Annotation of embedaddon/strongswan/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2019 Sean Parkinson, wolfSSL Inc.
! 3: *
! 4: * Permission is hereby granted, free of charge, to any person obtaining a copy
! 5: * of this software and associated documentation files (the "Software"), to deal
! 6: * in the Software without restriction, including without limitation the rights
! 7: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
! 8: * copies of the Software, and to permit persons to whom the Software is
! 9: * furnished to do so, subject to the following conditions:
! 10: *
! 11: * The above copyright notice and this permission notice shall be included in
! 12: * all copies or substantial portions of the Software.
! 13: *
! 14: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
! 15: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
! 16: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
! 17: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
! 18: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! 19: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
! 20: * THE SOFTWARE.
! 21: */
! 22:
! 23: #include <library.h>
! 24: #include <utils/debug.h>
! 25:
! 26: #include "wolfssl_common.h"
! 27: #include "wolfssl_plugin.h"
! 28: #include "wolfssl_aead.h"
! 29: #include "wolfssl_crypter.h"
! 30: #include "wolfssl_diffie_hellman.h"
! 31: #include "wolfssl_ec_diffie_hellman.h"
! 32: #include "wolfssl_ec_private_key.h"
! 33: #include "wolfssl_ec_public_key.h"
! 34: #include "wolfssl_ed_private_key.h"
! 35: #include "wolfssl_ed_public_key.h"
! 36: #include "wolfssl_hasher.h"
! 37: #include "wolfssl_hmac.h"
! 38: #include "wolfssl_rsa_private_key.h"
! 39: #include "wolfssl_rsa_public_key.h"
! 40: #include "wolfssl_rng.h"
! 41: #include "wolfssl_sha1_prf.h"
! 42: #include "wolfssl_x_diffie_hellman.h"
! 43:
! 44: #ifndef FIPS_MODE
! 45: #define FIPS_MODE 0
! 46: #endif
! 47:
! 48: typedef struct private_wolfssl_plugin_t private_wolfssl_plugin_t;
! 49:
! 50: /**
! 51: * Private data of wolfssl_plugin
! 52: */
! 53: struct private_wolfssl_plugin_t {
! 54:
! 55: /**
! 56: * Public interface
! 57: */
! 58: wolfssl_plugin_t public;
! 59: };
! 60:
! 61: METHOD(plugin_t, get_name, char*,
! 62: private_wolfssl_plugin_t *this)
! 63: {
! 64: return "wolfssl";
! 65: }
! 66:
! 67: METHOD(plugin_t, get_features, int,
! 68: private_wolfssl_plugin_t *this, plugin_feature_t *features[])
! 69: {
! 70: static plugin_feature_t f[] = {
! 71: /* crypters */
! 72: PLUGIN_REGISTER(CRYPTER, wolfssl_crypter_create),
! 73: #if !defined(NO_AES) && !defined(NO_AES_CTR)
! 74: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 16),
! 75: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 24),
! 76: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 32),
! 77: #endif
! 78: #if !defined(NO_AES) && !defined(NO_AES_CBC)
! 79: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 16),
! 80: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 24),
! 81: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 32),
! 82: #endif
! 83: #ifdef HAVE_CAMELLIA
! 84: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 16),
! 85: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 24),
! 86: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 32),
! 87: #endif
! 88: #ifndef NO_DES3
! 89: PLUGIN_PROVIDE(CRYPTER, ENCR_3DES, 24),
! 90: PLUGIN_PROVIDE(CRYPTER, ENCR_DES, 8),
! 91: #ifdef WOLFSSL_DES_ECB
! 92: PLUGIN_PROVIDE(CRYPTER, ENCR_DES_ECB, 8),
! 93: #endif
! 94: #endif
! 95: PLUGIN_PROVIDE(CRYPTER, ENCR_NULL, 0),
! 96: /* hashers */
! 97: PLUGIN_REGISTER(HASHER, wolfssl_hasher_create),
! 98: #ifndef NO_MD5
! 99: PLUGIN_PROVIDE(HASHER, HASH_MD5),
! 100: #endif
! 101: #ifndef NO_SHA
! 102: PLUGIN_PROVIDE(HASHER, HASH_SHA1),
! 103: #endif
! 104: #ifdef WOLFSSL_SHA224
! 105: PLUGIN_PROVIDE(HASHER, HASH_SHA224),
! 106: #endif
! 107: #ifndef NO_SHA256
! 108: PLUGIN_PROVIDE(HASHER, HASH_SHA256),
! 109: #endif
! 110: #ifdef WOLFSSL_SHA384
! 111: PLUGIN_PROVIDE(HASHER, HASH_SHA384),
! 112: #endif
! 113: #ifdef WOLFSSL_SHA512
! 114: PLUGIN_PROVIDE(HASHER, HASH_SHA512),
! 115: #endif
! 116: #ifndef NO_SHA
! 117: /* keyed sha1 hasher (aka prf) */
! 118: PLUGIN_REGISTER(PRF, wolfssl_sha1_prf_create),
! 119: PLUGIN_PROVIDE(PRF, PRF_KEYED_SHA1),
! 120: #endif
! 121: #ifndef NO_HMAC
! 122: PLUGIN_REGISTER(PRF, wolfssl_hmac_prf_create),
! 123: #ifndef NO_MD5
! 124: PLUGIN_PROVIDE(PRF, PRF_HMAC_MD5),
! 125: #endif
! 126: #ifndef NO_SHA
! 127: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA1),
! 128: #endif
! 129: #ifndef NO_SHA256
! 130: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_256),
! 131: #endif
! 132: #ifdef WOLFSSL_SHA384
! 133: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_384),
! 134: #endif
! 135: #ifdef WOLFSSL_SHA512
! 136: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_512),
! 137: #endif
! 138: PLUGIN_REGISTER(SIGNER, wolfssl_hmac_signer_create),
! 139: #ifndef NO_MD5
! 140: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_MD5_96),
! 141: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_MD5_128),
! 142: #endif
! 143: #ifndef NO_SHA
! 144: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_96),
! 145: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_128),
! 146: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_160),
! 147: #endif
! 148: #ifndef NO_SHA256
! 149: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_256_128),
! 150: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_256_256),
! 151: #endif
! 152: #ifdef WOLFSSL_SHA384
! 153: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_384_192),
! 154: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_384_384),
! 155: #endif
! 156: #ifdef WOLFSSL_SHA512
! 157: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_512_256),
! 158: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_512_512),
! 159: #endif
! 160: #endif /* NO_HMAC */
! 161: #if (!defined(NO_AES) && (defined(HAVE_AESGCM) || defined(HAVE_AESCCM))) || \
! 162: (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
! 163: PLUGIN_REGISTER(AEAD, wolfssl_aead_create),
! 164: #if !defined(NO_AES) && defined(HAVE_AESGCM)
! 165: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 16),
! 166: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 24),
! 167: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 32),
! 168: #if WOLFSSL_MIN_AUTH_TAG_SZ <= 12
! 169: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 16),
! 170: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 24),
! 171: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 32),
! 172: #endif
! 173: #if WOLFSSL_MIN_AUTH_TAG_SZ <= 8
! 174: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 16),
! 175: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 24),
! 176: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 32),
! 177: #endif
! 178: #endif /* !NO_AES && HAVE_AESGCM */
! 179: #if !defined(NO_AES) && defined(HAVE_AESCCM)
! 180: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 16),
! 181: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 24),
! 182: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 32),
! 183: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 16),
! 184: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 24),
! 185: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 32),
! 186: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 16),
! 187: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 24),
! 188: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 32),
! 189: #endif /* !NO_AES && HAVE_AESCCM */
! 190: #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
! 191: PLUGIN_PROVIDE(AEAD, ENCR_CHACHA20_POLY1305, 32),
! 192: #endif /* HAVE_CHACHA && HAVE_POLY1305 */
! 193: #endif
! 194: #ifdef HAVE_ECC_DHE
! 195: /* EC DH groups */
! 196: PLUGIN_REGISTER(DH, wolfssl_ec_diffie_hellman_create),
! 197: #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
! 198: PLUGIN_PROVIDE(DH, ECP_256_BIT),
! 199: #endif
! 200: #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
! 201: PLUGIN_PROVIDE(DH, ECP_384_BIT),
! 202: #endif
! 203: #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
! 204: PLUGIN_PROVIDE(DH, ECP_521_BIT),
! 205: #endif
! 206: #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
! 207: PLUGIN_PROVIDE(DH, ECP_224_BIT),
! 208: #endif
! 209: #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
! 210: PLUGIN_PROVIDE(DH, ECP_192_BIT),
! 211: #endif
! 212: #ifdef HAVE_BRAINPOOL
! 213: #if !define(NO_ECC256) || defined(HAVE_ALL_CURVES)
! 214: PLUGIN_PROVIDE(DH, ECP_256_BP),
! 215: #endif
! 216: #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
! 217: PLUGIN_PROVIDE(DH, ECP_384_BP),
! 218: #endif
! 219: #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)
! 220: PLUGIN_PROVIDE(DH, ECP_512_BP),
! 221: #endif
! 222: #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
! 223: PLUGIN_PROVIDE(DH, ECP_224_BP),
! 224: #endif
! 225: #endif
! 226: #endif /* HAVE_ECC_DHE */
! 227: #ifndef NO_DH
! 228: /* MODP DH groups */
! 229: PLUGIN_REGISTER(DH, wolfssl_diffie_hellman_create),
! 230: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (3072 * 2)
! 231: PLUGIN_PROVIDE(DH, MODP_3072_BIT),
! 232: #endif
! 233: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (4096 * 2)
! 234: PLUGIN_PROVIDE(DH, MODP_4096_BIT),
! 235: #endif
! 236: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (6144 * 2)
! 237: PLUGIN_PROVIDE(DH, MODP_6144_BIT),
! 238: #endif
! 239: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (8192 * 2)
! 240: PLUGIN_PROVIDE(DH, MODP_8192_BIT),
! 241: #endif
! 242: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (2048 * 2)
! 243: PLUGIN_PROVIDE(DH, MODP_2048_BIT),
! 244: PLUGIN_PROVIDE(DH, MODP_2048_224),
! 245: PLUGIN_PROVIDE(DH, MODP_2048_256),
! 246: #endif
! 247: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (1536 * 2)
! 248: PLUGIN_PROVIDE(DH, MODP_1536_BIT),
! 249: #endif
! 250: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (1024 * 2)
! 251: PLUGIN_PROVIDE(DH, MODP_1024_BIT),
! 252: PLUGIN_PROVIDE(DH, MODP_1024_160),
! 253: #endif
! 254: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (768 * 2)
! 255: PLUGIN_PROVIDE(DH, MODP_768_BIT),
! 256: #endif
! 257: PLUGIN_PROVIDE(DH, MODP_CUSTOM),
! 258: #endif /* NO_DH */
! 259: #ifndef NO_RSA
! 260: /* RSA private/public key loading */
! 261: PLUGIN_REGISTER(PRIVKEY, wolfssl_rsa_private_key_load, TRUE),
! 262: PLUGIN_PROVIDE(PRIVKEY, KEY_RSA),
! 263: PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
! 264: PLUGIN_REGISTER(PUBKEY, wolfssl_rsa_public_key_load, TRUE),
! 265: PLUGIN_PROVIDE(PUBKEY, KEY_RSA),
! 266: #ifdef WOLFSSL_KEY_GEN
! 267: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_rsa_private_key_gen, FALSE),
! 268: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_RSA),
! 269: #endif
! 270: /* signature/encryption schemes */
! 271: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_NULL),
! 272: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_NULL),
! 273: #ifdef WC_RSA_PSS
! 274: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PSS),
! 275: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PSS),
! 276: #endif
! 277: #ifndef NO_SHA
! 278: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA1),
! 279: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA1),
! 280: #endif
! 281: #ifdef WOLFSSL_SHA224
! 282: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_224),
! 283: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_224),
! 284: #endif
! 285: #ifndef NO_SHA256
! 286: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_256),
! 287: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_256),
! 288: #endif
! 289: #ifdef WOLFSSL_SHA384
! 290: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_384),
! 291: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_384),
! 292: #endif
! 293: #ifdef WOLFSSL_SHA512
! 294: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_512),
! 295: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_512),
! 296: #endif
! 297: #ifndef NO_MD5
! 298: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_MD5),
! 299: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_MD5),
! 300: #endif
! 301: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_PKCS1),
! 302: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_PKCS1),
! 303: #ifndef WC_NO_RSA_OAEP
! 304: #ifndef NO_SHA
! 305: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA1),
! 306: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA1),
! 307: #endif
! 308: #ifdef WOLFSSL_SHA224
! 309: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA224),
! 310: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA224),
! 311: #endif
! 312: #ifndef NO_SHA256
! 313: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA256),
! 314: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA256),
! 315: #endif
! 316: #ifdef WOLFSSL_SHA384
! 317: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA384),
! 318: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA384),
! 319: #endif
! 320: #ifdef WOLFSSL_SHA512
! 321: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA512),
! 322: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA512),
! 323: #endif
! 324: #endif /* !WC_NO_RSA_OAEP */
! 325: #endif /* !NO_RSA */
! 326: #ifdef HAVE_ECC
! 327: #ifdef HAVE_ECC_KEY_IMPORT
! 328: /* EC private/public key loading */
! 329: PLUGIN_REGISTER(PRIVKEY, wolfssl_ec_private_key_load, TRUE),
! 330: PLUGIN_PROVIDE(PRIVKEY, KEY_ECDSA),
! 331: PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
! 332: #endif
! 333: #ifdef HAVE_ECC_DHE
! 334: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_ec_private_key_gen, FALSE),
! 335: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_ECDSA),
! 336: #endif
! 337: #ifdef HAVE_ECC_KEY_IMPORT
! 338: PLUGIN_REGISTER(PUBKEY, wolfssl_ec_public_key_load, TRUE),
! 339: PLUGIN_PROVIDE(PUBKEY, KEY_ECDSA),
! 340: #endif
! 341: #ifdef HAVE_ECC_SIGN
! 342: /* signature encryption schemes */
! 343: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_NULL),
! 344: #ifndef NO_SHA
! 345: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA1_DER),
! 346: #endif
! 347: #ifndef NO_SHA256
! 348: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA256_DER),
! 349: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_256),
! 350: #endif
! 351: #ifdef WOLFSSL_SHA384
! 352: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA384_DER),
! 353: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_384),
! 354: #endif
! 355: #ifdef WOLFSSL_SHA512
! 356: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA512_DER),
! 357: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_521),
! 358: #endif
! 359: #endif /* HAVE_ECC_SIGN */
! 360: #ifdef HAVE_ECC_VERIFY
! 361: /* signature encryption schemes */
! 362: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_NULL),
! 363: #ifndef NO_SHA
! 364: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA1_DER),
! 365: #endif
! 366: #ifndef NO_SHA256
! 367: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA256_DER),
! 368: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_256),
! 369: #endif
! 370: #ifdef WOLFSSL_SHA384
! 371: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA384_DER),
! 372: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_384),
! 373: #endif
! 374: #ifdef WOLFSSL_SHA512
! 375: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA512_DER),
! 376: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_521),
! 377: #endif
! 378: #endif /* HAVE_ECC_VERIFY */
! 379: #endif /* HAVE_ECC */
! 380: #ifdef HAVE_CURVE25519
! 381: PLUGIN_REGISTER(DH, wolfssl_x_diffie_hellman_create),
! 382: PLUGIN_PROVIDE(DH, CURVE_25519),
! 383: #endif
! 384: #ifdef HAVE_ED25519
! 385: /* EdDSA private/public key loading */
! 386: PLUGIN_REGISTER(PUBKEY, wolfssl_ed_public_key_load, TRUE),
! 387: PLUGIN_PROVIDE(PUBKEY, KEY_ED25519),
! 388: PLUGIN_REGISTER(PRIVKEY, wolfssl_ed_private_key_load, TRUE),
! 389: PLUGIN_PROVIDE(PRIVKEY, KEY_ED25519),
! 390: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_ed_private_key_gen, FALSE),
! 391: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_ED25519),
! 392: #ifdef HAVE_ED25519_SIGN
! 393: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ED25519),
! 394: #endif
! 395: #ifdef HAVE_ED25519_VERIFY
! 396: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ED25519),
! 397: #endif
! 398: /* register a pro forma identity hasher, never instantiated */
! 399: PLUGIN_REGISTER(HASHER, return_null),
! 400: PLUGIN_PROVIDE(HASHER, HASH_IDENTITY),
! 401: #endif /* HAVE_ED25519 */
! 402: #ifndef WC_NO_RNG
! 403: /* generic key loader */
! 404: PLUGIN_REGISTER(RNG, wolfssl_rng_create),
! 405: PLUGIN_PROVIDE(RNG, RNG_STRONG),
! 406: PLUGIN_PROVIDE(RNG, RNG_WEAK),
! 407: #endif
! 408: };
! 409: *features = f;
! 410: return countof(f);
! 411: }
! 412:
! 413: METHOD(plugin_t, destroy, void,
! 414: private_wolfssl_plugin_t *this)
! 415: {
! 416: #ifndef WC_NO_RNG
! 417: wolfssl_rng_global_final();
! 418: #endif
! 419: wolfSSL_Cleanup();
! 420:
! 421: free(this);
! 422: }
! 423:
! 424: /*
! 425: * Described in header
! 426: */
! 427: plugin_t *wolfssl_plugin_create()
! 428: {
! 429: private_wolfssl_plugin_t *this;
! 430: bool fips_mode;
! 431:
! 432: fips_mode = lib->settings->get_bool(lib->settings,
! 433: "%s.plugins.wolfssl.fips_mode", FALSE, lib->ns);
! 434: #ifdef HAVE_FIPS
! 435: if (fips_mode)
! 436: {
! 437: int ret = wolfCrypt_GetStatus_fips();
! 438: if (ret != 0)
! 439: {
! 440: DBG1(DBG_LIB, "wolfssl FIPS mode unavailable (%d)", ret);
! 441: return NULL;
! 442: }
! 443: }
! 444: #else
! 445: if (fips_mode)
! 446: {
! 447: DBG1(DBG_LIB, "wolfssl FIPS mode unavailable");
! 448: return NULL;
! 449: }
! 450: #endif
! 451:
! 452: wolfSSL_Init();
! 453: #ifndef WC_NO_RNG
! 454: if (!wolfssl_rng_global_init())
! 455: {
! 456: return NULL;
! 457: }
! 458: #endif
! 459:
! 460: INIT(this,
! 461: .public = {
! 462: .plugin = {
! 463: .get_name = _get_name,
! 464: .get_features = _get_features,
! 465: .destroy = _destroy,
! 466: },
! 467: },
! 468: );
! 469:
! 470: return &this->public.plugin;
! 471: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to wolfssl_plugin.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / wolfssl