diff options
Diffstat (limited to 'src/pluto/crypto.c')
| -rw-r--r-- | src/pluto/crypto.c | 241 |
1 files changed, 214 insertions, 27 deletions
diff --git a/src/pluto/crypto.c b/src/pluto/crypto.c index d46347373..1adccc74e 100644 --- a/src/pluto/crypto.c +++ b/src/pluto/crypto.c @@ -18,35 +18,222 @@ #include "constants.h" #include "defs.h" #include "crypto.h" -#include "ike_alg.h" #include "log.h" -extern struct encrypt_desc encrypt_desc_3des; -extern struct encrypt_desc encrypt_desc_blowfish; -extern struct encrypt_desc encrypt_desc_aes; -extern struct encrypt_desc encrypt_desc_twofish; -extern struct encrypt_desc encrypt_desc_twofish_ssh; -extern struct encrypt_desc encrypt_desc_serpent; - -extern struct hash_desc hash_desc_md5; -extern struct hash_desc hash_desc_sha1; -extern struct hash_desc hash_desc_sha2_256; -extern struct hash_desc hash_desc_sha2_384; -extern struct hash_desc hash_desc_sha2_512; - -extern struct dh_desc dh_desc_modp_1024; -extern struct dh_desc dh_desc_modp_1536; -extern struct dh_desc dh_desc_modp_2048; -extern struct dh_desc dh_desc_modp_3072; -extern struct dh_desc dh_desc_modp_4096; -extern struct dh_desc dh_desc_modp_6144; -extern struct dh_desc dh_desc_modp_8192; - -extern struct dh_desc dh_desc_ecp_256; -extern struct dh_desc dh_desc_ecp_384; -extern struct dh_desc dh_desc_ecp_521; -extern struct dh_desc dh_desc_ecp_192; -extern struct dh_desc dh_desc_ecp_224; +static struct encrypt_desc encrypt_desc_3des = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_3DES_CBC, + algo_next: NULL, + + enc_blocksize: DES_BLOCK_SIZE, + keydeflen: DES_BLOCK_SIZE * 3 * BITS_PER_BYTE, + keyminlen: DES_BLOCK_SIZE * 3 * BITS_PER_BYTE, + keymaxlen: DES_BLOCK_SIZE * 3 * BITS_PER_BYTE, +}; + +#define AES_KEY_MIN_LEN 128 +#define AES_KEY_DEF_LEN 128 +#define AES_KEY_MAX_LEN 256 + +static struct encrypt_desc encrypt_desc_aes = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_AES_CBC, + algo_next: NULL, + + enc_blocksize: AES_BLOCK_SIZE, + keyminlen: AES_KEY_MIN_LEN, + keydeflen: AES_KEY_DEF_LEN, + keymaxlen: AES_KEY_MAX_LEN, +}; + +#define BLOWFISH_KEY_MIN_LEN 128 +#define BLOWFISH_KEY_MAX_LEN 448 + +static struct encrypt_desc encrypt_desc_blowfish = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_BLOWFISH_CBC, + algo_next: NULL, + + enc_blocksize: BLOWFISH_BLOCK_SIZE, + keyminlen: BLOWFISH_KEY_MIN_LEN, + keydeflen: BLOWFISH_KEY_MIN_LEN, + keymaxlen: BLOWFISH_KEY_MAX_LEN, +}; + +#define SERPENT_KEY_MIN_LEN 128 +#define SERPENT_KEY_DEF_LEN 128 +#define SERPENT_KEY_MAX_LEN 256 + +static struct encrypt_desc encrypt_desc_serpent = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_SERPENT_CBC, + algo_next: NULL, + + enc_blocksize: SERPENT_BLOCK_SIZE, + keyminlen: SERPENT_KEY_MIN_LEN, + keydeflen: SERPENT_KEY_DEF_LEN, + keymaxlen: SERPENT_KEY_MAX_LEN, +}; + +#define TWOFISH_KEY_MIN_LEN 128 +#define TWOFISH_KEY_DEF_LEN 128 +#define TWOFISH_KEY_MAX_LEN 256 + +static struct encrypt_desc encrypt_desc_twofish = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_TWOFISH_CBC, + algo_next: NULL, + + enc_blocksize: TWOFISH_BLOCK_SIZE, + keydeflen: TWOFISH_KEY_MIN_LEN, + keyminlen: TWOFISH_KEY_DEF_LEN, + keymaxlen: TWOFISH_KEY_MAX_LEN, +}; + +static struct encrypt_desc encrypt_desc_twofish_ssh = +{ + algo_type: IKE_ALG_ENCRYPT, + algo_id: OAKLEY_TWOFISH_CBC_SSH, + algo_next: NULL, + + enc_blocksize: TWOFISH_BLOCK_SIZE, + keydeflen: TWOFISH_KEY_MIN_LEN, + keyminlen: TWOFISH_KEY_DEF_LEN, + keymaxlen: TWOFISH_KEY_MAX_LEN, +}; + +static struct hash_desc hash_desc_md5 = +{ + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_MD5, + algo_next: NULL, + hash_digest_size: HASH_SIZE_MD5, +}; + +static struct hash_desc hash_desc_sha1 = +{ + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_SHA, + algo_next: NULL, + hash_digest_size: HASH_SIZE_SHA1, +}; + +static struct hash_desc hash_desc_sha2_256 = { + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_SHA2_256, + algo_next: NULL, + hash_digest_size: HASH_SIZE_SHA256, +}; + +static struct hash_desc hash_desc_sha2_384 = { + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_SHA2_384, + algo_next: NULL, + hash_digest_size: HASH_SIZE_SHA384, +}; + +static struct hash_desc hash_desc_sha2_512 = { + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_SHA2_512, + algo_next: NULL, + hash_digest_size: HASH_SIZE_SHA512, +}; + +const struct dh_desc unset_group = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_NONE, + algo_next: NULL, + ke_size: 0 +}; + +static struct dh_desc dh_desc_modp_1024 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_1024_BIT, + algo_next: NULL, + ke_size: 1024 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_1536 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_1536_BIT, + algo_next: NULL, + ke_size: 1536 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_2048 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_2048_BIT, + algo_next: NULL, + ke_size: 2048 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_3072 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_3072_BIT, + algo_next: NULL, + ke_size: 3072 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_4096 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_4096_BIT, + algo_next: NULL, + ke_size: 4096 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_6144 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_6144_BIT, + algo_next: NULL, + ke_size: 6144 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_modp_8192 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: MODP_8192_BIT, + algo_next: NULL, + ke_size: 8192 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_ecp_256 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: ECP_256_BIT, + algo_next: NULL, + ke_size: 2*256 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_ecp_384 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: ECP_384_BIT, + algo_next: NULL, + ke_size: 2*384 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_ecp_521 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: ECP_521_BIT, + algo_next: NULL, + ke_size: 2*528 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_ecp_192 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: ECP_192_BIT, + algo_next: NULL, + ke_size: 2*192 / BITS_PER_BYTE +}; + +static struct dh_desc dh_desc_ecp_224 = { + algo_type: IKE_ALG_DH_GROUP, + algo_id: ECP_224_BIT, + algo_next: NULL, + ke_size: 2*224 / BITS_PER_BYTE +}; void init_crypto(void) { |