\x05\xF9\x38\x2E\xCD\xAA" + "\xAB\xC6\x85\x0F\x92\x84\x0E\x86\xF8\x8F\x4D\xAB\xFC\xD9\x3C\xC0" +}; + +hasher_test_vector_t sha3_512_72 = { + .alg = HASH_SHA3_512, .len = 72, + .data = "\x1E\xED\x9C\xBA\x17\x9A\x00\x9E\xC2\xEC\x55\x08\x77\x3D\xD3\x05" + "\x47\x7C\xA1\x17\xE6\xD5\x69\xE6\x6B\x5F\x64\xC6\xBC\x64\x80\x1C" + "\xE2\x5A\x84\x24\xCE\x4A\x26\xD5\x75\xB8\xA6\xFB\x10\xEA\xD3\xFD" + "\x19\x92\xED\xDD\xEE\xC2\xEB\xE7\x15\x0D\xC9\x8F\x63\xAD\xC3\x23" + "\x7E\xF5\x7B\x91\x39\x7A\xA8\xA7", + .hash = "\xA3\xE1\x68\xB0\xD6\xC1\x43\xEE\x9E\x17\xEA\xE9\x29\x30\xB9\x7E" + "\x66\x00\x35\x6B\x73\xAE\xBB\x5D\x68\x00\x5D\xD1\xD0\x74\x94\x45" + "\x1A\x37\x05\x2F\x7B\x39\xFF\x03\x0C\x1A\xE1\xD7\xEF\xC4\xE0\xC3" + "\x66\x7E\xB7\xA7\x6C\x62\x7E\xC1\x43\x54\xC4\xF6\xA7\x96\xE2\xC6" +}; + +hasher_test_vector_t sha3_512_255 = { + .alg = HASH_SHA3_512, .len = 255, + .data = "\x3A\x3A\x81\x9C\x48\xEF\xDE\x2A\xD9\x14\xFB\xF0\x0E\x18\xAB\x6B" + "\xC4\xF1\x45\x13\xAB\x27\xD0\xC1\x78\xA1\x88\xB6\x14\x31\xE7\xF5" + "\x62\x3C\xB6\x6B\x23\x34\x67\x75\xD3\x86\xB5\x0E\x98\x2C\x49\x3A" + "\xDB\xBF\xC5\x4B\x9A\x3C\xD3\x83\x38\x23\x36\xA1\xA0\xB2\x15\x0A" + "\x15\x35\x8F\x33\x6D\x03\xAE\x18\xF6\x66\xC7\x57\x3D\x55\xC4\xFD" + "\x18\x1C\x29\xE6\xCC\xFD\xE6\x3E\xA3\x5F\x0A\xDF\x58\x85\xCF\xC0" + "\xA3\xD8\x4A\x2B\x2E\x4D\xD2\x44\x96\xDB\x78\x9E\x66\x31\x70\xCE" + "\xF7\x47\x98\xAA\x1B\xBC\xD4\x57\x4E\xA0\xBB\xA4\x04\x89\xD7\x64" + "\xB2\xF8\x3A\xAD\xC6\x6B\x14\x8B\x4A\x0C\xD9\x52\x46\xC1\x27\xD5" + "\x87\x1C\x4F\x11\x41\x86\x90\xA5\xDD\xF0\x12\x46\xA0\xC8\x0A\x43" + "\xC7\x00\x88\xB6\x18\x36\x39\xDC\xFD\xA4\x12\x5B\xD1\x13\xA8\xF4" + "\x9E\xE2\x3E\xD3\x06\xFA\xAC\x57\x6C\x3F\xB0\xC1\xE2\x56\x67\x1D" + "\x81\x7F\xC2\x53\x4A\x52\xF5\xB4\x39\xF7\x2E\x42\x4D\xE3\x76\xF4" + "\xC5\x65\xCC\xA8\x23\x07\xDD\x9E\xF7\x6D\xA5\xB7\xC4\xEB\x7E\x08" + "\x51\x72\xE3\x28\x80\x7C\x02\xD0\x11\xFF\xBF\x33\x78\x53\x78\xD7" + "\x9D\xC2\x66\xF6\xA5\xBE\x6B\xB0\xE4\xA9\x2E\xCE\xEB\xAE\xB1", + .hash = "\x6E\x8B\x8B\xD1\x95\xBD\xD5\x60\x68\x9A\xF2\x34\x8B\xDC\x74\xAB" + "\x7C\xD0\x5E\xD8\xB9\xA5\x77\x11\xE9\xBE\x71\xE9\x72\x6F\xDA\x45" + "\x91\xFE\xE1\x22\x05\xED\xAC\xAF\x82\xFF\xBB\xAF\x16\xDF\xF9\xE7" + "\x02\xA7\x08\x86\x20\x80\x16\x6C\x2F\xF6\xBA\x37\x9B\xC7\xFF\xC2" +}; + diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index eb5b01986..e32f8eefe 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -266,8 +266,8 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, scheme = SIGN_ECDSA_WITH_SHA1_DER; break; case KEY_BLISS: - oid = OID_BLISS_WITH_SHA512; - scheme = SIGN_BLISS_WITH_SHA512; + oid = OID_BLISS_WITH_SHA2_512; + scheme = SIGN_BLISS_WITH_SHA2_512; break; default: DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not " diff --git a/src/libstrongswan/selectors/traffic_selector.c b/src/libstrongswan/selectors/traffic_selector.c index 668632459..a6298b394 100644 --- a/src/libstrongswan/selectors/traffic_selector.c +++ b/src/libstrongswan/selectors/traffic_selector.c @@ -219,9 +219,8 @@ int traffic_selector_printf_hook(printf_hook_data_t *data, enumerator_t *enumerator; char from_str[INET6_ADDRSTRLEN] = ""; char to_str[INET6_ADDRSTRLEN] = ""; - char *serv_proto = NULL; - bool has_proto; - bool has_ports; + char *serv_proto = NULL, *sep = ""; + bool has_proto, has_ports; size_t written = 0; u_int32_t from[4], to[4]; @@ -235,8 +234,8 @@ int traffic_selector_printf_hook(printf_hook_data_t *data, enumerator = list->create_enumerator(list); while (enumerator->enumerate(enumerator, (void**)&this)) { - /* call recursivly */ - written += print_in_hook(data, "%R ", this); + written += print_in_hook(data, "%s%R", sep, this); + sep = " "; } enumerator->destroy(enumerator); return written; diff --git a/src/libstrongswan/settings/settings.c b/src/libstrongswan/settings/settings.c index 305ebe620..56cc2f19b 100644 --- a/src/libstrongswan/settings/settings.c +++ b/src/libstrongswan/settings/settings.c @@ -537,6 +537,31 @@ METHOD(settings_t, get_int, int, return settings_value_as_int(value, def); } +/** + * Described in header + */ +inline u_int64_t settings_value_as_uint64(char *value, u_int64_t def) +{ + u_int64_t intval; + char *end; + int base = 10; + + if (value) + { + errno = 0; + if (value[0] == '0' && value[1] == 'x') + { /* manually detect 0x prefix as we want to avoid octal encoding */ + base = 16; + } + intval = strtoull(value, &end, base); + if (errno == 0 && *end == 0 && end != value) + { + return intval; + } + } + return def; +} + /** * Described in header */ diff --git a/src/libstrongswan/settings/settings.h b/src/libstrongswan/settings/settings.h index 4ef80d0f6..a133a3681 100644 --- a/src/libstrongswan/settings/settings.h +++ b/src/libstrongswan/settings/settings.h @@ -50,6 +50,15 @@ bool settings_value_as_bool(char *value, bool def); */ int settings_value_as_int(char *value, int def); +/** + * Convert a string value returned by a key/value enumerator to an u_int64_t. + * + * @see settings_t.create_key_value_enumerator() + * @param value the string value + * @param def the default value, if value is NULL or invalid + */ +u_int64_t settings_value_as_uint64(char *value, u_int64_t def); + /** * Convert a string value returned by a key/value enumerator to a double. * diff --git a/src/libstrongswan/tests/suites/test_hasher.c b/src/libstrongswan/tests/suites/test_hasher.c index 14cc32122..067abf0d9 100644 --- a/src/libstrongswan/tests/suites/test_hasher.c +++ b/src/libstrongswan/tests/suites/test_hasher.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013 Andreas Steffen + * Copyright (C) 2013-2015 Andreas Steffen * HSR Hochschule fuer Technik Rapperswil * * This program is free software; you can redistribute it and/or modify it @@ -28,30 +28,38 @@ typedef struct { }hasher_oid_t; static hasher_oid_t oids[] = { - { OID_MD2, HASH_MD2, KEY_ANY }, - { OID_MD5, HASH_MD5, KEY_ANY }, - { OID_SHA1, HASH_SHA1, KEY_ANY }, - { OID_SHA224, HASH_SHA224, KEY_ANY }, - { OID_SHA256, HASH_SHA256, KEY_ANY }, - { OID_SHA384, HASH_SHA384, KEY_ANY }, - { OID_SHA512, HASH_SHA512, KEY_ANY }, - { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, - { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, - { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, - { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, - { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, - { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, - { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, - { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, - { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, - { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, - { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, - { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, - { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, - { OID_BLISS_WITH_SHA256, HASH_SHA256, KEY_BLISS }, - { OID_BLISS_WITH_SHA384, HASH_SHA384, KEY_BLISS }, - { OID_BLISS_WITH_SHA512, HASH_SHA512, KEY_BLISS }, - { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA } + { OID_MD2, HASH_MD2, KEY_ANY }, /* 0 */ + { OID_MD5, HASH_MD5, KEY_ANY }, /* 1 */ + { OID_SHA1, HASH_SHA1, KEY_ANY }, /* 2 */ + { OID_SHA224, HASH_SHA224, KEY_ANY }, /* 3 */ + { OID_SHA256, HASH_SHA256, KEY_ANY }, /* 4 */ + { OID_SHA384, HASH_SHA384, KEY_ANY }, /* 5 */ + { OID_SHA512, HASH_SHA512, KEY_ANY }, /* 6 */ + { OID_SHA3_224, HASH_SHA3_224, KEY_ANY }, /* 7 */ + { OID_SHA3_256, HASH_SHA3_256, KEY_ANY }, /* 8 */ + { OID_SHA3_384, HASH_SHA3_384, KEY_ANY }, /* 9 */ + { OID_SHA3_512, HASH_SHA3_512, KEY_ANY }, /* 10 */ + { OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY }, /* 11 */ + { OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA }, /* 12 */ + { OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA }, /* 13 */ + { OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA }, /* 14 */ + { OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA }, /* 15 */ + { OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA }, /* 16 */ + { OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA }, /* 17 */ + { OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA }, /* 18 */ + { OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA }, /* 19 */ + { OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA }, /* 20 */ + { OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA }, /* 21 */ + { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 22 */ + { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 23 */ + { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 24 */ + { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 25 */ + { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 26 */ + { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 27 */ + { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 28 */ + { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 29 */ + { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 30 */ + { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS } /* 31 */ }; START_TEST(test_hasher_from_oid) @@ -73,6 +81,44 @@ START_TEST(test_hasher_sig_to_oid) } END_TEST +typedef struct { + signature_scheme_t scheme; + hash_algorithm_t alg; +}hasher_sig_scheme_t; + +static hasher_sig_scheme_t sig_schemes[] = { + { SIGN_UNKNOWN, HASH_UNKNOWN }, + { SIGN_RSA_EMSA_PKCS1_NULL, HASH_UNKNOWN }, + { SIGN_RSA_EMSA_PKCS1_MD5, HASH_MD5 }, + { SIGN_RSA_EMSA_PKCS1_SHA1, HASH_SHA1 }, + { SIGN_RSA_EMSA_PKCS1_SHA224, HASH_SHA224 }, + { SIGN_RSA_EMSA_PKCS1_SHA256, HASH_SHA256 }, + { SIGN_RSA_EMSA_PKCS1_SHA384, HASH_SHA384 }, + { SIGN_RSA_EMSA_PKCS1_SHA512, HASH_SHA512 }, + { SIGN_ECDSA_WITH_SHA1_DER, HASH_SHA1 }, + { SIGN_ECDSA_WITH_SHA256_DER, HASH_SHA256 }, + { SIGN_ECDSA_WITH_SHA384_DER, HASH_SHA384 }, + { SIGN_ECDSA_WITH_SHA512_DER, HASH_SHA512 }, + { SIGN_ECDSA_WITH_NULL, HASH_UNKNOWN }, + { SIGN_ECDSA_256, HASH_SHA256 }, + { SIGN_ECDSA_384, HASH_SHA384 }, + { SIGN_ECDSA_521, HASH_SHA512 }, + { SIGN_BLISS_WITH_SHA2_256, HASH_SHA256 }, + { SIGN_BLISS_WITH_SHA2_384, HASH_SHA384 }, + { SIGN_BLISS_WITH_SHA2_512, HASH_SHA512 }, + { SIGN_BLISS_WITH_SHA3_256, HASH_SHA3_256 }, + { SIGN_BLISS_WITH_SHA3_384, HASH_SHA3_384 }, + { SIGN_BLISS_WITH_SHA3_512, HASH_SHA3_512 }, + { 30, HASH_UNKNOWN } +}; + +START_TEST(test_hasher_from_sig_scheme) +{ + ck_assert(hasher_from_signature_scheme(sig_schemes[_i].scheme) == + sig_schemes[_i].alg); +} +END_TEST + typedef struct { pseudo_random_function_t prf; hash_algorithm_t alg; @@ -157,6 +203,35 @@ START_TEST(test_hasher_to_integrity) } END_TEST + +typedef struct { + hash_algorithm_t alg; + bool ikev2; +}hasher_ikev2_t; + +static hasher_ikev2_t ikev2[] = { + { HASH_SHA1, TRUE }, + { HASH_SHA256, TRUE }, + { HASH_SHA384, TRUE }, + { HASH_SHA512, TRUE }, + { HASH_UNKNOWN, FALSE }, + { HASH_MD2, FALSE }, + { HASH_MD4, FALSE }, + { HASH_MD5, FALSE }, + { HASH_SHA224, FALSE }, + { HASH_SHA3_224, FALSE }, + { HASH_SHA3_256, FALSE }, + { HASH_SHA3_384, FALSE }, + { HASH_SHA3_512, FALSE }, + { 30, FALSE } +}; + +START_TEST(test_hasher_for_ikev2) +{ + ck_assert(hasher_algorithm_for_ikev2(ikev2[_i].alg) == ikev2[_i].ikev2); +} +END_TEST + Suite *hasher_suite_create() { Suite *s; @@ -169,11 +244,15 @@ Suite *hasher_suite_create() suite_add_tcase(s, tc); tc = tcase_create("to_oid"); - tcase_add_loop_test(tc, test_hasher_to_oid, 0, 8); + tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12); suite_add_tcase(s, tc); tc = tcase_create("sig_to_oid"); - tcase_add_loop_test(tc, test_hasher_sig_to_oid, 7, countof(oids)); + tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids)); + suite_add_tcase(s, tc); + + tc = tcase_create("from_sig_scheme"); + tcase_add_loop_test(tc, test_hasher_from_sig_scheme, 0, countof(sig_schemes)); suite_add_tcase(s, tc); tc = tcase_create("from_prf"); @@ -188,5 +267,9 @@ Suite *hasher_suite_create() tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17); suite_add_tcase(s, tc); + tc = tcase_create("for_ikev2"); + tcase_add_loop_test(tc, test_hasher_for_ikev2, 0, countof(ikev2)); + suite_add_tcase(s, tc); + return s; } diff --git a/src/libstrongswan/tests/suites/test_identification.c b/src/libstrongswan/tests/suites/test_identification.c index ff14ba897..9554d2919 100644 --- a/src/libstrongswan/tests/suites/test_identification.c +++ b/src/libstrongswan/tests/suites/test_identification.c @@ -550,6 +550,7 @@ START_TEST(test_matches) a = identification_create_from_string("C=CH, E=moon@strongswan.org, CN=moon"); ck_assert(id_matches(a, "C=CH, E=moon@strongswan.org, CN=moon", ID_MATCH_PERFECT)); + ck_assert(id_matches(a, "C=CH, E=*@strongswan.org, CN=moon", ID_MATCH_NONE)); ck_assert(id_matches(a, "C=CH, E=*, CN=moon", ID_MATCH_ONE_WILDCARD)); ck_assert(id_matches(a, "C=CH, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 1)); ck_assert(id_matches(a, "C=*, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 2)); diff --git a/src/libstrongswan/tests/suites/test_settings.c b/src/libstrongswan/tests/suites/test_settings.c index bead9d795..5ddd0bb9a 100644 --- a/src/libstrongswan/tests/suites/test_settings.c +++ b/src/libstrongswan/tests/suites/test_settings.c @@ -317,6 +317,26 @@ START_TEST(test_set_int) } END_TEST +START_TEST(test_value_as_unit64) +{ + test_int_eq(1, settings_value_as_uint64(NULL, 1)); + test_int_eq(1, settings_value_as_uint64("", 1)); + test_int_eq(1, settings_value_as_uint64("2a", 1)); + test_int_eq(1, settings_value_as_uint64("a2", 1)); + test_int_eq(1, settings_value_as_uint64("2.0", 1)); + + test_int_eq(10, settings_value_as_uint64("10", 0)); + test_int_eq(10, settings_value_as_uint64("010", 0)); + test_int_eq(16, settings_value_as_uint64("0x010", 0)); + test_int_eq(0x2a, settings_value_as_uint64("0x2a", 0)); + + test_int_eq(0xffffffffffffffffLL, settings_value_as_uint64("0xffffffffffffffff", 0)); + test_int_eq(0xffffffff00000000LL, settings_value_as_uint64("0xffffffff00000000", 0)); + test_int_eq(0xffffffff00000000LL, settings_value_as_uint64("18446744069414584320", 0)); + test_int_eq(0xffffffff00000001LL, settings_value_as_uint64("18446744069414584321", 0)); +} +END_TEST + START_SETUP(setup_double_config) { create_settings(chunk_from_str( @@ -1158,6 +1178,10 @@ Suite *settings_suite_create() tcase_add_test(tc, test_set_int); suite_add_tcase(s, tc); + tc = tcase_create("settings_value_as_uint64"); + tcase_add_test(tc, test_value_as_unit64); + suite_add_tcase(s, tc); + tc = tcase_create("get/set_double"); tcase_add_checked_fixture(tc, setup_double_config, teardown_config); tcase_add_test(tc, test_get_double); diff --git a/src/libstrongswan/tests/suites/test_traffic_selector.c b/src/libstrongswan/tests/suites/test_traffic_selector.c index bec32d2d8..5c0fb754d 100644 --- a/src/libstrongswan/tests/suites/test_traffic_selector.c +++ b/src/libstrongswan/tests/suites/test_traffic_selector.c @@ -770,17 +770,17 @@ START_TEST(test_printf_hook_hash) list = linked_list_create_with_items( traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535), NULL); - verify_list("10.1.0.0/16 ", NULL, list); + verify_list("10.1.0.0/16", NULL, list); list = linked_list_create_with_items( traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535), traffic_selector_create_from_cidr("10.1.0.1/32", IPPROTO_UDP, 1234, 1235), NULL); - verify_list("10.1.0.0/16 10.1.0.1/32[udp/1234-1235] ", "10.1.0.0/16 10.1.0.1/32[17/1234-1235] ", list); + verify_list("10.1.0.0/16 10.1.0.1/32[udp/1234-1235]", "10.1.0.0/16 10.1.0.1/32[17/1234-1235]", list); list = linked_list_create_with_items( traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535), traffic_selector_create_from_string(IPPROTO_UDP, TS_IPV4_ADDR_RANGE, "10.1.0.1", 1234, "10.1.0.99", 1235), NULL); - verify_list("10.1.0.0/16 10.1.0.1..10.1.0.99[udp/1234-1235] ", "10.1.0.0/16 10.1.0.1..10.1.0.99[17/1234-1235] ", list); + verify_list("10.1.0.0/16 10.1.0.1..10.1.0.99[udp/1234-1235]", "10.1.0.0/16 10.1.0.1..10.1.0.99[17/1234-1235]", list); } END_TEST diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c index b38f2cb52..104b0b2c0 100644 --- a/src/libstrongswan/tests/suites/test_utils.c +++ b/src/libstrongswan/tests/suites/test_utils.c @@ -789,9 +789,9 @@ static struct { {KEY_ECDSA, 256, { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }}, {KEY_ECDSA, 384, { SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }}, {KEY_ECDSA, 512, { SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }}, - {KEY_BLISS, 128, { SIGN_BLISS_WITH_SHA256, SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }}, - {KEY_BLISS, 192, { SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }}, - {KEY_BLISS, 256, { SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }}, + {KEY_BLISS, 128, { SIGN_BLISS_WITH_SHA2_256, SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }}, + {KEY_BLISS, 192, { SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }}, + {KEY_BLISS, 256, { SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }}, }; START_TEST(test_signature_schemes_for_key) diff --git a/src/libstrongswan/utils/compat/android.h b/src/libstrongswan/utils/compat/android.h new file mode 100644 index 000000000..b3ea9c475 --- /dev/null +++ b/src/libstrongswan/utils/compat/android.h @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2010-2015 Tobias Brunner + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See . + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup android android + * @{ @ingroup compat + */ + +#ifndef ANDROID_H_ +#define ANDROID_H_ + +/* stuff defined in AndroidConfig.h, which is included using the -include + * command-line option, thus cannot be undefined using -U CFLAGS options. + * the reason we have to undefine these flags in the first place, is that + * AndroidConfig.h defines them as 0, which in turn means that they are + * actually defined. */ +#undef HAVE_BACKTRACE + +#endif /** ANDROID_H_ @}*/ diff --git a/src/libstrongswan/utils/compat/windows.h b/src/libstrongswan/utils/compat/windows.h index fd4f1f196..f7e6207a5 100644 --- a/src/libstrongswan/utils/compat/windows.h +++ b/src/libstrongswan/utils/compat/windows.h @@ -220,6 +220,11 @@ static inline int setenv(const char *name, const char *value, int overwrite) */ #define RTLD_LAZY 1 +/** + * Immediate binding, ignored on Windows + */ +#define RTLD_NOW 2 + /** * Default handle targeting .exe */ diff --git a/src/libstrongswan/utils/utils.c b/src/libstrongswan/utils/utils.c index b4a4db802..47d72ee98 100644 --- a/src/libstrongswan/utils/utils.c +++ b/src/libstrongswan/utils/utils.c @@ -20,6 +20,7 @@ #include #include #include +#include #ifndef WIN32 # include #endif @@ -117,17 +118,35 @@ void wait_sigint() void wait_sigint() { sigset_t set; - int sig; sigemptyset(&set); sigaddset(&set, SIGINT); sigaddset(&set, SIGTERM); sigprocmask(SIG_BLOCK, &set, NULL); - sigwait(&set, &sig); + sigwaitinfo(&set, NULL); } -#endif +#ifndef HAVE_SIGWAITINFO +int sigwaitinfo(const sigset_t *set, void *info) +{ + int sig, err; + + if (info) + { /* we don't replicate siginfo_t, fail if anybody tries to use it */ + errno = EINVAL; + return -1; + } + err = sigwait(set, &sig); + if (err != 0) + { + errno = err; + sig = -1; + } + return sig; +} +#endif /* HAVE_SIGWAITINFO */ +#endif /* WIN32 */ #ifndef HAVE_CLOSEFROM /** diff --git a/src/libstrongswan/utils/utils.h b/src/libstrongswan/utils/utils.h index acc15c42a..18b17b120 100644 --- a/src/libstrongswan/utils/utils.h +++ b/src/libstrongswan/utils/utils.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2008-2014 Tobias Brunner + * Copyright (C) 2008-2015 Tobias Brunner * Copyright (C) 2008 Martin Willi * Hochschule fuer Technik Rapperswil * @@ -38,6 +38,7 @@ # include # include # include +# include #endif #include "utils/types.h" @@ -56,6 +57,9 @@ #ifdef __APPLE__ # include "compat/apple.h" #endif +#ifdef __ANDROID__ +# include "compat/android.h" +#endif /** * Initialize utility functions @@ -148,6 +152,19 @@ void utils_deinit(); */ #define ignore_result(call) { if(call){}; } +#if !defined(HAVE_SIGWAITINFO) && !defined(WIN32) +/** + * Block and wait for a set of signals + * + * We don't replicate the functionality of siginfo_t. If info is not NULL + * -1 is returend and errno is set to EINVAL. + * + * @param set set of signals to wait for + * @param info must be NULL + */ +int sigwaitinfo(const sigset_t *set, void *info); +#endif + /** * Portable function to wait for SIGINT/SIGTERM (or equivalent). */ -- cgit v1.2.3