diff options
| author | Martin Willi <martin@revosec.ch> | 2010-09-03 09:32:18 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2010-09-03 09:33:15 +0200 |
| commit | ed60dfa14fa48e5edb5f99e5423c3cd5549d08f0 (patch) | |
| tree | 3f3463c3788b186b8c9f4e9cf7fac662ecc6e24a | |
| parent | 42b1ac91c4240a481eccaad0d1596432c4f01181 (diff) | |
| download | strongswan-ed60dfa14fa48e5edb5f99e5423c3cd5549d08f0.tar.bz2 strongswan-ed60dfa14fa48e5edb5f99e5423c3cd5549d08f0.tar.xz | |
Added support for MODP_CUSTOM to gcrypt plugin
| -rw-r--r-- | src/libstrongswan/plugins/gcrypt/gcrypt_dh.c | 60 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/gcrypt/gcrypt_dh.h | 11 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c | 4 |
3 files changed, 56 insertions, 19 deletions
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c index 1d519ce56..6c4665da2 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c @@ -168,22 +168,16 @@ METHOD(diffie_hellman_t, destroy, void, } /* - * Described in header. + * Generic internal constructor */ -gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) +gcrypt_dh_t *create_generic(diffie_hellman_group_t group, size_t exp_len, + chunk_t g, chunk_t p) { private_gcrypt_dh_t *this; - diffie_hellman_params_t *params; gcry_error_t err; chunk_t random; rng_t *rng; - params = diffie_hellman_get_params(group); - if (!params) - { - return NULL; - } - INIT(this, .public = { .dh = { @@ -195,18 +189,16 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) }, }, .group = group, - .p_len = params->prime.len, + .p_len = p.len, ); - err = gcry_mpi_scan(&this->p, GCRYMPI_FMT_USG, - params->prime.ptr, params->prime.len, NULL); + err = gcry_mpi_scan(&this->p, GCRYMPI_FMT_USG, p.ptr, p.len, NULL); if (err) { DBG1(DBG_LIB, "importing mpi modulus failed: %s", gpg_strerror(err)); free(this); return NULL; } - err = gcry_mpi_scan(&this->g, GCRYMPI_FMT_USG, - params->generator.ptr, params->generator.len, NULL); + err = gcry_mpi_scan(&this->g, GCRYMPI_FMT_USG, g.ptr, g.len, NULL); if (err) { DBG1(DBG_LIB, "importing mpi generator failed: %s", gpg_strerror(err)); @@ -218,7 +210,7 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); if (rng) { /* prefer external randomizer */ - rng->allocate_bytes(rng, params->exp_len, &random); + rng->allocate_bytes(rng, exp_len, &random); rng->destroy(rng); err = gcry_mpi_scan(&this->xa, GCRYMPI_FMT_USG, random.ptr, random.len, NULL); @@ -234,13 +226,13 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) } else { /* fallback to gcrypt internal randomizer, shouldn't ever happen */ - this->xa = gcry_mpi_new(params->exp_len * 8); - gcry_mpi_randomize(this->xa, params->exp_len * 8, GCRY_STRONG_RANDOM); + this->xa = gcry_mpi_new(exp_len * 8); + gcry_mpi_randomize(this->xa, exp_len * 8, GCRY_STRONG_RANDOM); } - if (params->exp_len == this->p_len) + if (exp_len == this->p_len) { /* achieve bitsof(p)-1 by setting MSB to 0 */ - gcry_mpi_clear_bit(this->xa, params->exp_len * 8 - 1); + gcry_mpi_clear_bit(this->xa, exp_len * 8 - 1); } this->ya = gcry_mpi_new(this->p_len * 8); @@ -250,3 +242,33 @@ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) return &this->public; } + +/* + * Described in header. + */ +gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) +{ + + diffie_hellman_params_t *params; + + params = diffie_hellman_get_params(group); + if (!params) + { + return NULL; + } + return create_generic(group, params->exp_len, + params->generator, params->prime); +} + +/* + * Described in header. + */ +gcrypt_dh_t *gcrypt_dh_create_custom(diffie_hellman_group_t group, + chunk_t g, chunk_t p) +{ + if (group == MODP_CUSTOM) + { + return create_generic(group, p.len, g, p); + } + return NULL; +} diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h index 95b68dcd0..a70958dc4 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h @@ -44,5 +44,16 @@ struct gcrypt_dh_t { */ gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group); +/** + * Creates a new gcrypt_dh_t object for MODP_CUSTOM. + * + * @param group MODP_CUSTOM + * @param g generator + * @param p prime + * @return gcrypt_dh_t object, NULL if not supported + */ +gcrypt_dh_t *gcrypt_dh_create_custom(diffie_hellman_group_t group, + chunk_t g, chunk_t p); + #endif /** GCRYPT_DH_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index eb9b95004..d7e5d0f42 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -104,6 +104,8 @@ METHOD(plugin_t, destroy, void, (rng_constructor_t)gcrypt_rng_create); lib->crypto->remove_dh(lib->crypto, (dh_constructor_t)gcrypt_dh_create); + lib->crypto->remove_dh(lib->crypto, + (dh_constructor_t)gcrypt_dh_create_custom); lib->creds->remove_builder(lib->creds, (builder_function_t)gcrypt_rsa_private_key_gen); lib->creds->remove_builder(lib->creds, @@ -218,6 +220,8 @@ plugin_t *gcrypt_plugin_create() (dh_constructor_t)gcrypt_dh_create); lib->crypto->add_dh(lib->crypto, MODP_768_BIT, (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_CUSTOM, + (dh_constructor_t)gcrypt_dh_create_custom); /* RSA */ lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, |