sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-09 00:00:53 -04:00
Code Issues Projects Releases Wiki Activity

moved PGP code to pluto and gpg plugin

Browse Source
This commit is contained in:
Martin Willi 2009-08-17 15:56:08 +02:00
parent 7033a70fd0
commit b457e08fca
7 changed files with 110 additions and 315 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/libstrongswan/Makefile.am
View File

@ -35,7 +35,6 @@ credentials/certificates/ocsp_request.h \
credentials/certificates/ocsp_response.h credentials/certificates/ocsp_response.c \ credentials/certificates/ocsp_response.h credentials/certificates/ocsp_response.c \
database/database.h database/database_factory.h database/database_factory.c \ database/database.h database/database_factory.h database/database_factory.c \
fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \ fetcher/fetcher.h fetcher/fetcher_manager.h fetcher/fetcher_manager.c \
pgp/pgp.c pgp/pgp.h \
utils.h utils.c \ utils.h utils.c \
utils/host.c utils/host.h \ utils/host.c utils/host.h \
utils/identification.c utils/identification.h \ utils/identification.c utils/identification.h \

3
src/libstrongswan/library.h
View File

@ -19,9 +19,6 @@
* @defgroup asn1 asn1 * @defgroup asn1 asn1
* @ingroup libstrongswan * @ingroup libstrongswan
* *
* @defgroup pgp pgp
* @ingroup libstrongswan
*
* @defgroup credentials credentials * @defgroup credentials credentials
* @ingroup libstrongswan * @ingroup libstrongswan
* *

93
src/libstrongswan/pgp/pgp.c
View File

@ -1,93 +0,0 @@
/*
* Copyright (C) 2002-2009 Andreas Steffen
*
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#include "pgp.h"
ENUM_BEGIN(pgp_packet_tag_names, PGP_PKT_RESERVED, PGP_PKT_PUBLIC_SUBKEY,
"Reserved",
"Public-Key Encrypted Session Key Packet",
"Signature Packet",
"Symmetric-Key Encrypted Session Key Packet",
"One-Pass Signature Packet",
"Secret Key Packet",
"Public Key Packet",
"Secret Subkey Packet",
"Compressed Data Packet",
"Symmetrically Encrypted Data Packet",
"Marker Packet",
"Literal Data Packet",
"Trust Packet",
"User ID Packet",
"Public Subkey Packet"
);
ENUM_NEXT(pgp_packet_tag_names, PGP_PKT_USER_ATTRIBUTE, PGP_PKT_MOD_DETECT_CODE, PGP_PKT_PUBLIC_SUBKEY,
"User Attribute Packet",
"Sym. Encrypted and Integrity Protected Data Packet",
"Modification Detection Code Packet"
);
ENUM_END(pgp_packet_tag_names, PGP_PKT_MOD_DETECT_CODE);
ENUM_BEGIN(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_RSA, PGP_PUBKEY_ALG_RSA_SIGN_ONLY,
"RSA",
"RSA_ENC_ONLY",
"RSA_SIGN_ONLY"
);
ENUM_NEXT(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY, PGP_PUBKEY_ALG_DIFFIE_HELLMAN, PGP_PUBKEY_ALG_RSA_SIGN_ONLY,
"ELGAMAL_ENC_ONLY",
"DSA",
"ECC",
"ECDSA",
"ELGAMAL",
"DIFFIE_HELLMAN"
);
ENUM_END(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_DIFFIE_HELLMAN);
ENUM(pgp_sym_alg_names, PGP_SYM_ALG_PLAIN, PGP_SYM_ALG_TWOFISH,
"PLAINTEXT",
"IDEA",
"3DES",
"CAST5",
"BLOWFISH",
"SAFER",
"DES",
"AES_128",
"AES_192",
"AES_256",
"TWOFISH"
);
/*
* Defined in header.
*/
size_t pgp_length(chunk_t *blob, size_t len)
{
size_t size = 0;
if (len > blob->len)
{
return PGP_INVALID_LENGTH;
}
blob->len -= len;
while (len-- > 0)
{
size = 256*size + *blob->ptr++;
}
return size;
}

115
src/libstrongswan/pgp/pgp.h
View File

@ -1,115 +0,0 @@
/*
* Copyright (C) 2002-2009 Andreas Steffen
*
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup pgpi pgp
* @{ @ingroup pgp
*/
#ifndef PGP_H_
#define PGP_H_
typedef enum pgp_packet_tag_t pgp_packet_tag_t;
typedef enum pgp_pubkey_alg_t pgp_pubkey_alg_t;
typedef enum pgp_sym_alg_t pgp_sym_alg_t;
#include <chunk.h>
#include <enum.h>
/**
* OpenPGP packet tags as defined in section 4.3 of RFC 4880
*/
enum pgp_packet_tag_t {
PGP_PKT_RESERVED = 0,
PGP_PKT_PUBKEY_ENC_SESSION_KEY = 1,
PGP_PKT_SIGNATURE = 2,
PGP_PKT_SYMKEY_ENC_SESSION_KEY = 3,
PGP_PKT_ONE_PASS_SIGNATURE_PKT = 4,
PGP_PKT_SECRET_KEY = 5,
PGP_PKT_PUBLIC_KEY = 6,
PGP_PKT_SECRET_SUBKEY = 7,
PGP_PKT_COMPRESSED_DATA = 8,
PGP_PKT_SYMKEY_ENC_DATA = 9,
PGP_PKT_MARKER = 10,
PGP_PKT_LITERAL_DATA = 11,
PGP_PKT_TRUST = 12,
PGP_PKT_USER_ID = 13,
PGP_PKT_PUBLIC_SUBKEY = 14,
PGP_PKT_USER_ATTRIBUTE = 17,
PGP_PKT_SYM_ENC_INT_PROT_DATA = 18,
PGP_PKT_MOD_DETECT_CODE = 19
};
/**
* Enum names for pgp_packet_tag_t
*/
extern enum_name_t *pgp_packet_tag_names;
/**
* OpenPGP public key algorithms as defined in section 9.1 of RFC 4880
*/
enum pgp_pubkey_alg_t {
PGP_PUBKEY_ALG_RSA = 1,
PGP_PUBKEY_ALG_RSA_ENC_ONLY = 2,
PGP_PUBKEY_ALG_RSA_SIGN_ONLY = 3,
PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY = 16,
PGP_PUBKEY_ALG_DSA = 17,
PGP_PUBKEY_ALG_ECC = 18,
PGP_PUBKEY_ALG_ECDSA = 19,
PGP_PUBKEY_ALG_ELGAMAL = 20,
PGP_PUBKEY_ALG_DIFFIE_HELLMAN = 21,
};
/**
* Enum names for pgp_pubkey_alg_t
*/
extern enum_name_t *pgp_pubkey_alg_names;
/**
* OpenPGP symmetric key algorithms as defined in section 9.2 of RFC 4880
*/
enum pgp_sym_alg_t {
PGP_SYM_ALG_PLAIN = 0,
PGP_SYM_ALG_IDEA = 1,
PGP_SYM_ALG_3DES = 2,
PGP_SYM_ALG_CAST5 = 3,
PGP_SYM_ALG_BLOWFISH = 4,
PGP_SYM_ALG_SAFER = 5,
PGP_SYM_ALG_DES = 6,
PGP_SYM_ALG_AES_128 = 7,
PGP_SYM_ALG_AES_192 = 8,
PGP_SYM_ALG_AES_256 = 9,
PGP_SYM_ALG_TWOFISH = 10
};
/**
* Enum names for pgp_sym_alg_t
*/
extern enum_name_t *pgp_sym_alg_names;
#define PGP_INVALID_LENGTH 0xffffffff
/**
* Returns the length of an OpenPGP (RFC 4880) packet
* The blob pointer is advanced past the length field
*
* @param blob pointer to an OpenPGP blob
* @param len size of the length field
* @return length of the next OpenPGP packet
*/
size_t pgp_length(chunk_t *blob, size_t len);
#endif /** PGP_H_ @}*/

57
src/libstrongswan/plugins/pgp/pgp_builder.c
View File

@ -16,33 +16,44 @@
#include "pgp_builder.h" #include "pgp_builder.h"
#include <enum.h>
#include <debug.h> #include <debug.h>
#include <credentials/keys/private_key.h> #include <credentials/keys/private_key.h>
typedef enum pgp_pubkey_alg_t pgp_pubkey_alg_t;
typedef enum pgp_sym_alg_t pgp_sym_alg_t;
ENUM_BEGIN(pgp_packet_tag_names, PGP_PKT_RESERVED, PGP_PKT_PUBLIC_SUBKEY, /**
"Reserved", * OpenPGP public key algorithms as defined in section 9.1 of RFC 4880
"Public-Key Encrypted Session Key Packet", */
"Signature Packet", enum pgp_pubkey_alg_t {
"Symmetric-Key Encrypted Session Key Packet", PGP_PUBKEY_ALG_RSA = 1,
"One-Pass Signature Packet", PGP_PUBKEY_ALG_RSA_ENC_ONLY = 2,
"Secret Key Packet", PGP_PUBKEY_ALG_RSA_SIGN_ONLY = 3,
"Public Key Packet", PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY = 16,
"Secret Subkey Packet", PGP_PUBKEY_ALG_DSA = 17,
"Compressed Data Packet", PGP_PUBKEY_ALG_ECC = 18,
"Symmetrically Encrypted Data Packet", PGP_PUBKEY_ALG_ECDSA = 19,
"Marker Packet", PGP_PUBKEY_ALG_ELGAMAL = 20,
"Literal Data Packet", PGP_PUBKEY_ALG_DIFFIE_HELLMAN = 21,
"Trust Packet", };
"User ID Packet",
"Public Subkey Packet" /**
); * OpenPGP symmetric key algorithms as defined in section 9.2 of RFC 4880
ENUM_NEXT(pgp_packet_tag_names, PGP_PKT_USER_ATTRIBUTE, PGP_PKT_MOD_DETECT_CODE, PGP_PKT_PUBLIC_SUBKEY, */
"User Attribute Packet", enum pgp_sym_alg_t {
"Sym. Encrypted and Integrity Protected Data Packet", PGP_SYM_ALG_PLAIN = 0,
"Modification Detection Code Packet" PGP_SYM_ALG_IDEA = 1,
); PGP_SYM_ALG_3DES = 2,
ENUM_END(pgp_packet_tag_names, PGP_PKT_MOD_DETECT_CODE); PGP_SYM_ALG_CAST5 = 3,
PGP_SYM_ALG_BLOWFISH = 4,
PGP_SYM_ALG_SAFER = 5,
PGP_SYM_ALG_DES = 6,
PGP_SYM_ALG_AES_128 = 7,
PGP_SYM_ALG_AES_192 = 8,
PGP_SYM_ALG_AES_256 = 9,
PGP_SYM_ALG_TWOFISH = 10
};
ENUM_BEGIN(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_RSA, PGP_PUBKEY_ALG_RSA_SIGN_ONLY, ENUM_BEGIN(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_RSA, PGP_PUBKEY_ALG_RSA_SIGN_ONLY,
"RSA", "RSA",

81
src/libstrongswan/plugins/pgp/pgp_builder.h
View File

@ -1,6 +1,5 @@
/* /*
* Copyright (C) 2009 Martin Willi * Copyright (C) 2009 Martin Willi
* Copyright (C) 2002-2009 Andreas Steffen
* Hochschule fuer Technik Rapperswil * Hochschule fuer Technik Rapperswil
* *
* This program is free software; you can redistribute it and/or modify it * This program is free software; you can redistribute it and/or modify it
@ -22,86 +21,10 @@
#ifndef PGP_BUILDER_H_ #ifndef PGP_BUILDER_H_
#define PGP_BUILDER_H_ #define PGP_BUILDER_H_
#include <enum.h>
#include <credentials/keys/public_key.h> #include <credentials/keys/public_key.h>
typedef enum pgp_packet_tag_t pgp_packet_tag_t;
typedef enum pgp_pubkey_alg_t pgp_pubkey_alg_t;
typedef enum pgp_sym_alg_t pgp_sym_alg_t;
/** /**
* OpenPGP packet tags as defined in section 4.3 of RFC 4880 * Create the builder for a generic or an RSA public key using PGP decoding.
*/
enum pgp_packet_tag_t {
PGP_PKT_RESERVED = 0,
PGP_PKT_PUBKEY_ENC_SESSION_KEY = 1,
PGP_PKT_SIGNATURE = 2,
PGP_PKT_SYMKEY_ENC_SESSION_KEY = 3,
PGP_PKT_ONE_PASS_SIGNATURE_PKT = 4,
PGP_PKT_SECRET_KEY = 5,
PGP_PKT_PUBLIC_KEY = 6,
PGP_PKT_SECRET_SUBKEY = 7,
PGP_PKT_COMPRESSED_DATA = 8,
PGP_PKT_SYMKEY_ENC_DATA = 9,
PGP_PKT_MARKER = 10,
PGP_PKT_LITERAL_DATA = 11,
PGP_PKT_TRUST = 12,
PGP_PKT_USER_ID = 13,
PGP_PKT_PUBLIC_SUBKEY = 14,
PGP_PKT_USER_ATTRIBUTE = 17,
PGP_PKT_SYM_ENC_INT_PROT_DATA = 18,
PGP_PKT_MOD_DETECT_CODE = 19
};
/**
* Enum names for pgp_packet_tag_t
*/
extern enum_name_t *pgp_packet_tag_names;
/**
* OpenPGP public key algorithms as defined in section 9.1 of RFC 4880
*/
enum pgp_pubkey_alg_t {
PGP_PUBKEY_ALG_RSA = 1,
PGP_PUBKEY_ALG_RSA_ENC_ONLY = 2,
PGP_PUBKEY_ALG_RSA_SIGN_ONLY = 3,
PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY = 16,
PGP_PUBKEY_ALG_DSA = 17,
PGP_PUBKEY_ALG_ECC = 18,
PGP_PUBKEY_ALG_ECDSA = 19,
PGP_PUBKEY_ALG_ELGAMAL = 20,
PGP_PUBKEY_ALG_DIFFIE_HELLMAN = 21,
};
/**
* Enum names for pgp_pubkey_alg_t
*/
extern enum_name_t *pgp_pubkey_alg_names;
/**
* OpenPGP symmetric key algorithms as defined in section 9.2 of RFC 4880
*/
enum pgp_sym_alg_t {
PGP_SYM_ALG_PLAIN = 0,
PGP_SYM_ALG_IDEA = 1,
PGP_SYM_ALG_3DES = 2,
PGP_SYM_ALG_CAST5 = 3,
PGP_SYM_ALG_BLOWFISH = 4,
PGP_SYM_ALG_SAFER = 5,
PGP_SYM_ALG_DES = 6,
PGP_SYM_ALG_AES_128 = 7,
PGP_SYM_ALG_AES_192 = 8,
PGP_SYM_ALG_AES_256 = 9,
PGP_SYM_ALG_TWOFISH = 10
};
/**
* Enum names for pgp_sym_alg_t
*/
extern enum_name_t *pgp_sym_alg_names;
/**
* Create the builder for a generic or an RSA public key.
* *
* @param type type of the key, either KEY_ANY or KEY_RSA * @param type type of the key, either KEY_ANY or KEY_RSA
* @return builder instance * @return builder instance
@ -109,7 +32,7 @@ extern enum_name_t *pgp_sym_alg_names;
builder_t *pgp_public_key_builder(key_type_t type); builder_t *pgp_public_key_builder(key_type_t type);
/** /**
* Create the builder for a RSA private key. * Create the builder for a RSA private key using PGP decoding.
* *
* @param type type of the key, KEY_RSA * @param type type of the key, KEY_RSA
* @return builder instance * @return builder instance

75
src/pluto/pgpcert.c
View File

@ -21,7 +21,7 @@
#include <freeswan.h> #include <freeswan.h>
#include <library.h> #include <library.h>
#include <pgp/pgp.h> #include <enum.h>
#include <crypto/hashers/hasher.h> #include <crypto/hashers/hasher.h>
#include "constants.h" #include "constants.h"
@ -33,6 +33,57 @@
#include "whack.h" #include "whack.h"
#include "keys.h" #include "keys.h"
typedef enum pgp_packet_tag_t pgp_packet_tag_t;
/**
* OpenPGP packet tags as defined in section 4.3 of RFC 4880
*/
enum pgp_packet_tag_t {
PGP_PKT_RESERVED = 0,
PGP_PKT_PUBKEY_ENC_SESSION_KEY = 1,
PGP_PKT_SIGNATURE = 2,
PGP_PKT_SYMKEY_ENC_SESSION_KEY = 3,
PGP_PKT_ONE_PASS_SIGNATURE_PKT = 4,
PGP_PKT_SECRET_KEY = 5,
PGP_PKT_PUBLIC_KEY = 6,
PGP_PKT_SECRET_SUBKEY = 7,
PGP_PKT_COMPRESSED_DATA = 8,
PGP_PKT_SYMKEY_ENC_DATA = 9,
PGP_PKT_MARKER = 10,
PGP_PKT_LITERAL_DATA = 11,
PGP_PKT_TRUST = 12,
PGP_PKT_USER_ID = 13,
PGP_PKT_PUBLIC_SUBKEY = 14,
PGP_PKT_USER_ATTRIBUTE = 17,
PGP_PKT_SYM_ENC_INT_PROT_DATA = 18,
PGP_PKT_MOD_DETECT_CODE = 19
};
ENUM_BEGIN(pgp_packet_tag_names, PGP_PKT_RESERVED, PGP_PKT_PUBLIC_SUBKEY,
"Reserved",
"Public-Key Encrypted Session Key Packet",
"Signature Packet",
"Symmetric-Key Encrypted Session Key Packet",
"One-Pass Signature Packet",
"Secret Key Packet",
"Public Key Packet",
"Secret Subkey Packet",
"Compressed Data Packet",
"Symmetrically Encrypted Data Packet",
"Marker Packet",
"Literal Data Packet",
"Trust Packet",
"User ID Packet",
"Public Subkey Packet"
);
ENUM_NEXT(pgp_packet_tag_names, PGP_PKT_USER_ATTRIBUTE, PGP_PKT_MOD_DETECT_CODE, PGP_PKT_PUBLIC_SUBKEY,
"User Attribute Packet",
"Sym. Encrypted and Integrity Protected Data Packet",
"Modification Detection Code Packet"
);
ENUM_END(pgp_packet_tag_names, PGP_PKT_MOD_DETECT_CODE);
/** /**
* Chained list of OpenPGP end certificates * Chained list of OpenPGP end certificates
*/ */
@ -55,6 +106,28 @@ const pgpcert_t pgpcert_empty = {
NULL /* fingerprint */ NULL /* fingerprint */
}; };
#define PGP_INVALID_LENGTH 0xffffffff
/**
* Returns the length of an OpenPGP (RFC 4880) packet
* The blob pointer is advanced past the length field.
*/
static size_t pgp_length(chunk_t *blob, size_t len)
{
size_t size = 0;
if (len > blob->len)
{
return PGP_INVALID_LENGTH;
}
blob->len -= len;
while (len-- > 0)
{
size = 256*size + *blob->ptr++;
}
return size;
}
/** /**
* Extracts the length of a PGP packet * Extracts the length of a PGP packet