2 * Copyright (C) 2009 Martin Willi
3 * HSR Hochschule fuer Technik Rapperswil
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 #include "gcrypt_plugin.h"
18 #include "gcrypt_hasher.h"
19 #include "gcrypt_crypter.h"
20 #include "gcrypt_rng.h"
21 #include "gcrypt_dh.h"
22 #include "gcrypt_rsa_private_key.h"
23 #include "gcrypt_rsa_public_key.h"
26 #include <utils/debug.h>
27 #include <threading/mutex.h>
33 typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t
;
36 * private data of gcrypt_plugin
38 struct private_gcrypt_plugin_t
{
43 gcrypt_plugin_t
public;
46 #if GCRYPT_VERSION_NUMBER < 0x010600
48 * Define gcrypt multi-threading callbacks as gcry_threads_pthread
50 GCRY_THREAD_OPTION_PTHREAD_IMPL
;
53 METHOD(plugin_t
, get_name
, char*,
54 private_gcrypt_plugin_t
*this)
59 METHOD(plugin_t
, get_features
, int,
60 private_gcrypt_plugin_t
*this, plugin_feature_t
*features
[])
62 static plugin_feature_t f
[] = {
63 /* we provide threading-safe initialization of libgcrypt */
64 PLUGIN_PROVIDE(CUSTOM
, "gcrypt-threading"),
66 PLUGIN_REGISTER(CRYPTER
, gcrypt_crypter_create
),
67 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CTR
, 16),
68 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CTR
, 24),
69 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CTR
, 32),
70 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 16),
71 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 24),
72 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_CBC
, 32),
73 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_ECB
, 16),
74 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_ECB
, 24),
75 PLUGIN_PROVIDE(CRYPTER
, ENCR_AES_ECB
, 32),
76 /* gcrypt only supports 128 bit blowfish */
77 PLUGIN_PROVIDE(CRYPTER
, ENCR_BLOWFISH
, 16),
78 #ifdef HAVE_GCRY_CIPHER_CAMELLIA
79 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CTR
, 16),
80 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CTR
, 24),
81 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CTR
, 32),
82 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CBC
, 16),
83 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CBC
, 24),
84 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAMELLIA_CBC
, 32),
86 PLUGIN_PROVIDE(CRYPTER
, ENCR_CAST
, 0),
87 PLUGIN_PROVIDE(CRYPTER
, ENCR_3DES
, 24),
88 PLUGIN_PROVIDE(CRYPTER
, ENCR_DES
, 8),
89 PLUGIN_PROVIDE(CRYPTER
, ENCR_DES_ECB
, 8),
90 PLUGIN_PROVIDE(CRYPTER
, ENCR_SERPENT_CBC
, 16),
91 PLUGIN_PROVIDE(CRYPTER
, ENCR_SERPENT_CBC
, 24),
92 PLUGIN_PROVIDE(CRYPTER
, ENCR_SERPENT_CBC
, 32),
93 PLUGIN_PROVIDE(CRYPTER
, ENCR_TWOFISH_CBC
, 16),
94 PLUGIN_PROVIDE(CRYPTER
, ENCR_TWOFISH_CBC
, 32),
96 PLUGIN_REGISTER(HASHER
, gcrypt_hasher_create
),
97 PLUGIN_PROVIDE(HASHER
, HASH_MD4
),
98 PLUGIN_PROVIDE(HASHER
, HASH_MD5
),
99 PLUGIN_PROVIDE(HASHER
, HASH_SHA1
),
100 PLUGIN_PROVIDE(HASHER
, HASH_SHA224
),
101 PLUGIN_PROVIDE(HASHER
, HASH_SHA256
),
102 PLUGIN_PROVIDE(HASHER
, HASH_SHA384
),
103 PLUGIN_PROVIDE(HASHER
, HASH_SHA512
),
105 PLUGIN_REGISTER(DH
, gcrypt_dh_create
),
106 PLUGIN_PROVIDE(DH
, MODP_3072_BIT
),
107 PLUGIN_PROVIDE(DH
, MODP_4096_BIT
),
108 PLUGIN_PROVIDE(DH
, MODP_6144_BIT
),
109 PLUGIN_PROVIDE(DH
, MODP_8192_BIT
),
110 PLUGIN_PROVIDE(DH
, MODP_2048_BIT
),
111 PLUGIN_PROVIDE(DH
, MODP_2048_224
),
112 PLUGIN_PROVIDE(DH
, MODP_2048_256
),
113 PLUGIN_PROVIDE(DH
, MODP_1536_BIT
),
114 PLUGIN_PROVIDE(DH
, MODP_1024_BIT
),
115 PLUGIN_PROVIDE(DH
, MODP_1024_160
),
116 PLUGIN_PROVIDE(DH
, MODP_768_BIT
),
117 PLUGIN_REGISTER(DH
, gcrypt_dh_create_custom
),
118 PLUGIN_PROVIDE(DH
, MODP_CUSTOM
),
119 /* RSA private/public key loading */
120 PLUGIN_REGISTER(PUBKEY
, gcrypt_rsa_public_key_load
, TRUE
),
121 PLUGIN_PROVIDE(PUBKEY
, KEY_RSA
),
122 PLUGIN_REGISTER(PRIVKEY
, gcrypt_rsa_private_key_load
, TRUE
),
123 PLUGIN_PROVIDE(PRIVKEY
, KEY_RSA
),
124 PLUGIN_REGISTER(PRIVKEY_GEN
, gcrypt_rsa_private_key_gen
, FALSE
),
125 PLUGIN_PROVIDE(PRIVKEY_GEN
, KEY_RSA
),
126 /* signature schemes, private */
127 #if GCRYPT_VERSION_NUMBER >= 0x010700
128 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PSS
),
130 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_NULL
),
131 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_224
),
132 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_256
),
133 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_384
),
134 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA2_512
),
135 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_SHA1
),
136 PLUGIN_PROVIDE(PRIVKEY_SIGN
, SIGN_RSA_EMSA_PKCS1_MD5
),
137 /* signature verification schemes */
138 #if GCRYPT_VERSION_NUMBER >= 0x010700
139 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PSS
),
141 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_NULL
),
142 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_224
),
143 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_256
),
144 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_384
),
145 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA2_512
),
146 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_SHA1
),
147 PLUGIN_PROVIDE(PUBKEY_VERIFY
, SIGN_RSA_EMSA_PKCS1_MD5
),
149 PLUGIN_REGISTER(RNG
, gcrypt_rng_create
),
150 PLUGIN_PROVIDE(RNG
, RNG_WEAK
),
151 PLUGIN_PROVIDE(RNG
, RNG_STRONG
),
152 PLUGIN_PROVIDE(RNG
, RNG_TRUE
),
158 METHOD(plugin_t
, destroy
, void,
159 private_gcrypt_plugin_t
*this)
167 plugin_t
*gcrypt_plugin_create()
169 private_gcrypt_plugin_t
*this;
172 #if GCRYPT_VERSION_NUMBER < 0x010600
173 gcry_control(GCRYCTL_SET_THREAD_CBS
, &gcry_threads_pthread
);
176 if (!gcry_check_version(GCRYPT_VERSION
))
178 DBG1(DBG_LIB
, "libgcrypt version mismatch");
182 /* we currently do not use secure memory */
183 gcry_control(GCRYCTL_DISABLE_SECMEM
, 0);
184 if (lib
->settings
->get_bool(lib
->settings
, "%s.plugins.gcrypt.quick_random",
187 gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM
, 0);
189 gcry_control(GCRYCTL_INITIALIZATION_FINISHED
, 0);
191 /* initialize static allocations we want to exclude from leak-detective */
192 gcry_create_nonce(dummy
, sizeof(dummy
));
197 .get_name
= _get_name
,
198 .get_features
= _get_features
,
204 return &this->public.plugin
;