credentials: Added void *params to public_key encrypt() and private_key decrypt(...

diff --git a/src/charon-tkm/src/tkm/tkm_private_key.c b/src/charon-tkm/src/tkm/tkm_private_key.c
index 0ef3a103c3070b60a66c1126c4818f95b61728ca..13e0256b09d2917c4d4321b9400b8dee1b35e103 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_private_key.c
+++ b/src/charon-tkm/src/tkm/tkm_private_key.c
@@ -90,7 +90,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_tkm_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        return FALSE;
 }

diff --git a/src/charon-tkm/src/tkm/tkm_public_key.c b/src/charon-tkm/src/tkm/tkm_public_key.c
index 5a49b4511d0781ad07c5770c5de3159b9f92fbef..2f8d1a033c7629eadf938b3c0ed8d14631525185 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_public_key.c
+++ b/src/charon-tkm/src/tkm/tkm_public_key.c
@@ -62,7 +62,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt_, bool,
        private_tkm_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        return FALSE;
 }

diff --git a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
index e1059a8f41b3242ad0f7e3f0b09edc9716ef1bdd..fbc10a09e9ee06490ef01828990b2d21f43df70a 100644 (file)
--- a/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
+++ b/src/frontends/android/app/src/main/jni/libandroidbridge/backend/android_private_key.c
@@ -388,7 +388,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, decrypt, bool,
        private_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "private key decryption is currently not supported via JNI");
        return FALSE;

diff --git a/src/libstrongswan/credentials/keys/private_key.h b/src/libstrongswan/credentials/keys/private_key.h
index 079c779fb71c515efca58120b02ea60a81af26b8..13bd40119df3dc223ef12816048d4b76a5221077 100644 (file)
--- a/src/libstrongswan/credentials/keys/private_key.h
+++ b/src/libstrongswan/credentials/keys/private_key.h
@@ -67,12 +67,13 @@ struct private_key_t {
         * Decrypt a chunk of data.
         *
         * @param scheme        expected encryption scheme used
+        * @param params        optional parameters required by the specified scheme
         * @param crypto        chunk containing encrypted data
         * @param plain         where to allocate decrypted data
         * @return                      TRUE if data decrypted and plaintext allocated
         */
        bool (*decrypt)(private_key_t *this, encryption_scheme_t scheme,
-                                       chunk_t crypto, chunk_t *plain);
+                                       void *params, chunk_t crypto, chunk_t *plain);
 
        /**
         * Get the strength of the key in bits.

diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h
index 756d9ba054da3fa403d2de54838acc2b907b6ef7..1dfa9eca37ab44478ea430d1cb79bc666d85d0c1 100644 (file)
--- a/src/libstrongswan/credentials/keys/public_key.h
+++ b/src/libstrongswan/credentials/keys/public_key.h
@@ -182,12 +182,13 @@ struct public_key_t {
         * Encrypt a chunk of data.
         *
         * @param scheme        encryption scheme to use
+        * @param params        optional parameters required by the specified scheme
         * @param plain         chunk containing plaintext data
         * @param crypto        where to allocate encrypted data
         * @return                      TRUE if data successfully encrypted
         */
        bool (*encrypt)(public_key_t *this, encryption_scheme_t scheme,
-                                       chunk_t plain, chunk_t *crypto);
+                                       void *params, chunk_t plain, chunk_t *crypto);
 
        /**
         * Check if two public keys are equal.

diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c
index 8f6ea375e0bc72b9c3ab409d9a566dfe8eac4c32..469d373debcb0f19a629ba7022b77d1be9f4bd6f 100644 (file)
--- a/src/libstrongswan/plugins/agent/agent_private_key.c
+++ b/src/libstrongswan/plugins/agent/agent_private_key.c
@@ -391,7 +391,7 @@ METHOD(private_key_t, get_type, key_type_t,
 
 METHOD(private_key_t, decrypt, bool,
        private_agent_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "private key decryption not supported by ssh-agent");
        return FALSE;

diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c
index b9e926dec69abc2d066b09ee6128f7e28cfdb094..59c6be95c364f0e02bf6f752a15abf8cb8440cf9 100644 (file)
--- a/src/libstrongswan/plugins/bliss/bliss_private_key.c
+++ b/src/libstrongswan/plugins/bliss/bliss_private_key.c
@@ -538,7 +538,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_bliss_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported",
                                   encryption_scheme_names, scheme);

diff --git a/src/libstrongswan/plugins/bliss/bliss_public_key.c b/src/libstrongswan/plugins/bliss/bliss_public_key.c
index 945840cdce3e5ae55cfc7c0e95e6a419299e2a97..96ce4bbe8cca9d07192f1581be15f913ff8499cc 100644 (file)
--- a/src/libstrongswan/plugins/bliss/bliss_public_key.c
+++ b/src/libstrongswan/plugins/bliss/bliss_public_key.c
@@ -220,7 +220,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt_, bool,
        private_bliss_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported",
                                   encryption_scheme_names, scheme);

diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
index 908ea910d7c91b884eac0e42948478a213898ce7..f7fa230a65f05b12519861b24113077d42978bc8 100644 (file)
--- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
+++ b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c
@@ -168,8 +168,8 @@ START_TEST(test_bliss_sign_fail)
        ck_assert(!pubkey->get_fingerprint(pubkey, KEYID_PGPV4, &fp));
 
        /* encryption / decryption operation is not defined for BLISS */
-       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, chunk_empty, NULL));
-       ck_assert(!privkey->decrypt(privkey, ENCRYPT_UNKNOWN, chunk_empty, NULL));
+       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, NULL, chunk_empty, NULL));
+       ck_assert(!privkey->decrypt(privkey, ENCRYPT_UNKNOWN, NULL, chunk_empty, NULL));
 
        /* sign with invalid signature scheme */
        ck_assert(!privkey->sign(privkey, SIGN_UNKNOWN, NULL, msg, &signature));

diff --git a/src/libstrongswan/plugins/botan/botan_ec_private_key.c b/src/libstrongswan/plugins/botan/botan_ec_private_key.c
index b6940907f802252c2e98919f4d9506437ae8be4b..0063881462d4b75f95dd0a377ede46de29f83ebd 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_ec_private_key.c
+++ b/src/libstrongswan/plugins/botan/botan_ec_private_key.c
@@ -141,7 +141,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_botan_ec_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/botan/botan_ec_public_key.c b/src/libstrongswan/plugins/botan/botan_ec_public_key.c
index 095ae3f20b132f4cb18584648dac9acffc260218..95def4fa7588506c9633a48c96a2e1e66ea767dc 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_ec_public_key.c
+++ b/src/libstrongswan/plugins/botan/botan_ec_public_key.c
@@ -190,7 +190,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_botan_ec_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC public key encryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/botan/botan_ed_private_key.c b/src/libstrongswan/plugins/botan/botan_ed_private_key.c
index 5d901ac743649f88eca201b63442327eeb8a2d98..3a43fda8dc0050173d13fe78318cb8dc712d16fe 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_ed_private_key.c
+++ b/src/libstrongswan/plugins/botan/botan_ed_private_key.c
@@ -74,7 +74,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EdDSA private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/botan/botan_ed_public_key.c b/src/libstrongswan/plugins/botan/botan_ed_public_key.c
index 41d2baae823bb65ff6f8aef43037644791bf02a7..24a04009de2e49b2c7b9751ece05ab8dfc3f70cd 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_ed_public_key.c
+++ b/src/libstrongswan/plugins/botan/botan_ed_public_key.c
@@ -82,7 +82,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EdDSA public key encryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c
index 03ce257cce961b3694edff7f0e8bf291a272638c..1aa3df8593513cf7052478aa0c8f968d5dd549e6 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_rsa_private_key.c
+++ b/src/libstrongswan/plugins/botan/botan_rsa_private_key.c
@@ -159,7 +159,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_botan_rsa_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        botan_pk_op_decrypt_t decrypt_op;
        const char *padding;

diff --git a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c
index 06560c393a685a50c7521170f1c8c0c2838f2999..684727da701bf1cdcd5e6746b5acc69855b09458 100644 (file)
--- a/src/libstrongswan/plugins/botan/botan_rsa_public_key.c
+++ b/src/libstrongswan/plugins/botan/botan_rsa_public_key.c
@@ -139,7 +139,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_botan_rsa_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        botan_pk_op_encrypt_t encrypt_op;
        botan_rng_t rng;

diff --git a/src/libstrongswan/plugins/curve25519/curve25519_private_key.c b/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
index 878be4ca587775dce6fd97bb6ca02057f648dc1f..4bfb1f13c853e6720dd54e2692056213a092eaec 100644 (file)
--- a/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
+++ b/src/libstrongswan/plugins/curve25519/curve25519_private_key.c
@@ -113,7 +113,7 @@ end:
 
 METHOD(private_key_t, decrypt, bool,
        private_curve25519_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported", encryption_scheme_names,
                 scheme);

diff --git a/src/libstrongswan/plugins/curve25519/curve25519_public_key.c b/src/libstrongswan/plugins/curve25519/curve25519_public_key.c
index dfc1df4d0b9169da544452f6d89a217722dc1b31..30959c62580bb716717eb607ad2e6fd9e5cf1996 100644 (file)
--- a/src/libstrongswan/plugins/curve25519/curve25519_public_key.c
+++ b/src/libstrongswan/plugins/curve25519/curve25519_public_key.c
@@ -139,7 +139,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt_, bool,
        private_curve25519_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported", encryption_scheme_names,
                 scheme);

diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
index 394b87c271e0474a3555abd15637811d7e58a09a..5bc0a72ec56c6d06fbe8a379fd59b0ee1e4c3aa3 100644 (file)
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c
@@ -278,7 +278,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_gcrypt_rsa_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t encrypted, chunk_t *plain)
+       void *params, chunk_t encrypted, chunk_t *plain)
 {
        gcry_error_t err;
        gcry_sexp_t in, out;

diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
index bbfa5e29800f36a424f2a848fb8c1e38e0e67cbd..694a969f80e099cf5132e1f922a5c019a96c6c11 100644 (file)
--- a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c
@@ -237,7 +237,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt_, bool,
        private_gcrypt_rsa_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *encrypted)
+       void *params, chunk_t plain, chunk_t *encrypted)
 {
        gcry_sexp_t in, out;
        gcry_error_t err;

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 3c5c31be5ad37bc984aad5cc0bd4d510142a068f..bd5e4bf772bd97b4b5895d63fed2b97c950ff706 100644 (file)
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -494,7 +494,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_gmp_rsa_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        chunk_t em, stripped;
        bool success = FALSE;

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 3a775090883e56fe1bc13b5364b7736b1e722722..5b96bbfad855779bc5dfd11562d00760897e90be 100644 (file)
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -313,7 +313,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt_, bool,
        private_gmp_rsa_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        chunk_t em;
        u_char *pos;

diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
index 364190758c95910c03b2e6dd2ecba028103166a7..0c208be7e4ac085069eabe71a0a882edf297fe2f 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c
@@ -183,7 +183,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_openssl_ec_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
index ba41c508f516ef7628ae3ea35986b8d535cebd39..79ab82db548d06f32ecf4c919fc502d2d8c52d45 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c
@@ -183,7 +183,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_openssl_ec_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC public key encryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/openssl/openssl_ed_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ed_private_key.c
index 44844fcf7eac62cb47ab22f9a682f5e82a9ba025..76e6cdbb62296f1b6fc235cca5e3775d48064624 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_ed_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ed_private_key.c
@@ -108,7 +108,7 @@ error:
 
 METHOD(private_key_t, decrypt, bool,
        private_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EdDSA private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/openssl/openssl_ed_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ed_public_key.c
index 2daddc57eae23aa463db6d2d0a0c07d3900a5afd..4e3bd191fcdf6a918ab8caf91056a9942f28de57 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_ed_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ed_public_key.c
@@ -118,7 +118,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported", encryption_scheme_names,
                 scheme);

diff --git a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
index 0bd85456bf141ecff052e608530f896bb6593399..4f94aaf9d66300044ae2427d770e2d1a6438de91 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
+++ b/src/libstrongswan/plugins/openssl/openssl_pkcs7.c
@@ -644,7 +644,7 @@ static bool decrypt(private_openssl_pkcs7_t *this,
                                {
                                        /* get encryptedKey from internal structure; TODO fixup */
                                        chunk = openssl_asn1_str2chunk(ri->ktri->encryptedKey);
-                                       if (private->decrypt(private, ENCRYPT_RSA_PKCS1,
+                                       if (private->decrypt(private, ENCRYPT_RSA_PKCS1, NULL,
                                                                                 chunk, &key))
                                        {
                                                private->destroy(private);

diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
index 6cf20e247ab6291fa599c2fa5776e33581930275..b4a122b5add4b7cd4a01cceed9dc7c9af45bc417 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c
@@ -306,7 +306,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_openssl_rsa_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        int padding, len;
        char *decrypted;

diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
index 4cdb883cc035f3ca943d9351ea17e5750445eda3..41793484efe029993b09bdb785b8cbf82978e0fb 100644 (file)
--- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c
@@ -307,7 +307,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_openssl_rsa_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        int padding, len;
        char *encrypted;

diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c
index 64e1a4c9649e7433d85079eea966cd67a9d1904b..43a9046a1231edeb31a528150978d8ac87a3d6bb 100644 (file)
--- a/src/libstrongswan/plugins/pgp/pgp_builder.c
+++ b/src/libstrongswan/plugins/pgp/pgp_builder.c
@@ -126,7 +126,7 @@ METHOD(private_key_t, sign_not_allowed, bool,
 
 METHOD(private_key_t, decrypt_not_allowed, bool,
        private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "decryption failed - signature only key");
        return FALSE;

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
index 820ac3f315951e5e607cd0dee08d4cff6e14ace3..dce3a9f15a9d3cd76710489006f02e2860d2a6ed 100644 (file)
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_private_key.c
@@ -388,7 +388,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_pkcs11_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypt, chunk_t *plain)
+       void *params, chunk_t crypt, chunk_t *plain)
 {
        CK_MECHANISM_PTR mechanism;
        CK_SESSION_HANDLE session;

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
index cbebc6364469408e730e34c1965475a9a9f83b1b..0455055746d13284501838c0a84e1e84a4b63eab 100644 (file)
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_public_key.c
@@ -307,7 +307,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_pkcs11_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypt)
+       void *params, chunk_t plain, chunk_t *crypt)
 {
        CK_MECHANISM_PTR mechanism;
        CK_SESSION_HANDLE session;

diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c
index 82d113decef35b0a329281524b14c63351ffee3e..e40528d09831c965735e4cb1c1914b9b22f49d60 100644 (file)
--- a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c
+++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c
@@ -137,7 +137,7 @@ static bool decrypt(private_key_t *private, chunk_t key, chunk_t iv, int oid,
                DBG1(DBG_LIB, "unsupported content encryption algorithm");
                return FALSE;
        }
-       if (!private->decrypt(private, ENCRYPT_RSA_PKCS1, key, &plain_key))
+       if (!private->decrypt(private, ENCRYPT_RSA_PKCS1, NULL, key, &plain_key))
        {
                DBG1(DBG_LIB, "symmetric key could not be decrypted with rsa");
                return FALSE;
@@ -438,7 +438,7 @@ static bool encrypt_key(certificate_t *cert, chunk_t in, chunk_t *out)
        {
                return FALSE;
        }
-       if (!key->encrypt(key, ENCRYPT_RSA_PKCS1, in, out))
+       if (!key->encrypt(key, ENCRYPT_RSA_PKCS1, NULL, in, out))
        {
                key->destroy(key);
                return FALSE;

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
index 2a2b44e4c90f2feaf1d7457c1bb3cd87fb5b796d..a08cc17e39be109732eb822acd4b64eb4d942c24 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_private_key.c
@@ -207,7 +207,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_wolfssl_ec_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_public_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_public_key.c
index abcddab79a5aeaabb239e09d06edac10a9cc4cd8..d8a1ededb06fcd4b6ac33665def0a6e5832921a1 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ec_public_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ec_public_key.c
@@ -195,7 +195,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_wolfssl_ec_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EC public key encryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ed_private_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ed_private_key.c
index 2b6b743086d84d53ffb3b88b9a9d216cb9624ae9..871c22085fcadfe861413278a1c0db0bc9437805 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ed_private_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ed_private_key.c
@@ -113,7 +113,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "EdDSA private key decryption not implemented");
        return FALSE;

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_ed_public_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_ed_public_key.c
index 9a5bec19e5c5aeeaadfd5be9603d415545608a66..a336d519e462b5756c2ff1728b17833dec89872d 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_ed_public_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_ed_public_key.c
@@ -114,7 +114,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        DBG1(DBG_LIB, "encryption scheme %N not supported", encryption_scheme_names,
                 scheme);

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
index 028d50c1a4be6c6738bd4e891209a0b80fcbb4d2..03b6c9326f0792baab6abdfbc2dd1c12f71d29d7 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
@@ -243,7 +243,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_wolfssl_rsa_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypto, chunk_t *plain)
+       void *params, chunk_t crypto, chunk_t *plain)
 {
        int padding, mgf, len;
        enum wc_HashType hash;

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
index 4a03d40145494c3ba4782a45bf53d2c319ae8c50..5329b59539470a10f58dd1f8a4583c116e179ed5 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
@@ -218,7 +218,7 @@ METHOD(public_key_t, verify, bool,
 
 METHOD(public_key_t, encrypt, bool,
        private_wolfssl_rsa_public_key_t *this, encryption_scheme_t scheme,
-       chunk_t plain, chunk_t *crypto)
+       void *params, chunk_t plain, chunk_t *crypto)
 {
        int padding, mgf, len;
        enum wc_HashType hash;

diff --git a/src/libstrongswan/tests/suites/test_ed25519.c b/src/libstrongswan/tests/suites/test_ed25519.c
index 057cc2af8c8850044a05a01093913c6245a4611a..66df6d7598a8adc6be691e6e91a6fd488cf4a84a 100644 (file)
--- a/src/libstrongswan/tests/suites/test_ed25519.c
+++ b/src/libstrongswan/tests/suites/test_ed25519.c
@@ -379,7 +379,7 @@ START_TEST(test_ed25519_gen)
        key2->destroy(key2);
 
        /* decryption not supported */
-       ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, msg, NULL));
+       ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, NULL, msg, NULL));
 
        /* wrong signature scheme */
        ck_assert(!key->sign(key, SIGN_ED448, NULL, msg, &sig));
@@ -414,7 +414,7 @@ START_TEST(test_ed25519_gen)
        pubkey2->destroy(pubkey2);
 
        /* encryption not supported */
-       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, msg, NULL));
+       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, NULL, msg, NULL));
 
        /* verify with wrong signature scheme */
        ck_assert(!pubkey->verify(pubkey, SIGN_ED448, NULL, msg, sig));

diff --git a/src/libstrongswan/tests/suites/test_ed448.c b/src/libstrongswan/tests/suites/test_ed448.c
index 6505731554fea515ecbe548e6d70bf8e145038f7..7137fcf8321224e4ba8a12bf0ae55885b3deee2e 100644 (file)
--- a/src/libstrongswan/tests/suites/test_ed448.c
+++ b/src/libstrongswan/tests/suites/test_ed448.c
@@ -440,7 +440,7 @@ START_TEST(test_ed448_gen)
        key2->destroy(key2);
 
        /* decryption not supported */
-       ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, msg, NULL));
+       ck_assert(!key->decrypt(key, ENCRYPT_UNKNOWN, NULL, msg, NULL));
 
        /* wrong signature scheme */
        ck_assert(!key->sign(key, SIGN_ED25519, NULL, msg, &sig));
@@ -475,7 +475,7 @@ START_TEST(test_ed448_gen)
        pubkey2->destroy(pubkey2);
 
        /* encryption not supported */
-       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, msg, NULL));
+       ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, NULL, msg, NULL));
 
        /* verify with wrong signature scheme */
        ck_assert(!pubkey->verify(pubkey, SIGN_ED25519, NULL, msg, sig));

diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c
index 1b755ea34e6182ff9c80f6385eb50e35689f6adc..f3854eba5265426b1f21cfe07d9717ca6b5345cc 100644 (file)
--- a/src/libtls/tls_peer.c
+++ b/src/libtls/tls_peer.c
@@ -1628,7 +1628,7 @@ static status_t send_key_exchange_encrypt(private_tls_peer_t *this,
                this->alert->add(this->alert, TLS_FATAL, TLS_CERTIFICATE_UNKNOWN);
                return NEED_MORE;
        }
-       if (!public->encrypt(public, ENCRYPT_RSA_PKCS1,
+       if (!public->encrypt(public, ENCRYPT_RSA_PKCS1, NULL,
                                                 chunk_from_thing(premaster), &encrypted))
        {
                public->destroy(public);

diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c
index f067549e3911cf98f4bcd1548994854519b4d4c6..bbfe542496c35cddb48aed8571e2cadb1fe99d84 100644 (file)
--- a/src/libtls/tls_server.c
+++ b/src/libtls/tls_server.c
@@ -805,8 +805,8 @@ static status_t process_key_exchange_encrypted(private_tls_server_t *this,
        rng->destroy(rng);
 
        if (this->private &&
-               this->private->decrypt(this->private,
-                                                          ENCRYPT_RSA_PKCS1, encrypted, &decrypted))
+               this->private->decrypt(this->private, ENCRYPT_RSA_PKCS1, NULL,
+                                                          encrypted, &decrypted))
        {
                if (decrypted.len == sizeof(premaster) &&
                        untoh16(decrypted.ptr) == this->client_version)

diff --git a/src/libtpmtss/plugins/tpm/tpm_private_key.c b/src/libtpmtss/plugins/tpm/tpm_private_key.c
index d946fbe56716d6c14081326089a1ca5bc381f125..9345d92af8d30f0cf1f050da0c1bad78b0376dd5 100644 (file)
--- a/src/libtpmtss/plugins/tpm/tpm_private_key.c
+++ b/src/libtpmtss/plugins/tpm/tpm_private_key.c
@@ -105,7 +105,7 @@ METHOD(private_key_t, sign, bool,
 
 METHOD(private_key_t, decrypt, bool,
        private_tpm_private_key_t *this, encryption_scheme_t scheme,
-       chunk_t crypt, chunk_t *plain)
+       void *params, chunk_t crypt, chunk_t *plain)
 {
        return FALSE;
 }