Created framework for BLISS post-quantum signature algorithm

This commit is contained in:
Andreas Steffen 2014-10-22 00:19:49 +02:00
parent 4ef819a379
commit 9d5b91d198
12 changed files with 663 additions and 8 deletions

View File

@ -123,6 +123,7 @@ m4_include(m4/macros/enable-disable.m4)
# crypto plugins
ARG_DISBL_SET([aes], [disable AES software implementation plugin.])
ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.])
ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.])
ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.])
ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.])
ARG_DISBL_SET([cmac], [disable CMAC crypto implementation plugin.])
@ -1251,6 +1252,7 @@ ADD_PLUGIN([ctr], [s charon scripts nm cmd])
ADD_PLUGIN([ccm], [s charon scripts nm cmd])
ADD_PLUGIN([gcm], [s charon scripts nm cmd])
ADD_PLUGIN([ntru], [s charon scripts nm cmd])
ADD_PLUGIN([bliss], [s charon pki scripts nm cmd])
ADD_PLUGIN([curl], [s charon scepclient pki scripts nm cmd])
ADD_PLUGIN([winhttp], [s charon pki scripts])
ADD_PLUGIN([soup], [s charon pki scripts nm cmd])
@ -1398,6 +1400,7 @@ AM_CONDITIONAL(USE_CCM, test x$ccm = xtrue)
AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue)
AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue)
AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue)
AM_CONDITIONAL(USE_BLISS, test x$bliss = xtrue)
# charon plugins
# ----------------
@ -1641,6 +1644,7 @@ AC_CONFIG_FILES([
src/libstrongswan/plugins/gcm/Makefile
src/libstrongswan/plugins/af_alg/Makefile
src/libstrongswan/plugins/ntru/Makefile
src/libstrongswan/plugins/bliss/Makefile
src/libstrongswan/plugins/test_vectors/Makefile
src/libstrongswan/tests/Makefile
src/libhydra/Makefile

View File

@ -544,6 +544,13 @@ if MONOLITHIC
endif
endif
if USE_BLISS
SUBDIRS += plugins/bliss
if MONOLITHIC
libstrongswan_la_LIBADD += plugins/bliss/libstrongswan-bliss.la
endif
endif
if USE_TEST_VECTORS
SUBDIRS += plugins/test_vectors
if MONOLITHIC

View File

@ -1,6 +1,7 @@
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@ -17,14 +18,15 @@
#include "public_key.h"
ENUM(key_type_names, KEY_ANY, KEY_DSA,
ENUM(key_type_names, KEY_ANY, KEY_BLISS,
"ANY",
"RSA",
"ECDSA",
"DSA"
"DSA",
"BLISS"
);
ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ECDSA_521,
ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_IV_SHA384,
"UNKNOWN",
"RSA_EMSA_PKCS1_NULL",
"RSA_EMSA_PKCS1_MD5",
@ -41,6 +43,8 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ECDSA_521,
"ECDSA-256",
"ECDSA-384",
"ECDSA-521",
"BLISS-I_SHA256",
"BLISS-IV_SHA384",
);
ENUM(encryption_scheme_names, ENCRYPT_UNKNOWN, ENCRYPT_RSA_OAEP_SHA512,

View File

@ -1,6 +1,7 @@
/*
* Copyright (C) 2007 Martin Willi
* Hochschule fuer Technik Rapperswil
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@ -42,6 +43,8 @@ enum key_type_t {
KEY_ECDSA = 2,
/** DSA */
KEY_DSA = 3,
/** BLISS */
KEY_BLISS = 4,
/** ElGamal, ... */
};
@ -90,6 +93,10 @@ enum signature_scheme_t {
SIGN_ECDSA_384,
/** ECDSA on the P-521 curve with SHA-512 as in RFC 4754 */
SIGN_ECDSA_521,
/** BLISS-I with SHA-256 */
SIGN_BLISS_I_SHA256,
/** BLISS-IV with SHA-384 */
SIGN_BLISS_IV_SHA384,
};
/**

View File

@ -0,0 +1,19 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/libstrongswan
AM_CFLAGS = \
$(PLUGIN_CFLAGS) \
@COVERAGE_CFLAGS@
if MONOLITHIC
noinst_LTLIBRARIES = libstrongswan-bliss.la
else
plugin_LTLIBRARIES = libstrongswan-bliss.la
endif
libstrongswan_bliss_la_SOURCES = \
bliss_plugin.h bliss_plugin.c \
bliss_private_key.h bliss_private_key.c \
bliss_public_key.h bliss_public_key.c
libstrongswan_bliss_la_LDFLAGS = -module -avoid-version

View File

@ -0,0 +1,93 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "bliss_plugin.h"
#include "bliss_private_key.h"
#include "bliss_public_key.h"
#include <library.h>
typedef struct private_bliss_plugin_t private_bliss_plugin_t;
/**
* private data of bliss_plugin
*/
struct private_bliss_plugin_t {
/**
* public functions
*/
bliss_plugin_t public;
};
METHOD(plugin_t, get_name, char*,
private_bliss_plugin_t *this)
{
return "bliss";
}
METHOD(plugin_t, get_features, int,
private_bliss_plugin_t *this, plugin_feature_t *features[])
{
static plugin_feature_t f[] = {
/* private/public keys */
PLUGIN_REGISTER(PRIVKEY, bliss_private_key_load, TRUE),
PLUGIN_PROVIDE(PRIVKEY, KEY_BLISS),
PLUGIN_REGISTER(PRIVKEY_GEN, bliss_private_key_gen, FALSE),
PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_BLISS),
PLUGIN_DEPENDS(RNG, RNG_TRUE),
PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE),
PLUGIN_PROVIDE(PUBKEY, KEY_BLISS),
/* signature schemes, private */
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_I_SHA256),
PLUGIN_DEPENDS(HASHER, HASH_SHA256),
PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_IV_SHA384),
PLUGIN_DEPENDS(HASHER, HASH_SHA384),
/* signature verification schemes */
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_I_SHA256),
PLUGIN_DEPENDS(HASHER, HASH_SHA256),
PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_IV_SHA384),
PLUGIN_DEPENDS(HASHER, HASH_SHA384),
};
*features = f;
return countof(f);
}
METHOD(plugin_t, destroy, void,
private_bliss_plugin_t *this)
{
free(this);
}
/*
* see header file
*/
plugin_t *bliss_plugin_create()
{
private_bliss_plugin_t *this;
INIT(this,
.public = {
.plugin = {
.get_name = _get_name,
.get_features = _get_features,
.destroy = _destroy,
},
},
);
return &this->public.plugin;
}

View File

@ -0,0 +1,42 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup bliss_p bliss
* @ingroup plugins
*
* @defgroup bliss_plugin bliss_plugin
* @{ @ingroup bliss_p
*/
#ifndef BLISS_PLUGIN_H_
#define BLISS_PLUGIN_H_
#include <plugins/plugin.h>
typedef struct bliss_plugin_t bliss_plugin_t;
/**
* Plugin implementing the BLISS post-quantu authentication algorithm
*/
struct bliss_plugin_t {
/**
* implements plugin interface
*/
plugin_t plugin;
};
#endif /** BLISS_PLUGIN_H_ @}*/

View File

@ -0,0 +1,207 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "bliss_private_key.h"
typedef struct private_bliss_private_key_t private_bliss_private_key_t;
/**
* Private data of a bliss_private_key_t object.
*/
struct private_bliss_private_key_t {
/**
* Public interface for this signer.
*/
bliss_private_key_t public;
/**
* BLISS type
*/
u_int key_size;
/**
* reference count
*/
refcount_t ref;
};
METHOD(private_key_t, get_type, key_type_t,
private_bliss_private_key_t *this)
{
return KEY_BLISS;
}
METHOD(private_key_t, sign, bool,
private_bliss_private_key_t *this, signature_scheme_t scheme,
chunk_t data, chunk_t *signature)
{
switch (scheme)
{
case SIGN_BLISS_I_SHA256:
return FALSE;
case SIGN_BLISS_IV_SHA384:
return FALSE;
default:
DBG1(DBG_LIB, "signature scheme %N not supported with BLISS",
signature_scheme_names, scheme);
return FALSE;
}
}
METHOD(private_key_t, decrypt, bool,
private_bliss_private_key_t *this, encryption_scheme_t scheme,
chunk_t crypto, chunk_t *plain)
{
DBG1(DBG_LIB, "encryption scheme %N not supported",
encryption_scheme_names, scheme);
return FALSE;
}
METHOD(private_key_t, get_keysize, int,
private_bliss_private_key_t *this)
{
return this->key_size;
}
METHOD(private_key_t, get_public_key, public_key_t*,
private_bliss_private_key_t *this)
{
public_key_t *public = NULL;
return public;
}
METHOD(private_key_t, get_encoding, bool,
private_bliss_private_key_t *this, cred_encoding_type_t type,
chunk_t *encoding)
{
bool success = TRUE;
*encoding = chunk_empty;
return success;
}
METHOD(private_key_t, get_fingerprint, bool,
private_bliss_private_key_t *this, cred_encoding_type_t type, chunk_t *fp)
{
bool success = FALSE;
return success;
}
METHOD(private_key_t, get_ref, private_key_t*,
private_bliss_private_key_t *this)
{
ref_get(&this->ref);
return &this->public.key;
}
METHOD(private_key_t, destroy, void,
private_bliss_private_key_t *this)
{
if (ref_put(&this->ref))
{
free(this);
}
}
/**
* Internal generic constructor
*/
static private_bliss_private_key_t *bliss_private_key_create_empty(void)
{
private_bliss_private_key_t *this;
INIT(this,
.public = {
.key = {
.get_type = _get_type,
.sign = _sign,
.decrypt = _decrypt,
.get_keysize = _get_keysize,
.get_public_key = _get_public_key,
.equals = private_key_equals,
.belongs_to = private_key_belongs_to,
.get_fingerprint = _get_fingerprint,
.has_fingerprint = private_key_has_fingerprint,
.get_encoding = _get_encoding,
.get_ref = _get_ref,
.destroy = _destroy,
},
},
.ref = 1,
);
return this;
}
/**
* See header.
*/
bliss_private_key_t *bliss_private_key_gen(key_type_t type, va_list args)
{
private_bliss_private_key_t *this;
u_int key_size = 1;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
case BUILD_KEY_SIZE:
key_size = va_arg(args, u_int);
continue;
case BUILD_END:
break;
default:
return NULL;
}
break;
}
/* Only BLISS-I and BLISS-IV are supported */
if (key_size != 1 && key_size != 4)
{
return NULL;
}
this = bliss_private_key_create_empty();
this->key_size = key_size;
return &this->public;
}
/**
* See header.
*/
bliss_private_key_t *bliss_private_key_load(key_type_t type, va_list args)
{
private_bliss_private_key_t *this;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
default:
return NULL;
}
break;
}
this = bliss_private_key_create_empty();
return &this->public;
}

View File

@ -0,0 +1,62 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup bliss_private_key bliss_private_key
* @{ @ingroup gmp_p
*/
#ifndef BLISS_PRIVATE_KEY_H_
#define BLISS_PRIVATE_KEY_H_
#include <credentials/builder.h>
#include <credentials/keys/private_key.h>
typedef struct bliss_private_key_t bliss_private_key_t;
/**
* Private_key_t implementation of BLISS signature algorithm.
*/
struct bliss_private_key_t {
/**
* Implements private_key_t interface
*/
private_key_t key;
};
/**
* Generate a BLISS private key.
*
* Accepts the BUILD_KEY_SIZE argument.
*
* @param type type of the key, must be KEY_BLISS
* @param args builder_part_t argument list
* @return generated key, NULL on failure
*/
bliss_private_key_t *bliss_private_key_gen(key_type_t type, va_list args);
/**
* Load a BLISS private key.
*
* Accepts BUILD_BLISS_* components.
*
* @param type type of the key, must be KEY_BLISS
* @param args builder_part_t argument list
* @return loaded key, NULL on failure
*/
bliss_private_key_t *bliss_private_key_load(key_type_t type, va_list args);
#endif /** BLISS_PRIVATE_KEY_H_ @}*/

View File

@ -0,0 +1,151 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "bliss_public_key.h"
typedef struct private_bliss_public_key_t private_bliss_public_key_t;
/**
* Private data structure with signing context.
*/
struct private_bliss_public_key_t {
/**
* Public interface for this signer.
*/
bliss_public_key_t public;
/**
* BLISS type
*/
u_int key_size;
/**
* reference counter
*/
refcount_t ref;
};
METHOD(public_key_t, get_type, key_type_t,
private_bliss_public_key_t *this)
{
return KEY_BLISS;
}
METHOD(public_key_t, verify, bool,
private_bliss_public_key_t *this, signature_scheme_t scheme,
chunk_t data, chunk_t signature)
{
switch (scheme)
{
case SIGN_BLISS_I_SHA256:
return FALSE;
case SIGN_BLISS_IV_SHA384:
return FALSE;
default:
DBG1(DBG_LIB, "signature scheme %N not supported by BLISS",
signature_scheme_names, scheme);
return FALSE;
}
}
METHOD(public_key_t, encrypt_, bool,
private_bliss_public_key_t *this, encryption_scheme_t scheme,
chunk_t plain, chunk_t *crypto)
{
DBG1(DBG_LIB, "encryption scheme %N not supported",
encryption_scheme_names, scheme);
return FALSE;
}
METHOD(public_key_t, get_keysize, int,
private_bliss_public_key_t *this)
{
return this->key_size;
}
METHOD(public_key_t, get_encoding, bool,
private_bliss_public_key_t *this, cred_encoding_type_t type,
chunk_t *encoding)
{
bool success = TRUE;
*encoding = chunk_empty;
return success;
}
METHOD(public_key_t, get_fingerprint, bool,
private_bliss_public_key_t *this, cred_encoding_type_t type, chunk_t *fp)
{
bool success = FALSE;
return success;
}
METHOD(public_key_t, get_ref, public_key_t*,
private_bliss_public_key_t *this)
{
ref_get(&this->ref);
return &this->public.key;
}
METHOD(public_key_t, destroy, void,
private_bliss_public_key_t *this)
{
if (ref_put(&this->ref))
{
free(this);
}
}
/**
* See header.
*/
bliss_public_key_t *bliss_public_key_load(key_type_t type, va_list args)
{
private_bliss_public_key_t *this;
while (TRUE)
{
switch (va_arg(args, builder_part_t))
{
case BUILD_END:
break;
default:
return NULL;
}
break;
}
INIT(this,
.public = {
.key = {
.get_type = _get_type,
.verify = _verify,
.encrypt = _encrypt_,
.equals = public_key_equals,
.get_keysize = _get_keysize,
.get_fingerprint = _get_fingerprint,
.has_fingerprint = public_key_has_fingerprint,
.get_encoding = _get_encoding,
.get_ref = _get_ref,
.destroy = _destroy,
},
},
.ref = 1,
);
return &this->public;
}

View File

@ -0,0 +1,51 @@
/*
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup bliss_public_key bliss_public_key
* @{ @ingroup gmp_p
*/
#ifndef BLISS_PUBLIC_KEY_H_
#define BLISS_PUBLIC_KEY_H_
#include <credentials/builder.h>
#include <credentials/keys/public_key.h>
typedef struct bliss_public_key_t bliss_public_key_t;
/**
* public_key_t implementation of BLISS signature algorithm
*/
struct bliss_public_key_t {
/**
* Implements the public_key_t interface
*/
public_key_t key;
};
/**
* Load a BLISS public key.
*
* Accepts BUILD_BLISS_* components.
*
* @param type type of the key, must be KEY_BLISS
* @param args builder_part_t argument list
* @return loaded key, NULL on failure
*/
bliss_public_key_t *bliss_public_key_load(key_type_t type, va_list args);
#endif /** BLISS_PUBLIC_KEY_H_ @}*/

View File

@ -1,6 +1,7 @@
/*
* Copyright (C) 2009 Martin Willi
* Hochschule fuer Technik Rapperswil
* Copyright (C) 2014 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
@ -43,6 +44,10 @@ static int gen()
{
type = KEY_ECDSA;
}
else if (streq(arg, "bliss"))
{
type = KEY_BLISS;
}
else
{
return command_usage("invalid key type");
@ -96,6 +101,9 @@ static int gen()
case KEY_ECDSA:
size = 384;
break;
case KEY_BLISS:
size = 1;
break;
default:
break;
}
@ -151,12 +159,12 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
gen, 'g', "gen", "generate a new private key",
{" [--type rsa|ecdsa] [--size bits] [--safe-primes]",
{" [--type rsa|ecdsa|bliss] [--size bits] [--safe-primes]",
"[--shares n] [--threshold l] [--outform der|pem]"},
{
{"help", 'h', 0, "show usage information"},
{"type", 't', 1, "type of key, default: rsa"},
{"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384"},
{"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384, bliss 1"},
{"safe-primes", 'p', 0, "generate rsa safe primes"},
{"shares", 'n', 1, "number of private rsa key shares"},
{"threshold", 'l', 1, "minimum number of participating rsa key shares"},