pluto aborts if no SHA-1 and MD5 hashers are present
[strongswan.git] / src / pluto / crypto.c
1 /* crypto interfaces
2 * Copyright (C) 1998-2001 D. Hugh Redelmeier
3 * Copyright (C) 2007-2009 Andreas Steffen
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include <gmp.h>
17
18 #include <freeswan.h>
19
20 #include <crypto/crypters/crypter.h>
21 #include <crypto/hashers/hasher.h>
22
23 #include "constants.h"
24 #include "defs.h"
25 #include "crypto.h"
26 #include "ike_alg.h"
27 #include "log.h"
28
29 extern struct encrypt_desc encrypt_desc_3des;
30 extern struct encrypt_desc encrypt_desc_blowfish;
31 extern struct encrypt_desc encrypt_desc_aes;
32 extern struct encrypt_desc encrypt_desc_twofish;
33 extern struct encrypt_desc encrypt_desc_twofish_ssh;
34 extern struct encrypt_desc encrypt_desc_serpent;
35
36 extern struct hash_desc hash_desc_md5;
37 extern struct hash_desc hash_desc_sha1;
38 extern struct hash_desc hash_desc_sha2_256;
39 extern struct hash_desc hash_desc_sha2_384;
40 extern struct hash_desc hash_desc_sha2_512;
41
42 /* moduli and generator. */
43
44 static MP_INT
45 modp1024_modulus,
46 modp1536_modulus,
47 modp2048_modulus,
48 modp3072_modulus,
49 modp4096_modulus,
50 modp6144_modulus,
51 modp8192_modulus;
52
53 MP_INT groupgenerator; /* MODP group generator (2) */
54
55
56
57 void init_crypto(void)
58 {
59 enumerator_t *enumerator;
60 encryption_algorithm_t encryption_alg;
61 hash_algorithm_t hash_alg;
62 bool no_md5 = TRUE;
63 bool no_sha1 = TRUE;
64
65 enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
66 while (enumerator->enumerate(enumerator, &hash_alg))
67 {
68 const struct hash_desc *desc;
69
70 switch (hash_alg)
71 {
72 case HASH_SHA1:
73 desc = &hash_desc_sha1;
74 no_sha1 = FALSE;
75 break;
76 case HASH_SHA256:
77 desc = &hash_desc_sha2_256;
78 break;
79 case HASH_SHA384:
80 desc = &hash_desc_sha2_384;
81 break;
82 case HASH_SHA512:
83 desc = &hash_desc_sha2_512;
84 break;
85 case HASH_MD5:
86 desc = &hash_desc_md5;
87 no_md5 = FALSE;
88 break;
89 default:
90 continue;
91 }
92 ike_alg_add((struct ike_alg *)desc);
93 }
94 enumerator->destroy(enumerator);
95
96 if (no_sha1)
97 {
98 exit_log("pluto cannot run without a SHA-1 hasher");
99 }
100 if (no_md5)
101 {
102 exit_log("pluto cannot run without an MD5 hasher");
103 }
104
105 enumerator = lib->crypto->create_crypter_enumerator(lib->crypto);
106 while (enumerator->enumerate(enumerator, &encryption_alg))
107 {
108 const struct encrypt_desc *desc;
109
110 switch (encryption_alg)
111 {
112 case ENCR_3DES:
113 desc = &encrypt_desc_3des;
114 break;
115 case ENCR_BLOWFISH:
116 desc = &encrypt_desc_blowfish;
117 break;
118 case ENCR_AES_CBC:
119 desc = &encrypt_desc_aes;
120 break;
121 case ENCR_TWOFISH_CBC:
122 desc = &encrypt_desc_twofish;
123 ike_alg_add((struct ike_alg *)&encrypt_desc_twofish_ssh);
124 break;
125 case ENCR_SERPENT_CBC:
126 desc = &encrypt_desc_serpent;
127 break;
128 default:
129 continue;
130 }
131 ike_alg_add((struct ike_alg *)desc);
132 }
133 enumerator->destroy(enumerator);
134
135 if (mpz_init_set_str(&groupgenerator, MODP_GENERATOR, 10) != 0
136 || mpz_init_set_str(&modp1024_modulus, MODP1024_MODULUS, 16) != 0
137 || mpz_init_set_str(&modp1536_modulus, MODP1536_MODULUS, 16) != 0
138 || mpz_init_set_str(&modp2048_modulus, MODP2048_MODULUS, 16) != 0
139 || mpz_init_set_str(&modp3072_modulus, MODP3072_MODULUS, 16) != 0
140 || mpz_init_set_str(&modp4096_modulus, MODP4096_MODULUS, 16) != 0
141 || mpz_init_set_str(&modp6144_modulus, MODP6144_MODULUS, 16) != 0
142 || mpz_init_set_str(&modp8192_modulus, MODP8192_MODULUS, 16) != 0)
143 {
144 exit_log("mpz_init_set_str() failed in init_crypto()");
145 }
146 #ifdef SELF_TEST
147 ike_alg_test();
148 #endif
149 }
150
151 void free_crypto(void)
152 {
153 mpz_clear(&groupgenerator);
154 mpz_clear(&modp1024_modulus);
155 mpz_clear(&modp1536_modulus);
156 mpz_clear(&modp2048_modulus);
157 mpz_clear(&modp3072_modulus);
158 mpz_clear(&modp4096_modulus);
159 mpz_clear(&modp6144_modulus);
160 mpz_clear(&modp8192_modulus);
161 }
162
163 /* Oakley group description
164 *
165 * See RFC2409 "The Internet key exchange (IKE)" 6.
166 */
167
168 const struct oakley_group_desc unset_group = {0, NULL, 0}; /* magic signifier */
169
170 const struct oakley_group_desc oakley_group[OAKLEY_GROUP_SIZE] = {
171 # define BYTES(bits) (((bits) + BITS_PER_BYTE - 1) / BITS_PER_BYTE)
172 { OAKLEY_GROUP_MODP1024, &modp1024_modulus, BYTES(1024) },
173 { OAKLEY_GROUP_MODP1536, &modp1536_modulus, BYTES(1536) },
174 { OAKLEY_GROUP_MODP2048, &modp2048_modulus, BYTES(2048) },
175 { OAKLEY_GROUP_MODP3072, &modp3072_modulus, BYTES(3072) },
176 { OAKLEY_GROUP_MODP4096, &modp4096_modulus, BYTES(4096) },
177 { OAKLEY_GROUP_MODP6144, &modp6144_modulus, BYTES(6144) },
178 { OAKLEY_GROUP_MODP8192, &modp8192_modulus, BYTES(8192) },
179 # undef BYTES
180 };
181
182 const struct oakley_group_desc *lookup_group(u_int16_t group)
183 {
184 int i;
185
186 for (i = 0; i != countof(oakley_group); i++)
187 if (group == oakley_group[i].group)
188 return &oakley_group[i];
189 return NULL;
190 }
191
192 /* Encryption Routines
193 *
194 * Each uses and updates the state object's st_new_iv.
195 * This must already be initialized.
196 */
197
198 encryption_algorithm_t oakley_to_encryption_algorithm(int alg)
199 {
200 switch (alg)
201 {
202 case OAKLEY_DES_CBC:
203 return ENCR_DES;
204 case OAKLEY_IDEA_CBC:
205 return ENCR_IDEA;
206 case OAKLEY_BLOWFISH_CBC:
207 return ENCR_BLOWFISH;
208 case OAKLEY_RC5_R16_B64_CBC:
209 return ENCR_RC5;
210 case OAKLEY_3DES_CBC:
211 return ENCR_3DES;
212 case OAKLEY_CAST_CBC:
213 return ENCR_CAST;
214 case OAKLEY_AES_CBC:
215 return ENCR_AES_CBC;
216 case OAKLEY_SERPENT_CBC:
217 return ENCR_SERPENT_CBC;
218 case OAKLEY_TWOFISH_CBC:
219 case OAKLEY_TWOFISH_CBC_SSH:
220 return ENCR_TWOFISH_CBC;
221 default:
222 return ENCR_UNDEFINED;
223 }
224 }
225
226 hash_algorithm_t oakley_to_hash_algorithm(int alg)
227 {
228 switch (alg)
229 {
230 case OAKLEY_MD5:
231 return HASH_MD5;
232 case OAKLEY_SHA:
233 return HASH_SHA1;
234 case OAKLEY_SHA2_256:
235 return HASH_SHA256;
236 case OAKLEY_SHA2_384:
237 return HASH_SHA384;
238 case OAKLEY_SHA2_512:
239 return HASH_SHA512;
240 default:
241 return HASH_UNKNOWN;
242 }
243 }
244
245 pseudo_random_function_t oakley_to_prf(int alg)
246 {
247 switch (alg)
248 {
249 case OAKLEY_MD5:
250 return PRF_HMAC_MD5;
251 case OAKLEY_SHA:
252 return PRF_HMAC_SHA1;
253 case OAKLEY_SHA2_256:
254 return PRF_HMAC_SHA2_256;
255 case OAKLEY_SHA2_384:
256 return PRF_HMAC_SHA2_384;
257 case OAKLEY_SHA2_512:
258 return PRF_HMAC_SHA2_512;
259 default:
260 return PRF_UNDEFINED;
261 }
262 }