hooray, pluto and scepclient do not depend on libgmp anymore

2009-06-07 19:48:46 +02:00 · 2009-06-07 19:48:46 +02:00 · 23d7e76788
parent 4ca4efb28f
commit 23d7e76788
10 changed files with 26 additions and 144 deletions
--- a/src/pluto/Makefile.am
+++ b/src/pluto/Makefile.am
@ -33,7 +33,6 @@ keys.c keys.h \
 lex.c lex.h \
 log.c log.h \
 modecfg.c modecfg.h \
-mp_defs.c mp_defs.h \
 nat_traversal.c nat_traversal.h \
 ocsp.c ocsp.h \
 packet.c packet.h \
@ -82,7 +81,7 @@ AM_CFLAGS = \
 pluto_LDADD = \
 $(LIBSTRONGSWANDIR)/libstrongswan.la \
 $(LIBFREESWANDIR)/libfreeswan.a \
-lgmp -lresolv -lpthread $(DLLIB)
+-lresolv -lpthread $(DLLIB)

 _pluto_adns_LDADD = \
 $(LIBFREESWANDIR)/libfreeswan.a \
--- a/src/pluto/ipsec_doi.c
+++ b/src/pluto/ipsec_doi.c
@ -39,7 +39,6 @@

 #include "constants.h"
 #include "defs.h"
-#include "mp_defs.h"
 #include "state.h"
 #include "id.h"
 #include "x509.h"
--- a/src/pluto/keys.c
+++ b/src/pluto/keys.c
@ -38,7 +38,6 @@

 #include "constants.h"
 #include "defs.h"
-#include "mp_defs.h"
 #include "id.h"
 #include "x509.h"
 #include "pgpcert.h"
--- a/src/pluto/mp_defs.c
+++ b/src/pluto/mp_defs.c
@ -1,85 +0,0 @@
-/* some multiprecision utilities
- * Copyright (C) 1998-2001  D. Hugh Redelmeier.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <freeswan.h>
-
-#include <utils.h>
-#include <asn1/asn1.h>
-
-#include "constants.h"
-#include "defs.h"
-#include "mp_defs.h"
-#include "log.h"
-
-/* Convert MP_INT to network form (binary octets, big-endian).
- * We do the malloc; caller must eventually do free.
- */
-chunk_t
-mpz_to_n(const MP_INT *mp, size_t bytes)
-{
-	chunk_t r;
-	MP_INT temp1, temp2;
-	int i;
-
-	r.len = bytes;
-	r.ptr = malloc(r.len);
-
-	mpz_init(&temp1);
-	mpz_init(&temp2);
-
-	mpz_set(&temp1, mp);
-
-	for (i = r.len-1; i >= 0; i--)
-	{
-		r.ptr[i] = mpz_mdivmod_ui(&temp2, NULL, &temp1, 1 << BITS_PER_BYTE);
-		mpz_set(&temp1, &temp2);
-	}
-
-	passert(mpz_sgn(&temp1) == 0);      /* we must have done all the bits */
-	mpz_clear(&temp1);
-	mpz_clear(&temp2);
-
-	return r;
-}
-
-/* Convert network form (binary bytes, big-endian) to MP_INT.
- * The *mp must not be previously mpz_inited.
- */
-void
-n_to_mpz(MP_INT *mp, const u_char *nbytes, size_t nlen)
-{
-	size_t i;
-
-	mpz_init_set_ui(mp, 0);
-
-	for (i = 0; i != nlen; i++)
-	{
-		mpz_mul_ui(mp, mp, 1 << BITS_PER_BYTE);
-		mpz_add_ui(mp, mp, nbytes[i]);
-	}
-}
-
-/*
- * convert a MP integer into a DER coded ASN.1 object
- */
-chunk_t
-asn1_integer_from_mpz(const mpz_t value)
-{
-	size_t bits = mpz_sizeinbase(value, 2);  /* size in bits */
-	size_t size = 1 + bits / BITS_PER_BYTE;  /* size in bytes */
-	chunk_t n = mpz_to_n(value, size);
-
-	return asn1_wrap(ASN1_INTEGER, "m", n);
-}
-
--- a/src/pluto/mp_defs.h
+++ b/src/pluto/mp_defs.h
@ -1,35 +0,0 @@
-/* some multiprecision utilities
- * Copyright (C) 1997 Angelos D. Keromytis.
- * Copyright (C) 1998-2001  D. Hugh Redelmeier.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#ifndef _MP_DEFS_H
-#define _MP_DEFS_H
-
-#include <gmp.h>
-
-#include <utils.h>
-
-extern void n_to_mpz(MP_INT *mp, const u_char *nbytes, size_t nlen);
-extern chunk_t mpz_to_n(const MP_INT *mp, size_t bytes);
-extern chunk_t asn1_integer_from_mpz(const mpz_t value);
-
-/* var := mod(base ** exp, mod), ensuring var is mpz_inited */
-#define mpz_init_powm(flag, var, base, exp, mod) { \
-	if (!(flag)) \
-		mpz_init(&(var)); \
-	(flag) = TRUE; \
-	mpz_powm(&(var), &(base), &(exp), (mod)); \
-	}
-
-#endif /* _MP_DEFS_H */
--- a/src/pluto/pgpcert.c
+++ b/src/pluto/pgpcert.c
@ -26,7 +26,6 @@

 #include "constants.h"
 #include "defs.h"
-#include "mp_defs.h"
 #include "log.h"
 #include "id.h"
 #include "pgpcert.h"
--- a/src/pluto/smartcard.c
+++ b/src/pluto/smartcard.c
@ -29,6 +29,9 @@

 #include <freeswan.h>

+#include <asn1/asn1.h>
+#include <credentials/keys/public_key.h>
+
 #include "constants.h"

 #ifdef SMARTCARD
@ -37,7 +40,6 @@
 #endif

 #include "defs.h"
-#include "mp_defs.h"
 #include "log.h"
 #include "x509.h"
 #include "ca.h"
@ -1438,9 +1440,9 @@ scx_encrypt(smartcard_t *sc, const u_char *in, size_t inlen
 	{
 		if (rv == CKR_FUNCTION_NOT_SUPPORTED)
 		{
-			RSA_public_key_t rsa;
+			public_key_t *key;
+			chunk_t rsa_modulus, rsa_exponent, rsa_key, cipher_text;
 			chunk_t plain_text = {(u_char*)in, inlen};
-			chunk_t cipher_text; 

 			DBG(DBG_CONTROL,
 				DBG_log("doing RSA encryption in software")
@ -1458,19 +1460,30 @@ scx_encrypt(smartcard_t *sc, const u_char *in, size_t inlen
 				scx_release_context(sc);
 				return FALSE;
 			}
-			rsa.k = attr[0].ulValueLen;
-			n_to_mpz(&rsa.n, attr[0].pValue, attr[0].ulValueLen);
-			n_to_mpz(&rsa.e, attr[1].pValue, attr[1].ulValueLen);
-			free(attr[0].pValue);
-			free(attr[1].pValue);
+			rsa_modulus  = chunk_create((u_char*) attr[0].pValue,
+									    (size_t)  attr[0].ulValueLen);
+			rsa_exponent = chunk_create((u_char*) attr[1].pValue,
+									    (size_t)  attr[1].ulValueLen);
+			rsa_key = asn1_wrap(ASN1_SEQUENCE, "mm",
+								asn1_integer("m", rsa_modulus),
+								asn1_integer("m", rsa_exponent));
+			key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,	
+								BUILD_BLOB_ASN1_DER, rsa_key, BUILD_END);
+			free(rsa_key.ptr);
+			if (key == NULL)
+			{
+				return FALSE;
+			}
+			key->encrypt(key, plain_text, &cipher_text);
+			key->destroy(key);

-			cipher_text = RSA_encrypt(&rsa, plain_text);
-			free_RSA_public_content(&rsa);
 			if (cipher_text.ptr == NULL)
 			{
 				plog("smartcard input data length is too large");
 				if (!pkcs11_keep_state)
+				{
 					scx_release_context(sc);
+				}
 				return FALSE;
 			}

--- a/src/pluto/x509.c
+++ b/src/pluto/x509.c
@ -32,7 +32,6 @@

 #include "constants.h"
 #include "defs.h"
-#include "mp_defs.h"
 #include "log.h"
 #include "id.h"
 #include "x509.h"
--- a/src/scepclient/Makefile.am
+++ b/src/scepclient/Makefile.am
@ -24,14 +24,12 @@ AM_CFLAGS = \

 LIBSTRONGSWANBUILDDIR=$(top_builddir)/src/libstrongswan
 LIBFREESWANBUILDDIR=$(top_builddir)/src/libfreeswan
-LIBCRYPTOBUILDDIR=$(top_builddir)/src/libcrypto

 scepclient_LDADD = \
 ca.o crl.o certs.o constants.o defs.o fetch.o id.o keys.o lex.o \
-mp_defs.o ocsp.o pem.o pgpcert.o pkcs7.o smartcard.o x509.o \
+ocsp.o pem.o pgpcert.o pkcs7.o smartcard.o x509.o \
 $(LIBSTRONGSWANBUILDDIR)/libstrongswan.la \
-$(LIBFREESWANBUILDDIR)/libfreeswan.a \
-lgmp
+$(LIBFREESWANBUILDDIR)/libfreeswan.a

 # This compile option activates smartcard support
 if USE_SMARTCARD
@ -56,9 +54,6 @@ crl.o : 	$(PLUTODIR)/crl.c $(PLUTODIR)/crl.h
 defs.o : 	$(PLUTODIR)/defs.c $(PLUTODIR)/defs.h
 		$(COMPILE) $(INCLUDES) -c -o $@ $<

-mp_defs.o :	$(PLUTODIR)/mp_defs.c $(PLUTODIR)/mp_defs.h
-		$(COMPILE) $(INCLUDES) -c -o $@ $<
-
 fetch.o : 	$(PLUTODIR)/fetch.c $(PLUTODIR)/fetch.h
 		$(COMPILE) $(INCLUDES) -c -o $@ $<

--- a/src/scepclient/scepclient.c
+++ b/src/scepclient/scepclient.c
@ -32,7 +32,6 @@
 #include <ctype.h>
 #include <unistd.h>
 #include <time.h>
-#include <gmp.h>

 #include <freeswan.h>