Project

General

Profile

History

strongSwan Developer Documentation »

libstrongswan » History » Version 4

« Previous - Version 4/5 (diff) - Next » - Current version
Martin Willi, 05.05.2009 15:15
fixed tables

libstrongswan

libstrongswan is the foundation library of the IKEv2 keying daemon. It is the
base of all newer strongSwan components.

Plugins

libstrongswan itself also supports plugins to provide modular cryptographic
algorithms, database support or transport protocol implementations. Each plugin
implements the plugin_t interface and registers itself at one of the factories:

credentials Credential implementations, e.g. certificates or keys.
crypto Crypto implementations, e.g. encryption algorithms or hashers.
database Database wrappers to access different databases transparently.
fetcher Transport helpers to fetch files, e.g. via HTTP/FTP. 
  +-------------------------------------+
  | libstrongswan           +---+ +-----+------+
  |                         |   | |    aes     |
  |                         |   | +-----+------+
  | +-------------+         |   | +-----+------+
  | | credentials |  ---->  | p | |    curl    |
  | +-------------+         | l | +-----+------+
  | +-------------+  <----  | u | +-----+------+
  | | crypto      |         | g | |    des     |
  | +-------------+  ---->  | i | +-----+------+
  | +-------------+         | n | +-----+------+
  | | database    |  <----  |   | |  fips_prf  |
  | +-------------+         | l | +-----+------+
  | +-------------+  ---->  | o | +-----+------+
  | | fetcher     |         | a | |    gmp     |
  | +-------------+  <----  | d | +-----+------+
  |                         | e | +-----+------+
  |                         | r | |    hmac    |
  |                         |   | +-----+------+
  |                         |   | +-----+------+
  |                         |   | |    ...     |
  |                         +---+ +-----+------+
  +-------------------------------------+

Currently libstrongswan ships with the following plugins (see source:src/libstrongswan/plugins):

aes AES-128/192/256 implementation in software, non-US code.
des Single- and Triple-DES implementation in software, non-US code.
md5 MD5 hasher software implementation.
sha1 SHA1 hasher software implementation.
sha2 SHA-256/384/512 hasher software implementation.
hmac HMAC implementation to prived MAC/PRF functionality using hashers.
xcbc XCBC implementation to prived MAC/PRF functionality using crypters.
fips_prf Pseudo random function implementing the FIPS PRF function.
gmp Implementation of RSA private/public keys using the GNU Multi Precision library libgmp.
x509 Implementation of X509 certificates, CRLs, OCSP and attribute certificates.
pubkey Generic public key loader plugin.
openssl Wrapper to use OpenSSL to provide crypto services.
padlock Experimental plugin to provide hardware accelerated AES/SHA1 on VIA padlock.
random Source of random data implemented on top of /dev/(u)random.
mysql Database wrapper to access MySQL databases, uses libmysqlcleint_r.
sqlite Database wrapper to access SQLite databases, uses libsqlite3.
curl Fetching of HTTP and other URLs using libcurl.
ldap Fetching from LDAP servers using OpenLDAP.