projects / strongswan.git / blob
? search:


341ba51d7aa41a8ed31af6d0d2bae790351c7e96
[strongswan.git] / src / libstrongswan / plugins / gcrypt / gcrypt_plugin.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "gcrypt_plugin.h"
17
18 #include "gcrypt_hasher.h"
19 #include "gcrypt_crypter.h"
20 #include "gcrypt_rng.h"
21 #include "gcrypt_dh.h"
22 #include "gcrypt_rsa_private_key.h"
23 #include "gcrypt_rsa_public_key.h"
24
25 #include <library.h>
26 #include <debug.h>
27 #include <threading/mutex.h>
28
29 #include <errno.h>
30 #include <gcrypt.h>
31
32 typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t;
33
34 /**
35 * private data of gcrypt_plugin
36 */
37 struct private_gcrypt_plugin_t {
38
39 /**
40 * public functions
41 */
42 gcrypt_plugin_t public;
43 };
44
45 /**
46 * gcrypt mutex initialization wrapper
47 */
48 static int mutex_init(void **lock)
49 {
50 *lock = mutex_create(MUTEX_TYPE_DEFAULT);
51 return 0;
52 }
53
54 /**
55 * gcrypt mutex cleanup wrapper
56 */
57 static int mutex_destroy(void **lock)
58 {
59 mutex_t *mutex = *lock;
60
61 mutex->destroy(mutex);
62 return 0;
63 }
64
65 /**
66 * gcrypt mutex lock wrapper
67 */
68 static int mutex_lock(void **lock)
69 {
70 mutex_t *mutex = *lock;
71
72 mutex->lock(mutex);
73 return 0;
74 }
75
76 /**
77 * gcrypt mutex unlock wrapper
78 */
79 static int mutex_unlock(void **lock)
80 {
81 mutex_t *mutex = *lock;
82
83 mutex->unlock(mutex);
84 return 0;
85 }
86
87 /**
88 * gcrypt locking functions using our mutex_t
89 */
90 static struct gcry_thread_cbs thread_functions = {
91 GCRY_THREAD_OPTION_USER, NULL,
92 mutex_init, mutex_destroy, mutex_lock, mutex_unlock,
93 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
94 };
95
96 /**
97 * Implementation of gcrypt_plugin_t.destroy
98 */
99 static void destroy(private_gcrypt_plugin_t *this)
100 {
101 lib->crypto->remove_hasher(lib->crypto,
102 (hasher_constructor_t)gcrypt_hasher_create);
103 lib->crypto->remove_crypter(lib->crypto,
104 (crypter_constructor_t)gcrypt_crypter_create);
105 lib->crypto->remove_rng(lib->crypto,
106 (rng_constructor_t)gcrypt_rng_create);
107 lib->crypto->remove_dh(lib->crypto,
108 (dh_constructor_t)gcrypt_dh_create);
109 lib->creds->remove_builder(lib->creds,
110 (builder_function_t)gcrypt_rsa_private_key_gen);
111 lib->creds->remove_builder(lib->creds,
112 (builder_function_t)gcrypt_rsa_private_key_load);
113 lib->creds->remove_builder(lib->creds,
114 (builder_function_t)gcrypt_rsa_public_key_load);
115 free(this);
116 }
117
118 /*
119 * see header file
120 */
121 plugin_t *gcrypt_plugin_create()
122 {
123 private_gcrypt_plugin_t *this;
124
125 gcry_control(GCRYCTL_SET_THREAD_CBS, &thread_functions);
126
127 if (!gcry_check_version(GCRYPT_VERSION))
128 {
129 DBG1(DBG_LIB, "libgcrypt version mismatch");
130 return NULL;
131 }
132
133 /* we currently do not use secure memory */
134 gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
135 if (lib->settings->get_bool(lib->settings,
136 "libstrongswan.plugins.gcrypt.quick_random", FALSE))
137 {
138 gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
139 }
140 gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
141
142 this = malloc_thing(private_gcrypt_plugin_t);
143
144 this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
145
146 /* hashers */
147 lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
148 (hasher_constructor_t)gcrypt_hasher_create);
149 lib->crypto->add_hasher(lib->crypto, HASH_MD4,
150 (hasher_constructor_t)gcrypt_hasher_create);
151 lib->crypto->add_hasher(lib->crypto, HASH_MD5,
152 (hasher_constructor_t)gcrypt_hasher_create);
153 lib->crypto->add_hasher(lib->crypto, HASH_SHA224,
154 (hasher_constructor_t)gcrypt_hasher_create);
155 lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
156 (hasher_constructor_t)gcrypt_hasher_create);
157 lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
158 (hasher_constructor_t)gcrypt_hasher_create);
159 lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
160 (hasher_constructor_t)gcrypt_hasher_create);
161
162 /* crypters */
163 lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
164 (crypter_constructor_t)gcrypt_crypter_create);
165 lib->crypto->add_crypter(lib->crypto, ENCR_CAST,
166 (crypter_constructor_t)gcrypt_crypter_create);
167 lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH,
168 (crypter_constructor_t)gcrypt_crypter_create);
169 lib->crypto->add_crypter(lib->crypto, ENCR_DES,
170 (crypter_constructor_t)gcrypt_crypter_create);
171 lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
172 (crypter_constructor_t)gcrypt_crypter_create);
173 lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
174 (crypter_constructor_t)gcrypt_crypter_create);
175 lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC,
176 (crypter_constructor_t)gcrypt_crypter_create);
177 lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC,
178 (crypter_constructor_t)gcrypt_crypter_create);
179 lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC,
180 (crypter_constructor_t)gcrypt_crypter_create);
181
182 /* random numbers */
183 lib->crypto->add_rng(lib->crypto, RNG_WEAK,
184 (rng_constructor_t)gcrypt_rng_create);
185 lib->crypto->add_rng(lib->crypto, RNG_STRONG,
186 (rng_constructor_t)gcrypt_rng_create);
187 lib->crypto->add_rng(lib->crypto, RNG_TRUE,
188 (rng_constructor_t)gcrypt_rng_create);
189
190 /* diffie hellman groups, using modp */
191 lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
192 (dh_constructor_t)gcrypt_dh_create);
193 lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
194 (dh_constructor_t)gcrypt_dh_create);
195 lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
196 (dh_constructor_t)gcrypt_dh_create);
197 lib->crypto->add_dh(lib->crypto, MODP_4096_BIT,
198 (dh_constructor_t)gcrypt_dh_create);
199 lib->crypto->add_dh(lib->crypto, MODP_6144_BIT,
200 (dh_constructor_t)gcrypt_dh_create);
201 lib->crypto->add_dh(lib->crypto, MODP_8192_BIT,
202 (dh_constructor_t)gcrypt_dh_create);
203 lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
204 (dh_constructor_t)gcrypt_dh_create);
205 lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
206 (dh_constructor_t)gcrypt_dh_create);
207
208 /* RSA */
209 lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
210 (builder_function_t)gcrypt_rsa_private_key_gen);
211 lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
212 (builder_function_t)gcrypt_rsa_private_key_load);
213 lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
214 (builder_function_t)gcrypt_rsa_public_key_load);
215
216 return &this->public.plugin;
217 }
218
strongSwan - IPsec VPN