curve25519: Add a plugin providing Curve25519 DH using backend drivers

8 files changed, 469 insertions, 0 deletions

diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am
index 52ae7c675..f6d6f5465 100644
--- a/src/libstrongswan/Makefile.am
+++ b/src/libstrongswan/Makefile.am
@@ -313,6 +313,13 @@ if MONOLITHIC
 endif
 endif
 
+if USE_CURVE25519
+  SUBDIRS += plugins/curve25519
+if MONOLITHIC
+  libstrongswan_la_LIBADD += plugins/curve25519/libstrongswan-curve25519.la
+endif
+endif
+
 if USE_RDRAND
   SUBDIRS += plugins/rdrand
 if MONOLITHIC
diff --git a/src/libstrongswan/plugins/curve25519/Makefile.am b/src/libstrongswan/plugins/curve25519/Makefile.am
new file mode 100644
index 000000000..a8003128a
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/Makefile.am
@@ -0,0 +1,18 @@
+AM_CPPFLAGS = \
+	-I$(top_srcdir)/src/libstrongswan
+
+AM_CFLAGS = \
+	$(PLUGIN_CFLAGS)
+
+if MONOLITHIC
+noinst_LTLIBRARIES = libstrongswan-curve25519.la
+else
+plugin_LTLIBRARIES = libstrongswan-curve25519.la
+endif
+
+libstrongswan_curve25519_la_SOURCES = \
+	curve25519_dh.h curve25519_dh.c \
+	curve25519_drv.h curve25519_drv.c \
+	curve25519_plugin.h curve25519_plugin.c
+
+libstrongswan_curve25519_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_dh.c b/src/libstrongswan/plugins/curve25519/curve25519_dh.c
new file mode 100644
index 000000000..c550263d4
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_dh.c
@@ -0,0 +1,174 @@
+/*
+ * Copyright (C) 2015 Martin Willi
+ * Copyright (C) 2015 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+#include <stdint.h>
+
+#include "curve25519_dh.h"
+#include "curve25519_drv.h"
+
+typedef struct private_curve25519_dh_t private_curve25519_dh_t;
+
+/**
+ * Private data of an curve25519_dh_t object.
+ */
+struct private_curve25519_dh_t {
+
+	/**
+	 * Public curve25519_dh_t interface.
+	 */
+	curve25519_dh_t public;
+
+	/**
+	 * Shared key, if computed
+	 */
+	u_char shared[CURVE25519_KEY_SIZE];
+
+	/**
+	 * TRUE if shared secret is computed
+	 */
+	bool computed;
+
+	/**
+	 * Curve25519 backend
+	 */
+	curve25519_drv_t *drv;
+};
+
+/**
+ * Generate a valid Curve25519 key
+ */
+static bool generate_key(private_curve25519_dh_t *this)
+{
+	u_char key[CURVE25519_KEY_SIZE];
+	rng_t *rng;
+
+	rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
+	if (!rng)
+	{
+		DBG1(DBG_LIB, "no RNG found for quality %N",
+			 rng_quality_names, RNG_STRONG);
+		return FALSE;
+	}
+	if (!rng->get_bytes(rng, CURVE25519_KEY_SIZE, key))
+	{
+		rng->destroy(rng);
+		return FALSE;
+	}
+	rng->destroy(rng);
+
+	return this->drv->set_key(this->drv, key);
+}
+
+METHOD(diffie_hellman_t, set_other_public_value, bool,
+	private_curve25519_dh_t *this, chunk_t value)
+{
+	if (value.len == CURVE25519_KEY_SIZE)
+	{
+		if (this->drv->curve25519(this->drv, value.ptr, this->shared))
+		{
+			this->computed = TRUE;
+			return TRUE;
+		}
+	}
+	return FALSE;
+}
+
+METHOD(diffie_hellman_t, get_my_public_value, bool,
+	private_curve25519_dh_t *this, chunk_t *value)
+{
+	u_char basepoint[CURVE25519_KEY_SIZE] = { 9 };
+
+	*value = chunk_alloc(CURVE25519_KEY_SIZE);
+	if (this->drv->curve25519(this->drv, basepoint, value->ptr))
+	{
+		return TRUE;
+	}
+	free(value->ptr);
+	return FALSE;
+}
+
+METHOD(diffie_hellman_t, set_private_value, bool,
+	private_curve25519_dh_t *this, chunk_t value)
+{
+	if (value.len != CURVE25519_KEY_SIZE)
+	{
+		return FALSE;
+	}
+	return this->drv->set_key(this->drv, value.ptr);
+}
+
+METHOD(diffie_hellman_t, get_shared_secret, bool,
+	private_curve25519_dh_t *this, chunk_t *secret)
+{
+	if (!this->computed)
+	{
+		return FALSE;
+	}
+	*secret = chunk_clone(chunk_from_thing(this->shared));
+	return TRUE;
+}
+
+METHOD(diffie_hellman_t, get_dh_group, diffie_hellman_group_t,
+	private_curve25519_dh_t *this)
+{
+	return CURVE_25519;
+}
+
+METHOD(diffie_hellman_t, destroy, void,
+	private_curve25519_dh_t *this)
+{
+	this->drv->destroy(this->drv);
+	free(this);
+}
+
+/*
+ * Described in header.
+ */
+curve25519_dh_t *curve25519_dh_create(diffie_hellman_group_t group)
+{
+	private_curve25519_dh_t *this;
+
+	if (group != CURVE_25519)
+	{
+		return FALSE;
+	}
+
+	INIT(this,
+		.public = {
+			.dh = {
+				.get_shared_secret = _get_shared_secret,
+				.set_other_public_value = _set_other_public_value,
+				.get_my_public_value = _get_my_public_value,
+				.set_private_value = _set_private_value,
+				.get_dh_group = _get_dh_group,
+				.destroy = _destroy,
+			},
+		},
+		.drv = curve25519_drv_probe(),
+	);
+
+	if (!this->drv)
+	{
+		free(this);
+		return NULL;
+	}
+	if (!generate_key(this))
+	{
+		destroy(this);
+		return NULL;
+	}
+	return &this->public;
+}
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_dh.h b/src/libstrongswan/plugins/curve25519/curve25519_dh.h
new file mode 100644
index 000000000..40bc6d1d9
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_dh.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup curve25519_dh curve25519_dh
+ * @{ @ingroup curve25519_p
+ */
+
+#ifndef CURVE25519_DH_H_
+#define CURVE25519_DH_H_
+
+typedef struct curve25519_dh_t curve25519_dh_t;
+
+#include <library.h>
+
+/**
+ * Diffie-Hellman implementation using Curve25519.
+ */
+struct curve25519_dh_t {
+
+	/**
+	 * Implements diffie_hellman_t interface.
+	 */
+	diffie_hellman_t dh;
+};
+
+/**
+ * Creates a new curve25519_dh_t object.
+ *
+ * @param group			DH group, CURVE_25519
+ * @return				curve25519_dh_t object, NULL on error
+ */
+curve25519_dh_t *curve25519_dh_create(diffie_hellman_group_t group);
+
+#endif /** CURVE25519_DH_H_ @}*/
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_drv.c b/src/libstrongswan/plugins/curve25519/curve25519_drv.c
new file mode 100644
index 000000000..438a24b40
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_drv.c
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2015 Martin Willi
+ * Copyright (C) 2015 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "curve25519_drv.h"
+
+typedef curve25519_drv_t*(*curve25519_drv_create)();
+
+/**
+ * See header.
+ */
+curve25519_drv_t *curve25519_drv_probe()
+{
+	curve25519_drv_create drivers[] = {
+	};
+	curve25519_drv_t *driver;
+	int i;
+
+	for (i = 0; i < countof(drivers); i++)
+	{
+		driver = drivers[i]();
+		if (driver)
+		{
+			return driver;
+		}
+	}
+	return NULL;
+}
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_drv.h b/src/libstrongswan/plugins/curve25519/curve25519_drv.h
new file mode 100644
index 000000000..c172580bc
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_drv.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2015 Martin Willi
+ * Copyright (C) 2015 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup curve25519_drv curve25519_drv
+ * @{ @ingroup curve25519
+ */
+
+#ifndef CURVE25519_DRV_H_
+#define CURVE25519_DRV_H_
+
+typedef struct curve25519_drv_t curve25519_drv_t;
+
+#include <library.h>
+
+/**
+ * Private key size of Curve25519
+ */
+#define CURVE25519_KEY_SIZE 32
+
+/**
+ * Backend driver abstraction for Curve25519.
+ */
+struct curve25519_drv_t {
+
+	/**
+	 * Set the private key.
+	 *
+	 * @param key		32 byte private key, clamped
+	 * @return			TRUE if key set
+	 */
+	bool (*set_key)(curve25519_drv_t *this, u_char *key);
+
+	/**
+	 * Calculate Curve25519 for the set key.
+	 *
+	 * @param in		input data, 32 bytes
+	 * @param out		output data, 32 bytes
+	 * @return			TRUE if calculated
+	 */
+	bool (*curve25519)(curve25519_drv_t *this, u_char *in, u_char *out);
+
+	/**
+	 * Destroy a curve25519_drv_t.
+	 */
+	void (*destroy)(curve25519_drv_t *this);
+};
+
+/**
+ * Create a curve25519_drv instance.
+ */
+curve25519_drv_t *curve25519_drv_probe();
+
+#endif /** CURVE25519_DRV_H_ @}*/
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_plugin.c b/src/libstrongswan/plugins/curve25519/curve25519_plugin.c
new file mode 100644
index 000000000..06c540a82
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_plugin.c
@@ -0,0 +1,76 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "curve25519_plugin.h"
+#include "curve25519_dh.h"
+
+#include <library.h>
+
+typedef struct private_curve25519_plugin_t private_curve25519_plugin_t;
+
+/**
+ * private data of curve25519_plugin
+ */
+struct private_curve25519_plugin_t {
+
+	/**
+	 * public functions
+	 */
+	curve25519_plugin_t public;
+};
+
+METHOD(plugin_t, get_name, char*,
+	private_curve25519_plugin_t *this)
+{
+	return "curve25519";
+}
+
+METHOD(plugin_t, get_features, int,
+	private_curve25519_plugin_t *this, plugin_feature_t *features[])
+{
+	static plugin_feature_t f[] = {
+		PLUGIN_REGISTER(DH, curve25519_dh_create),
+			PLUGIN_PROVIDE(DH, CURVE_25519),
+				PLUGIN_DEPENDS(RNG, RNG_STRONG),
+	};
+	*features = f;
+	return countof(f);
+}
+
+METHOD(plugin_t, destroy, void,
+	private_curve25519_plugin_t *this)
+{
+	free(this);
+}
+
+/*
+ * see header file
+ */
+plugin_t *curve25519_plugin_create()
+{
+	private_curve25519_plugin_t *this;
+
+	INIT(this,
+		.public = {
+			.plugin = {
+				.get_name = _get_name,
+				.get_features = _get_features,
+				.destroy = _destroy,
+			},
+		},
+	);
+
+	return &this->public.plugin;
+}
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_plugin.h b/src/libstrongswan/plugins/curve25519/curve25519_plugin.h
new file mode 100644
index 000000000..94f2e4809
--- /dev/null
+++ b/src/libstrongswan/plugins/curve25519/curve25519_plugin.h
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2014 Martin Willi
+ * Copyright (C) 2014 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup curve25519_p curve25519
+ * @ingroup plugins
+ *
+ * @defgroup curve25519_plugin curve25519_plugin
+ * @{ @ingroup curve25519_p
+ */
+
+#ifndef CURVE25519_PLUGIN_H_
+#define CURVE25519_PLUGIN_H_
+
+#include <plugins/plugin.h>
+
+typedef struct curve25519_plugin_t curve25519_plugin_t;
+
+/**
+ * Plugin providing a Curve25519 DH implementation
+ */
+struct curve25519_plugin_t {
+
+	/**
+	 * implements plugin interface
+	 */
+	plugin_t plugin;
+};
+
+#endif /** CURVE25519_PLUGIN_H_ @}*/