summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authordimitri staessens <[email protected]>2017-08-09 18:55:37 +0200
committerdimitri staessens <[email protected]>2017-08-09 20:48:27 +0200
commit24aa46946349529bf36d3569796a28917d3e756f (patch)
tree58ef8a40142323771eecbd8ce6c2eaea409bc138 /include
parentc1d7ff1e1bd44e1a38af8a1b498c68f3378fa342 (diff)
downloadouroboros-24aa46946349529bf36d3569796a28917d3e756f.tar.gz
ouroboros-24aa46946349529bf36d3569796a28917d3e756f.zip
build, lib, ipcpd, irmd: Add support for libgcrypt
This adds support for libgcrypt. If at least version 1.7.0 of libgcrypt is present, it may be used for secure random number generation and is used for hashing in the irmd/ipcp. The hash definitions are moved to the internal hash.h header, and defined independently of the hashes that are defined as part of the directory policy for the normal IPCP. The translation is moved from the IRMd to ipcpd/ipcp.h. The bootstrap call from the IRMd expects the IPCP to return the correct hash algorithm with a dif_info struct, which is in line with the behavior of the enroll call. This also improves how some platform checks in the build system are handled.
Diffstat (limited to 'include')
-rw-r--r--include/ouroboros/config.h.in4
-rw-r--r--include/ouroboros/hash.h27
-rw-r--r--include/ouroboros/ipcp.h17
3 files changed, 34 insertions, 14 deletions
diff --git a/include/ouroboros/config.h.in b/include/ouroboros/config.h.in
index 0957ee4d..881410eb 100644
--- a/include/ouroboros/config.h.in
+++ b/include/ouroboros/config.h.in
@@ -37,6 +37,10 @@
#define IPCP_NORMAL_EXEC "@IPCP_NORMAL_TARGET@"
#define IPCP_LOCAL_EXEC "@IPCP_LOCAL_TARGET@"
#cmakedefine HAVE_ROBUST_MUTEX
+#cmakedefine HAVE_SYS_RANDOM
+#cmakedefine HAVE_LIBGCRYPT
+#cmakedefine HAVE_OPENSSL
+#cmakedefine HAVE_NETMAP
#define AP_MAX_FLOWS 2048
#define AP_RES_FDS 64
#define AP_MAX_FQUEUES 64
diff --git a/include/ouroboros/hash.h b/include/ouroboros/hash.h
index 456a93f3..6d3f98a3 100644
--- a/include/ouroboros/hash.h
+++ b/include/ouroboros/hash.h
@@ -25,11 +25,30 @@
#define OUROBOROS_LIB_HASH_H
#include <ouroboros/endian.h>
-#include <ouroboros/ipcp.h>
-#include <ouroboros/crc32.h>
-#include <ouroboros/md5.h>
-#include <ouroboros/sha3.h>
+#ifdef HAVE_LIBGCRYPT
+#include <gcrypt.h>
+#endif
+#include <stdint.h>
+
+/* Hash algorithms */
+enum hash_algo {
+#ifdef HAVE_LIBGCRYPT
+ HASH_CRC32 = GCRY_MD_CRC32,
+ HASH_MD5 = GCRY_MD_MD5,
+ HASH_SHA3_224 = GCRY_MD_SHA3_224,
+ HASH_SHA3_256 = GCRY_MD_SHA3_256,
+ HASH_SHA3_384 = GCRY_MD_SHA3_384,
+ HASH_SHA3_512 = GCRY_MD_SHA3_512
+#else
+ HASH_CRC32 = 0,
+ HASH_MD5,
+ HASH_SHA3_224,
+ HASH_SHA3_256,
+ HASH_SHA3_384,
+ HASH_SHA3_512
+#endif
+};
#define HASH_FMT "%02x%02x%02x%02x"
#define HASH_VAL(hash) \
diff --git a/include/ouroboros/ipcp.h b/include/ouroboros/ipcp.h
index 1b775a63..7c34cc7d 100644
--- a/include/ouroboros/ipcp.h
+++ b/include/ouroboros/ipcp.h
@@ -52,22 +52,19 @@ enum pol_routing {
LINK_STATE = 0
};
-/* Hash algorithms */
-enum hash_algo {
- HASH_CRC32 = 0,
- HASH_MD5,
- HASH_SHA3_224,
- HASH_SHA3_256,
- HASH_SHA3_384,
- HASH_SHA3_512
+enum pol_dir_hash {
+ DIR_HASH_SHA3_224 = 0,
+ DIR_HASH_SHA3_256,
+ DIR_HASH_SHA3_384,
+ DIR_HASH_SHA3_512
};
#define DIF_NAME_SIZE 256
/* Info reported back to the IRMd about the DIF on enrollment */
struct dif_info {
- char dif_name[DIF_NAME_SIZE];
- enum hash_algo dir_hash_algo;
+ char dif_name[DIF_NAME_SIZE];
+ enum pol_dir_hash dir_hash_algo;
};
/* Structure to configure the first IPCP */