../svn-commit.tmp

5 files changed, 408 insertions, 0 deletions

diff --git a/Source/lib/crypto/prfs/Makefile.prfs b/Source/lib/crypto/prfs/Makefile.prfs
new file mode 100644
index 000000000..a98894346
--- /dev/null
+++ b/Source/lib/crypto/prfs/Makefile.prfs
@@ -0,0 +1,23 @@
+# Copyright (C) 2005 Jan Hutter, Martin Willi
+# Hochschule fuer Technik Rapperswil
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# for more details.
+#
+
+PRFS_DIR= $(CRYPTO_DIR)prfs/
+
+LIB_OBJS+= $(BUILD_DIR)prf.o
+$(BUILD_DIR)prf.o :				$(PRFS_DIR)prf.c $(PRFS_DIR)prf.h
+								$(CC) $(CFLAGS) -c -o $@ $<
+								
+LIB_OBJS+= $(BUILD_DIR)hmac_prf.o
+$(BUILD_DIR)hmac_prf.o :			$(PRFS_DIR)hmac_prf.c $(PRFS_DIR)hmac_prf.h
+								$(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/prfs/hmac_prf.c b/Source/lib/crypto/prfs/hmac_prf.c
new file mode 100644
index 000000000..2ea0869f7
--- /dev/null
+++ b/Source/lib/crypto/prfs/hmac_prf.c
@@ -0,0 +1,118 @@
+/**
+ * @file hmac_prf.c
+ * 
+ * @brief Implementation for hmac_prf_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "hmac_prf.h"
+
+#include <utils/allocator.h>
+#include <crypto/hmac.h>
+
+
+typedef struct private_hmac_prf_t private_hmac_prf_t;
+
+/**
+ * Private data of a hma_prf_t object.
+ */
+struct private_hmac_prf_t {
+	/**
+	 * Public hmac_prf_t interface.
+	 */
+	hmac_prf_t public;	
+	
+	/**
+	 * Hmac to use for generation.
+	 */
+	hmac_t *hmac;
+};
+
+/**
+ * Implementation of prf_t.get_bytes.
+ */
+static void get_bytes(private_hmac_prf_t *this, chunk_t seed, u_int8_t *buffer)
+{
+	this->hmac->get_mac(this->hmac, seed, buffer);
+}
+
+/**
+ * Implementation of prf_t.allocate_bytes.
+ */
+static void allocate_bytes(private_hmac_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+	this->hmac->allocate_mac(this->hmac, seed, chunk);
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_block_size(private_hmac_prf_t *this)
+{
+	return this->hmac->get_block_size(this->hmac);
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_key_size(private_hmac_prf_t *this)
+{
+	/* for HMAC prfs, IKEv2 uses block size as key size */
+	return this->hmac->get_block_size(this->hmac);
+}
+
+/**
+ * Implementation of prf_t.set_key.
+ */
+static void set_key(private_hmac_prf_t *this, chunk_t key)
+{
+	this->hmac->set_key(this->hmac, key);
+}
+
+/**
+ * Implementation of prf_t.destroy.
+ */
+static void destroy(private_hmac_prf_t *this)
+{
+	allocator_free(this);
+	this->hmac->destroy(this->hmac);
+}
+
+/*
+ * Described in header.
+ */
+hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm)
+{
+	private_hmac_prf_t *this = allocator_alloc_thing(private_hmac_prf_t);
+	
+	this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
+	this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
+	this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
+	this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
+	this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
+	this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
+	
+	this->hmac = hmac_create(hash_algorithm);
+	if (this->hmac == NULL)
+	{
+		allocator_free(this);
+		return NULL;	
+	}
+	
+	return &(this->public);
+}
diff --git a/Source/lib/crypto/prfs/hmac_prf.h b/Source/lib/crypto/prfs/hmac_prf.h
new file mode 100644
index 000000000..3a68960f7
--- /dev/null
+++ b/Source/lib/crypto/prfs/hmac_prf.h
@@ -0,0 +1,64 @@
+/**
+ * @file hmac_prf.h
+ * 
+ * @brief Interface of hmac_prf_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRF_HMAC_H_
+#define PRF_HMAC_H_
+
+#include <types.h>
+#include <crypto/prfs/prf.h>
+#include <crypto/hashers/hasher.h>
+
+typedef struct hmac_prf_t hmac_prf_t;
+
+/**
+ * @brief Implementation of prf_t interface using the
+ * HMAC algorithm.
+ * 
+ * This simply wraps a hmac_t in a prf_t. More a question of
+ * interface matching.
+ * 
+ * @b Constructors:
+ *  - hmac_prf_create()
+ * 
+ * @ingroup prfs
+ */
+struct hmac_prf_t {
+	
+	/**
+	 * Generic prf_t interface for this hmac_prf_t class.
+	 */
+	prf_t prf_interface;
+};
+
+/**
+ * @brief Creates a new hmac_prf_t object.
+ * 
+ * @param hash_algorithm	hmac's hash algorithm
+ * @return
+ * 							- hmac_prf_t object
+ * 							- NULL if hash not supported
+ * 
+ * @ingroup prfs
+ */
+hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm);
+
+#endif /*PRF_HMAC_SHA1_H_*/
diff --git a/Source/lib/crypto/prfs/prf.c b/Source/lib/crypto/prfs/prf.c
new file mode 100644
index 000000000..bb7015e64
--- /dev/null
+++ b/Source/lib/crypto/prfs/prf.c
@@ -0,0 +1,67 @@
+/**
+ * @file prf.c
+ * 
+ * @brief Generic constructor for all prf_t
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+
+#include "prf.h"
+
+#include <crypto/hashers/hasher.h>
+#include <crypto/prfs/hmac_prf.h>
+
+
+/** 
+ * String mappings for encryption_algorithm_t.
+ */
+mapping_t pseudo_random_function_m[] = {
+{PRF_UNDEFINED, "PRF_UNDEFINED"},
+{PRF_HMAC_MD5, "PRF_HMAC_MD5"},
+{PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
+{PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
+{PRF_AES128_CBC, "PRF_AES128_CBC"},
+{MAPPING_END, NULL}
+};
+
+/*
+ * Described in header.
+ */
+prf_t *prf_create(pseudo_random_function_t pseudo_random_function)
+{
+	switch (pseudo_random_function)
+	{
+		case PRF_HMAC_SHA1:
+		{
+			return (prf_t*)hmac_prf_create(HASH_SHA1);
+		}
+		case PRF_HMAC_MD5:
+		{
+			return (prf_t*)hmac_prf_create(HASH_MD5);
+		}
+		case PRF_HMAC_TIGER:
+		case PRF_AES128_CBC:
+		default:
+			return NULL;
+	}
+}
+
+
+
+
+
diff --git a/Source/lib/crypto/prfs/prf.h b/Source/lib/crypto/prfs/prf.h
new file mode 100644
index 000000000..b1c1e6a66
--- /dev/null
+++ b/Source/lib/crypto/prfs/prf.h
@@ -0,0 +1,136 @@
+/**
+ * @file prf.h
+ * 
+ * @brief Interface prf_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef PRF_H_
+#define PRF_H_
+
+#include <types.h>
+
+typedef enum pseudo_random_function_t pseudo_random_function_t;
+
+/**
+ * @brief Pseudo random function, as in IKEv2 RFC 3.3.2.
+ * 
+ * Currently only the following algorithms are implemented and therefore supported:
+ * - PRF_HMAC_MD5
+ * - PRF_HMAC_SHA1
+ * 
+ * @ingroup prfs
+ */
+enum pseudo_random_function_t {
+	PRF_UNDEFINED = 1024,
+	/**
+	 * Implemented in class hmac_prf_t.
+	 */
+	PRF_HMAC_MD5 = 1,
+	/**
+	 * Implemented in class hmac_prf_t.
+	 */
+	PRF_HMAC_SHA1 = 2,
+	PRF_HMAC_TIGER = 3,
+	PRF_AES128_CBC = 4
+};
+
+/** 
+ * String mappings for encryption_algorithm_t.
+ */
+extern mapping_t pseudo_random_function_m[];
+
+
+typedef struct prf_t prf_t;
+
+/**
+ * @brief Generic interface for pseudo-random-functions.
+ * 
+ * @b Constructors:
+ *  - prf_create()
+ *  - hmac_prf_create()
+ * 
+ * @todo Implement more prf algorithms
+ * 
+ * @ingroup prfs
+ */
+struct prf_t {
+	/**
+	 * @brief Generates pseudo random bytes and writes them
+	 * in the buffer.
+	 * 
+	 * @param this			calling object
+	 * @param seed			a chunk containing the seed for the next bytes
+	 * @param[out] buffer	pointer where the generated bytes will be written
+	 */
+	void (*get_bytes) (prf_t *this, chunk_t seed, u_int8_t *buffer);
+	
+	/**
+	 * @brief Generates pseudo random bytes and allocate space for them.
+	 * 
+	 * @param this			calling object
+	 * @param seed			a chunk containing the seed for the next bytes
+	 * @param[out] chunk	chunk which will hold generated bytes
+	 */
+	void (*allocate_bytes) (prf_t *this, chunk_t seed, chunk_t *chunk);
+	
+	/**
+	 * @brief Get the block size of this prf_t object.
+	 * 
+	 * @param this			calling object
+	 * @return				block size in bytes
+	 */
+	size_t (*get_block_size) (prf_t *this);
+	
+	/**
+	 * @brief Get the key size of this prf_t object.
+	 * 
+	 * @param this			calling object
+	 * @return				key size in bytes
+	 */
+	size_t (*get_key_size) (prf_t *this);
+	
+	/**
+	 * @brief Set the key for this prf_t object.
+	 * 
+	 * @param this			calling object
+	 * @param key			key to set
+	 */
+	void (*set_key) (prf_t *this, chunk_t key);
+	
+	/**
+	 * @brief Destroys a prf object.
+	 *
+	 * @param this 			calling object
+	 */
+	void (*destroy) (prf_t *this);
+};
+
+/**
+ * @brief Generic constructor for a prf_t oject.
+ * 
+ * @param pseudo_random_function	Algorithm to use
+ * @return
+ * 									- prf_t object
+ * 									- NULL if prf algorithm not supported
+ *
+ * @ingroup prfs
+ */
+prf_t *prf_create(pseudo_random_function_t pseudo_random_function);
+
+#endif /*PRF_H_*/