From 4833f29b1503c7be945c4c5ab64d376d808dac16 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Mon, 16 Nov 2020 20:22:21 +0100 Subject: [PATCH] bliss: Remove legacy BLISS signatures --- conf/Makefile.am | 1 - conf/plugins/bliss.opt | 2 - configure.ac | 9 +- src/libcharon/plugins/stroke/stroke_config.c | 3 +- src/libcharon/plugins/stroke/stroke_cred.c | 10 +- src/libcharon/plugins/stroke/stroke_plugin.c | 1 - src/libcharon/plugins/vici/README.md | 2 +- src/libcharon/plugins/vici/vici_config.c | 3 +- src/libstrongswan/Makefile.am | 11 - src/libstrongswan/asn1/oid.txt | 22 +- src/libstrongswan/credentials/auth_cfg.c | 23 - src/libstrongswan/credentials/auth_cfg.h | 2 - src/libstrongswan/credentials/cred_encoding.h | 5 - .../credentials/credential_manager.c | 3 - .../credentials/keys/public_key.c | 48 +- .../credentials/keys/public_key.h | 16 +- src/libstrongswan/crypto/hashers/hasher.c | 24 - src/libstrongswan/plugins/bliss/.gitignore | 1 - src/libstrongswan/plugins/bliss/Makefile.am | 67 - .../plugins/bliss/bliss_bitpacker.c | 208 --- .../plugins/bliss/bliss_bitpacker.h | 86 -- .../plugins/bliss/bliss_huffman.c | 433 ------ .../plugins/bliss/bliss_huffman_code.c | 43 - .../plugins/bliss/bliss_huffman_code.h | 81 - .../plugins/bliss/bliss_huffman_code_1.c | 159 -- .../plugins/bliss/bliss_huffman_code_3.c | 260 ---- .../plugins/bliss/bliss_huffman_code_4.c | 434 ------ .../plugins/bliss/bliss_huffman_coder.c | 139 -- .../plugins/bliss/bliss_huffman_coder.h | 78 - .../plugins/bliss/bliss_param_set.c | 340 ----- .../plugins/bliss/bliss_param_set.h | 202 --- .../plugins/bliss/bliss_plugin.c | 128 -- .../plugins/bliss/bliss_plugin.h | 43 - .../plugins/bliss/bliss_private_key.c | 1337 ----------------- .../plugins/bliss/bliss_private_key.h | 63 - .../plugins/bliss/bliss_public_key.c | 531 ------- .../plugins/bliss/bliss_public_key.h | 102 -- .../plugins/bliss/bliss_sampler.c | 252 ---- .../plugins/bliss/bliss_sampler.h | 95 -- .../plugins/bliss/bliss_signature.c | 234 --- .../plugins/bliss/bliss_signature.h | 76 - src/libstrongswan/plugins/bliss/bliss_utils.c | 179 --- src/libstrongswan/plugins/bliss/bliss_utils.h | 73 - .../plugins/bliss/tests/.gitignore | 1 - .../plugins/bliss/tests/Makefile.am | 28 - .../plugins/bliss/tests/bliss_tests.c | 61 - .../plugins/bliss/tests/bliss_tests.h | 23 - .../bliss/tests/suites/test_bliss_bitpacker.c | 113 -- .../bliss/tests/suites/test_bliss_huffman.c | 123 -- .../bliss/tests/suites/test_bliss_keys.c | 250 --- .../bliss/tests/suites/test_bliss_sampler.c | 98 -- .../bliss/tests/suites/test_bliss_sign.c | 212 --- .../bliss/tests/suites/test_bliss_signature.c | 142 -- src/libstrongswan/plugins/pem/pem_encoder.c | 10 +- src/libstrongswan/plugins/pem/pem_plugin.c | 6 - .../plugins/pkcs1/pkcs1_builder.c | 25 - .../plugins/pkcs1/pkcs1_plugin.c | 1 - .../plugins/x509/x509_ocsp_request.c | 4 - .../tests/suites/test_auth_cfg.c | 6 +- src/libstrongswan/tests/suites/test_hasher.c | 13 - src/libstrongswan/tests/suites/test_utils.c | 5 - src/pki/commands/gen.c | 11 +- src/pki/commands/issue.c | 7 +- src/pki/commands/keyid.c | 8 +- src/pki/commands/print.c | 8 +- src/pki/commands/pub.c | 7 +- src/pki/commands/req.c | 6 +- src/pki/commands/self.c | 6 +- src/pki/man/pki---gen.1.in | 2 +- src/pki/man/pki---issue.1.in | 4 +- src/pki/man/pki---keyid.1.in | 4 +- src/pki/man/pki---print.1.in | 4 +- src/pki/man/pki---req.1.in | 2 +- src/pki/man/pki---self.1.in | 4 +- src/swanctl/Makefile.am | 1 - src/swanctl/commands/load_creds.c | 3 - src/swanctl/swanctl.h | 5 - testing/hosts/bob/etc/ipsec.secrets | 5 - testing/hosts/dave/etc/ipsec.secrets | 4 - testing/hosts/winnetou/etc/ca/generate-crl | 8 - testing/hosts/winnetou/etc/strongswan.conf | 2 +- testing/scripts/build-certs-chroot | 93 -- testing/scripts/recipes/013_strongswan.mk | 1 - .../ikev2/rw-newhope-bliss/description.txt | 14 - .../tests/ikev2/rw-newhope-bliss/evaltest.dat | 10 - .../hosts/carol/etc/strongswan.conf | 12 - .../hosts/carol/etc/swanctl/swanctl.conf | 29 - .../hosts/dave/etc/strongswan.conf | 12 - .../hosts/dave/etc/swanctl/swanctl.conf | 29 - .../hosts/moon/etc/strongswan.conf | 12 - .../hosts/moon/etc/swanctl/swanctl.conf | 33 - .../tests/ikev2/rw-newhope-bliss/posttest.dat | 8 - .../tests/ikev2/rw-newhope-bliss/pretest.dat | 14 - .../tests/ikev2/rw-newhope-bliss/test.conf | 25 - .../tests/ikev2/rw-ntru-bliss/description.txt | 14 - .../tests/ikev2/rw-ntru-bliss/evaltest.dat | 18 - .../hosts/carol/etc/strongswan.conf | 8 - .../hosts/carol/etc/swanctl/swanctl.conf | 30 - .../hosts/dave/etc/strongswan.conf | 8 - .../hosts/dave/etc/swanctl/swanctl.conf | 30 - .../hosts/moon/etc/strongswan.conf | 8 - .../hosts/moon/etc/swanctl/swanctl.conf | 34 - .../tests/ikev2/rw-ntru-bliss/posttest.dat | 9 - testing/tests/ikev2/rw-ntru-bliss/pretest.dat | 14 - testing/tests/ikev2/rw-ntru-bliss/test.conf | 25 - .../tests/ikev2/rw-ntru-psk/description.txt | 12 - testing/tests/ikev2/rw-ntru-psk/evaltest.dat | 14 - .../hosts/carol/etc/strongswan.conf | 10 - .../hosts/carol/etc/swanctl/swanctl.conf | 35 - .../hosts/dave/etc/strongswan.conf | 10 - .../hosts/dave/etc/swanctl/swanctl.conf | 35 - .../hosts/moon/etc/strongswan.conf | 10 - .../hosts/moon/etc/swanctl/swanctl.conf | 43 - testing/tests/ikev2/rw-ntru-psk/posttest.dat | 6 - testing/tests/ikev2/rw-ntru-psk/pretest.dat | 14 - testing/tests/ikev2/rw-ntru-psk/test.conf | 25 - 116 files changed, 36 insertions(+), 7719 deletions(-) delete mode 100644 conf/plugins/bliss.opt delete mode 100644 src/libstrongswan/plugins/bliss/.gitignore delete mode 100644 src/libstrongswan/plugins/bliss/Makefile.am delete mode 100644 src/libstrongswan/plugins/bliss/bliss_bitpacker.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_bitpacker.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_code.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_code.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_code_1.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_code_3.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_code_4.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_coder.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_huffman_coder.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_param_set.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_param_set.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_plugin.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_plugin.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_private_key.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_private_key.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_public_key.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_public_key.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_sampler.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_sampler.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_signature.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_signature.h delete mode 100644 src/libstrongswan/plugins/bliss/bliss_utils.c delete mode 100644 src/libstrongswan/plugins/bliss/bliss_utils.h delete mode 100644 src/libstrongswan/plugins/bliss/tests/.gitignore delete mode 100644 src/libstrongswan/plugins/bliss/tests/Makefile.am delete mode 100644 src/libstrongswan/plugins/bliss/tests/bliss_tests.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/bliss_tests.h delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_bitpacker.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_huffman.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_keys.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sampler.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c delete mode 100644 src/libstrongswan/plugins/bliss/tests/suites/test_bliss_signature.c delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/description.txt delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/evaltest.dat delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/posttest.dat delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/pretest.dat delete mode 100755 testing/tests/ikev2/rw-newhope-bliss/test.conf delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/description.txt delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/evaltest.dat delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/swanctl/swanctl.conf delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/swanctl/swanctl.conf delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/swanctl/swanctl.conf delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/posttest.dat delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/pretest.dat delete mode 100644 testing/tests/ikev2/rw-ntru-bliss/test.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/description.txt delete mode 100755 testing/tests/ikev2/rw-ntru-psk/evaltest.dat delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/strongswan.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/swanctl/swanctl.conf delete mode 100755 testing/tests/ikev2/rw-ntru-psk/posttest.dat delete mode 100755 testing/tests/ikev2/rw-ntru-psk/pretest.dat delete mode 100755 testing/tests/ikev2/rw-ntru-psk/test.conf diff --git a/conf/Makefile.am b/conf/Makefile.am index ab9e70ce5a..0d8b388532 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -31,7 +31,6 @@ plugins = \ plugins/android_log.opt \ plugins/attr.opt \ plugins/attr-sql.opt \ - plugins/bliss.opt \ plugins/botan.opt \ plugins/bypass-lan.opt \ plugins/certexpire.opt \ diff --git a/conf/plugins/bliss.opt b/conf/plugins/bliss.opt deleted file mode 100644 index 0983da026a..0000000000 --- a/conf/plugins/bliss.opt +++ /dev/null @@ -1,2 +0,0 @@ -charon.plugins.bliss.use_bliss_b = yes - Use the enhanced BLISS-B key generation and signature algorithm. diff --git a/configure.ac b/configure.ac index 2eaeb0f5a6..67f3bdc330 100644 --- a/configure.ac +++ b/configure.ac @@ -134,7 +134,6 @@ m4_include(m4/macros/enable-disable.m4) # crypto plugins ARG_DISBL_SET([aes], [disable AES software implementation plugin.]) ARG_ENABL_SET([af-alg], [enable AF_ALG crypto interface to Linux Crypto API.]) -ARG_ENABL_SET([bliss], [enable BLISS software implementation plugin.]) ARG_ENABL_SET([blowfish], [enable Blowfish software implementation plugin.]) ARG_ENABL_SET([botan], [enables the Botan crypto plugin.]) ARG_ENABL_SET([ccm], [enables the CCM AEAD wrapper crypto plugin.]) @@ -511,7 +510,7 @@ if test x$tpm = xtrue; then tss_tss2=true fi -if test x$gmp = xtrue -o x$ntru = xtrue -o x$bliss = xtrue; then +if test x$gmp = xtrue -o x$ntru = xtrue; then mgf1=true fi @@ -1593,7 +1592,6 @@ ADD_PLUGIN([gcm], [s charon scripts nm cmd]) ADD_PLUGIN([ntru], [s charon scripts nm cmd]) ADD_PLUGIN([drbg], [s charon pki scripts nm cmd]) ADD_PLUGIN([newhope], [s charon scripts nm cmd]) -ADD_PLUGIN([bliss], [s charon pki scripts nm cmd]) ADD_PLUGIN([curl], [s charon pki scripts nm cmd]) ADD_PLUGIN([files], [s charon pki scripts nm cmd]) ADD_PLUGIN([winhttp], [s charon pki scripts]) @@ -1762,7 +1760,6 @@ AM_CONDITIONAL(USE_GCM, test x$gcm = xtrue) AM_CONDITIONAL(USE_AF_ALG, test x$af_alg = xtrue) AM_CONDITIONAL(USE_NTRU, test x$ntru = xtrue) AM_CONDITIONAL(USE_NEWHOPE, test x$newhope = xtrue) -AM_CONDITIONAL(USE_BLISS, test x$bliss = xtrue) AM_CONDITIONAL(USE_DRBG, test x$drbg = xtrue) # charon plugins @@ -1882,7 +1879,7 @@ AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue) AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue -o x$systemd = xtrue) AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue -o x$systemd = xtrue) AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue) -AM_CONDITIONAL(USE_LIBNTTFFT, test x$bliss = xtrue -o x$newhope = xtrue) +AM_CONDITIONAL(USE_LIBNTTFFT, test x$newhope = xtrue) AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue) AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue) AM_CONDITIONAL(USE_LIBPTTLS, test x$tnc_tnccs = xtrue) @@ -2047,8 +2044,6 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/af_alg/Makefile src/libstrongswan/plugins/drbg/Makefile src/libstrongswan/plugins/ntru/Makefile - src/libstrongswan/plugins/bliss/Makefile - src/libstrongswan/plugins/bliss/tests/Makefile src/libstrongswan/plugins/newhope/Makefile src/libstrongswan/plugins/newhope/tests/Makefile src/libstrongswan/plugins/test_vectors/Makefile diff --git a/src/libcharon/plugins/stroke/stroke_config.c b/src/libcharon/plugins/stroke/stroke_config.c index 55db379ffe..f42b261930 100644 --- a/src/libcharon/plugins/stroke/stroke_config.c +++ b/src/libcharon/plugins/stroke/stroke_config.c @@ -524,8 +524,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this, if (strpfx(auth, "ike:") || strpfx(auth, "pubkey") || strpfx(auth, "rsa") || - strpfx(auth, "ecdsa") || - strpfx(auth, "bliss")) + strpfx(auth, "ecdsa")) { cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY); build_crl_policy(cfg, local, msg->add_conn.crl_policy); diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index 22336173cb..13b4689e92 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -1301,7 +1301,7 @@ static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, break; } if (match("RSA", &token) || match("ECDSA", &token) || - match("BLISS", &token) || match("PKCS8", &token)) + match("PKCS8", &token)) { if (match("RSA", &token)) { @@ -1311,10 +1311,6 @@ static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, { key_type = KEY_ECDSA; } - else if (match("BLISS", &token)) - { - key_type = KEY_BLISS; - } else { key_type = KEY_ANY; @@ -1350,8 +1346,8 @@ static void load_secrets(private_stroke_cred_t *this, mem_cred_t *secrets, } else { - DBG1(DBG_CFG, "line %d: token must be either RSA, ECDSA, BLISS, " - "PKCS8 P12, PIN, PSK, EAP, XAUTH or NTLM", line_nr); + DBG1(DBG_CFG, "line %d: token must be either RSA, ECDSA, PKCS8, " + "P12, PIN, PSK, EAP, XAUTH or NTLM", line_nr); break; } } diff --git a/src/libcharon/plugins/stroke/stroke_plugin.c b/src/libcharon/plugins/stroke/stroke_plugin.c index c68375e756..b81da396c6 100644 --- a/src/libcharon/plugins/stroke/stroke_plugin.c +++ b/src/libcharon/plugins/stroke/stroke_plugin.c @@ -71,7 +71,6 @@ METHOD(plugin_t, get_features, int, PLUGIN_SDEPEND(PRIVKEY, KEY_RSA), PLUGIN_SDEPEND(PRIVKEY, KEY_ECDSA), PLUGIN_SDEPEND(PRIVKEY, KEY_DSA), - PLUGIN_SDEPEND(PRIVKEY, KEY_BLISS), PLUGIN_SDEPEND(PRIVKEY, KEY_ED25519), PLUGIN_SDEPEND(PRIVKEY, KEY_ED448), PLUGIN_SDEPEND(CERT_DECODE, CERT_ANY), diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md index 6b75711fa0..ffcfd47961 100644 --- a/src/libcharon/plugins/vici/README.md +++ b/src/libcharon/plugins/vici/README.md @@ -485,7 +485,7 @@ Load a certificate into the daemon. Load a private key into the daemon. { - type = + type = data = } => { success = diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c index cb3c547ab3..e783b8f676 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c @@ -1379,8 +1379,7 @@ CALLBACK(parse_auth, bool, if (strpfx(buf, "ike:") || strpfx(buf, "pubkey") || strpfx(buf, "rsa") || - strpfx(buf, "ecdsa") || - strpfx(buf, "bliss")) + strpfx(buf, "ecdsa")) { cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY); cfg->add_pubkey_constraints(cfg, buf, TRUE); diff --git a/src/libstrongswan/Makefile.am b/src/libstrongswan/Makefile.am index 66ee7b5ed9..a4e7d2340a 100644 --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am @@ -690,13 +690,6 @@ if MONOLITHIC endif endif -if USE_BLISS - SUBDIRS += plugins/bliss -if MONOLITHIC - libstrongswan_la_LIBADD += plugins/bliss/libstrongswan-bliss.la -endif -endif - if USE_NEWHOPE SUBDIRS += plugins/newhope if MONOLITHIC @@ -731,10 +724,6 @@ if USE_LIBNTTFFT SUBDIRS += math/libnttfft/tests endif -if USE_BLISS - SUBDIRS += plugins/bliss/tests -endif - if USE_NEWHOPE SUBDIRS += plugins/newhope/tests endif diff --git a/src/libstrongswan/asn1/oid.txt b/src/libstrongswan/asn1/oid.txt index c91c1262af..f58a44d326 100644 --- a/src/libstrongswan/asn1/oid.txt +++ b/src/libstrongswan/asn1/oid.txt @@ -222,27 +222,7 @@ 0x2A "ITA" 0x01 "strongSwan" OID_STRONGSWAN 0x02 "cps" - 0x03 "e-voting" - 0x05 "BLISS" - 0x01 "keyType" - 0x01 "blissPublicKey" OID_BLISS_PUBLICKEY - 0x02 "parameters" - 0x01 "BLISS-I" OID_BLISS_I - 0x02 "BLISS-II" OID_BLISS_II - 0x03 "BLISS-III" OID_BLISS_III - 0x04 "BLISS-IV" OID_BLISS_IV - 0x05 "BLISS-B-I" OID_BLISS_B_I - 0x06 "BLISS-B-II" OID_BLISS_B_II - 0x07 "BLISS-B-III" OID_BLISS_B_III - 0x08 "BLISS-B-IV" OID_BLISS_B_IV - 0x03 "blissSigType" - 0x01 "BLISS-with-SHA2-512" OID_BLISS_WITH_SHA2_512 - 0x02 "BLISS-with-SHA2-384" OID_BLISS_WITH_SHA2_384 - 0x03 "BLISS-with-SHA2-256" OID_BLISS_WITH_SHA2_256 - 0x04 "BLISS-with-SHA3-512" OID_BLISS_WITH_SHA3_512 - 0x05 "BLISS-with-SHA3-384" OID_BLISS_WITH_SHA3_384 - 0x06 "BLISS-with-SHA3-256" OID_BLISS_WITH_SHA3_256 - 0x89 "" + 0x89 "" 0x31 "" 0x01 "" 0x01 "" diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c index 675694dcbc..9958228a47 100644 --- a/src/libstrongswan/credentials/auth_cfg.c +++ b/src/libstrongswan/credentials/auth_cfg.c @@ -53,7 +53,6 @@ ENUM(auth_rule_names, AUTH_RULE_IDENTITY, AUTH_HELPER_AC_CERT, "RULE_GROUP", "RULE_RSA_STRENGTH", "RULE_ECDSA_STRENGTH", - "RULE_BLISS_STRENGTH", "RULE_SIGNATURE_SCHEME", "RULE_IKE_SIGNATURE_SCHEME", "RULE_CERT_POLICY", @@ -96,7 +95,6 @@ static inline bool is_multi_value_rule(auth_rule_t type) case AUTH_RULE_CERT_POLICY: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_SIGNATURE_SCHEME: case AUTH_RULE_IKE_SIGNATURE_SCHEME: case AUTH_HELPER_IM_CERT: @@ -218,7 +216,6 @@ static void init_entry(entry_t *this, auth_rule_t type, va_list args) case AUTH_RULE_OCSP_VALIDATION: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: /* integer type */ this->value = (void*)(uintptr_t)va_arg(args, u_int); @@ -270,7 +267,6 @@ static bool entry_equals(entry_t *e1, entry_t *e2) case AUTH_RULE_OCSP_VALIDATION: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: { return e1->value == e2->value; @@ -374,7 +370,6 @@ static void destroy_entry_value(entry_t *entry) case AUTH_RULE_OCSP_VALIDATION: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: case AUTH_RULE_MAX: break; @@ -406,7 +401,6 @@ static void replace(private_auth_cfg_t *this, entry_enumerator_t *enumerator, case AUTH_RULE_OCSP_VALIDATION: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: /* integer type */ entry->value = (void*)(uintptr_t)va_arg(args, u_int); @@ -484,7 +478,6 @@ METHOD(auth_cfg_t, get, void*, case AUTH_RULE_EAP_VENDOR: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: return (void*)0; case AUTH_RULE_CRL_VALIDATION: case AUTH_RULE_OCSP_VALIDATION: @@ -604,9 +597,6 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void, { "sha256", SIGN_ECDSA_256, KEY_ECDSA, }, { "sha384", SIGN_ECDSA_384, KEY_ECDSA, }, { "sha512", SIGN_ECDSA_521, KEY_ECDSA, }, - { "sha256", SIGN_BLISS_WITH_SHA2_256, KEY_BLISS, }, - { "sha384", SIGN_BLISS_WITH_SHA2_384, KEY_BLISS, }, - { "sha512", SIGN_BLISS_WITH_SHA2_512, KEY_BLISS, }, { "identity", SIGN_ED25519, KEY_ED25519, }, { "identity", SIGN_ED448, KEY_ED448, }, }; @@ -657,13 +647,6 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void, expected_type = KEY_ED448; continue; } - if (streq(token, "bliss") || streq(token, "ike:bliss")) - { - key_token = token; - expected_type = KEY_BLISS; - expected_strength = AUTH_RULE_BLISS_STRENGTH; - continue; - } if (streq(token, "pubkey") || streq(token, "ike:pubkey")) { key_token = token; @@ -1053,7 +1036,6 @@ METHOD(auth_cfg_t, complies, bool, } case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: { strength = (uintptr_t)value; break; @@ -1145,9 +1127,6 @@ METHOD(auth_cfg_t, complies, bool, case AUTH_RULE_ECDSA_STRENGTH: key_type = "ECDSA"; break; - case AUTH_RULE_BLISS_STRENGTH: - key_type = "BLISS"; - break; } success = FALSE; e1 = constraints->create_enumerator(constraints); @@ -1246,7 +1225,6 @@ static void merge(private_auth_cfg_t *this, private_auth_cfg_t *other, bool copy case AUTH_RULE_EAP_VENDOR: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: { add(this, type, (uintptr_t)value); @@ -1424,7 +1402,6 @@ METHOD(auth_cfg_t, clone_, auth_cfg_t*, case AUTH_RULE_OCSP_VALIDATION: case AUTH_RULE_RSA_STRENGTH: case AUTH_RULE_ECDSA_STRENGTH: - case AUTH_RULE_BLISS_STRENGTH: case AUTH_RULE_CERT_VALIDATION_SUSPENDED: clone->add(clone, type, (uintptr_t)value); break; diff --git a/src/libstrongswan/credentials/auth_cfg.h b/src/libstrongswan/credentials/auth_cfg.h index 0bca945ad6..561f369ed2 100644 --- a/src/libstrongswan/credentials/auth_cfg.h +++ b/src/libstrongswan/credentials/auth_cfg.h @@ -107,8 +107,6 @@ enum auth_rule_t { AUTH_RULE_RSA_STRENGTH, /** required ECDSA public key strength, u_int in bits */ AUTH_RULE_ECDSA_STRENGTH, - /** required BLISS public key strength, u_int in bits */ - AUTH_RULE_BLISS_STRENGTH, /** required signature scheme, signature_params_t* */ AUTH_RULE_SIGNATURE_SCHEME, /** required signature scheme for IKE authentication, signature_params_t* */ diff --git a/src/libstrongswan/credentials/cred_encoding.h b/src/libstrongswan/credentials/cred_encoding.h index 0b469d039a..3f0b5f1b63 100644 --- a/src/libstrongswan/credentials/cred_encoding.h +++ b/src/libstrongswan/credentials/cred_encoding.h @@ -149,11 +149,6 @@ enum cred_encoding_part_t { CRED_PART_EDDSA_PUB_ASN1_DER, /** a DER encoded EdDSA private key */ CRED_PART_EDDSA_PRIV_ASN1_DER, - /** a DER encoded BLISS public key */ - CRED_PART_BLISS_PUB_ASN1_DER, - /** a DER encoded BLISS private key */ - CRED_PART_BLISS_PRIV_ASN1_DER, - CRED_PART_END, }; diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c index f3b0af0cf6..dd6b89488b 100644 --- a/src/libstrongswan/credentials/credential_manager.c +++ b/src/libstrongswan/credentials/credential_manager.c @@ -732,9 +732,6 @@ static void get_key_strength(certificate_t *cert, auth_cfg_t *auth) case KEY_ECDSA: auth->add(auth, AUTH_RULE_ECDSA_STRENGTH, strength); break; - case KEY_BLISS: - auth->add(auth, AUTH_RULE_BLISS_STRENGTH, strength); - break; default: break; } diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c index f2e3b9bd36..927e6f53ca 100644 --- a/src/libstrongswan/credentials/keys/public_key.c +++ b/src/libstrongswan/credentials/keys/public_key.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2015-2017 Tobias Brunner - * Copyright (C) 2014-2016 Andreas Steffen + * Copyright (C) 2014-2020 Andreas Steffen * Copyright (C) 2007 Martin Willi * * Copyright (C) secunet Security Networks AG @@ -21,17 +21,16 @@ #include "public_key.h" #include "signature_params.h" -ENUM(key_type_names, KEY_ANY, KEY_BLISS, +ENUM(key_type_names, KEY_ANY, KEY_ED448, "ANY", "RSA", "ECDSA", "DSA", "ED25519", "ED448", - "BLISS" ); -ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512, +ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_ED448, "UNKNOWN", "RSA_EMSA_PKCS1_NULL", "RSA_EMSA_PKCS1_MD5", @@ -55,12 +54,6 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512, "ECDSA-521", "ED25519", "ED448", - "BLISS_WITH_SHA2_256", - "BLISS_WITH_SHA2_384", - "BLISS_WITH_SHA2_512", - "BLISS_WITH_SHA3_256", - "BLISS_WITH_SHA3_384", - "BLISS_WITH_SHA3_512", ); ENUM(encryption_scheme_names, ENCRYPT_UNKNOWN, ENCRYPT_RSA_OAEP_SHA512, @@ -164,19 +157,6 @@ signature_scheme_t signature_scheme_from_oid(int oid) return SIGN_ED25519; case OID_ED448: return SIGN_ED448; - case OID_BLISS_PUBLICKEY: - case OID_BLISS_WITH_SHA2_512: - return SIGN_BLISS_WITH_SHA2_512; - case OID_BLISS_WITH_SHA2_384: - return SIGN_BLISS_WITH_SHA2_384; - case OID_BLISS_WITH_SHA2_256: - return SIGN_BLISS_WITH_SHA2_256; - case OID_BLISS_WITH_SHA3_512: - return SIGN_BLISS_WITH_SHA3_512; - case OID_BLISS_WITH_SHA3_384: - return SIGN_BLISS_WITH_SHA3_384; - case OID_BLISS_WITH_SHA3_256: - return SIGN_BLISS_WITH_SHA3_256; } return SIGN_UNKNOWN; } @@ -229,18 +209,6 @@ int signature_scheme_to_oid(signature_scheme_t scheme) return OID_ED25519; case SIGN_ED448: return OID_ED448; - case SIGN_BLISS_WITH_SHA2_256: - return OID_BLISS_WITH_SHA2_256; - case SIGN_BLISS_WITH_SHA2_384: - return OID_BLISS_WITH_SHA2_384; - case SIGN_BLISS_WITH_SHA2_512: - return OID_BLISS_WITH_SHA2_512; - case SIGN_BLISS_WITH_SHA3_256: - return OID_BLISS_WITH_SHA3_256; - case SIGN_BLISS_WITH_SHA3_384: - return OID_BLISS_WITH_SHA3_384; - case SIGN_BLISS_WITH_SHA3_512: - return OID_BLISS_WITH_SHA3_512; } return OID_UNKNOWN; } @@ -279,9 +247,6 @@ static struct { { KEY_ECDSA, 0, { .scheme = SIGN_ECDSA_WITH_SHA512_DER }}, { KEY_ED25519, 0, { .scheme = SIGN_ED25519 }}, { KEY_ED448, 0, { .scheme = SIGN_ED448 }}, - { KEY_BLISS, 128, { .scheme = SIGN_BLISS_WITH_SHA2_256 }}, - { KEY_BLISS, 192, { .scheme = SIGN_BLISS_WITH_SHA2_384 }}, - { KEY_BLISS, 0, { .scheme = SIGN_BLISS_WITH_SHA2_512 }}, }; /** @@ -370,13 +335,6 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme) return KEY_ED25519; case SIGN_ED448: return KEY_ED448; - case SIGN_BLISS_WITH_SHA2_256: - case SIGN_BLISS_WITH_SHA2_384: - case SIGN_BLISS_WITH_SHA2_512: - case SIGN_BLISS_WITH_SHA3_256: - case SIGN_BLISS_WITH_SHA3_384: - case SIGN_BLISS_WITH_SHA3_512: - return KEY_BLISS; } return KEY_ANY; } diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h index 55c0181ff3..32a41cf9cb 100644 --- a/src/libstrongswan/credentials/keys/public_key.h +++ b/src/libstrongswan/credentials/keys/public_key.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2015-2017 Tobias Brunner - * Copyright (C) 2014-2017 Andreas Steffen + * Copyright (C) 2014-2020 Andreas Steffen * Copyright (C) 2007 Martin Willi * * Copyright (C) secunet Security Networks AG @@ -48,8 +48,6 @@ enum key_type_t { KEY_ED25519 = 4, /** Ed448 PureEdDSA instance as in RFC 8032 */ KEY_ED448 = 5, - /** BLISS */ - KEY_BLISS = 6, }; /** @@ -111,18 +109,6 @@ enum signature_scheme_t { SIGN_ED25519, /** PureEdDSA on Curve448 as in RFC 8410 */ SIGN_ED448, - /** BLISS with SHA-2_256 */ - SIGN_BLISS_WITH_SHA2_256, - /** BLISS with SHA-2_384 */ - SIGN_BLISS_WITH_SHA2_384, - /** BLISS with SHA-2_512 */ - SIGN_BLISS_WITH_SHA2_512, - /** BLISS with SHA-3_256 */ - SIGN_BLISS_WITH_SHA3_256, - /** BLISS with SHA-3_384 */ - SIGN_BLISS_WITH_SHA3_384, - /** BLISS with SHA-3_512 */ - SIGN_BLISS_WITH_SHA3_512, }; /** diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 61533fcf04..2fed3b4133 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -477,24 +477,6 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key) default: return OID_UNKNOWN; } - case KEY_BLISS: - switch (alg) - { - case HASH_SHA256: - return OID_BLISS_WITH_SHA2_256; - case HASH_SHA384: - return OID_BLISS_WITH_SHA2_384; - case HASH_SHA512: - return OID_BLISS_WITH_SHA2_512; - case HASH_SHA3_256: - return OID_BLISS_WITH_SHA3_256; - case HASH_SHA3_384: - return OID_BLISS_WITH_SHA3_384; - case HASH_SHA3_512: - return OID_BLISS_WITH_SHA3_512; - default: - return OID_UNKNOWN; - } default: return OID_UNKNOWN; } @@ -532,28 +514,22 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme, case SIGN_RSA_EMSA_PKCS1_SHA2_256: case SIGN_ECDSA_WITH_SHA256_DER: case SIGN_ECDSA_256: - case SIGN_BLISS_WITH_SHA2_256: return HASH_SHA256; case SIGN_RSA_EMSA_PKCS1_SHA2_384: case SIGN_ECDSA_WITH_SHA384_DER: case SIGN_ECDSA_384: - case SIGN_BLISS_WITH_SHA2_384: return HASH_SHA384; case SIGN_RSA_EMSA_PKCS1_SHA2_512: case SIGN_ECDSA_WITH_SHA512_DER: case SIGN_ECDSA_521: - case SIGN_BLISS_WITH_SHA2_512: return HASH_SHA512; case SIGN_RSA_EMSA_PKCS1_SHA3_224: return HASH_SHA3_224; case SIGN_RSA_EMSA_PKCS1_SHA3_256: - case SIGN_BLISS_WITH_SHA3_256: return HASH_SHA3_256; case SIGN_RSA_EMSA_PKCS1_SHA3_384: - case SIGN_BLISS_WITH_SHA3_384: return HASH_SHA3_384; case SIGN_RSA_EMSA_PKCS1_SHA3_512: - case SIGN_BLISS_WITH_SHA3_512: return HASH_SHA3_512; } return HASH_UNKNOWN; diff --git a/src/libstrongswan/plugins/bliss/.gitignore b/src/libstrongswan/plugins/bliss/.gitignore deleted file mode 100644 index 7c4a04044f..0000000000 --- a/src/libstrongswan/plugins/bliss/.gitignore +++ /dev/null @@ -1 +0,0 @@ -bliss_huffman diff --git a/src/libstrongswan/plugins/bliss/Makefile.am b/src/libstrongswan/plugins/bliss/Makefile.am deleted file mode 100644 index 4d845884f7..0000000000 --- a/src/libstrongswan/plugins/bliss/Makefile.am +++ /dev/null @@ -1,67 +0,0 @@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libstrongswan/math/libnttfft - -AM_CFLAGS = \ - $(PLUGIN_CFLAGS) - -# these file are also used by bliss_huffman -noinst_LTLIBRARIES = libbliss-params.la - -libbliss_params_la_SOURCES = \ - bliss_param_set.h bliss_param_set.c - -libbliss_params_la_LIBADD = \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la - -# these files are also used by the tests, we can't directly refer to them -# because of the subdirectory, which would cause distclean to fail -noinst_LTLIBRARIES += libbliss.la -libbliss_la_SOURCES = \ - bliss_private_key.h bliss_private_key.c \ - bliss_public_key.h bliss_public_key.c \ - bliss_signature.h bliss_signature.c \ - bliss_utils.h bliss_utils.c \ - bliss_bitpacker.h bliss_bitpacker.c \ - bliss_huffman_code.h bliss_huffman_code.c \ - bliss_huffman_code_1.c bliss_huffman_code_3.c bliss_huffman_code_4.c \ - bliss_huffman_coder.h bliss_huffman_coder.c \ - bliss_sampler.h bliss_sampler.c - -libbliss_la_LIBADD = \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ - libbliss-params.la - -if MONOLITHIC -noinst_LTLIBRARIES += libstrongswan-bliss.la -else -plugin_LTLIBRARIES = libstrongswan-bliss.la -endif - -libstrongswan_bliss_la_SOURCES = \ - bliss_plugin.h bliss_plugin.c - -libstrongswan_bliss_la_LDFLAGS = -module -avoid-version - -libstrongswan_bliss_la_LIBADD = libbliss.la - -noinst_PROGRAMS = bliss_huffman - -bliss_huffman_SOURCES = bliss_huffman.c - -bliss_huffman_LDADD = -lm \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ - libbliss-params.la - -# this won't work with monolithic builds -if USE_BUILTIN_PRINTF -bliss_huffman_LDADD += $(top_builddir)/src/libstrongswan/libstrongswan.la -endif - -recreate-bliss-huffman : bliss_huffman bliss_huffman_code.h - $(AM_V_GEN) \ - ./bliss_huffman 1 8 > $(srcdir)/bliss_huffman_code_1.c 2>/dev/null - $(AM_V_GEN) \ - ./bliss_huffman 3 16 > $(srcdir)/bliss_huffman_code_3.c 2>/dev/null - $(AM_V_GEN) \ - ./bliss_huffman 4 32 > $(srcdir)/bliss_huffman_code_4.c 2>/dev/null diff --git a/src/libstrongswan/plugins/bliss/bliss_bitpacker.c b/src/libstrongswan/plugins/bliss/bliss_bitpacker.c deleted file mode 100644 index 81680ad510..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_bitpacker.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_bitpacker.h" - -typedef struct private_bliss_bitpacker_t private_bliss_bitpacker_t; - -/** - * Private data structure for bliss_bitpacker_t object - */ -struct private_bliss_bitpacker_t { - /** - * Public interface. - */ - bliss_bitpacker_t public; - - /** - * Current number of bits written to buffer - */ - size_t bits; - - /** - * Bit buffer for up to 32 bits - */ - uint32_t bits_buf; - - /** - * Bits left in the bit buffer - */ - size_t bits_left; - - /** - * Buffer - */ - chunk_t buf; - - /** - * Read/Write pointer into buffer - */ - chunk_t pos; - -}; - -METHOD(bliss_bitpacker_t, get_bits, size_t, - private_bliss_bitpacker_t *this) -{ - return this->bits; -} - -METHOD(bliss_bitpacker_t, write_bits, bool, - private_bliss_bitpacker_t *this, uint32_t value, size_t bits) -{ - if (bits == 0) - { - return TRUE; - } - if (bits > 32) - { - return FALSE; - } - if (bits < 32) - { - value &= (1 << bits) - 1; - } - this->bits += bits; - - while (TRUE) - { - if (bits <= this->bits_left) - { - this->bits_buf |= value << (this->bits_left - bits); - this->bits_left -= bits; - return TRUE; - } - - this->bits_buf |= value >> (bits - this->bits_left); - value &= (1 << (bits - this->bits_left)) - 1; - bits -= this->bits_left; - - if (this->pos.len < 8) - { - return FALSE; - } - htoun32(this->pos.ptr, this->bits_buf); - this->pos = chunk_skip(this->pos, 4); - this->bits_buf = 0; - this->bits_left = 32; - } -} - -METHOD(bliss_bitpacker_t, read_bits, bool, - private_bliss_bitpacker_t *this, uint32_t *value, size_t bits) -{ - if (bits > 32) - { - return FALSE; - } - *value = 0; - - while (TRUE) - { - if (this->bits_left == 0) - { - if (this->pos.len < 4) - { - return FALSE; - } - this->bits_buf = untoh32(this->pos.ptr); - this->pos = chunk_skip(this->pos, 4); - this->bits_left = 32; - } - if (bits <= this->bits_left) - { - *value |= this->bits_buf >> (this->bits_left - bits); - this->bits_buf &= (1 << (this->bits_left - bits)) - 1; - this->bits_left -= bits; - - return TRUE; - } - *value |= this->bits_buf << (bits - this->bits_left); - bits -= this->bits_left; - this->bits_left = 0; - } -} - -METHOD(bliss_bitpacker_t, extract_buf, chunk_t, - private_bliss_bitpacker_t *this) -{ - chunk_t buf; - - htoun32(this->pos.ptr, this->bits_buf); - this->pos.len -= 4; - buf = this->buf; - buf.len = this->buf.len - this->pos.len - this->bits_left/8; - this->buf = this->pos = chunk_empty; - - return buf; -} - -METHOD(bliss_bitpacker_t, destroy, void, - private_bliss_bitpacker_t *this) -{ - free(this->buf.ptr); - free(this); -} - -/** - * See header. - */ -bliss_bitpacker_t *bliss_bitpacker_create(uint16_t max_bits) -{ - private_bliss_bitpacker_t *this; - - INIT(this, - .public = { - .get_bits = _get_bits, - .write_bits = _write_bits, - .read_bits = _read_bits, - .extract_buf = _extract_buf, - .destroy = _destroy, - }, - .bits_left = 32, - .buf = chunk_alloc(round_up(max_bits, 32)/8), - ); - - this->pos = this->buf; - - return &this->public; -} - -/** - * See header. - */ -bliss_bitpacker_t *bliss_bitpacker_create_from_data(chunk_t data) -{ - private_bliss_bitpacker_t *this; - - INIT(this, - .public = { - .get_bits = _get_bits, - .write_bits = _write_bits, - .read_bits = _read_bits, - .extract_buf = _extract_buf, - .destroy = _destroy, - }, - .bits = 8 * data.len, - .buf = chunk_alloc(round_up(data.len, 4)), - ); - - memset(this->buf.ptr + this->buf.len - 4, 0x00, 4); - memcpy(this->buf.ptr, data.ptr, data.len); - this->pos = this->buf; - - return &this->public; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_bitpacker.h b/src/libstrongswan/plugins/bliss/bliss_bitpacker.h deleted file mode 100644 index 01dabd2535..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_bitpacker.h +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_bitpacker bliss_bitpacker - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_BITPACKER_H_ -#define BLISS_BITPACKER_H_ - -#include - -typedef struct bliss_bitpacker_t bliss_bitpacker_t; - -/** - * Reads and writes a variable number of bits in packed format - * from and to an octet buffer - */ -struct bliss_bitpacker_t { - - /** - * Get the number of bits written into buffer - * - * @result Number of bits written - */ - size_t (*get_bits)(bliss_bitpacker_t *this); - - /** - * Get the prime modulus of the Number Theoretic Transform - * - * @param value Value to be written - * @param bits Number of bits to be written - * @result TRUE if value could be written into buffer - */ - bool (*write_bits)(bliss_bitpacker_t *this, uint32_t value, size_t bits); - - - /** - * Get the prime modulus of the Number Theoretic Transform - * - * @param value Value returned - * @param bits Number of bits to be read - * @result TRUE if value could be read from buffer - */ - bool (*read_bits)(bliss_bitpacker_t *this, uint32_t *value, size_t bits); - - /** - * Detach the internal octet buffer and return it - */ - chunk_t (*extract_buf)(bliss_bitpacker_t *this); - - /** - * Destroy bliss_bitpacker_t object - */ - void (*destroy)(bliss_bitpacker_t *this); -}; - -/** - * Create a bliss_bitpacker_t object for writing - * - * @param max_bits Total number of bits to be stored - */ -bliss_bitpacker_t* bliss_bitpacker_create(uint16_t max_bits); - -/** - * Create a bliss_bitpacker_t object for reading - * - * @param data Packed array of bits - */ -bliss_bitpacker_t* bliss_bitpacker_create_from_data(chunk_t data); - -#endif /** BLISS_BITPACKER_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman.c b/src/libstrongswan/plugins/bliss/bliss_huffman.c deleted file mode 100644 index 5f7c3e63ef..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman.c +++ /dev/null @@ -1,433 +0,0 @@ -/* - * Copyright (C) 2014 Tobias Brunner - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_param_set.h" - -#include - -#include -#include - -typedef struct tuple_t tuple_t; - -struct tuple_t { - int8_t z1; - int8_t z2; - uint16_t index; - uint16_t bits; - uint32_t code; -}; - -typedef struct node_t node_t; - -struct node_t { - node_t *next; - node_t *l; - node_t *r; - tuple_t *tuple; - double p; - uint16_t depth; - uint16_t index; -}; - -static void print_node(node_t *node) -{ - if (node->tuple) - { - fprintf(stderr, "(%1d,%2d)", node->tuple->z1, node->tuple->z2); - } - else - { - fprintf(stderr, " "); - } - fprintf(stderr, " %18.16f\n", node->p); -} - -static double code_node(node_t *node, int *index, uint8_t bits, uint32_t code) -{ - double code_length = 0; - - node->index = (*index)++; - - if (node->tuple) - { - node->tuple->code = code; - node->tuple->bits = bits; - code_length += node->p * bits; - } - if (node->l) - { - code_length += code_node(node->l, index, bits + 1, (code << 1)); - } - if (node->r) - { - code_length += code_node(node->r, index, bits + 1, (code << 1) + 1); - } - - return code_length; - -} - -static void write_node(node_t *node) -{ - int16_t node_0, node_1, tuple; - - node_0 = node->l ? node->l->index : BLISS_HUFFMAN_CODE_NO_NODE; - node_1 = node->r ? node->r->index : BLISS_HUFFMAN_CODE_NO_NODE; - tuple = node->tuple ? node->tuple->index : BLISS_HUFFMAN_CODE_NO_TUPLE; - - printf("\t{ %3d, %3d, %3d }, /* %3d: ", node_0, node_1, tuple, node->index); - - if (node->tuple) - { - printf("(%d,%2d) %2u bit%s ", node->tuple->z1, node->tuple->z2, - node->tuple->bits, (node->tuple->bits == 1) ? " " : "s"); - } - printf("*/\n"); - - if (node->l) - { - write_node(node->l); - } - if (node->r) - { - write_node(node->r); - } -} - -static void write_header(void) -{ - printf("/*\n"); - printf(" * Copyright (C) 2014 Andreas Steffen\n"); - printf(" *\n"); - printf(" * Optimum Huffman code for BLISS-X signatures\n"); - printf(" *\n"); - printf(" * This file has been automatically generated by the" - " bliss_huffman utility\n"); - printf(" * Do not edit manually!\n"); - printf(" */\n\n"); -}; - -static void write_code_tables(int bliss_type, int n_z1, int n_z2, node_t *nodes, - tuple_t **tuples) -{ - int index, i, k; - uint32_t bit; - double code_length; - - printf("#include \"bliss_huffman_code.h\"\n\n"); - - printf("static bliss_huffman_code_node_t nodes[] = {\n"); - index = 0; - code_length = code_node(nodes, &index, 0, 0); - write_node(nodes); - printf("};\n\n"); - - printf("static bliss_huffman_code_tuple_t tuples[] = {\n"); - index = 0; - for (i = 0; i < n_z1; i++) - { - if (i > 0) - { - printf("\n"); - } - for (k = 1 - n_z2; k < n_z2; k++) - { - printf("\t{ %5u, %2u }, /* %3d: (%1d,%2d) ", - tuples[index]->code, tuples[index]->bits, index, i, k); - bit = 1 << (tuples[index]->bits - 1); - while (bit) - { - printf("%s", (tuples[index]->code & bit) ? "1" : "0"); - bit >>= 1; - } - printf(" */\n"); - index++; - } - } - printf("};\n\n"); - printf("/* code_length = %6.4f bits/tuple (%d bits) */\n\n", - code_length, (int)(512 * code_length + 1)); - - printf("bliss_huffman_code_t bliss_huffman_code_%d = {\n", bliss_type); - printf("\t.n_z1 = %d,\n", n_z1); - printf("\t.n_z2 = %d,\n", n_z2); - printf("\t.tuples = tuples,\n"); - printf("\t.nodes = nodes\n"); - printf("};\n"); -} - -static void destroy_node(node_t *node) -{ - if (node->l) - { - destroy_node(node->l); - } - if (node->r) - { - destroy_node(node->r); - } - free(node->tuple); - free(node); -} - -static void remove_node(node_t *list, node_t **last, node_t *node) -{ - node_t *current, *prev; - - for (current = list->next, prev = list; current; - prev = current, current = current->next) - { - if (current == node) - { - prev->next = current->next; - if (*last == current) - { - *last = prev->next ?: prev; - } - break; - } - } -} - -/** - * Generate a Huffman code for the optimum encoding of BLISS signatures - */ -int main(int argc, char *argv[]) -{ - const bliss_param_set_t *set; - int dx, bliss_type, depth = 1, groups, groups_left, pairs = 1; - int i_max = 9, k_max = 8, index_max = (2*k_max - 1) * i_max; - int i, i_top, k, k_top; - uint16_t index; - double p, p_z1[i_max], p_z2[k_max], x_z1[i_max], x_z2[k_max]; - double t, x, x0, p_sum, entropy = 0, erf_i, erf_k, erf_0 = 0; - tuple_t *tuple, *tuples[index_max]; - node_t *node, *node_l, *node_r, *nodes = NULL; - node_t *node_list, *node_last; - - if (argc < 2) - { - fprintf(stderr, "usage: bliss_huffman []\n"); - exit(1); - } - if (argc > 2) - { - pairs = atoi(argv[2]); - } - fprintf(stderr, "%d code pairs with constant length\n\n", pairs); - groups_left = groups = pairs >> 1; - - bliss_type = atoi(argv[1]); - set = bliss_param_set_get_by_id(bliss_type); - if (!set) - { - fprintf(stderr, "bliss type %d unsupported\n", bliss_type); - exit(1); - } - write_header(); - printf("/*\n"); - printf(" * Design: sigma = %u\n", set->sigma); - printf(" *\n"); - - t = 1/(sqrt(2) * set->sigma); - - /* Probability distribution for z1 */ - i_top = (set->B_inf + 255) / 256; - p_sum = 0; - x = 0; - - for (i = 0; i < i_top; i++) - { - x = min(x + 256, set->B_inf); - erf_i = erf(t*x); - p_z1[i] = erf_i - erf_0; - p_sum += p_z1[i]; - erf_0 = erf_i; - x_z1[i] = x; - } - - /* Normalize and print the probability distribution for z1 */ - printf(" * i p_z1[i]\n"); - x0 = 0; - - for (i = 0; i < i_top; i++) - { - p_z1[i] /= p_sum; - printf(" * %2d %18.16f %4.0f .. %4.0f\n", i, p_z1[i], x0, x_z1[i]); - x0 = x_z1[i]; - } - printf(" *\n"); - - /* Probability distribution for z2 */ - dx = 1 << set->d; - k_top = 1 + set->B_inf / dx; - x = (dx >> 1) - 0.5; - p_sum = 0; - - for (k = 0; k < k_top; k++) - { - - erf_k = erf(t*x) / 2; - p_z2[k] = (k == 0) ? 2*erf_k : erf_k - erf_0; - p_sum += (k == 0) ? p_z2[k] : 2*p_z2[k]; - erf_0 = erf_k; - x_z2[k] = x; - x += dx; - } - - /* Normalize the probability distribution for z2 */ - for (k = 0; k < k_top; k++) - { - p_z2[k] /= p_sum; - } - - /* Print the probability distribution for z2 */ - printf(" * k p_z2[k] dx = %d\n", dx); - - for (k = 1 - k_top; k < k_top; k++) - { - - printf(" * %2d %18.16f ",k, p_z2[abs(k)]); - if (k < 0) - { - printf(" %7.1f ..%7.1f\n", -x_z2[-k], -x_z2[-k-1]); - } - else if (k == 0) - { - printf(" %7.1f ..%7.1f\n", -x_z2[k], x_z2[k]); - } - else - { - printf(" %7.1f ..%7.1f\n", x_z2[k-1], x_z2[k]); - } - } - printf(" *\n"); - - /* Compute probabilities of tuples (z1, z2) */ - INIT(node_list); - node_last = node_list; - printf(" * (i, k) p\n"); - p_sum =0; - index = 0; - - for (i = 0; i < i_top; i++) - { - for (k = 1 - k_top; k < k_top; k++) - { - p = p_z1[i] * p_z2[abs(k)]; - printf(" * (%1d,%2d) %18.16f\n", i, k, p); - p_sum += p; - entropy += -log(p) * p; - - INIT(tuple, - .z1 = i, - .z2 = k, - .index = index, - ); - tuples[index++] = tuple; - - INIT(node, - .p = p, - .tuple = tuple, - ); - node_last->next = node; - node_last = node; - } - printf(" *\n"); - } - entropy /= log(2); - printf(" * p_sum %18.16f\n", p_sum); - printf(" *\n"); - printf(" * entropy = %6.4f bits/tuple (%d bits)\n", - entropy, (int)(512 * entropy)); - printf(" */\n\n"); - - /* Build Huffman tree */ - while (node_list->next != node_last) - { - node_r = node_l = NULL; - - for (node = node_list->next; node; node = node->next) - { - if (pairs > 0) - { - if (!node->tuple) - { - continue; - } - } - else if (groups_left > 0) - { - if (node->tuple || node->depth != depth) - { - continue; - } - } - if (node_r == NULL || node->p < node_r->p) - { - node_l = node_r; - node_r = node; - } - else if (node_l == NULL || node->p < node_l->p) - { - node_l = node; - } - } - - INIT(node, - .l = node_l, - .r = node_r, - .p = node_l->p + node_r->p, - .depth = 1 + max(node_l->depth, node_r->depth), - .tuple = NULL, - ); - print_node(node_r); - print_node(node_l); - fprintf(stderr, " %18.16f", node->p); - - remove_node(node_list, &node_last, node_l); - remove_node(node_list, &node_last, node_r); - node_last->next = node; - node_last = node; - - if (pairs > 0) - { - pairs--; - } - else if (groups > 0) - { - if (--groups_left == 0) - { - groups >>= 1; - groups_left = groups; - depth++; - } - } - fprintf(stderr, "\n\n"); - } - - - nodes = node_list->next; - - write_code_tables(bliss_type, i_top, k_top, nodes, tuples); - - destroy_node(nodes); - destroy_node(node_list); - exit(0); -} - diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_code.c b/src/libstrongswan/plugins/bliss/bliss_huffman_code.c deleted file mode 100644 index 711c8c6af4..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_code.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_huffman_code.h" - -extern bliss_huffman_code_t bliss_huffman_code_1; -extern bliss_huffman_code_t bliss_huffman_code_3; -extern bliss_huffman_code_t bliss_huffman_code_4; - -/** - * See header. - */ -bliss_huffman_code_t* bliss_huffman_code_get_by_id(bliss_param_set_id_t id) -{ - switch (id) - { - case BLISS_I: - case BLISS_B_I: - return &bliss_huffman_code_1; - case BLISS_III: - case BLISS_B_III: - return &bliss_huffman_code_3; - case BLISS_IV: - case BLISS_B_IV: - return &bliss_huffman_code_4; - default: - return NULL; - } -} - diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_code.h b/src/libstrongswan/plugins/bliss/bliss_huffman_code.h deleted file mode 100644 index 3ba3a4df8a..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_code.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_huffman_code bliss_huffman_code - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_HUFFMAN_CODE_H_ -#define BLISS_HUFFMAN_CODE_H_ - -#include "bliss_param_set.h" - -#include - -typedef struct bliss_huffman_code_t bliss_huffman_code_t; -typedef struct bliss_huffman_code_tuple_t bliss_huffman_code_tuple_t; -typedef struct bliss_huffman_code_node_t bliss_huffman_code_node_t; - -struct bliss_huffman_code_tuple_t { - uint32_t code; - uint16_t bits; -}; - -#define BLISS_HUFFMAN_CODE_NO_TUPLE -1 -#define BLISS_HUFFMAN_CODE_NO_NODE -1 - -struct bliss_huffman_code_node_t { - int16_t node_0; - int16_t node_1; - int16_t tuple; -}; - -/** - * Defines the Huffman code for the optimum encoding of a BLISS signature - */ -struct bliss_huffman_code_t { - - /** - * Range of z1: 0..n_z1-1 - */ - uint16_t n_z1; - - /** - * Range of z2: -n_z2..n_z2 - */ - uint16_t n_z2; - - /** - * Table of tuple codewords - */ - bliss_huffman_code_tuple_t *tuples; - - /** - * Table of binary decision nodes - */ - bliss_huffman_code_node_t *nodes; -}; - -/** - * Get Optimum Huffman code for BLISS signature given by BLISS parameter set ID - * - * @param id BLISS parameter set ID - * @return Optimum Huffman code for BLISS signature -*/ -bliss_huffman_code_t* bliss_huffman_code_get_by_id(bliss_param_set_id_t id); - -#endif /** BLISS_HUFFMAN_CODE_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_code_1.c b/src/libstrongswan/plugins/bliss/bliss_huffman_code_1.c deleted file mode 100644 index b24c7b1849..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_code_1.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Optimum Huffman code for BLISS-X signatures - * - * This file has been automatically generated by the bliss_huffman utility - * Do not edit manually! - */ - -/* - * Design: sigma = 215 - * - * i p_z1[i] - * 0 0.7662277087816564 0 .. 256 - * 1 0.2165251006508514 256 .. 512 - * 2 0.0168930510015114 512 .. 768 - * 3 0.0003522302274478 768 .. 1024 - * 4 0.0000019067136680 1024 .. 1280 - * 5 0.0000000026239598 1280 .. 1536 - * 6 0.0000000000009052 1536 .. 1792 - * 7 0.0000000000000001 1792 .. 2047 - * - * k p_z2[k] dx = 1024 - * -1 0.0086781953089156 -1535.5 .. -511.5 - * 0 0.9826436093821688 -511.5 .. 511.5 - * 1 0.0086781953089156 511.5 .. 1535.5 - * - * (i, k) p - * (0,-1) 0.0066494737079101 - * (0, 0) 0.7529287613658361 - * (0, 1) 0.0066494737079101 - * - * (1,-1) 0.0018790471127307 - * (1, 0) 0.2127670064253900 - * (1, 1) 0.0018790471127307 - * - * (2,-1) 0.0001466011959546 - * (2, 0) 0.0165998486096022 - * (2, 1) 0.0001466011959546 - * - * (3,-1) 0.0000030567227075 - * (3, 0) 0.0003461167820328 - * (3, 1) 0.0000030567227075 - * - * (4,-1) 0.0000000165468336 - * (4, 0) 0.0000018736200007 - * (4, 1) 0.0000000165468336 - * - * (5,-1) 0.0000000000227712 - * (5, 0) 0.0000000025784174 - * (5, 1) 0.0000000000227712 - * - * (6,-1) 0.0000000000000079 - * (6, 0) 0.0000000000008895 - * (6, 1) 0.0000000000000079 - * - * (7,-1) 0.0000000000000000 - * (7, 0) 0.0000000000000001 - * (7, 1) 0.0000000000000000 - * - * p_sum 0.9999999999999998 - * - * entropy = 1.0195 bits/tuple (521 bits) - */ - -#include "bliss_huffman_code.h" - -static bliss_huffman_code_node_t nodes[] = { - { 1, 2, -1 }, /* 0: */ - { -1, -1, 1 }, /* 1: (0, 0) 1 bit */ - { 3, 4, -1 }, /* 2: */ - { -1, -1, 4 }, /* 3: (1, 0) 2 bits */ - { 5, 46, -1 }, /* 4: */ - { 6, 45, -1 }, /* 5: */ - { 7, 8, -1 }, /* 6: */ - { -1, -1, 0 }, /* 7: (0,-1) 5 bits */ - { 9, 44, -1 }, /* 8: */ - { 10, 11, -1 }, /* 9: */ - { -1, -1, 3 }, /* 10: (1,-1) 7 bits */ - { 12, 13, -1 }, /* 11: */ - { -1, -1, 10 }, /* 12: (3, 0) 8 bits */ - { 14, 29, -1 }, /* 13: */ - { 15, 22, -1 }, /* 14: */ - { 16, 19, -1 }, /* 15: */ - { 17, 18, -1 }, /* 16: */ - { -1, -1, 8 }, /* 17: (2, 1) 12 bits */ - { -1, -1, 6 }, /* 18: (2,-1) 12 bits */ - { 20, 21, -1 }, /* 19: */ - { -1, -1, 11 }, /* 20: (3, 1) 12 bits */ - { -1, -1, 9 }, /* 21: (3,-1) 12 bits */ - { 23, 26, -1 }, /* 22: */ - { 24, 25, -1 }, /* 23: */ - { -1, -1, 13 }, /* 24: (4, 0) 12 bits */ - { -1, -1, 14 }, /* 25: (4, 1) 12 bits */ - { 27, 28, -1 }, /* 26: */ - { -1, -1, 12 }, /* 27: (4,-1) 12 bits */ - { -1, -1, 16 }, /* 28: (5, 0) 12 bits */ - { 30, 37, -1 }, /* 29: */ - { 31, 34, -1 }, /* 30: */ - { 32, 33, -1 }, /* 31: */ - { -1, -1, 17 }, /* 32: (5, 1) 12 bits */ - { -1, -1, 15 }, /* 33: (5,-1) 12 bits */ - { 35, 36, -1 }, /* 34: */ - { -1, -1, 19 }, /* 35: (6, 0) 12 bits */ - { -1, -1, 20 }, /* 36: (6, 1) 12 bits */ - { 38, 41, -1 }, /* 37: */ - { 39, 40, -1 }, /* 38: */ - { -1, -1, 18 }, /* 39: (6,-1) 12 bits */ - { -1, -1, 22 }, /* 40: (7, 0) 12 bits */ - { 42, 43, -1 }, /* 41: */ - { -1, -1, 23 }, /* 42: (7, 1) 12 bits */ - { -1, -1, 21 }, /* 43: (7,-1) 12 bits */ - { -1, -1, 5 }, /* 44: (1, 1) 6 bits */ - { -1, -1, 2 }, /* 45: (0, 1) 4 bits */ - { -1, -1, 7 }, /* 46: (2, 0) 3 bits */ -}; - -static bliss_huffman_code_tuple_t tuples[] = { - { 24, 5 }, /* 0: (0,-1) 11000 */ - { 0, 1 }, /* 1: (0, 0) 0 */ - { 13, 4 }, /* 2: (0, 1) 1101 */ - - { 100, 7 }, /* 3: (1,-1) 1100100 */ - { 2, 2 }, /* 4: (1, 0) 10 */ - { 51, 6 }, /* 5: (1, 1) 110011 */ - - { 3249, 12 }, /* 6: (2,-1) 110010110001 */ - { 7, 3 }, /* 7: (2, 0) 111 */ - { 3248, 12 }, /* 8: (2, 1) 110010110000 */ - - { 3251, 12 }, /* 9: (3,-1) 110010110011 */ - { 202, 8 }, /* 10: (3, 0) 11001010 */ - { 3250, 12 }, /* 11: (3, 1) 110010110010 */ - - { 3254, 12 }, /* 12: (4,-1) 110010110110 */ - { 3252, 12 }, /* 13: (4, 0) 110010110100 */ - { 3253, 12 }, /* 14: (4, 1) 110010110101 */ - - { 3257, 12 }, /* 15: (5,-1) 110010111001 */ - { 3255, 12 }, /* 16: (5, 0) 110010110111 */ - { 3256, 12 }, /* 17: (5, 1) 110010111000 */ - - { 3260, 12 }, /* 18: (6,-1) 110010111100 */ - { 3258, 12 }, /* 19: (6, 0) 110010111010 */ - { 3259, 12 }, /* 20: (6, 1) 110010111011 */ - - { 3263, 12 }, /* 21: (7,-1) 110010111111 */ - { 3261, 12 }, /* 22: (7, 0) 110010111101 */ - { 3262, 12 }, /* 23: (7, 1) 110010111110 */ -}; - -/* code_length = 1.3189 bits/tuple (676 bits) */ - -bliss_huffman_code_t bliss_huffman_code_1 = { - .n_z1 = 8, - .n_z2 = 2, - .tuples = tuples, - .nodes = nodes -}; diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_code_3.c b/src/libstrongswan/plugins/bliss/bliss_huffman_code_3.c deleted file mode 100644 index e60537a858..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_code_3.c +++ /dev/null @@ -1,260 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Optimum Huffman code for BLISS-X signatures - * - * This file has been automatically generated by the bliss_huffman utility - * Do not edit manually! - */ - -/* - * Design: sigma = 250 - * - * i p_z1[i] - * 0 0.6941647250930416 0 .. 256 - * 1 0.2652752755116807 256 .. 512 - * 2 0.0384337021454129 512 .. 768 - * 3 0.0020842622589255 768 .. 1024 - * 4 0.0000417294572050 1024 .. 1280 - * 5 0.0000003047309681 1280 .. 1536 - * 6 0.0000000008027661 1536 .. 1760 - * - * k p_z2[k] dx = 512 - * -3 0.0000001543959154 -1791.5 ..-1279.5 - * -2 0.0010701394583782 -1279.5 .. -767.5 - * -1 0.1523201563502276 -767.5 .. -255.5 - * 0 0.6932190995909575 -255.5 .. 255.5 - * 1 0.1523201563502276 255.5 .. 767.5 - * 2 0.0010701394583782 767.5 .. 1279.5 - * 3 0.0000001543959154 1279.5 .. 1791.5 - * - * (i, k) p - * (0,-3) 0.0000001071761982 - * (0,-2) 0.0007428530629363 - * (0,-1) 0.1057352794589848 - * (0, 0) 0.4812082456968029 - * (0, 1) 0.1057352794589848 - * (0, 2) 0.0007428530629363 - * (0, 3) 0.0000001071761982 - * - * (1,-3) 0.0000000409574190 - * (1,-2) 0.0002838815396572 - * (1,-1) 0.0404067714417889 - * (1, 0) 0.1838938876339505 - * (1, 1) 0.0404067714417889 - * (1, 2) 0.0002838815396572 - * (1, 3) 0.0000000409574190 - * - * (2,-3) 0.0000000059340066 - * (2,-2) 0.0000411294211974 - * (2,-1) 0.0058542275199074 - * (2, 0) 0.0266429763951902 - * (2, 1) 0.0058542275199074 - * (2, 2) 0.0000411294211974 - * (2, 3) 0.0000000059340066 - * - * (3,-3) 0.0000000003218016 - * (3,-2) 0.0000022304512849 - * (3,-1) 0.0003174751531544 - * (3, 0) 0.0014448504064437 - * (3, 1) 0.0003174751531544 - * (3, 2) 0.0000022304512849 - * (3, 3) 0.0000000003218016 - * - * (4,-3) 0.0000000000064429 - * (4,-2) 0.0000000446563387 - * (4,-1) 0.0000063562374459 - * (4, 0) 0.0000289276567501 - * (4, 1) 0.0000063562374459 - * (4, 2) 0.0000000446563387 - * (4, 3) 0.0000000000064429 - * - * (5,-3) 0.0000000000000470 - * (5,-2) 0.0000000003261046 - * (5,-1) 0.0000000464166687 - * (5, 0) 0.0000002112453273 - * (5, 1) 0.0000000464166687 - * (5, 2) 0.0000000003261046 - * (5, 3) 0.0000000000000470 - * - * (6,-3) 0.0000000000000001 - * (6,-2) 0.0000000000008591 - * (6,-1) 0.0000000001222775 - * (6, 0) 0.0000000005564928 - * (6, 1) 0.0000000001222775 - * (6, 2) 0.0000000000008591 - * (6, 3) 0.0000000000000001 - * - * p_sum 0.9999999999999999 - * - * entropy = 2.2879 bits/tuple (1171 bits) - */ - -#include "bliss_huffman_code.h" - -static bliss_huffman_code_node_t nodes[] = { - { 1, 96, -1 }, /* 0: */ - { 2, 93, -1 }, /* 1: */ - { 3, 4, -1 }, /* 2: */ - { -1, -1, 10 }, /* 3: (1, 0) 3 bits */ - { 5, 8, -1 }, /* 4: */ - { 6, 7, -1 }, /* 5: */ - { -1, -1, 11 }, /* 6: (1, 1) 5 bits */ - { -1, -1, 9 }, /* 7: (1,-1) 5 bits */ - { 9, 10, -1 }, /* 8: */ - { -1, -1, 17 }, /* 9: (2, 0) 5 bits */ - { 11, 92, -1 }, /* 10: */ - { 12, 13, -1 }, /* 11: */ - { -1, -1, 16 }, /* 12: (2,-1) 7 bits */ - { 14, 89, -1 }, /* 13: */ - { 15, 16, -1 }, /* 14: */ - { -1, -1, 24 }, /* 15: (3, 0) 9 bits */ - { 17, 86, -1 }, /* 16: */ - { 18, 85, -1 }, /* 17: */ - { 19, 20, -1 }, /* 18: */ - { -1, -1, 8 }, /* 19: (1,-2) 12 bits */ - { 21, 84, -1 }, /* 20: */ - { 22, 53, -1 }, /* 21: */ - { 23, 38, -1 }, /* 22: */ - { 24, 31, -1 }, /* 23: */ - { 25, 28, -1 }, /* 24: */ - { 26, 27, -1 }, /* 25: */ - { -1, -1, 15 }, /* 26: (2,-2) 18 bits */ - { -1, -1, 31 }, /* 27: (4, 0) 18 bits */ - { 29, 30, -1 }, /* 28: */ - { -1, -1, 32 }, /* 29: (4, 1) 18 bits */ - { -1, -1, 30 }, /* 30: (4,-1) 18 bits */ - { 32, 35, -1 }, /* 31: */ - { 33, 34, -1 }, /* 32: */ - { -1, -1, 26 }, /* 33: (3, 2) 18 bits */ - { -1, -1, 22 }, /* 34: (3,-2) 18 bits */ - { 36, 37, -1 }, /* 35: */ - { -1, -1, 38 }, /* 36: (5, 0) 18 bits */ - { -1, -1, 6 }, /* 37: (0, 3) 18 bits */ - { 39, 46, -1 }, /* 38: */ - { 40, 43, -1 }, /* 39: */ - { 41, 42, -1 }, /* 40: */ - { -1, -1, 0 }, /* 41: (0,-3) 18 bits */ - { -1, -1, 39 }, /* 42: (5, 1) 18 bits */ - { 44, 45, -1 }, /* 43: */ - { -1, -1, 37 }, /* 44: (5,-1) 18 bits */ - { -1, -1, 33 }, /* 45: (4, 2) 18 bits */ - { 47, 50, -1 }, /* 46: */ - { 48, 49, -1 }, /* 47: */ - { -1, -1, 29 }, /* 48: (4,-2) 18 bits */ - { -1, -1, 13 }, /* 49: (1, 3) 18 bits */ - { 51, 52, -1 }, /* 50: */ - { -1, -1, 7 }, /* 51: (1,-3) 18 bits */ - { -1, -1, 20 }, /* 52: (2, 3) 18 bits */ - { 54, 69, -1 }, /* 53: */ - { 55, 62, -1 }, /* 54: */ - { 56, 59, -1 }, /* 55: */ - { 57, 58, -1 }, /* 56: */ - { -1, -1, 14 }, /* 57: (2,-3) 18 bits */ - { -1, -1, 45 }, /* 58: (6, 0) 18 bits */ - { 60, 61, -1 }, /* 59: */ - { -1, -1, 40 }, /* 60: (5, 2) 18 bits */ - { -1, -1, 36 }, /* 61: (5,-2) 18 bits */ - { 63, 66, -1 }, /* 62: */ - { 64, 65, -1 }, /* 63: */ - { -1, -1, 27 }, /* 64: (3, 3) 18 bits */ - { -1, -1, 21 }, /* 65: (3,-3) 18 bits */ - { 67, 68, -1 }, /* 66: */ - { -1, -1, 46 }, /* 67: (6, 1) 18 bits */ - { -1, -1, 44 }, /* 68: (6,-1) 18 bits */ - { 70, 77, -1 }, /* 69: */ - { 71, 74, -1 }, /* 70: */ - { 72, 73, -1 }, /* 71: */ - { -1, -1, 34 }, /* 72: (4, 3) 18 bits */ - { -1, -1, 28 }, /* 73: (4,-3) 18 bits */ - { 75, 76, -1 }, /* 74: */ - { -1, -1, 47 }, /* 75: (6, 2) 18 bits */ - { -1, -1, 43 }, /* 76: (6,-2) 18 bits */ - { 78, 81, -1 }, /* 77: */ - { 79, 80, -1 }, /* 78: */ - { -1, -1, 41 }, /* 79: (5, 3) 18 bits */ - { -1, -1, 35 }, /* 80: (5,-3) 18 bits */ - { 82, 83, -1 }, /* 81: */ - { -1, -1, 48 }, /* 82: (6, 3) 18 bits */ - { -1, -1, 42 }, /* 83: (6,-3) 18 bits */ - { -1, -1, 19 }, /* 84: (2, 2) 13 bits */ - { -1, -1, 25 }, /* 85: (3, 1) 11 bits */ - { 87, 88, -1 }, /* 86: */ - { -1, -1, 23 }, /* 87: (3,-1) 11 bits */ - { -1, -1, 12 }, /* 88: (1, 2) 11 bits */ - { 90, 91, -1 }, /* 89: */ - { -1, -1, 5 }, /* 90: (0, 2) 9 bits */ - { -1, -1, 1 }, /* 91: (0,-2) 9 bits */ - { -1, -1, 18 }, /* 92: (2, 1) 6 bits */ - { 94, 95, -1 }, /* 93: */ - { -1, -1, 4 }, /* 94: (0, 1) 3 bits */ - { -1, -1, 2 }, /* 95: (0,-1) 3 bits */ - { -1, -1, 3 }, /* 96: (0, 0) 1 bit */ -}; - -static bliss_huffman_code_tuple_t tuples[] = { - { 59976, 18 }, /* 0: (0,-3) 001110101001001000 */ - { 119, 9 }, /* 1: (0,-2) 001110111 */ - { 3, 3 }, /* 2: (0,-1) 011 */ - { 1, 1 }, /* 3: (0, 0) 1 */ - { 2, 3 }, /* 4: (0, 1) 010 */ - { 118, 9 }, /* 5: (0, 2) 001110110 */ - { 59975, 18 }, /* 6: (0, 3) 001110101001000111 */ - - { 59982, 18 }, /* 7: (1,-3) 001110101001001110 */ - { 936, 12 }, /* 8: (1,-2) 001110101000 */ - { 5, 5 }, /* 9: (1,-1) 00101 */ - { 0, 3 }, /* 10: (1, 0) 000 */ - { 4, 5 }, /* 11: (1, 1) 00100 */ - { 471, 11 }, /* 12: (1, 2) 00111010111 */ - { 59981, 18 }, /* 13: (1, 3) 001110101001001101 */ - - { 59984, 18 }, /* 14: (2,-3) 001110101001010000 */ - { 59968, 18 }, /* 15: (2,-2) 001110101001000000 */ - { 28, 7 }, /* 16: (2,-1) 0011100 */ - { 6, 5 }, /* 17: (2, 0) 00110 */ - { 15, 6 }, /* 18: (2, 1) 001111 */ - { 1875, 13 }, /* 19: (2, 2) 0011101010011 */ - { 59983, 18 }, /* 20: (2, 3) 001110101001001111 */ - - { 59989, 18 }, /* 21: (3,-3) 001110101001010101 */ - { 59973, 18 }, /* 22: (3,-2) 001110101001000101 */ - { 470, 11 }, /* 23: (3,-1) 00111010110 */ - { 116, 9 }, /* 24: (3, 0) 001110100 */ - { 469, 11 }, /* 25: (3, 1) 00111010101 */ - { 59972, 18 }, /* 26: (3, 2) 001110101001000100 */ - { 59988, 18 }, /* 27: (3, 3) 001110101001010100 */ - - { 59993, 18 }, /* 28: (4,-3) 001110101001011001 */ - { 59980, 18 }, /* 29: (4,-2) 001110101001001100 */ - { 59971, 18 }, /* 30: (4,-1) 001110101001000011 */ - { 59969, 18 }, /* 31: (4, 0) 001110101001000001 */ - { 59970, 18 }, /* 32: (4, 1) 001110101001000010 */ - { 59979, 18 }, /* 33: (4, 2) 001110101001001011 */ - { 59992, 18 }, /* 34: (4, 3) 001110101001011000 */ - - { 59997, 18 }, /* 35: (5,-3) 001110101001011101 */ - { 59987, 18 }, /* 36: (5,-2) 001110101001010011 */ - { 59978, 18 }, /* 37: (5,-1) 001110101001001010 */ - { 59974, 18 }, /* 38: (5, 0) 001110101001000110 */ - { 59977, 18 }, /* 39: (5, 1) 001110101001001001 */ - { 59986, 18 }, /* 40: (5, 2) 001110101001010010 */ - { 59996, 18 }, /* 41: (5, 3) 001110101001011100 */ - - { 59999, 18 }, /* 42: (6,-3) 001110101001011111 */ - { 59995, 18 }, /* 43: (6,-2) 001110101001011011 */ - { 59991, 18 }, /* 44: (6,-1) 001110101001010111 */ - { 59985, 18 }, /* 45: (6, 0) 001110101001010001 */ - { 59990, 18 }, /* 46: (6, 1) 001110101001010110 */ - { 59994, 18 }, /* 47: (6, 2) 001110101001011010 */ - { 59998, 18 }, /* 48: (6, 3) 001110101001011110 */ -}; - -/* code_length = 2.3227 bits/tuple (1190 bits) */ - -bliss_huffman_code_t bliss_huffman_code_3 = { - .n_z1 = 7, - .n_z2 = 4, - .tuples = tuples, - .nodes = nodes -}; diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_code_4.c b/src/libstrongswan/plugins/bliss/bliss_huffman_code_4.c deleted file mode 100644 index 135b777b4f..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_code_4.c +++ /dev/null @@ -1,434 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Optimum Huffman code for BLISS-X signatures - * - * This file has been automatically generated by the bliss_huffman utility - * Do not edit manually! - */ - -/* - * Design: sigma = 271 - * - * i p_z1[i] - * 0 0.6551621276225426 0 .. 256 - * 1 0.2859860850630749 256 .. 512 - * 2 0.0542541135599810 512 .. 768 - * 3 0.0044399624814222 768 .. 1024 - * 4 0.0001553928373912 1024 .. 1280 - * 5 0.0000023066278552 1280 .. 1536 - * 6 0.0000000118077330 1536 .. 1613 - * - * k p_z2[k] dx = 256 - * -6 0.0000001026458579 -1663.5 ..-1407.5 - * -5 0.0000106295703648 -1407.5 ..-1151.5 - * -4 0.0004651193817805 -1151.5 .. -895.5 - * -3 0.0086670703658387 -895.5 .. -639.5 - * -2 0.0693723939195647 -639.5 .. -383.5 - * -1 0.2404908493690626 -383.5 .. -127.5 - * 0 0.3619876694950614 -127.5 .. 127.5 - * 1 0.2404908493690626 127.5 .. 383.5 - * 2 0.0693723939195647 383.5 .. 639.5 - * 3 0.0086670703658387 639.5 .. 895.5 - * 4 0.0004651193817805 895.5 .. 1151.5 - * 5 0.0000106295703648 1151.5 .. 1407.5 - * 6 0.0000001026458579 1407.5 .. 1663.5 - * - * (i, k) p - * (0,-6) 0.0000000672496787 - * (0,-5) 0.0000069640919359 - * (0,-4) 0.0003047286037658 - * (0,-3) 0.0056783362611372 - * (0,-2) 0.0454501651986111 - * (0,-1) 0.1575604965463875 - * (0, 0) 0.2371606117195102 - * (0, 1) 0.1575604965463875 - * (0, 2) 0.0454501651986111 - * (0, 3) 0.0056783362611372 - * (0, 4) 0.0003047286037658 - * (0, 5) 0.0000069640919359 - * (0, 6) 0.0000000672496787 - * - * (1,-6) 0.0000000293552870 - * (1,-5) 0.0000030399092145 - * (1,-4) 0.0001330176710824 - * (1,-3) 0.0024786615228924 - * (1,-2) 0.0198395393485098 - * (1,-1) 0.0687770365045519 - * (1, 0) 0.1035234364399989 - * (1, 1) 0.0687770365045519 - * (1, 2) 0.0198395393485098 - * (1, 3) 0.0024786615228924 - * (1, 4) 0.0001330176710824 - * (1, 5) 0.0000030399092145 - * (1, 6) 0.0000000293552870 - * - * (2,-6) 0.0000000055689600 - * (2,-5) 0.0000005766979177 - * (2,-4) 0.0000252346397581 - * (2,-3) 0.0004702242198606 - * (2,-2) 0.0037637377376398 - * (2,-1) 0.0130476178518054 - * (2, 0) 0.0196393201280979 - * (2, 1) 0.0130476178518054 - * (2, 2) 0.0037637377376398 - * (2, 3) 0.0004702242198606 - * (2, 4) 0.0000252346397581 - * (2, 5) 0.0000005766979177 - * (2, 6) 0.0000000055689600 - * - * (3,-6) 0.0000000004557438 - * (3,-5) 0.0000000471948936 - * (3,-4) 0.0000020651126045 - * (3,-3) 0.0000384814672482 - * (3,-2) 0.0003080108262493 - * (3,-1) 0.0010677703483240 - * (3, 0) 0.0016072116712955 - * (3, 1) 0.0010677703483240 - * (3, 2) 0.0003080108262493 - * (3, 3) 0.0000384814672482 - * (3, 4) 0.0000020651126045 - * (3, 5) 0.0000000471948936 - * (3, 6) 0.0000000004557438 - * - * (4,-6) 0.0000000000159504 - * (4,-5) 0.0000000016517591 - * (4,-4) 0.0000000722762205 - * (4,-3) 0.0000013468006560 - * (4,-2) 0.0000107799731278 - * (4,-1) 0.0000373705554501 - * (4, 0) 0.0000562502910635 - * (4, 1) 0.0000373705554501 - * (4, 2) 0.0000107799731278 - * (4, 3) 0.0000013468006560 - * (4, 4) 0.0000000722762205 - * (4, 5) 0.0000000016517591 - * (4, 6) 0.0000000000159504 - * - * (5,-6) 0.0000000000002368 - * (5,-5) 0.0000000000245185 - * (5,-4) 0.0000000010728573 - * (5,-3) 0.0000000199917059 - * (5,-2) 0.0000001600162962 - * (5,-1) 0.0000005547228921 - * (5, 0) 0.0000008349708417 - * (5, 1) 0.0000005547228921 - * (5, 2) 0.0000001600162962 - * (5, 3) 0.0000000199917059 - * (5, 4) 0.0000000010728573 - * (5, 5) 0.0000000000245185 - * (5, 6) 0.0000000000002368 - * - * (6,-6) 0.0000000000000012 - * (6,-5) 0.0000000000001255 - * (6,-4) 0.0000000000054920 - * (6,-3) 0.0000000001023385 - * (6,-2) 0.0000000008191307 - * (6,-1) 0.0000000028396517 - * (6, 0) 0.0000000042742538 - * (6, 1) 0.0000000028396517 - * (6, 2) 0.0000000008191307 - * (6, 3) 0.0000000001023385 - * (6, 4) 0.0000000000054920 - * (6, 5) 0.0000000000001255 - * (6, 6) 0.0000000000000012 - * - * p_sum 1.0000000000000011 - * - * entropy = 3.3640 bits/tuple (1722 bits) - */ - -#include "bliss_huffman_code.h" - -static bliss_huffman_code_node_t nodes[] = { - { 1, 160, -1 }, /* 0: */ - { 2, 5, -1 }, /* 1: */ - { 3, 4, -1 }, /* 2: */ - { -1, -1, 7 }, /* 3: (0, 1) 3 bits */ - { -1, -1, 5 }, /* 4: (0,-1) 3 bits */ - { 6, 157, -1 }, /* 5: */ - { 7, 156, -1 }, /* 6: */ - { 8, 11, -1 }, /* 7: */ - { 9, 10, -1 }, /* 8: */ - { -1, -1, 17 }, /* 9: (1,-2) 6 bits */ - { -1, -1, 32 }, /* 10: (2, 0) 6 bits */ - { 12, 155, -1 }, /* 11: */ - { 13, 18, -1 }, /* 12: */ - { 14, 15, -1 }, /* 13: */ - { -1, -1, 3 }, /* 14: (0,-3) 8 bits */ - { 16, 17, -1 }, /* 15: */ - { -1, -1, 22 }, /* 16: (1, 3) 9 bits */ - { -1, -1, 16 }, /* 17: (1,-3) 9 bits */ - { 19, 154, -1 }, /* 18: */ - { 20, 23, -1 }, /* 19: */ - { 21, 22, -1 }, /* 20: */ - { -1, -1, 46 }, /* 21: (3, 1) 10 bits */ - { -1, -1, 44 }, /* 22: (3,-1) 10 bits */ - { 24, 151, -1 }, /* 23: */ - { 25, 88, -1 }, /* 24: */ - { 26, 57, -1 }, /* 25: */ - { 27, 42, -1 }, /* 26: */ - { 28, 35, -1 }, /* 27: */ - { 29, 32, -1 }, /* 28: */ - { 30, 31, -1 }, /* 29: */ - { -1, -1, 2 }, /* 30: (0,-4) 16 bits */ - { -1, -1, 23 }, /* 31: (1, 4) 16 bits */ - { 33, 34, -1 }, /* 32: */ - { -1, -1, 15 }, /* 33: (1,-4) 16 bits */ - { -1, -1, 58 }, /* 34: (4, 0) 16 bits */ - { 36, 39, -1 }, /* 35: */ - { 37, 38, -1 }, /* 36: */ - { -1, -1, 48 }, /* 37: (3, 3) 16 bits */ - { -1, -1, 42 }, /* 38: (3,-3) 16 bits */ - { 40, 41, -1 }, /* 39: */ - { -1, -1, 59 }, /* 40: (4, 1) 16 bits */ - { -1, -1, 57 }, /* 41: (4,-1) 16 bits */ - { 43, 50, -1 }, /* 42: */ - { 44, 47, -1 }, /* 43: */ - { 45, 46, -1 }, /* 44: */ - { -1, -1, 36 }, /* 45: (2, 4) 16 bits */ - { -1, -1, 28 }, /* 46: (2,-4) 16 bits */ - { 48, 49, -1 }, /* 47: */ - { -1, -1, 60 }, /* 48: (4, 2) 16 bits */ - { -1, -1, 56 }, /* 49: (4,-2) 16 bits */ - { 51, 54, -1 }, /* 50: */ - { 52, 53, -1 }, /* 51: */ - { -1, -1, 11 }, /* 52: (0, 5) 16 bits */ - { -1, -1, 1 }, /* 53: (0,-5) 16 bits */ - { 55, 56, -1 }, /* 54: */ - { -1, -1, 24 }, /* 55: (1, 5) 16 bits */ - { -1, -1, 14 }, /* 56: (1,-5) 16 bits */ - { 58, 73, -1 }, /* 57: */ - { 59, 66, -1 }, /* 58: */ - { 60, 63, -1 }, /* 59: */ - { 61, 62, -1 }, /* 60: */ - { -1, -1, 49 }, /* 61: (3, 4) 16 bits */ - { -1, -1, 41 }, /* 62: (3,-4) 16 bits */ - { 64, 65, -1 }, /* 63: */ - { -1, -1, 61 }, /* 64: (4, 3) 16 bits */ - { -1, -1, 55 }, /* 65: (4,-3) 16 bits */ - { 67, 70, -1 }, /* 66: */ - { 68, 69, -1 }, /* 67: */ - { -1, -1, 71 }, /* 68: (5, 0) 16 bits */ - { -1, -1, 37 }, /* 69: (2, 5) 16 bits */ - { 71, 72, -1 }, /* 70: */ - { -1, -1, 27 }, /* 71: (2,-5) 16 bits */ - { -1, -1, 72 }, /* 72: (5, 1) 16 bits */ - { 74, 81, -1 }, /* 73: */ - { 75, 78, -1 }, /* 74: */ - { 76, 77, -1 }, /* 75: */ - { -1, -1, 70 }, /* 76: (5,-1) 16 bits */ - { -1, -1, 73 }, /* 77: (5, 2) 16 bits */ - { 79, 80, -1 }, /* 78: */ - { -1, -1, 69 }, /* 79: (5,-2) 16 bits */ - { -1, -1, 62 }, /* 80: (4, 4) 16 bits */ - { 82, 85, -1 }, /* 81: */ - { 83, 84, -1 }, /* 82: */ - { -1, -1, 54 }, /* 83: (4,-4) 16 bits */ - { -1, -1, 12 }, /* 84: (0, 6) 16 bits */ - { 86, 87, -1 }, /* 85: */ - { -1, -1, 0 }, /* 86: (0,-6) 16 bits */ - { -1, -1, 50 }, /* 87: (3, 5) 16 bits */ - { 89, 120, -1 }, /* 88: */ - { 90, 105, -1 }, /* 89: */ - { 91, 98, -1 }, /* 90: */ - { 92, 95, -1 }, /* 91: */ - { 93, 94, -1 }, /* 92: */ - { -1, -1, 40 }, /* 93: (3,-5) 16 bits */ - { -1, -1, 25 }, /* 94: (1, 6) 16 bits */ - { 96, 97, -1 }, /* 95: */ - { -1, -1, 13 }, /* 96: (1,-6) 16 bits */ - { -1, -1, 74 }, /* 97: (5, 3) 16 bits */ - { 99, 102, -1 }, /* 98: */ - { 100, 101, -1 }, /* 99: */ - { -1, -1, 68 }, /* 100: (5,-3) 16 bits */ - { -1, -1, 38 }, /* 101: (2, 6) 16 bits */ - { 103, 104, -1 }, /* 102: */ - { -1, -1, 26 }, /* 103: (2,-6) 16 bits */ - { -1, -1, 84 }, /* 104: (6, 0) 16 bits */ - { 106, 113, -1 }, /* 105: */ - { 107, 110, -1 }, /* 106: */ - { 108, 109, -1 }, /* 107: */ - { -1, -1, 85 }, /* 108: (6, 1) 16 bits */ - { -1, -1, 83 }, /* 109: (6,-1) 16 bits */ - { 111, 112, -1 }, /* 110: */ - { -1, -1, 63 }, /* 111: (4, 5) 16 bits */ - { -1, -1, 53 }, /* 112: (4,-5) 16 bits */ - { 114, 117, -1 }, /* 113: */ - { 115, 116, -1 }, /* 114: */ - { -1, -1, 75 }, /* 115: (5, 4) 16 bits */ - { -1, -1, 67 }, /* 116: (5,-4) 16 bits */ - { 118, 119, -1 }, /* 117: */ - { -1, -1, 86 }, /* 118: (6, 2) 16 bits */ - { -1, -1, 82 }, /* 119: (6,-2) 16 bits */ - { 121, 136, -1 }, /* 120: */ - { 122, 129, -1 }, /* 121: */ - { 123, 126, -1 }, /* 122: */ - { 124, 125, -1 }, /* 123: */ - { -1, -1, 51 }, /* 124: (3, 6) 16 bits */ - { -1, -1, 39 }, /* 125: (3,-6) 16 bits */ - { 127, 128, -1 }, /* 126: */ - { -1, -1, 87 }, /* 127: (6, 3) 16 bits */ - { -1, -1, 81 }, /* 128: (6,-3) 16 bits */ - { 130, 133, -1 }, /* 129: */ - { 131, 132, -1 }, /* 130: */ - { -1, -1, 76 }, /* 131: (5, 5) 16 bits */ - { -1, -1, 66 }, /* 132: (5,-5) 16 bits */ - { 134, 135, -1 }, /* 133: */ - { -1, -1, 64 }, /* 134: (4, 6) 16 bits */ - { -1, -1, 52 }, /* 135: (4,-6) 16 bits */ - { 137, 144, -1 }, /* 136: */ - { 138, 141, -1 }, /* 137: */ - { 139, 140, -1 }, /* 138: */ - { -1, -1, 88 }, /* 139: (6, 4) 16 bits */ - { -1, -1, 80 }, /* 140: (6,-4) 16 bits */ - { 142, 143, -1 }, /* 141: */ - { -1, -1, 77 }, /* 142: (5, 6) 16 bits */ - { -1, -1, 65 }, /* 143: (5,-6) 16 bits */ - { 145, 148, -1 }, /* 144: */ - { 146, 147, -1 }, /* 145: */ - { -1, -1, 89 }, /* 146: (6, 5) 16 bits */ - { -1, -1, 79 }, /* 147: (6,-5) 16 bits */ - { 149, 150, -1 }, /* 148: */ - { -1, -1, 90 }, /* 149: (6, 6) 16 bits */ - { -1, -1, 78 }, /* 150: (6,-6) 16 bits */ - { 152, 153, -1 }, /* 151: */ - { -1, -1, 29 }, /* 152: (2,-3) 11 bits */ - { -1, -1, 47 }, /* 153: (3, 2) 11 bits */ - { -1, -1, 34 }, /* 154: (2, 2) 8 bits */ - { -1, -1, 33 }, /* 155: (2, 1) 6 bits */ - { -1, -1, 20 }, /* 156: (1, 1) 4 bits */ - { 158, 159, -1 }, /* 157: */ - { -1, -1, 18 }, /* 158: (1,-1) 4 bits */ - { -1, -1, 8 }, /* 159: (0, 2) 4 bits */ - { 161, 162, -1 }, /* 160: */ - { -1, -1, 6 }, /* 161: (0, 0) 2 bits */ - { 163, 164, -1 }, /* 162: */ - { -1, -1, 19 }, /* 163: (1, 0) 3 bits */ - { 165, 166, -1 }, /* 164: */ - { -1, -1, 4 }, /* 165: (0,-2) 4 bits */ - { 167, 180, -1 }, /* 166: */ - { 168, 169, -1 }, /* 167: */ - { -1, -1, 31 }, /* 168: (2,-1) 6 bits */ - { 170, 179, -1 }, /* 169: */ - { 171, 172, -1 }, /* 170: */ - { -1, -1, 30 }, /* 171: (2,-2) 8 bits */ - { 173, 174, -1 }, /* 172: */ - { -1, -1, 45 }, /* 173: (3, 0) 9 bits */ - { 175, 178, -1 }, /* 174: */ - { 176, 177, -1 }, /* 175: */ - { -1, -1, 43 }, /* 176: (3,-2) 11 bits */ - { -1, -1, 10 }, /* 177: (0, 4) 11 bits */ - { -1, -1, 35 }, /* 178: (2, 3) 10 bits */ - { -1, -1, 9 }, /* 179: (0, 3) 7 bits */ - { -1, -1, 21 }, /* 180: (1, 2) 5 bits */ -}; - -static bliss_huffman_code_tuple_t tuples[] = { - { 19102, 16 }, /* 0: (0,-6) 0100101010011110 */ - { 19085, 16 }, /* 1: (0,-5) 0100101010001101 */ - { 19072, 16 }, /* 2: (0,-4) 0100101010000000 */ - { 72, 8 }, /* 3: (0,-3) 01001000 */ - { 14, 4 }, /* 4: (0,-2) 1110 */ - { 1, 3 }, /* 5: (0,-1) 001 */ - { 2, 2 }, /* 6: (0, 0) 10 */ - { 0, 3 }, /* 7: (0, 1) 000 */ - { 7, 4 }, /* 8: (0, 2) 0111 */ - { 123, 7 }, /* 9: (0, 3) 1111011 */ - { 1965, 11 }, /* 10: (0, 4) 11110101101 */ - { 19084, 16 }, /* 11: (0, 5) 0100101010001100 */ - { 19101, 16 }, /* 12: (0, 6) 0100101010011101 */ - - { 19106, 16 }, /* 13: (1,-6) 0100101010100010 */ - { 19087, 16 }, /* 14: (1,-5) 0100101010001111 */ - { 19074, 16 }, /* 15: (1,-4) 0100101010000010 */ - { 147, 9 }, /* 16: (1,-3) 010010011 */ - { 16, 6 }, /* 17: (1,-2) 010000 */ - { 6, 4 }, /* 18: (1,-1) 0110 */ - { 6, 3 }, /* 19: (1, 0) 110 */ - { 5, 4 }, /* 20: (1, 1) 0101 */ - { 31, 5 }, /* 21: (1, 2) 11111 */ - { 146, 9 }, /* 22: (1, 3) 010010010 */ - { 19073, 16 }, /* 23: (1, 4) 0100101010000001 */ - { 19086, 16 }, /* 24: (1, 5) 0100101010001110 */ - { 19105, 16 }, /* 25: (1, 6) 0100101010100001 */ - - { 19110, 16 }, /* 26: (2,-6) 0100101010100110 */ - { 19094, 16 }, /* 27: (2,-5) 0100101010010110 */ - { 19081, 16 }, /* 28: (2,-4) 0100101010001001 */ - { 598, 11 }, /* 29: (2,-3) 01001010110 */ - { 244, 8 }, /* 30: (2,-2) 11110100 */ - { 60, 6 }, /* 31: (2,-1) 111100 */ - { 17, 6 }, /* 32: (2, 0) 010001 */ - { 19, 6 }, /* 33: (2, 1) 010011 */ - { 75, 8 }, /* 34: (2, 2) 01001011 */ - { 983, 10 }, /* 35: (2, 3) 1111010111 */ - { 19080, 16 }, /* 36: (2, 4) 0100101010001000 */ - { 19093, 16 }, /* 37: (2, 5) 0100101010010101 */ - { 19109, 16 }, /* 38: (2, 6) 0100101010100101 */ - - { 19121, 16 }, /* 39: (3,-6) 0100101010110001 */ - { 19104, 16 }, /* 40: (3,-5) 0100101010100000 */ - { 19089, 16 }, /* 41: (3,-4) 0100101010010001 */ - { 19077, 16 }, /* 42: (3,-3) 0100101010000101 */ - { 1964, 11 }, /* 43: (3,-2) 11110101100 */ - { 297, 10 }, /* 44: (3,-1) 0100101001 */ - { 490, 9 }, /* 45: (3, 0) 111101010 */ - { 296, 10 }, /* 46: (3, 1) 0100101000 */ - { 599, 11 }, /* 47: (3, 2) 01001010111 */ - { 19076, 16 }, /* 48: (3, 3) 0100101010000100 */ - { 19088, 16 }, /* 49: (3, 4) 0100101010010000 */ - { 19103, 16 }, /* 50: (3, 5) 0100101010011111 */ - { 19120, 16 }, /* 51: (3, 6) 0100101010110000 */ - - { 19127, 16 }, /* 52: (4,-6) 0100101010110111 */ - { 19115, 16 }, /* 53: (4,-5) 0100101010101011 */ - { 19100, 16 }, /* 54: (4,-4) 0100101010011100 */ - { 19091, 16 }, /* 55: (4,-3) 0100101010010011 */ - { 19083, 16 }, /* 56: (4,-2) 0100101010001011 */ - { 19079, 16 }, /* 57: (4,-1) 0100101010000111 */ - { 19075, 16 }, /* 58: (4, 0) 0100101010000011 */ - { 19078, 16 }, /* 59: (4, 1) 0100101010000110 */ - { 19082, 16 }, /* 60: (4, 2) 0100101010001010 */ - { 19090, 16 }, /* 61: (4, 3) 0100101010010010 */ - { 19099, 16 }, /* 62: (4, 4) 0100101010011011 */ - { 19114, 16 }, /* 63: (4, 5) 0100101010101010 */ - { 19126, 16 }, /* 64: (4, 6) 0100101010110110 */ - - { 19131, 16 }, /* 65: (5,-6) 0100101010111011 */ - { 19125, 16 }, /* 66: (5,-5) 0100101010110101 */ - { 19117, 16 }, /* 67: (5,-4) 0100101010101101 */ - { 19108, 16 }, /* 68: (5,-3) 0100101010100100 */ - { 19098, 16 }, /* 69: (5,-2) 0100101010011010 */ - { 19096, 16 }, /* 70: (5,-1) 0100101010011000 */ - { 19092, 16 }, /* 71: (5, 0) 0100101010010100 */ - { 19095, 16 }, /* 72: (5, 1) 0100101010010111 */ - { 19097, 16 }, /* 73: (5, 2) 0100101010011001 */ - { 19107, 16 }, /* 74: (5, 3) 0100101010100011 */ - { 19116, 16 }, /* 75: (5, 4) 0100101010101100 */ - { 19124, 16 }, /* 76: (5, 5) 0100101010110100 */ - { 19130, 16 }, /* 77: (5, 6) 0100101010111010 */ - - { 19135, 16 }, /* 78: (6,-6) 0100101010111111 */ - { 19133, 16 }, /* 79: (6,-5) 0100101010111101 */ - { 19129, 16 }, /* 80: (6,-4) 0100101010111001 */ - { 19123, 16 }, /* 81: (6,-3) 0100101010110011 */ - { 19119, 16 }, /* 82: (6,-2) 0100101010101111 */ - { 19113, 16 }, /* 83: (6,-1) 0100101010101001 */ - { 19111, 16 }, /* 84: (6, 0) 0100101010100111 */ - { 19112, 16 }, /* 85: (6, 1) 0100101010101000 */ - { 19118, 16 }, /* 86: (6, 2) 0100101010101110 */ - { 19122, 16 }, /* 87: (6, 3) 0100101010110010 */ - { 19128, 16 }, /* 88: (6, 4) 0100101010111000 */ - { 19132, 16 }, /* 89: (6, 5) 0100101010111100 */ - { 19134, 16 }, /* 90: (6, 6) 0100101010111110 */ -}; - -/* code_length = 3.3967 bits/tuple (1740 bits) */ - -bliss_huffman_code_t bliss_huffman_code_4 = { - .n_z1 = 7, - .n_z2 = 7, - .tuples = tuples, - .nodes = nodes -}; diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_coder.c b/src/libstrongswan/plugins/bliss/bliss_huffman_coder.c deleted file mode 100644 index 5133cc5159..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_coder.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_huffman_coder.h" - -typedef struct private_bliss_huffman_coder_t private_bliss_huffman_coder_t; - -/** - * Private data structure for bliss_huffman_coder_t object - */ -struct private_bliss_huffman_coder_t { - /** - * Public interface. - */ - bliss_huffman_coder_t public; - - /** - * Bitpacker to write to or read from - */ - bliss_bitpacker_t *packer; - - /** - * Huffman code table to be used - */ - bliss_huffman_code_t *code; - - /** - * Maximum index into tuples table - */ - int index_max; - - /** - * Number of encoded or decoded bits - */ - size_t bits; - -}; - -METHOD(bliss_huffman_coder_t, get_bits, size_t, - private_bliss_huffman_coder_t *this) -{ - return this->bits; -} - -METHOD(bliss_huffman_coder_t, encode, bool, - private_bliss_huffman_coder_t *this, int32_t z1, int16_t z2) -{ - uint32_t code; - uint16_t bits; - int index; - - index = z1 * (2*this->code->n_z2 - 1) + z2 + this->code->n_z2 - 1; - if (index >= this->index_max) - { - DBG1(DBG_LIB, "index exceeded in Huffman encoding table"); - return FALSE; - } - code = this->code->tuples[index].code; - bits = this->code->tuples[index].bits; - if (!this->packer->write_bits(this->packer, code, bits)) - { - DBG1(DBG_LIB, "bitpacker exceeded its buffer"); - return FALSE; - } - this->bits += bits; - - return TRUE; -} - -METHOD(bliss_huffman_coder_t, decode, bool, - private_bliss_huffman_coder_t *this, int32_t *z1, int16_t *z2) -{ - bliss_huffman_code_node_t *node; - uint32_t bit; - - node = this->code->nodes; - while (node->tuple == BLISS_HUFFMAN_CODE_NO_TUPLE) - { - if (node->node_0 == BLISS_HUFFMAN_CODE_NO_NODE || - node->node_1 == BLISS_HUFFMAN_CODE_NO_NODE) - { - DBG1(DBG_LIB, "error in Huffman decoding table"); - return FALSE; - } - if (!this->packer->read_bits(this->packer, &bit, 1)) - { - DBG1(DBG_LIB, "bitpacker depleted its buffer"); - return FALSE; - } - node = &this->code->nodes[bit ? node->node_1 : node->node_0]; - this->bits++; - } - *z1 = node->tuple / (2*this->code->n_z2 - 1); - *z2 = node->tuple - (2*this->code->n_z2 - 1) * (*z1) - this->code->n_z2 + 1; - - return TRUE; -} - -METHOD(bliss_huffman_coder_t, destroy, void, - private_bliss_huffman_coder_t *this) -{ - free(this); -} - -/** - * See header. - */ -bliss_huffman_coder_t *bliss_huffman_coder_create(bliss_huffman_code_t *code, - bliss_bitpacker_t *packer) -{ - private_bliss_huffman_coder_t *this; - - INIT(this, - .public = { - .get_bits = _get_bits, - .encode = _encode, - .decode = _decode, - .destroy = _destroy, - }, - .packer = packer, - .code = code, - .index_max = (2*code->n_z2 - 1) * code->n_z1, - ); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_huffman_coder.h b/src/libstrongswan/plugins/bliss/bliss_huffman_coder.h deleted file mode 100644 index 8621e2ec42..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_huffman_coder.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_huffman_coder bliss_huffman_coder - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_HUFFMAN_CODER_H_ -#define BLISS_HUFFMAN_CODER_H_ - -#include "bliss_huffman_code.h" -#include "bliss_bitpacker.h" - -#include - -typedef struct bliss_huffman_coder_t bliss_huffman_coder_t; - -/** - * Encodes and decodes binary Huffman codes - */ -struct bliss_huffman_coder_t { - - /** - * Get number of encoded or decoded bits - * - * @result Number of bits - */ - size_t (*get_bits)(bliss_huffman_coder_t *this); - - /** - * Encode a (z1, z2) tuple using a Huffman code - * - * @param z1 z1 value to be encoded - * @param z2 z2 value to be encoded - * @result TRUE if value could be encoded - */ - bool (*encode)(bliss_huffman_coder_t *this, int32_t z1, int16_t z2); - - - /** - * Decode a (z1, z2) tuple using a Huffman code - * - * @param z1 Decoded z1 value returned - * @param z2 Decoded z2 value returned - * @result TRUE if value could be decoded from bitpacker - */ - bool (*decode)(bliss_huffman_coder_t *this, int32_t *z1, int16_t *z2); - - /** - * Destroy bliss_huffman_coder_t object - */ - void (*destroy)(bliss_huffman_coder_t *this); -}; - -/** - * Create a bliss_huffman_coder_t object - * - * @param code Huffman code table - * @param packer Bitpacker to write to or read from - */ -bliss_huffman_coder_t* bliss_huffman_coder_create(bliss_huffman_code_t *code, - bliss_bitpacker_t *packer); - -#endif /** BLISS_HUFFMAN_CODER_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_param_set.c b/src/libstrongswan/plugins/bliss/bliss_param_set.c deleted file mode 100644 index 09c4bb05d8..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_param_set.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_param_set.h" - -#include - -ENUM(bliss_param_set_id_names, BLISS_I, BLISS_B_IV, - "BLISS-I", - "BLISS-II", - "BLISS-III", - "BLISS-IV", - "BLISS-B-I", - "BLISS-B-II", - "BLISS-B-III", - "BLISS-B-IV" -); - -/** - * sigma = 215, k_sigma = ceiling[ sqrt(2*ln 2) * sigma ] = 254 - * - * c[i] = exp(-2^i/f), i = 0..20, with f = k_sigma^2 / ln 2 = 93'076.9 - */ -static const uint8_t c_bliss_i[] = { - 255, 255, 75, 191, 247, 94, 30, 51, 147, 246, 89, 59, 99, 248, 26, 128, - 255, 254, 151, 128, 109, 166, 88, 143, 30, 175, 149, 20, 240, 81, 138, 111, - 255, 253, 47, 2, 214, 243, 188, 76, 236, 235, 40, 62, 54, 35, 33, 205, - 255, 250, 94, 13, 156, 120, 121, 216, 255, 120, 90, 11, 39, 232, 120, 111, - 255, 244, 188, 58, 242, 219, 157, 174, 6, 31, 131, 75, 88, 109, 112, 107, - 255, 233, 120, 244, 202, 151, 25, 10, 197, 109, 113, 255, 157, 89, 182, 141, - 255, 210, 243, 229, 18, 88, 50, 239, 130, 192, 12, 167, 62, 254, 211, 202, - 255, 165, 239, 183, 102, 186, 123, 249, 251, 59, 116, 143, 50, 174, 125, 198, - 255, 75, 255, 30, 65, 137, 228, 148, 14, 17, 113, 251, 81, 177, 151, 168, - 254, 152, 124, 205, 192, 136, 102, 79, 5, 62, 214, 95, 36, 223, 7, 20, - 253, 50, 242, 124, 187, 59, 68, 224, 90, 156, 53, 202, 9, 44, 191, 226, - 250, 109, 189, 110, 40, 124, 88, 12, 83, 78, 176, 86, 12, 102, 13, 41, - 244, 250, 133, 6, 3, 13, 45, 9, 120, 121, 150, 237, 69, 190, 62, 16, - 234, 110, 130, 187, 138, 174, 82, 229, 217, 154, 88, 138, 228, 153, 230, 13, - 214, 174, 54, 179, 117, 116, 223, 152, 97, 84, 31, 99, 68, 150, 122, 244, - 180, 7, 186, 2, 112, 3, 68, 13, 123, 133, 244, 184, 232, 216, 133, 18, - 126, 154, 221, 207, 32, 206, 66, 171, 94, 100, 164, 194, 117, 191, 1, 209, - 62, 156, 208, 7, 129, 173, 200, 3, 23, 248, 140, 60, 69, 217, 195, 235, - 15, 80, 84, 209, 213, 2, 107, 160, 1, 152, 43, 130, 93, 95, 241, 218, - 0, 234, 131, 37, 182, 53, 201, 231, 26, 2, 151, 161, 13, 214, 150, 145, - 0, 0, 214, 212, 4, 32, 184, 94, 84, 90, 244, 139, 48, 69, 33, 38 -}; - -/** - * sigma = 250, k_sigma = ceiling[ sqrt(2*ln 2) * sigma ] = 295 - * - * c[i] = exp(-2^i/f), i = 0..20, with f = k_sigma^2 / ln 2 = 125'550.5 - */ -static const uint8_t c_bliss_iii[] = { - 255, 255, 122, 95, 16, 128, 14, 195, 60, 90, 166, 191, 205, 26, 144, 204, - 255, 254, 244, 190, 102, 192, 187, 141, 169, 92, 33, 30, 170, 141, 184, 56, - 255, 253, 233, 125, 228, 131, 93, 148, 121, 92, 52, 122, 149, 96, 29, 66, - 255, 251, 211, 0, 37, 9, 199, 244, 213, 217, 122, 205, 171, 200, 198, 5, - 255, 247, 166, 17, 185, 251, 90, 150, 1, 28, 7, 205, 125, 46, 84, 201, - 255, 239, 76, 105, 50, 114, 159, 235, 215, 165, 204, 182, 125, 143, 228, 222, - 255, 222, 153, 233, 85, 187, 45, 204, 236, 229, 38, 180, 20, 161, 7, 167, - 255, 189, 56, 46, 38, 4, 83, 8, 151, 137, 136, 1, 9, 180, 58, 204, - 255, 122, 129, 199, 240, 52, 248, 193, 76, 26, 160, 32, 195, 250, 217, 25, - 254, 245, 73, 44, 68, 229, 150, 74, 228, 74, 124, 249, 123, 94, 108, 127, - 253, 235, 168, 56, 252, 93, 188, 160, 249, 137, 236, 65, 62, 182, 153, 63, - 251, 219, 163, 110, 233, 251, 114, 216, 230, 35, 59, 210, 107, 100, 184, 16, - 247, 200, 110, 236, 134, 237, 213, 111, 240, 149, 109, 22, 216, 213, 237, 145, - 239, 212, 98, 249, 238, 1, 227, 248, 242, 51, 211, 134, 154, 115, 189, 83, - 224, 174, 65, 2, 190, 158, 9, 6, 184, 13, 130, 104, 247, 102, 38, 160, - 197, 49, 104, 97, 61, 210, 19, 115, 208, 54, 91, 27, 209, 227, 33, 26, - 151, 229, 20, 46, 200, 238, 35, 134, 72, 183, 253, 160, 193, 155, 117, 103, - 90, 32, 10, 204, 78, 83, 191, 230, 0, 221, 219, 6, 43, 252, 185, 95, - 31, 186, 139, 154, 90, 155, 17, 9, 42, 139, 40, 111, 246, 175, 4, 15, - 3, 238, 181, 190, 138, 94, 50, 234, 128, 193, 95, 36, 65, 236, 170, 208, - 0, 15, 118, 216, 230, 142, 121, 211, 13, 168, 207, 126, 145, 176, 24, 201 -}; - -/** - * sigma = 271, k_sigma = ceiling[ sqrt(2*ln 2) * sigma ] = 320 - * - * c[i] = exp(-2^i/f), i = 0..21, with f = k_sigma^2 / ln 2 = 147'732.0 - */ -static const uint8_t c_bliss_iv[] = { - 255, 255, 142, 111, 102, 2, 141, 87, 150, 42, 18, 70, 6, 224, 18, 70, - 255, 255, 28, 222, 254, 102, 20, 78, 133, 78, 189, 107, 29, 7, 23, 193, - 255, 254, 57, 190, 198, 79, 181, 181, 108, 75, 142, 145, 45, 238, 193, 29, - 255, 252, 115, 128, 178, 170, 212, 166, 120, 157, 85, 96, 209, 180, 211, 83, - 255, 248, 231, 13, 253, 108, 245, 46, 238, 155, 30, 99, 141, 228, 149, 239, - 255, 241, 206, 78, 90, 132, 83, 172, 228, 179, 119, 115, 240, 51, 216, 6, - 255, 227, 157, 102, 46, 28, 61, 128, 58, 114, 174, 136, 8, 224, 133, 84, - 255, 199, 61, 242, 19, 216, 133, 241, 240, 22, 146, 43, 92, 57, 82, 248, - 255, 142, 136, 121, 160, 225, 119, 214, 241, 44, 159, 34, 133, 118, 96, 60, - 255, 29, 67, 61, 254, 49, 27, 152, 48, 124, 184, 87, 66, 214, 63, 133, - 254, 59, 79, 77, 206, 26, 238, 42, 69, 81, 191, 149, 146, 76, 255, 232, - 252, 121, 191, 28, 11, 107, 141, 223, 234, 42, 226, 50, 138, 102, 16, 97, - 248, 255, 234, 37, 109, 169, 103, 25, 240, 109, 93, 165, 177, 22, 133, 100, - 242, 48, 213, 124, 209, 49, 33, 48, 57, 237, 202, 62, 102, 132, 219, 48, - 229, 32, 92, 240, 188, 88, 70, 34, 179, 94, 244, 70, 25, 123, 76, 140, - 205, 18, 234, 94, 14, 226, 237, 76, 192, 18, 240, 50, 79, 63, 34, 96, - 164, 71, 76, 192, 111, 161, 157, 188, 19, 189, 133, 246, 67, 127, 6, 28, - 105, 107, 110, 50, 56, 199, 208, 174, 16, 95, 153, 106, 217, 198, 194, 179, - 43, 105, 77, 122, 127, 254, 146, 221, 44, 235, 61, 22, 179, 9, 113, 118, - 7, 92, 139, 87, 204, 239, 111, 200, 41, 129, 122, 49, 69, 113, 122, 239, - 0, 54, 49, 19, 64, 40, 218, 222, 60, 82, 186, 246, 64, 155, 184, 47, - 0, 0, 11, 120, 189, 135, 113, 62, 143, 175, 118, 239, 190, 120, 189, 250 -}; - -/** - * BLISS signature parameter set definitions - */ -static const bliss_param_set_t bliss_param_sets[] = { - - /* BLISS-I scheme */ - { - .id = BLISS_I, - .oid = OID_BLISS_I, - .strength = 128, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 154, - .non_zero2 = 0, - .kappa = 23, - .nks_max = 46479, - .p_max = 0, /* not needed */ - .sigma = 215, - .k_sigma = 254, - .k_sigma_bits = 8, - .c = c_bliss_i, - .c_cols = 16, - .c_rows = 21, - .z1_bits = 12, - .d = 10, - .p = 24, - .M = 46539, /* with alpha = 1.000 */ - .B_inf = 2047, /* reduced from 2100 due to 12 bit z1 encoding */ - .B_l2 = 12872 * 12872 - }, - - /* BLISS-III scheme */ - { - .id = BLISS_III, - .oid = OID_BLISS_III, - .strength = 160, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 216, - .non_zero2 = 16, - .kappa = 30, - .nks_max = 128626, - .p_max = 0, /* not needed */ - .sigma = 250, - .k_sigma = 295, - .k_sigma_bits = 9, - .c = c_bliss_iii, - .c_cols = 16, - .c_rows = 21, - .z1_bits = 12, - .d = 9, - .p = 48, - .M = 128113, /* with alpha = 0.700 */ - .B_inf = 1760, - .B_l2 = 10206 * 10206 - }, - - /* BLISS-IV scheme */ - { - .id = BLISS_IV, - .oid = OID_BLISS_IV, - .strength = 192, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 231, - .non_zero2 = 31, - .kappa = 39, - .nks_max = 244669, - .p_max = 0, /* not needed */ - .sigma = 271, - .k_sigma = 320, - .k_sigma_bits = 9, - .c = c_bliss_iv, - .c_cols = 16, - .c_rows = 22, - .z1_bits = 12, - .d = 8, - .p = 96, - .M = 244186, /* with alpha = 0.550 */ - .B_inf = 1613, - .B_l2 = 9901 * 9901 - }, - - /* BLISS-B-I scheme */ - { - .id = BLISS_B_I, - .oid = OID_BLISS_B_I, - .strength = 128, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 154, - .non_zero2 = 0, - .kappa = 23, - .nks_max = 0, /* not needed */ - .p_max = 17825, - .sigma = 215, - .k_sigma = 254, - .k_sigma_bits = 8, - .c = c_bliss_i, - .c_cols = 16, - .c_rows = 21, - .z1_bits = 12, - .d = 10, - .p = 24, - .M = 17954, /* with alpha = 1.610 */ - .B_inf = 2047, /* reduced from 2100 due to 12 bit z1 encoding */ - .B_l2 = 12872 * 12872 - }, - - /* BLISS-B-III scheme */ - { - .id = BLISS_B_III, - .oid = OID_BLISS_B_III, - .strength = 160, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 216, - .non_zero2 = 16, - .kappa = 30, - .nks_max = 0, /* not needed */ - .p_max = 42270, - .sigma = 250, - .k_sigma = 295, - .k_sigma_bits = 9, - .c = c_bliss_iii, - .c_cols = 16, - .c_rows = 21, - .z1_bits = 12, - .d = 9, - .p = 48, - .M = 42455, /* with alpha = 1.216 */ - .B_inf = 1760, - .B_l2 = 10206 * 10206 - }, - - /* BLISS-B-IV scheme */ - { - .id = BLISS_B_IV, - .oid = OID_BLISS_B_IV, - .strength = 192, - .q = 12289, - .q_bits = 14, - .q2_inv = 6145, - .n = 512, - .n_bits = 9, - .fft_params = &ntt_fft_12289_512, - .non_zero1 = 231, - .non_zero2 = 31, - .kappa = 39, - .nks_max = 0, /* not needed */ - .p_max = 69576, - .sigma = 271, - .k_sigma = 320, - .k_sigma_bits = 9, - .c = c_bliss_iv, - .c_cols = 16, - .c_rows = 22, - .z1_bits = 12, - .d = 8, - .p = 96, - .M = 70034, /* with alpha = 1.027 */ - .B_inf = 1613, - .B_l2 = 9901 * 9901 - } - -}; - -/** - * See header. - */ -const bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id) -{ - int i; - - for (i = 0; i < countof(bliss_param_sets); i++) - { - if (bliss_param_sets[i].id == id) - { - return &bliss_param_sets[i]; - } - } - return NULL; -} - - -/** - * See header. - */ -const bliss_param_set_t* bliss_param_set_get_by_oid(int oid) -{ - int i; - - for (i = 0; i < countof(bliss_param_sets); i++) - { - if (bliss_param_sets[i].oid == oid) - { - return &bliss_param_sets[i]; - } - } - return NULL; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_param_set.h b/src/libstrongswan/plugins/bliss/bliss_param_set.h deleted file mode 100644 index 768b252728..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_param_set.h +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_param_set bliss_param_set - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_PARAM_SET_H_ -#define BLISS_PARAM_SET_H_ - -typedef enum bliss_param_set_id_t bliss_param_set_id_t; -typedef struct bliss_param_set_t bliss_param_set_t; - -#include "ntt_fft_params.h" -#include "bliss_huffman_code.h" - -#include - -/** - * BLISS signature parameter set ID list - */ -enum bliss_param_set_id_t { - BLISS_I = 1, - BLISS_II = 2, - BLISS_III = 3, - BLISS_IV = 4, - BLISS_B_I = 5, - BLISS_B_II = 6, - BLISS_B_III = 7, - BLISS_B_IV = 8 -}; - -extern enum_name_t *bliss_param_set_id_names; - -/** - * BLISS - */ -struct bliss_param_set_t { - - /** - * BLISS parameter set ID - */ - const bliss_param_set_id_t id; - - /** - * BLISS parameter set OID - */ - const int oid; - - /** - * Security strength in bits - */ - const uint16_t strength; - - /** - * Prime modulus - */ - const uint16_t q; - - /** - * Number of bits in q - */ - const uint16_t q_bits; - - /** - * Inverse of (q + 2) mod 2q - */ - const uint16_t q2_inv; - - /** - * Ring dimension equal to the number of polynomial coefficients - */ - const uint16_t n; - - /** - * Number of bits in n - */ - const uint16_t n_bits; - - /** - * FFT parameters - */ - const ntt_fft_params_t *fft_params; - - /** - * Number of [-1, +1] secret key coefficients - */ - const uint16_t non_zero1; - - /** - * Number of [-2, +2] secret key coefficients - */ - const uint16_t non_zero2; - - /** - * Number of secret key terms that go into Nk(S) norm - */ - const uint16_t kappa; - - /** - * Maximum Nk(S) tolerable NK(S) norm (BLISS only) - */ - const uint32_t nks_max; - - /** - * Maximum value Pmax for ||Sc'||^2 norm (BLISS-B only) - */ - const uint32_t p_max; - - /** - * Standard deviation sigma - */ - const uint16_t sigma; - - /** - * k_sigma = ceiling[ sqrt(2*ln 2) * sigma ] - */ - const uint16_t k_sigma; - - /** - * Number of bits in k_sigma - */ - const uint16_t k_sigma_bits; - - /** - * Coefficients for Bernoulli sampling with exponential biases - */ - const uint8_t *c; - - /** - * Number of columns in Bernoulli coefficient table - */ - const size_t c_cols; - - /** - * Number of rows in Bernoulli coefficient table - */ - const size_t c_rows; - - /** - * Number of bits in z1 - */ - const uint16_t z1_bits; - - /** - * Number of z2 bits to be dropped after rounding - */ - const uint16_t d; - - /** - * Modulus p = floor(2q / 2^d) applied after bit dropping - */ - const uint16_t p; - - /** - * M = sigma^2 / alpha_rejection^2 - */ - const uint32_t M; - - /** - * B_infinity bound - */ - const uint16_t B_inf; - - /** - * B_verify bound - */ - const uint32_t B_l2; - -}; - -/** - * Get BLISS signature parameter set by BLISS parameter set ID - * - * @param id BLISS parameter set ID - * @return BLISS parameter set -*/ -const bliss_param_set_t* bliss_param_set_get_by_id(bliss_param_set_id_t id); - -/** - * Get BLISS signature parameter set by BLISS parameter set OID - * - * @param oid BLISS parameter set OID - * @return BLISS parameter set -*/ -const bliss_param_set_t* bliss_param_set_get_by_oid(int oid); - -#endif /** BLISS_PARAM_SET_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_plugin.c b/src/libstrongswan/plugins/bliss/bliss_plugin.c deleted file mode 100644 index f0e077ee58..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_plugin.c +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_plugin.h" -#include "bliss_private_key.h" -#include "bliss_public_key.h" - -#include - -typedef struct private_bliss_plugin_t private_bliss_plugin_t; - -/** - * private data of bliss_plugin - */ -struct private_bliss_plugin_t { - - /** - * public functions - */ - bliss_plugin_t public; -}; - -METHOD(plugin_t, get_name, char*, - private_bliss_plugin_t *this) -{ - return "bliss"; -} - -METHOD(plugin_t, get_features, int, - private_bliss_plugin_t *this, plugin_feature_t *features[]) -{ - static plugin_feature_t f[] = { - /* private/public keys */ - PLUGIN_REGISTER(PRIVKEY, bliss_private_key_load, TRUE), - PLUGIN_PROVIDE(PRIVKEY, KEY_BLISS), - PLUGIN_REGISTER(PRIVKEY, bliss_private_key_load, TRUE), - PLUGIN_PROVIDE(PRIVKEY, KEY_ANY), - PLUGIN_REGISTER(PRIVKEY_GEN, bliss_private_key_gen, FALSE), - PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_BLISS), - PLUGIN_DEPENDS(RNG, RNG_TRUE), - PLUGIN_SDEPEND(XOF, XOF_MGF1_SHA1), - PLUGIN_SDEPEND(XOF, XOF_MGF1_SHA256), - PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE), - PLUGIN_PROVIDE(PUBKEY, KEY_BLISS), - PLUGIN_REGISTER(PUBKEY, bliss_public_key_load, TRUE), - PLUGIN_PROVIDE(PUBKEY, KEY_ANY), - /* signature schemes, private */ - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_256), - PLUGIN_DEPENDS(HASHER, HASH_SHA256), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_384), - PLUGIN_DEPENDS(HASHER, HASH_SHA384), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA2_512), - PLUGIN_DEPENDS(HASHER, HASH_SHA512), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_256), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_256), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_384), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_384), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_BLISS_WITH_SHA3_512), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_512), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - /* signature verification schemes */ - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_256), - PLUGIN_DEPENDS(HASHER, HASH_SHA256), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_384), - PLUGIN_DEPENDS(HASHER, HASH_SHA384), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA2_512), - PLUGIN_DEPENDS(HASHER, HASH_SHA512), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_256), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_256), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_384), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_384), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_BLISS_WITH_SHA3_512), - PLUGIN_DEPENDS(HASHER, HASH_SHA3_512), - PLUGIN_DEPENDS(XOF, XOF_MGF1_SHA512), - }; - *features = f; - - return countof(f); -} - -METHOD(plugin_t, destroy, void, - private_bliss_plugin_t *this) -{ - free(this); -} - -/* - * see header file - */ -plugin_t *bliss_plugin_create() -{ - private_bliss_plugin_t *this; - - INIT(this, - .public = { - .plugin = { - .get_name = _get_name, - .get_features = _get_features, - .destroy = _destroy, - }, - }, - ); - - return &this->public.plugin; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_plugin.h b/src/libstrongswan/plugins/bliss/bliss_plugin.h deleted file mode 100644 index e3df44dd43..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_plugin.h +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_p bliss - * @ingroup plugins - * - * @defgroup bliss_plugin bliss_plugin - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_PLUGIN_H_ -#define BLISS_PLUGIN_H_ - -#include - -typedef struct bliss_plugin_t bliss_plugin_t; - -/** - * Plugin implementing the BLISS post-quantum authentication algorithm - */ -struct bliss_plugin_t { - - /** - * implements plugin interface - */ - plugin_t plugin; -}; - -#endif /** BLISS_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.c b/src/libstrongswan/plugins/bliss/bliss_private_key.c deleted file mode 100644 index b6ddc72dc6..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_private_key.c +++ /dev/null @@ -1,1337 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_private_key.h" -#include "bliss_public_key.h" -#include "bliss_param_set.h" -#include "bliss_utils.h" -#include "bliss_sampler.h" -#include "bliss_signature.h" -#include "bliss_bitpacker.h" -#include "ntt_fft.h" -#include "ntt_fft_reduce.h" - -#include -#include -#include -#include - -#define _GNU_SOURCE -#include - -typedef struct private_bliss_private_key_t private_bliss_private_key_t; - -#define SECRET_KEY_TRIALS_MAX 50 - -/** - * Private data of a bliss_private_key_t object. - */ -struct private_bliss_private_key_t { - /** - * Public interface for this signer. - */ - bliss_private_key_t public; - - /** - * BLISS signature parameter set - */ - const bliss_param_set_t *set; - - /** - * BLISS secret key S1 (coefficients of polynomial f) - */ - int8_t *s1; - - /** - * BLISS secret key S2 (coefficients of polynomial 2g + 1) - */ - int8_t *s2; - - /** - * NTT of BLISS public key a (coefficients of polynomial (2g + 1)/f) - */ - uint32_t *A; - - /** - * NTT of BLISS public key in Montgomery representation Ar = rA mod - */ - uint32_t *Ar; - - /** - * reference count - */ - refcount_t ref; -}; - -METHOD(private_key_t, get_type, key_type_t, - private_bliss_private_key_t *this) -{ - return KEY_BLISS; -} - -/** - * Multiply secret vector s with binary challenge vector c - */ -static void multiply_by_c(int8_t *s, int n, uint16_t *c_indices, - uint16_t kappa, int32_t *product) -{ - int i, j, index; - - for (i = 0; i < n; i++) - { - product[i] = 0; - - for (j = 0; j < kappa; j++) - { - index = c_indices[j]; - if (i - index < 0) - { - product[i] -= s[i - index + n]; - } - else - { - product[i] += s[i - index]; - } - } - } -} - -/** - * BLISS-B GreedySC algorithm - */ -static void greedy_sc(int8_t *s1, int8_t *s2, int n, uint16_t *c_indices, - uint16_t kappa, int32_t *v1, int32_t *v2) -{ - int i, j, index; - int32_t sign; - - for (i = 0; i < n; i++) - { - v1[i] = v2[i] = 0; - } - for (j = 0; j < kappa; j++) - { - index = c_indices[j]; - sign = 0; - - for (i = 0; i < index; i++) - { - sign -= (v1[i] * s1[i - index + n] + v2[i] * s2[i - index + n]); - } - for (i = index; i < n; i++) - { - sign += (v1[i] * s1[i - index] + v2[i] * s2[i - index]); - } - for (i = 0; i < index; i++) - { - if (sign > 0) - { - v1[i] += s1[i - index + n]; - v2[i] += s2[i - index + n]; - } - else - { - v1[i] -= s1[i - index + n]; - v2[i] -= s2[i - index + n]; - } - } - for (i = index; i < n; i++) - { - if (sign > 0) - { - v1[i] -= s1[i - index]; - v2[i] -= s2[i - index]; - } - else - { - v1[i] += s1[i - index]; - v2[i] += s2[i - index]; - } - } - } -} - -/** - * Compute a BLISS signature - */ -static bool sign_bliss(private_bliss_private_key_t *this, hash_algorithm_t alg, - chunk_t data, chunk_t *signature) -{ - ntt_fft_t *fft; - bliss_signature_t *sig; - bliss_sampler_t *sampler = NULL; - rng_t *rng; - hasher_t *hasher; - ext_out_function_t mgf1_alg, oracle_alg; - size_t mgf1_seed_len; - uint8_t mgf1_seed_buf[HASH_SIZE_SHA512], data_hash_buf[HASH_SIZE_SHA512]; - chunk_t mgf1_seed, data_hash; - uint16_t q, q2, p, p2, *c_indices, tests = 0; - uint32_t *ay; - int32_t *y1, *y2, *z1, *z2, *u, *s1c, *s2c; - int32_t y1_min = 0, y1i, y1_max = 0, y2_min = 0, y2i, y2_max = 0; - int32_t scalar, norm, ui; - int16_t *ud, *uz2d, *z2d, value; - int i, n; - double mean1 = 0, mean2 = 0, sigma1 DBG_UNUSED = 0, sigma2 DBG_UNUSED = 0; - bool accepted, positive, success = FALSE, use_bliss_b; - - /* Initialize signature */ - *signature = chunk_empty; - - /* Create data hash using configurable hash algorithm */ - hasher = lib->crypto->create_hasher(lib->crypto, alg); - if (!hasher) - { - return FALSE; - } - data_hash = chunk_create(data_hash_buf, hasher->get_hash_size(hasher)); - - if (!hasher->get_hash(hasher, data, data_hash_buf)) - { - hasher->destroy(hasher); - return FALSE; - } - hasher->destroy(hasher); - - /* Set MGF1 hash algorithm and seed length based on security strength */ - if (this->set->strength > 160) - { - mgf1_alg = XOF_MGF1_SHA256; - mgf1_seed_len = HASH_SIZE_SHA256; - } - else - { - mgf1_alg = XOF_MGF1_SHA1; - mgf1_seed_len = HASH_SIZE_SHA1; - } - mgf1_seed = chunk_create(mgf1_seed_buf, mgf1_seed_len); - - rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); - if (!rng) - { - return FALSE; - } - - /* MGF1 hash algorithm to be used for random oracle */ - oracle_alg = XOF_MGF1_SHA512; - - /* Initialize a couple of needed variables */ - n = this->set->n; - q = this->set->q; - p = this->set->p; - q2 = 2 * q; - p2 = p / 2; - ay = malloc(n * sizeof(uint32_t)); - z2 = malloc(n * sizeof(int32_t)); - s1c = malloc(n * sizeof(int32_t)); - s2c = malloc(n * sizeof(int32_t)); - u = malloc(n * sizeof(int32_t)); - uz2d = malloc(n * sizeof(int16_t)); - - sig = bliss_signature_create(this->set); - sig->get_parameters(sig, &z1, &z2d, &c_indices); - y1 = z1; - y2 = z2; - ud = z2d; - - fft = ntt_fft_create(this->set->fft_params); - - /* Use of the enhanced BLISS-B signature algorithm? */ - switch (this->set->id) - { - default: - case BLISS_I: - case BLISS_II: - case BLISS_III: - case BLISS_IV: - use_bliss_b = FALSE; - break; - case BLISS_B_I: - case BLISS_B_II: - case BLISS_B_III: - case BLISS_B_IV: - use_bliss_b = TRUE; - break; - } - - while (true) - { - tests++; - - if (!rng->get_bytes(rng, mgf1_seed_len, mgf1_seed_buf)) - { - goto end; - } - DESTROY_IF(sampler); - - sampler = bliss_sampler_create(mgf1_alg, mgf1_seed, this->set); - if (!sampler) - { - goto end; - } - - /* Gaussian sampling for vectors y1 and y2 */ - for (i = 0; i < n; i++) - { - if (!sampler->gaussian(sampler, &y1i) || - !sampler->gaussian(sampler, &y2i)) - { - goto end; - } - y1[i] = y1i; - y2[i] = y2i; - - /* Collect statistical data on rejection sampling */ - if (i == 0) - { - y1_min = y1_max = y1i; - y2_min = y2_max = y2i; - } - else - { - if (y1i < y1_min) - { - y1_min = y1i; - } - else if (y1i > y1_max) - { - y1_max = y1i; - } - if (y2i < y2_min) - { - y2_min = y2i; - } - else if (y2i > y2_max) - { - y2_max = y2i; - } - } - mean1 += y1i; - mean2 += y2i; - sigma1 += y1i * y1i; - sigma2 += y2i * y2i; - - ay[i] = y1i < 0 ? q + y1i : y1i; - } - - /* Compute statistics on vectors y1 and y2 */ - mean1 /= n; - mean2 /= n; - sigma1 /= n; - sigma2 /= n; - sigma2 -= mean1 * mean1; - sigma2 -= mean2 * mean2; - DBG2(DBG_LIB, "y1 = %d..%d (sigma2 = %5.0f, mean = %4.1f)", - y1_min, y1_max, sigma1, mean1); - DBG2(DBG_LIB, "y2 = %d..%d (sigma2 = %5.0f, mean = %4.1f)", - y2_min, y2_max, sigma2, mean2); - - fft->transform(fft, ay, ay, FALSE); - - for (i = 0; i < n; i++) - { - ay[i] = ntt_fft_mreduce(this->Ar[i] * ay[i], this->set->fft_params); - } - fft->transform(fft, ay, ay, TRUE); - - for (i = 0; i < n; i++) - { - ui = 2 * this->set->q2_inv * (int32_t)ay[i] + y2[i]; - u[i] = ((ui < 0) ? q2 + ui : ui) % q2; - } - bliss_utils_round_and_drop(this->set, u, ud); - - /* Detailed debugging information */ - DBG3(DBG_LIB, " i u[i] ud[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%3d %6d %4d", i, u[i], ud[i]); - } - - if (!bliss_utils_generate_c(oracle_alg, data_hash, ud, this->set, - c_indices)) - { - goto end; - } - - if (use_bliss_b) - { - /* Compute v = (s1c, s2c) with the GreedySC algorithm */ - greedy_sc(this->s1, this->s2, n, c_indices, this->set->kappa, - s1c, s2c); - - /* Compute norm = ||v||^2 = ||Sc'||^2 */ - norm = bliss_utils_scalar_product(s1c, s1c, n) + - bliss_utils_scalar_product(s2c, s2c, n); - - /* Just in case. ||v||^2 <= P_max should always be fulfilled */ - if (norm > this->set->p_max) - { - goto end; - } - } - else - { - /* Compute s*c */ - multiply_by_c(this->s1, n, c_indices, this->set->kappa, s1c); - multiply_by_c(this->s2, n, c_indices, this->set->kappa, s2c); - - /* Compute norm = |Sc||^2 */ - norm = bliss_utils_scalar_product(s1c, s1c, n) + - bliss_utils_scalar_product(s2c, s2c, n); - } - - if (!sampler->bernoulli_exp(sampler, this->set->M - norm, &accepted)) - { - goto end; - } - if (use_bliss_b) - { - DBG2(DBG_LIB, "norm2(s1*c') + norm2(s2*c') = %u (%u max), %s", - norm, this->set->p_max, accepted ? "accepted" : "rejected"); - - } - else - { - DBG2(DBG_LIB, "norm2(s1*c) + norm2(s2*c) = %u, %s", - norm, accepted ? "accepted" : "rejected"); - } - if (!accepted) - { - continue; - } - - /* Compute z */ - if (!sampler->sign(sampler, &positive)) - { - goto end; - } - for (i = 0; i < n; i++) - { - if (positive) - { - z1[i] = y1[i] + s1c[i]; - z2[i] = y2[i] + s2c[i]; - } - else - { - z1[i] = y1[i] - s1c[i]; - z2[i] = y2[i] - s2c[i]; - } - } - /* Reject with probability 1/cosh(scalar/sigma^2) */ - scalar = bliss_utils_scalar_product(z1, s1c, n) + - bliss_utils_scalar_product(z2, s2c, n); - - if (!sampler->bernoulli_cosh(sampler, scalar, &accepted)) - { - goto end; - } - DBG2(DBG_LIB, "scalar(z1,s1*c) + scalar(z2,s2*c) = %d, %s", - scalar, accepted ? "accepted" : "rejected"); - if (!accepted) - { - continue; - } - - /* Compute z2 with dropped bits */ - for (i = 0; i < n; i++) - { - u[i] -= z2[i]; - if (u[i] < 0) - { - u[i] += q2; - } - else if (u[i] >= q2) - { - u[i] -= q2; - } - } - bliss_utils_round_and_drop(this->set, u, uz2d); - - for (i = 0; i < n; i++) - { - value = ud[i] - uz2d[i]; - if (value <= -p2) - { - value += p; - } - else if (value > p2) - { - value -= p; - } - z2d[i] = value; - } - - if (!bliss_utils_check_norms(this->set, z1, z2d)) - { - continue; - } - - *signature = sig->get_encoding(sig); - if (signature->len == 0) - { - DBG1(DBG_LIB, "inefficient Huffman coding of signature"); - continue; - } - DBG2(DBG_LIB, "signature generation needed %u round%s", tests, - (tests == 1) ? "" : "s"); - break; - } - success = TRUE; - -end: - /* cleanup */ - DESTROY_IF(sampler); - sig->destroy(sig); - fft->destroy(fft); - rng->destroy(rng); - memwipe(s1c, n * sizeof(int32_t)); - memwipe(s2c, n * sizeof(int32_t)); - free(s1c); - free(s2c); - free(ay); - free(z2); - free(u); - free(uz2d); - - return success; -} - -METHOD(private_key_t, sign, bool, - private_bliss_private_key_t *this, signature_scheme_t scheme, void *params, - chunk_t data, chunk_t *signature) -{ - switch (scheme) - { - case SIGN_BLISS_WITH_SHA2_256: - return sign_bliss(this, HASH_SHA256, data, signature); - case SIGN_BLISS_WITH_SHA2_384: - return sign_bliss(this, HASH_SHA384, data, signature); - case SIGN_BLISS_WITH_SHA2_512: - return sign_bliss(this, HASH_SHA512, data, signature); - case SIGN_BLISS_WITH_SHA3_256: - return sign_bliss(this, HASH_SHA3_256, data, signature); - case SIGN_BLISS_WITH_SHA3_384: - return sign_bliss(this, HASH_SHA3_384, data, signature); - case SIGN_BLISS_WITH_SHA3_512: - return sign_bliss(this, HASH_SHA3_512, data, signature); - default: - DBG1(DBG_LIB, "signature scheme %N not supported with BLISS", - signature_scheme_names, scheme); - return FALSE; - } -} - -METHOD(private_key_t, decrypt, bool, - private_bliss_private_key_t *this, encryption_scheme_t scheme, - void *params, chunk_t crypto, chunk_t *plain) -{ - DBG1(DBG_LIB, "encryption scheme %N not supported", - encryption_scheme_names, scheme); - return FALSE; -} - -METHOD(private_key_t, get_keysize, int, - private_bliss_private_key_t *this) -{ - return this->set->strength; -} - -METHOD(private_key_t, get_public_key, public_key_t*, - private_bliss_private_key_t *this) -{ - public_key_t *public; - chunk_t pubkey; - - pubkey = bliss_public_key_info_encode(this->set->oid, this->A, this->set); - public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_BLISS, - BUILD_BLOB_ASN1_DER, pubkey, BUILD_END); - free(pubkey.ptr); - - return public; -} - -METHOD(private_key_t, get_encoding, bool, - private_bliss_private_key_t *this, cred_encoding_type_t type, - chunk_t *encoding) -{ - switch (type) - { - case PRIVKEY_ASN1_DER: - case PRIVKEY_PEM: - { - chunk_t s1, s2, pubkey; - bliss_bitpacker_t *packer; - size_t s_bits; - int8_t value; - bool success = TRUE; - int i; - - pubkey = bliss_public_key_encode(this->A, this->set); - - /* Use either 2 or 3 bits per array element */ - s_bits = 2 + (this->set->non_zero2 > 0); - - /* Encode secret s1 */ - packer = bliss_bitpacker_create(s_bits * this->set->n); - for (i = 0; i < this->set->n; i++) - { - packer->write_bits(packer, this->s1[i], s_bits); - } - s1 = packer->extract_buf(packer); - packer->destroy(packer); - - /* Encode secret s2 */ - packer = bliss_bitpacker_create(s_bits * this->set->n); - for (i = 0; i < this->set->n; i++) - { - value = this->s2[i]; - if (i == 0) - { - value -= 1; - } - value /= 2; - packer->write_bits(packer, value, s_bits); - } - s2 = packer->extract_buf(packer); - packer->destroy(packer); - - *encoding = asn1_wrap(ASN1_SEQUENCE, "mmss", - asn1_build_known_oid(this->set->oid), - asn1_bitstring("m", pubkey), - asn1_bitstring("m", s1), - asn1_bitstring("m", s2) - ); - if (type == PRIVKEY_PEM) - { - chunk_t asn1_encoding = *encoding; - - success = lib->encoding->encode(lib->encoding, PRIVKEY_PEM, - NULL, encoding, CRED_PART_BLISS_PRIV_ASN1_DER, - asn1_encoding, CRED_PART_END); - chunk_clear(&asn1_encoding); - } - return success; - } - default: - return FALSE; - } -} - -METHOD(private_key_t, get_fingerprint, bool, - private_bliss_private_key_t *this, cred_encoding_type_t type, chunk_t *fp) -{ - bool success; - - if (lib->encoding->get_cache(lib->encoding, type, this, fp)) - { - return TRUE; - } - success = bliss_public_key_fingerprint(this->set->oid, this->A, - this->set, type, fp); - if (success) - { - lib->encoding->cache(lib->encoding, type, this, fp); - } - return success; -} - -METHOD(private_key_t, get_ref, private_key_t*, - private_bliss_private_key_t *this) -{ - ref_get(&this->ref); - return &this->public.key; -} - -METHOD(private_key_t, destroy, void, - private_bliss_private_key_t *this) -{ - if (ref_put(&this->ref)) - { - lib->encoding->clear_cache(lib->encoding, this); - if (this->s1) - { - memwipe(this->s1, this->set->n * sizeof(int8_t)); - free(this->s1); - } - if (this->s2) - { - memwipe(this->s2, this->set->n * sizeof(int8_t)); - free(this->s2); - } - free(this->A); - free(this->Ar); - free(this); - } -} - -/** - * Internal generic constructor - */ -static private_bliss_private_key_t *bliss_private_key_create_empty(void) -{ - private_bliss_private_key_t *this; - - INIT(this, - .public = { - .key = { - .get_type = _get_type, - .sign = _sign, - .decrypt = _decrypt, - .get_keysize = _get_keysize, - .get_public_key = _get_public_key, - .equals = private_key_equals, - .belongs_to = private_key_belongs_to, - .get_fingerprint = _get_fingerprint, - .has_fingerprint = private_key_has_fingerprint, - .get_encoding = _get_encoding, - .get_ref = _get_ref, - .destroy = _destroy, - }, - }, - .ref = 1, - ); - return this; -} - -/** - * Compute the scalar product of a vector x with a negative wrapped vector y - */ -static int16_t wrapped_product(int8_t *x, int8_t *y, int n, int shift) -{ - int16_t product = 0; - int i; - - for (i = 0; i < n - shift; i++) - { - product += x[i] * y[i + shift]; - } - for (i = n - shift; i < n; i++) - { - product -= x[i] * y[i + shift - n]; - } - return product; -} - -/** - * Apply a negative wrapped rotation to a vector x - */ -static void wrap(int16_t *x, int n, int shift, int16_t *x_wrapped) -{ - int i; - - for (i = 0; i < n - shift; i++) - { - x_wrapped[i + shift] = x[i]; - } - for (i = n - shift; i < n; i++) - { - x_wrapped[i + shift - n] = -x[i]; - } -} - -/** - * int16_t compare function needed for qsort() - */ -static int compare(const int16_t *a, const int16_t *b) -{ - int16_t temp = *a - *b; - - if (temp > 0) - { - return 1; - } - else if (temp < 0) - { - return -1; - } - else - { - return 0; - } -} - -/** - * Compute the Nk(S) norm of S = (s1, s2) - */ -static uint32_t nks_norm(int8_t *s1, int8_t *s2, int n, uint16_t kappa) -{ - int16_t t[n], t_wrapped[n], max_kappa[n]; - uint32_t nks = 0; - int i, j; - - for (i = 0; i < n; i++) - { - t[i] = wrapped_product(s1, s1, n, i) + wrapped_product(s2, s2, n, i); - } - - for (i = 0; i < n; i++) - { - wrap(t, n, i, t_wrapped); - qsort(t_wrapped, n, sizeof(int16_t), (void*)compare); - max_kappa[i] = 0; - - for (j = 1; j <= kappa; j++) - { - max_kappa[i] += t_wrapped[n - j]; - } - } - qsort(max_kappa, n, sizeof(int16_t), (void*)compare); - - for (i = 1; i <= kappa; i++) - { - nks += max_kappa[n - i]; - } - return nks; -} - -/** - * Compute the inverse x1 of x modulo q as x^(-1) = x^(q-2) mod q - */ -static uint32_t invert(private_bliss_private_key_t *this, uint32_t x) -{ - uint32_t x1, x2; - uint16_t q2; - int i, i_max; - - q2 = this->set->q - 2; - x1 = (q2 & 1) ? x : 1; - x2 = x; - i_max = 15; - - while ((q2 & (1 << i_max)) == 0) - { - i_max--; - } - for (i = 1; i <= i_max; i++) - { - x2 = ntt_fft_mreduce(x2 * x2, this->set->fft_params); - - if (q2 & (1 << i)) - { - x1 = ntt_fft_mreduce(x1 * x2, this->set->fft_params); - } - } - - return x1; -} - -/** - * Create a vector with sparse and small coefficients from seed - */ -static int8_t* create_vector_from_seed(private_bliss_private_key_t *this, - ext_out_function_t alg, chunk_t seed) -{ - xof_bitspender_t *bitspender; - uint32_t index, sign; - int8_t *vector; - int non_zero; - - bitspender = xof_bitspender_create(alg, seed, FALSE); - if (!bitspender) - { - return NULL; - } - - vector = malloc(sizeof(int8_t) * this->set->n); - memset(vector, 0x00, this->set->n); - - non_zero = this->set->non_zero1; - while (non_zero) - { - if (!bitspender->get_bits(bitspender, this->set->n_bits, &index)) - { - free(vector); - return NULL; - } - if (vector[index] != 0) - { - continue; - } - - if (!bitspender->get_bits(bitspender, 1, &sign)) - { - free(vector); - return NULL; - } - vector[index] = sign ? 1 : -1; - non_zero--; - } - - non_zero = this->set->non_zero2; - while (non_zero) - { - if (!bitspender->get_bits(bitspender, this->set->n_bits, &index)) - { - free(vector); - return NULL; - } - if (vector[index] != 0) - { - continue; - } - - if (!bitspender->get_bits(bitspender, 1, &sign)) - { - free(vector); - return NULL; - } - vector[index] = sign ? 2 : -2; - non_zero--; - } - bitspender->destroy(bitspender); - - return vector; -} - -/** - * Generate the secret key S = (s1, s2) fulfilling the Nk(S) norm - */ -static bool create_secret(private_bliss_private_key_t *this, rng_t *rng, - int8_t **s1, int8_t **s2, int *trials) -{ - uint8_t seed_buf[32]; - uint8_t *f, *g; - uint32_t l2_norm DBG_UNUSED, nks; - int i, n; - chunk_t seed; - size_t seed_len; - ext_out_function_t alg; - - n = this->set->n; - *s1 = NULL; - *s2 = NULL; - - /* Set MGF1 hash algorithm and seed length based on security strength */ - if (this->set->strength > 160) - { - alg = XOF_MGF1_SHA256; - seed_len = HASH_SIZE_SHA256; - } - else - { - alg = XOF_MGF1_SHA1; - seed_len = HASH_SIZE_SHA1; - } - seed = chunk_create(seed_buf, seed_len); - - while (*trials < SECRET_KEY_TRIALS_MAX) - { - (*trials)++; - - if (!rng->get_bytes(rng, seed_len, seed_buf)) - { - return FALSE; - } - f = create_vector_from_seed(this, alg, seed); - if (f == NULL) - { - return FALSE; - } - if (!rng->get_bytes(rng, seed_len, seed_buf)) - { - free(f); - return FALSE; - } - g = create_vector_from_seed(this, alg, seed); - if (g == NULL) - { - free(f); - return FALSE; - } - - /* Compute 2g + 1 */ - for (i = 0; i < n; i++) - { - g[i] *= 2; - } - g[0] += 1; - - l2_norm = wrapped_product(f, f, n, 0) + wrapped_product(g, g, n, 0); - nks = nks_norm(f, g, n, this->set->kappa); - - switch (this->set->id) - { - case BLISS_I: - case BLISS_II: - case BLISS_III: - case BLISS_IV: - DBG2(DBG_LIB, "l2 norm of s1||s2: %d, Nk(S): %u (%u max)", - l2_norm, nks, this->set->nks_max); - if (nks < this->set->nks_max) - { - *s1 = f; - *s2 = g; - return TRUE; - } - free(f); - free(g); - break; - case BLISS_B_I: - case BLISS_B_II: - case BLISS_B_III: - case BLISS_B_IV: - DBG2(DBG_LIB, "l2 norm of s1||s2: %d, Nk(S): %u", - l2_norm, nks); - *s1 = f; - *s2 = g; - return TRUE; - } - } - - return FALSE; -} - -/** - * See header. - */ -bliss_private_key_t *bliss_private_key_gen(key_type_t type, va_list args) -{ - private_bliss_private_key_t *this; - u_int key_size = BLISS_B_I; - int i, n, trials = 0; - uint32_t *S1, *S2, *a; - uint16_t q; - bool success = FALSE; - const bliss_param_set_t *set; - ntt_fft_t *fft; - rng_t *rng; - - while (TRUE) - { - switch (va_arg(args, builder_part_t)) - { - case BUILD_KEY_SIZE: - key_size = va_arg(args, u_int); - continue; - case BUILD_END: - break; - default: - return NULL; - } - break; - } - - if (lib->settings->get_bool(lib->settings, "%s.plugins.bliss.use_bliss_b", - TRUE, lib->ns)) - { - switch (key_size) - { - case BLISS_I: - key_size = BLISS_B_I; - break; - case BLISS_II: - key_size = BLISS_B_II; - break; - case BLISS_III: - key_size = BLISS_B_III; - break; - case BLISS_IV: - key_size = BLISS_B_IV; - break; - default: - break; - } - } - - /* Only BLISS or BLISS-B types I, III, or IV are currently supported */ - set = bliss_param_set_get_by_id(key_size); - if (!set) - { - DBG1(DBG_LIB, "BLISS parameter set %u not supported", key_size); - return NULL; - } - - /* Some shortcuts for often used variables */ - n = set->n; - q = set->q; - - if (set->fft_params->n != n || set->fft_params->q != q) - { - DBG1(DBG_LIB, "FFT parameters do not match BLISS parameters"); - return NULL; - } - this = bliss_private_key_create_empty(); - this->set = set; - - /* We derive the public key from the private key using the FFT */ - fft = ntt_fft_create(set->fft_params); - - /* Some vectors needed to derive the public key */ - S1 = malloc(n * sizeof(uint32_t)); - S2 = malloc(n * sizeof(uint32_t)); - a = malloc(n * sizeof(uint32_t)); - this->A = malloc(n * sizeof(uint32_t)); - this->Ar = malloc(n * sizeof(uint32_t)); - - /* Instantiate a true random generator */ - rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE); - - /* Loop until we have an invertible polynomial s1 */ - do - { - if (!create_secret(this, rng, &this->s1, &this->s2, &trials)) - { - break; - } - - /* Convert signed arrays to unsigned arrays before FFT */ - for (i = 0; i < n; i++) - { - S1[i] = (this->s1[i] < 0) ? this->s1[i] + q : this->s1[i]; - S2[i] = (this->s2[i] > 0) ? q - this->s2[i] : -this->s2[i]; - } - fft->transform(fft, S1, S1, FALSE); - fft->transform(fft, S2, S2, FALSE); - - success = TRUE; - - for (i = 0; i < n; i++) - { - if (S1[i] == 0) - { - DBG1(DBG_LIB, "S1[%d] is zero - s1 is not invertible", i); - free(this->s1); - free(this->s2); - this->s1 = NULL; - this->s2 = NULL; - success = FALSE; - break; - } - this->Ar[i] = invert(this, S1[i]); - this->Ar[i] = ntt_fft_mreduce(S2[i] * this->Ar[i], set->fft_params); - this->A[i] = ntt_fft_mreduce(this->Ar[i], set->fft_params); - } - } - while (!success && trials < SECRET_KEY_TRIALS_MAX); - - DBG1(DBG_LIB, "secret key generation %s after %d trial%s", - success ? "succeeded" : "failed", trials, (trials == 1) ? "" : "s"); - - if (success) - { - fft->transform(fft, this->Ar, a, TRUE); - - DBG4(DBG_LIB, " i f g a F G A"); - for (i = 0; i < n; i++) - { - DBG4(DBG_LIB, "%4d %3d %3d %5u %5u %5u %5u", - i, this->s1[i], this->s2[i], - ntt_fft_mreduce(a[i], set->fft_params), - S1[i], S2[i], this->A[i]); - } - } - else - { - destroy(this); - } - - /* Cleanup */ - fft->destroy(fft); - rng->destroy(rng); - memwipe(S1, n * sizeof(uint32_t)); - memwipe(S2, n * sizeof(uint32_t)); - free(S1); - free(S2); - free(a); - - return success ? &this->public : NULL; -} - -/** - * ASN.1 definition of a BLISS private key - */ -static const asn1Object_t privkeyObjects[] = { - { 0, "BLISSPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ - { 1, "keyType", ASN1_OID, ASN1_BODY }, /* 1 */ - { 1, "public", ASN1_BIT_STRING, ASN1_BODY }, /* 2 */ - { 1, "secret1", ASN1_BIT_STRING, ASN1_BODY }, /* 3 */ - { 1, "secret2", ASN1_BIT_STRING, ASN1_BODY }, /* 4 */ - { 0, "exit", ASN1_EOC, ASN1_EXIT } -}; -#define PRIV_KEY_TYPE 1 -#define PRIV_KEY_PUBLIC 2 -#define PRIV_KEY_SECRET1 3 -#define PRIV_KEY_SECRET2 4 - -/** - * See header. - */ -bliss_private_key_t *bliss_private_key_load(key_type_t type, va_list args) -{ - private_bliss_private_key_t *this; - chunk_t key = chunk_empty, object; - bliss_bitpacker_t *packer; - asn1_parser_t *parser; - size_t s_bits = 0; - int8_t s, s_min = 0, s_max = 0; - uint32_t s_sign = 0x02, s_mask = 0xfffffffc, value, r2; - bool success = FALSE; - int objectID, oid, i; - - while (TRUE) - { - switch (va_arg(args, builder_part_t)) - { - case BUILD_BLOB_ASN1_DER: - key = va_arg(args, chunk_t); - continue; - case BUILD_END: - break; - default: - return NULL; - } - break; - } - - if (key.len == 0) - { - return NULL; - } - this = bliss_private_key_create_empty(); - - parser = asn1_parser_create(privkeyObjects, key); - parser->set_flags(parser, FALSE, TRUE); - - while (parser->iterate(parser, &objectID, &object)) - { - switch (objectID) - { - case PRIV_KEY_TYPE: - oid = asn1_known_oid(object); - if (oid == OID_UNKNOWN) - { - goto end; - } - this->set = bliss_param_set_get_by_oid(oid); - if (this->set == NULL) - { - goto end; - } - if (lib->settings->get_bool(lib->settings, - "%s.plugins.bliss.use_bliss_b",TRUE, lib->ns)) - { - switch (this->set->id) - { - case BLISS_I: - this->set = bliss_param_set_get_by_id(BLISS_B_I); - break; - case BLISS_III: - this->set = bliss_param_set_get_by_id(BLISS_B_III); - break; - case BLISS_IV: - this->set = bliss_param_set_get_by_id(BLISS_B_IV); - break; - default: - break; - } - } - if (this->set->non_zero2) - { - s_min = -2; - s_max = 2; - s_bits = 3; - } - else - { - s_min = -1; - s_max = 1; - s_bits = 2; - } - s_sign = 1 << (s_bits - 1); - s_mask = ((1 << (32 - s_bits)) - 1) << s_bits; - break; - case PRIV_KEY_PUBLIC: - if (!bliss_public_key_from_asn1(object, this->set, &this->A)) - { - goto end; - } - this->Ar = malloc(this->set->n * sizeof(uint32_t)); - r2 = this->set->fft_params->r2; - - for (i = 0; i < this->set->n; i++) - { - this->Ar[i] = ntt_fft_mreduce(this->A[i] * r2, - this->set->fft_params); - } - break; - case PRIV_KEY_SECRET1: - if (object.len != 1 + (s_bits * this->set->n + 7)/8) - { - goto end; - } - this->s1 = malloc(this->set->n); - - /* Skip unused bits octet */ - object = chunk_skip(object, 1); - packer = bliss_bitpacker_create_from_data(object); - for (i = 0; i < this->set->n; i++) - { - packer->read_bits(packer, &value, s_bits); - s = (value & s_sign) ? value | s_mask : value; - if (s < s_min || s > s_max) - { - packer->destroy(packer); - goto end; - } - this->s1[i] = s; - } - packer->destroy(packer); - break; - case PRIV_KEY_SECRET2: - if (object.len != 1 + (s_bits * this->set->n + 7)/8) - { - goto end; - } - this->s2 = malloc(this->set->n); - - /* Skip unused bits octet */ - object = chunk_skip(object, 1); - packer = bliss_bitpacker_create_from_data(object); - for (i = 0; i < this->set->n; i++) - { - packer->read_bits(packer, &value, s_bits); - s = (value & s_sign) ? value | s_mask : value; - if (s < s_min || s > s_max) - { - packer->destroy(packer); - goto end; - } - this->s2[i] = 2 * s; - if (i == 0) - { - this->s2[0] += 1; - } - } - packer->destroy(packer); - break; - } - } - success = parser->success(parser); - -end: - parser->destroy(parser); - if (!success) - { - destroy(this); - return NULL; - } - - return &this->public; -} - diff --git a/src/libstrongswan/plugins/bliss/bliss_private_key.h b/src/libstrongswan/plugins/bliss/bliss_private_key.h deleted file mode 100644 index a6b1ee45b3..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_private_key.h +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_private_key bliss_private_key - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_PRIVATE_KEY_H_ -#define BLISS_PRIVATE_KEY_H_ - -#include -#include - -typedef struct bliss_private_key_t bliss_private_key_t; - -/** - * Private_key_t implementation of BLISS signature algorithm. - */ -struct bliss_private_key_t { - - /** - * Implements private_key_t interface - */ - private_key_t key; -}; - -/** - * Generate a BLISS private key. - * - * Accepts the BUILD_KEY_SIZE argument. - * - * @param type type of the key, must be KEY_BLISS - * @param args builder_part_t argument list - * @return generated key, NULL on failure - */ -bliss_private_key_t *bliss_private_key_gen(key_type_t type, va_list args); - -/** - * Load a BLISS private key. - * - * Accepts BUILD_BLISS_* components. - * - * @param type type of the key, must be KEY_BLISS - * @param args builder_part_t argument list - * @return loaded key, NULL on failure - */ -bliss_private_key_t *bliss_private_key_load(key_type_t type, va_list args); - -#endif /** BLISS_PRIVATE_KEY_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_public_key.c b/src/libstrongswan/plugins/bliss/bliss_public_key.c deleted file mode 100644 index 17d59900ea..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_public_key.c +++ /dev/null @@ -1,531 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_public_key.h" -#include "bliss_signature.h" -#include "bliss_bitpacker.h" -#include "ntt_fft.h" -#include "ntt_fft_reduce.h" -#include "bliss_utils.h" - -#include -#include -#include - -typedef struct private_bliss_public_key_t private_bliss_public_key_t; - -/** - * Private data structure with signing context. - */ -struct private_bliss_public_key_t { - /** - * Public interface for this signer. - */ - bliss_public_key_t public; - - /** - * BLISS signature parameter set - */ - const bliss_param_set_t *set; - - /** - * NTT of BLISS public key a (coefficients of polynomial (2g + 1)/f) - */ - uint32_t *A; - - /** - * NTT of BLISS public key in Montgomery representation Ar = rA mod - */ - uint32_t *Ar; - - /** - * reference counter - */ - refcount_t ref; -}; - -METHOD(public_key_t, get_type, key_type_t, - private_bliss_public_key_t *this) -{ - return KEY_BLISS; -} - -/** - * Verify a BLISS signature based on a SHA-512 hash - */ -static bool verify_bliss(private_bliss_public_key_t *this, hash_algorithm_t alg, - chunk_t data, chunk_t signature) -{ - int i, n; - int32_t *z1, *u; - int16_t *ud, *z2d; - uint16_t q, q2, p, *c_indices, *indices; - uint32_t *az; - uint8_t data_hash_buf[HASH_SIZE_SHA512]; - chunk_t data_hash; - hasher_t *hasher; - ext_out_function_t oracle_alg; - ntt_fft_t *fft; - bliss_signature_t *sig; - bool success = FALSE; - - /* Create data hash using configurable hash algorithm */ - hasher = lib->crypto->create_hasher(lib->crypto, alg); - if (!hasher ) - { - return FALSE; - } - data_hash = chunk_create(data_hash_buf, hasher->get_hash_size(hasher)); - - if (!hasher->get_hash(hasher, data, data_hash_buf)) - { - hasher->destroy(hasher); - return FALSE; - } - hasher->destroy(hasher); - - sig = bliss_signature_create_from_data(this->set, signature); - if (!sig) - { - return FALSE; - } - sig->get_parameters(sig, &z1, &z2d, &c_indices); - - if (!bliss_utils_check_norms(this->set, z1, z2d)) - { - sig->destroy(sig); - return FALSE; - } - - /* MGF1 hash algorithm to be used for random oracle */ - oracle_alg = XOF_MGF1_SHA512; - - /* Initialize a couple of needed variables */ - n = this->set->n; - q = this->set->q; - p = this->set->p; - q2 = 2 * q; - az = malloc(n * sizeof(uint32_t)); - u = malloc(n * sizeof(int32_t)); - ud = malloc(n * sizeof(int16_t)); - indices = malloc(this->set->kappa * sizeof(uint16_t)); - - for (i = 0; i < n; i++) - { - az[i] = z1[i] < 0 ? q + z1[i] : z1[i]; - } - fft = ntt_fft_create(this->set->fft_params); - fft->transform(fft, az, az, FALSE); - - for (i = 0; i < n; i++) - { - az[i] = ntt_fft_mreduce(this->Ar[i] * az[i], this->set->fft_params); - } - fft->transform(fft, az, az, TRUE); - - for (i = 0; i < n; i++) - { - u[i] = (2 * this->set->q2_inv * az[i]) % q2; - } - - for (i = 0; i < this->set->kappa; i++) - { - u[c_indices[i]] = (u[c_indices[i]] + q * this->set->q2_inv) % q2; - } - bliss_utils_round_and_drop(this->set, u, ud); - - for (i = 0; i < n; i++) - { - ud[i] += z2d[i]; - if (ud[i] < 0) - { - ud[i] += p; - } - else if (ud[i] >= p) - { - ud[i] -= p; - } - } - - /* Detailed debugging information */ - DBG3(DBG_LIB, " i u[i] ud[i] z2d[i]"); - for (i = 0; i < n; i++) - { - DBG3(DBG_LIB, "%3d %6d %4d %4d", i, u[i], ud[i], z2d[i]); - } - - if (!bliss_utils_generate_c(oracle_alg, data_hash, ud, this->set, indices)) - { - goto end; - } - - for (i = 0; i < this->set->kappa; i++) - { - if (indices[i] != c_indices[i]) - { - DBG1(DBG_LIB, "signature verification failed"); - goto end; - } - } - success = TRUE; - -end: - /* cleanup */ - sig->destroy(sig); - fft->destroy(fft); - free(az); - free(u); - free(ud); - free(indices); - - return success; -} - -METHOD(public_key_t, verify, bool, - private_bliss_public_key_t *this, signature_scheme_t scheme, void *params, - chunk_t data, chunk_t signature) -{ - switch (scheme) - { - case SIGN_BLISS_WITH_SHA2_256: - return verify_bliss(this, HASH_SHA256, data, signature); - case SIGN_BLISS_WITH_SHA2_384: - return verify_bliss(this, HASH_SHA384, data, signature); - case SIGN_BLISS_WITH_SHA2_512: - return verify_bliss(this, HASH_SHA512, data, signature); - case SIGN_BLISS_WITH_SHA3_256: - return verify_bliss(this, HASH_SHA3_256, data, signature); - case SIGN_BLISS_WITH_SHA3_384: - return verify_bliss(this, HASH_SHA3_384, data, signature); - case SIGN_BLISS_WITH_SHA3_512: - return verify_bliss(this, HASH_SHA3_512, data, signature); - default: - DBG1(DBG_LIB, "signature scheme %N not supported by BLISS", - signature_scheme_names, scheme); - return FALSE; - } -} - -METHOD(public_key_t, encrypt_, bool, - private_bliss_public_key_t *this, encryption_scheme_t scheme, - void *params, chunk_t plain, chunk_t *crypto) -{ - DBG1(DBG_LIB, "encryption scheme %N not supported", - encryption_scheme_names, scheme); - return FALSE; -} - -METHOD(public_key_t, get_keysize, int, - private_bliss_public_key_t *this) -{ - return this->set->strength; -} - -METHOD(public_key_t, get_encoding, bool, - private_bliss_public_key_t *this, cred_encoding_type_t type, - chunk_t *encoding) -{ - bool success = TRUE; - - *encoding = bliss_public_key_info_encode(this->set->oid, this->A, this->set); - - if (type != PUBKEY_SPKI_ASN1_DER) - { - chunk_t asn1_encoding = *encoding; - - success = lib->encoding->encode(lib->encoding, type, - NULL, encoding, CRED_PART_BLISS_PUB_ASN1_DER, - asn1_encoding, CRED_PART_END); - chunk_clear(&asn1_encoding); - } - return success; -} - -METHOD(public_key_t, get_fingerprint, bool, - private_bliss_public_key_t *this, cred_encoding_type_t type, chunk_t *fp) -{ - bool success; - - if (lib->encoding->get_cache(lib->encoding, type, this, fp)) - { - return TRUE; - } - success = bliss_public_key_fingerprint(this->set->oid, this->A, - this->set, type, fp); - if (success) - { - lib->encoding->cache(lib->encoding, type, this, fp); - } - return success; -} - -METHOD(public_key_t, get_ref, public_key_t*, - private_bliss_public_key_t *this) -{ - ref_get(&this->ref); - return &this->public.key; -} - -METHOD(public_key_t, destroy, void, - private_bliss_public_key_t *this) -{ - if (ref_put(&this->ref)) - { - lib->encoding->clear_cache(lib->encoding, this); - free(this->A); - free(this->Ar); - free(this); - } -} - -/** - * ASN.1 definition of a BLISS public key - */ -static const asn1Object_t pubkeyObjects[] = { - { 0, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */ - { 1, "algorithm", ASN1_EOC, ASN1_RAW }, /* 1 */ - { 1, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 2 */ - { 0, "exit", ASN1_EOC, ASN1_EXIT } -}; -#define BLISS_SUBJECT_PUBLIC_KEY_ALGORITHM 1 -#define BLISS_SUBJECT_PUBLIC_KEY 2 - -/** - * See header. - */ -bliss_public_key_t *bliss_public_key_load(key_type_t type, va_list args) -{ - private_bliss_public_key_t *this; - chunk_t blob = chunk_empty, object, param; - asn1_parser_t *parser; - bool success = FALSE; - int objectID, oid, i; - uint32_t r2; - - while (TRUE) - { - switch (va_arg(args, builder_part_t)) - { - case BUILD_BLOB_ASN1_DER: - blob = va_arg(args, chunk_t); - continue; - case BUILD_END: - break; - default: - return NULL; - } - break; - } - - if (blob.len == 0) - { - return NULL; - } - - INIT(this, - .public = { - .key = { - .get_type = _get_type, - .verify = _verify, - .encrypt = _encrypt_, - .equals = public_key_equals, - .get_keysize = _get_keysize, - .get_fingerprint = _get_fingerprint, - .has_fingerprint = public_key_has_fingerprint, - .get_encoding = _get_encoding, - .get_ref = _get_ref, - .destroy = _destroy, - }, - }, - .ref = 1, - ); - - parser = asn1_parser_create(pubkeyObjects, blob); - - while (parser->iterate(parser, &objectID, &object)) - { - switch (objectID) - { - case BLISS_SUBJECT_PUBLIC_KEY_ALGORITHM: - { - oid = asn1_parse_algorithmIdentifier(object, - parser->get_level(parser)+1, ¶m); - if (oid != OID_BLISS_PUBLICKEY) - { - goto end; - } - if (!asn1_parse_simple_object(¶m, ASN1_OID, - parser->get_level(parser)+3, "blissKeyType")) - { - goto end; - } - oid = asn1_known_oid(param); - if (oid == OID_UNKNOWN) - { - goto end; - } - this->set = bliss_param_set_get_by_oid(oid); - if (this->set == NULL) - { - goto end; - } - break; - } - case BLISS_SUBJECT_PUBLIC_KEY: - if (!bliss_public_key_from_asn1(object, this->set, &this->A)) - { - goto end; - } - this->Ar = malloc(this->set->n * sizeof(uint32_t)); - r2 = this->set->fft_params->r2; - - for (i = 0; i < this->set->n; i++) - { - this->Ar[i] = ntt_fft_mreduce(this->A[i] * r2, - this->set->fft_params); - } - break; - } - } - success = parser->success(parser); - -end: - parser->destroy(parser); - if (!success) - { - destroy(this); - return NULL; - } - - return &this->public; -} - -/** - * See header. - */ -bool bliss_public_key_from_asn1(chunk_t object, const bliss_param_set_t *set, - uint32_t **pubkey) -{ - bliss_bitpacker_t *packer; - uint32_t coefficient; - uint16_t needed_bits; - int i; - - /* skip initial bit string octet defining unused bits */ - object = chunk_skip(object, 1); - - needed_bits = set->n * set->q_bits; - - if (8 * object.len < needed_bits) - { - return FALSE; - } - *pubkey = malloc(set->n * sizeof(uint32_t)); - - packer = bliss_bitpacker_create_from_data(object); - - for (i = 0; i < set->n; i++) - { - packer->read_bits(packer, &coefficient, set->q_bits); - if (coefficient >= set->q) - { - packer->destroy(packer); - return FALSE; - } - (*pubkey)[i] = coefficient; - } - packer->destroy(packer); - - return TRUE; -} - -/** - * See header. - */ -chunk_t bliss_public_key_encode(uint32_t *pubkey, const bliss_param_set_t *set) -{ - bliss_bitpacker_t *packer; - chunk_t encoding; - int i; - - packer = bliss_bitpacker_create(set->n * set->q_bits); - - for (i = 0; i < set->n; i++) - { - packer->write_bits(packer, pubkey[i], set->q_bits); - } - encoding = packer->extract_buf(packer); - packer->destroy(packer); - - return encoding; -} - -/** - * See header. - */ -chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey, - const bliss_param_set_t *set) -{ - chunk_t encoding, pubkey_encoding; - - pubkey_encoding = bliss_public_key_encode(pubkey, set); - - encoding = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_build_known_oid(OID_BLISS_PUBLICKEY), - asn1_build_known_oid(oid)), - asn1_bitstring("m", pubkey_encoding)); - - return encoding; -} - -/** - * See header. - */ -bool bliss_public_key_fingerprint(int oid, uint32_t *pubkey, - const bliss_param_set_t *set, - cred_encoding_type_t type, chunk_t *fp) -{ - hasher_t *hasher; - chunk_t key; - - switch (type) - { - case KEYID_PUBKEY_SHA1: - key = bliss_public_key_encode(pubkey, set); - break; - case KEYID_PUBKEY_INFO_SHA1: - key = bliss_public_key_info_encode(oid, pubkey, set); - break; - default: - return FALSE; - } - - hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); - if (!hasher || !hasher->allocate_hash(hasher, key, fp)) - { - DBG1(DBG_LIB, "SHA1 hash algorithm not supported, fingerprinting failed"); - DESTROY_IF(hasher); - free(key.ptr); - - return FALSE; - } - hasher->destroy(hasher); - free(key.ptr); - - return TRUE; -} - diff --git a/src/libstrongswan/plugins/bliss/bliss_public_key.h b/src/libstrongswan/plugins/bliss/bliss_public_key.h deleted file mode 100644 index 4318661ec2..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_public_key.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_public_key bliss_public_key - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_PUBLIC_KEY_H_ -#define BLISS_PUBLIC_KEY_H_ - -#include "bliss_param_set.h" - -#include -#include -#include - -typedef struct bliss_public_key_t bliss_public_key_t; - -/** - * public_key_t implementation of BLISS signature algorithm - */ -struct bliss_public_key_t { - - /** - * Implements the public_key_t interface - */ - public_key_t key; -}; - -/** - * Load a BLISS public key. - * - * Accepts BUILD_BLISS_* components. - * - * @param type type of the key, must be KEY_BLISS - * @param args builder_part_t argument list - * @return loaded key, NULL on failure - */ -bliss_public_key_t *bliss_public_key_load(key_type_t type, va_list args); - -/* The following functions are shared with the bliss_private_key class */ - -/** - * Parse an ASN.1 BIT STRING into an array of public key coefficients - * - * @param object packed subjectPublicKey - * @param set BLISS parameter set for public key vector - * @param pubkey coefficients of public key vector - * @return TRUE if parsing successful - */ -bool bliss_public_key_from_asn1(chunk_t object, const bliss_param_set_t *set, - uint32_t **pubkey); - -/** - * Encode a raw BLISS subjectPublicKey in ASN.1 DER format - * - * @param pubkey coefficients of public key vector - * @param set BLISS parameter set for the public key vector - * @result ASN.1 encoded subjectPublicKey - */ -chunk_t bliss_public_key_encode(uint32_t *pubkey, const bliss_param_set_t *set); - -/** - * Encode a BLISS subjectPublicKeyInfo record in ASN.1 DER format - * - * @param oid BLISS public key type OID - * @param pubkey coefficients of public key vector - * @param set BLISS parameter set for the public key vector - * @result ASN.1 encoded subjectPublicKeyInfo record - */ -chunk_t bliss_public_key_info_encode(int oid, uint32_t *pubkey, - const bliss_param_set_t *set); - -/** - * Generate a BLISS public key fingerprint - * - * @param oid BLISS public key type OID - * @param pubkey coefficients of public key vector - * @param set BLISS parameter set for the public key vector - * @param type type of fingerprint to be generated - * @param fp generated fingerprint (must be freed by caller) - * @result TRUE if generation was successful - */ -bool bliss_public_key_fingerprint(int oid, uint32_t *pubkey, - const bliss_param_set_t *set, - cred_encoding_type_t type, chunk_t *fp); - -#endif /** BLISS_PUBLIC_KEY_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_sampler.c b/src/libstrongswan/plugins/bliss/bliss_sampler.c deleted file mode 100644 index e0d0b28dd1..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_sampler.c +++ /dev/null @@ -1,252 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_sampler.h" - -typedef struct private_bliss_sampler_t private_bliss_sampler_t; - -#include - -/** - * Private data of a bliss_sampler_t object. - */ -struct private_bliss_sampler_t { - - /** - * Public interface. - */ - bliss_sampler_t public; - - /** - * BLISS parameter the rejection sampling is to be based on - */ - const bliss_param_set_t *set; - - /** - * Bitspender used for random rejection sampling - */ - xof_bitspender_t *bitspender; - -}; - -METHOD(bliss_sampler_t, bernoulli_exp, bool, - private_bliss_sampler_t *this, uint32_t x, bool *accepted) -{ - uint32_t x_mask; - uint8_t u; - const uint8_t *c; - int i; - - x_mask = 1 << (this->set->c_rows - 1); - c = this->set->c; - c += (this->set->c_rows - 1) * this->set->c_cols; - - while (x_mask > 0) - { - if (x & x_mask) - { - for (i = 0; i < this->set->c_cols; i++) - { - if (!this->bitspender->get_byte(this->bitspender, &u)) - { - return FALSE; - } - if (u < c[i]) - { - break; - } - else if (u > c[i]) - { - *accepted = FALSE; - return TRUE; - } - } - } - x_mask >>= 1; - c -= this->set->c_cols; - } - - *accepted = TRUE; - return TRUE; -} - -METHOD(bliss_sampler_t, bernoulli_cosh, bool, - private_bliss_sampler_t *this, int32_t x, bool *accepted) -{ - uint32_t u; - - x = 2 * (x < 0 ? -x : x); - - while (TRUE) - { - if (!bernoulli_exp(this, x, accepted)) - { - return FALSE; - } - if (*accepted) - { - return TRUE; - } - if (!this->bitspender->get_bits(this->bitspender, 1, &u)) - { - return FALSE; - } - if (u) - { - continue; - } - if (!bernoulli_exp(this, x, accepted)) - { - return FALSE; - } - if (!(*accepted)) - { - return TRUE; - } - } -} - -#define MAX_SAMPLE_INDEX 16 - -METHOD(bliss_sampler_t, pos_binary, bool, - private_bliss_sampler_t *this, uint32_t *x) -{ - uint32_t u, i; - - while (TRUE) - { - for (i = 0; i <= MAX_SAMPLE_INDEX; i++) - { - if (!this->bitspender->get_bits(this->bitspender, - i ? (2*i - 1) : 1, &u)) - { - return FALSE; - } - if (u == 0) - { - *x = i; - return TRUE; - } - if ((u >> 1) != 0) - { - break; - } - } - if (i > MAX_SAMPLE_INDEX) - { - return FALSE; - } - } -} - -METHOD(bliss_sampler_t, gaussian, bool, - private_bliss_sampler_t *this, int32_t *z) -{ - uint32_t u, x, y, z_pos; - bool accepted; - - while (TRUE) - { - if (!pos_binary(this, &x)) - { - return FALSE; - } - - do - { - if (!this->bitspender->get_bits(this->bitspender, - this->set->k_sigma_bits, &y)) - { - return FALSE; - } - } - while (y >= this->set->k_sigma); - - if (!bernoulli_exp(this, y * (y + 2*this->set->k_sigma * x), &accepted)) - { - return FALSE; - } - if (accepted) - { - if (!this->bitspender->get_bits(this->bitspender, 1, &u)) - { - return FALSE; - } - if (x || y || u) - { - break; - } - } - } - - z_pos = this->set->k_sigma * x + y; - *z = u ? z_pos : -z_pos; - - return TRUE; -} - -METHOD(bliss_sampler_t, sign, bool, - private_bliss_sampler_t *this, bool *positive) -{ - uint32_t u; - - if (!this->bitspender->get_bits(this->bitspender, 1, &u)) - { - return FALSE; - } - *positive = u; - - return TRUE; -} - -METHOD(bliss_sampler_t, destroy, void, - private_bliss_sampler_t *this) -{ - this->bitspender->destroy(this->bitspender); - free(this); -} - - -/** - * See header. - */ -bliss_sampler_t *bliss_sampler_create(ext_out_function_t alg, chunk_t seed, - const bliss_param_set_t *set) -{ - private_bliss_sampler_t *this; - xof_bitspender_t *bitspender; - - bitspender = xof_bitspender_create(alg, seed, FALSE); - if (!bitspender) - { - return NULL; - } - - INIT(this, - .public = { - .bernoulli_exp = _bernoulli_exp, - .bernoulli_cosh = _bernoulli_cosh, - .pos_binary = _pos_binary, - .gaussian = _gaussian, - .sign = _sign, - .destroy = _destroy, - }, - .set = set, - .bitspender = bitspender, - ); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_sampler.h b/src/libstrongswan/plugins/bliss/bliss_sampler.h deleted file mode 100644 index d083d70c02..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_sampler.h +++ /dev/null @@ -1,95 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_sampler bliss_sampler - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_SAMPLER_H_ -#define BLISS_SAMPLER_H_ - -typedef struct bliss_sampler_t bliss_sampler_t; - -#include "bliss_param_set.h" - -#include -#include - -/** - * Implementation various rejection sampling algorithms. - */ -struct bliss_sampler_t { - - /** - * Sample according to exp(-x/(2*sigma^2)) - * - * @param x Value to be sampled - * @param accepted TRUE if value is accepted, FALSE if rejected - * @result TRUE if sampling was successful - */ - bool (*bernoulli_exp)(bliss_sampler_t *this, uint32_t x, bool *accepted); - - /** - * Sample according to 1/cosh(x/sigma^2) - * - * @param x Value to be sampled - * @param accepted TRUE if value is accepted, FALSE if rejected - * @result TRUE if sampling was successful - */ - bool (*bernoulli_cosh)(bliss_sampler_t *this, int32_t x, bool *accepted); - - /** - * Sample according to 2^(-x^2) for positive x - * - * @param x Generated value - * @result TRUE if sampling was successful - */ - bool (*pos_binary)(bliss_sampler_t *this, uint32_t *x); - - /** - * Sample according to the Gaussian distribution exp(-x^2/(2*sigma^2)) - * - * @param z Generated value with Gaussian distribution - * @result TRUE if sampling was successful - */ - bool (*gaussian)(bliss_sampler_t *this, int32_t *z); - - /** - * Sample the sign according to the binary distribution - * - * @param positive TRUE if positive - * @result TRUE if sampling was successful - */ - bool (*sign)(bliss_sampler_t *this, bool *positive); - - /** - * Destroy bliss_sampler_t object - */ - void (*destroy)(bliss_sampler_t *this); -}; - -/** - * Create a bliss_sampler_t object. - * - * @param alg XOF to be used for the internal bitspender - * @param seed Seed used to initialize the internal bitspender - * @param set BLISS parameter set to be used - */ -bliss_sampler_t *bliss_sampler_create(ext_out_function_t alg, chunk_t seed, - const bliss_param_set_t *set); - -#endif /** BLISS_SAMPLER_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_signature.c b/src/libstrongswan/plugins/bliss/bliss_signature.c deleted file mode 100644 index 242a120bce..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_signature.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_signature.h" -#include "bliss_bitpacker.h" -#include "bliss_huffman_coder.h" - - -typedef struct private_bliss_signature_t private_bliss_signature_t; - -/** - * Private data of a bliss_signature_t object. - */ -struct private_bliss_signature_t { - /** - * Public interface for this signer. - */ - bliss_signature_t public; - - /** - * BLISS signature parameter set - */ - const bliss_param_set_t *set; - - /** - * BLISS signature vector z1 of size n - */ - int32_t *z1; - - /** - * BLISS signature vector z2d of size n - */ - int16_t *z2d; - - /** - * Indices of sparse BLISS challenge vector c of size kappa - */ - uint16_t *c_indices; - -}; - -METHOD(bliss_signature_t, get_encoding, chunk_t, - private_bliss_signature_t *this) -{ - bliss_bitpacker_t *packer; - bliss_huffman_coder_t *coder; - bliss_huffman_code_t *code; - int32_t z1; - uint32_t z1_sign; - uint16_t z2d_bits; - chunk_t encoding = chunk_empty; - int i; - - z2d_bits = this->set->z1_bits - this->set->d; - - /* Get Huffman code for this BLISS parameter set */ - code = bliss_huffman_code_get_by_id(this->set->id); - if (!code) - { - DBG1(DBG_LIB, "no Huffman code found for parameter set %N", - bliss_param_set_id_names, this->set->id); - return chunk_empty; - } - - packer = bliss_bitpacker_create(this->set->n * this->set->z1_bits + - this->set->n * z2d_bits + - this->set->kappa * this->set->n_bits); - coder = bliss_huffman_coder_create(code, packer); - - for (i = 0; i < this->set->n; i++) - { - /* determine and remove the sign of z1[i]*/ - z1_sign = this->z1[i] < 0; - z1 = z1_sign ? -this->z1[i] : this->z1[i]; - - if (!packer->write_bits(packer, z1_sign, 1) || - !packer->write_bits(packer, z1 & 0xff, 8) || - !coder->encode(coder, z1 >> 8, this->z2d[i])) - { - goto end; - } - } - for (i = 0; i < this->set->kappa; i++) - { - if (!packer->write_bits(packer, this->c_indices[i], this->set->n_bits)) - { - goto end; - } - } - encoding = packer->extract_buf(packer); - - DBG2(DBG_LIB, "efficiency of Huffman coder is %6.4f bits/tuple (%u bits)", - coder->get_bits(coder)/(double)(this->set->n), - coder->get_bits(coder)); - DBG2(DBG_LIB, "generated BLISS signature (%u bits encoded in %u bytes)", - packer->get_bits(packer), encoding.len); - - end: - coder->destroy(coder); - packer->destroy(packer); - return encoding; -} - -METHOD(bliss_signature_t, get_parameters, void, - private_bliss_signature_t *this, int32_t **z1, int16_t **z2d, - uint16_t **c_indices) -{ - *z1 = this->z1; - *z2d = this->z2d; - *c_indices = this->c_indices; -} - -METHOD(bliss_signature_t, destroy, void, - private_bliss_signature_t *this) -{ - free(this->z1); - free(this->z2d); - free(this->c_indices); - free(this); -} - -/** - * See header. - */ -bliss_signature_t *bliss_signature_create(const bliss_param_set_t *set) -{ - private_bliss_signature_t *this; - - INIT(this, - .public = { - .get_encoding = _get_encoding, - .get_parameters = _get_parameters, - .destroy = _destroy, - }, - .set = set, - .z1 = malloc(set->n * sizeof(int32_t)), - .z2d = malloc(set->n * sizeof(int16_t)), - .c_indices = malloc(set->n * sizeof(uint16_t)), - ); - - return &this->public; -} - -/** - * See header. - */ -bliss_signature_t *bliss_signature_create_from_data(const bliss_param_set_t *set, - chunk_t encoding) -{ - private_bliss_signature_t *this; - bliss_bitpacker_t *packer; - bliss_huffman_coder_t *coder; - bliss_huffman_code_t *code; - uint32_t z1_sign, z1_low, value; - int32_t z1; - int16_t z2; - int i; - - /* Get Huffman code for this BLISS parameter set */ - code = bliss_huffman_code_get_by_id(set->id); - if (!code) - { - DBG1(DBG_LIB, "no Huffman code found for parameter set %N", - bliss_param_set_id_names, set->id); - return NULL; - } - - if (encoding.len == 0) - { - DBG1(DBG_LIB, "zero length BLISS signature"); - return NULL; - } - - INIT(this, - .public = { - .get_encoding = _get_encoding, - .get_parameters = _get_parameters, - .destroy = _destroy, - }, - .set = set, - .z1 = malloc(set->n * sizeof(int32_t)), - .z2d = malloc(set->n * sizeof(int16_t)), - .c_indices = malloc(set->n * sizeof(uint16_t)), - ); - - packer = bliss_bitpacker_create_from_data(encoding); - coder = bliss_huffman_coder_create(code, packer); - - for (i = 0; i < set->n; i++) - { - if (!packer->read_bits(packer, &z1_sign, 1) || - !packer->read_bits(packer, &z1_low, 8) || - !coder->decode(coder, &z1, &z2)) - { - DBG1(DBG_LIB, "truncated BLISS signature encoding of z1/z2"); - coder->destroy(coder); - packer->destroy(packer); - destroy(this); - return NULL; - } - z1 = (z1 << 8) + z1_low; - this->z1[i] = z1_sign ? -z1 : z1; - this->z2d[i] = z2; - } - coder->destroy(coder); - - for (i = 0; i < set->kappa; i++) - { - if (!packer->read_bits(packer, &value, set->n_bits)) - { - DBG1(DBG_LIB, "truncated BLISS signature encoding of c_indices"); - packer->destroy(packer); - destroy(this); - return NULL; - } - this->c_indices[i] = value; - } - packer->destroy(packer); - - return &this->public; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_signature.h b/src/libstrongswan/plugins/bliss/bliss_signature.h deleted file mode 100644 index 52478e235d..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_signature.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_signature bliss_signature - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_SIGNATURE_H_ -#define BLISS_SIGNATURE_H_ - -typedef struct bliss_signature_t bliss_signature_t; - -#include "bliss_param_set.h" - -#include - -/** - * Public interface of BLISS signature object - */ -struct bliss_signature_t { - - /** - * Get compressed binary encoding of BLISS signature - * - * @result binary encoding of BLISS signature - */ - chunk_t (*get_encoding)(bliss_signature_t *this); - - /** - * Get signature parameters extracted from compressed binary encoding - * - * @param z1 signature vector z1 of size n - * @param z2d signature vector z2d of size n - * @param c_indices indices of sparse binary challenge vector of size kappa - */ - void (*get_parameters)(bliss_signature_t *this, int32_t **z1, int16_t **z2d, - uint16_t **c_indices); - - /** - * Destroy bliss_signature_t object - */ - void (*destroy)(bliss_signature_t *this); - -}; - -/** - * Create a BLISS signature object. - * - * @param set BLISS parameter set - */ -bliss_signature_t *bliss_signature_create(const bliss_param_set_t *set); - -/** - * Create a BLISS signature object from encoding. - * - * @param set BLISS parameter set - * @param encoding binary signature encoding - */ -bliss_signature_t *bliss_signature_create_from_data(const bliss_param_set_t *set, - chunk_t encoding); - -#endif /** BLISS_SIGNATURE_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/bliss_utils.c b/src/libstrongswan/plugins/bliss/bliss_utils.c deleted file mode 100644 index 62ee321805..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_utils.c +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "bliss_utils.h" - -#include -#include -#include -#include - -/** - * See header. - */ -int32_t bliss_utils_scalar_product(int32_t *x, int32_t *y, int n) -{ - int32_t product = 0; - int i; - - for (i = 0; i < n; i++) - { - product += x[i] * y[i]; - } - - return product; -} - -/** - * See header. - */ -void bliss_utils_round_and_drop(const bliss_param_set_t *set, - int32_t *x, int16_t *xd) -{ - int32_t factor; - int i; - - factor = 1 << set->d; - - for (i = 0; i < set->n; i++) - { - xd[i] = ((x[i] + (factor >> 1)) / factor) % set->p; - } -} - -/** - * See header. - */ -bool bliss_utils_generate_c(ext_out_function_t alg, chunk_t data_hash, - uint16_t *ud, const bliss_param_set_t *set, - uint16_t *c_indices) -{ - int i, index_trials = 0, index_found = 0; - bool index_taken[set->n]; - uint32_t index; - uint8_t *seed_pos; - chunk_t seed; - xof_bitspender_t *bitspender; - - seed = chunk_alloca(data_hash.len + set->n * sizeof(uint16_t)); - - /* the data hash makes up the first part of the oracle seed */ - memcpy(seed.ptr, data_hash.ptr, data_hash.len); - seed_pos = seed.ptr + data_hash.len; - - /* followed by the n elements of the ud vector in network order */ - for (i = 0; i < set->n; i++) - { - htoun16(seed_pos, ud[i]); - seed_pos += sizeof(uint16_t); - } - - bitspender = xof_bitspender_create(alg, seed, FALSE); - if (!bitspender) - { - return NULL; - } - - for (i = 0; i < set->n; i++) - { - index_taken[i] = FALSE; - } - - DBG3(DBG_LIB, " i c_index[i]"); - while (bitspender->get_bits(bitspender, set->n_bits, &index)) - { - index_trials++; - - if (!index_taken[index]) - { - DBG3(DBG_LIB, "%2u %8u", index_found, index); - c_indices[index_found++] = index; - index_taken[index] = TRUE; - - if (index_found == set->kappa) - { - DBG3(DBG_LIB, "%2d index trials", index_trials); - bitspender->destroy(bitspender); - return TRUE; - } - } - } - - bitspender->destroy(bitspender); - return FALSE; -} - -/** - * See header. - */ -bool bliss_utils_check_norms(const bliss_param_set_t *set, - int32_t *z1, int16_t *z2d) -{ - int32_t z2ds[set->n]; - int32_t z1_min, z1_max, norm; - int16_t z2d_min, z2d_max; - int i; - - /* some statistics on the values of z1 and z2d */ - z1_min = z1_max = z1[0]; - z2d_min = z2d_max = z2d[0]; - - for (i = 1; i < set->n; i++) - { - if (z1[i] < z1_min) - { - z1_min = z1[i]; - } - else if (z1[i] > z1_max) - { - z1_max = z1[i]; - } - if (z2d[i] < z2d_min) - { - z2d_min = z2d[i]; - } - else if (z2d[i] > z2d_max) - { - z2d_max = z2d[i]; - } - } - DBG2(DBG_LIB, "z1 = %d..%d, z2d = %d..%d", z1_min, z1_max, z2d_min, z2d_max); - - /* Restriction on infinite norm */ - for (i = 0; i < set->n; i++) - { - z2ds[i] = (1 << set->d) * z2d[i]; - - if (z1[i] >= set->B_inf || z2ds[i] >= set->B_inf || - z1[i] <= -set->B_inf || z2ds[i] <= -set->B_inf) - { - DBG2(DBG_LIB, "signature rejected due to excessive infinite norm"); - return FALSE; - } - } - - /* Restriction on l2-norm */ - norm = bliss_utils_scalar_product(z1, z1, set->n) + - bliss_utils_scalar_product(z2ds, z2ds, set->n); - - if (norm >= set->B_l2) - { - DBG2(DBG_LIB, "signature rejected due to excessive l2-norm"); - return FALSE; - } - - return TRUE; -} diff --git a/src/libstrongswan/plugins/bliss/bliss_utils.h b/src/libstrongswan/plugins/bliss/bliss_utils.h deleted file mode 100644 index 5f26af6dd5..0000000000 --- a/src/libstrongswan/plugins/bliss/bliss_utils.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup bliss_utils bliss_utils - * @{ @ingroup bliss_p - */ - -#ifndef BLISS_UTILS_H_ -#define BLISS_UTILS_H_ - -#include "bliss_param_set.h" - -#include - -/** - * Compute the scalar product of two vectors of size n - * - * @param x input vector of size n - * @param y input vector of size n - * @param n size of input vectors x and y - * @result scalar product of x and y - */ -int32_t bliss_utils_scalar_product(int32_t *x, int32_t *y, int n); - -/** - * Drop d bits but round first - * - * @param set BLISS parameter set - * @param x input vector x of size n - * @param xd rounded vector x with d bits dropped - */ -void bliss_utils_round_and_drop(const bliss_param_set_t *set, - int32_t *x, int16_t *xd); - -/** - * Generate the binary challenge vector c as an array of kappa indices - * - * @param alg XOF to be used for the internal oracle - * @param data_hash hash of the data to be signed - * @param ud input vector ud of size n - * @param set BLISS parameter set to be used (n, n_bits, kappa) - * @param c_indices indexes of non-zero challenge coefficients - */ -bool bliss_utils_generate_c(ext_out_function_t alg, chunk_t data_hash, - uint16_t *ud, const bliss_param_set_t *set, - uint16_t *c_indices); - -/** - * Check the infinity and l2 norms of the vectors z1 and z2d << d - * - * @param set BLISS parameter set - * @param z1 input vector - * @param z2d input vector - * @result TRUE if infinite and l2 norms do not exceed boundaries - */ -bool bliss_utils_check_norms(const bliss_param_set_t *set, - int32_t *z1, int16_t *z2d); - -#endif /** BLISS_UTILS_H_ @}*/ diff --git a/src/libstrongswan/plugins/bliss/tests/.gitignore b/src/libstrongswan/plugins/bliss/tests/.gitignore deleted file mode 100644 index 94f77f0f9e..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/.gitignore +++ /dev/null @@ -1 +0,0 @@ -bliss_tests diff --git a/src/libstrongswan/plugins/bliss/tests/Makefile.am b/src/libstrongswan/plugins/bliss/tests/Makefile.am deleted file mode 100644 index 1ec8d551f1..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/Makefile.am +++ /dev/null @@ -1,28 +0,0 @@ -TESTS = bliss_tests - -check_PROGRAMS = $(TESTS) - -bliss_tests_SOURCES = \ - suites/test_bliss_bitpacker.c \ - suites/test_bliss_huffman.c \ - suites/test_bliss_keys.c \ - suites/test_bliss_sampler.c \ - suites/test_bliss_signature.c \ - suites/test_bliss_sign.c \ - bliss_tests.h bliss_tests.c - -bliss_tests_CFLAGS = \ - -I$(top_srcdir)/src/libstrongswan \ - -I$(top_srcdir)/src/libstrongswan/tests \ - -I$(top_srcdir)/src/libstrongswan/math/libnttfft \ - -I$(top_srcdir)/src/libstrongswan/plugins/bliss \ - -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \ - -DPLUGINS=\""${s_plugins}\"" \ - @COVERAGE_CFLAGS@ - -bliss_tests_LDFLAGS = @COVERAGE_LDFLAGS@ -bliss_tests_LDADD = \ - $(top_builddir)/src/libstrongswan/libstrongswan.la \ - $(top_builddir)/src/libstrongswan/tests/libtest.la \ - $(top_builddir)/src/libstrongswan/math/libnttfft/libnttfft.la \ - ../libbliss.la diff --git a/src/libstrongswan/plugins/bliss/tests/bliss_tests.c b/src/libstrongswan/plugins/bliss/tests/bliss_tests.c deleted file mode 100644 index 9e85c5e2f5..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/bliss_tests.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include - -#include - -/* declare test suite constructors */ -#define TEST_SUITE(x) test_suite_t* x(); -#include "bliss_tests.h" -#undef TEST_SUITE - -static test_configuration_t tests[] = { -#define TEST_SUITE(x) \ - { .suite = x, }, -#include "bliss_tests.h" - { .suite = NULL, } -}; - -static bool test_runner_init(bool init) -{ - if (init) - { - char *plugins, *plugindir; - - plugins = lib->settings->get_str(lib->settings, - "tests.load", PLUGINS); - plugindir = lib->settings->get_str(lib->settings, - "tests.plugindir", PLUGINDIR); - plugin_loader_add_plugindirs(plugindir, plugins); - if (!lib->plugins->load(lib->plugins, plugins)) - { - return FALSE; - } - } - else - { - lib->processor->set_threads(lib->processor, 0); - lib->processor->cancel(lib->processor); - lib->plugins->unload(lib->plugins); - } - return TRUE; -} - -int main(int argc, char *argv[]) -{ - return test_runner_run("bliss", tests, test_runner_init); -} diff --git a/src/libstrongswan/plugins/bliss/tests/bliss_tests.h b/src/libstrongswan/plugins/bliss/tests/bliss_tests.h deleted file mode 100644 index efdde84d52..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/bliss_tests.h +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Copyright (C) 2014-2016 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -TEST_SUITE(bliss_bitpacker_suite_create) -TEST_SUITE(bliss_huffman_suite_create) -TEST_SUITE(bliss_keys_suite_create) -TEST_SUITE(bliss_sampler_suite_create) -TEST_SUITE(bliss_signature_suite_create) -TEST_SUITE(bliss_sign_suite_create) - diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_bitpacker.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_bitpacker.c deleted file mode 100644 index a9ec2fde09..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_bitpacker.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -static uint32_t bits[] = { 0, 1, 2, 3, 4, 7, 1, 14, 2, 29, 3, 28, 67, 0x2fe3a9c1}; - -static chunk_t packed_bits = chunk_from_chars(0x6e, 0x71, 0xe1, 0x74, - 0x37, 0x21, 0x97, 0xf1, - 0xd4, 0xe0, 0x80); - -START_TEST(test_bliss_sign_bitpacker_write) -{ - chunk_t buf; - bliss_bitpacker_t *packer; - int i; - - packer = bliss_bitpacker_create(81); - - for (i = 0; i < 13; i++) - { - ck_assert(packer->write_bits(packer, bits[i], 1 + i/2)); - } - ck_assert(packer->write_bits(packer, bits[13], 32)); - - buf = packer->extract_buf(packer); - ck_assert_int_eq(packer->get_bits(packer), 81); - ck_assert_chunk_eq(buf, packed_bits); - - packer->destroy(packer); - free(buf.ptr); -} -END_TEST - -START_TEST(test_bliss_sign_bitpacker_read) -{ - uint32_t value; - bliss_bitpacker_t *packer; - int i; - - packer = bliss_bitpacker_create_from_data(packed_bits); - - ck_assert(!packer->read_bits(packer, &value, 33)); - - for (i = 0; i < 13; i++) - { - ck_assert(packer->read_bits(packer, &value, 1 + i/2)); - ck_assert_int_eq(value, bits[i]); - } - ck_assert(packer->read_bits(packer, &value, 32)); - ck_assert_int_eq(value, bits[13]); - - packer->destroy(packer); -} -END_TEST - -START_TEST(test_bliss_sign_bitpacker_fail) -{ - bliss_bitpacker_t *packer; - uint32_t value; - - packer = bliss_bitpacker_create(32); - ck_assert( packer->write_bits(packer, 0xff, 0)); - ck_assert(!packer->write_bits(packer, 0, 33)); - ck_assert( packer->write_bits(packer, 0x7f2a3b01, 31)); - ck_assert(!packer->write_bits(packer, 3, 2)); - packer->destroy(packer); - - packer = bliss_bitpacker_create_from_data( - chunk_from_chars(0x7f, 0x2a, 0x3b, 0x01)); - ck_assert(!packer->read_bits(packer, &value, 33)); - ck_assert( packer->read_bits(packer, &value, 31)); - ck_assert(!packer->read_bits(packer, &value, 2)); - packer->destroy(packer); -} -END_TEST - -Suite *bliss_bitpacker_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_bitpacker"); - - tc = tcase_create("bitpacker_write"); - tcase_add_test(tc, test_bliss_sign_bitpacker_write); - suite_add_tcase(s, tc); - - tc = tcase_create("bitpacker_read"); - tcase_add_test(tc, test_bliss_sign_bitpacker_read); - suite_add_tcase(s, tc); - - tc = tcase_create("bitpacker_fail"); - tcase_add_test(tc, test_bliss_sign_bitpacker_fail); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_huffman.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_huffman.c deleted file mode 100644 index 4c4df4c473..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_huffman.c +++ /dev/null @@ -1,123 +0,0 @@ -/* - * Copyright (C) 2015 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -static chunk_t data = chunk_from_chars(0x5f, 0x71, 0x9e, 0x4c); - -START_TEST(test_bliss_huffman_encode) -{ - bliss_bitpacker_t *packer; - bliss_huffman_code_t *code; - bliss_huffman_coder_t *coder; - chunk_t encoding; - - packer = bliss_bitpacker_create(32); - ck_assert(packer); - - code = bliss_huffman_code_get_by_id(BLISS_B_I); - ck_assert(code); - - coder = bliss_huffman_coder_create(code, packer); - ck_assert(coder); - - ck_assert( coder->encode(coder, 0, 0)); /* 0 */ - ck_assert( coder->encode(coder, 1, 0)); /* 10 */ - ck_assert( coder->encode(coder, 2, 0)); /* 111 */ - ck_assert( coder->encode(coder, 0, 1)); /* 1101 */ - ck_assert( coder->encode(coder, 0, -1)); /* 11000 */ - ck_assert( coder->encode(coder, 1, 1)); /* 110011 */ - ck_assert( coder->encode(coder, 1, -1)); /* 1100100 */ - ck_assert(!coder->encode(coder, 3, 0)); /* 11001010 */ - ck_assert(!coder->encode(coder, 8, 0)); /* - */ - - encoding = packer->extract_buf(packer); - ck_assert(chunk_equals(encoding, data)); - - chunk_free(&encoding); - coder->destroy(coder); - packer->destroy(packer); -} -END_TEST - -START_TEST(test_bliss_huffman_decode) -{ - bliss_bitpacker_t *packer; - bliss_huffman_code_t *code; - bliss_huffman_coder_t *coder; - int32_t z1; - int16_t z2; - - packer = bliss_bitpacker_create_from_data(data); - ck_assert(packer); - - code = bliss_huffman_code_get_by_id(BLISS_II); - ck_assert(!code); - code = bliss_huffman_code_get_by_id(BLISS_B_II); - ck_assert(!code); - code = bliss_huffman_code_get_by_id(BLISS_B_I); - ck_assert(code); - - coder = bliss_huffman_coder_create(code, packer); - ck_assert(coder); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 0 */ - ck_assert(z1 == 0 && z2 == 0); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 10 */ - ck_assert(z1 == 1 && z2 == 0); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 111 */ - ck_assert(z1 == 2 && z2 == 0); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 1101 */ - ck_assert(z1 == 0 && z2 == 1); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 11000 */ - ck_assert(z1 == 0 && z2 == -1); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 110011 */ - ck_assert(z1 == 1 && z2 == 1); - - ck_assert(coder->decode(coder, &z1, &z2)); /* 1100100 */ - ck_assert(z1 == 1 && z2 == -1); - - ck_assert(!coder->decode(coder, &z1, &z2)); /* 11001010 */ - - coder->destroy(coder); - packer->destroy(packer); -} -END_TEST - -Suite *bliss_huffman_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_huffman"); - - tc = tcase_create("huffman_encode"); - tcase_add_test(tc, test_bliss_huffman_encode); - suite_add_tcase(s, tc); - - tc = tcase_create("huffman_decode"); - tcase_add_test(tc, test_bliss_huffman_decode); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_keys.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_keys.c deleted file mode 100644 index abfd38e11a..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_keys.c +++ /dev/null @@ -1,250 +0,0 @@ -/* - * Copyright (C) 2015 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include -#include - -static chunk_t privkey_chunk[] = { - {NULL, 0}, - chunk_from_chars(0x30, 0x00), - chunk_from_chars(0x30, 0x01), - chunk_from_chars(0x30, 0x03, 0x06, 0x01, 0x01), - chunk_from_chars(0x30, 0x0d, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, - 0xa0, 0x2a, 0x05, 0x02, 0x06), - chunk_from_chars(0x30, 0x0f, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, - 0xa0, 0x2a, 0x05, 0x02, 0x05, 0x03, 0x00), - chunk_from_chars(0x30, 0x82, 0x04, 0x9a, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x02, 0x05, 0x03, 0x82, 0x03, - 0x81, 0x00, 0x81, 0xe5, 0xd2, 0x71, 0xeb, 0x98, 0xe5, 0x24, - 0x34, 0xe4, 0x8a, 0x27, 0x23, 0x7d, 0x7d, 0x2c, 0xa3, 0xa7, - 0x3f, 0x87, 0xad, 0xae, 0xfa, 0xe4, 0x66, 0x1c, 0xef, 0x69, - 0x63, 0x5e, 0x91, 0xda, 0x41, 0x45, 0xd5, 0x8a, 0xb5, 0x26, - 0x33, 0x32, 0xe0, 0xa2, 0x9b, 0x52, 0x5e, 0x49, 0x5d, 0x0d, - 0x62, 0x72, 0x68, 0xa5, 0x94, 0x24, 0x03, 0x98, 0x48, 0x60, - 0x4a, 0x98, 0x97, 0x0d, 0x60, 0x7d, 0x00, 0x4f, 0xb9, 0xaf, - 0xcb, 0x6b, 0x41, 0x3d, 0x5b, 0xe4, 0x3e, 0x9a, 0xee, 0x06, - /* 100 */ 0xa1, 0xd0, 0x93, 0x53, 0x88, 0x58, 0x83, 0xb2, 0x44, 0xa1, - 0x16, 0x58, 0x3d, 0x32, 0xa1, 0x29, 0x85, 0x1a, 0x24, 0xc8, - 0xb8, 0x8c, 0x1f, 0x43, 0xbb, 0x4b, 0xdd, 0x8e, 0x72, 0xd3, - 0xf4, 0xfc, 0x02, 0x69, 0x47, 0xa5, 0x9d, 0xd0, 0xfc, 0xa6, - 0x94, 0x2e, 0x02, 0x6d, 0x85, 0x2c, 0x6d, 0xe3, 0x91, 0xd5, - 0xf1, 0x54, 0xbd, 0x1e, 0x63, 0x6b, 0xee, 0x28, 0xf9, 0xc6, - 0xec, 0x05, 0x99, 0xd5, 0xdd, 0xe5, 0x72, 0x9b, 0xbc, 0xa7, - 0x5a, 0x4a, 0x46, 0x3e, 0xec, 0xd7, 0x0b, 0xc5, 0x23, 0x00, - 0xdc, 0x08, 0x09, 0x57, 0x44, 0x2e, 0x43, 0x0f, 0xea, 0xca, - 0x2a, 0x31, 0xbe, 0xf3, 0x04, 0x8f, 0x8b, 0xa6, 0x3c, 0x35, - /* 200 */ 0x80, 0x2b, 0xe2, 0x18, 0x22, 0xfd, 0xe9, 0x39, 0x57, 0xed, - 0x77, 0x1d, 0x32, 0x02, 0x48, 0x2c, 0x85, 0x53, 0x9f, 0x4a, - 0xd8, 0x86, 0x4d, 0xd2, 0x26, 0x19, 0x12, 0x19, 0xa2, 0xb5, - 0xdf, 0x02, 0x50, 0xe4, 0x32, 0x9a, 0x27, 0xd0, 0x9e, 0x49, - 0x4a, 0x13, 0x9a, 0xfc, 0x07, 0x98, 0x60, 0x65, 0xf4, 0xc1, - 0x6c, 0x9a, 0x15, 0x28, 0x74, 0x5c, 0xd0, 0xa8, 0xe6, 0x2e, - 0x1f, 0xe9, 0xe6, 0x2b, 0xc8, 0x46, 0xe9, 0x26, 0xb0, 0xf0, - 0x8a, 0xe6, 0x8c, 0x9b, 0xbf, 0x64, 0xa0, 0x59, 0x33, 0x4f, - 0xc0, 0x0c, 0x16, 0x72, 0x89, 0x79, 0x2a, 0x3a, 0x5e, 0x3d, - 0x40, 0xbb, 0x73, 0xa9, 0xc0, 0x52, 0x70, 0x57, 0x06, 0xc1, - /* 300 */ 0xe7, 0x70, 0xb8, 0x6d, 0x1b, 0x50, 0x61, 0x85, 0xee, 0x3e, - 0xe5, 0x5a, 0x8a, 0x75, 0x9f, 0x1e, 0xb7, 0xea, 0x54, 0x5a, - 0x8f, 0x52, 0xc2, 0xae, 0x2c, 0x7a, 0x58, 0xe6, 0xcb, 0xa6, - 0x9b, 0x68, 0x84, 0x79, 0xf2, 0x82, 0x05, 0x57, 0xaa, 0xd5, - 0x51, 0x82, 0xec, 0x84, 0x63, 0xce, 0xf4, 0xa7, 0xdf, 0x4e, - 0xac, 0x7d, 0xdd, 0xc3, 0x02, 0x68, 0xe0, 0x35, 0xa1, 0x92, - 0x29, 0x02, 0x2c, 0xa0, 0xe4, 0x29, 0x66, 0xd3, 0xe8, 0xd9, - 0x52, 0x0f, 0x3b, 0xec, 0x53, 0x63, 0x57, 0xc3, 0xd2, 0x59, - 0x38, 0xe7, 0x74, 0xf4, 0x1d, 0x03, 0x88, 0x3c, 0xe9, 0x97, - 0x37, 0xd7, 0x12, 0x66, 0x2a, 0xb5, 0xf8, 0xcd, 0x10, 0x87, - /* 400 */ 0x5d, 0x6a, 0x69, 0xbb, 0x9b, 0xc5, 0x55, 0x3c, 0x09, 0x46, - 0x04, 0x57, 0xc0, 0x2f, 0x77, 0x89, 0xe2, 0x88, 0x15, 0x6b, - 0x71, 0x56, 0xe1, 0xa2, 0x30, 0x71, 0x5f, 0x1d, 0x27, 0x12, - 0xbf, 0xc3, 0x55, 0xde, 0xe5, 0x9c, 0x4e, 0xb8, 0xc6, 0xec, - 0x96, 0x3a, 0x5d, 0x6d, 0xe9, 0xd3, 0xf8, 0x28, 0xda, 0x3f, - 0x75, 0x24, 0xd0, 0x34, 0x50, 0xa6, 0x28, 0x65, 0x6a, 0xe9, - 0xa6, 0x89, 0xe5, 0x5d, 0x45, 0xaf, 0x63, 0x34, 0xaf, 0x31, - 0x29, 0x82, 0xe6, 0x03, 0x80, 0x5c, 0x34, 0x28, 0xd1, 0x9f, - 0xca, 0xd3, 0x96, 0xcb, 0x31, 0xde, 0xdb, 0xf0, 0x07, 0x2b, - 0xc5, 0xbc, 0x29, 0xd1, 0x11, 0xf4, 0x23, 0x3b, 0x14, 0xb5, - /* 500 */ 0xa6, 0xf1, 0x02, 0x9e, 0x66, 0xbe, 0xdc, 0xc4, 0xca, 0xf7, - 0xc0, 0x81, 0x92, 0x7c, 0xea, 0xe3, 0x42, 0x54, 0x8a, 0x6f, - 0x0a, 0x2a, 0xa7, 0x2a, 0x92, 0xab, 0x09, 0xb1, 0x61, 0x91, - 0xaa, 0x90, 0x54, 0xa3, 0x76, 0x64, 0xe2, 0xfd, 0x81, 0x9a, - 0x4c, 0x35, 0x11, 0x28, 0xf3, 0x14, 0x97, 0x1b, 0x61, 0xa4, - 0x67, 0x43, 0xae, 0x90, 0x6b, 0xe4, 0x29, 0x34, 0xec, 0x08, - 0xbc, 0x6a, 0x82, 0x45, 0xc7, 0x7d, 0xdc, 0xd0, 0x03, 0x98, - 0x29, 0x63, 0x05, 0x94, 0xb2, 0xb9, 0x04, 0xce, 0x34, 0x9a, - 0x64, 0xae, 0x9a, 0xa9, 0x11, 0xa5, 0x13, 0x07, 0xcc, 0x92, - 0xe9, 0xe5, 0x98, 0x13, 0x13, 0x8f, 0x8b, 0xb2, 0x77, 0x75, - /* 600 */ 0x2a, 0x6f, 0xb1, 0xa6, 0x98, 0xbf, 0x50, 0xaf, 0xa7, 0x15, - 0x2a, 0xe6, 0xdf, 0x41, 0xb6, 0x5e, 0x72, 0xb2, 0x74, 0xf2, - 0x38, 0x88, 0x41, 0x56, 0x53, 0xea, 0x83, 0x23, 0x8a, 0x6d, - 0x6c, 0x64, 0x6c, 0xa6, 0x04, 0x79, 0x51, 0x92, 0x89, 0xbe, - 0x2a, 0x54, 0xd8, 0x5a, 0x8d, 0x5b, 0x9c, 0xfc, 0x62, 0x05, - 0x0f, 0xbd, 0x85, 0x12, 0x57, 0x45, 0x96, 0x2e, 0x8f, 0x76, - 0xd4, 0x33, 0xfb, 0x4a, 0xc2, 0x9f, 0x57, 0x96, 0xb3, 0xa2, - 0xc6, 0xa6, 0x95, 0x3c, 0x9e, 0x7e, 0x15, 0x12, 0xd7, 0xe4, - 0x65, 0x05, 0x5d, 0x72, 0xc2, 0x28, 0x10, 0xa9, 0x68, 0xa9, - 0x01, 0xfe, 0x9e, 0x36, 0x07, 0x80, 0x41, 0xc8, 0xa3, 0x5f, - /* 700 */ 0x18, 0x3b, 0x38, 0x09, 0x95, 0xe2, 0x87, 0xad, 0x03, 0xfd, - 0xdd, 0xa6, 0xe9, 0x8e, 0xa8, 0x3a, 0xc9, 0x45, 0x7b, 0xdc, - 0xc2, 0x6a, 0x30, 0x78, 0xaa, 0xba, 0x32, 0xe9, 0x8a, 0x65, - 0x48, 0x13, 0x5b, 0x29, 0x18, 0x2e, 0x5c, 0x68, 0x8d, 0x71, - 0x01, 0x09, 0xab, 0x7d, 0x1a, 0xe9, 0x09, 0x74, 0x1b, 0xe1, - 0x90, 0x00, 0xb9, 0xda, 0xa3, 0x03, 0xb7, 0x6c, 0xdd, 0x40, - 0xb6, 0xe3, 0xde, 0xa6, 0x7b, 0xe9, 0x3d, 0x41, 0x4d, 0xc7, - 0xad, 0xa5, 0xf9, 0x8b, 0x88, 0xd4, 0x1a, 0x75, 0xb5, 0xb6, - 0x9f, 0x51, 0x9b, 0x8b, 0xd7, 0xa4, 0x02, 0xb0, 0x62, 0x45, - 0xdd, 0x6c, 0x11, 0x35, 0x03, 0x77, 0x1c, 0xdb, 0xc5, 0xac, - /* 800 */ 0x60, 0x37, 0x20, 0x15, 0xaf, 0xbd, 0xae, 0x76, 0x51, 0xd2, - 0xfb, 0x63, 0x23, 0x19, 0x81, 0xa6, 0x59, 0x7b, 0x68, 0x00, - 0x3d, 0x68, 0x89, 0x6b, 0x5a, 0x29, 0xbd, 0x4f, 0xc1, 0x50, - 0xe4, 0x98, 0x85, 0xe6, 0x1a, 0xdd, 0xc8, 0xe4, 0xa1, 0x2b, - 0x99, 0x42, 0x81, 0x4d, 0x07, 0xf4, 0x24, 0x93, 0x88, 0xfe, - 0x40, 0x90, 0x5a, 0x56, 0x0b, 0x7f, 0x8d, 0x14, 0x82, 0x6d, - 0xaf, 0xf6, 0x0a, 0x3d, 0xe6, 0x64, 0xb5, 0x48, 0x01, 0x37, - 0xfe, 0xf3, 0xba, 0x67, 0xcc, 0xd2, 0xba, 0x32, 0x76, 0xe8, - 0xa7, 0x41, 0x1f, 0x2a, 0xfc, 0xa9, 0x72, 0x66, 0xc7, 0xd5, - 0x76, 0x02, 0x6b, 0x77, 0xba, 0x6c, 0xd4, 0x84, 0x68, 0x0e, - /* 900 */ 0x62, 0xc8, 0x43, 0xb0, 0x81, 0xd5, 0x8f, 0xdb, 0x42, 0xc9, - 0xf4, 0xaf, 0x71, 0xbd, 0xb9, 0x6c, 0xd6, 0xdc, 0x03, 0x81, - 0x81, 0x00, 0xc5, 0x10, 0x40, 0x33, 0x0f, 0xc0, 0x14, 0x01, - 0x00, 0x03, 0x0c, 0x0c, 0x00, 0x00, 0x00, 0x4c, 0x0f, 0x10, - 0x03, 0x10, 0x00, 0x00, 0x01, 0xc0, 0x43, 0x40, 0x03, 0x5c, - 0x00, 0x07, 0xc0, 0x51, 0x34, 0x01, 0x30, 0x0c, 0x00, 0x00, - 0x04, 0xc0, 0x3d, 0x40, 0x03, 0x07, 0x40, 0xd3, 0x50, 0x0c, - 0x04, 0x03, 0x00, 0x11, 0x41, 0x30, 0x00, 0xc1, 0xc0, 0xc3, - 0x03, 0x5f, 0x04, 0x30, 0x01, 0x40, 0x40, 0x00, 0x40, 0x40, - 0x10, 0x40, 0x05, 0x05, 0x00, 0x53, 0x00, 0x04, 0x50, 0x00, - /* 1000 */ 0x00, 0x00, 0x0c, 0x00, 0x51, 0x00, 0x00, 0x00, 0x04, 0xc7, - 0x01, 0x50, 0xc0, 0x11, 0x00, 0x04, 0x03, 0xc0, 0x04, 0x00, - 0x70, 0x4c, 0x31, 0x03, 0xc0, 0x40, 0xc4, 0x40, 0x40, 0xc0, - 0x0c, 0x0c, 0xf1, 0x40, 0xc1, 0x31, 0x70, 0x17, 0xc0, 0x30, - 0xc1, 0x04, 0x0c, 0x04, 0x00, 0xc4, 0x01, 0x00, 0x34, 0x00, - 0x03, 0x81, 0x81, 0x00, 0xcc, 0x00, 0x50, 0x30, 0xc4, 0x13, - 0x0f, 0xf0, 0x43, 0x01, 0x33, 0x40, 0x30, 0x01, 0x40, 0x10, - 0x57, 0x04, 0x03, 0x04, 0x10, 0x00, 0xf0, 0x03, 0x04, 0x01, - 0x00, 0x10, 0x34, 0x03, 0xf0, 0x1c, 0x01, 0x40, 0x30, 0xf4, - 0x00, 0x40, 0x34, 0xc3, 0x00, 0x00, 0x01, 0x00, 0x01, 0x10, - /* 1100 */ 0x3f, 0x03, 0x40, 0x00, 0x10, 0x10, 0x00, 0x40, 0x03, 0x00, - 0x03, 0x04, 0x40, 0x03, 0x00, 0x13, 0x03, 0x00, 0xc0, 0x01, - 0x34, 0x01, 0x00, 0x00, 0x10, 0xf4, 0x00, 0xf0, 0x30, 0x00, - 0x00, 0xc3, 0x1c, 0x41, 0x00, 0x40, 0x30, 0x04, 0x10, 0xc4, - 0x11, 0x03, 0x00, 0x10, 0x04, 0x4f, 0x17, 0xc0, 0x00, 0x30, - 0xcd, 0x3c, 0x40, 0xc4, 0x00, 0xf0, 0x00, 0x00, 0x04, 0x30, - 0x0f, 0x31, 0x34, 0xf0, 0x00, 0x07, 0x0c, 0x34, 0x00, 0x50, - 0x05, 0x03, 0x10, 0x70, 0x00, 0x33, 0x0c, 0x00, 0xc4, 0x54, - 0x07, 0x00) -}; - -START_TEST(test_bliss_keys_priv) -{ - private_key_t *privkey; - - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_BLOB, privkey_chunk[_i], BUILD_END); - if (_i == countof(privkey_chunk) - 1) - { - ck_assert(privkey); - privkey->destroy(privkey); - } - else - { - ck_assert(!privkey); - } -} -END_TEST - -typedef struct privkey_mod_t privkey_mod_t; - -struct privkey_mod_t { - int offset; - char byte; -}; - -static privkey_mod_t privkey_mod[] = { - { 20, 0x80 }, - { 22, 0xc1 }, - { 920, 0x80 }, - { 922, 0x85 }, - { 1052, 0x80 }, - { 1054, 0x8c } -}; - -START_TEST(test_bliss_keys_priv_mod) -{ - private_key_t *privkey; - chunk_t data; - - data = chunk_clone(privkey_chunk[countof(privkey_chunk) - 1]); - data.ptr[privkey_mod[_i].offset] = privkey_mod[_i].byte; - - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_BLOB, data, BUILD_END); - ck_assert(!privkey); - chunk_free(&data); -} -END_TEST - -static chunk_t pubkey_chunk[] = { - {NULL, 0}, - chunk_from_chars(0x30, 0x00), - chunk_from_chars(0x30, 0x01), - chunk_from_chars(0x30, 0x02, 0x30, 0x00), - chunk_from_chars(0x30, 0x05, 0x30, 0x03, 0x06, 0x01, 0x01), - chunk_from_chars(0x30, 0x11, 0x30, 0x0F, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x01, 0x01, 0x04, 0x00), - chunk_from_chars(0x30, 0x12, 0x30, 0x10, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x01, 0x01, 0x06, 0x01, 0x01), - chunk_from_chars(0x30, 0x1c, 0x30, 0x1a, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x01, 0x01, 0x06, 0x0b, 0x2b, - 0x06, 0x01, 0x04, 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x02, 0x06), - chunk_from_chars(0x30, 0x1e, 0x30, 0x1a, 0x06, 0x0b, 0x2b, 0x06, 0x01, 0x04, - 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x01, 0x01, 0x06, 0x0b, 0x2b, - 0x06, 0x01, 0x04, 0x01, 0x82, 0xa0, 0x2a, 0x05, 0x02, 0x05, - 0x03, 0x00) -}; - -START_TEST(test_bliss_keys_pub) -{ - public_key_t *pubkey; - - pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, - BUILD_BLOB, pubkey_chunk[_i], BUILD_END); - ck_assert(!pubkey); -} -END_TEST - -Suite *bliss_keys_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_keys"); - - tc = tcase_create("keys_priv"); - tcase_add_loop_test(tc, test_bliss_keys_priv, 0, countof(privkey_chunk)); - suite_add_tcase(s, tc); - - tc = tcase_create("keys_priv_mod"); - tcase_add_loop_test(tc, test_bliss_keys_priv_mod, 0, countof(privkey_mod)); - suite_add_tcase(s, tc); - - tc = tcase_create("keys_pub"); - tcase_add_loop_test(tc, test_bliss_keys_pub, 0, countof(pubkey_chunk)); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sampler.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sampler.c deleted file mode 100644 index 38db3421d3..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sampler.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (C) 2014 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -static u_int key_size[] = { 1, 3, 4}; - -START_TEST(test_bliss_sampler_gaussian) -{ - bliss_sampler_t *sampler; - const bliss_param_set_t *set; - int i, k, count; - uint32_t hist[8], sign[3]; - int32_t z; - ext_out_function_t alg; - size_t seed_len; - chunk_t seed; - - set = bliss_param_set_get_by_id(key_size[_i]); - alg = XOF_MGF1_SHA256; - seed_len = 32; - count = 10000000; - - seed = chunk_alloc(seed_len); - memset(seed.ptr, 0xcc, seed_len); - - for (k = 0; k < 3; k++) - { - sign[k] = 0; - } - for (k = 0; k < 8; k++) - { - hist[k] = 0; - } - - sampler = bliss_sampler_create(alg, seed, set); - for (i = 0; i < count; i++) - { - ck_assert(sampler->gaussian(sampler, &z)); - if (z == 0) - { - sign[1]++; - hist[0]++; - } - else if (z > 0) - { - sign[2]++; - hist[z/256]++; - } - else - { - sign[0]++; - hist[(-z)/256]++; - } - } - sampler->destroy(sampler); - free(seed.ptr); - - DBG1(DBG_LIB, "histogram"); - for (k = 0; k < 8; k++) - { - DBG1(DBG_LIB, "%d %7d", k, hist[k]); - } - DBG1(DBG_LIB, "- %7d", sign[0]); - DBG1(DBG_LIB, "0 %7d", sign[1]); - DBG1(DBG_LIB, "+ %7d", sign[2]); -} -END_TEST - -Suite *bliss_sampler_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_sampler"); - - tc = tcase_create("sampler_gaussian"); - tcase_set_timeout(tc, 30); - tcase_add_loop_test(tc, test_bliss_sampler_gaussian, 0, countof(key_size)); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c deleted file mode 100644 index 43b51f96c4..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_sign.c +++ /dev/null @@ -1,212 +0,0 @@ -/* - * Copyright (C) 2014-2015 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include -#include - -static u_int key_type[] = { 1, 3, 4 }; -static u_int key_strength[] = { 128, 160, 192 }; - -START_TEST(test_bliss_sign_all) -{ - signature_scheme_t signature_scheme; - private_key_t *privkey, *privkey1; - public_key_t *pubkey, *pubkey1; - chunk_t msg, signature, privkey_blob, pubkey_blob, pubkey_fp, privkey_fp; - int k; - - for (k = 0; k < 4; k++) - { - int verify_count = 1000; - - switch (k) - { - case 1: - signature_scheme = SIGN_BLISS_WITH_SHA2_256; - break; - case 2: - signature_scheme = SIGN_BLISS_WITH_SHA2_384; - break; - default: - signature_scheme = SIGN_BLISS_WITH_SHA2_512; - } - - /* enforce BLISS-B key for k = 2, 3 */ - lib->settings->set_bool(lib->settings, - "%s.plugins.bliss.use_bliss_b", k >= 2, lib->ns); - - msg = chunk_from_str("Hello Dolly!"); - - /* generate private key */ - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_KEY_SIZE, key_type[_i], BUILD_END); - ck_assert(privkey); - - /* generate ASN.1 DER and PEM encoding of private key */ - ck_assert(privkey->get_encoding(privkey, (k % 2) ? - PRIVKEY_ASN1_DER : PRIVKEY_PEM, &privkey_blob)); - - /* extract public key from private key */ - pubkey = privkey->get_public_key(privkey); - ck_assert(pubkey); - - /* generate ASN.1 DER and PEM encodings of public key */ - ck_assert(pubkey->get_encoding(pubkey, (k % 2) ? - PUBKEY_SPKI_ASN1_DER : PUBKEY_PEM, &pubkey_blob)); - - /* compare fingerprints of public and private key */ - ck_assert(pubkey->get_fingerprint(pubkey, (k % 2) ? - KEYID_PUBKEY_INFO_SHA1 : KEYID_PUBKEY_SHA1, &pubkey_fp)); - ck_assert(privkey->get_fingerprint(privkey, (k % 2) ? - KEYID_PUBKEY_INFO_SHA1 : KEYID_PUBKEY_SHA1, &privkey_fp)); - ck_assert(chunk_equals(pubkey_fp, privkey_fp)); - - /* retrieve fingerprints of public and private key from cache */ - ck_assert(pubkey->get_fingerprint(pubkey, (k % 2) ? - KEYID_PUBKEY_INFO_SHA1 : KEYID_PUBKEY_SHA1, &pubkey_fp)); - ck_assert(privkey->get_fingerprint(privkey, (k % 2) ? - KEYID_PUBKEY_INFO_SHA1 : KEYID_PUBKEY_SHA1, &privkey_fp)); - - /* get a reference of the private key and destroy both instances */ - privkey1 = privkey->get_ref(privkey); - ck_assert(privkey1); - ck_assert(privkey1 == privkey); - privkey->destroy(privkey); - privkey1->destroy(privkey1); - - /* get a reference of the public key and destroy both instances */ - pubkey1 = pubkey->get_ref(pubkey); - ck_assert(pubkey1); - ck_assert(pubkey1 == pubkey); - pubkey->destroy(pubkey); - pubkey1->destroy(pubkey1); - - /* enforce BLISS-B key for k = 1, 3 */ - lib->settings->set_bool(lib->settings, - "%s.plugins.bliss.use_bliss_b", k % 2, lib->ns); - - /* load private key from ASN.1 blob */ - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_BLOB, privkey_blob, BUILD_END); - ck_assert(privkey); - ck_assert(privkey->get_type(privkey) == KEY_BLISS); - ck_assert(privkey->get_keysize(privkey) == key_strength[_i]); - chunk_free(&privkey_blob); - - /* load public key from ASN.1 blob */ - pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, - BUILD_BLOB, pubkey_blob, BUILD_END); - ck_assert(pubkey); - ck_assert(pubkey->get_type(pubkey) == KEY_BLISS); - ck_assert(pubkey->get_keysize(pubkey) == key_strength[_i]); - chunk_free(&pubkey_blob); - - /* generate and verify 1000 BLISS signatures */ - while (verify_count--) - { - ck_assert(privkey->sign(privkey, signature_scheme, NULL, msg, - &signature)); - ck_assert(pubkey->verify(pubkey, signature_scheme, NULL, msg, - signature)); - free(signature.ptr); - } - privkey->destroy(privkey); - pubkey->destroy(pubkey); - } -} -END_TEST - -START_TEST(test_bliss_sign_fail) -{ - private_key_t *privkey; - public_key_t *pubkey; - chunk_t msg = chunk_empty, signature, encoding, fp; - - /* generate non-supported BLISS-II private key */ - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_KEY_SIZE, BLISS_II, BUILD_END); - ck_assert(!privkey); - - /* generate non-supported BLISS-B-II private key */ - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_KEY_SIZE, BLISS_B_II, BUILD_END); - ck_assert(!privkey); - - /* generate supported BLISS-B-I private key */ - privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_BLISS, - BUILD_KEY_SIZE, BLISS_B_I, BUILD_END); - ck_assert(privkey); - - /* wrong private key encoding format */ - ck_assert(!privkey->get_encoding(privkey, PUBKEY_PEM, &encoding)); - - /* wrong fingerprint encoding format */ - ck_assert(!privkey->get_fingerprint(privkey, KEYID_PGPV4, &fp)); - - /* extract public key */ - pubkey = privkey->get_public_key(privkey); - ck_assert(pubkey); - - /* wrong private key encoding format */ - ck_assert(!pubkey->get_encoding(pubkey, PRIVKEY_PEM, &encoding)); - - /* wrong fingerprint encoding format */ - ck_assert(!pubkey->get_fingerprint(pubkey, KEYID_PGPV4, &fp)); - - /* encryption / decryption operation is not defined for BLISS */ - ck_assert(!pubkey->encrypt(pubkey, ENCRYPT_UNKNOWN, NULL, chunk_empty, NULL)); - ck_assert(!privkey->decrypt(privkey, ENCRYPT_UNKNOWN, NULL, chunk_empty, NULL)); - - /* sign with invalid signature scheme */ - ck_assert(!privkey->sign(privkey, SIGN_UNKNOWN, NULL, msg, &signature)); - - /* generate valid signature */ - msg = chunk_from_str("Hello Dolly!"); - ck_assert(privkey->sign(privkey, SIGN_BLISS_WITH_SHA2_512, NULL, msg, &signature)); - - /* verify with invalid signature scheme */ - ck_assert(!pubkey->verify(pubkey, SIGN_UNKNOWN, NULL, msg, signature)); - - /* corrupt signature */ - signature.ptr[signature.len - 1] ^= 0x80; - ck_assert(!pubkey->verify(pubkey, SIGN_BLISS_WITH_SHA2_512, NULL, msg, signature)); - - free(signature.ptr); - privkey->destroy(privkey); - pubkey->destroy(pubkey); -} -END_TEST - -Suite *bliss_sign_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_sign"); - - tc = tcase_create("sign_all"); - test_case_set_timeout(tc, 30); - tcase_add_loop_test(tc, test_bliss_sign_all, 0, countof(key_type)); - suite_add_tcase(s, tc); - - tc = tcase_create("sign_fail"); - tcase_add_test(tc, test_bliss_sign_fail); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_signature.c b/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_signature.c deleted file mode 100644 index d21f4b13c2..0000000000 --- a/src/libstrongswan/plugins/bliss/tests/suites/test_bliss_signature.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (C) 2015 Andreas Steffen - * - * Copyright (C) secunet Security Networks AG - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See . - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "test_suite.h" - -#include - -static chunk_t data = chunk_from_chars( - 0xC1, 0xA1, 0x96, 0x98, 0x4F, 0x60, 0xF5, 0xCA, 0x89, 0x9E, - 0x78, 0xAF, 0x64, 0xDD, 0x01, 0x76, 0x04, 0x29, 0x11, 0xD0, - 0x21, 0x9E, 0xE4, 0x2D, 0xC5, 0x82, 0x69, 0x19, 0x82, 0x75, - 0x30, 0xAC, 0xB0, 0x64, 0xCB, 0x65, 0x19, 0x22, 0x4A, 0x03, - 0x03, 0x61, 0x4A, 0x37, 0x8E, 0xA3, 0xB6, 0xB3, 0x58, 0x44, - 0xFD, 0x68, 0x38, 0xF1, 0x4B, 0xCF, 0xE8, 0xA2, 0x05, 0x39, - 0x87, 0xE0, 0x5E, 0x7C, 0x45, 0x33, 0x4A, 0xEB, 0x2E, 0xCF, - 0x98, 0x01, 0x3D, 0x28, 0x60, 0xCE, 0x90, 0x45, 0xF0, 0x8E, - 0x36, 0x25, 0x50, 0x8B, 0xA2, 0xC0, 0x6E, 0xDF, 0xC2, 0xA1, - 0x35, 0xC1, 0x16, 0x14, 0xE8, 0x6A, 0xE3, 0x9C, 0x0B, 0x32, - 0x53, 0x55, 0x60, 0x52, 0x43, 0x93, 0xBB, 0x9F, 0x1D, 0x17, - 0xDC, 0x6E, 0x26, 0x99, 0x60, 0x83, 0x12, 0x53, 0xB0, 0x2B, - 0x36, 0xE2, 0x95, 0xA7, 0xBF, 0x9B, 0xC0, 0x0A, 0x63, 0xD6, - 0x32, 0xA9, 0xE2, 0xAD, 0x02, 0x53, 0x10, 0x81, 0x00, 0xD4, - 0x9A, 0xC2, 0x04, 0x1B, 0x48, 0x53, 0x37, 0xF0, 0x95, 0x39, - 0x4B, 0x2E, 0x37, 0x28, 0xE2, 0x70, 0xAD, 0xB5, 0xF1, 0x63, - 0x48, 0x17, 0xEF, 0x45, 0xC0, 0x30, 0xA6, 0xAA, 0x37, 0x9A, - 0x00, 0x8F, 0x8D, 0xAC, 0x66, 0x2C, 0x96, 0x8C, 0xC2, 0x74, - 0x9D, 0x66, 0x16, 0x5D, 0x70, 0x70, 0x1D, 0x2F, 0x11, 0xBD, - 0x11, 0x62, 0x58, 0xC6, 0xB2, 0xA6, 0xFA, 0xB7, 0x8C, 0x10, - 0x6A, 0x13, 0x34, 0x25, 0xB8, 0xF2, 0x46, 0xE3, 0x08, 0xAD, - 0x8D, 0x49, 0x33, 0x24, 0x37, 0xA5, 0x0A, 0xF9, 0x5E, 0x95, - 0xF9, 0x50, 0xDA, 0x2B, 0x80, 0x4F, 0x10, 0x4F, 0xAB, 0xE4, - 0x96, 0xB1, 0xA1, 0x28, 0xCE, 0x6D, 0xB6, 0x17, 0x33, 0x2A, - 0xE0, 0xC3, 0x80, 0xAA, 0x3D, 0x1A, 0x5C, 0x48, 0xA0, 0x48, - 0x60, 0xCC, 0xC7, 0x29, 0x4F, 0xB8, 0x96, 0xDF, 0xC6, 0x6A, - 0xC2, 0x83, 0x5E, 0xFC, 0xD7, 0x4E, 0xCA, 0x14, 0xB4, 0xC6, - 0x30, 0x29, 0xC7, 0xCE, 0x79, 0x42, 0x2D, 0x22, 0x28, 0x99, - 0x59, 0x14, 0xFB, 0x04, 0xAD, 0x79, 0x3C, 0x74, 0x34, 0xC6, - 0x7A, 0x1C, 0x13, 0x07, 0x17, 0xB1, 0x8A, 0x02, 0xA7, 0x70, - 0x3C, 0x5B, 0xBA, 0x88, 0xA2, 0xE6, 0x4B, 0x2A, 0xC1, 0x1E, - 0x42, 0xDD, 0x83, 0x2B, 0x00, 0xCC, 0xF8, 0x80, 0x03, 0x7E, - 0x97, 0xA4, 0x04, 0xE1, 0xB2, 0x0B, 0xE2, 0xF3, 0x91, 0x91, - 0x80, 0xA0, 0xC5, 0x44, 0x67, 0xB1, 0x56, 0xD0, 0x13, 0x58, - 0x7B, 0x6E, 0x12, 0xE7, 0x3A, 0x90, 0xE4, 0x2C, 0x44, 0x17, - 0xA3, 0xBD, 0x21, 0x68, 0x45, 0x61, 0x20, 0x57, 0x8D, 0x4A, - 0xF1, 0xE6, 0xD3, 0x17, 0xC9, 0xB0, 0xF8, 0x3A, 0x87, 0x6A, - 0x7E, 0x25, 0x45, 0xDC, 0x9A, 0x1D, 0xAC, 0x10, 0xB6, 0xF6, - 0x07, 0x4C, 0x50, 0x92, 0xF9, 0xE1, 0x3E, 0xAD, 0x3B, 0x80, - 0x20, 0xA8, 0x34, 0x04, 0xD6, 0x0D, 0x2D, 0x46, 0x69, 0x5E, - 0x8C, 0x4B, 0xB0, 0x1C, 0x37, 0xD8, 0x0D, 0x72, 0x7B, 0xE6, - 0xEE, 0x04, 0x81, 0x98, 0x78, 0x69, 0x88, 0xD8, 0xDF, 0x04, - 0xF0, 0x80, 0xE2, 0x0A, 0xD3, 0x60, 0x94, 0xDF, 0x49, 0xF7, - 0x52, 0x95, 0xA6, 0xAF, 0x8C, 0x13, 0x10, 0x09, 0xAA, 0x03, - 0xAC, 0x2C, 0x89, 0x2D, 0x2C, 0x61, 0x0F, 0xBE, 0x5C, 0x29, - 0x01, 0x7C, 0x9E, 0xD2, 0xFF, 0x34, 0xA1, 0x9E, 0xEE, 0xBF, - 0x28, 0x18, 0x3A, 0x17, 0xA6, 0x40, 0x94, 0xD5, 0xC4, 0xEC, - 0x27, 0x0A, 0x40, 0x1C, 0xC4, 0x16, 0x80, 0x4E, 0x6F, 0xDD, - 0xA5, 0x6A, 0x03, 0xE8, 0xBA, 0xB2, 0xAA, 0x7A, 0x7F, 0x4B, - 0x30, 0x11, 0x11, 0x12, 0x4A, 0xFE, 0xB2, 0x99, 0xC6, 0x12, - 0x1A, 0x98, 0xC0, 0x15, 0x41, 0xE1, 0x55, 0x35, 0x54, 0xF2, - 0x1C, 0xE2, 0x78, 0x85, 0x66, 0xD3, 0x9C, 0x8A, 0x88, 0x7C, - 0x86, 0x7F, 0x48, 0xBE, 0xB7, 0x1C, 0xE4, 0xCF, 0x35, 0xEE, - 0x24, 0xA6, 0x62, 0xD6, 0x36, 0x1F, 0x66, 0x10, 0x5D, 0xEF, - 0x07, 0x64, 0xA8, 0xD0, 0xAD, 0x2F, 0x47, 0x02, 0xA2, 0x0F, - 0x73, 0x96, 0x2A, 0x21, 0x20, 0x36, 0x01, 0xA3, 0x2F, 0x5E, - 0xC8, 0x80, 0x3A, 0x54, 0xA6, 0xB5, 0xD0, 0x19, 0xBF, 0xC4, - 0x35, 0x01, 0x0B, 0x2A, 0x8E, 0x61, 0x4A, 0xDD, 0xB2, 0x4A, - 0xE1, 0x0C, 0x15, 0x94, 0x9C, 0xD2, 0x54, 0x93, 0x85, 0x16, - 0x49, 0x69, 0xA0, 0x41, 0x34, 0x16, 0x69, 0x28, 0x74, 0x11, - 0x88, 0x44, 0xC8, 0x46, 0x5E, 0x62, 0xFF, 0x6E, 0xC5, 0xA8, - 0xE8, 0x8A, 0x8A, 0xFA, 0x2D, 0x94, 0x14, 0xD4, 0x51, 0x16, - 0xB0, 0x40, 0xDC, 0xF3, 0xAA, 0x97, 0x39, 0x1A, 0xDA, 0x7F, - 0x41, 0x61, 0x25, 0x1E, 0xDF, 0x46, 0x29, 0x44, 0x80, 0xEA, - 0x10, 0xE4, 0x0F, 0x94, 0xA6, 0x52, 0x20, 0x06, 0x9C, 0x69, - 0x48, 0x1F, 0x45, 0x30, 0x4B, 0x21, 0x02, 0xE6, 0xF3, 0x44, - 0x35, 0xC1, 0xC8, 0xC9, 0x68, 0x6C, 0x43, 0xA4, 0x56, 0x07, - 0x36, 0x11, 0xFB, 0x6D, 0x8E, 0xF0, 0x62, 0x5A, 0x3C, 0x8B, - 0x23, 0xF1, 0x46, 0xE2, 0x76, 0x2A, 0x6F, 0xBB, 0x09, 0x24, - 0x18, 0x64, 0xE6, 0x5C, 0xD0, 0x85, 0x69, 0xF0, 0x4F, 0x66, - 0x97, 0x40, 0x01, 0x27, 0xD1, 0x41, 0xCC, 0xEB, 0x4D, 0xB7, - 0x04, 0xC4, 0x91, 0xE0, 0x95, 0x8A, 0x43, 0x26, 0x2D, 0x1F, - 0x88, 0xA0, 0xD8 -); - -START_TEST(test_bliss_signature_fail) -{ - const bliss_param_set_t set2 = { .id = BLISS_B_II }; - const bliss_param_set_t *set; - bliss_signature_t *signature; - chunk_t encoding; - int k; - - signature = bliss_signature_create(&set2); - ck_assert(signature); - encoding = signature->get_encoding(signature); - ck_assert(encoding.len == 0); - signature->destroy(signature); - - signature = bliss_signature_create_from_data(&set2, data); - ck_assert(!signature); - - set = bliss_param_set_get_by_id(BLISS_B_I); - ck_assert(set); - - for (k = 0; k < data.len - 2; k++) - { - chunk_t fragment = { data.ptr, k }; - - signature = bliss_signature_create_from_data(set, fragment); - ck_assert(!signature); - } - signature = bliss_signature_create_from_data(set, data); - ck_assert(signature); - signature->destroy(signature); -} -END_TEST - -Suite *bliss_signature_suite_create() -{ - Suite *s; - TCase *tc; - - s = suite_create("bliss_signature"); - - tc = tcase_create("signature_fail"); - tcase_add_test(tc, test_bliss_signature_fail); - suite_add_tcase(s, tc); - - return s; -} diff --git a/src/libstrongswan/plugins/pem/pem_encoder.c b/src/libstrongswan/plugins/pem/pem_encoder.c index e5cf038de8..4150d7fa50 100644 --- a/src/libstrongswan/plugins/pem/pem_encoder.c +++ b/src/libstrongswan/plugins/pem/pem_encoder.c @@ -42,9 +42,7 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, cred_encoding_args(args, CRED_PART_ECDSA_PUB_ASN1_DER, &asn1, CRED_PART_END) || cred_encoding_args(args, CRED_PART_EDDSA_PUB_ASN1_DER, - &asn1, CRED_PART_END) || - cred_encoding_args(args, CRED_PART_BLISS_PUB_ASN1_DER, - &asn1, CRED_PART_END)) + &asn1, CRED_PART_END)) { break; } @@ -93,12 +91,6 @@ bool pem_encoder_encode(cred_encoding_type_t type, chunk_t *encoding, label ="EC PRIVATE KEY"; break; } - if (cred_encoding_args(args, CRED_PART_BLISS_PRIV_ASN1_DER, - &asn1, CRED_PART_END)) - { - label ="BLISS PRIVATE KEY"; - break; - } if (cred_encoding_args(args, CRED_PART_EDDSA_PRIV_ASN1_DER, &asn1, CRED_PART_END)) { diff --git a/src/libstrongswan/plugins/pem/pem_plugin.c b/src/libstrongswan/plugins/pem/pem_plugin.c index d8045ed594..90f0e89a0b 100644 --- a/src/libstrongswan/plugins/pem/pem_plugin.c +++ b/src/libstrongswan/plugins/pem/pem_plugin.c @@ -61,9 +61,6 @@ METHOD(plugin_t, get_features, int, PLUGIN_PROVIDE(PRIVKEY, KEY_DSA), PLUGIN_DEPENDS(PRIVKEY, KEY_DSA), PLUGIN_SDEPEND(HASHER, HASH_MD5), - PLUGIN_REGISTER(PRIVKEY, pem_private_key_load, FALSE), - PLUGIN_PROVIDE(PRIVKEY, KEY_BLISS), - PLUGIN_DEPENDS(PRIVKEY, KEY_BLISS), PLUGIN_REGISTER(PRIVKEY, pem_private_key_load, FALSE), PLUGIN_PROVIDE(PRIVKEY, KEY_ED25519), PLUGIN_DEPENDS(PRIVKEY, KEY_ED25519), @@ -84,9 +81,6 @@ METHOD(plugin_t, get_features, int, PLUGIN_REGISTER(PUBKEY, pem_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_DSA), PLUGIN_DEPENDS(PUBKEY, KEY_DSA), - PLUGIN_REGISTER(PUBKEY, pem_public_key_load, FALSE), - PLUGIN_PROVIDE(PUBKEY, KEY_BLISS), - PLUGIN_DEPENDS(PUBKEY, KEY_BLISS), PLUGIN_REGISTER(PUBKEY, pem_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_ED25519), PLUGIN_DEPENDS(PUBKEY, KEY_ED25519), diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c index e2f1d4b7c3..15627ab05a 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c @@ -74,13 +74,6 @@ static public_key_t *parse_public_key(chunk_t blob) KEY_ECDSA, BUILD_BLOB_ASN1_DER, blob, BUILD_END); goto end; } - else if (oid == OID_BLISS_PUBLICKEY) - { - /* Need the whole subjectPublicKeyInfo for BLISS public keys */ - key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, - KEY_BLISS, BUILD_BLOB_ASN1_DER, blob, BUILD_END); - goto end; - } else if (oid == OID_ED25519) { /* Need the whole subjectPublicKeyInfo for Ed25519 public keys */ @@ -294,19 +287,6 @@ static bool is_ec_private_key(chunk_t blob) (!blob.len || (asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_1)); } -/** - * Check if the ASN.1 structure looks like a BLISS private key. - */ -static bool is_bliss_private_key(chunk_t blob) -{ - chunk_t data; - return asn1_unwrap(&blob, &blob) == ASN1_SEQUENCE && - asn1_unwrap(&blob, &data) == ASN1_OID && - asn1_unwrap(&blob, &data) == ASN1_BIT_STRING && - asn1_unwrap(&blob, &data) == ASN1_BIT_STRING && - asn1_unwrap(&blob, &data) == ASN1_BIT_STRING; -} - /** * Load a private key from an ASN.1 encoded blob trying to detect the type * automatically. @@ -318,11 +298,6 @@ static private_key_t *parse_private_key(chunk_t blob) return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA, BUILD_BLOB_ASN1_DER, blob, BUILD_END); } - else if (is_bliss_private_key(blob)) - { - return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA, - BUILD_BLOB_ASN1_DER, blob, BUILD_END); - } return parse_rsa_private_key(blob); } diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c index 5f9c1e37cd..7974689554 100644 --- a/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c +++ b/src/libstrongswan/plugins/pkcs1/pkcs1_plugin.c @@ -55,7 +55,6 @@ METHOD(plugin_t, get_features, int, PLUGIN_SDEPEND(PUBKEY, KEY_ECDSA), PLUGIN_SDEPEND(PUBKEY, KEY_ED25519), PLUGIN_SDEPEND(PUBKEY, KEY_ED448), - PLUGIN_SDEPEND(PUBKEY, KEY_BLISS), PLUGIN_SDEPEND(PUBKEY, KEY_DSA), PLUGIN_REGISTER(PUBKEY, pkcs1_public_key_load, FALSE), PLUGIN_PROVIDE(PUBKEY, KEY_RSA), diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index d040859794..96d030f955 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -276,10 +276,6 @@ static chunk_t build_optionalSignature(private_x509_ocsp_request_t *this, oid = OID_ECDSA_WITH_SHA1; scheme = SIGN_ECDSA_WITH_SHA1_DER; break; - case KEY_BLISS: - oid = OID_BLISS_WITH_SHA2_512; - scheme = SIGN_BLISS_WITH_SHA2_512; - break; default: DBG1(DBG_LIB, "unable to sign OCSP request, %N signature not " "supported", key_type_names, this->key->get_type(this->key)); diff --git a/src/libstrongswan/tests/suites/test_auth_cfg.c b/src/libstrongswan/tests/suites/test_auth_cfg.c index 3a3237598b..78c5d1d496 100644 --- a/src/libstrongswan/tests/suites/test_auth_cfg.c +++ b/src/libstrongswan/tests/suites/test_auth_cfg.c @@ -27,11 +27,11 @@ struct { { "rsa-sha256-sha512", { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_RSA_EMSA_PKCS1_SHA2_512, 0 }, {0}}, { "ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, { "rsa-sha256-ecdsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, - { "pubkey-sha256", { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, SIGN_BLISS_WITH_SHA2_256, 0 }, {0}}, + { "pubkey-sha256", { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, { "ike:rsa-sha256", {0}, { SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }}, { "ike:rsa-sha256-rsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }, { SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }}, { "rsa-sha256-ike:rsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }, { SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }}, - { "ike:pubkey-sha256", {0}, { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, SIGN_BLISS_WITH_SHA2_256, 0 }}, + { "ike:pubkey-sha256", {0}, { SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }}, { "rsa-ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, { "rsa-4096-ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, { "rsa-4096-ecdsa-256-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}}, @@ -182,7 +182,7 @@ struct { signature_scheme_t sig[6]; signature_param_types_t p[6]; } sig_constraints_rsa_pss_tests[] = { - { "pubkey-sha256", { SIGN_RSA_EMSA_PSS, SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, SIGN_BLISS_WITH_SHA2_256, 0 }, { + { "pubkey-sha256", { SIGN_RSA_EMSA_PSS, SIGN_RSA_EMSA_PKCS1_SHA2_256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, { { .pss = { .hash = HASH_SHA256, .mgf1_hash = HASH_SHA256, .salt_len = HASH_SIZE_SHA256, }}, {}, {}, {}, {}}}, { "rsa-sha256", { SIGN_RSA_EMSA_PSS, SIGN_RSA_EMSA_PKCS1_SHA2_256, 0 }, { { .pss = { .hash = HASH_SHA256, .mgf1_hash = HASH_SHA256, .salt_len = HASH_SIZE_SHA256, }}, {}}}, diff --git a/src/libstrongswan/tests/suites/test_hasher.c b/src/libstrongswan/tests/suites/test_hasher.c index cffb777cd2..c07eed8d93 100644 --- a/src/libstrongswan/tests/suites/test_hasher.c +++ b/src/libstrongswan/tests/suites/test_hasher.c @@ -62,13 +62,6 @@ static hasher_oid_t oids[] = { { OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA }, /* 30 */ { OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA }, /* 31 */ { OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }, /* 32 */ - { OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS }, /* 33 */ - { OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS }, /* 34 */ - { OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS }, /* 35 */ - { OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS }, /* 36 */ - { OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS }, /* 37 */ - { OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS }, /* 38 */ - { OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS }, /* 39 */ }; @@ -116,12 +109,6 @@ static struct { { SIGN_ECDSA_256, HASH_SHA256 }, { SIGN_ECDSA_384, HASH_SHA384 }, { SIGN_ECDSA_521, HASH_SHA512 }, - { SIGN_BLISS_WITH_SHA2_256, HASH_SHA256 }, - { SIGN_BLISS_WITH_SHA2_384, HASH_SHA384 }, - { SIGN_BLISS_WITH_SHA2_512, HASH_SHA512 }, - { SIGN_BLISS_WITH_SHA3_256, HASH_SHA3_256 }, - { SIGN_BLISS_WITH_SHA3_384, HASH_SHA3_384 }, - { SIGN_BLISS_WITH_SHA3_512, HASH_SHA3_512 }, { SIGN_ED25519, HASH_IDENTITY }, { SIGN_ED448, HASH_IDENTITY }, { 30, HASH_UNKNOWN }, diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c index bbaca6debb..b2118c5e4b 100644 --- a/src/libstrongswan/tests/suites/test_utils.c +++ b/src/libstrongswan/tests/suites/test_utils.c @@ -1263,11 +1263,6 @@ static struct { {KEY_ECDSA, 384, { SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }}, {KEY_ECDSA, 512, { SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }}, - {KEY_BLISS, 128, { SIGN_BLISS_WITH_SHA2_256, SIGN_BLISS_WITH_SHA2_384, - SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }}, - {KEY_BLISS, 192, { SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, - SIGN_UNKNOWN }}, - {KEY_BLISS, 256, { SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }}, }; START_TEST(test_signature_schemes_for_key) diff --git a/src/pki/commands/gen.c b/src/pki/commands/gen.c index b6e871f795..bedde19014 100644 --- a/src/pki/commands/gen.c +++ b/src/pki/commands/gen.c @@ -53,10 +53,6 @@ static int gen() { type = KEY_ED448; } - else if (streq(arg, "bliss")) - { - type = KEY_BLISS; - } else { return command_usage("invalid key type"); @@ -116,9 +112,6 @@ static int gen() case KEY_ED448: size = 456; break; - case KEY_BLISS: - size = 1; - break; default: break; } @@ -174,12 +167,12 @@ static void __attribute__ ((constructor))reg() { command_register((command_t) { gen, 'g', "gen", "generate a new private key", - {"[--type rsa|ecdsa|ed25519|ed448|bliss] [--size bits] [--safe-primes]", + {"[--type rsa|ecdsa|ed25519|ed448] [--size bits] [--safe-primes]", "[--shares n] [--threshold l] [--outform der|pem]"}, { {"help", 'h', 0, "show usage information"}, {"type", 't', 1, "type of key, default: rsa"}, - {"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384, bliss 1"}, + {"size", 's', 1, "keylength in bits, default: rsa 2048, ecdsa 384"}, {"safe-primes", 'p', 0, "generate rsa safe primes"}, {"shares", 'n', 1, "number of private rsa key shares"}, {"threshold", 'l', 1, "minimum number of participating rsa key shares"}, diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index c106237c88..9fcdcc7fa8 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -161,11 +161,6 @@ static int issue() type = CRED_PRIVATE_KEY; subtype = KEY_ED448; } - else if (streq(arg, "bliss")) - { - type = CRED_PRIVATE_KEY; - subtype = KEY_BLISS; - } else if (streq(arg, "priv")) { type = CRED_PRIVATE_KEY; @@ -648,7 +643,7 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { issue, 'i', "issue", "issue a certificate using a CA certificate and key", - {"[--in file] [--type pub|pkcs10|priv|rsa|ecdsa|ed25519|ed448|bliss]", + {"[--in file] [--type pub|pkcs10|priv|rsa|ecdsa|ed25519|ed448]", "--cakey file|--cakeyid hex --cacert file [--dn subject-dn]", "[--san subjectAltName]+ [--lifetime days] [--serial hex]", "[--ca] [--pathlen len]", diff --git a/src/pki/commands/keyid.c b/src/pki/commands/keyid.c index d38d4f9fe3..37b8d0d1d0 100644 --- a/src/pki/commands/keyid.c +++ b/src/pki/commands/keyid.c @@ -102,12 +102,6 @@ static int keyid() type = CRED_PRIVATE_KEY; subtype = KEY_ECDSA; } - else if (streq(arg, "bliss") || - streq(arg, "bliss-priv")) - { - type = CRED_PRIVATE_KEY; - subtype = KEY_BLISS; - } else if (streq(arg, "priv")) { type = CRED_PRIVATE_KEY; @@ -288,7 +282,7 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { keyid, 'k', "keyid", "calculate key identifiers of a key/certificate", - {"[--in file|--keyid hex] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]", + {"[--in file|--keyid hex] [--type priv|rsa|ecdsa|pub|pkcs10|x509]", "[--id all|spk|spki] [--format pretty|hex|base64|bin]"}, { {"help", 'h', 0, "show usage information"}, diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c index 6d82af6b87..5552a79e04 100644 --- a/src/pki/commands/print.c +++ b/src/pki/commands/print.c @@ -118,12 +118,6 @@ static int print() type = CRED_PRIVATE_KEY; subtype = KEY_ED448; } - else if (streq(arg, "bliss") || - streq(arg, "bliss-priv")) - { - type = CRED_PRIVATE_KEY; - subtype = KEY_BLISS; - } else if (streq(arg, "ocsp-req")) { type = CRED_CERTIFICATE; @@ -212,7 +206,7 @@ static void __attribute__ ((constructor))reg() { print, 'a', "print", "print a credential in a human readable form", {"[--in file|--keyid hex]", - "[--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|ed448|bliss|ocsp-req|ocsp-rsp]"}, + "[--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|ed448|ocsp-req|ocsp-rsp]"}, { {"help", 'h', 0, "show usage information"}, {"in", 'i', 1, "input file, default: stdin"}, diff --git a/src/pki/commands/pub.c b/src/pki/commands/pub.c index 57c4057bc4..a9fd8f3884 100644 --- a/src/pki/commands/pub.c +++ b/src/pki/commands/pub.c @@ -55,11 +55,6 @@ static int pub() type = CRED_PRIVATE_KEY; subtype = KEY_ECDSA; } - else if (streq(arg, "bliss")) - { - type = CRED_PRIVATE_KEY; - subtype = KEY_BLISS; - } else if (streq(arg, "priv")) { type = CRED_PRIVATE_KEY; @@ -195,7 +190,7 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { pub, 'p', "pub", "extract the public key from a private key/certificate", - {"[--in file|--keyid hex] [--type rsa|ecdsa|bliss|priv|pub|pkcs10|x509]", + {"[--in file|--keyid hex] [--type rsa|ecdsa|priv|pub|pkcs10|x509]", "[--outform der|pem|dnskey|sshkey]"}, { {"help", 'h', 0, "show usage information"}, diff --git a/src/pki/commands/req.c b/src/pki/commands/req.c index 2578805f58..f36608e3c0 100644 --- a/src/pki/commands/req.c +++ b/src/pki/commands/req.c @@ -65,10 +65,6 @@ static int req() { type = KEY_ECDSA; } - else if (streq(arg, "bliss")) - { - type = KEY_BLISS; - } else if (streq(arg, "priv")) { type = KEY_ANY; @@ -277,7 +273,7 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { req, 'r', "req", "create a PKCS#10 certificate request", - {"[--in file|--keyid hex] [--type rsa|ecdsa|bliss|priv]", + {"[--in file|--keyid hex] [--type rsa|ecdsa|priv]", " --oldreq file|--dn distinguished-name [--san subjectAltName]+", "[--flag serverAuth|clientAuth|ocspSigning|msSmartcardLogon]+", "[--profile server|client|dual|ocsp] [--password challengePassword]", diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c index da75dc68c8..dc83f907e7 100644 --- a/src/pki/commands/self.c +++ b/src/pki/commands/self.c @@ -107,10 +107,6 @@ static int self() { type = KEY_ED448; } - else if (streq(arg, "bliss")) - { - type = KEY_BLISS; - } else if (streq(arg, "priv")) { type = KEY_ANY; @@ -455,7 +451,7 @@ static void __attribute__ ((constructor))reg() command_register((command_t) { self, 's', "self", "create a self signed certificate", - {"[--in file|--keyid hex] [--type rsa|ecdsa|ed25519|ed448|bliss|priv]", + {"[--in file|--keyid hex] [--type rsa|ecdsa|ed25519|ed448|priv]", " --dn distinguished-name [--san subjectAltName]+", "[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+", "[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+", diff --git a/src/pki/man/pki---gen.1.in b/src/pki/man/pki---gen.1.in index 0344f9473b..708f58a52c 100644 --- a/src/pki/man/pki---gen.1.in +++ b/src/pki/man/pki---gen.1.in @@ -46,7 +46,7 @@ Read command line options from \fIfile\fR. .TP .BI "\-t, \-\-type " type Type of key to generate. Either \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR, -\fIed448\fR or \fIbliss\fR, defaults to \fIrsa\fR. +or \fIed448\fR, defaults to \fIrsa\fR. .TP .BI "\-s, \-\-size " bits Key length in bits. Defaults to 2048 for \fIrsa\fR and 384 for \fIecdsa\fR. diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in index fb99c2e4f8..e734d19649 100644 --- a/src/pki/man/pki---issue.1.in +++ b/src/pki/man/pki---issue.1.in @@ -72,8 +72,8 @@ key/request is read from \fISTDIN\fR. .BI "\-t, \-\-type " type Type of the input. One of \fIpub\fR (public key), \fIpriv\fR (private key), \fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA private key), -\fIed25519\fR (Ed25519 private key), \fIed448\fR (Ed448 private key), -\fIbliss\fR (BLISS private key) or \fIpkcs10\fR (PKCS#10 certificate request), +\fIed25519\fR (Ed25519 private key), \fIed448\fR (Ed448 private key) or +\fIpkcs10\fR (PKCS#10 certificate request), defaults to \fIpub\fR. .TP .BI "\-k, \-\-cakey " file diff --git a/src/pki/man/pki---keyid.1.in b/src/pki/man/pki---keyid.1.in index 594643a22c..d824b50394 100644 --- a/src/pki/man/pki---keyid.1.in +++ b/src/pki/man/pki---keyid.1.in @@ -53,8 +53,8 @@ Smartcard or TPM private key object handle in hex format with an optional .TP .BI "\-t, \-\-type " type Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key), -\fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key), -\fIpub\fR (public key), \fIpkcs10\fR (PKCS#10 certificate request), +\fIecdsa\fR (ECDSA private key), \fIpub\fR (public key), +\fIpkcs10\fR (PKCS#10 certificate request), \fIx509\fR (X.509 certificate), defaults to \fIpriv\fR. .TP .BI "\-I, \-\-id " id-type diff --git a/src/pki/man/pki---print.1.in b/src/pki/man/pki---print.1.in index 66eaf63dbc..d307b047fb 100644 --- a/src/pki/man/pki---print.1.in +++ b/src/pki/man/pki---print.1.in @@ -54,8 +54,8 @@ Type of input. One of \fIx509\fR (X.509 certificate), \fIcrl\fR (Certificate Revocation List, CRL), \fIac\fR (Attribute Certificate), \fIpub\fR (public key), \fIpriv\fR (private key), \fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA private key), \fIed25519\fR (Ed25519 private key), \fIed448\fR (Ed448 private -key), \fIbliss\fR (BLISS private key), \fIocsp-req\fR (OCSP request), -\fIocsp-rsp\fR (OCSP response), defaults to \fIx509\fR. +key), \fIocsp-req\fR (OCSP request), \fIocsp-rsp\fR (OCSP response), +defaults to \fIx509\fR. . .SH "SEE ALSO" . diff --git a/src/pki/man/pki---req.1.in b/src/pki/man/pki---req.1.in index e25a809589..55ad007e01 100644 --- a/src/pki/man/pki---req.1.in +++ b/src/pki/man/pki---req.1.in @@ -71,7 +71,7 @@ Smartcard or TPM private key object handle in hex format with an optional 0x prefix. .TP .BI "\-t, \-\-type " type -Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR or \fIbliss\fR, +Type of the input key. Either \fIpriv\fR, \fIrsa\fR or \fIecdsa\fR, defaults to \fIpriv\fR. .TP .BI "\-d, \-\-dn " distinguished-name diff --git a/src/pki/man/pki---self.1.in b/src/pki/man/pki---self.1.in index caa943d88a..cf25235b6c 100644 --- a/src/pki/man/pki---self.1.in +++ b/src/pki/man/pki---self.1.in @@ -72,8 +72,8 @@ Smartcard or TPM private key object handle in hex format with an optional 0x prefix. .TP .BI "\-t, \-\-type " type -Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR, -\fIed448\fR or \fIbliss\fR, defaults to \fIpriv\fR. +Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR +or \fIed448\fR, defaults to \fIpriv\fR. .TP .BI "\-d, \-\-dn " distinguished-name Subject and issuer distinguished name (DN). Required. diff --git a/src/swanctl/Makefile.am b/src/swanctl/Makefile.am index 3a432c4544..1bd743883d 100644 --- a/src/swanctl/Makefile.am +++ b/src/swanctl/Makefile.am @@ -76,7 +76,6 @@ install-data-local: swanctl.conf test -e "$(DESTDIR)$(swanctldir)/private" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/private" || true test -e "$(DESTDIR)$(swanctldir)/rsa" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/rsa" || true test -e "$(DESTDIR)$(swanctldir)/ecdsa" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/ecdsa" || true - test -e "$(DESTDIR)$(swanctldir)/bliss" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/bliss" || true test -e "$(DESTDIR)$(swanctldir)/pkcs8" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs8" || true test -e "$(DESTDIR)$(swanctldir)/pkcs12" || $(INSTALL) -d -m 750 "$(DESTDIR)$(swanctldir)/pkcs12" || true test -e "$(DESTDIR)$(swanctldir)/swanctl.conf" || $(INSTALL) -m 640 $(srcdir)/swanctl.conf $(DESTDIR)$(swanctldir)/swanctl.conf || true diff --git a/src/swanctl/commands/load_creds.c b/src/swanctl/commands/load_creds.c index afb07eebb2..78487350cf 100644 --- a/src/swanctl/commands/load_creds.c +++ b/src/swanctl/commands/load_creds.c @@ -274,7 +274,6 @@ static bool determine_credtype(char *type, credential_type_t *credtype, { "pkcs8", CRED_PRIVATE_KEY, KEY_ANY, }, { "rsa", CRED_PRIVATE_KEY, KEY_RSA, }, { "ecdsa", CRED_PRIVATE_KEY, KEY_ECDSA, }, - { "bliss", CRED_PRIVATE_KEY, KEY_BLISS, }, { "pkcs12", CRED_CONTAINER, CONTAINER_PKCS12, }, }; int i; @@ -672,7 +671,6 @@ static bool load_secret(load_ctx_t *ctx, char *section) "private", "rsa", "ecdsa", - "bliss", "pkcs8", "pkcs12", "token", @@ -922,7 +920,6 @@ int load_creds_cfg(vici_conn_t *conn, command_format_options_t format, load_keys(&ctx, "private", SWANCTL_PRIVATEDIR); load_keys(&ctx, "rsa", SWANCTL_RSADIR); load_keys(&ctx, "ecdsa", SWANCTL_ECDSADIR); - load_keys(&ctx, "bliss", SWANCTL_BLISSDIR); load_keys(&ctx, "pkcs8", SWANCTL_PKCS8DIR); load_containers(&ctx, "pkcs12", SWANCTL_PKCS12DIR); diff --git a/src/swanctl/swanctl.h b/src/swanctl/swanctl.h index d49038c5e9..ba331a02a4 100644 --- a/src/swanctl/swanctl.h +++ b/src/swanctl/swanctl.h @@ -86,11 +86,6 @@ extern char *swanctl_dir; */ #define SWANCTL_ECDSADIR "ecdsa" -/** - * Directory for BLISS private keys - */ -#define SWANCTL_BLISSDIR "bliss" - /** * Directory for PKCS#8 encoded private keys */ diff --git a/testing/hosts/bob/etc/ipsec.secrets b/testing/hosts/bob/etc/ipsec.secrets index b3a0af048b..68c8b3be7e 100644 --- a/testing/hosts/bob/etc/ipsec.secrets +++ b/testing/hosts/bob/etc/ipsec.secrets @@ -1,8 +1,3 @@ # /etc/ipsec.secrets - strongSwan IPsec secrets file : RSA bobKey.pem - - - - - diff --git a/testing/hosts/dave/etc/ipsec.secrets b/testing/hosts/dave/etc/ipsec.secrets index 3fa796491f..9031f323a0 100644 --- a/testing/hosts/dave/etc/ipsec.secrets +++ b/testing/hosts/dave/etc/ipsec.secrets @@ -1,7 +1,3 @@ # /etc/ipsec.secrets - strongSwan IPsec secrets file : RSA daveKey.pem - - - - diff --git a/testing/hosts/winnetou/etc/ca/generate-crl b/testing/hosts/winnetou/etc/ca/generate-crl index ab6558f987..2c4067a84a 100755 --- a/testing/hosts/winnetou/etc/ca/generate-crl +++ b/testing/hosts/winnetou/etc/ca/generate-crl @@ -138,11 +138,3 @@ cd /etc/ca/monster # generate CRL for strongSwan Monster Root CA pki --signcrl --cakey strongswanKey.pem --cacert strongswanCert.pem \ > ${ROOT}/strongswan_monster.crl - -## -# strongSwan BlISS Root CA -cd /etc/ca/bliss - -# generate CRL for strongSwan BLISS Root CA -pki --signcrl --cakey strongswan_blissKey.der --cacert strongswan_blissCert.der \ - --lifetime 30 --digest sha3_512 > ${ROOT}/strongswan_bliss.crl diff --git a/testing/hosts/winnetou/etc/strongswan.conf b/testing/hosts/winnetou/etc/strongswan.conf index d2b255656b..aec8d76ce4 100644 --- a/testing/hosts/winnetou/etc/strongswan.conf +++ b/testing/hosts/winnetou/etc/strongswan.conf @@ -1,5 +1,5 @@ # strongswan.conf - strongSwan configuration file pki { - load = random drbg pem sha1 sha2 sha3 pkcs1 pkcs8 pem gmp mgf1 bliss curve25519 x509 openssl + load = random drbg pem sha1 sha2 sha3 pkcs1 pkcs8 pem gmp mgf1 curve25519 x509 openssl } diff --git a/testing/scripts/build-certs-chroot b/testing/scripts/build-certs-chroot index 5130a9b609..b53af85ee3 100755 --- a/testing/scripts/build-certs-chroot +++ b/testing/scripts/build-certs-chroot @@ -92,11 +92,6 @@ MONSTER_CDP="http://crl.strongswan.org/strongswan_monster.crl" MONSTER_CA_RSA_SIZE="8192" MONSTER_EE_RSA_SIZE="4096" # -BLISS_DIR="${CA_DIR}/bliss" -BLISS_KEY="${BLISS_DIR}/strongswan_blissKey.der" -BLISS_CERT="${BLISS_DIR}/strongswan_blissCert.der" -BLISS_CDP="http://crl.strongswan.org/strongswan_bliss.crl" -# RSA_SIZE="3072" IPSEC_DIR="etc/ipsec.d" SWANCTL_DIR="etc/swanctl" @@ -118,7 +113,6 @@ mkdir -p ${RFC3779_DIR}/certs mkdir -p ${SHA3_RSA_DIR}/certs mkdir -p ${ED25519_DIR}/certs mkdir -p ${MONSTER_DIR}/certs -mkdir -p ${BLISS_DIR}/certs ################################################################################ # strongSwan Root CA # @@ -1641,93 +1635,6 @@ pki --issue --cakey ${MONSTER_KEY} --cacert ${MONSTER_CERT} --type rsa \ --crl ${MONSTER_CDP} --outform pem > ${TEST_CERT} cp ${TEST_CERT} ${MONSTER_DIR}/certs/${SERIAL}.pem -################################################################################ -# Bliss CA # -################################################################################ - -# Generate BLISS Root CA with 192 bit security strength -pki --gen --type bliss --size 4 > ${BLISS_KEY} -pki --self --type bliss --in ${BLISS_KEY} --digest sha3_512 \ - --not-before "${START}" --not-after "${CA_END}" --ca \ - --dn "C=CH, O=${PROJECT}, CN=strongSwan BLISS Root CA" > ${BLISS_CERT} - -# Put a copy in the following scenarios -for t in rw-newhope-bliss rw-ntru-bliss -do - TEST="${TEST_DIR}/ikev2/${t}" - for h in moon carol dave - do - mkdir -p ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509ca - cp ${BLISS_CERT} ${TEST}/hosts/${h}/${SWANCTL_DIR}/x509ca - done -done - -# Generate a carol BLISS certificate with 128 bit security strength -TEST="${TEST_DIR}/ikev2/rw-newhope-bliss" -TEST_KEY="${TEST}/hosts/carol/${SWANCTL_DIR}/bliss/carolKey.der" -TEST_CERT="${TEST}/hosts/carol/${SWANCTL_DIR}/x509/carolCert.der" -CN="carol@strongswan.org" -SERIAL="01" -mkdir -p ${TEST}/hosts/carol/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/carol/${SWANCTL_DIR}/x509 -pki --gen --type bliss --size 1 > ${TEST_KEY} -pki --issue --cakey ${BLISS_KEY} --cacert ${BLISS_CERT} --type bliss \ - --in ${TEST_KEY} --not-before "${START}" --not-after "${EE_END}" --san ${CN} \ - --serial ${SERIAL} --dn "C=CH, O=${PROJECT}, OU=BLISS I, CN=${CN}" \ - --crl ${BLISS_CDP} --digest sha3_512 > ${TEST_CERT} -cp ${TEST_CERT} ${BLISS_DIR}/certs/${SERIAL}.der - -# Put a copy in the ikev2/rw-ntru-bliss scenario -TEST="${TEST_DIR}/ikev2/rw-ntru-bliss" -mkdir -p ${TEST}/hosts/carol/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/carol/${SWANCTL_DIR}/x509 -cp ${TEST_KEY} ${TEST}/hosts/carol/${SWANCTL_DIR}/bliss -cp ${TEST_CERT} ${TEST}/hosts/carol/${SWANCTL_DIR}/x509 - -# Generate a dave BLISS certificate with 160 bit security strength -TEST="${TEST_DIR}/ikev2/rw-newhope-bliss" -TEST_KEY="${TEST}/hosts/dave/${SWANCTL_DIR}/bliss/daveKey.der" -TEST_CERT="${TEST}/hosts/dave/${SWANCTL_DIR}/x509/daveCert.der" -CN="dave@strongswan.org" -SERIAL="02" -mkdir -p ${TEST}/hosts/dave/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/dave/${SWANCTL_DIR}/x509 -pki --gen --type bliss --size 3 > ${TEST_KEY} -pki --issue --cakey ${BLISS_KEY} --cacert ${BLISS_CERT} --type bliss \ - --in ${TEST_KEY} --not-before "${START}" --not-after "${EE_END}" --san ${CN} \ - --serial ${SERIAL} --dn "C=CH, O=${PROJECT}, OU=BLISS III, CN=${CN}" \ - --crl ${BLISS_CDP} --digest sha3_512 > ${TEST_CERT} -cp ${TEST_CERT} ${BLISS_DIR}/certs/${SERIAL}.der - -# Put a copy in the ikev2/rw-ntru-bliss scenario -TEST="${TEST_DIR}/ikev2/rw-ntru-bliss" -mkdir -p ${TEST}/hosts/dave/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/dave/${SWANCTL_DIR}/x509 -cp ${TEST_KEY} ${TEST}/hosts/dave/${SWANCTL_DIR}/bliss -cp ${TEST_CERT} ${TEST}/hosts/dave/${SWANCTL_DIR}/x509 - -# Generate a moon BLISS certificate with 192 bit security strength -TEST="${TEST_DIR}/ikev2/rw-newhope-bliss" -TEST_KEY="${TEST}/hosts/moon/${SWANCTL_DIR}/bliss/moonKey.der" -TEST_CERT="${TEST}/hosts/moon/${SWANCTL_DIR}/x509/moonCert.der" -CN="moon.strongswan.org" -SERIAL="03" -mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/x509 -pki --gen --type bliss --size 4 > ${TEST_KEY} -pki --issue --cakey ${BLISS_KEY} --cacert ${BLISS_CERT} --type bliss \ - --in ${TEST_KEY} --not-before "${START}" --not-after "${EE_END}" --san ${CN} \ - --serial ${SERIAL} --dn "C=CH, O=${PROJECT}, OU=BLISS IV, CN=${CN}" \ - --crl ${BLISS_CDP} --digest sha3_512 > ${TEST_CERT} -cp ${TEST_CERT} ${BLISS_DIR}/certs/${SERIAL}.der - -# Put a copy in the ikev2/rw-ntru-bliss scenario -TEST="${TEST_DIR}/ikev2/rw-ntru-bliss" -mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/bliss -mkdir -p ${TEST}/hosts/moon/${SWANCTL_DIR}/x509 -cp ${TEST_KEY} ${TEST}/hosts/moon/${SWANCTL_DIR}/bliss -cp ${TEST_CERT} ${TEST}/hosts/moon/${SWANCTL_DIR}/x509 - ################################################################################ # SQL Data # ################################################################################ diff --git a/testing/scripts/recipes/013_strongswan.mk b/testing/scripts/recipes/013_strongswan.mk index c318ac8c9a..4e8dc9211e 100644 --- a/testing/scripts/recipes/013_strongswan.mk +++ b/testing/scripts/recipes/013_strongswan.mk @@ -101,7 +101,6 @@ CONFIG_OPTS = \ --enable-tkm \ --enable-ntru \ --enable-lookip \ - --enable-bliss \ --enable-sha3 \ --enable-newhope \ --enable-systemd \ diff --git a/testing/tests/ikev2/rw-newhope-bliss/description.txt b/testing/tests/ikev2/rw-newhope-bliss/description.txt deleted file mode 100755 index 0a7f2489cf..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/description.txt +++ /dev/null @@ -1,14 +0,0 @@ -The roadwarriors carol and dave set up a connection each to gateway moon. -The IKEv2 key exchange is based on the NewHope lattice-based post-quantum algorithm -with a cryptographical strength of 128 bits. Authentication is based on the BLISS -algorithm with strengths 128 bits (BLISS I), 160 bits (BLISS III) and 192 bits (BLISS IV) for -carol, dave and moon, respectively. -

-Both carol and dave request a virtual IP via the IKEv2 configuration payload. -The gateway moon assigns virtual IP addresses from the pool 10.3.0.0/28 in a monotonously -increasing order. -

-leftfirewall=yes automatically inserts iptables-based firewall rules that let pass -the tunneled traffic. In order to test the tunnels, carol and dave then ping -the client alice behind the gateway moon. The source IP addresses of the two -pings will be the virtual IPs carol1 and dave1, respectively. diff --git a/testing/tests/ikev2/rw-newhope-bliss/evaltest.dat b/testing/tests/ikev2/rw-newhope-bliss/evaltest.dat deleted file mode 100755 index be3b867a3b..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/evaltest.dat +++ /dev/null @@ -1,10 +0,0 @@ -carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*local-vips=\[10.3.0.1] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.3.0.1/32] remote-ts=\[10.1.0.0/16]::YES -dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*local-vips=\[10.3.0.2] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.3.0.2/32] remote-ts=\[10.1.0.0/16]::YES -moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*remote-vips=\[10.3.0.1] child-sas.*net.*reqid=1 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.1/32]::YES -moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*remote-vips=\[10.3.0.2] child-sas.*net.*reqid=2 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.2/32]::YES -alice::ping -c 1 10.3.0.1::64 bytes from 10.3.0.1: icmp_.eq=1::YES -alice::ping -c 1 10.3.0.2::64 bytes from 10.3.0.2: icmp_.eq=1::YES -moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES -moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES -moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/strongswan.conf deleted file mode 100755 index 15f4067b3e..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/strongswan.conf +++ /dev/null @@ -1,12 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = pem pkcs1 x509 revocation constraints pubkey openssl mgf1 bliss random -} - -charon-systemd { - load = random nonce sha1 sha2 sha3 aes chapoly newhope mgf1 bliss hmac kdf pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf deleted file mode 100755 index 5706eda181..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,29 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.100 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = pubkey - certs = carolCert.der - id = carol@strongswan.org - } - remote { - auth = pubkey - id = moon.strongswan.org - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes256gcm128-newhope128 - } - } - version = 2 - proposals = aes256-sha256-newhope128 - fragmentation = yes - } -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/strongswan.conf deleted file mode 100755 index c9b3eacf17..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/strongswan.conf +++ /dev/null @@ -1,12 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = pem pkcs1 x509 revocation constraints pubkey openssl mgf1 bliss random -} - -charon-systemd { - load = random nonce sha1 sha2 sha3 aes chapoly newhope mgf1 bliss hmac kdf pem pkcs1 x509 revocation pubkey gmp curl kernel-netlink socket-default updown vici - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf deleted file mode 100755 index 13407ed445..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,29 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.200 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = pubkey - certs = daveCert.der - id = dave@strongswan.org - } - remote { - auth = pubkey - id = moon.strongswan.org - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes256gcm128-newhope128 - } - } - version = 2 - proposals = aes256-sha256-newhope128 - fragmentation = yes - } -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/strongswan.conf deleted file mode 100755 index 15f4067b3e..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,12 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = pem pkcs1 x509 revocation constraints pubkey openssl mgf1 bliss random -} - -charon-systemd { - load = random nonce sha1 sha2 sha3 aes chapoly newhope mgf1 bliss hmac kdf pem pkcs1 x509 revocation constraints pubkey gmp curl kernel-netlink socket-default updown vici - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf deleted file mode 100755 index bce22d0571..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,33 +0,0 @@ -connections { - - rw { - local_addrs = 192.168.0.1 - pools = rw_pool - - local { - auth = pubkey - certs = moonCert.der - id = moon.strongswan.org - } - remote { - auth = pubkey - } - children { - net { - local_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes256gcm128-newhope128 - } - } - version = 2 - proposals = aes256-sha256-newhope128 - fragmentation = yes - } -} - -pools { - rw_pool { - addrs = 10.3.0.0/28 - } -} diff --git a/testing/tests/ikev2/rw-newhope-bliss/posttest.dat b/testing/tests/ikev2/rw-newhope-bliss/posttest.dat deleted file mode 100755 index eb21008563..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/posttest.dat +++ /dev/null @@ -1,8 +0,0 @@ -carol::swanctl --terminate --ike home -dave::swanctl --terminate --ike home -carol::systemctl stop strongswan -dave::systemctl stop strongswan -moon::systemctl stop strongswan -moon::iptables-restore < /etc/iptables.flush -carol::iptables-restore < /etc/iptables.flush -dave::iptables-restore < /etc/iptables.flush diff --git a/testing/tests/ikev2/rw-newhope-bliss/pretest.dat b/testing/tests/ikev2/rw-newhope-bliss/pretest.dat deleted file mode 100755 index 819964b7df..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/pretest.dat +++ /dev/null @@ -1,14 +0,0 @@ -moon::iptables-restore < /etc/iptables.rules -carol::iptables-restore < /etc/iptables.rules -dave::iptables-restore < /etc/iptables.rules -moon::cd /etc/swanctl; rm rsa/* x509/moonCert.pem x509ca/strongswanCert.pem -carol::cd /etc/swanctl; rm rsa/* x509/carolCert.pem x509ca/strongswanCert.pem -dave::cd /etc/swanctl; rm rsa/* x509/daveCert.pem x509ca/strongswanCert.pem -moon::systemctl start strongswan -carol::systemctl start strongswan -dave::systemctl start strongswan -moon::expect-connection rw -carol::expect-connection home -carol::swanctl --initiate --child home 2> /dev/null -dave::expect-connection home -dave::swanctl --initiate --child home 2> /dev/null diff --git a/testing/tests/ikev2/rw-newhope-bliss/test.conf b/testing/tests/ikev2/rw-newhope-bliss/test.conf deleted file mode 100755 index 1227b9d1c0..0000000000 --- a/testing/tests/ikev2/rw-newhope-bliss/test.conf +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# guest instances used for this test - -# All guest instances that are required for this test -# -VIRTHOSTS="alice moon carol winnetou dave" - -# Corresponding block diagram -# -DIAGRAM="a-m-c-w-d.png" - -# Guest instances on which tcpdump is to be started -# -TCPDUMPHOSTS="moon" - -# Guest instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol dave" - -# charon controlled by swanctl -# -SWANCTL=1 diff --git a/testing/tests/ikev2/rw-ntru-bliss/description.txt b/testing/tests/ikev2/rw-ntru-bliss/description.txt deleted file mode 100644 index 82ebd89ad0..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/description.txt +++ /dev/null @@ -1,14 +0,0 @@ -The roadwarriors carol and dave set up a connection each to gateway moon. -The key exchange is based on NTRU encryption with a cryptographical strength of 128 bit and -192 bit for carol and dave, respectively. Authentication is based on the BLISS -algorithm with strengths 128 bits (BLISS I), 160 bits (BLISS III) and 192 bits (BLISS IV) for -carol, dave and moon, respectively. -

-Both carol and dave request a virtual IP via the IKEv2 configuration payload. -The gateway moon assigns virtual IP addresses from the pool 10.3.0.0/28 in a monotonously -increasing order. -

-The updown script automatically inserts iptables-based firewall rules that let pass -the tunneled traffic. In order to test the tunnels, carol and dave then ping -the client alice behind the gateway moon. The source IP addresses of the two -pings will be the virtual IPs carol1 and dave1, respectively. diff --git a/testing/tests/ikev2/rw-ntru-bliss/evaltest.dat b/testing/tests/ikev2/rw-ntru-bliss/evaltest.dat deleted file mode 100644 index 937425fabf..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/evaltest.dat +++ /dev/null @@ -1,18 +0,0 @@ -carol::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with BLISS_WITH_SHA2_512 successful::YES -carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES -dave::cat /var/log/daemon.log::authentication of.*moon.strongswan.org.*with BLISS_WITH_SHA2_512 successful::YES -dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES -moon:: cat /var/log/daemon.log::authentication of.*carol@strongswan.org.*with BLISS_WITH_SHA2_256 successful::YES -moon:: cat /var/log/daemon.log::authentication of.*dave@strongswan.org.*with BLISS_WITH_SHA2_384 successful::YES -carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NTRU_128.*local-vips=\[10.3.0.1] child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.3.0.1/32] remote-ts=\[10.1.0.0/16]::YES -dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192 prf-alg=PRF_HMAC_SHA2_384 dh-group=NTRU_192.*local-vips=\[10.3.0.2] child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192.*local-ts=\[10.3.0.2/32] remote-ts=\[10.1.0.0/16]::YES -moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NTRU_128.*remote-vips=\[10.3.0.1] child-sas.*net.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.1/32]::YES -moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192 prf-alg=PRF_HMAC_SHA2_384 dh-group=NTRU_192.*remote-vips=\[10.3.0.2] child-sas.*net.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.2/32]::YES -moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES -moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES -alice::tcpdump::IP carol1.strongswan.org > alice.strongswan.org: ICMP echo request::YES -alice::tcpdump::IP alice.strongswan.org > carol1.strongswan.org: ICMP echo reply::YES -alice::tcpdump::IP dave1.strongswan.org > alice.strongswan.org: ICMP echo request::YES -alice::tcpdump::IP alice.strongswan.org > dave1.strongswan.org: ICMP echo reply::YES diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/strongswan.conf deleted file mode 100644 index 77fd2933ce..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/strongswan.conf +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -charon-systemd { - load = random drbg nonce aes sha1 sha2 sha3 hmac kdf mgf1 ntru bliss x509 revocation pem pkcs1 curl vici kernel-netlink socket-default updown - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/swanctl/swanctl.conf deleted file mode 100755 index fbfe57d213..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,30 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.100 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = pubkey - certs = carolCert.der - id = carol@strongswan.org - } - remote { - auth = pubkey - id = moon.strongswan.org - revocation = strict - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128-sha256-ntru128 - } - } - version = 2 - proposals = aes128-sha256-ntru128 - fragmentation = yes - } -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/strongswan.conf deleted file mode 100644 index 77fd2933ce..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/strongswan.conf +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -charon-systemd { - load = random drbg nonce aes sha1 sha2 sha3 hmac kdf mgf1 ntru bliss x509 revocation pem pkcs1 curl vici kernel-netlink socket-default updown - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/swanctl/swanctl.conf deleted file mode 100755 index ec04538ef0..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,30 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.200 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = pubkey - certs = daveCert.der - id = dave@strongswan.org - } - remote { - auth = pubkey - id = moon.strongswan.org - revocation = strict - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes192-sha384-ntru192 - } - } - version = 2 - proposals = aes192-sha384-ntru192 - fragmentation = yes - } -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/strongswan.conf deleted file mode 100644 index 77fd2933ce..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -charon-systemd { - load = random drbg nonce aes sha1 sha2 sha3 hmac kdf mgf1 ntru bliss x509 revocation pem pkcs1 curl vici kernel-netlink socket-default updown - - send_vendor_id = yes - fragment_size = 1500 -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/swanctl/swanctl.conf deleted file mode 100755 index 2e1ae8dbc5..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,34 +0,0 @@ -connections { - - rw { - local_addrs = 192.168.0.1 - pools = rw_pool - - local { - auth = bliss-sha512 - certs = moonCert.der - id = moon.strongswan.org - } - remote { - auth = pubkey - revocation = strict - } - children { - net { - local_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128-sha256-ntru128,aes192-sha384-ntru192 - } - } - version = 2 - proposals = aes128-sha256-ntru128,aes192-sha384-ntru192 - fragmentation = yes - } -} - -pools { - rw_pool { - addrs = 10.3.0.0/28 - } -} diff --git a/testing/tests/ikev2/rw-ntru-bliss/posttest.dat b/testing/tests/ikev2/rw-ntru-bliss/posttest.dat deleted file mode 100644 index b117208426..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/posttest.dat +++ /dev/null @@ -1,9 +0,0 @@ -carol::systemctl stop strongswan -dave::systemctl stop strongswan -moon::systemctl stop strongswan -moon::iptables-restore < /etc/iptables.flush -carol::iptables-restore < /etc/iptables.flush -dave::iptables-restore < /etc/iptables.flush -moon::cd /etc/swanctl; rm bliss/* x509/moonCert.der x509ca/strongswan_blissCert.der -carol::cd /etc/swanctl; rm bliss/* x509/carolCert.der x509ca/strongswan_blissCert.der -dave::cd /etc/swanctl; rm bliss/* x509/daveCert.der x509ca/strongswan_blissCert.der diff --git a/testing/tests/ikev2/rw-ntru-bliss/pretest.dat b/testing/tests/ikev2/rw-ntru-bliss/pretest.dat deleted file mode 100644 index 819964b7df..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/pretest.dat +++ /dev/null @@ -1,14 +0,0 @@ -moon::iptables-restore < /etc/iptables.rules -carol::iptables-restore < /etc/iptables.rules -dave::iptables-restore < /etc/iptables.rules -moon::cd /etc/swanctl; rm rsa/* x509/moonCert.pem x509ca/strongswanCert.pem -carol::cd /etc/swanctl; rm rsa/* x509/carolCert.pem x509ca/strongswanCert.pem -dave::cd /etc/swanctl; rm rsa/* x509/daveCert.pem x509ca/strongswanCert.pem -moon::systemctl start strongswan -carol::systemctl start strongswan -dave::systemctl start strongswan -moon::expect-connection rw -carol::expect-connection home -carol::swanctl --initiate --child home 2> /dev/null -dave::expect-connection home -dave::swanctl --initiate --child home 2> /dev/null diff --git a/testing/tests/ikev2/rw-ntru-bliss/test.conf b/testing/tests/ikev2/rw-ntru-bliss/test.conf deleted file mode 100644 index a542d037ed..0000000000 --- a/testing/tests/ikev2/rw-ntru-bliss/test.conf +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# guest instances used for this test - -# All guest instances that are required for this test -# -VIRTHOSTS="alice moon carol winnetou dave" - -# Corresponding block diagram -# -DIAGRAM="a-m-c-w-d.png" - -# Guest instances on which tcpdump is to be started -# -TCPDUMPHOSTS="moon alice" - -# Guest instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol dave" - -# charon controlled by swanctl -# -SWANCTL=1 diff --git a/testing/tests/ikev2/rw-ntru-psk/description.txt b/testing/tests/ikev2/rw-ntru-psk/description.txt deleted file mode 100755 index 10181239c7..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/description.txt +++ /dev/null @@ -1,12 +0,0 @@ -The roadwarriors carol and dave set up a connection each to gateway moon. -The key exchange is based on NTRU encryption with a cryptographical strength of 128 bit and -192 bit for carol and dave, respectively. Authentication is based on strong -preshared keys (PSKs). -Both carol and dave request a virtual IP via the IKEv2 configuration payload -by using the vips = 0.0.0.0 parameter. The gateway moon assigns virtual -IP addresses from a simple pool in a monotonously increasing order. -

-Upon the successful establishment of the IPsec tunnels, the updown-script automatically -inserts iptables-based firewall rules that let pass the tunneled traffic. -In order to test both tunnel and firewall, both -carol and dave ping the client alice behind the gateway moon. diff --git a/testing/tests/ikev2/rw-ntru-psk/evaltest.dat b/testing/tests/ikev2/rw-ntru-psk/evaltest.dat deleted file mode 100755 index 82a540a987..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/evaltest.dat +++ /dev/null @@ -1,14 +0,0 @@ -carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NTRU_128.*local-vips=\[10.3.0.1] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.3.0.1/32] remote-ts=\[10.1.0.0/16]::YES -dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192 prf-alg=PRF_HMAC_SHA2_384 dh-group=NTRU_192.*local-vips=\[10.3.0.2] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=192.*local-ts=\[10.3.0.2/32] remote-ts=\[10.1.0.0/16]::YES -moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NTRU_128.*remote-vips=\[10.3.0.1] child-sas.*net.*reqid=1 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=128.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.1/32]::YES -moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=192 integ-alg=HMAC_SHA2_384_192 prf-alg=PRF_HMAC_SHA2_384 dh-group=NTRU_192.*remote-vips=\[10.3.0.2] child-sas.*net.*reqid=2 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=192.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.2/32]::YES -carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES -dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES -alice::tcpdump::IP carol1.strongswan.org > alice.strongswan.org: ICMP echo request::YES -alice::tcpdump::IP alice.strongswan.org > carol1.strongswan.org: ICMP echo reply::YES -alice::tcpdump::IP dave1.strongswan.org > alice.strongswan.org: ICMP echo request::YES -alice::tcpdump::IP alice.strongswan.org > dave1.strongswan.org: ICMP echo reply::YES -moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES -moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES -moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/strongswan.conf deleted file mode 100755 index 283c226e01..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/strongswan.conf +++ /dev/null @@ -1,10 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = random openssl -} - -charon-systemd { - load = random drbg nonce aes sha1 sha2 mgf1 ntru hmac kdf vici kernel-netlink socket-default updown - send_vendor_id = yes -} diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/swanctl/swanctl.conf deleted file mode 100755 index 249872710c..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/carol/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,35 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.100 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = psk - id = carol@strongswan.org - } - remote { - auth = psk - id = moon.strongswan.org - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128gcm128-ntru128 - } - } - version = 2 - proposals = aes128-sha256-ntru128 - } -} - -secrets { - - ike-moon { - id = moon.strongswan.org - secret = 0sFpZAZqEN6Ti9sqt4ZP5EWcqx - } -} diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/strongswan.conf deleted file mode 100755 index 283c226e01..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/strongswan.conf +++ /dev/null @@ -1,10 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = random openssl -} - -charon-systemd { - load = random drbg nonce aes sha1 sha2 mgf1 ntru hmac kdf vici kernel-netlink socket-default updown - send_vendor_id = yes -} diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/swanctl/swanctl.conf deleted file mode 100755 index 28cd319157..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/dave/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,35 +0,0 @@ -connections { - - home { - local_addrs = 192.168.0.200 - remote_addrs = 192.168.0.1 - vips = 0.0.0.0 - - local { - auth = psk - id = dave@strongswan.org - } - remote { - auth = psk - id = moon.strongswan.org - } - children { - home { - remote_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes192gcm128-ntru192 - } - } - version = 2 - proposals = aes192-sha384-ntru192 - } -} - -secrets { - - ike-moon { - id = moon.strongswan.org - secret = 0sjVzONCF02ncsgiSlmIXeqhGN - } -} diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/strongswan.conf deleted file mode 100755 index 283c226e01..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,10 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -swanctl { - load = random openssl -} - -charon-systemd { - load = random drbg nonce aes sha1 sha2 mgf1 ntru hmac kdf vici kernel-netlink socket-default updown - send_vendor_id = yes -} diff --git a/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/swanctl/swanctl.conf deleted file mode 100755 index 2307b6baa1..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/hosts/moon/etc/swanctl/swanctl.conf +++ /dev/null @@ -1,43 +0,0 @@ -connections { - - rw { - local_addrs = 192.168.0.1 - pools = rw_pool - - local { - auth = psk - id = moon.strongswan.org - } - remote { - auth = psk - } - children { - net { - local_ts = 10.1.0.0/16 - - updown = /usr/local/libexec/ipsec/_updown iptables - esp_proposals = aes128gcm128-ntru128,aes192gcm128-ntru192 - } - } - version = 2 - proposals = aes128-sha256-ntru128,aes192-sha384-ntru192 - } -} - -secrets { - - ike-carol { - id = carol@strongswan.org - secret = 0sFpZAZqEN6Ti9sqt4ZP5EWcqx - } - ike-dave { - id = dave@strongswan.org - secret = 0sjVzONCF02ncsgiSlmIXeqhGN - } -} - -pools { - rw_pool { - addrs = 10.3.0.0/28 - } -} diff --git a/testing/tests/ikev2/rw-ntru-psk/posttest.dat b/testing/tests/ikev2/rw-ntru-psk/posttest.dat deleted file mode 100755 index e5c82ef20d..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/posttest.dat +++ /dev/null @@ -1,6 +0,0 @@ -carol::systemctl stop strongswan -dave::systemctl stop strongswan -moon::systemctl stop strongswan -moon::iptables-restore < /etc/iptables.flush -carol::iptables-restore < /etc/iptables.flush -dave::iptables-restore < /etc/iptables.flush diff --git a/testing/tests/ikev2/rw-ntru-psk/pretest.dat b/testing/tests/ikev2/rw-ntru-psk/pretest.dat deleted file mode 100755 index 12ad60eb8a..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/pretest.dat +++ /dev/null @@ -1,14 +0,0 @@ -moon::iptables-restore < /etc/iptables.rules -carol::iptables-restore < /etc/iptables.rules -dave::iptables-restore < /etc/iptables.rules -moon::cd /etc/swanctl; rm rsa/* x509/* x509ca/* -carol::cd /etc/swanctl; rm rsa/* x509/* x509ca/* -dave::cd /etc/swanctl; rm rsa/* x509/* x509ca/* -moon::systemctl start strongswan -carol::systemctl start strongswan -dave::systemctl start strongswan -moon::expect-connection rw -carol::expect-connection home -carol::swanctl --initiate --child home 2> /dev/null -dave::expect-connection home -dave::swanctl --initiate --child home 2> /dev/null diff --git a/testing/tests/ikev2/rw-ntru-psk/test.conf b/testing/tests/ikev2/rw-ntru-psk/test.conf deleted file mode 100755 index a542d037ed..0000000000 --- a/testing/tests/ikev2/rw-ntru-psk/test.conf +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# guest instances used for this test - -# All guest instances that are required for this test -# -VIRTHOSTS="alice moon carol winnetou dave" - -# Corresponding block diagram -# -DIAGRAM="a-m-c-w-d.png" - -# Guest instances on which tcpdump is to be started -# -TCPDUMPHOSTS="moon alice" - -# Guest instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol dave" - -# charon controlled by swanctl -# -SWANCTL=1 -- 2.47.2