added wrapper for OpenSSL hashers
authorTobias Brunner <tobias@strongswan.org>
Mon, 28 Apr 2008 15:56:44 +0000 (15:56 -0000)
committerTobias Brunner <tobias@strongswan.org>
Mon, 28 Apr 2008 15:56:44 +0000 (15:56 -0000)
src/libstrongswan/plugins/openssl/Makefile.am
src/libstrongswan/plugins/openssl/openssl_hasher.c [new file with mode: 0644]
src/libstrongswan/plugins/openssl/openssl_hasher.h [new file with mode: 0644]
src/libstrongswan/plugins/openssl/openssl_plugin.c

index b26515d..dee5789 100644 (file)
@@ -6,7 +6,8 @@ AM_CFLAGS = -rdynamic
 plugin_LTLIBRARIES = libstrongswan-openssl.la
 
 libstrongswan_openssl_la_SOURCES = openssl_plugin.h openssl_plugin.c \
-       openssl_crypter.c openssl_crypter.h
+       openssl_crypter.c openssl_crypter.h \
+       openssl_hasher.c openssl_hasher.h
 
 libstrongswan_openssl_la_LDFLAGS = -module
 libstrongswan_openssl_la_LIBADD  = -lssl
diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c
new file mode 100644 (file)
index 0000000..b52da89
--- /dev/null
@@ -0,0 +1,216 @@
+/*
+ * Copyright (C) 2008 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil 
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "openssl_hasher.h"
+
+#include <openssl/evp.h>
+
+typedef struct private_openssl_hasher_t private_openssl_hasher_t;
+
+/**
+ * Private data of openssl_hasher_t
+ */
+struct private_openssl_hasher_t {
+       
+       /**
+        * Public part of this class.
+        */
+       openssl_hasher_t public;
+       
+       /**
+        * data collected to hash
+        */
+       chunk_t data;
+       
+       /*
+        * the hasher to use
+        */
+       const EVP_MD *hasher;
+};
+
+/**
+ * Mapping from the algorithms defined in IKEv2 to
+ * OpenSSL algorithm names
+ */
+typedef struct {
+       /**
+        * Identifier specified in IKEv2
+        */
+       int ikev2_id;
+       
+       /**
+        * Name of the algorithm, as used in OpenSSL
+        */
+       char *name;
+} openssl_algorithm_t;
+
+#define END_OF_LIST -1
+
+/**
+ * Algorithms for integrity
+ */
+static openssl_algorithm_t integrity_algs[] = {
+       {HASH_MD2,              "md2"},
+       {HASH_MD5,              "md5"},
+       {HASH_SHA1,             "sha1"},
+       {HASH_SHA256,   "sha256"},
+       {HASH_SHA384,   "sha384"},
+       {HASH_SHA512,   "sha512"},
+       {END_OF_LIST,   NULL},
+};
+
+/**
+ * Look up an OpenSSL algorithm name
+ */
+static char* lookup_algorithm(openssl_algorithm_t *openssl_algo, 
+                                          u_int16_t ikev2_algo)
+{
+       while (openssl_algo->ikev2_id != END_OF_LIST)
+       {
+               if (ikev2_algo == openssl_algo->ikev2_id)
+               {
+                       return openssl_algo->name;
+               }
+               openssl_algo++;
+       }
+       return NULL;
+}
+
+/**
+ * append data to the to-be-hashed buffer
+ */
+static void append_data(private_openssl_hasher_t *this, chunk_t data)
+{
+       this->data.ptr = realloc(this->data.ptr, this->data.len + data.len);
+       memcpy(this->data.ptr + this->data.len, data.ptr, data.len);
+       this->data.len += data.len;
+}
+
+/**
+ * hash a buffer of data
+ */
+static void hash_data(private_openssl_hasher_t *this, chunk_t data, u_int8_t *digest)
+{
+       EVP_MD_CTX ctx;
+       EVP_MD_CTX_init(&ctx);
+       EVP_DigestInit_ex(&ctx, this->hasher, NULL);
+       EVP_DigestUpdate(&ctx, data.ptr, data.len);
+       EVP_DigestFinal_ex(&ctx, digest, NULL);
+       EVP_MD_CTX_cleanup(&ctx);
+}
+
+/**
+ * Implementation of hasher_t.get_hash_size.
+ */
+static size_t get_hash_size(private_openssl_hasher_t *this)
+{
+       return this->hasher->md_size;
+}
+
+/**
+ * Implementation of hasher_t.reset.
+ */
+static void reset(private_openssl_hasher_t *this)
+{
+       chunk_free(&this->data);
+}
+
+/**
+ * Implementation of hasher_t.get_hash.
+ */
+static void get_hash(private_openssl_hasher_t *this, chunk_t chunk,
+                                        u_int8_t *hash)
+{
+       if (hash)
+       {
+               if (this->data.len)
+               {
+                       append_data(this, chunk);
+                       hash_data(this, this->data, hash);
+               }
+               else
+               {   /* hash directly if no previous data found */   
+                       hash_data(this, chunk, hash);
+               }
+               reset(this);
+       }
+       else
+       {
+               append_data(this, chunk);       
+       }
+}
+
+/**
+ * Implementation of hasher_t.allocate_hash.
+ */
+static void allocate_hash(private_openssl_hasher_t *this, chunk_t chunk,
+                                                 chunk_t *hash)
+{
+       if (hash)
+       {
+               *hash = chunk_alloc(get_hash_size(this));
+               get_hash(this, chunk, hash->ptr);
+       }
+       else
+       {
+               get_hash(this, chunk, NULL);    
+       }
+}
+
+/**
+ * Implementation of hasher_t.destroy.
+ */
+static void destroy (private_openssl_hasher_t *this)
+{
+       free(this->data.ptr);
+       free(this);
+}
+
+/*
+ * Described in header
+ */
+openssl_hasher_t *openssl_hasher_create(hash_algorithm_t algo)
+{
+       private_openssl_hasher_t *this;
+       
+       char* name = lookup_algorithm(integrity_algs, algo);
+       if (!name)
+       {
+               /* algo unavailable */
+               return NULL;
+       }
+
+       this = malloc_thing(private_openssl_hasher_t);
+       
+       this->hasher = EVP_get_digestbyname(name);
+       if (!this->hasher)
+       {
+               /* OpenSSL does not support the requested algo */
+               free(this);
+               return NULL;
+       }
+       
+       this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
+       this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
+       this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
+       this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
+       this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
+       
+       this->data = chunk_empty;
+       
+       return &this->public;
+}
diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.h b/src/libstrongswan/plugins/openssl/openssl_hasher.h
new file mode 100644 (file)
index 0000000..e23022b
--- /dev/null
@@ -0,0 +1,48 @@
+/*
+ * Copyright (C) 2008 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup openssl_hasher openssl_hasher
+ * @{ @ingroup openssl_p
+ */
+
+#ifndef OPENSSL_HASHER_H_
+#define OPENSSL_HASHER_H_
+
+typedef struct openssl_hasher_t openssl_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * Implementation of hashers using OpenSSL.
+ */
+struct openssl_hasher_t {
+       
+       /**
+        * The hasher_t interface.
+        */
+       hasher_t hasher_interface;
+};
+
+/**
+ * Constructor to create openssl_hasher_t.
+ * 
+ * @param algo                 algorithm
+ * @param key_size             key size in bytes
+ * @return                             openssl_hasher_t, NULL if not supported
+ */
+openssl_hasher_t *openssl_hasher_create(hash_algorithm_t algo);
+
+#endif /* OPENSSL_HASHER_H_ @}*/
index bfdec83..c4395ac 100644 (file)
@@ -21,6 +21,7 @@
 
 #include <library.h>
 #include "openssl_crypter.h"
+#include "openssl_hasher.h"
 
 typedef struct private_openssl_plugin_t private_openssl_plugin_t;
 
@@ -42,6 +43,8 @@ static void destroy(private_openssl_plugin_t *this)
 {
        lib->crypto->remove_crypter(lib->crypto,
                                        (crypter_constructor_t)openssl_crypter_create);
+       lib->crypto->remove_hasher(lib->crypto,
+                                       (hasher_constructor_t)openssl_hasher_create);
        
        EVP_cleanup();
        
@@ -59,6 +62,7 @@ plugin_t *plugin_create()
        
        OpenSSL_add_all_algorithms();
        
+       /* crypter */
        lib->crypto->add_crypter(lib->crypto, ENCR_DES,
                                        (crypter_constructor_t)openssl_crypter_create);
        lib->crypto->add_crypter(lib->crypto, ENCR_3DES,
@@ -76,5 +80,19 @@ plugin_t *plugin_create()
        lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC,
                                        (crypter_constructor_t)openssl_crypter_create);
        
+       /* hasher */
+       lib->crypto->add_hasher(lib->crypto, HASH_MD2,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       lib->crypto->add_hasher(lib->crypto, HASH_MD5,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       lib->crypto->add_hasher(lib->crypto, HASH_SHA256,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       lib->crypto->add_hasher(lib->crypto, HASH_SHA384,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       lib->crypto->add_hasher(lib->crypto, HASH_SHA512,
+                                       (hasher_constructor_t)openssl_hasher_create);
+       
        return &this->public.plugin;
 }