Annotation of embedaddon/strongswan/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2019 Sean Parkinson, wolfSSL Inc.
3: *
4: * Permission is hereby granted, free of charge, to any person obtaining a copy
5: * of this software and associated documentation files (the "Software"), to deal
6: * in the Software without restriction, including without limitation the rights
7: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8: * copies of the Software, and to permit persons to whom the Software is
9: * furnished to do so, subject to the following conditions:
10: *
11: * The above copyright notice and this permission notice shall be included in
12: * all copies or substantial portions of the Software.
13: *
14: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
20: * THE SOFTWARE.
21: */
22:
23: #include <library.h>
24: #include <utils/debug.h>
25:
26: #include "wolfssl_common.h"
27: #include "wolfssl_plugin.h"
28: #include "wolfssl_aead.h"
29: #include "wolfssl_crypter.h"
30: #include "wolfssl_diffie_hellman.h"
31: #include "wolfssl_ec_diffie_hellman.h"
32: #include "wolfssl_ec_private_key.h"
33: #include "wolfssl_ec_public_key.h"
34: #include "wolfssl_ed_private_key.h"
35: #include "wolfssl_ed_public_key.h"
36: #include "wolfssl_hasher.h"
37: #include "wolfssl_hmac.h"
38: #include "wolfssl_rsa_private_key.h"
39: #include "wolfssl_rsa_public_key.h"
40: #include "wolfssl_rng.h"
41: #include "wolfssl_sha1_prf.h"
42: #include "wolfssl_x_diffie_hellman.h"
43:
44: #ifndef FIPS_MODE
45: #define FIPS_MODE 0
46: #endif
47:
48: typedef struct private_wolfssl_plugin_t private_wolfssl_plugin_t;
49:
50: /**
51: * Private data of wolfssl_plugin
52: */
53: struct private_wolfssl_plugin_t {
54:
55: /**
56: * Public interface
57: */
58: wolfssl_plugin_t public;
59: };
60:
61: METHOD(plugin_t, get_name, char*,
62: private_wolfssl_plugin_t *this)
63: {
64: return "wolfssl";
65: }
66:
67: METHOD(plugin_t, get_features, int,
68: private_wolfssl_plugin_t *this, plugin_feature_t *features[])
69: {
70: static plugin_feature_t f[] = {
71: /* crypters */
72: PLUGIN_REGISTER(CRYPTER, wolfssl_crypter_create),
73: #if !defined(NO_AES) && !defined(NO_AES_CTR)
74: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 16),
75: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 24),
76: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CTR, 32),
77: #endif
78: #if !defined(NO_AES) && !defined(NO_AES_CBC)
79: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 16),
80: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 24),
81: PLUGIN_PROVIDE(CRYPTER, ENCR_AES_CBC, 32),
82: #endif
83: #ifdef HAVE_CAMELLIA
84: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 16),
85: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 24),
86: PLUGIN_PROVIDE(CRYPTER, ENCR_CAMELLIA_CBC, 32),
87: #endif
88: #ifndef NO_DES3
89: PLUGIN_PROVIDE(CRYPTER, ENCR_3DES, 24),
90: PLUGIN_PROVIDE(CRYPTER, ENCR_DES, 8),
91: #ifdef WOLFSSL_DES_ECB
92: PLUGIN_PROVIDE(CRYPTER, ENCR_DES_ECB, 8),
93: #endif
94: #endif
95: PLUGIN_PROVIDE(CRYPTER, ENCR_NULL, 0),
96: /* hashers */
97: PLUGIN_REGISTER(HASHER, wolfssl_hasher_create),
98: #ifndef NO_MD5
99: PLUGIN_PROVIDE(HASHER, HASH_MD5),
100: #endif
101: #ifndef NO_SHA
102: PLUGIN_PROVIDE(HASHER, HASH_SHA1),
103: #endif
104: #ifdef WOLFSSL_SHA224
105: PLUGIN_PROVIDE(HASHER, HASH_SHA224),
106: #endif
107: #ifndef NO_SHA256
108: PLUGIN_PROVIDE(HASHER, HASH_SHA256),
109: #endif
110: #ifdef WOLFSSL_SHA384
111: PLUGIN_PROVIDE(HASHER, HASH_SHA384),
112: #endif
113: #ifdef WOLFSSL_SHA512
114: PLUGIN_PROVIDE(HASHER, HASH_SHA512),
115: #endif
116: #ifndef NO_SHA
117: /* keyed sha1 hasher (aka prf) */
118: PLUGIN_REGISTER(PRF, wolfssl_sha1_prf_create),
119: PLUGIN_PROVIDE(PRF, PRF_KEYED_SHA1),
120: #endif
121: #ifndef NO_HMAC
122: PLUGIN_REGISTER(PRF, wolfssl_hmac_prf_create),
123: #ifndef NO_MD5
124: PLUGIN_PROVIDE(PRF, PRF_HMAC_MD5),
125: #endif
126: #ifndef NO_SHA
127: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA1),
128: #endif
129: #ifndef NO_SHA256
130: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_256),
131: #endif
132: #ifdef WOLFSSL_SHA384
133: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_384),
134: #endif
135: #ifdef WOLFSSL_SHA512
136: PLUGIN_PROVIDE(PRF, PRF_HMAC_SHA2_512),
137: #endif
138: PLUGIN_REGISTER(SIGNER, wolfssl_hmac_signer_create),
139: #ifndef NO_MD5
140: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_MD5_96),
141: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_MD5_128),
142: #endif
143: #ifndef NO_SHA
144: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_96),
145: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_128),
146: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA1_160),
147: #endif
148: #ifndef NO_SHA256
149: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_256_128),
150: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_256_256),
151: #endif
152: #ifdef WOLFSSL_SHA384
153: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_384_192),
154: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_384_384),
155: #endif
156: #ifdef WOLFSSL_SHA512
157: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_512_256),
158: PLUGIN_PROVIDE(SIGNER, AUTH_HMAC_SHA2_512_512),
159: #endif
160: #endif /* NO_HMAC */
161: #if (!defined(NO_AES) && (defined(HAVE_AESGCM) || defined(HAVE_AESCCM))) || \
162: (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
163: PLUGIN_REGISTER(AEAD, wolfssl_aead_create),
164: #if !defined(NO_AES) && defined(HAVE_AESGCM)
165: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 16),
166: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 24),
167: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV16, 32),
168: #if WOLFSSL_MIN_AUTH_TAG_SZ <= 12
169: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 16),
170: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 24),
171: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV12, 32),
172: #endif
173: #if WOLFSSL_MIN_AUTH_TAG_SZ <= 8
174: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 16),
175: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 24),
176: PLUGIN_PROVIDE(AEAD, ENCR_AES_GCM_ICV8, 32),
177: #endif
178: #endif /* !NO_AES && HAVE_AESGCM */
179: #if !defined(NO_AES) && defined(HAVE_AESCCM)
180: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 16),
181: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 24),
182: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV16, 32),
183: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 16),
184: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 24),
185: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV12, 32),
186: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 16),
187: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 24),
188: PLUGIN_PROVIDE(AEAD, ENCR_AES_CCM_ICV8, 32),
189: #endif /* !NO_AES && HAVE_AESCCM */
190: #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
191: PLUGIN_PROVIDE(AEAD, ENCR_CHACHA20_POLY1305, 32),
192: #endif /* HAVE_CHACHA && HAVE_POLY1305 */
193: #endif
194: #ifdef HAVE_ECC_DHE
195: /* EC DH groups */
196: PLUGIN_REGISTER(DH, wolfssl_ec_diffie_hellman_create),
197: #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
198: PLUGIN_PROVIDE(DH, ECP_256_BIT),
199: #endif
200: #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
201: PLUGIN_PROVIDE(DH, ECP_384_BIT),
202: #endif
203: #if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
204: PLUGIN_PROVIDE(DH, ECP_521_BIT),
205: #endif
206: #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
207: PLUGIN_PROVIDE(DH, ECP_224_BIT),
208: #endif
209: #if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
210: PLUGIN_PROVIDE(DH, ECP_192_BIT),
211: #endif
212: #ifdef HAVE_BRAINPOOL
213: #if !define(NO_ECC256) || defined(HAVE_ALL_CURVES)
214: PLUGIN_PROVIDE(DH, ECP_256_BP),
215: #endif
216: #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
217: PLUGIN_PROVIDE(DH, ECP_384_BP),
218: #endif
219: #if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)
220: PLUGIN_PROVIDE(DH, ECP_512_BP),
221: #endif
222: #if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
223: PLUGIN_PROVIDE(DH, ECP_224_BP),
224: #endif
225: #endif
226: #endif /* HAVE_ECC_DHE */
227: #ifndef NO_DH
228: /* MODP DH groups */
229: PLUGIN_REGISTER(DH, wolfssl_diffie_hellman_create),
230: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (3072 * 2)
231: PLUGIN_PROVIDE(DH, MODP_3072_BIT),
232: #endif
233: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (4096 * 2)
234: PLUGIN_PROVIDE(DH, MODP_4096_BIT),
235: #endif
236: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (6144 * 2)
237: PLUGIN_PROVIDE(DH, MODP_6144_BIT),
238: #endif
239: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (8192 * 2)
240: PLUGIN_PROVIDE(DH, MODP_8192_BIT),
241: #endif
242: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (2048 * 2)
243: PLUGIN_PROVIDE(DH, MODP_2048_BIT),
244: PLUGIN_PROVIDE(DH, MODP_2048_224),
245: PLUGIN_PROVIDE(DH, MODP_2048_256),
246: #endif
247: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (1536 * 2)
248: PLUGIN_PROVIDE(DH, MODP_1536_BIT),
249: #endif
250: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (1024 * 2)
251: PLUGIN_PROVIDE(DH, MODP_1024_BIT),
252: PLUGIN_PROVIDE(DH, MODP_1024_160),
253: #endif
254: #if !defined(USE_FAST_MATH) || FP_MAX_BITS >= (768 * 2)
255: PLUGIN_PROVIDE(DH, MODP_768_BIT),
256: #endif
257: PLUGIN_PROVIDE(DH, MODP_CUSTOM),
258: #endif /* NO_DH */
259: #ifndef NO_RSA
260: /* RSA private/public key loading */
261: PLUGIN_REGISTER(PRIVKEY, wolfssl_rsa_private_key_load, TRUE),
262: PLUGIN_PROVIDE(PRIVKEY, KEY_RSA),
263: PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
264: PLUGIN_REGISTER(PUBKEY, wolfssl_rsa_public_key_load, TRUE),
265: PLUGIN_PROVIDE(PUBKEY, KEY_RSA),
266: #ifdef WOLFSSL_KEY_GEN
267: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_rsa_private_key_gen, FALSE),
268: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_RSA),
269: #endif
270: /* signature/encryption schemes */
271: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_NULL),
272: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_NULL),
273: #ifdef WC_RSA_PSS
274: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PSS),
275: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PSS),
276: #endif
277: #ifndef NO_SHA
278: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA1),
279: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA1),
280: #endif
281: #ifdef WOLFSSL_SHA224
282: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_224),
283: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_224),
284: #endif
285: #ifndef NO_SHA256
286: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_256),
287: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_256),
288: #endif
289: #ifdef WOLFSSL_SHA384
290: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_384),
291: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_384),
292: #endif
293: #ifdef WOLFSSL_SHA512
294: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_512),
295: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_512),
296: #endif
297: #ifndef NO_MD5
298: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_MD5),
299: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_MD5),
300: #endif
301: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_PKCS1),
302: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_PKCS1),
303: #ifndef WC_NO_RSA_OAEP
304: #ifndef NO_SHA
305: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA1),
306: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA1),
307: #endif
308: #ifdef WOLFSSL_SHA224
309: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA224),
310: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA224),
311: #endif
312: #ifndef NO_SHA256
313: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA256),
314: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA256),
315: #endif
316: #ifdef WOLFSSL_SHA384
317: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA384),
318: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA384),
319: #endif
320: #ifdef WOLFSSL_SHA512
321: PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA512),
322: PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA512),
323: #endif
324: #endif /* !WC_NO_RSA_OAEP */
325: #endif /* !NO_RSA */
326: #ifdef HAVE_ECC
327: #ifdef HAVE_ECC_KEY_IMPORT
328: /* EC private/public key loading */
329: PLUGIN_REGISTER(PRIVKEY, wolfssl_ec_private_key_load, TRUE),
330: PLUGIN_PROVIDE(PRIVKEY, KEY_ECDSA),
331: PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
332: #endif
333: #ifdef HAVE_ECC_DHE
334: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_ec_private_key_gen, FALSE),
335: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_ECDSA),
336: #endif
337: #ifdef HAVE_ECC_KEY_IMPORT
338: PLUGIN_REGISTER(PUBKEY, wolfssl_ec_public_key_load, TRUE),
339: PLUGIN_PROVIDE(PUBKEY, KEY_ECDSA),
340: #endif
341: #ifdef HAVE_ECC_SIGN
342: /* signature encryption schemes */
343: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_NULL),
344: #ifndef NO_SHA
345: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA1_DER),
346: #endif
347: #ifndef NO_SHA256
348: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA256_DER),
349: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_256),
350: #endif
351: #ifdef WOLFSSL_SHA384
352: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA384_DER),
353: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_384),
354: #endif
355: #ifdef WOLFSSL_SHA512
356: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_WITH_SHA512_DER),
357: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ECDSA_521),
358: #endif
359: #endif /* HAVE_ECC_SIGN */
360: #ifdef HAVE_ECC_VERIFY
361: /* signature encryption schemes */
362: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_NULL),
363: #ifndef NO_SHA
364: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA1_DER),
365: #endif
366: #ifndef NO_SHA256
367: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA256_DER),
368: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_256),
369: #endif
370: #ifdef WOLFSSL_SHA384
371: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA384_DER),
372: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_384),
373: #endif
374: #ifdef WOLFSSL_SHA512
375: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_WITH_SHA512_DER),
376: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ECDSA_521),
377: #endif
378: #endif /* HAVE_ECC_VERIFY */
379: #endif /* HAVE_ECC */
380: #ifdef HAVE_CURVE25519
381: PLUGIN_REGISTER(DH, wolfssl_x_diffie_hellman_create),
382: PLUGIN_PROVIDE(DH, CURVE_25519),
383: #endif
384: #ifdef HAVE_ED25519
385: /* EdDSA private/public key loading */
386: PLUGIN_REGISTER(PUBKEY, wolfssl_ed_public_key_load, TRUE),
387: PLUGIN_PROVIDE(PUBKEY, KEY_ED25519),
388: PLUGIN_REGISTER(PRIVKEY, wolfssl_ed_private_key_load, TRUE),
389: PLUGIN_PROVIDE(PRIVKEY, KEY_ED25519),
390: PLUGIN_REGISTER(PRIVKEY_GEN, wolfssl_ed_private_key_gen, FALSE),
391: PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_ED25519),
392: #ifdef HAVE_ED25519_SIGN
393: PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ED25519),
394: #endif
395: #ifdef HAVE_ED25519_VERIFY
396: PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ED25519),
397: #endif
398: /* register a pro forma identity hasher, never instantiated */
399: PLUGIN_REGISTER(HASHER, return_null),
400: PLUGIN_PROVIDE(HASHER, HASH_IDENTITY),
401: #endif /* HAVE_ED25519 */
402: #ifndef WC_NO_RNG
403: /* generic key loader */
404: PLUGIN_REGISTER(RNG, wolfssl_rng_create),
405: PLUGIN_PROVIDE(RNG, RNG_STRONG),
406: PLUGIN_PROVIDE(RNG, RNG_WEAK),
407: #endif
408: };
409: *features = f;
410: return countof(f);
411: }
412:
413: METHOD(plugin_t, destroy, void,
414: private_wolfssl_plugin_t *this)
415: {
416: #ifndef WC_NO_RNG
417: wolfssl_rng_global_final();
418: #endif
419: wolfSSL_Cleanup();
420:
421: free(this);
422: }
423:
424: /*
425: * Described in header
426: */
427: plugin_t *wolfssl_plugin_create()
428: {
429: private_wolfssl_plugin_t *this;
430: bool fips_mode;
431:
432: fips_mode = lib->settings->get_bool(lib->settings,
433: "%s.plugins.wolfssl.fips_mode", FALSE, lib->ns);
434: #ifdef HAVE_FIPS
435: if (fips_mode)
436: {
437: int ret = wolfCrypt_GetStatus_fips();
438: if (ret != 0)
439: {
440: DBG1(DBG_LIB, "wolfssl FIPS mode unavailable (%d)", ret);
441: return NULL;
442: }
443: }
444: #else
445: if (fips_mode)
446: {
447: DBG1(DBG_LIB, "wolfssl FIPS mode unavailable");
448: return NULL;
449: }
450: #endif
451:
452: wolfSSL_Init();
453: #ifndef WC_NO_RNG
454: if (!wolfssl_rng_global_init())
455: {
456: return NULL;
457: }
458: #endif
459:
460: INIT(this,
461: .public = {
462: .plugin = {
463: .get_name = _get_name,
464: .get_features = _get_features,
465: .destroy = _destroy,
466: },
467: },
468: );
469:
470: return &this->public.plugin;
471: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to wolfssl_plugin.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / wolfssl