]>
Commit | Line | Data |
---|---|---|
17353034 TB |
1 | /* |
2 | * Copyright (C) 2008 Tobias Brunner | |
ddd7e6c6 | 3 | * Copyright (C) 2008 Martin Willi |
17353034 TB |
4 | * Hochschule fuer Technik Rapperswil |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2 of the License, or (at your | |
9 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
13 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
14 | * for more details. | |
17353034 TB |
15 | */ |
16 | ||
83c42156 | 17 | #include <openssl/conf.h> |
17353034 | 18 | #include <openssl/evp.h> |
1b7d2e31 | 19 | #include <openssl/engine.h> |
7de6da0c | 20 | #include <openssl/crypto.h> |
17353034 TB |
21 | |
22 | #include "openssl_plugin.h" | |
23 | ||
24 | #include <library.h> | |
4a5a5dd2 | 25 | #include <threading/thread.h> |
eba64cef | 26 | #include <threading/mutex.h> |
e35c3e2a | 27 | #include "openssl_util.h" |
17353034 | 28 | #include "openssl_crypter.h" |
63cdbca2 | 29 | #include "openssl_hasher.h" |
40f130da | 30 | #include "openssl_sha1_prf.h" |
ae7e837c | 31 | #include "openssl_diffie_hellman.h" |
fc1a31d5 | 32 | #include "openssl_ec_diffie_hellman.h" |
84770ded TB |
33 | #include "openssl_rsa_private_key.h" |
34 | #include "openssl_rsa_public_key.h" | |
ea0823df TB |
35 | #include "openssl_ec_private_key.h" |
36 | #include "openssl_ec_public_key.h" | |
17353034 TB |
37 | |
38 | typedef struct private_openssl_plugin_t private_openssl_plugin_t; | |
39 | ||
40 | /** | |
41 | * private data of openssl_plugin | |
42 | */ | |
43 | struct private_openssl_plugin_t { | |
44 | ||
45 | /** | |
46 | * public functions | |
47 | */ | |
48 | openssl_plugin_t public; | |
7de6da0c MW |
49 | }; |
50 | ||
51 | /** | |
52 | * Array of static mutexs, with CRYPTO_num_locks() mutex | |
53 | */ | |
2abc66b9 | 54 | static mutex_t **mutex = NULL; |
7de6da0c MW |
55 | |
56 | /** | |
57 | * Locking callback for static locks | |
58 | */ | |
59 | static void locking_function(int mode, int type, const char *file, int line) | |
60 | { | |
2abc66b9 | 61 | if (mutex) |
7de6da0c | 62 | { |
2abc66b9 MW |
63 | if (mode & CRYPTO_LOCK) |
64 | { | |
65 | mutex[type]->lock(mutex[type]); | |
66 | } | |
67 | else | |
68 | { | |
69 | mutex[type]->unlock(mutex[type]); | |
70 | } | |
7de6da0c MW |
71 | } |
72 | } | |
73 | ||
74 | /** | |
75 | * Implementation of dynlock | |
76 | */ | |
77 | struct CRYPTO_dynlock_value { | |
3ac5a0db | 78 | mutex_t *mutex; |
17353034 TB |
79 | }; |
80 | ||
7de6da0c MW |
81 | /** |
82 | * Callback to create a dynamic lock | |
83 | */ | |
84 | static struct CRYPTO_dynlock_value *create_function(const char *file, int line) | |
85 | { | |
86 | struct CRYPTO_dynlock_value *lock; | |
7daf5226 | 87 | |
7de6da0c | 88 | lock = malloc_thing(struct CRYPTO_dynlock_value); |
3901937d | 89 | lock->mutex = mutex_create(MUTEX_TYPE_DEFAULT); |
7de6da0c MW |
90 | return lock; |
91 | } | |
92 | ||
93 | /** | |
94 | * Callback to (un-)lock a dynamic lock | |
95 | */ | |
96 | static void lock_function(int mode, struct CRYPTO_dynlock_value *lock, | |
97 | const char *file, int line) | |
98 | { | |
99 | if (mode & CRYPTO_LOCK) | |
100 | { | |
3ac5a0db | 101 | lock->mutex->lock(lock->mutex); |
7de6da0c MW |
102 | } |
103 | else | |
104 | { | |
3ac5a0db | 105 | lock->mutex->unlock(lock->mutex); |
7de6da0c MW |
106 | } |
107 | } | |
108 | ||
109 | /** | |
110 | * Callback to destroy a dynamic lock | |
111 | */ | |
112 | static void destroy_function(struct CRYPTO_dynlock_value *lock, | |
113 | const char *file, int line) | |
114 | { | |
3ac5a0db | 115 | lock->mutex->destroy(lock->mutex); |
7de6da0c MW |
116 | free(lock); |
117 | } | |
118 | ||
119 | /** | |
120 | * Thread-ID callback function | |
121 | */ | |
122 | static unsigned long id_function(void) | |
123 | { | |
4a5a5dd2 | 124 | return (unsigned long)thread_current_id(); |
7de6da0c MW |
125 | } |
126 | ||
127 | /** | |
128 | * initialize OpenSSL for multi-threaded use | |
129 | */ | |
130 | static void threading_init() | |
131 | { | |
132 | int i, num_locks; | |
133 | ||
134 | CRYPTO_set_id_callback(id_function); | |
7b3814f7 | 135 | CRYPTO_set_locking_callback(locking_function); |
7daf5226 | 136 | |
7de6da0c MW |
137 | CRYPTO_set_dynlock_create_callback(create_function); |
138 | CRYPTO_set_dynlock_lock_callback(lock_function); | |
139 | CRYPTO_set_dynlock_destroy_callback(destroy_function); | |
7daf5226 | 140 | |
7de6da0c | 141 | num_locks = CRYPTO_num_locks(); |
3ac5a0db | 142 | mutex = malloc(sizeof(mutex_t*) * num_locks); |
7de6da0c MW |
143 | for (i = 0; i < num_locks; i++) |
144 | { | |
3901937d | 145 | mutex[i] = mutex_create(MUTEX_TYPE_DEFAULT); |
7de6da0c MW |
146 | } |
147 | } | |
148 | ||
149 | /** | |
150 | * cleanup OpenSSL threading locks | |
151 | */ | |
152 | static void threading_cleanup() | |
153 | { | |
154 | int i, num_locks; | |
7daf5226 | 155 | |
7de6da0c MW |
156 | num_locks = CRYPTO_num_locks(); |
157 | for (i = 0; i < num_locks; i++) | |
158 | { | |
3ac5a0db | 159 | mutex[i]->destroy(mutex[i]); |
7de6da0c MW |
160 | } |
161 | free(mutex); | |
2abc66b9 | 162 | mutex = NULL; |
7de6da0c MW |
163 | } |
164 | ||
17353034 TB |
165 | /** |
166 | * Implementation of openssl_plugin_t.destroy | |
167 | */ | |
168 | static void destroy(private_openssl_plugin_t *this) | |
169 | { | |
170 | lib->crypto->remove_crypter(lib->crypto, | |
171 | (crypter_constructor_t)openssl_crypter_create); | |
63cdbca2 TB |
172 | lib->crypto->remove_hasher(lib->crypto, |
173 | (hasher_constructor_t)openssl_hasher_create); | |
40f130da MW |
174 | lib->crypto->remove_prf(lib->crypto, |
175 | (prf_constructor_t)openssl_sha1_prf_create); | |
7daf5226 | 176 | lib->crypto->remove_dh(lib->crypto, |
ae7e837c | 177 | (dh_constructor_t)openssl_diffie_hellman_create); |
7daf5226 | 178 | lib->crypto->remove_dh(lib->crypto, |
fc1a31d5 | 179 | (dh_constructor_t)openssl_ec_diffie_hellman_create); |
84770ded | 180 | lib->creds->remove_builder(lib->creds, |
30c06407 | 181 | (builder_function_t)openssl_rsa_private_key_load); |
84770ded | 182 | lib->creds->remove_builder(lib->creds, |
30c06407 | 183 | (builder_function_t)openssl_rsa_private_key_gen); |
ea0823df | 184 | lib->creds->remove_builder(lib->creds, |
30c06407 | 185 | (builder_function_t)openssl_rsa_private_key_connect); |
ea0823df | 186 | lib->creds->remove_builder(lib->creds, |
30c06407 MW |
187 | (builder_function_t)openssl_rsa_public_key_load); |
188 | lib->creds->remove_builder(lib->creds, | |
189 | (builder_function_t)openssl_ec_private_key_load); | |
190 | lib->creds->remove_builder(lib->creds, | |
191 | (builder_function_t)openssl_ec_private_key_gen); | |
192 | lib->creds->remove_builder(lib->creds, | |
193 | (builder_function_t)openssl_ec_public_key_load); | |
7daf5226 | 194 | |
1b7d2e31 | 195 | ENGINE_cleanup(); |
17353034 | 196 | EVP_cleanup(); |
83c42156 | 197 | CONF_modules_free(); |
7daf5226 | 198 | |
2abc66b9 | 199 | threading_cleanup(); |
7daf5226 | 200 | |
17353034 TB |
201 | free(this); |
202 | } | |
203 | ||
204 | /* | |
205 | * see header file | |
206 | */ | |
9ce567f8 | 207 | plugin_t *openssl_plugin_create() |
17353034 TB |
208 | { |
209 | private_openssl_plugin_t *this = malloc_thing(private_openssl_plugin_t); | |
7daf5226 | 210 | |
17353034 | 211 | this->public.plugin.destroy = (void(*)(plugin_t*))destroy; |
7daf5226 | 212 | |
7de6da0c | 213 | threading_init(); |
7daf5226 | 214 | |
83c42156 | 215 | OPENSSL_config(NULL); |
17353034 | 216 | OpenSSL_add_all_algorithms(); |
7daf5226 | 217 | |
1b7d2e31 TB |
218 | /* activate support for hardware accelerators */ |
219 | ENGINE_load_builtin_engines(); | |
220 | ENGINE_register_all_complete(); | |
7daf5226 | 221 | |
63cdbca2 | 222 | /* crypter */ |
e577ad39 | 223 | lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, |
17353034 | 224 | (crypter_constructor_t)openssl_crypter_create); |
994b80b5 AS |
225 | lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, |
226 | (crypter_constructor_t)openssl_crypter_create); | |
17353034 TB |
227 | lib->crypto->add_crypter(lib->crypto, ENCR_3DES, |
228 | (crypter_constructor_t)openssl_crypter_create); | |
229 | lib->crypto->add_crypter(lib->crypto, ENCR_RC5, | |
230 | (crypter_constructor_t)openssl_crypter_create); | |
231 | lib->crypto->add_crypter(lib->crypto, ENCR_IDEA, | |
232 | (crypter_constructor_t)openssl_crypter_create); | |
233 | lib->crypto->add_crypter(lib->crypto, ENCR_CAST, | |
234 | (crypter_constructor_t)openssl_crypter_create); | |
235 | lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, | |
236 | (crypter_constructor_t)openssl_crypter_create); | |
e577ad39 | 237 | lib->crypto->add_crypter(lib->crypto, ENCR_DES, |
17353034 | 238 | (crypter_constructor_t)openssl_crypter_create); |
b8fa437f TB |
239 | lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, |
240 | (crypter_constructor_t)openssl_crypter_create); | |
e577ad39 | 241 | lib->crypto->add_crypter(lib->crypto, ENCR_NULL, |
17353034 | 242 | (crypter_constructor_t)openssl_crypter_create); |
7daf5226 | 243 | |
63cdbca2 | 244 | /* hasher */ |
4eda3aa2 TB |
245 | lib->crypto->add_hasher(lib->crypto, HASH_SHA1, |
246 | (hasher_constructor_t)openssl_hasher_create); | |
63cdbca2 TB |
247 | lib->crypto->add_hasher(lib->crypto, HASH_MD2, |
248 | (hasher_constructor_t)openssl_hasher_create); | |
b8fa437f TB |
249 | lib->crypto->add_hasher(lib->crypto, HASH_MD4, |
250 | (hasher_constructor_t)openssl_hasher_create); | |
63cdbca2 TB |
251 | lib->crypto->add_hasher(lib->crypto, HASH_MD5, |
252 | (hasher_constructor_t)openssl_hasher_create); | |
b6f739c1 AS |
253 | lib->crypto->add_hasher(lib->crypto, HASH_SHA224, |
254 | (hasher_constructor_t)openssl_hasher_create); | |
63cdbca2 TB |
255 | lib->crypto->add_hasher(lib->crypto, HASH_SHA256, |
256 | (hasher_constructor_t)openssl_hasher_create); | |
257 | lib->crypto->add_hasher(lib->crypto, HASH_SHA384, | |
258 | (hasher_constructor_t)openssl_hasher_create); | |
259 | lib->crypto->add_hasher(lib->crypto, HASH_SHA512, | |
260 | (hasher_constructor_t)openssl_hasher_create); | |
7daf5226 | 261 | |
40f130da MW |
262 | /* prf */ |
263 | lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1, | |
264 | (prf_constructor_t)openssl_sha1_prf_create); | |
265 | ||
ee3d4ef8 MW |
266 | /* (ec) diffie hellman */ |
267 | lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, | |
268 | (dh_constructor_t)openssl_diffie_hellman_create); | |
4590260b MW |
269 | lib->crypto->add_dh(lib->crypto, MODP_2048_224, |
270 | (dh_constructor_t)openssl_diffie_hellman_create); | |
271 | lib->crypto->add_dh(lib->crypto, MODP_2048_256, | |
272 | (dh_constructor_t)openssl_diffie_hellman_create); | |
ee3d4ef8 MW |
273 | lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, |
274 | (dh_constructor_t)openssl_diffie_hellman_create); | |
e577ad39 MW |
275 | lib->crypto->add_dh(lib->crypto, ECP_256_BIT, |
276 | (dh_constructor_t)openssl_ec_diffie_hellman_create); | |
277 | lib->crypto->add_dh(lib->crypto, ECP_384_BIT, | |
278 | (dh_constructor_t)openssl_ec_diffie_hellman_create); | |
279 | lib->crypto->add_dh(lib->crypto, ECP_521_BIT, | |
280 | (dh_constructor_t)openssl_ec_diffie_hellman_create); | |
ee3d4ef8 MW |
281 | lib->crypto->add_dh(lib->crypto, ECP_224_BIT, |
282 | (dh_constructor_t)openssl_ec_diffie_hellman_create); | |
283 | lib->crypto->add_dh(lib->crypto, ECP_192_BIT, | |
284 | (dh_constructor_t)openssl_ec_diffie_hellman_create); | |
7daf5226 | 285 | lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, |
ae7e837c | 286 | (dh_constructor_t)openssl_diffie_hellman_create); |
7daf5226 | 287 | lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, |
ae7e837c | 288 | (dh_constructor_t)openssl_diffie_hellman_create); |
7daf5226 | 289 | lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, |
ae7e837c | 290 | (dh_constructor_t)openssl_diffie_hellman_create); |
7daf5226 | 291 | lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, |
ae7e837c | 292 | (dh_constructor_t)openssl_diffie_hellman_create); |
e577ad39 MW |
293 | lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, |
294 | (dh_constructor_t)openssl_diffie_hellman_create); | |
4590260b MW |
295 | lib->crypto->add_dh(lib->crypto, MODP_1024_160, |
296 | (dh_constructor_t)openssl_diffie_hellman_create); | |
7daf5226 | 297 | lib->crypto->add_dh(lib->crypto, MODP_768_BIT, |
e577ad39 | 298 | (dh_constructor_t)openssl_diffie_hellman_create); |
7daf5226 | 299 | |
84770ded TB |
300 | /* rsa */ |
301 | lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, | |
30c06407 MW |
302 | (builder_function_t)openssl_rsa_private_key_load); |
303 | lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, | |
304 | (builder_function_t)openssl_rsa_private_key_gen); | |
305 | lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, | |
306 | (builder_function_t)openssl_rsa_private_key_connect); | |
84770ded | 307 | lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, |
30c06407 | 308 | (builder_function_t)openssl_rsa_public_key_load); |
7daf5226 | 309 | |
ea0823df TB |
310 | /* ec */ |
311 | lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA, | |
30c06407 MW |
312 | (builder_function_t)openssl_ec_private_key_load); |
313 | lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA, | |
314 | (builder_function_t)openssl_ec_private_key_gen); | |
ea0823df | 315 | lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ECDSA, |
30c06407 | 316 | (builder_function_t)openssl_ec_public_key_load); |
7daf5226 | 317 | |
17353034 TB |
318 | return &this->public.plugin; |
319 | } | |
30c06407 | 320 |