src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c

   1 /*
   2  * Copyright (C) 2009 Martin Willi
   3  * Hochschule fuer Technik Rapperswil
   4  *
   5  * This program is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License as published by the
   7  * Free Software Foundation; either version 2 of the License, or (at your
   8  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
   9  *
  10  * This program is distributed in the hope that it will be useful, but
  11  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  12  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  13  * for more details.
  14  */
  15
  16 #include "gcrypt_plugin.h"
  17
  18 #include "gcrypt_hasher.h"
  19 #include "gcrypt_crypter.h"
  20 #include "gcrypt_rng.h"
  21 #include "gcrypt_dh.h"
  22 #include "gcrypt_rsa_private_key.h"
  23 #include "gcrypt_rsa_public_key.h"
  24
  25 #include <library.h>
  26 #include <debug.h>
  27 #include <utils/mutex.h>
  28
  29 #include <errno.h>
  30 #include <gcrypt.h>
  31
  32 typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t;
  33
  34 /**
  35  * private data of gcrypt_plugin
  36  */
  37 struct private_gcrypt_plugin_t {
  38
  39         /**
  40          * public functions
  41          */
  42         gcrypt_plugin_t public;
  43 };
  44
  45 /**
  46  * gcrypt mutex initialization wrapper
  47  */
  48 static int mutex_init(void **lock)
  49 {
  50         *lock = mutex_create(MUTEX_DEFAULT);
  51         return 0;
  52 }
  53
  54 /**
  55  * gcrypt mutex cleanup wrapper
  56  */
  57 static int mutex_destroy(void **lock)
  58 {
  59         mutex_t *mutex = *lock;
  60
  61         mutex->destroy(mutex);
  62         return 0;
  63 }
  64
  65 /**
  66  * gcrypt mutex lock wrapper
  67  */
  68 static int mutex_lock(void **lock)
  69 {
  70         mutex_t *mutex = *lock;
  71
  72         mutex->lock(mutex);
  73         return 0;
  74 }
  75
  76 /**
  77  * gcrypt mutex unlock wrapper
  78  */
  79 static int mutex_unlock(void **lock)
  80 {
  81         mutex_t *mutex = *lock;
  82
  83         mutex->unlock(mutex);
  84         return 0;
  85 }
  86
  87 /**
  88  * gcrypt locking functions using our mutex_t
  89  */
  90 static struct gcry_thread_cbs thread_functions = {
  91         GCRY_THREAD_OPTION_USER, NULL,
  92         mutex_init, mutex_destroy, mutex_lock, mutex_unlock,
  93         NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
  94 };
  95
  96 /**
  97  * Implementation of gcrypt_plugin_t.destroy
  98  */
  99 static void destroy(private_gcrypt_plugin_t *this)
 100 {
 101         lib->crypto->remove_hasher(lib->crypto,
 102                                         (hasher_constructor_t)gcrypt_hasher_create);
 103         lib->crypto->remove_crypter(lib->crypto,
 104                                         (crypter_constructor_t)gcrypt_crypter_create);
 105         lib->crypto->remove_rng(lib->crypto,
 106                                         (rng_constructor_t)gcrypt_rng_create);
 107         lib->crypto->remove_dh(lib->crypto,
 108                                         (dh_constructor_t)gcrypt_dh_create);
 109         lib->creds->remove_builder(lib->creds,
 110                                         (builder_constructor_t)gcrypt_rsa_private_key_builder);
 111         lib->creds->remove_builder(lib->creds,
 112                                         (builder_constructor_t)gcrypt_rsa_public_key_builder);
 113         free(this);
 114 }
 115
 116 /*
 117  * see header file
 118  */
 119 plugin_t *plugin_create()
 120 {
 121         private_gcrypt_plugin_t *this;
 122
 123         gcry_control(GCRYCTL_SET_THREAD_CBS, &thread_functions);
 124
 125         if (!gcry_check_version(GCRYPT_VERSION))
 126         {
 127                 DBG1("libgcrypt version mismatch");
 128                 return NULL;
 129         }
 130
 131         /* we currently do not use secure memory */
 132         gcry_control(GCRYCTL_DISABLE_SECMEM, 0);
 133         if (lib->settings->get_bool(lib->settings,
 134                                                         "libstrongswan.plugins.gcrypt.quick_random", FALSE))
 135         {
 136                 gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0);
 137         }
 138         gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
 139
 140         this = malloc_thing(private_gcrypt_plugin_t);
 141
 142         this->public.plugin.destroy = (void(*)(plugin_t*))destroy;
 143
 144         /* hashers */
 145         lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
 146                                         (hasher_constructor_t)gcrypt_hasher_create);
 147         lib->crypto->add_hasher(lib->crypto, HASH_MD4,
 148                                         (hasher_constructor_t)gcrypt_hasher_create);
 149         lib->crypto->add_hasher(lib->crypto, HASH_MD5,
 150                                         (hasher_constructor_t)gcrypt_hasher_create);
 151         lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
 152                                         (hasher_constructor_t)gcrypt_hasher_create);
 153         lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
 154                                         (hasher_constructor_t)gcrypt_hasher_create);
 155         lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
 156                                         (hasher_constructor_t)gcrypt_hasher_create);
 157
 158         /* crypters */
 159         lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
 160                                         (crypter_constructor_t)gcrypt_crypter_create);
 161         lib->crypto->add_crypter(lib->crypto, ENCR_CAST,
 162                                         (crypter_constructor_t)gcrypt_crypter_create);
 163         lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH,
 164                                         (crypter_constructor_t)gcrypt_crypter_create);
 165         lib->crypto->add_crypter(lib->crypto, ENCR_DES,
 166                                         (crypter_constructor_t)gcrypt_crypter_create);
 167         lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB,
 168                                         (crypter_constructor_t)gcrypt_crypter_create);
 169         lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
 170                                         (crypter_constructor_t)gcrypt_crypter_create);
 171         lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC,
 172                                         (crypter_constructor_t)gcrypt_crypter_create);
 173         lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC,
 174                                         (crypter_constructor_t)gcrypt_crypter_create);
 175         lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC,
 176                                         (crypter_constructor_t)gcrypt_crypter_create);
 177
 178         /* random numbers */
 179         lib->crypto->add_rng(lib->crypto, RNG_WEAK,
 180                                                  (rng_constructor_t)gcrypt_rng_create);
 181         lib->crypto->add_rng(lib->crypto, RNG_STRONG,
 182                                                  (rng_constructor_t)gcrypt_rng_create);
 183         lib->crypto->add_rng(lib->crypto, RNG_TRUE,
 184                                                  (rng_constructor_t)gcrypt_rng_create);
 185
 186         /* diffie hellman groups, using modp */
 187         lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
 188                                         (dh_constructor_t)gcrypt_dh_create);
 189         lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
 190                                         (dh_constructor_t)gcrypt_dh_create);
 191         lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
 192                                         (dh_constructor_t)gcrypt_dh_create);
 193         lib->crypto->add_dh(lib->crypto, MODP_4096_BIT,
 194                                         (dh_constructor_t)gcrypt_dh_create);
 195         lib->crypto->add_dh(lib->crypto, MODP_6144_BIT,
 196                                         (dh_constructor_t)gcrypt_dh_create);
 197         lib->crypto->add_dh(lib->crypto, MODP_8192_BIT,
 198                                         (dh_constructor_t)gcrypt_dh_create);
 199         lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
 200                                         (dh_constructor_t)gcrypt_dh_create);
 201         lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
 202                                         (dh_constructor_t)gcrypt_dh_create);
 203
 204         /* RSA */
 205         lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
 206                                         (builder_constructor_t)gcrypt_rsa_private_key_builder);
 207         lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
 208                                         (builder_constructor_t)gcrypt_rsa_public_key_builder);
 209
 210         return &this->public.plugin;
 211 }
 212