Implemented EdDSA for IKEv2 using a pro forma Identity hash function
authorAndreas Steffen <andreas.steffen@strongswan.org>
Fri, 9 Dec 2016 08:38:15 +0000 (09:38 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 14 Dec 2016 10:15:48 +0000 (11:15 +0100)
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libstrongswan/credentials/auth_cfg.c
src/libstrongswan/plugins/curve25519/Makefile.am
src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.c [new file with mode: 0644]
src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.h [new file with mode: 0644]
src/libstrongswan/plugins/curve25519/curve25519_plugin.c

index d82e206..58b7106 100644 (file)
@@ -159,6 +159,10 @@ static void send_supported_hash_algorithms(private_ike_init_t *this,
        auth_cfg_t *auth;
        auth_rule_t rule;
        uintptr_t config;
+       int written;
+       size_t len = BUF_LEN;
+       char buf[len];
+       char *pos = buf;
        char *plugin_name;
 
        algos = hash_algorithm_set_create();
@@ -205,11 +209,23 @@ static void send_supported_hash_algorithms(private_ike_init_t *this,
                while (enumerator->enumerate(enumerator, &hash))
                {
                        writer->write_uint16(writer, hash);
+
+                       /* generate debug output */
+                       written = snprintf(pos, len, " %N", hash_algorithm_short_names,
+                                                          hash);
+                       if (written > 0 && written < len)
+                       {
+                               pos += written;
+                               len -= written;
+                       }
                }
                enumerator->destroy(enumerator);
                message->add_notify(message, FALSE, SIGNATURE_HASH_ALGORITHMS,
                                                        writer->get_buf(writer));
                writer->destroy(writer);
+
+               *pos = '\0';
+               DBG2(DBG_CFG, "sending supported signature hash algorithms:%s", buf);
        }
        algos->destroy(algos);
 }
@@ -222,6 +238,10 @@ static void handle_supported_hash_algorithms(private_ike_init_t *this,
 {
        bio_reader_t *reader;
        uint16_t algo;
+       int written;
+       size_t len = BUF_LEN;
+       char buf[len];
+       char *pos = buf;
        bool added = FALSE;
 
        reader = bio_reader_create(notify->get_notification_data(notify));
@@ -231,10 +251,22 @@ static void handle_supported_hash_algorithms(private_ike_init_t *this,
                {
                        this->keymat->add_hash_algorithm(this->keymat, algo);
                        added = TRUE;
+
+                       /* generate debug output */
+                       written = snprintf(pos, len, " %N", hash_algorithm_short_names,
+                                                          algo);
+                       if (written > 0 && written < len)
+                       {
+                               pos += written;
+                               len -= written;
+                       }
                }
        }
        reader->destroy(reader);
 
+       *pos = '\0';
+       DBG2(DBG_CFG, "received supported signature hash algorithms:%s", buf);
+
        if (added)
        {
                this->ike_sa->enable_extension(this->ike_sa, EXT_SIGNATURE_AUTH);
index 3ec9491..8a3e659 100644 (file)
@@ -1,7 +1,7 @@
 /*
  * Copyright (C) 2008-2016 Tobias Brunner
  * Copyright (C) 2007-2009 Martin Willi
- * Copyright (C) 2016 Andreas Steffeb
+ * Copyright (C) 2016 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -547,22 +547,24 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
                        signature_scheme_t scheme;
                        key_type_t key;
                } schemes[] = {
-                       { "md5",                SIGN_RSA_EMSA_PKCS1_MD5,                KEY_RSA,        },
-                       { "sha1",               SIGN_RSA_EMSA_PKCS1_SHA1,               KEY_RSA,        },
-                       { "sha224",             SIGN_RSA_EMSA_PKCS1_SHA2_224,   KEY_RSA,        },
-                       { "sha256",             SIGN_RSA_EMSA_PKCS1_SHA2_256,   KEY_RSA,        },
-                       { "sha384",             SIGN_RSA_EMSA_PKCS1_SHA2_384,   KEY_RSA,        },
-                       { "sha512",             SIGN_RSA_EMSA_PKCS1_SHA2_512,   KEY_RSA,        },
-                       { "sha1",               SIGN_ECDSA_WITH_SHA1_DER,               KEY_ECDSA,      },
-                       { "sha256",             SIGN_ECDSA_WITH_SHA256_DER,             KEY_ECDSA,      },
-                       { "sha384",             SIGN_ECDSA_WITH_SHA384_DER,             KEY_ECDSA,      },
-                       { "sha512",             SIGN_ECDSA_WITH_SHA512_DER,             KEY_ECDSA,      },
-                       { "sha256",             SIGN_ECDSA_256,                                 KEY_ECDSA,      },
-                       { "sha384",             SIGN_ECDSA_384,                                 KEY_ECDSA,      },
-                       { "sha512",             SIGN_ECDSA_521,                                 KEY_ECDSA,      },
-                       { "sha256",             SIGN_BLISS_WITH_SHA2_256,               KEY_BLISS,      },
-                       { "sha384",             SIGN_BLISS_WITH_SHA2_384,               KEY_BLISS,      },
-                       { "sha512",             SIGN_BLISS_WITH_SHA2_512,               KEY_BLISS,      },
+                       { "md5",                SIGN_RSA_EMSA_PKCS1_MD5,                KEY_RSA,         },
+                       { "sha1",               SIGN_RSA_EMSA_PKCS1_SHA1,               KEY_RSA,         },
+                       { "sha224",             SIGN_RSA_EMSA_PKCS1_SHA2_224,   KEY_RSA,         },
+                       { "sha256",             SIGN_RSA_EMSA_PKCS1_SHA2_256,   KEY_RSA,         },
+                       { "sha384",             SIGN_RSA_EMSA_PKCS1_SHA2_384,   KEY_RSA,         },
+                       { "sha512",             SIGN_RSA_EMSA_PKCS1_SHA2_512,   KEY_RSA,         },
+                       { "sha1",               SIGN_ECDSA_WITH_SHA1_DER,               KEY_ECDSA,       },
+                       { "sha256",             SIGN_ECDSA_WITH_SHA256_DER,             KEY_ECDSA,       },
+                       { "sha384",             SIGN_ECDSA_WITH_SHA384_DER,             KEY_ECDSA,       },
+                       { "sha512",             SIGN_ECDSA_WITH_SHA512_DER,             KEY_ECDSA,       },
+                       { "sha256",             SIGN_ECDSA_256,                                 KEY_ECDSA,       },
+                       { "sha384",             SIGN_ECDSA_384,                                 KEY_ECDSA,       },
+                       { "sha512",             SIGN_ECDSA_521,                                 KEY_ECDSA,       },
+                       { "sha256",             SIGN_BLISS_WITH_SHA2_256,               KEY_BLISS,       },
+                       { "sha384",             SIGN_BLISS_WITH_SHA2_384,               KEY_BLISS,       },
+                       { "sha512",             SIGN_BLISS_WITH_SHA2_512,               KEY_BLISS,       },
+                       { "identity",   SIGN_ED25519,                                   KEY_ED25519, },
+                       { "identity",   SIGN_ED448,                                             KEY_ED448,       },
                };
 
                if (expected_strength != AUTH_RULE_MAX)
@@ -592,6 +594,18 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
                        is_ike = strpfx(token, "ike:");
                        continue;
                }
+               if (streq(token, "ed25519") || streq(token, "ike:ed25519"))
+               {
+                       expected_type = KEY_ED25519;
+                       is_ike = strpfx(token, "ike:");
+                       continue;
+               }
+               if (streq(token, "ed448") || streq(token, "ike:ed448"))
+               {
+                       expected_type = KEY_ED448;
+                       is_ike = strpfx(token, "ike:");
+                       continue;
+               }
                if (streq(token, "bliss") || streq(token, "ike:bliss"))
                {
                        expected_type = KEY_BLISS;
index e05e5eb..7bbf221 100644 (file)
@@ -23,6 +23,7 @@ libstrongswan_curve25519_la_SOURCES = \
        curve25519_dh.h curve25519_dh.c \
        curve25519_drv.h curve25519_drv.c \
        curve25519_drv_portable.h curve25519_drv_portable.c \
+       curve25519_identity_hasher.h curve25519_identity_hasher.c \
        curve25519_plugin.h curve25519_plugin.c
 
 libstrongswan_curve25519_la_LDFLAGS = -module -avoid-version
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.c b/src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.c
new file mode 100644 (file)
index 0000000..a7ffdb1
--- /dev/null
@@ -0,0 +1,25 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "curve25519_identity_hasher.h"
+
+/*
+ * Described in header.
+ */
+curve25519_identity_hasher_t *curve25519_identity_hasher_create(hash_algorithm_t algo)
+{
+       /* since the identity hasher is never actually used, always return NULL */
+       return NULL;
+}
diff --git a/src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.h b/src/libstrongswan/plugins/curve25519/curve25519_identity_hasher.h
new file mode 100644 (file)
index 0000000..bf643b5
--- /dev/null
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2016 Andreas Steffen
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup curve25519_identity_hasher curve25519_identity_hasher
+ * @{ @ingroup curve25519_p
+ */
+
+#ifndef CURVE25519_IDENTITY_HASHER_H_
+#define CURVE25519_IDENTITY_HASHER_H_
+
+typedef struct curve25519_identity_hasher_t curve25519_identity_hasher_t;
+
+#include <crypto/hashers/hasher.h>
+
+/**
+ * Implementation of hasher_t interface using the Identity algorithm.
+ */
+struct curve25519_identity_hasher_t {
+
+       /**
+        * Implements hasher_t interface.
+        */
+       hasher_t hasher_interface;
+};
+
+/**
+ * Creates a new curve25519_identity_hasher_t.
+ *
+ * @param algo         algorithm, must be HASH_IDENTITY
+ * @return                     curve25519_identity_hasher_t object
+ */
+curve25519_identity_hasher_t *curve25519_identity_hasher_create(hash_algorithm_t algo);
+
+#endif /** CURVE25519_IDENTITY_HASHER_H_ @}*/
index 0b1e59e..48ca43a 100644 (file)
@@ -20,6 +20,7 @@
 #include "curve25519_dh.h"
 #include "curve25519_private_key.h"
 #include "curve25519_public_key.h"
+#include "curve25519_identity_hasher.h"
 
 #include <library.h>
 
@@ -65,6 +66,9 @@ METHOD(plugin_t, get_features, int,
                /* Ed25519 signature verification scheme, public */
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ED25519),
                        PLUGIN_DEPENDS(HASHER, HASH_SHA512),
+               /* register a pro forma identity hasher */
+               PLUGIN_REGISTER(HASHER, curve25519_identity_hasher_create),
+                       PLUGIN_PROVIDE(HASHER, HASH_IDENTITY),
        };
        *features = f;
        return countof(f);