ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

- moved algorithm definitions from payloads to corresponding transforms 

- cleanup of docs in transforms
This commit is contained in:
Martin Willi 2005-11-24 16:22:04 +00:00
parent 2a1d820155
commit 8277be6053
28 changed files with 413 additions and 265 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
Source/charon/definitions.h
View File

@ -66,14 +66,44 @@
/**
* @addtogroup transforms
*
* Transform algorithms of different kind.
*/
/**
* @addtogroup prfs
*
* Pseudo random functions, generate a lot of pseudo
* randomness using random numbers.
*
* @ingroup transforms
*/
/**
* @addtogroup signers
*
* Symmetric signing algorithms, used to ensure
* message integrity.
*
* @ingroup transforms
*/
/**
* @addtogroup crypters
*
* Symmetric encryption algorithms, used to en-
* and decrypt.
*
* @ingroup transforms
*/
/**
* @addtogroup hashers
*
* Hash algorithms
*
* @ingroup transforms
*/
/**
* macro gives back larger of two values

61
Source/charon/encoding/payloads/transform_substructure.c
View File

@ -98,67 +98,6 @@ mapping_t transform_type_m[] = {
};
/**
* string mappings for encryption_algorithm_t
*/
mapping_t encryption_algorithm_m[] = {
{ENCR_UNDEFINED, "ENCR_UNDEFINED"},
{ENCR_DES_IV64, "ENCR_DES_IV64"},
{ENCR_DES, "ENCR_DES"},
{ENCR_3DES, "ENCR_3DES"},
{ENCR_RC5, "ENCR_RC5"},
{ENCR_IDEA, "ENCR_IDEA"},
{ENCR_CAST, "ENCR_CAST"},
{ENCR_BLOWFISH, "ENCR_BLOWFISH"},
{ENCR_3IDEA, "ENCR_3IDEA"},
{ENCR_DES_IV32, "ENCR_DES_IV32"},
{ENCR_NULL, "ENCR_NULL"},
{ENCR_AES_CBC, "ENCR_AES_CBC"},
{ENCR_AES_CTR, "ENCR_AES_CTR"},
{MAPPING_END, NULL}
};
/**
* string mappings for encryption_algorithm_t
*/
mapping_t pseudo_random_function_m[] = {
{PRF_UNDEFINED, "PRF_UNDEFINED"},
{PRF_HMAC_MD5, "PRF_HMAC_MD5"},
{PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
{PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
{PRF_AES128_CBC, "PRF_AES128_CBC"},
{MAPPING_END, NULL}
};
/**
* string mappings for integrity_algorithm_t
*/
mapping_t integrity_algorithm_m[] = {
{AUTH_UNDEFINED, "AUTH_UNDEFINED"},
{AUTH_HMAC_MD5_96, "AUTH_HMAC_MD5_96"},
{AUTH_HMAC_SHA1_96, "AUTH_HMAC_SHA1_96"},
{AUTH_DES_MAC, "AUTH_DES_MAC"},
{AUTH_KPDK_MD5, "AUTH_KPDK_MD5"},
{AUTH_AES_XCBC_96, "AUTH_AES_XCBC_96"},
{MAPPING_END, NULL}
};
/**
* string mappings for diffie_hellman_group_t
*/
mapping_t diffie_hellman_group_m[] = {
{MODP_UNDEFINED, "MODP_UNDEFINED"},
{MODP_768_BIT, "MODP_768_BIT"},
{MODP_1024_BIT, "MODP_1024_BIT"},
{MODP_1536_BIT, "MODP_1536_BIT"},
{MODP_2048_BIT, "MODP_2048_BIT"},
{MODP_3072_BIT, "MODP_3072_BIT"},
{MODP_4096_BIT, "MODP_4096_BIT"},
{MODP_6144_BIT, "MODP_6144_BIT"},
{MODP_8192_BIT, "MODP_8192_BIT"},
{MAPPING_END, NULL}
};
/**
* string mappings for extended_sequence_numbers_t
*/

90
Source/charon/encoding/payloads/transform_substructure.h
View File

@ -30,6 +30,10 @@
#include <encoding/payloads/payload.h>
#include <encoding/payloads/transform_attribute.h>
#include <utils/linked_list.h>
#include <transforms/diffie_hellman.h>
#include <transforms/signers/signer.h>
#include <transforms/prfs/prf.h>
#include <transforms/crypters/crypter.h>
/**
@ -62,92 +66,6 @@ enum transform_type_t {
*/
extern mapping_t transform_type_m[];
typedef enum encryption_algorithm_t encryption_algorithm_t;
/**
* Encryption algorithm, as in IKEv2 draft 3.3.2
*/
enum encryption_algorithm_t {
ENCR_UNDEFINED = 1024,
ENCR_DES_IV64 = 1,
ENCR_DES = 2,
ENCR_3DES = 3,
ENCR_RC5 = 4,
ENCR_IDEA = 5,
ENCR_CAST = 6,
ENCR_BLOWFISH = 7,
ENCR_3IDEA = 8,
ENCR_DES_IV32 = 9,
RESERVED = 10,
ENCR_NULL = 11,
ENCR_AES_CBC = 12,
ENCR_AES_CTR = 13
};
/**
* string mappings for encryption_algorithm_t
*/
extern mapping_t encryption_algorithm_m[];
typedef enum pseudo_random_function_t pseudo_random_function_t;
/**
* Pseudo random function, as in IKEv2 draft 3.3.2
*/
enum pseudo_random_function_t {
PRF_UNDEFINED = 1024,
PRF_HMAC_MD5 = 1,
PRF_HMAC_SHA1 = 2,
PRF_HMAC_TIGER = 3,
PRF_AES128_CBC = 4
};
/**
* string mappings for encryption_algorithm_t
*/
extern mapping_t pseudo_random_function_m[];
typedef enum integrity_algorithm_t integrity_algorithm_t;
/**
* Integrity algorithm, as in IKEv2 draft 3.3.2
*/
enum integrity_algorithm_t {
AUTH_UNDEFINED = 1024,
AUTH_HMAC_MD5_96 = 1,
AUTH_HMAC_SHA1_96 = 2,
AUTH_DES_MAC = 3,
AUTH_KPDK_MD5 = 4,
AUTH_AES_XCBC_96 = 5
};
/**
* string mappings for integrity_algorithm_t
*/
extern mapping_t integrity_algorithm_m[];
typedef enum diffie_hellman_group_t diffie_hellman_group_t;
/**
* Diffie-Hellman group, as in IKEv2 draft 3.3.2 and RFC 3526
*/
enum diffie_hellman_group_t {
MODP_UNDEFINED = 1024,
MODP_768_BIT = 1,
MODP_1024_BIT = 2,
MODP_1536_BIT = 5,
MODP_2048_BIT = 14,
MODP_3072_BIT = 15,
MODP_4096_BIT = 16,
MODP_6144_BIT = 17,
MODP_8192_BIT = 18
};
/**
* string mappings for diffie_hellman_group_t
*/
extern mapping_t diffie_hellman_group_m[];
typedef enum extended_sequence_numbers_t extended_sequence_numbers_t;

1
Source/charon/network/packet.h
View File

@ -71,7 +71,6 @@ struct packet_t {
/**
* @brief create an empty packet
*
* @param family address-family, such as AF_INET
* @return - NULL when family not supported
*/
packet_t *packet_create();

1
Source/charon/sa/ike_sa.c
View File

@ -39,6 +39,7 @@
#include <encoding/payloads/transform_attribute.h>
#include <sa/states/initiator_init.h>
#include <sa/states/responder_init.h>
#include <queues/jobs/delete_ike_sa_job.h>

1
Source/charon/testcases/event_queue_test.c
View File

@ -27,6 +27,7 @@
#include <utils/allocator.h>
#include <queues/event_queue.h>
#include <queues/jobs/initiate_ike_sa_job.h>
/**
* Number of different times to insert per thread

1
Source/charon/testcases/job_queue_test.c
View File

@ -29,6 +29,7 @@
#include <utils/allocator.h>
#include <queues/job_queue.h>
#include <queues/jobs/initiate_ike_sa_job.h>
typedef struct job_queue_test_s job_queue_test_t;

1
Source/charon/threads/receiver.c
View File

@ -30,6 +30,7 @@
#include <network/packet.h>
#include <queues/job_queue.h>
#include <queues/jobs/job.h>
#include <queues/jobs/incoming_packet_job.h>
#include <utils/allocator.h>
#include <utils/logger_manager.h>

45
Source/charon/transforms/crypters/crypter.c
View File

@ -0,0 +1,45 @@
/**
* @file crypter.c
*
* @brief Generic constructor for crypter_t.
*
*/
/*
* Copyright (C) 2005 Jan Hutter, Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "crypter.h"
/**
* string mappings for encryption_algorithm_t
*/
mapping_t encryption_algorithm_m[] = {
{ENCR_UNDEFINED, "ENCR_UNDEFINED"},
{ENCR_DES_IV64, "ENCR_DES_IV64"},
{ENCR_DES, "ENCR_DES"},
{ENCR_3DES, "ENCR_3DES"},
{ENCR_RC5, "ENCR_RC5"},
{ENCR_IDEA, "ENCR_IDEA"},
{ENCR_CAST, "ENCR_CAST"},
{ENCR_BLOWFISH, "ENCR_BLOWFISH"},
{ENCR_3IDEA, "ENCR_3IDEA"},
{ENCR_DES_IV32, "ENCR_DES_IV32"},
{ENCR_NULL, "ENCR_NULL"},
{ENCR_AES_CBC, "ENCR_AES_CBC"},
{ENCR_AES_CTR, "ENCR_AES_CTR"},
{MAPPING_END, NULL}
};

58
Source/charon/transforms/crypters/crypter.h
View File

@ -1,7 +1,7 @@
/**
* @file crypter.h
*
* @brief Generic interface for encryption algorithms
* @brief Interface of crypter_t
*
*/
@ -23,13 +23,41 @@
#ifndef CRYPTER_H_
#define CRYPTER_H_
#include <encoding/payloads/transform_substructure.h>
#include <types.h>
typedef enum encryption_algorithm_t encryption_algorithm_t;
/**
* @brief Encryption algorithm, as in IKEv2 draft 3.3.2
*/
enum encryption_algorithm_t {
ENCR_UNDEFINED = 1024,
ENCR_DES_IV64 = 1,
ENCR_DES = 2,
ENCR_3DES = 3,
ENCR_RC5 = 4,
ENCR_IDEA = 5,
ENCR_CAST = 6,
ENCR_BLOWFISH = 7,
ENCR_3IDEA = 8,
ENCR_DES_IV32 = 9,
RESERVED = 10,
ENCR_NULL = 11,
ENCR_AES_CBC = 12,
ENCR_AES_CTR = 13
};
/**
* string mappings for encryption_algorithm_t
*/
extern mapping_t encryption_algorithm_m[];
typedef struct crypter_t crypter_t;
/**
* Object representing a crypter object
* @brief Generic interface for symmetric encryption algorithms.
*
* @ingroup crypters
*/
struct crypter_t {
/**
@ -59,36 +87,38 @@ struct crypter_t {
/**
* @brief get the block size of this crypter
*
* @param this calling crypter
* @return block size in bytes
* @param this calling crypter
* @return block size in bytes
*/
size_t (*get_block_size) (crypter_t *this);
/**
* @brief Set the key for this crypter
*
* @param this calling crypter
* @return block size in bytes
* @param this calling crypter
* @param key key to set
* @return
* - SUCCESS in any case
*/
status_t (*set_key) (crypter_t *this, chunk_t key);
/**
* @brief Destroys a crypter object.
* @brief Destroys a crypter_t object.
*
* @param this crypter_t object to destroy
* @param this crypter_t object to destroy
* @return
* SUCCESS in any case
* - SUCCESS in any case
*/
status_t (*destroy) (crypter_t *this);
};
/**
* Creates a new crypter_t object
* @brief Generic constructor for crypter_t objects.
*
* @param pseudo_random_function Algorithm to use
* @param encryption_algorithm Algorithm to use for crypter
* @return
* - crypter_t if successfully
* - NULL if out of ressources or crypter not supported
* - crypter_t if successfully
* - NULL if out of ressources or crypter not supported
*/
crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm);

17
Source/charon/transforms/diffie_hellman.c
View File

@ -32,6 +32,23 @@
#include <utils/gmp_helper.h>
/**
* string mappings for diffie_hellman_group_t
*/
mapping_t diffie_hellman_group_m[] = {
{MODP_UNDEFINED, "MODP_UNDEFINED"},
{MODP_768_BIT, "MODP_768_BIT"},
{MODP_1024_BIT, "MODP_1024_BIT"},
{MODP_1536_BIT, "MODP_1536_BIT"},
{MODP_2048_BIT, "MODP_2048_BIT"},
{MODP_3072_BIT, "MODP_3072_BIT"},
{MODP_4096_BIT, "MODP_4096_BIT"},
{MODP_6144_BIT, "MODP_6144_BIT"},
{MODP_8192_BIT, "MODP_8192_BIT"},
{MAPPING_END, NULL}
};
/**
* Modulus of Group 1 (MODP_768_BIT)
*/

65
Source/charon/transforms/diffie_hellman.h
View File

@ -1,7 +1,7 @@
/**
* @file diffie_hellman.h
*
* @brief Class to represent a diffie hellman exchange.
* @brief Interface of diffie_hellman_t.
*
*/
@ -24,52 +24,81 @@
#define DIFFIE_HELLMAN_H_
#include <types.h>
#include <encoding/payloads/transform_substructure.h>
typedef enum diffie_hellman_group_t diffie_hellman_group_t;
/**
* @brief Diffie-Hellman group.
*
* The modulus (or group) to use for a Diffie-Hellman calculation.
*
* @see IKEv2 draft 3.3.2 and RFC 3526.
*/
enum diffie_hellman_group_t {
MODP_UNDEFINED = 1024,
MODP_768_BIT = 1,
MODP_1024_BIT = 2,
MODP_1536_BIT = 5,
MODP_2048_BIT = 14,
MODP_3072_BIT = 15,
MODP_4096_BIT = 16,
MODP_6144_BIT = 17,
MODP_8192_BIT = 18
};
/**
* string mappings for diffie_hellman_group_t
*/
extern mapping_t diffie_hellman_group_m[];
typedef struct diffie_hellman_t diffie_hellman_t;
/**
* Object representing a diffie hellman exchange
* @brief Implementation of the widely used Diffie-Hellman algorithm.
*
* @ingroup transforms
*/
struct diffie_hellman_t {
/**
* @brief Returns the shared secret of this diffie hellman exchange
* @brief Returns the shared secret of this diffie hellman exchange.
*
* @warning Space for returned secret is allocated and has to get freed by the caller
* @warning Space for returned secret is allocated and must be
* freed by the caller.
*
* @param this calling diffie_hellman_t object
* @param[out] secret shared secret will be written into this chunk
* @return
* - SUCCESS
* - SUCCESS, or
* - FAILED if not both DH values are set
* - OUT_OF_RES if out of ressources
*/
status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
/**
* @brief Sets the public value of partner
* @brief Sets the public value of partner.
*
* @warning chunk gets copied
*
* @param this calling diffie_hellman_t object
* @param public_value public value of partner
* @return
* - SUCCESS
* - SUCCESS, or
* - OUT_OF_RES if out of ressources
*/
status_t (*set_other_public_value) (diffie_hellman_t *this, chunk_t public_value);
/**
* @brief Gets the public value of partner
* @brief Gets the public value of partner.
*
* @warning chunk gets copied
*
* @param this calling diffie_hellman_t object
* @param[out] public_value public value of partner is stored at this location
* @param[out] public_value public value of partner is stored at this location
* @return
* - SUCCESS
* - SUCCESS, or
* - OUT_OF_RES if out of ressources
* - FAILED if other public value not set
*/
@ -81,9 +110,9 @@ struct diffie_hellman_t {
* @warning chunk gets copied
*
* @param this calling diffie_hellman_t object
* @param[out] public_value public value of caller is stored at this location
* @param[out] public_value public value of caller is stored at this location
* @return
* - SUCCESS
* - SUCCESS, or
* - OUT_OF_RES if out of ressources
*/
status_t (*get_my_public_value) (diffie_hellman_t *this, chunk_t *public_value);
@ -91,22 +120,24 @@ struct diffie_hellman_t {
/**
* @brief Destroys an diffie_hellman_t object.
*
* @param this diffie_hellman_t object to destroy
* @param this diffie_hellman_t object to destroy
* @return
* SUCCESS in any case
* - SUCCESS in any case
*/
status_t (*destroy) (diffie_hellman_t *this);
};
/**
* Creates a new diffie_hellman_t object
* @brief Creates a new diffie_hellman_t object.
*
* The first diffie hellman public value gets automatically created
* The first diffie hellman public value gets automatically created.
*
* @param dh_group_number Diffie Hellman group number to use
* @return
* - diffie_hellman_t if successfully
* - NULL if out of ressources or dh_group not supported
*
* @ingroup transforms
*/
diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number);

11
Source/charon/transforms/hashers/hasher.c
View File

@ -1,7 +1,7 @@
/**
* @file hasher.c
*
* @brief Generic interface for hash functions
* @brief Generic constructor for hasher_t
*
*/
@ -26,7 +26,14 @@
#include <transforms/hashers/hasher_sha1.h>
#include <transforms/hashers/hasher_md5.h>
/**
* mappings for hash_algorithm_t
*/
mapping_t hash_algorithm_m[] = {
{HASH_SHA1, "HASH_SHA1"},
{HASH_MD5, "HASH_MD5"},
{MAPPING_END, NULL}
};
/*
* Described in header

29
Source/charon/transforms/hashers/hasher.h
View File

@ -1,7 +1,7 @@
/**
* @file hasher.h
*
* @brief Generic interface for hash functions
* @brief Interface for hasher_t.
*
*/
@ -29,18 +29,25 @@
typedef enum hash_algorithm_t hash_algorithm_t;
/**
* algorithms to use for hashing
* @brief Algorithms to use for hashing.
*/
enum hash_algorithm_t {
HASH_SHA1,
HASH_MD5
};
/**
* string mappings for hash_algorithm_t
*/
extern mapping_t hash_algorithm_m[];
typedef struct hasher_t hasher_t;
/**
* Object representing a hasher
* @brief Generic interface for all hash functions.
*
* @ingroup hashers
*/
struct hasher_t {
/**
@ -51,7 +58,7 @@ struct hasher_t {
* If not, the result is written back and the hasher is reset.
*
* @warning: the hash output parameter must hold at least
* #hash_t.get_block_size bytes.
* hash_t.get_block_size bytes.
*
* @param this calling hasher
* @param data data to hash
@ -78,7 +85,7 @@ struct hasher_t {
status_t (*allocate_hash) (hasher_t *this, chunk_t data, chunk_t *hash);
/**
* @brief get the block size of this hashing function
* @brief Get the block size of this hashing function.
*
* @param this calling hasher
* @return block size in bytes
@ -86,7 +93,7 @@ struct hasher_t {
size_t (*get_block_size) (hasher_t *this);
/**
* @brief reset the hashers state, which allows
* @brief Resets the hashers state, which allows
* computation of a completly new hash.
*
* @param this calling hasher
@ -105,12 +112,14 @@ struct hasher_t {
};
/**
* Creates a new hasher_t object
* @brief Generic interface to create a hasher_t.
*
* @param hash_algorithm Algorithm to use for hashing
* @param hash_algorithm Algorithm to use for hashing
* @return
* - hasher_t if successfully
* - NULL if out of ressources
* - hasher_t if successfully
* - NULL if out of ressources
*
* @ingroup hashers
*/
hasher_t *hasher_create(hash_algorithm_t hash_algorithm);

3
Source/charon/transforms/hashers/hasher_md5.c
View File

@ -1,8 +1,7 @@
/**
* @file hasher_md5.c
*
* @brief Implementation of hasher_t interface using the
* md5 algorithm.
* @brief Implementation of hasher_md5_t.
*
*/

15
Source/charon/transforms/hashers/hasher_md5.h
View File

@ -1,8 +1,7 @@
/**
* @file hasher_md5.h
*
* @brief Implementation of hasher_t interface using the
* md5 algorithm.
* @brief Interface for hasher_md5_t.
*
*/
@ -30,8 +29,10 @@
typedef struct hasher_md5_t hasher_md5_t;
/**
* Object representing the md5 hasher
* @brief Implementation of hasher_t interface using the
* MD5 algorithm.
*
* @ingroup hashers
*/
struct hasher_md5_t {
@ -42,11 +43,13 @@ struct hasher_md5_t {
};
/**
* Creates a new hasher_md5_t object
* @brief Creates a new hasher_md5_t.
*
* @return
* - hasher_md5_t if successfully
* - NULL if out of ressources
* - hasher_md5_t if successfully
* - NULL if out of ressources
*
* @ingroup hashers
*/
hasher_md5_t *hasher_md5_create();

3
Source/charon/transforms/hashers/hasher_sha1.c
View File

@ -1,8 +1,7 @@
/**
* @file hasher_sha1.c
*
* @brief Implementation of hasher_t interface using the
* SHA1 algorithm.
* @brief Implementation of hasher_sha_t.
*
*/

15
Source/charon/transforms/hashers/hasher_sha1.h
View File

@ -1,8 +1,7 @@
/**
* @file hasher_sha1.h
*
* @brief Implementation of hasher_t interface using the
* SHA1 algorithm.
* @brief Interface for the hasher_sha1_t
*
*/
@ -30,8 +29,10 @@
typedef struct hasher_sha1_t hasher_sha1_t;
/**
* Object representing the sha1 hasher
* @brief Implementation of hasher_t interface using the
* SHA1 algorithm.
*
* @ingroup hashers
*/
struct hasher_sha1_t {
@ -42,11 +43,13 @@ struct hasher_sha1_t {
};
/**
* Creates a new hasher_sha1_t object
* @brief Creates a new hasher_sha1_t.
*
* @return
* - hasher_sha1_t if successfully
* - NULL if out of ressources
* - hasher_sha1_t if successfully
* - NULL if out of ressources
*
* @ingroup hashers
*/
hasher_sha1_t *hasher_sha1_create();

4
Source/charon/transforms/hmac.h
View File

@ -51,7 +51,7 @@ struct hmac_t {
*
* @param this calling hmac
* @param data chunk of data to authenticate
* @param [out]buffer pointer where the generated bytes will be written
* @param[out] buffer pointer where the generated bytes will be written
* @return
* - SUCCESS in any case
*/
@ -68,7 +68,7 @@ struct hmac_t {
*
* @param this calling hmac
* @param data chunk of data to authenticate
* @param [out]chunk chunk which will hold generated bytes
* @param[out] chunk chunk which will hold generated bytes
* @return
* - SUCCESS, or
* - OUT_OF_RES if space could not be allocated

2
Source/charon/transforms/prf_plus.c
View File

@ -1,7 +1,7 @@
/**
* @file prf_plus.c
*
* @brief Implements the prf+ function described in IKEv2 draft.
* @brief Implementation of prf_plus_t.
*
*/

29
Source/charon/transforms/prf_plus.h
View File

@ -1,7 +1,7 @@
/**
* @file prf_plus.h
*
* @brief Implements the prf+ function described in IKEv2 draft.
* @brief Interface for prf_plus.h.
*
*/
@ -30,15 +30,25 @@
typedef struct prf_plus_t prf_plus_t;
/**
* Object representing a prf_plus
* @brief Implementation of the prf+ function described in IKEv2 draft.
*
* This class implements the prf+ algorithm. Internalliy it uses a pseudo random
* function, which implements the prf_t interface.
*
* @see IKEv2 draft 2.13
*
* @ingroup transforms
*/
struct prf_plus_t {
/**
* @brief Get pseudo random bytes.
*
* Get the next few bytes of the prf+ output. Space
* must be allocated by the caller.
*
* @param this calling prf_plus
* @param length number of bytes to get
* @param [out]buffer pointer where the generated bytes will be written
* @param[out] buffer pointer where the generated bytes will be written
* @return
* - SUCCESS in any case
*/
@ -47,9 +57,12 @@ struct prf_plus_t {
/**
* @brief Allocate pseudo random bytes.
*
* Get the next few bytes of the prf+ output. This function
* will allocate the required space.
*
* @param this calling prf_plus
* @param length number of bytes to get
* @param [out]chunk chunk which will hold generated bytes
* @param[out] chunk chunk which will hold generated bytes
* @return
* - SUCCESS in any case
* - OUT_OF_RES if space could not be allocated
@ -57,7 +70,7 @@ struct prf_plus_t {
status_t (*allocate_bytes) (prf_plus_t *this, size_t length, chunk_t *chunk);
/**
* @brief Destroys a prf_plus object.
* @brief Destroys a prf_plus_t object.
*
* @param this prf_plus_t object to destroy
* @return
@ -67,7 +80,7 @@ struct prf_plus_t {
};
/**
* Creates a new prf_plus_t object
* @brief Creates a new prf_plus_t object.
*
* Seed will be cloned. prf will
* not be cloned, must be destroyed outside after
@ -77,7 +90,9 @@ struct prf_plus_t {
* @param seed input seed for prf
* @return
* - prf_plus_t if successfully
* - NULL if out of ressources or hash not supported
* - NULL if out of ressources
*
* @ingroup transforms
*/
prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed);

15
Source/charon/transforms/prfs/prf.c
View File

@ -1,7 +1,7 @@
/**
* @file prf.c
*
* @brief Generic interface for pseudo-random-functions
* @brief Generic constructor for all prf_t
*
*/
@ -27,6 +27,19 @@
#include <transforms/prfs/prf_hmac.h>
/**
* string mappings for encryption_algorithm_t
*/
mapping_t pseudo_random_function_m[] = {
{PRF_UNDEFINED, "PRF_UNDEFINED"},
{PRF_HMAC_MD5, "PRF_HMAC_MD5"},
{PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
{PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
{PRF_AES128_CBC, "PRF_AES128_CBC"},
{MAPPING_END, NULL}
};
/*
* Described in header
*/

48
Source/charon/transforms/prfs/prf.h
View File

@ -1,7 +1,7 @@
/**
* @file prf.h
*
* @brief Generic interface for pseudo-random-functions
* @brief Interface of prf_t.
*
*/
@ -23,35 +23,53 @@
#ifndef PRF_H_
#define PRF_H_
#include <encoding/payloads/transform_substructure.h>
#include <types.h>
typedef enum pseudo_random_function_t pseudo_random_function_t;
/**
* @brief Pseudo random function, as in IKEv2 draft 3.3.2.
*/
enum pseudo_random_function_t {
PRF_UNDEFINED = 1024,
PRF_HMAC_MD5 = 1,
PRF_HMAC_SHA1 = 2,
PRF_HMAC_TIGER = 3,
PRF_AES128_CBC = 4
};
/**
* string mappings for encryption_algorithm_t
*/
extern mapping_t pseudo_random_function_m[];
typedef struct prf_t prf_t;
/**
* Object representing a diffie hellman exchange
* @brief Generic interface for pseudo-random-functions.
*
* @ingroup prfs
*/
struct prf_t {
/**
* @brief generates pseudo random bytes and writes them
* in the buffer
* in the buffer.
*
* @param this calling prf
* @param seed a chunk containing the seed for the next bytes
* @param [out]buffer pointer where the generated bytes will be written
* @param[out] buffer pointer where the generated bytes will be written
* @return
* - SUCCESS in any case
*/
status_t (*get_bytes) (prf_t *this, chunk_t seed, u_int8_t *buffer);
/**
* @brief generates pseudo random bytes and allocate space for them
* @brief generates pseudo random bytes and allocate space for them.
*
* @param this calling prf
* @param seed a chunk containing the seed for the next bytes
* @param [out]chunk chunk which will hold generated bytes
* @param[out] chunk chunk which will hold generated bytes
* @return
* - SUCCESS in any case
* - OUT_OF_RES if space could not be allocated
@ -59,7 +77,7 @@ struct prf_t {
status_t (*allocate_bytes) (prf_t *this, chunk_t seed, chunk_t *chunk);
/**
* @brief get the block size of this prf
* @brief get the block size of this prf.
*
* @param this calling prf
* @return block size in bytes
@ -67,25 +85,27 @@ struct prf_t {
size_t (*get_block_size) (prf_t *this);
/**
* @brief Set the key for this prf
* @brief Set the key for this prf.
*
* @param this calling prf
* @return block size in bytes
* @param key key to set
* @return
* - SUCCESS in any case
*/
status_t (*set_key) (prf_t *this, chunk_t key);
/**
* @brief Destroys a prf object.
* @brief Destroys a prf object..
*
* @param this prf_t object to destroy
* @param this prf_t object to destroy
* @return
* SUCCESS in any case
* - SUCCESS in any case
*/
status_t (*destroy) (prf_t *this);
};
/**
* Creates a new prf_t object
* @brief Generic constructor for a prf_t.
*
* @param pseudo_random_function Algorithm to use
* @return

3
Source/charon/transforms/prfs/prf_hmac.c
View File

@ -1,8 +1,7 @@
/**
* @file prf_hmac.c
*
* @brief Implementation of prf_t interface using the
* a HMAC algorithm. This simply wraps a hmac in a prf.
* @brief Implementation for prf_hmac_t.
*
*/

19
Source/charon/transforms/prfs/prf_hmac.h
View File

@ -1,8 +1,7 @@
/**
* @file prf_hmac.h
*
* @brief Implementation of prf_t interface using the
* a HMAC algorithm. This simply wraps a hmac in a prf.
* @brief Interface for prf_hmac_t.
*
*/
@ -24,32 +23,38 @@
#ifndef PRF_HMAC_H_
#define PRF_HMAC_H_
#include "prf.h"
#include <types.h>
#include <transforms/prfs/prf.h>
#include <transforms/hashers/hasher.h>
typedef struct prf_hmac_t prf_hmac_t;
/**
* Object representing a prf using HMAC
* @brief Implementation of prf_t interface using the
* a HMAC algorithm.
*
* This simply wraps a hmac_t in a prf_t. More a question of
* interface matchig.
*
* @ingroup prfs
*/
struct prf_hmac_t {
/**
* generic prf_t interface for this prf
* Generic prf_t interface for this prf_hmac_t class.
*/
prf_t prf_interface;
};
/**
* Creates a new prf_hmac_t object
* @brief Creates a new prf_hmac_t object
*
* @param hash_algorithm hmac's hash algorithm
* @return
* - prf_hmac_t if successfully
* - NULL if out of ressources
*
* @ingroup prfs
*/
prf_hmac_t *prf_hmac_create(hash_algorithm_t hash_algorithm);

37
Source/charon/transforms/signers/signer.c
View File

@ -0,0 +1,37 @@
/**
* @file signer.c
*
* @brief Implementation of generic signer_t constructor.
*
*/
/*
* Copyright (C) 2005 Jan Hutter, Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "signer.h"
/**
* string mappings for integrity_algorithm_t
*/
mapping_t integrity_algorithm_m[] = {
{AUTH_UNDEFINED, "AUTH_UNDEFINED"},
{AUTH_HMAC_MD5_96, "AUTH_HMAC_MD5_96"},
{AUTH_HMAC_SHA1_96, "AUTH_HMAC_SHA1_96"},
{AUTH_DES_MAC, "AUTH_DES_MAC"},
{AUTH_KPDK_MD5, "AUTH_KPDK_MD5"},
{AUTH_AES_XCBC_96, "AUTH_AES_XCBC_96"},
{MAPPING_END, NULL}
};

72
Source/charon/transforms/signers/signer.h
View File

@ -1,7 +1,7 @@
/**
* @file signer.h
*
* @brief Generic interface for integrity algorithms
* @brief Interface for signer_t.
*
*/
@ -23,33 +23,55 @@
#ifndef SIGNER_H_
#define SIGNER_H_
#include <encoding/payloads/transform_substructure.h>
#include <types.h>
#include <definitions.h>
typedef enum integrity_algorithm_t integrity_algorithm_t;
/**
* @brief Integrity algorithm, as in IKEv2 draft 3.3.2.
*
*/
enum integrity_algorithm_t {
AUTH_UNDEFINED = 1024,
AUTH_HMAC_MD5_96 = 1,
AUTH_HMAC_SHA1_96 = 2,
AUTH_DES_MAC = 3,
AUTH_KPDK_MD5 = 4,
AUTH_AES_XCBC_96 = 5
};
/**
* string mappings for integrity_algorithm_t
*/
extern mapping_t integrity_algorithm_m[];
typedef struct signer_t signer_t;
/**
* Object representing a diffie hellman exchange
* @brief Generig interface for a symmetric signature algorithm.
*
* @ingroup signers
*/
struct signer_t {
/**
* @brief generates pseudo random bytes and writes them
* in the buffer
* @brief Generate a signature.
*
* @param this calling signer
* @param seed a chunk containing the seed for the next bytes
* @param [out]buffer pointer where the generated bytes will be written
* @param data a chunk containing the data to sign
* @param[out] buffer pointer where the signature will be written
* @return
* - SUCCESS in any case
*/
status_t (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
/**
* @brief generates pseudo random bytes and allocate space for them
* @brief Generate a signature and allocate space for it.
*
* @param this calling signer
* @param seed a chunk containing the seed for the next bytes
* @param [out]chunk chunk which will hold generated bytes
* @param data a chunk containing the data to sign
* @param[out] chunk chunk which will hold the allocated signature
* @return
* - SUCCESS in any case
* - OUT_OF_RES if space could not be allocated
@ -57,19 +79,19 @@ struct signer_t {
status_t (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
/**
* @brief generates pseudo random bytes and writes them
* in the buffer
* @brief Verify a signature.
*
* @param this calling signer
* @param seed a chunk containing the seed for the next bytes
* @param [out]buffer pointer where the generated bytes will be written
* @param data a chunk containing the data to verify
* @param signature a chunk containing the signature
* @param[out] vaild set to TRUE, if signature is valid, to FALSE otherwise
* @return
* - SUCCESS in any case
*/
status_t (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature, bool *valid);
/**
* @brief get the block size of this signer
* @brief Get the block size of this signature algorithm.
*
* @param this calling signer
* @return block size in bytes
@ -77,30 +99,34 @@ struct signer_t {
size_t (*get_block_size) (signer_t *this);
/**
* @brief Set the key for this signer
* @brief Set the key for this signer.
*
* @param this calling signer
* @return block size in bytes
* @param key key to set
* @return
* - SUCCESS in any case
*/
status_t (*set_key) (signer_t *this, chunk_t key);
/**
* @brief Destroys a signer object.
*
* @param this signer_t object to destroy
* @param this signer_t object to destroy
* @return
* SUCCESS in any case
* - SUCCESS in any case
*/
status_t (*destroy) (signer_t *this);
};
/**
* Creates a new signer_t object
* @brief Creates a new signer_t object.
*
* @param pseudo_random_function Algorithm to use
* @param integrity_algorithm Algorithm to use for signing and verifying.
* @return
* - signer_t if successfully
* - NULL if out of ressources or signer not supported
* - signer_t if successfully
* - NULL if out of ressources or signer not supported
*
* @ingroup signers
*/
signer_t *signer_create(integrity_algorithm_t integrity_algorithm);

2
Source/charon/utils/gmp_helper.h
View File

@ -1,5 +1,5 @@
/**
* @file gmp_helper.c
* @file gmp_helper.h
*
* @brief Class with helper functions for gmp operations
*