Issue #1473 Does Strongswan Supports Openssl Engine to Add New Encryption Algorithm? 18.05.2016 13:19 - Mina Jafari

strongSwan - Issue #1473 Does strongswan supports Openssl engine to add new encryption algorithm? 18.05.2016 13:19 - Mina Jafari

Status: Closed Priority: Normal Assignee: Tobias Brunner Category: libstrongswan Affected version: 5.4.0 Resolution: No change required Description We can add a new encryption or hash algorithm to openssl algorithms using a dynamic method named "engine". I compiled my custom encryption algorithm as an openssl engine, does Strongswan supports loading a new algorithm using openssl engine? I've seen issue #832 and I thought it could be done by adding engine-id to file strongswan.d/charon/openssl.conf and compiling Strongswan with --enable-openssl and loading openssl plugin. But although openssl plugin is loaded, ipsec listalgs does not list my custom algorithm and I get error log: algorithm 'mina' not recognized skipped invalid proposal string: mina-sha1-modp1024 when I use mina algorithm in ipsec.conf.

History #1 - 18.05.2016 14:33 - Tobias Brunner - Status changed from New to Feedback

You at least also need to extend the proposal parser (source:src/libstrongswan/crypto/proposal/proposal_keywords.h#L94) and extend the plugin feature registration in the openssl plugin (source:src/libstrongswan/plugins/openssl/openssl_plugin.c#L268). And the list of algorithms in the crypter does also have to be extended (source:src/libstrongswan/plugins/openssl/openssl_crypter.c#L46 or directly in the constructor)

#2 - 19.05.2016 18:48 - Mina Jafari Tobias Brunner wrote:

Do you mean it supports engine but if I want to see my algorithm I should change those files?

#3 - 19.05.2016 19:56 - Tobias Brunner

Do you mean it supports engine but if I want to see my algorithm I should change those files?

I don't know whether it's supported or not for what you want to do. The only application that has once been tested is using engines to access RSA private keys (it's also the only place where an engine is explicitly instantiated, source:src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c#L599). But perhaps engines configured in openssl.cfg are loaded automatically when the plugin is initialized and OPENSSL_config() and ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); are called. But even it that's the case and you could theoretically instantiate an EVP_CIPHER object backed by an engine you would still have to add additional changes so you can configure the algorithm and the IKE daemon would actually use it (that is if you actually want to add a new algorithm and not just a different implementation - e.g. hardware accelerated - for an existing one).

#4 - 23.05.2016 11:48 - Mina Jafari Tobias Brunner wrote:

Do you mean it supports engine but if I want to see my algorithm I should change those files?

27.09.2021 1/7 source:src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c#L599). But perhaps engines configured in openssl.cfg are loaded automatically when the plugin is initialized and OPENSSL_config() and ENGINE_load_builtin_engines(); ENGINE_register_all_complete(); are called. But even it that's the case and you could theoretically instantiate an EVP_CIPHER object backed by an engine you would still have to add additional changes so you can configure the algorithm and the IKE daemon would actually use it (that is if you actually want to add a new algorithm and not just a different implementation - e.g. hardware accelerated - for an existing one).

I guess I should do the same thing as you did to use pkcs11 as an openssl engine. Is there any example or test which use this? I want to trace it to find out its code. (In fact I need a dynamic solution I mean the algorithm be compiled independently from strongswan, but strongswan can load it. such solution is provided by openssl called dynamic engine and is supported by some applications for example OpenVPN.)

#5 - 23.05.2016 13:23 - Tobias Brunner

I guess I should do the same thing as you did to use pkcs11 as an openssl engine.

I don't think that's necessary. I think dynamic engines configured in openssl.cnf are loaded automatically when the openssl plugin calls OPENSSL_config(). Only if you want to instantiate a specific engine you'll need to load it manually.

But as I said before, if you provide a completely new algorithm (not a new implementation for an existing/known algorithm) you'll need at least some code changes. Did you already look at strongSwan's own plugin system?

#6 - 23.05.2016 15:28 - Mina Jafari Tobias Brunner wrote:

I guess I should do the same thing as you did to use pkcs11 as an openssl engine.

In fact I want to add a completely new algorithm but for now I'm trying gost algorithm with strongswan. It is an algorithm provided by openssl dynamic engine. I added gost id to strongswan.d/charon/openssl.cnf but I guess it is not loaded. because gost algorithm is not recognized in ipsec.conf.

Yes, I saw openssl plugin, in fact I see you call ENGINE_load_builtin_engines(), but I've read in openssl's README.ENGINE that this function register built-in engines, I guess dynamic engines like gost wont be loaded this way. I want gost engine to be compiled as a shared library and then can be loaded by strongswan. I think pkcs11 is not compiled this way. If you can tell me the engine_id in strongswan.d/charon/openssl.cnf where in code is applied I can maybe figure out something!

#7 - 23.05.2016 18:50 - Tobias Brunner

I added gost id to strongswan.d/charon/openssl.cnf but I guess it is not loaded.

I was not referring to that file, but openssl.cnf, the configuration file for the OpenSSL library (e.g. located at /etc/ssl/openssl.cnf on Ubuntu).

OPENSSL_config() should load dynamic engines that are configured in openssl.cnf. See e.g. http://sinodun.com/2009/02/developing-an-engine-for-openssl/

#8 - 24.05.2016 12:36 - Mina Jafari Tobias Brunner wrote:

I added gost id to strongswan.d/charon/openssl.cnf but I guess it is not loaded.

I was not referring to that file, but openssl.cnf, the configuration file for the OpenSSL library (e.g. located at /etc/ssl/openssl.cnf on Ubuntu).

27.09.2021 2/7 Yes, I saw openssl plugin, in fact I see you call ENGINE_load_builtin_engines(), but I've read in openssl's README.ENGINE that this function register built-in engines, I guess dynamic engines like gost wont be loaded this way.

OPENSSL_config() should load dynamic engines that are configured in openssl.cnf. See e.g. http://sinodun.com/2009/02/developing-an-engine-for-openssl/

I've loaded the gost engine by adding it yo openss.cnf. But still not recognized by strongswan. I guess I have not changed strongswan's codes properly. First I could not find out how to extend the proposal parser. I've seen register_token function's definition here [[ source:src/libstrongswan/crypto/proposal/proposal_keywords.c]] but it is not called anywhere. So how is it used to register each proposal token?

#9 - 24.05.2016 13:05 - Tobias Brunner

So how is it used to register each proposal token?

It is not. That function is provided for plugins to dynamically register their own tokens i.e. without having to modify the strongSwan sources. The predefined tokens for known algorithms are statically defined in source:src/libstrongswan/crypto/proposal/proposal_keywords_static.txt

#10 - 24.05.2016 14:33 - Mina Jafari

So the changes you mentioned before for the code is not needed for engine? just needed for plugin? Can compile plugins as shared library and independent from strongswan? (I need such independent solution to add my new algorithm, that's why I wanted to use engine earlier.)

#11 - 24.05.2016 14:45 - Tobias Brunner

So the changes you mentioned before for the code is not needed for engine? just needed for plugin?

If you add a new algorithm you'll have to register that token (at least if you want to make it configurable in the config files). Whether you change the source file or use that function doesn't really matter. But adding a new algorithm in the openssl plugin will definitely need the other changes I mentioned (so it can be constructed by the openssl_crypter).

Can compile plugins as shared library and independent from strongswan?

Plugins have to implement the plugin_t interface and for encryption algorithms the plugin has to provide an implementation of the crypter_t interface. So it will never be completely independent. But you don't have to integrate it into our build system. Instead just build a shared library using the libstrongswan headers (installed with --with-dev-headers) and link to it. Then copy the shared library to the correct directory (e.g. /usr/local/lib/ipsec/plugins) and load it, which is quite easy with the modular configuration.

#12 - 25.05.2016 13:28 - Mina Jafari Tobias Brunner wrote:

So the changes you mentioned before for the code is not needed for engine? just needed for plugin?

Can compile plugins as shared library and independent from strongswan?

Thank you so much, it could be a solution for what I want to do. I wanna try to compile one of the existing plugins like blowfish independently and as

27.09.2021 3/7 shared library and see if it is recognized by strongswan. but I think as some of these ciphers are provided by different plugins I can't be sure the recognized cipher is the one that I compiled and loaded. For example I did not load openssl and gcrypt and AF_ALG (according to [[ https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites]] blowfish is supported with built-in plugins too). So I tried with camellia that is not supported by built-in plugins and did not load any plugins that has this, but still it is recognized by strongswan! So test of dynamic build of plugin reached this state!

#13 - 26.06.2016 07:35 - Mina Jafari As I added new ID for my algorithm in src/libstrongswan/crypto/crypters/crypter.h when it is used, its name is the number I set for its ID, for example I see a number instead of name in output of ipsec statusall or ipsec listalgs: IKE proposal: (30)_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048 how can I set a name for this algorithm? I added it to ENUMs defind in src/libstrongswan/crypto/crypters/crypter.c but still its name is not recognized.

ENUM_NEXT(encryption_algorithm_names, ENCR_UNDEFINED, ENCR_MINA_CBC, ENCR_CHACHA20_POLY1305, "UNDEFINED", "DES_ECB", "SERPENT_CBC", "TWOFISH_CBC", "RC2_CBC" "MINA_CBC"); ENUM_END(encryption_algorithm_names, ENCR_MINA_CBC);

Does these names are retrieved using oids? (I did not use oids I just add name of algorithm to static proposal names.)

#14 - 27.06.2016 09:44 - Tobias Brunner

Does these names are retrieved using oids?

No, but you have to put the string in the correct location based on the numeric identifier. You apparently assigned 30 but the string you added is for 1029. And you shouldn't use 30 as identifier as that's in the range reserved for IANA (see IKEv2 parameters), you should use an identifier >= 1024).

#15 - 29.06.2016 13:21 - Mina Jafari Tobias Brunner wrote:

Does these names are retrieved using oids?

I've done this successfully for encryption algorithm but as I tried to add a new hash algorithm I get a segfault. I added new ID 1031. Why this happens?

#include "signer.h"

ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA1_96, "UNDEFINED", "HMAC_SHA1_128", "HMAC_SHA2_256_96", "HMAC_SHA2_256_256", "HMAC_SHA2_384_384", "HMAC_SHA2_512_512", "CAMELLIA_XCBC_96", "HMAC_SHA1_96"); ENUM_NEXT(integrity_algorithm_names, AUTH_DES_MAC, AUTH_HMAC_SIMPLE, AUTH_HMAC_SHA1_96, "DES_MAC", "KPDK_MD5", "AES_XCBC_96", "HMAC_MD5_128", "HMAC_SHA1_160", "AES_CMAC_96", "AES_128_GMAC", "AES_192_GMAC", "AES_256_GMAC", "HMAC_SHA2_256_128", "HMAC_SHA2_384_192", "HMAC_SHA2_512_256", "HMAC_SIMPLE");

27.09.2021 4/7 ENUM_END(integrity_algorithm_names, AUTH_HMAC_SIMPLE);

AUTH_HMAC_SHA2_384_192 = 13, /** RFC4868 */ AUTH_HMAC_SHA2_512_256 = 14, /** private use */ AUTH_HMAC_SHA1_128 = 1025, /** SHA256 96 bit truncation variant, supported by Linux kernels */ AUTH_HMAC_SHA2_256_96 = 1026, /** SHA256 full length truncation variant, as used in TLS */ AUTH_HMAC_SHA2_256_256 = 1027, /** SHA384 full length truncation variant, as used in TLS */ AUTH_HMAC_SHA2_384_384 = 1028, /** SHA512 full length truncation variant */ AUTH_HMAC_SHA2_512_512 = 1029, /** draft-kanno-ipsecme-camellia-xcbc, not yet assigned by IANA */ AUTH_CAMELLIA_XCBC_96 = 1030, AUTH_HMAC_SIMPLE = 1031, }; this is the error when I start the engine:

Jun 29 06:44:10 ubuntu kernel: [14719.428455] charon[32076]: segfault at ef8f1ed9 ip b754117a sp bfc3c5d0 erro r 5 in libc-2.15.so[b74fd000+19f000] Jun 29 06:44:15 ubuntu charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.4.0, Linux 3.9.11, i686) Jun 29 06:44:15 ubuntu kernel: [14724.500860] charon[32094]: segfault at ef8f1ed9 ip b752417a sp bfb0f670 erro r 5 in libc-2.15.so[b74e0000+19f000] Jun 29 06:44:20 ubuntu charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.4.0, Linux 3.9.11, i686) Jun 29 06:44:20 ubuntu kernel: [14729.569030] charon[32112]: segfault at ef8f1ed9 ip b74e017a sp bf8b43f0 erro r 5 in libc-2.15.so[b749c000+19f000]

#16 - 29.06.2016 14:28 - Tobias Brunner

I've done this successfully for encryption algorithm but as I tried to add a new hash algorithm I get a segfault. I added new ID 1031. Why this happens?

You added the string to the wrong list. The first block starting with UNDEFINED contains the strings for the identifiers >= 1024, the second list ends with 14 (AUTH_HMAC_SHA2_512_256).

#17 - 20.10.2016 17:55 - Mina Jafari Tobias Brunner wrote:

So the changes you mentioned before for the code is not needed for engine? just needed for plugin?

Can compile plugins as shared library and independent from strongswan?

Hi, according to what you said before about compiling a plugin independently from strongswan build system, I tried to compile a completely new plugin using such makefile

SHELL = /bin/sh CC = gcc FLAGS = CFLAGS = -fPIC -DPIC -g -include /home/strongswan-5.4.0/config.h -I/home/strongswan-5.4.0/src/libstrongs wan -I/home/sia/strongswan-5.4.0 LDFLAGS = -shared DEBUGFLAGS = -Wl,-soname

27.09.2021 5/7 RELEASEFLAGS = -O2 -D NDEBUG -combine -fwhole-program

TARGET = libstrongswan-myplugin.so SOURCES = \ myplugin_plugin.h myplugin_plugin.c myplugin_crypter.c myplugin_crypter.h \ myplugin_skey.c myplugin.h myplugin_pi.h myplugin_locl.h myplugin_enc.c HEADERS = OBJECTS = \ myplugin_plugin.o myplugin_crypter.o \ myplugin_skey.o myplugin_enc.o

PREFIX = $(DESTDIR)/usr/local BINDIR = $(PREFIX)/bin all: $(TARGET)

$(TARGET): $(OBJECTS) $(CC) $(FLAGS) $(CFLAGS) $(LDFLAGS) $(DEBUGFLAGS) -o $(TARGET) $(OBJECTS) clean : -rm *.o $(OBJECTS) libstrongswan-myplugin.so@ but when I load compiled shared library by locating it in "/usr/local/lib/ipsec/plugins" and locating a myplugin.conf in "/usr/local/etc/strongswan.d/charon/myplugin.conf" for modular load strongswan does not load it as its other plugins. Is there any thing wrong with the Makefile? Or should I add my new plugin name anywhere in the already compiled strongswan source? (I mean does strongswan only recognize its own plugins for modular aompile and load?)

#18 - 20.10.2016 18:09 - Tobias Brunner The TARGET (...blowfish.so) definitely makes no sense if your plugin is called myplugin.

#19 - 20.10.2016 18:24 - Mina Jafari Tobias Brunner wrote:

The TARGET (...blowfish.so) definitely makes no sense if your plugin is called myplugin.

It is just a typo sorry. Isn't any thing wrong with it? or anything else that I should do.

#20 - 20.10.2016 18:27 - Tobias Brunner

Isn't any thing wrong with it? or anything else that I should do.

No idea. You have to debug and analyze that yourself.

#21 - 22.10.2016 09:27 - Mina Jafari Tobias Brunner wrote:

Isn't any thing wrong with it? or anything else that I should do.

No idea. You have to debug and analyze that yourself.

Sorry that I ask again for adding new plugin is it necessary to modify existing configure.ac or Makefiles? Because I compiled such a new plugin independent from strongswan build system but it is not loaded by strongswan.

#22 - 24.10.2016 09:10 - Tobias Brunner

Sorry that I ask again for adding new plugin is it necessary to modify existing configure.ac or Makefiles?

#23 - 26.10.2016 14:24 - Mina Jafari Can I add name of new encryption algorithm to file src/libstrongswan/crypto/proposal/proposal_keywords_static.txt staticaly? If not how should I

27.09.2021 6/7 assign a name to my new encryption algorithm provided by my plugin? I already added a new name to file proposal_keywords_static.txt but I get this error : algorithm 'mina' not recognized as I guess it is not the correct way to register new name for my algorithm.

#24 - 28.10.2016 11:53 - Tobias Brunner

If not how should I assign a name to my new encryption algorithm provided by my plugin?

Use either the register_token() or the register_algname_parser() methods of proposal_keywords_t ( source:src/libstrongswan/crypto/proposal/proposal_keywords.h#L94) via lib->proposal.

#25 - 10.03.2017 11:41 - Tobias Brunner - Category set to libstrongswan - Status changed from Feedback to Closed - Assignee set to Tobias Brunner - Resolution set to No change required

27.09.2021 7/7