lex.c lex.h \
log.c log.h \
modecfg.c modecfg.h \
-mp_defs.c mp_defs.h \
nat_traversal.c nat_traversal.h \
ocsp.c ocsp.h \
packet.c packet.h \
pluto_LDADD = \
$(LIBSTRONGSWANDIR)/libstrongswan.la \
$(LIBFREESWANDIR)/libfreeswan.a \
--lgmp -lresolv -lpthread $(DLLIB)
+-lresolv -lpthread $(DLLIB)
_pluto_adns_LDADD = \
$(LIBFREESWANDIR)/libfreeswan.a \
#include "constants.h"
#include "defs.h"
-#include "mp_defs.h"
#include "state.h"
#include "id.h"
#include "x509.h"
#include "constants.h"
#include "defs.h"
-#include "mp_defs.h"
#include "id.h"
#include "x509.h"
#include "pgpcert.h"
+++ /dev/null
-/* some multiprecision utilities
- * Copyright (C) 1998-2001 D. Hugh Redelmeier.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <freeswan.h>
-
-#include <utils.h>
-#include <asn1/asn1.h>
-
-#include "constants.h"
-#include "defs.h"
-#include "mp_defs.h"
-#include "log.h"
-
-/* Convert MP_INT to network form (binary octets, big-endian).
- * We do the malloc; caller must eventually do free.
- */
-chunk_t
-mpz_to_n(const MP_INT *mp, size_t bytes)
-{
- chunk_t r;
- MP_INT temp1, temp2;
- int i;
-
- r.len = bytes;
- r.ptr = malloc(r.len);
-
- mpz_init(&temp1);
- mpz_init(&temp2);
-
- mpz_set(&temp1, mp);
-
- for (i = r.len-1; i >= 0; i--)
- {
- r.ptr[i] = mpz_mdivmod_ui(&temp2, NULL, &temp1, 1 << BITS_PER_BYTE);
- mpz_set(&temp1, &temp2);
- }
-
- passert(mpz_sgn(&temp1) == 0); /* we must have done all the bits */
- mpz_clear(&temp1);
- mpz_clear(&temp2);
-
- return r;
-}
-
-/* Convert network form (binary bytes, big-endian) to MP_INT.
- * The *mp must not be previously mpz_inited.
- */
-void
-n_to_mpz(MP_INT *mp, const u_char *nbytes, size_t nlen)
-{
- size_t i;
-
- mpz_init_set_ui(mp, 0);
-
- for (i = 0; i != nlen; i++)
- {
- mpz_mul_ui(mp, mp, 1 << BITS_PER_BYTE);
- mpz_add_ui(mp, mp, nbytes[i]);
- }
-}
-
-/*
- * convert a MP integer into a DER coded ASN.1 object
- */
-chunk_t
-asn1_integer_from_mpz(const mpz_t value)
-{
- size_t bits = mpz_sizeinbase(value, 2); /* size in bits */
- size_t size = 1 + bits / BITS_PER_BYTE; /* size in bytes */
- chunk_t n = mpz_to_n(value, size);
-
- return asn1_wrap(ASN1_INTEGER, "m", n);
-}
-
+++ /dev/null
-/* some multiprecision utilities
- * Copyright (C) 1997 Angelos D. Keromytis.
- * Copyright (C) 1998-2001 D. Hugh Redelmeier.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef _MP_DEFS_H
-#define _MP_DEFS_H
-
-#include <gmp.h>
-
-#include <utils.h>
-
-extern void n_to_mpz(MP_INT *mp, const u_char *nbytes, size_t nlen);
-extern chunk_t mpz_to_n(const MP_INT *mp, size_t bytes);
-extern chunk_t asn1_integer_from_mpz(const mpz_t value);
-
-/* var := mod(base ** exp, mod), ensuring var is mpz_inited */
-#define mpz_init_powm(flag, var, base, exp, mod) { \
- if (!(flag)) \
- mpz_init(&(var)); \
- (flag) = TRUE; \
- mpz_powm(&(var), &(base), &(exp), (mod)); \
- }
-
-#endif /* _MP_DEFS_H */
#include "constants.h"
#include "defs.h"
-#include "mp_defs.h"
#include "log.h"
#include "id.h"
#include "pgpcert.h"
#include <freeswan.h>
+#include <asn1/asn1.h>
+#include <credentials/keys/public_key.h>
+
#include "constants.h"
#ifdef SMARTCARD
#endif
#include "defs.h"
-#include "mp_defs.h"
#include "log.h"
#include "x509.h"
#include "ca.h"
{
if (rv == CKR_FUNCTION_NOT_SUPPORTED)
{
- RSA_public_key_t rsa;
+ public_key_t *key;
+ chunk_t rsa_modulus, rsa_exponent, rsa_key, cipher_text;
chunk_t plain_text = {(u_char*)in, inlen};
- chunk_t cipher_text;
DBG(DBG_CONTROL,
DBG_log("doing RSA encryption in software")
scx_release_context(sc);
return FALSE;
}
- rsa.k = attr[0].ulValueLen;
- n_to_mpz(&rsa.n, attr[0].pValue, attr[0].ulValueLen);
- n_to_mpz(&rsa.e, attr[1].pValue, attr[1].ulValueLen);
- free(attr[0].pValue);
- free(attr[1].pValue);
-
- cipher_text = RSA_encrypt(&rsa, plain_text);
- free_RSA_public_content(&rsa);
+ rsa_modulus = chunk_create((u_char*) attr[0].pValue,
+ (size_t) attr[0].ulValueLen);
+ rsa_exponent = chunk_create((u_char*) attr[1].pValue,
+ (size_t) attr[1].ulValueLen);
+ rsa_key = asn1_wrap(ASN1_SEQUENCE, "mm",
+ asn1_integer("m", rsa_modulus),
+ asn1_integer("m", rsa_exponent));
+ key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
+ BUILD_BLOB_ASN1_DER, rsa_key, BUILD_END);
+ free(rsa_key.ptr);
+ if (key == NULL)
+ {
+ return FALSE;
+ }
+ key->encrypt(key, plain_text, &cipher_text);
+ key->destroy(key);
+
if (cipher_text.ptr == NULL)
{
plog("smartcard input data length is too large");
if (!pkcs11_keep_state)
+ {
scx_release_context(sc);
+ }
return FALSE;
}
#include "constants.h"
#include "defs.h"
-#include "mp_defs.h"
#include "log.h"
#include "id.h"
#include "x509.h"
LIBSTRONGSWANBUILDDIR=$(top_builddir)/src/libstrongswan
LIBFREESWANBUILDDIR=$(top_builddir)/src/libfreeswan
-LIBCRYPTOBUILDDIR=$(top_builddir)/src/libcrypto
scepclient_LDADD = \
ca.o crl.o certs.o constants.o defs.o fetch.o id.o keys.o lex.o \
-mp_defs.o ocsp.o pem.o pgpcert.o pkcs7.o smartcard.o x509.o \
+ocsp.o pem.o pgpcert.o pkcs7.o smartcard.o x509.o \
$(LIBSTRONGSWANBUILDDIR)/libstrongswan.la \
-$(LIBFREESWANBUILDDIR)/libfreeswan.a \
--lgmp
+$(LIBFREESWANBUILDDIR)/libfreeswan.a
# This compile option activates smartcard support
if USE_SMARTCARD
defs.o : $(PLUTODIR)/defs.c $(PLUTODIR)/defs.h
$(COMPILE) $(INCLUDES) -c -o $@ $<
-mp_defs.o : $(PLUTODIR)/mp_defs.c $(PLUTODIR)/mp_defs.h
- $(COMPILE) $(INCLUDES) -c -o $@ $<
-
fetch.o : $(PLUTODIR)/fetch.c $(PLUTODIR)/fetch.h
$(COMPILE) $(INCLUDES) -c -o $@ $<
#include <ctype.h>
#include <unistd.h>
#include <time.h>
-#include <gmp.h>
#include <freeswan.h>