diff options
author | dimitri staessens <[email protected]> | 2017-08-09 18:55:37 +0200 |
---|---|---|
committer | dimitri staessens <[email protected]> | 2017-08-09 20:48:27 +0200 |
commit | 24aa46946349529bf36d3569796a28917d3e756f (patch) | |
tree | 58ef8a40142323771eecbd8ce6c2eaea409bc138 /include | |
parent | c1d7ff1e1bd44e1a38af8a1b498c68f3378fa342 (diff) | |
download | ouroboros-24aa46946349529bf36d3569796a28917d3e756f.tar.gz ouroboros-24aa46946349529bf36d3569796a28917d3e756f.zip |
build, lib, ipcpd, irmd: Add support for libgcrypt
This adds support for libgcrypt. If at least version 1.7.0 of
libgcrypt is present, it may be used for secure random number
generation and is used for hashing in the irmd/ipcp.
The hash definitions are moved to the internal hash.h header, and
defined independently of the hashes that are defined as part of the
directory policy for the normal IPCP. The translation is moved from
the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the
IPCP to return the correct hash algorithm with a dif_info struct,
which is in line with the behavior of the enroll call.
This also improves how some platform checks in the build system are
handled.
Diffstat (limited to 'include')
-rw-r--r-- | include/ouroboros/config.h.in | 4 | ||||
-rw-r--r-- | include/ouroboros/hash.h | 27 | ||||
-rw-r--r-- | include/ouroboros/ipcp.h | 17 |
3 files changed, 34 insertions, 14 deletions
diff --git a/include/ouroboros/config.h.in b/include/ouroboros/config.h.in index 0957ee4d..881410eb 100644 --- a/include/ouroboros/config.h.in +++ b/include/ouroboros/config.h.in @@ -37,6 +37,10 @@ #define IPCP_NORMAL_EXEC "@IPCP_NORMAL_TARGET@" #define IPCP_LOCAL_EXEC "@IPCP_LOCAL_TARGET@" #cmakedefine HAVE_ROBUST_MUTEX +#cmakedefine HAVE_SYS_RANDOM +#cmakedefine HAVE_LIBGCRYPT +#cmakedefine HAVE_OPENSSL +#cmakedefine HAVE_NETMAP #define AP_MAX_FLOWS 2048 #define AP_RES_FDS 64 #define AP_MAX_FQUEUES 64 diff --git a/include/ouroboros/hash.h b/include/ouroboros/hash.h index 456a93f3..6d3f98a3 100644 --- a/include/ouroboros/hash.h +++ b/include/ouroboros/hash.h @@ -25,11 +25,30 @@ #define OUROBOROS_LIB_HASH_H #include <ouroboros/endian.h> -#include <ouroboros/ipcp.h> -#include <ouroboros/crc32.h> -#include <ouroboros/md5.h> -#include <ouroboros/sha3.h> +#ifdef HAVE_LIBGCRYPT +#include <gcrypt.h> +#endif +#include <stdint.h> + +/* Hash algorithms */ +enum hash_algo { +#ifdef HAVE_LIBGCRYPT + HASH_CRC32 = GCRY_MD_CRC32, + HASH_MD5 = GCRY_MD_MD5, + HASH_SHA3_224 = GCRY_MD_SHA3_224, + HASH_SHA3_256 = GCRY_MD_SHA3_256, + HASH_SHA3_384 = GCRY_MD_SHA3_384, + HASH_SHA3_512 = GCRY_MD_SHA3_512 +#else + HASH_CRC32 = 0, + HASH_MD5, + HASH_SHA3_224, + HASH_SHA3_256, + HASH_SHA3_384, + HASH_SHA3_512 +#endif +}; #define HASH_FMT "%02x%02x%02x%02x" #define HASH_VAL(hash) \ diff --git a/include/ouroboros/ipcp.h b/include/ouroboros/ipcp.h index 1b775a63..7c34cc7d 100644 --- a/include/ouroboros/ipcp.h +++ b/include/ouroboros/ipcp.h @@ -52,22 +52,19 @@ enum pol_routing { LINK_STATE = 0 }; -/* Hash algorithms */ -enum hash_algo { - HASH_CRC32 = 0, - HASH_MD5, - HASH_SHA3_224, - HASH_SHA3_256, - HASH_SHA3_384, - HASH_SHA3_512 +enum pol_dir_hash { + DIR_HASH_SHA3_224 = 0, + DIR_HASH_SHA3_256, + DIR_HASH_SHA3_384, + DIR_HASH_SHA3_512 }; #define DIF_NAME_SIZE 256 /* Info reported back to the IRMd about the DIF on enrollment */ struct dif_info { - char dif_name[DIF_NAME_SIZE]; - enum hash_algo dir_hash_algo; + char dif_name[DIF_NAME_SIZE]; + enum pol_dir_hash dir_hash_algo; }; /* Structure to configure the first IPCP */ |