diff --git a/include/ckaid.h b/include/ckaid.h index f8fe80174cc..a43e90a024b 100644 --- a/include/ckaid.h +++ b/include/ckaid.h @@ -54,7 +54,7 @@ const char *str_ckaid(const ckaid_t *ckaid, ckaid_buf *buf); size_t jam_ckaid(struct jambuf *buf, const ckaid_t *ckaid); err_t form_ckaid_rsa(chunk_t modulus, ckaid_t *ckaid); -err_t form_ckaid_ecdsa(chunk_t pub_value, ckaid_t *ckaid); +err_t form_ckaid_ecKey(chunk_t pub_value, ckaid_t *ckaid); bool ckaid_eq_nss(const ckaid_t *l, const SECItem *r); ckaid_t ckaid_from_secitem(const SECItem *const nss_ckaid); diff --git a/include/pluto_constants.h b/include/pluto_constants.h index f9a1a7402cd..9dac102ac41 100644 --- a/include/pluto_constants.h +++ b/include/pluto_constants.h @@ -1058,7 +1058,7 @@ enum PrivateKeyKind { PKK_RSA, PKK_XAUTH, PKK_PPK, - PKK_ECDSA, /* should not be needed */ + PKK_EC, /* should not be needed */ PKK_NULL, PKK_INVALID, }; diff --git a/include/secrets.h b/include/secrets.h index 9860d44d18b..b0f5904aa39 100644 --- a/include/secrets.h +++ b/include/secrets.h @@ -53,13 +53,13 @@ struct RSA_private_key { struct RSA_public_key pub; }; -struct ECDSA_public_key { +struct EC_public_key { chunk_t ecParams; chunk_t pub; /* publicValue */ }; -struct ECDSA_private_key { - struct ECDSA_public_key pub; +struct EC_private_key { + struct EC_public_key pub; chunk_t ecParams; chunk_t pub_val; /* publicValue */ chunk_t privateValue; @@ -71,7 +71,7 @@ err_t rsa_pubkey_to_base64(chunk_t exponent, chunk_t modulus, char **rr); err_t unpack_RSA_public_key(struct RSA_public_key *rsa, keyid_t *keyid, ckaid_t *ckaid, size_t *size, const chunk_t *pubkey); -err_t unpack_ECDSA_public_key(struct ECDSA_public_key *ecdsa, +err_t unpack_EC_public_key(struct EC_public_key *ecKey, keyid_t *keyid, ckaid_t *ckaid, size_t *size, const chunk_t *pubkey); @@ -86,7 +86,7 @@ struct private_key_stuff { union { chunk_t preshared_secret; struct RSA_private_key RSA_private_key; - struct ECDSA_private_key ECDSA_private_key; + struct EC_private_key EC_private_key; /* struct smartcard *smartcard; */ } u; @@ -140,7 +140,7 @@ struct hash_signature { union pubkey_content { struct RSA_public_key rsa; - struct ECDSA_public_key ecdsa; + struct EC_public_key ecPub; }; struct pubkey_type { diff --git a/lib/libswan/base64_pubkey.c b/lib/libswan/base64_pubkey.c index fd06934ff8b..ef0451718e0 100644 --- a/lib/libswan/base64_pubkey.c +++ b/lib/libswan/base64_pubkey.c @@ -218,13 +218,13 @@ err_t unpack_RSA_public_key(struct RSA_public_key *rsa, return NULL; } -err_t unpack_ECDSA_public_key(struct ECDSA_public_key *ecdsa, +err_t unpack_EC_public_key(struct EC_public_key *ecKey, keyid_t *keyid, ckaid_t *ckaid, size_t *size, const chunk_t *pubkey) { err_t e; - e = form_ckaid_ecdsa(*pubkey, ckaid); + e = form_ckaid_ecKey(*pubkey, ckaid); if (e != NULL) { return e; } @@ -236,13 +236,13 @@ err_t unpack_ECDSA_public_key(struct ECDSA_public_key *ecdsa, } *size = pubkey->len; - ecdsa->pub = clone_hunk(*pubkey, "public value"); + ecKey->pub = clone_hunk(*pubkey, "public value"); if (DBGP(DBG_BASE)) { /* pubkey information isn't DBG_PRIVATE */ DBG_log("keyid: *%s", str_keyid(*keyid)); DBG_log(" size: %zu", *size); - DBG_dump_hunk(" pub", ecdsa->pub); + DBG_dump_hunk(" pub", ecKey->pub); DBG_dump_hunk(" CKAID", *ckaid); } diff --git a/lib/libswan/ckaid.c b/lib/libswan/ckaid.c index 388c0a013a7..d83c0d2cfa9 100644 --- a/lib/libswan/ckaid.c +++ b/lib/libswan/ckaid.c @@ -113,7 +113,7 @@ err_t form_ckaid_rsa(chunk_t modulus, ckaid_t *ckaid) return NULL; } -err_t form_ckaid_ecdsa(chunk_t pub_value, ckaid_t *ckaid) +err_t form_ckaid_ecKey(chunk_t pub_value, ckaid_t *ckaid) { /* * Compute the CKAID directly using the public value. - keep old @@ -125,7 +125,7 @@ err_t form_ckaid_ecdsa(chunk_t pub_value, ckaid_t *ckaid) return "unable to compute 'CKAID' from public value"; } if (DBGP(DBG_BASE)) { - DBG_dump("computed ecdsa CKAID", + DBG_dump("computed ecKey CKAID", nss_ckaid->data, nss_ckaid->len); } *ckaid = ckaid_from_secitem(nss_ckaid); diff --git a/lib/libswan/constants.c b/lib/libswan/constants.c index cbe81c055dd..781bcd7bc91 100644 --- a/lib/libswan/constants.c +++ b/lib/libswan/constants.c @@ -2164,7 +2164,7 @@ static const char *const pkk_name[] = { "PKK_RSA", "PKK_XAUTH", "PKK_PPK", - "PKK_ECDSA", + "PKK_EC", "PKK_NULL", "PKK_INVALID", }; diff --git a/lib/libswan/secrets.c b/lib/libswan/secrets.c index 812ff07dacc..862f3106929 100644 --- a/lib/libswan/secrets.c +++ b/lib/libswan/secrets.c @@ -347,17 +347,17 @@ const struct pubkey_type pubkey_type_rsa = { .sign_hash = RSA_sign_hash, }; -static err_t ECDSA_unpack_pubkey_content(union pubkey_content *u, +static err_t EC_unpack_pubkey_content(union pubkey_content *u, keyid_t *keyid, ckaid_t *ckaid, size_t *size, chunk_t pubkey) { - return unpack_ECDSA_public_key(&u->ecdsa, keyid, ckaid, size, &pubkey); + return unpack_EC_public_key(&u->ecPub, keyid, ckaid, size, &pubkey); } -static void ECDSA_free_public_content(struct ECDSA_public_key *ecdsa) +static void EC_free_public_content(struct EC_public_key *ecKey) { - free_chunk_content(&ecdsa->pub); - free_chunk_content(&ecdsa->ecParams); + free_chunk_content(&ecKey->pub); + free_chunk_content(&ecKey->ecParams); /* ckaid is an embedded struct (no pointer) */ /* * ??? what about ecdsa->pub.{version,ckaid}? @@ -367,18 +367,18 @@ static void ECDSA_free_public_content(struct ECDSA_public_key *ecdsa) */ } -static void ECDSA_free_pubkey_content(union pubkey_content *u) +static void EC_free_pubkey_content(union pubkey_content *u) { - ECDSA_free_public_content(&u->ecdsa); + EC_free_public_content(&u->ecPub); } -static void ECDSA_extract_public_key(struct ECDSA_public_key *pub, +static void EC_extract_public_key(struct EC_public_key *pub, keyid_t *keyid, ckaid_t *ckaid, size_t *size, SECKEYPublicKey *pubkey_nss, SECItem *ckaid_nss) { - pub->pub = clone_secitem_as_chunk(pubkey_nss->u.ec.publicValue, "ECDSA pub"); - pub->ecParams = clone_secitem_as_chunk(pubkey_nss->u.ec.DEREncodedParams, "ECDSA ecParams"); + pub->pub = clone_secitem_as_chunk(pubkey_nss->u.ec.publicValue, "EC pub"); + pub->ecParams = clone_secitem_as_chunk(pubkey_nss->u.ec.DEREncodedParams, "EC ecParams"); *size = pubkey_nss->u.ec.publicValue.len; *ckaid = ckaid_from_secitem(ckaid_nss); /* keyid */ @@ -394,29 +394,29 @@ static void ECDSA_extract_public_key(struct ECDSA_public_key *pub, } } -static void ECDSA_extract_pubkey_content(union pubkey_content *pkc, +static void EC_extract_pubkey_content(union pubkey_content *pkc, keyid_t *keyid, ckaid_t *ckaid, size_t *size, SECKEYPublicKey *pubkey_nss, SECItem *ckaid_nss) { - ECDSA_extract_public_key(&pkc->ecdsa, keyid, ckaid, size, pubkey_nss, ckaid_nss); + EC_extract_public_key(&pkc->ecPub, keyid, ckaid, size, pubkey_nss, ckaid_nss); } -static void ECDSA_extract_private_key_pubkey_content(struct private_key_stuff *pks, +static void EC_extract_private_key_pubkey_content(struct private_key_stuff *pks, keyid_t *keyid, ckaid_t *ckaid, size_t *size, SECKEYPublicKey *pubkey_nss, SECItem *ckaid_nss) { - struct ECDSA_private_key *ecdsak = &pks->u.ECDSA_private_key; - ECDSA_extract_public_key(&ecdsak->pub, keyid, ckaid, size, + struct EC_private_key *ecKey = &pks->u.EC_private_key; + EC_extract_public_key(&ecKey->pub, keyid, ckaid, size, pubkey_nss, ckaid_nss); } -static void ECDSA_free_secret_content(struct private_key_stuff *pks) +static void EC_free_secret_content(struct private_key_stuff *pks) { SECKEY_DestroyPrivateKey(pks->private_key); - struct ECDSA_private_key *ecdsak = &pks->u.ECDSA_private_key; - ECDSA_free_public_content(&ecdsak->pub); + struct EC_private_key *ecKey = &pks->u.EC_private_key; + EC_free_public_content(&ecKey->pub); } /* @@ -424,9 +424,9 @@ static void ECDSA_free_secret_content(struct private_key_stuff *pks) * implement this, so there is no ECDSA curve that libreswan needs to * disallow for security reasons */ -static err_t ECDSA_secret_sane(struct private_key_stuff *pks_unused UNUSED) +static err_t EC_secret_sane(struct private_key_stuff *pks_unused UNUSED) { - dbg("ECDSA is assumed to be sane"); + dbg("EC Algorithms are assumed to be sane"); return NULL; } @@ -494,14 +494,14 @@ static struct hash_signature ECDSA_sign_hash(const struct private_key_stuff *pks const struct pubkey_type pubkey_type_ecdsa = { .alg = PUBKEY_ALG_ECDSA, .name = "ECDSA", - .private_key_kind = PKK_ECDSA, - .unpack_pubkey_content = ECDSA_unpack_pubkey_content, - .free_pubkey_content = ECDSA_free_pubkey_content, - .extract_private_key_pubkey_content = ECDSA_extract_private_key_pubkey_content, - .free_secret_content = ECDSA_free_secret_content, - .secret_sane = ECDSA_secret_sane, + .private_key_kind = PKK_EC, + .unpack_pubkey_content = EC_unpack_pubkey_content, + .free_pubkey_content = EC_free_pubkey_content, + .extract_private_key_pubkey_content = EC_extract_private_key_pubkey_content, + .free_secret_content = EC_free_secret_content, + .secret_sane = EC_secret_sane, .sign_hash = ECDSA_sign_hash, - .extract_pubkey_content = ECDSA_extract_pubkey_content, + .extract_pubkey_content = EC_extract_pubkey_content, }; const struct pubkey_type *pubkey_alg_type(enum pubkey_alg alg) @@ -754,7 +754,7 @@ struct secret *lsw_find_secret_by_id(struct secret *secrets, &s->pks.u.RSA_private_key.pub, &best->pks.u.RSA_private_key.pub); break; - case PKK_ECDSA: + case PKK_EC: /* there are no ECDSA kind of secrets */ /* ??? this seems not to be the case */ break; @@ -1504,7 +1504,7 @@ void lsw_free_preshared_secrets(struct secret **psecrets, struct logger *logger) pfree(s->pks.u.preshared_secret.ptr); break; case PKK_RSA: - case PKK_ECDSA: + case PKK_EC: /* Note: pub is all there is */ s->pks.pubkey_type->free_secret_content(&s->pks); break; diff --git a/programs/pluto/ikev2_ecdsa.c b/programs/pluto/ikev2_ecdsa.c index b15e73b23ef..54d0aed7a2e 100644 --- a/programs/pluto/ikev2_ecdsa.c +++ b/programs/pluto/ikev2_ecdsa.c @@ -73,7 +73,7 @@ bool authsig_using_ECDSA_ikev2_pubkey(const struct crypt_mac *hash, shunk_t sign */ /* allocate the pubkey */ - const struct ECDSA_public_key *k = &kr->u.ecdsa; + const struct EC_public_key *k = &kr->u.ecPub; SECKEYPublicKey *publicKey = (SECKEYPublicKey *) PORT_ArenaZAlloc(arena, sizeof(SECKEYPublicKey)); if (publicKey == NULL) { diff --git a/programs/pluto/keys.c b/programs/pluto/keys.c index 28b6d37d393..f1deb098968 100644 --- a/programs/pluto/keys.c +++ b/programs/pluto/keys.c @@ -99,8 +99,8 @@ static int print_secrets(struct secret *secret, case PKK_XAUTH: kind = "XAUTH"; break; - case PKK_ECDSA: - kind = "ECDSA"; + case PKK_EC: + kind = "EC"; break; default: return 1; diff --git a/programs/showhostkey/showhostkey.c b/programs/showhostkey/showhostkey.c index 561b95b63f9..91b6cfcb826 100644 --- a/programs/showhostkey/showhostkey.c +++ b/programs/showhostkey/showhostkey.c @@ -147,7 +147,7 @@ static void print(struct private_key_stuff *pks, } // this never has a secret entry so shouldn't ne needed - case PKK_ECDSA: { + case PKK_EC: { break; } @@ -224,7 +224,7 @@ static int pick_by_ckaid(struct secret *secret UNUSED, void *uservoid) { char *start = (char *)uservoid; - if ((pks->kind == PKK_RSA || pks->kind == PKK_ECDSA) && + if ((pks->kind == PKK_RSA || pks->kind == PKK_EC) && ckaid_starts_with(&pks->ckaid, start)) { /* stop */ return 0; @@ -295,7 +295,7 @@ static int show_dnskey(struct private_key_stuff *pks, static int show_confkey(struct private_key_stuff *pks, char *side) { - if (pks->kind != PKK_RSA && pks->kind != PKK_ECDSA) { + if (pks->kind != PKK_RSA && pks->kind != PKK_EC) { char *enumstr = "gcc is crazy"; switch (pks->kind) { case PKK_PSK: @@ -325,7 +325,7 @@ static int show_confkey(struct private_key_stuff *pks, base64); pfree(base64); break; - case PKK_ECDSA: + case PKK_EC: printf("\t# ecdsakey %s\n", pks->keyid.keyid); printf("\t%secdsasigkey=%s\n", side,