diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-05-27 15:43:45 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-05-27 15:43:45 +0000 |
| commit | 6c2828d075efdfc02348369149b4347447857c8c (patch) | |
| tree | 6c9ec7c9f342792e5eb2c2973daa7bbbeb45362e /src/charon/encoding/payloads | |
| parent | cc7f376e575482c9a4866a4bd0c1f470394d740b (diff) | |
| download | vyos-strongswan-6c2828d075efdfc02348369149b4347447857c8c.tar.gz vyos-strongswan-6c2828d075efdfc02348369149b4347447857c8c.zip | |
Remove leftovers after source code restructuring.
Diffstat (limited to 'src/charon/encoding/payloads')
48 files changed, 0 insertions, 11482 deletions
diff --git a/src/charon/encoding/payloads/auth_payload.c b/src/charon/encoding/payloads/auth_payload.c deleted file mode 100644 index d31208abb..000000000 --- a/src/charon/encoding/payloads/auth_payload.c +++ /dev/null @@ -1,259 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "auth_payload.h" - -#include <encoding/payloads/encodings.h> - - -typedef struct private_auth_payload_t private_auth_payload_t; - -/** - * Private data of an auth_payload_t object. - * - */ -struct private_auth_payload_t { - - /** - * Public auth_payload_t interface. - */ - auth_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Method of the AUTH Data. - */ - u_int8_t auth_method; - - /** - * The contained auth data value. - */ - chunk_t auth_data; -}; - -/** - * Encoding rules to parse or generate a AUTH payload - * - * The defined offsets are the positions in a object of type - * private_auth_payload_t. - */ -encoding_rule_t auth_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_auth_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_auth_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_auth_payload_t, payload_length)}, - /* 1 Byte AUTH type*/ - { U_INT_8, offsetof(private_auth_payload_t, auth_method) }, - /* 3 reserved bytes */ - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - /* some auth data bytes, length is defined in PAYLOAD_LENGTH */ - { AUTH_DATA, offsetof(private_auth_payload_t, auth_data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Auth Method ! RESERVED ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Authentication Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_auth_payload_t *this) -{ - if (this->auth_method == 0 || - (this->auth_method >= 4 && this->auth_method <= 8) || - (this->auth_method >= 12 && this->auth_method <= 200)) - { - /* reserved IDs */ - return FAILED; - } - return SUCCESS; -} - -/** - * Implementation of auth_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_auth_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = auth_payload_encodings; - *rule_count = sizeof(auth_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_auth_payload_t *this) -{ - return AUTHENTICATION; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_auth_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_auth_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_auth_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of auth_payload_t.set_auth_method. - */ -static void set_auth_method (private_auth_payload_t *this, auth_method_t method) -{ - this->auth_method = method; -} - -/** - * Implementation of auth_payload_t.get_auth_method. - */ -static auth_method_t get_auth_method (private_auth_payload_t *this) -{ - return (this->auth_method); -} - -/** - * Implementation of auth_payload_t.set_data. - */ -static void set_data (private_auth_payload_t *this, chunk_t data) -{ - if (this->auth_data.ptr != NULL) - { - chunk_free(&(this->auth_data)); - } - this->auth_data.ptr = clalloc(data.ptr,data.len); - this->auth_data.len = data.len; - this->payload_length = AUTH_PAYLOAD_HEADER_LENGTH + this->auth_data.len; -} - -/** - * Implementation of auth_payload_t.get_data. - */ -static chunk_t get_data (private_auth_payload_t *this) -{ - return (this->auth_data); -} - -/** - * Implementation of auth_payload_t.get_data_clone. - */ -static chunk_t get_data_clone (private_auth_payload_t *this) -{ - chunk_t cloned_data; - if (this->auth_data.ptr == NULL) - { - return (this->auth_data); - } - cloned_data.ptr = clalloc(this->auth_data.ptr,this->auth_data.len); - cloned_data.len = this->auth_data.len; - return cloned_data; -} - -/** - * Implementation of payload_t.destroy and auth_payload_t.destroy. - */ -static void destroy(private_auth_payload_t *this) -{ - if (this->auth_data.ptr != NULL) - { - chunk_free(&(this->auth_data)); - } - - free(this); -} - -/* - * Described in header - */ -auth_payload_t *auth_payload_create() -{ - private_auth_payload_t *this = malloc_thing(private_auth_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (auth_payload_t *)) destroy; - this->public.set_auth_method = (void (*) (auth_payload_t *,auth_method_t)) set_auth_method; - this->public.get_auth_method = (auth_method_t (*) (auth_payload_t *)) get_auth_method; - this->public.set_data = (void (*) (auth_payload_t *,chunk_t)) set_data; - this->public.get_data_clone = (chunk_t (*) (auth_payload_t *)) get_data_clone; - this->public.get_data = (chunk_t (*) (auth_payload_t *)) get_data; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length =AUTH_PAYLOAD_HEADER_LENGTH; - this->auth_data = chunk_empty; - - return (&(this->public)); -} diff --git a/src/charon/encoding/payloads/auth_payload.h b/src/charon/encoding/payloads/auth_payload.h deleted file mode 100644 index 37ee149db..000000000 --- a/src/charon/encoding/payloads/auth_payload.h +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup auth_payload auth_payload - * @{ @ingroup payloads - */ - -#ifndef AUTH_PAYLOAD_H_ -#define AUTH_PAYLOAD_H_ - -typedef struct auth_payload_t auth_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <sa/authenticators/authenticator.h> - -/** - * Length of a auth payload without the auth data in bytes. - */ -#define AUTH_PAYLOAD_HEADER_LENGTH 8 - -/** - * Class representing an IKEv2 AUTH payload. - * - * The AUTH payload format is described in RFC section 3.8. - */ -struct auth_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Set the AUTH method. - * - * @param method auth_method_t to use - */ - void (*set_auth_method) (auth_payload_t *this, auth_method_t method); - - /** - * Get the AUTH method. - * - * @return auth_method_t used - */ - auth_method_t (*get_auth_method) (auth_payload_t *this); - - /** - * Set the AUTH data. - * - * Data gets cloned. - * - * @param data AUTH data as chunk_t - */ - void (*set_data) (auth_payload_t *this, chunk_t data); - - /** - * Get the AUTH data. - * - * Returned data are a copy of the internal one. - * - * @return AUTH data as chunk_t - */ - chunk_t (*get_data_clone) (auth_payload_t *this); - - /** - * Get the AUTH data. - * - * Returned data are NOT copied - * - * @return AUTH data as chunk_t - */ - chunk_t (*get_data) (auth_payload_t *this); - - /** - * Destroys an auth_payload_t object. - */ - void (*destroy) (auth_payload_t *this); -}; - -/** - * Creates an empty auth_payload_t object. - * - * @return auth_payload_t object - */ -auth_payload_t *auth_payload_create(void); - -#endif /** AUTH_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/cert_payload.c b/src/charon/encoding/payloads/cert_payload.c deleted file mode 100644 index 6dd3141f0..000000000 --- a/src/charon/encoding/payloads/cert_payload.c +++ /dev/null @@ -1,340 +0,0 @@ -/* - * Copyright (C) 2008 Tobias Brunner - * Copyright (C) 2005-2007 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> -#include <ctype.h> - -#include <daemon.h> - -#include "cert_payload.h" - -ENUM(cert_encoding_names, ENC_PKCS7_WRAPPED_X509, ENC_OCSP_CONTENT, - "ENC_PKCS7_WRAPPED_X509", - "ENC_PGP", - "ENC_DNS_SIGNED_KEY", - "ENC_X509_SIGNATURE", - "ENC_X509_KEY_EXCHANGE", - "ENC_KERBEROS_TOKENS", - "ENC_CRL", - "ENC_ARL", - "ENC_SPKI", - "ENC_X509_ATTRIBUTE", - "ENC_RAW_RSA_KEY", - "ENC_X509_HASH_AND_URL", - "ENC_X509_HASH_AND_URL_BUNDLE", - "ENC_OCSP_CONTENT", -); - -typedef struct private_cert_payload_t private_cert_payload_t; - -/** - * Private data of an cert_payload_t object. - * - */ -struct private_cert_payload_t { - /** - * Public cert_payload_t interface. - */ - cert_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Encoding of the CERT Data. - */ - u_int8_t encoding; - - /** - * The contained cert data value. - */ - chunk_t data; - - /** - * TRUE if the "Hash and URL" data is invalid - */ - bool invalid_hash_and_url; -}; - -/** - * Encoding rules to parse or generate a CERT payload - * - * The defined offsets are the positions in a object of type - * private_cert_payload_t. - * - */ -encoding_rule_t cert_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_cert_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_cert_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_cert_payload_t, payload_length)}, - /* 1 Byte CERT type*/ - { U_INT_8, offsetof(private_cert_payload_t, encoding) }, - /* some cert data bytes, length is defined in PAYLOAD_LENGTH */ - { CERT_DATA, offsetof(private_cert_payload_t, data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Cert Encoding ! ! - +-+-+-+-+-+-+-+-+ ! - ~ Certificate Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_cert_payload_t *this) -{ - if (this->encoding == ENC_X509_HASH_AND_URL || - this->encoding == ENC_X509_HASH_AND_URL_BUNDLE) - { - /* coarse verification of "Hash and URL" encoded certificates */ - if (this->data.len <= 20) - { - DBG1(DBG_ENC, "invalid payload length for hash-and-url (%d), ignore", - this->data.len); - this->invalid_hash_and_url = TRUE; - return SUCCESS; - } - - int i = 20; /* skipping the hash */ - for (; i < this->data.len; ++i) - { - if (this->data.ptr[i] == '\0') - { - /* null terminated, fine */ - return SUCCESS; - } - else if (!isprint(this->data.ptr[i])) - { - DBG1(DBG_ENC, "non printable characters in url of hash-and-url" - " encoded certificate payload, ignore"); - this->invalid_hash_and_url = TRUE; - return SUCCESS; - } - } - - /* URL is not null terminated, correct that */ - chunk_t data = chunk_alloc(this->data.len + 1); - memcpy(data.ptr, this->data.ptr, this->data.len); - data.ptr[this->data.len] = '\0'; - chunk_free(&this->data); - this->data = data; - } - return SUCCESS; -} - -/** - * Implementation of cert_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_cert_payload_t *this, - encoding_rule_t **rules, size_t *rule_count) -{ - *rules = cert_payload_encodings; - *rule_count = sizeof(cert_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_cert_payload_t *this) -{ - return CERTIFICATE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_cert_payload_t *this) -{ - return this->next_payload; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_cert_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_cert_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of cert_payload_t.get_cert_encoding. - */ -static cert_encoding_t get_cert_encoding(private_cert_payload_t *this) -{ - return this->encoding; -} - -/** - * Implementation of cert_payload_t.get_cert. - */ -static certificate_t *get_cert(private_cert_payload_t *this) -{ - if (this->encoding != ENC_X509_SIGNATURE) - { - return NULL; - } - return lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509, - BUILD_BLOB_ASN1_DER, this->data, - BUILD_END); -} - -/** - * Implementation of cert_payload_t.get_hash. - */ -static chunk_t get_hash(private_cert_payload_t *this) -{ - chunk_t hash = chunk_empty; - if ((this->encoding != ENC_X509_HASH_AND_URL && - this->encoding != ENC_X509_HASH_AND_URL_BUNDLE) || - this->invalid_hash_and_url) - { - return hash; - } - hash.ptr = this->data.ptr; - hash.len = 20; - return hash; -} - -/** - * Implementation of cert_payload_t.get_url. - */ -static char *get_url(private_cert_payload_t *this) -{ - if ((this->encoding != ENC_X509_HASH_AND_URL && - this->encoding != ENC_X509_HASH_AND_URL_BUNDLE) || - this->invalid_hash_and_url) - { - return NULL; - } - return (char*)this->data.ptr + 20; -} - -/** - * Implementation of payload_t.destroy and cert_payload_t.destroy. - */ -static void destroy(private_cert_payload_t *this) -{ - chunk_free(&this->data); - free(this); -} - -/* - * Described in header - */ -cert_payload_t *cert_payload_create() -{ - private_cert_payload_t *this = malloc_thing(private_cert_payload_t); - - this->public.payload_interface.verify = (status_t (*) (payload_t*))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t*,encoding_rule_t**, size_t*))get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t*))get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t*))get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t*,payload_type_t))set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t*))get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t*))destroy; - - this->public.destroy = (void (*) (cert_payload_t*))destroy; - this->public.get_cert = (certificate_t* (*) (cert_payload_t*))get_cert; - this->public.get_cert_encoding = (cert_encoding_t (*) (cert_payload_t*))get_cert_encoding; - this->public.get_hash = (chunk_t (*) (cert_payload_t*))get_hash; - this->public.get_url = (char* (*) (cert_payload_t*))get_url; - - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = CERT_PAYLOAD_HEADER_LENGTH; - this->data = chunk_empty; - this->encoding = 0; - this->invalid_hash_and_url = FALSE; - - return &this->public; -} - -/* - * Described in header - */ -cert_payload_t *cert_payload_create_from_cert(certificate_t *cert) -{ - private_cert_payload_t *this = (private_cert_payload_t*)cert_payload_create(); - - switch (cert->get_type(cert)) - { - case CERT_X509: - this->encoding = ENC_X509_SIGNATURE; - break; - default: - DBG1(DBG_ENC, "embedding %N certificate in payload failed", - certificate_type_names, cert->get_type(cert)); - free(this); - return NULL; - } - this->data = cert->get_encoding(cert); - this->payload_length = CERT_PAYLOAD_HEADER_LENGTH + this->data.len; - return &this->public; -} - -/* - * Described in header - */ -cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url) -{ - private_cert_payload_t *this = (private_cert_payload_t*)cert_payload_create(); - - this->encoding = ENC_X509_HASH_AND_URL; - this->data = chunk_cat("cc", hash, chunk_create(url, strlen(url))); - this->payload_length = CERT_PAYLOAD_HEADER_LENGTH + this->data.len; - return &this->public; -} - diff --git a/src/charon/encoding/payloads/cert_payload.h b/src/charon/encoding/payloads/cert_payload.h deleted file mode 100644 index aa1c7bf5a..000000000 --- a/src/charon/encoding/payloads/cert_payload.h +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (C) 2008 Tobias Brunner - * Copyright (C) 2005-2007 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup cert_payload cert_payload - * @{ @ingroup payloads - */ - -#ifndef CERT_PAYLOAD_H_ -#define CERT_PAYLOAD_H_ - -typedef struct cert_payload_t cert_payload_t; -typedef enum cert_encoding_t cert_encoding_t; - -#include <library.h> -#include <credentials/certificates/certificate.h> -#include <encoding/payloads/payload.h> - -/** - * Length of a cert payload without the cert data in bytes. - */ -#define CERT_PAYLOAD_HEADER_LENGTH 5 - -/** - * Certifcate encodings, as in RFC4306 - */ -enum cert_encoding_t { - ENC_PKCS7_WRAPPED_X509 = 1, - ENC_PGP = 2, - ENC_DNS_SIGNED_KEY = 3, - ENC_X509_SIGNATURE = 4, - ENC_KERBEROS_TOKEN = 6, - ENC_CRL = 7, - ENC_ARL = 8, - ENC_SPKI = 9, - ENC_X509_ATTRIBUTE = 10, - ENC_RAW_RSA_KEY = 11, - ENC_X509_HASH_AND_URL = 12, - ENC_X509_HASH_AND_URL_BUNDLE = 13, - ENC_OCSP_CONTENT = 14, /* from RFC 4806 */ -}; - -/** - * Enum names for cert_encoding_t - */ -extern enum_name_t *cert_encoding_names; - -/** - * Class representing an IKEv2 CERT payload. - * - * The CERT payload format is described in RFC section 3.6. - */ -struct cert_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the playoads encoded certifcate. - * - * @return certifcate copy - */ - certificate_t *(*get_cert)(cert_payload_t *this); - - /** - * Get the encoding of the certificate. - * - * @return encoding - */ - cert_encoding_t (*get_cert_encoding)(cert_payload_t *this); - - /** - * Get the hash if this is a hash and URL encoded certificate. - * - * This function returns internal data, do not free. - * - * @return hash - */ - chunk_t (*get_hash)(cert_payload_t *this); - - /** - * Get the URL if this is a hash and URL encoded certificate. - * - * This function returns internal data, do not free. - * - * @return url - */ - char *(*get_url)(cert_payload_t *this); - - - /** - * Destroys the cert_payload object. - */ - void (*destroy) (cert_payload_t *this); -}; - -/** - * Creates an empty certificate payload. - * - * @return cert_payload_t object - */ -cert_payload_t *cert_payload_create(void); - -/** - * Creates a certificate payload with an embedded certificate. - * - * @param cert certificate to embed - * @return cert_payload_t object - */ -cert_payload_t *cert_payload_create_from_cert(certificate_t *cert); - -/** - * Creates a certificate payload with hash and URL encoding of a certificate. - * - * @param hash hash of the DER encoded certificate (get's cloned) - * @param url the URL to locate the certificate (get's cloned) - * @return cert_payload_t object - */ -cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url); - -#endif /** CERT_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/certreq_payload.c b/src/charon/encoding/payloads/certreq_payload.c deleted file mode 100644 index 9ff0bdde0..000000000 --- a/src/charon/encoding/payloads/certreq_payload.c +++ /dev/null @@ -1,298 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include <daemon.h> -#include <crypto/hashers/hasher.h> -#include <encoding/payloads/cert_payload.h> - -#include "certreq_payload.h" - - -typedef struct private_certreq_payload_t private_certreq_payload_t; - -/** - * Private data of an certreq_payload_t object. - * - */ -struct private_certreq_payload_t { - /** - * Public certreq_payload_t interface. - */ - certreq_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Encoding of the CERT Data. - */ - u_int8_t encoding; - - /** - * The contained certreq data value. - */ - chunk_t data; -}; - -/** - * Encoding rules to parse or generate a CERTREQ payload - * - * The defined offsets are the positions in a object of type - * private_certreq_payload_t. - * - */ -encoding_rule_t certreq_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_certreq_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_certreq_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_certreq_payload_t, payload_length) }, - /* 1 Byte CERTREQ type*/ - { U_INT_8, offsetof(private_certreq_payload_t, encoding) }, - /* some certreq data bytes, length is defined in PAYLOAD_LENGTH */ - { CERTREQ_DATA, offsetof(private_certreq_payload_t, data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Cert Encoding ! ! - +-+-+-+-+-+-+-+-+ ! - ~ Certification Authority ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_certreq_payload_t *this) -{ - if (this->encoding == ENC_X509_SIGNATURE) - { - if (this->data.len < HASH_SIZE_SHA1 || - this->data.len % HASH_SIZE_SHA1) - { - DBG1(DBG_ENC, "invalid X509 hash length (%d) in certreq", - this->data.len); - return FAILED; - } - } - return SUCCESS; -} - -/** - * Implementation of certreq_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_certreq_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = certreq_payload_encodings; - *rule_count = sizeof(certreq_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_certreq_payload_t *this) -{ - return CERTIFICATE_REQUEST; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_certreq_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_certreq_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_certreq_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of certreq_payload_t.add_keyid. - */ -static void add_keyid(private_certreq_payload_t *this, chunk_t keyid) -{ - this->data = chunk_cat("mc", this->data, keyid); - this->payload_length += keyid.len; -} - -typedef struct keyid_enumerator_t keyid_enumerator_t; - -/** - * enumerator to enumerate keyids - */ -struct keyid_enumerator_t { - enumerator_t public; - chunk_t full; - u_char *pos; -}; - -/** - * enumerate function for keyid_enumerator - */ -static bool keyid_enumerate(keyid_enumerator_t *this, chunk_t *chunk) -{ - if (this->pos == NULL) - { - this->pos = this->full.ptr; - } - else - { - this->pos += HASH_SIZE_SHA1; - if (this->pos > (this->full.ptr + this->full.len - HASH_SIZE_SHA1)) - { - this->pos = NULL; - } - } - if (this->pos) - { - chunk->ptr = this->pos; - chunk->len = HASH_SIZE_SHA1; - return TRUE; - } - return FALSE; -} - -/** - * Implementation of certreq_payload_t.create_keyid_enumerator. - */ -static enumerator_t* create_keyid_enumerator(private_certreq_payload_t *this) -{ - keyid_enumerator_t *enumerator = malloc_thing(keyid_enumerator_t); - enumerator->public.enumerate = (void*)keyid_enumerate; - enumerator->public.destroy = (void*)free; - enumerator->full = this->data; - enumerator->pos = NULL; - return &enumerator->public; -} - -/** - * Implementation of certreq_payload_t.get_cert_type. - */ -static certificate_type_t get_cert_type(private_certreq_payload_t *this) -{ - switch (this->encoding) - { - case ENC_X509_SIGNATURE: - return CERT_X509; - default: - return CERT_ANY; - } -} - -/** - * Implementation of payload_t.destroy and certreq_payload_t.destroy. - */ -static void destroy(private_certreq_payload_t *this) -{ - chunk_free(&this->data); - free(this); -} - -/* - * Described in header - */ -certreq_payload_t *certreq_payload_create() -{ - private_certreq_payload_t *this = malloc_thing(private_certreq_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t*))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t*,encoding_rule_t**,size_t*))get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t*))get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t*))get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t*,payload_type_t))set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t*))get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t*))destroy; - - /* public functions */ - this->public.destroy = (void (*) (certreq_payload_t*)) destroy; - this->public.create_keyid_enumerator = (enumerator_t*(*)(certreq_payload_t*))create_keyid_enumerator; - this->public.get_cert_type = (certificate_type_t(*)(certreq_payload_t*))get_cert_type; - this->public.add_keyid = (void(*)(certreq_payload_t*, chunk_t keyid))add_keyid; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = CERTREQ_PAYLOAD_HEADER_LENGTH; - this->data = chunk_empty; - this->encoding = 0; - - return &this->public; -} - -/* - * Described in header - */ -certreq_payload_t *certreq_payload_create_type(certificate_type_t type) -{ - private_certreq_payload_t *this = (private_certreq_payload_t*)certreq_payload_create(); - - switch (type) - { - case CERT_X509: - this->encoding = ENC_X509_SIGNATURE; - break; - default: - DBG1(DBG_ENC, "certificate type %N not supported in requests", - certificate_type_names, type); - free(this); - return NULL; - } - return &this->public; -} - diff --git a/src/charon/encoding/payloads/certreq_payload.h b/src/charon/encoding/payloads/certreq_payload.h deleted file mode 100644 index 914063628..000000000 --- a/src/charon/encoding/payloads/certreq_payload.h +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup certreq_payload certreq_payload - * @{ @ingroup payloads - */ - -#ifndef CERTREQ_PAYLOAD_H_ -#define CERTREQ_PAYLOAD_H_ - -typedef struct certreq_payload_t certreq_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/cert_payload.h> - -/** - * Length of a CERTREQ payload without the CERTREQ data in bytes. - */ -#define CERTREQ_PAYLOAD_HEADER_LENGTH 5 - -/** - * Class representing an IKEv2 CERTREQ payload. - * - * The CERTREQ payload format is described in RFC section 3.7. - */ -struct certreq_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Create an enumerator over contained keyids. - * - * @return enumerator over chunk_t's. - */ - enumerator_t* (*create_keyid_enumerator)(certreq_payload_t *this); - - /** - * Get the type of contained certificate keyids. - * - * @return certificate keyid type - */ - certificate_type_t (*get_cert_type)(certreq_payload_t *this); - - /** - * Add a certificates keyid to the payload. - * - * @param keyid keyid of the trusted certifcate - * @return - */ - void (*add_keyid)(certreq_payload_t *this, chunk_t keyid); - - /** - * Destroys an certreq_payload_t object. - */ - void (*destroy) (certreq_payload_t *this); -}; - -/** - * Creates an empty certreq_payload_t object. - * - * @return certreq payload - */ -certreq_payload_t *certreq_payload_create(void); - -/** - * Creates an empty certreq_payload_t for a kind of certificates. - * - * @param type type of the added keyids - * @return certreq payload - */ -certreq_payload_t *certreq_payload_create_type(certificate_type_t type); - -#endif /** CERTREQ_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/configuration_attribute.c b/src/charon/encoding/payloads/configuration_attribute.c deleted file mode 100644 index 9094fd44d..000000000 --- a/src/charon/encoding/payloads/configuration_attribute.c +++ /dev/null @@ -1,264 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "configuration_attribute.h" - -#include <encoding/payloads/encodings.h> -#include <library.h> -#include <daemon.h> - - -typedef struct private_configuration_attribute_t private_configuration_attribute_t; - -/** - * Private data of an configuration_attribute_t object. - * - */ -struct private_configuration_attribute_t { - /** - * Public configuration_attribute_t interface. - */ - configuration_attribute_t public; - - /** - * Type of the attribute. - */ - u_int16_t type; - - /** - * Length of the attribute. - */ - u_int16_t length; - - /** - * Attribute value as chunk. - */ - chunk_t value; -}; - -/** - * Encoding rules to parse or generate a configuration attribute. - * - * The defined offsets are the positions in a object of type - * private_configuration_attribute_t. - */ -encoding_rule_t configuration_attribute_encodings[] = { - - { RESERVED_BIT, 0 }, - /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, type) }, - /* Length of attribute value */ - { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length) }, - /* Value of attribute if attribute format flag is zero */ - { CONFIGURATION_ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - !R| Attribute Type ! Length | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | | - ~ Value ~ - | | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_configuration_attribute_t *this) -{ - bool failed = FALSE; - - if (this->length != this->value.len) - { - DBG1(DBG_ENC, "invalid attribute length"); - return FAILED; - } - - switch (this->type) - { - case INTERNAL_IP4_ADDRESS: - case INTERNAL_IP4_NETMASK: - case INTERNAL_IP4_DNS: - case INTERNAL_IP4_NBNS: - case INTERNAL_ADDRESS_EXPIRY: - case INTERNAL_IP4_DHCP: - if (this->length != 0 && this->length != 4) - { - failed = TRUE; - } - break; - case INTERNAL_IP4_SUBNET: - if (this->length != 0 && this->length != 8) - { - failed = TRUE; - } - break; - case INTERNAL_IP6_ADDRESS: - case INTERNAL_IP6_SUBNET: - if (this->length != 0 && this->length != 17) - { - failed = TRUE; - } - break; - case INTERNAL_IP6_DNS: - case INTERNAL_IP6_NBNS: - case INTERNAL_IP6_DHCP: - if (this->length != 0 && this->length != 16) - { - failed = TRUE; - } - break; - case SUPPORTED_ATTRIBUTES: - if (this->length % 2) - { - failed = TRUE; - } - break; - case APPLICATION_VERSION: - /* any length acceptable */ - break; - default: - DBG1(DBG_ENC, "unknown attribute type %N", - configuration_attribute_type_names, this->type); - break; - } - - if (failed) - { - DBG1(DBG_ENC, "invalid attribute length %d for %N", - this->length, configuration_attribute_type_names, this->type); - return FAILED; - } - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_configuration_attribute_t *this, - encoding_rule_t **rules, size_t *rule_count) -{ - *rules = configuration_attribute_encodings; - *rule_count = sizeof(configuration_attribute_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_configuration_attribute_t *this) -{ - return CONFIGURATION_ATTRIBUTE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_configuration_attribute_t *this) -{ - return NO_PAYLOAD; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_configuration_attribute_t *this, - payload_type_t type) -{ -} - -/** - * Implementation of configuration_attribute_t.get_length. - */ -static size_t get_length(private_configuration_attribute_t *this) -{ - return this->value.len + CONFIGURATION_ATTRIBUTE_HEADER_LENGTH; -} - -/** - * Implementation of configuration_attribute_t.get_type. - */ -static configuration_attribute_type_t get_configuration_attribute_type( - private_configuration_attribute_t *this) -{ - return this->type; -} - -/** - * Implementation of configuration_attribute_t.get_value. - */ -static chunk_t get_value(private_configuration_attribute_t *this) -{ - return this->value; -} - -/** - * Implementation of configuration_attribute_t.destroy and payload_t.destroy. - */ -static void destroy(private_configuration_attribute_t *this) -{ - free(this->value.ptr); - free(this); -} - -/* - * Described in header. - */ -configuration_attribute_t *configuration_attribute_create() -{ - private_configuration_attribute_t *this; - - this = malloc_thing(private_configuration_attribute_t); - this->public.payload_interface.verify = (status_t(*)(payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void(*)(payload_t *, encoding_rule_t **, size_t *) )get_encoding_rules; - this->public.payload_interface.get_length = (size_t(*)(payload_t *))get_length; - this->public.payload_interface.get_next_type = (payload_type_t(*)(payload_t *))get_next_type; - this->public.payload_interface.set_next_type = (void(*)(payload_t *,payload_type_t))set_next_type; - this->public.payload_interface.get_type = (payload_type_t(*)(payload_t *))get_type; - this->public.payload_interface.destroy = (void(*)(payload_t*))destroy; - - this->public.get_value = (chunk_t(*)(configuration_attribute_t *))get_value; - this->public.get_type = (configuration_attribute_type_t(*)(configuration_attribute_t *))get_configuration_attribute_type; - this->public.destroy = (void (*)(configuration_attribute_t*))destroy; - - this->type = 0; - this->value = chunk_empty; - this->length = 0; - - return &this->public; -} - -/* - * Described in header. - */ -configuration_attribute_t *configuration_attribute_create_value( - configuration_attribute_type_t type, chunk_t value) -{ - private_configuration_attribute_t *this; - - this = (private_configuration_attribute_t*)configuration_attribute_create(); - this->type = ((u_int16_t)type) & 0x7FFF; - this->value = chunk_clone(value); - this->length = value.len; - - return &this->public; -} - diff --git a/src/charon/encoding/payloads/configuration_attribute.h b/src/charon/encoding/payloads/configuration_attribute.h deleted file mode 100644 index 6e4b018bb..000000000 --- a/src/charon/encoding/payloads/configuration_attribute.h +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup configuration_attribute configuration_attribute - * @{ @ingroup payloads - */ - -#ifndef CONFIGURATION_ATTRIBUTE_H_ -#define CONFIGURATION_ATTRIBUTE_H_ - -typedef struct configuration_attribute_t configuration_attribute_t; - -#include <library.h> -#include <attributes/attributes.h> -#include <encoding/payloads/payload.h> - -/** - * Configuration attribute header length in bytes. - */ -#define CONFIGURATION_ATTRIBUTE_HEADER_LENGTH 4 - -/** - * Class representing an IKEv2-CONFIGURATION Attribute. - * - * The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1. - */ -struct configuration_attribute_t { - - /** - * Implements payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the type of the attribute. - * - * @return type of the configuration attribute - */ - configuration_attribute_type_t (*get_type)(configuration_attribute_t *this); - - /** - * Returns the value of the attribute. - * - * @return chunk_t pointing to the internal value - */ - chunk_t (*get_value) (configuration_attribute_t *this); - - /** - * Destroys an configuration_attribute_t object. - */ - void (*destroy) (configuration_attribute_t *this); -}; - -/** - * Creates an empty configuration attribute. - * - * @return created configuration attribute - */ -configuration_attribute_t *configuration_attribute_create(); - -/** - * Creates a configuration attribute with type and value. - * - * @param type type of configuration attribute - * @param value value, gets cloned - * @return created configuration attribute - */ -configuration_attribute_t *configuration_attribute_create_value( - configuration_attribute_type_t type, chunk_t value); - -#endif /** CONFIGURATION_ATTRIBUTE_H_ @}*/ diff --git a/src/charon/encoding/payloads/cp_payload.c b/src/charon/encoding/payloads/cp_payload.c deleted file mode 100644 index f0a26eee2..000000000 --- a/src/charon/encoding/payloads/cp_payload.c +++ /dev/null @@ -1,273 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "cp_payload.h" - -#include <encoding/payloads/encodings.h> -#include <utils/linked_list.h> - -ENUM(config_type_names, CFG_REQUEST, CFG_ACK, - "CFG_REQUEST", - "CFG_REPLY", - "CFG_SET", - "CFG_ACK", -); - -typedef struct private_cp_payload_t private_cp_payload_t; - -/** - * Private data of an cp_payload_t object. - * - */ -struct private_cp_payload_t { - /** - * Public cp_payload_t interface. - */ - cp_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * List of attributes, as configuration_attribute_t - */ - linked_list_t *attributes; - - /** - * Config Type. - */ - u_int8_t type; -}; - -/** - * Encoding rules to parse or generate a IKEv2-CP Payload - * - * The defined offsets are the positions in a object of type - * private_cp_payload_t. - * - */ -encoding_rule_t cp_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_cp_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_cp_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole CP payload*/ - { PAYLOAD_LENGTH, offsetof(private_cp_payload_t, payload_length) }, - /* Proposals are stored in a proposal substructure, - offset points to a linked_list_t pointer */ - { U_INT_8, offsetof(private_cp_payload_t, type) }, - { RESERVED_BYTE,0 }, - { RESERVED_BYTE,0 }, - { RESERVED_BYTE,0 }, - { CONFIGURATION_ATTRIBUTES, offsetof(private_cp_payload_t, attributes) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! CFG Type ! RESERVED ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Configuration Attributes ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_cp_payload_t *this) -{ - status_t status = SUCCESS; - enumerator_t *enumerator; - payload_t *attribute; - - enumerator = this->attributes->create_enumerator(this->attributes); - while (enumerator->enumerate(enumerator, &attribute)) - { - status = attribute->verify(attribute); - if (status != SUCCESS) - { - break; - } - } - enumerator->destroy(enumerator); - return status; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_cp_payload_t *this, - encoding_rule_t **rules, size_t *rule_count) -{ - *rules = cp_payload_encodings; - *rule_count = sizeof(cp_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_cp_payload_t *this) -{ - return CONFIGURATION; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_cp_payload_t *this) -{ - return this->next_payload; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_cp_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute the length of the payload. - */ -static void compute_length(private_cp_payload_t *this) -{ - enumerator_t *enumerator; - payload_t *attribute; - - this->payload_length = CP_PAYLOAD_HEADER_LENGTH; - - enumerator = this->attributes->create_enumerator(this->attributes); - while (enumerator->enumerate(enumerator, &attribute)) - { - this->payload_length += attribute->get_length(attribute); - } - enumerator->destroy(enumerator); -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_cp_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of cp_payload_t.create_attribute_enumerator. - */ -static enumerator_t *create_attribute_enumerator(private_cp_payload_t *this) -{ - return this->attributes->create_enumerator(this->attributes); -} - -/** - * Implementation of cp_payload_t.add_attribute. - */ -static void add_attribute(private_cp_payload_t *this, - configuration_attribute_t *attribute) -{ - this->attributes->insert_last(this->attributes, attribute); - compute_length(this); -} - -/** - * Implementation of cp_payload_t.get_type. - */ -static config_type_t get_config_type(private_cp_payload_t *this) -{ - return this->type; -} - -/** - * Implementation of payload_t.destroy and cp_payload_t.destroy. - */ -static void destroy(private_cp_payload_t *this) -{ - this->attributes->destroy_offset(this->attributes, - offsetof(configuration_attribute_t, destroy)); - free(this); -} - -/* - * Described in header. - */ -cp_payload_t *cp_payload_create() -{ - private_cp_payload_t *this = malloc_thing(private_cp_payload_t); - - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - this->public.create_attribute_enumerator = (enumerator_t*(*)(cp_payload_t *))create_attribute_enumerator; - this->public.add_attribute = (void (*) (cp_payload_t *,configuration_attribute_t*))add_attribute; - this->public.get_type = (config_type_t (*) (cp_payload_t *))get_config_type; - this->public.destroy = (void (*)(cp_payload_t *))destroy; - - /* set default values of the fields */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = CP_PAYLOAD_HEADER_LENGTH; - this->attributes = linked_list_create(); - this->type = CFG_REQUEST; - - return &this->public; -} - -/* - * Described in header. - */ -cp_payload_t *cp_payload_create_type(config_type_t type) -{ - private_cp_payload_t *this = (private_cp_payload_t*)cp_payload_create(); - - this->type = type; - - return &this->public; -} - diff --git a/src/charon/encoding/payloads/cp_payload.h b/src/charon/encoding/payloads/cp_payload.h deleted file mode 100644 index c0760885a..000000000 --- a/src/charon/encoding/payloads/cp_payload.h +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup cp_payload cp_payload - * @{ @ingroup payloads - */ - -#ifndef CP_PAYLOAD_H_ -#define CP_PAYLOAD_H_ - -typedef enum config_type_t config_type_t; -typedef struct cp_payload_t cp_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/configuration_attribute.h> -#include <utils/enumerator.h> - -/** - * CP_PAYLOAD length in bytes without any proposal substructure. - */ -#define CP_PAYLOAD_HEADER_LENGTH 8 - -/** - * Config Type of an Configuration Payload. - */ -enum config_type_t { - CFG_REQUEST = 1, - CFG_REPLY = 2, - CFG_SET = 3, - CFG_ACK = 4, -}; - -/** - * enum name for config_type_t. - */ -extern enum_name_t *config_type_names; - -/** - * Class representing an IKEv2-CP Payload. - * - * The CP Payload format is described in RFC section 3.15. - */ -struct cp_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Creates an iterator of stored configuration_attribute_t objects. - * - * @return enumerator over configration_attribute_T - */ - enumerator_t *(*create_attribute_enumerator) (cp_payload_t *this); - - /** - * Adds a configuration attribute to the configuration payload. - * - * @param attribute attribute to add - */ - void (*add_attribute)(cp_payload_t *this, - configuration_attribute_t *attribute); - - /** - * Get the configuration payload type. - * - * @return type of configuration payload - */ - config_type_t (*get_type) (cp_payload_t *this); - - /** - * Destroys an cp_payload_t object. - */ - void (*destroy) (cp_payload_t *this); -}; - -/** - * Creates an empty configuration payload - * - * @return empty configuration payload - */ -cp_payload_t *cp_payload_create(); - -/** - * Creates an cp_payload_t with type and value - * - * @param type type of configuration payload to create - * @return created configuration payload - */ -cp_payload_t *cp_payload_create_type(config_type_t config_type); - -#endif /** CP_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/delete_payload.c b/src/charon/encoding/payloads/delete_payload.c deleted file mode 100644 index 97b4743b2..000000000 --- a/src/charon/encoding/payloads/delete_payload.c +++ /dev/null @@ -1,292 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "delete_payload.h" - - -typedef struct private_delete_payload_t private_delete_payload_t; - -/** - * Private data of an delete_payload_t object. - * - */ -struct private_delete_payload_t { - /** - * Public delete_payload_t interface. - */ - delete_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Protocol ID. - */ - u_int8_t protocol_id; - - /** - * SPI Size. - */ - u_int8_t spi_size; - - /** - * Number of SPI's. - */ - u_int16_t spi_count; - - /** - * The contained SPI's. - */ - chunk_t spis; - - /** - * List containing u_int32_t spis - */ - linked_list_t *spi_list; -}; - -/** - * Encoding rules to parse or generate a DELETE payload - * - * The defined offsets are the positions in a object of type - * private_delete_payload_t. - * - */ -encoding_rule_t delete_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_delete_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_delete_payload_t, payload_length)}, - { U_INT_8, offsetof(private_delete_payload_t, protocol_id) }, - { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, - { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, - /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ - { SPIS, offsetof(private_delete_payload_t, spis) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Protocol ID ! SPI Size ! # of SPIs ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Security Parameter Index(es) (SPI) ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_delete_payload_t *this) -{ - switch (this->protocol_id) - { - case PROTO_AH: - case PROTO_ESP: - if (this->spi_size != 4) - { - return FAILED; - } - break; - case PROTO_IKE: - case 0: - /* IKE deletion has no spi assigned! */ - if (this->spi_size != 0) - { - return FAILED; - } - break; - default: - return FAILED; - } - if (this->spis.len != (this->spi_count * this->spi_size)) - { - return FAILED; - } - return SUCCESS; -} - -/** - * Implementation of delete_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_delete_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = delete_payload_encodings; - *rule_count = sizeof(delete_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_delete_payload_t *this) -{ - return DELETE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_delete_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_delete_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_delete_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of delete_payload_t.get_protocol_id. - */ -static protocol_id_t get_protocol_id (private_delete_payload_t *this) -{ - return (this->protocol_id); -} - -/** - * Implementation of delete_payload_t.add_spi. - */ -static void add_spi(private_delete_payload_t *this, u_int32_t spi) -{ - /* only add SPIs if AH|ESP, ignore others */ - if (this->protocol_id == PROTO_AH || this->protocol_id == PROTO_ESP) - { - this->spi_count += 1; - this->spis.len += this->spi_size; - this->spis.ptr = realloc(this->spis.ptr, this->spis.len); - *(u_int32_t*)(this->spis.ptr + (this->spis.len / this->spi_size - 1)) = spi; - if (this->spi_list) - { - /* reset SPI iterator list */ - this->spi_list->destroy(this->spi_list); - this->spi_list = NULL; - } - } -} - -/** - * Implementation of delete_payload_t.create_spi_iterator. - */ -static iterator_t* create_spi_iterator(private_delete_payload_t *this) -{ - int i; - - if (this->spi_list == NULL) - { - this->spi_list = linked_list_create(); - /* only parse SPIs if AH|ESP */ - if (this->protocol_id == PROTO_AH || this->protocol_id == PROTO_ESP) - { - for (i = 0; i < this->spi_count; i++) - { - this->spi_list->insert_last(this->spi_list, this->spis.ptr + i * - this->spi_size); - } - } - } - return this->spi_list->create_iterator(this->spi_list, TRUE); -} - -/** - * Implementation of payload_t.destroy and delete_payload_t.destroy. - */ -static void destroy(private_delete_payload_t *this) -{ - if (this->spis.ptr != NULL) - { - chunk_free(&this->spis); - } - if (this->spi_list) - { - this->spi_list->destroy(this->spi_list); - } - free(this); -} - -/* - * Described in header - */ -delete_payload_t *delete_payload_create(protocol_id_t protocol_id) -{ - private_delete_payload_t *this = malloc_thing(private_delete_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (delete_payload_t *)) destroy; - this->public.get_protocol_id = (protocol_id_t (*) (delete_payload_t *)) get_protocol_id; - this->public.add_spi = (void (*) (delete_payload_t *,u_int32_t))add_spi; - this->public.create_spi_iterator = (iterator_t* (*) (delete_payload_t *)) create_spi_iterator; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = DELETE_PAYLOAD_HEADER_LENGTH; - this->protocol_id = protocol_id; - this->spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0; - this->spi_count = 0; - this->spis = chunk_empty; - this->spi_list = NULL; - - return (&this->public); -} diff --git a/src/charon/encoding/payloads/delete_payload.h b/src/charon/encoding/payloads/delete_payload.h deleted file mode 100644 index 3b62c1af1..000000000 --- a/src/charon/encoding/payloads/delete_payload.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup delete_payload delete_payload - * @{ @ingroup payloads - */ - -#ifndef DELETE_PAYLOAD_H_ -#define DELETE_PAYLOAD_H_ - -typedef struct delete_payload_t delete_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/proposal_substructure.h> - -/** - * Length of a delete payload without the SPI in bytes. - */ -#define DELETE_PAYLOAD_HEADER_LENGTH 8 - -/** - * Class representing an IKEv2 DELETE payload. - * - * The DELETE payload format is described in RFC section 3.11. - */ -struct delete_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the protocol ID. - * - * @return protocol ID - */ - protocol_id_t (*get_protocol_id) (delete_payload_t *this); - - /** - * Add an SPI to the list of deleted SAs. - * - * @param spi spi to add - */ - void (*add_spi) (delete_payload_t *this, u_int32_t spi); - - /** - * Get an iterator over the SPIs. - * - * The iterate() function returns a pointer to a u_int32_t SPI. - * - * @return iterator over SPIs - */ - iterator_t *(*create_spi_iterator) (delete_payload_t *this); - - /** - * Destroys an delete_payload_t object. - */ - void (*destroy) (delete_payload_t *this); -}; - -/** - * Creates an empty delete_payload_t object. - * - * @param protocol_id protocol, such as AH|ESP - * @return delete_payload_t object - */ -delete_payload_t *delete_payload_create(protocol_id_t protocol_id); - -#endif /** DELETE_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/eap_payload.c b/src/charon/encoding/payloads/eap_payload.c deleted file mode 100644 index 21f34a642..000000000 --- a/src/charon/encoding/payloads/eap_payload.c +++ /dev/null @@ -1,302 +0,0 @@ -/* - * Copyright (C) 2005-2010 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "eap_payload.h" - -#include <daemon.h> - -typedef struct private_eap_payload_t private_eap_payload_t; - -/** - * Private data of an eap_payload_t object. - * - */ -struct private_eap_payload_t { - /** - * Public eap_payload_t interface. - */ - eap_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * EAP message data, if available - */ - chunk_t data; -}; - -/** - * Encoding rules to parse or generate a EAP payload. - * - * The defined offsets are the positions in a object of type - * private_eap_payload_t. - * - */ -static encoding_rule_t eap_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_eap_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_eap_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_eap_payload_t, payload_length) }, - /* chunt to data, starting at "code" */ - { EAP_DATA, offsetof(private_eap_payload_t, data) }, -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Code ! Identifier ! Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Type ! Type_Data... - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- -*/ - -METHOD(payload_t, verify, status_t, - private_eap_payload_t *this) -{ - u_int16_t length; - u_int8_t code; - - if (this->data.len < 4) - { - DBG1(DBG_ENC, "EAP payloads EAP message too short (%d)", this->data.len); - return FAILED; - } - length = untoh16(this->data.ptr + 2); - if (this->data.len != length) - { - DBG1(DBG_ENC, "EAP payload length (%d) does not match contained " - "message length (%d)", this->data.len, length); - return FAILED; - } - code = this->data.ptr[0]; - switch (code) - { - case EAP_REQUEST: - case EAP_RESPONSE: - { - if (this->data.len < 4) - { - DBG1(DBG_ENC, "EAP Request/Response does not have any data"); - return FAILED; - } - break; - } - case EAP_SUCCESS: - case EAP_FAILURE: - { - if (this->data.len != 4) - { - DBG1(DBG_ENC, "EAP Success/Failure has data"); - return FAILED; - } - break; - } - default: - return FAILED; - } - return SUCCESS; -} - -METHOD(payload_t, get_encoding_rules, void, - private_eap_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = eap_payload_encodings; - *rule_count = sizeof(eap_payload_encodings) / sizeof(encoding_rule_t); -} - -METHOD(payload_t, get_payload_type, payload_type_t, - private_eap_payload_t *this) -{ - return EXTENSIBLE_AUTHENTICATION; -} - -METHOD(payload_t, get_next_type, payload_type_t, - private_eap_payload_t *this) -{ - return (this->next_payload); -} - -METHOD(payload_t, set_next_type, void, - private_eap_payload_t *this, payload_type_t type) -{ - this->next_payload = type; -} - -METHOD(payload_t, get_length, size_t, - private_eap_payload_t *this) -{ - return this->payload_length; -} - -METHOD(eap_payload_t, get_data, chunk_t, - private_eap_payload_t *this) -{ - return this->data; -} - -METHOD(eap_payload_t, set_data, void, - private_eap_payload_t *this, chunk_t data) -{ - free(this->data.ptr); - this->data = chunk_clone(data); - this->payload_length = this->data.len + 4; -} - -METHOD(eap_payload_t, get_code, eap_code_t, - private_eap_payload_t *this) -{ - if (this->data.len > 0) - { - return this->data.ptr[0]; - } - /* should not happen, as it is verified */ - return 0; -} - -METHOD(eap_payload_t, get_identifier, u_int8_t, - private_eap_payload_t *this) -{ - if (this->data.len > 1) - { - return this->data.ptr[1]; - } - /* should not happen, as it is verified */ - return 0; -} - -METHOD(eap_payload_t, get_type, eap_type_t, - private_eap_payload_t *this, u_int32_t *vendor) -{ - eap_type_t type; - - *vendor = 0; - if (this->data.len > 4) - { - type = this->data.ptr[4]; - if (type != EAP_EXPANDED) - { - return type; - } - if (this->data.len >= 12) - { - *vendor = untoh32(this->data.ptr + 4) & 0x00FFFFFF; - return untoh32(this->data.ptr + 8); - } - } - return 0; -} - -METHOD2(payload_t, eap_payload_t, destroy, void, - private_eap_payload_t *this) -{ - chunk_free(&this->data); - free(this); -} - -/* - * Described in header - */ -eap_payload_t *eap_payload_create() -{ - private_eap_payload_t *this; - - INIT(this, - .public = { - .payload_interface = { - .verify = _verify, - .get_encoding_rules = _get_encoding_rules, - .get_length = _get_length, - .get_next_type = _get_next_type, - .set_next_type = _set_next_type, - .get_type = _get_payload_type, - .destroy = _destroy, - }, - .get_data = _get_data, - .set_data = _set_data, - .get_code = _get_code, - .get_identifier = _get_identifier, - .get_type = _get_type, - .destroy = _destroy, - }, - .next_payload = NO_PAYLOAD, - .payload_length = EAP_PAYLOAD_HEADER_LENGTH, - ); - return &this->public; -} - -/* - * Described in header - */ -eap_payload_t *eap_payload_create_data(chunk_t data) -{ - eap_payload_t *this = eap_payload_create(); - - this->set_data(this, data); - return this; -} - -/* - * Described in header - */ -eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier) -{ - chunk_t data; - - data = chunk_from_chars(code, identifier, 0, 0); - htoun16(data.ptr + 2, data.len); - return eap_payload_create_data(data); -} - -/* - * Described in header - */ -eap_payload_t *eap_payload_create_nak(u_int8_t identifier) -{ - chunk_t data; - - data = chunk_from_chars(EAP_RESPONSE, identifier, 0, 0, EAP_NAK); - htoun16(data.ptr + 2, data.len); - return eap_payload_create_data(data); -} - diff --git a/src/charon/encoding/payloads/eap_payload.h b/src/charon/encoding/payloads/eap_payload.h deleted file mode 100644 index 0bde4b15e..000000000 --- a/src/charon/encoding/payloads/eap_payload.h +++ /dev/null @@ -1,129 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup eap_payload eap_payload - * @{ @ingroup payloads - */ - -#ifndef EAP_PAYLOAD_H_ -#define EAP_PAYLOAD_H_ - -typedef struct eap_payload_t eap_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <sa/authenticators/eap/eap_method.h> - -/** - * Length of a EAP payload without the EAP Message in bytes. - */ -#define EAP_PAYLOAD_HEADER_LENGTH 4 - -/** - * Class representing an IKEv2 EAP payload. - * - * The EAP payload format is described in RFC section 3.16. - */ -struct eap_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Set the contained EAP data. - * - * This contains the FULL EAP message starting with "code". - * Chunk gets cloned. - * - * @param message EAP data - */ - void (*set_data) (eap_payload_t *this, chunk_t data); - - /** - * Get the contained EAP data. - * - * This contains the FULL EAP message starting with "code". - * - * @return EAP data (pointer to internal data) - */ - chunk_t (*get_data) (eap_payload_t *this); - - /** - * Get the EAP code. - * - * @return EAP message as chunk_t - */ - eap_code_t (*get_code) (eap_payload_t *this); - - /** - * Get the EAP identifier. - * - * @return unique identifier - */ - u_int8_t (*get_identifier) (eap_payload_t *this); - - /** - * Get the EAP method type. - * - * @param vendor pointer receiving vendor identifier - * @return EAP method type, vendor specific if vendor != 0 - */ - eap_type_t (*get_type) (eap_payload_t *this, u_int32_t *vendor); - - /** - * Destroys an eap_payload_t object. - */ - void (*destroy) (eap_payload_t *this); -}; - -/** - * Creates an empty eap_payload_t object. - * - * @return eap_payload_t object - */ -eap_payload_t *eap_payload_create(void); - -/** - * Creates an eap_payload_t object with data. - * - * @return eap_payload_t object - */ -eap_payload_t *eap_payload_create_data(chunk_t data); - -/** - * Creates an eap_payload_t object with a code. - * - * Could should be either EAP_SUCCESS/EAP_FAILURE, use - * constructor above otherwise. - * - * @param code EAP status code - * @param identifier EAP identifier to use in payload - * @return eap_payload_t object - */ -eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier); - -/** - * Creates an eap_payload_t EAP_RESPONSE containing an EAP_NAK. - * - * @param identifier EAP identifier to use in payload - * @return eap_payload_t object - */ -eap_payload_t *eap_payload_create_nak(u_int8_t identifier); - -#endif /** EAP_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/encodings.c b/src/charon/encoding/payloads/encodings.c deleted file mode 100644 index 85caeda82..000000000 --- a/src/charon/encoding/payloads/encodings.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - - -#include "encodings.h" - -ENUM(encoding_type_names, U_INT_4, ENCRYPTED_DATA, - "U_INT_4", - "U_INT_8", - "U_INT_16", - "U_INT_32", - "RESERVED_BIT", - "RESERVED_BYTE", - "FLAG", - "PAYLOAD_LENGTH", - "HEADER_LENGTH", - "SPI_SIZE", - "SPI", - "KEY_EXCHANGE_DATA", - "NOTIFICATION_DATA", - "PROPOSALS", - "TRANSFORMS", - "TRANSFORM_ATTRIBUTES", - "CONFIGURATION_ATTRIBUTES", - "CONFIGURATION_ATTRIBUTE_VALUE", - "ATTRIBUTE_FORMAT", - "ATTRIBUTE_TYPE", - "ATTRIBUTE_LENGTH_OR_VALUE", - "CONFIGURATION_ATTRIBUTE_LENGTH", - "ATTRIBUTE_VALUE", - "TRAFFIC_SELECTORS", - "TS_TYPE", - "ADDRESS", - "NONCE_DATA", - "ID_DATA", - "AUTH_DATA", - "CERT_DATA", - "CERTREQ_DATA", - "EAP_DATA", - "SPIS", - "VID_DATA", - "UNKNOWN_DATA", - "IKE_SPI", - "ENCRYPTED_DATA", -); diff --git a/src/charon/encoding/payloads/encodings.h b/src/charon/encoding/payloads/encodings.h deleted file mode 100644 index 52af4a984..000000000 --- a/src/charon/encoding/payloads/encodings.h +++ /dev/null @@ -1,515 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup encodings encodings - * @{ @ingroup payloads - */ - -#ifndef ENCODINGS_H_ -#define ENCODINGS_H_ - -typedef enum encoding_type_t encoding_type_t; -typedef struct encoding_rule_t encoding_rule_t; - -#include <library.h> - -/** - * All different kinds of encoding types. - * - * Each field of an IKEv2-Message (in header or payload) - * which has to be parsed or generated differently has its own - * type defined here. - * - * Header is parsed like a payload and gets its one payload_id - * from PRIVATE USE space. Also the substructures - * of specific payload types get their own payload_id - * from PRIVATE_USE space. See IKEv2-Draft for more informations. - */ -enum encoding_type_t { - - /** - * Representing a 4 Bit unsigned int value. - * - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 4 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 4 bit forward afterwards. - */ - U_INT_4, - - /** - * Representing a 8 Bit unsigned int value. - * - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 8 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 8 bit forward afterwards. - */ - U_INT_8, - - /** - * Representing a 16 Bit unsigned int value. - * - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 16 bit forward afterwards. - */ - U_INT_16, - - /** - * Representing a 32 Bit unsigned int value. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 32 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 32 bit forward afterwards. - */ - U_INT_32, - - /** - * represents a RESERVED_BIT used in FLAG-Bytes. - * - * When generating, the next bit is set to zero and the current write - * position is moved one bit forward. - * No value is read from the associated data struct. - * The current write position is moved 1 bit forward afterwards. - * - * When parsing, the current read pointer is moved one bit forward. - * No value is written to the associated data struct. - * The current read pointer is moved 1 bit forward afterwards. - */ - RESERVED_BIT, - - /** - * represents a RESERVED_BYTE. - * - * When generating, the next byte is set to zero and the current write - * position is moved one byte forward. - * No value is read from the associated data struct. - * The current write position is moved 1 byte forward afterwards. - * - * When parsing, the current read pointer is moved one byte forward. - * No value is written to the associated data struct. - * The current read pointer is moved 1 byte forward afterwards. - */ - RESERVED_BYTE, - - /** - * Representing a 1 Bit flag. - * - * When generation, the next bit is set to 1 if the associated value - * in the data struct is TRUE, 0 otherwise. The current write position - * is moved 1 bit forward afterwards. - * - * When parsing, the next bit is read and stored in the associated data - * struct. 0 means FALSE, 1 means TRUE, The current read pointer - * is moved 1 bit forward afterwards - */ - FLAG, - - /** - * Representating a length field of a payload. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 16 bit forward afterwards. - */ - PAYLOAD_LENGTH, - - /** - * Representating a length field of a header. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 32 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 32 bit forward afterwards. - */ - HEADER_LENGTH, - - /** - * Representating a spi size field. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 8 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 8 bit forward afterwards. - */ - SPI_SIZE, - - /** - * Representating a spi field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing SPI_SIZE bytes are read and written into the chunk pointing to. - */ - SPI, - - /** - * Representating a Key Exchange Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. - */ - KEY_EXCHANGE_DATA, - - /** - * Representating a Notification field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - spi size - 8) bytes are read and written into the chunk pointing to. - */ - NOTIFICATION_DATA, - - /** - * Representating one or more proposal substructures. - * - * The offset points to a linked_list_t pointer. - * - * When generating the proposal_substructure_t objects are stored - * in the pointed linked_list. - * - * When parsing the parsed proposal_substructure_t objects have - * to be stored in the pointed linked_list. - */ - PROPOSALS, - - /** - * Representating one or more transform substructures. - * - * The offset points to a linked_list_t pointer. - * - * When generating the transform_substructure_t objects are stored - * in the pointed linked_list. - * - * When parsing the parsed transform_substructure_t objects have - * to be stored in the pointed linked_list. - */ - TRANSFORMS, - - /** - * Representating one or more Attributes of a transform substructure. - * - * The offset points to a linked_list_t pointer. - * - * When generating the transform_attribute_t objects are stored - * in the pointed linked_list. - * - * When parsing the parsed transform_attribute_t objects have - * to be stored in the pointed linked_list. - */ - TRANSFORM_ATTRIBUTES, - - /** - * Representating one or more Attributes of a configuration payload. - * - * The offset points to a linked_list_t pointer. - * - * When generating the configuration_attribute_t objects are stored - * in the pointed linked_list. - * - * When parsing the parsed configuration_attribute_t objects have - * to be stored in the pointed linked_list. - */ - CONFIGURATION_ATTRIBUTES, - - /** - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. - */ - CONFIGURATION_ATTRIBUTE_VALUE, - - /** - * Representing a 1 Bit flag specifying the format of a transform attribute. - * - * When generation, the next bit is set to 1 if the associated value - * in the data struct is TRUE, 0 otherwise. The current write position - * is moved 1 bit forward afterwards. - * - * When parsing, the next bit is read and stored in the associated data - * struct. 0 means FALSE, 1 means TRUE, The current read pointer - * is moved 1 bit forward afterwards. - */ - ATTRIBUTE_FORMAT, - /** - * Representing a 15 Bit unsigned int value used as attribute type - * in an attribute transform. - * - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 15 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 15 bit forward afterwards. - */ - ATTRIBUTE_TYPE, - - /** - * Depending on the field of type ATTRIBUTE_FORMAT - * this field contains the length or the value of an transform attribute. - * Its stored in a 16 unsigned integer field. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 16 bit forward afterwards. - */ - ATTRIBUTE_LENGTH_OR_VALUE, - - /** - * This field contains the length or the value of an configuration attribute. - * Its stored in a 16 unsigned integer field. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 16 bit forward afterwards. - */ - CONFIGURATION_ATTRIBUTE_LENGTH, - - /** - * Depending on the field of type ATTRIBUTE_FORMAT - * this field is available or missing and so parsed/generated - * or not parsed/not generated. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing SPI_SIZE bytes are read and written into the chunk pointing to. - */ - ATTRIBUTE_VALUE, - - /** - * Representating one or more Traffic selectors of a TS payload. - * - * The offset points to a linked_list_t pointer. - * - * When generating the traffic_selector_substructure_t objects are stored - * in the pointed linked_list. - * - * When parsing the parsed traffic_selector_substructure_t objects have - * to be stored in the pointed linked_list. - */ - TRAFFIC_SELECTORS, - - /** - * Representating a Traffic selector type field. - * - * When generating it must be changed from host to network order. - * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * - * When parsing it must be changed from network to host order. - * The value is written to the associated data struct. - * The current read pointer is moved 16 bit forward afterwards. - */ - TS_TYPE, - - /** - * Representating an address field in a traffic selector. - * - * Depending on the last field of type TS_TYPE - * this field is either 4 or 16 byte long. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing 4 or 16 bytes are read and written into the chunk pointing to. - */ - ADDRESS, - - /** - * Representating a Nonce Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. - */ - NONCE_DATA, - - /** - * Representating a ID Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. - */ - ID_DATA, - - /** - * Representating a AUTH Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. - */ - AUTH_DATA, - - /** - * Representating a CERT Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 5) bytes are read and written into the chunk pointing to. - */ - CERT_DATA, - - /** - * Representating a CERTREQ Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 5) bytes are read and written into the chunk pointing to. - */ - CERTREQ_DATA, - - /** - * Representating an EAP message field. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. - */ - EAP_DATA, - - /** - * Representating the SPIS field in a DELETE payload. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. - */ - SPIS, - - /** - * Representating the VID DATA field in a VENDOR ID payload. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. - */ - VID_DATA, - - /** - * Representating the DATA of an unknown payload. - * - * When generating the content of the chunkt pointing to - * is written. - * - * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. - */ - UNKNOWN_DATA, - - /** - * Representating an IKE_SPI field in an IKEv2 Header. - * - * When generating the value of the u_int64_t pointing to - * is written (host and networ order is not changed). - * - * When parsing 8 bytes are read and written into the u_int64_t pointing to. - */ - IKE_SPI, - - /** - * Representing the encrypted data body of a encryption payload. - */ - ENCRYPTED_DATA, -}; - -/** - * enum name for encoding_type_t - */ -extern enum_name_t *encoding_type_names; - -/** - * Rule how to en-/decode a payload field. - * - * An encoding rule is a mapping of a specific encoding type to - * a location in the data struct where the current field is stored to - * or read from. - * This rules are used by parser and generator. - */ -struct encoding_rule_t { - - /** - * Encoding type. - */ - encoding_type_t type; - - /** - * Offset in the data struct. - * - * When parsing, data are written to this offset of the - * data struct. - * - * When generating, data are read from this offset in the - * data struct. - */ - u_int32_t offset; -}; - -#endif /** ENCODINGS_H_ @}*/ diff --git a/src/charon/encoding/payloads/encryption_payload.c b/src/charon/encoding/payloads/encryption_payload.c deleted file mode 100644 index 389ab09d7..000000000 --- a/src/charon/encoding/payloads/encryption_payload.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> -#include <string.h> - -#include "encryption_payload.h" - -#include <daemon.h> -#include <encoding/payloads/encodings.h> -#include <utils/linked_list.h> -#include <encoding/generator.h> -#include <encoding/parser.h> -#include <utils/iterator.h> -#include <crypto/signers/signer.h> - - -typedef struct private_encryption_payload_t private_encryption_payload_t; - -/** - * Private data of an encryption_payload_t' Object. - * - */ -struct private_encryption_payload_t { - - /** - * Public encryption_payload_t interface. - */ - encryption_payload_t public; - - /** - * There is no next payload for an encryption payload, - * since encryption payload MUST be the last one. - * next_payload means here the first payload of the - * contained, encrypted payload. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload - */ - u_int16_t payload_length; - - /** - * Chunk containing the iv, data, padding, - * and (an eventually not calculated) signature. - */ - chunk_t encrypted; - - /** - * Chunk containing the data in decrypted (unpadded) form. - */ - chunk_t decrypted; - - /** - * Signer set by set_signer. - */ - signer_t *signer; - - /** - * Crypter, supplied by encrypt/decrypt - */ - crypter_t *crypter; - - /** - * Contained payloads of this encrpytion_payload. - */ - linked_list_t *payloads; -}; - -/** - * Encoding rules to parse or generate a IKEv2-Encryption Payload. - * - * The defined offsets are the positions in a object of type - * private_encryption_payload_t. - * - */ -encoding_rule_t encryption_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_encryption_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_encryption_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole encryption payload*/ - { PAYLOAD_LENGTH, offsetof(private_encryption_payload_t, payload_length) }, - /* encrypted data, stored in a chunk. contains iv, data, padding */ - { ENCRYPTED_DATA, offsetof(private_encryption_payload_t, encrypted) }, -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Initialization Vector ! - ! (length is block size for encryption algorithm) ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Encrypted IKE Payloads ! - + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! Padding (0-255 octets) ! - +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+ - ! ! Pad Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ~ Integrity Checksum Data ~ - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_encryption_payload_t *this) -{ - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_encryption_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = encryption_payload_encodings; - *rule_count = sizeof(encryption_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_encryption_payload_t *this) -{ - return ENCRYPTED; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_encryption_payload_t *this) -{ - /* returns first contained payload here */ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_encryption_payload_t *this, payload_type_t type) -{ - /* set next type is not allowed, since this payload MUST be the last one - * and so nothing is done in here*/ -} - -/** - * (re-)compute the lenght of the whole payload - */ -static void compute_length(private_encryption_payload_t *this) -{ - iterator_t *iterator; - payload_t *current_payload; - size_t block_size, length = 0; - iterator = this->payloads->create_iterator(this->payloads, TRUE); - - /* count payload length */ - while (iterator->iterate(iterator, (void **) ¤t_payload)) - { - length += current_payload->get_length(current_payload); - } - iterator->destroy(iterator); - - if (this->crypter && this->signer) - { - /* append one byte for padding length */ - length++; - /* append padding */ - block_size = this->crypter->get_block_size(this->crypter); - length += block_size - length % block_size; - /* add iv */ - length += block_size; - /* add signature */ - length += this->signer->get_block_size(this->signer); - } - length += ENCRYPTION_PAYLOAD_HEADER_LENGTH; - this->payload_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_encryption_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of payload_t.create_payload_iterator. - */ -static iterator_t *create_payload_iterator (private_encryption_payload_t *this, bool forward) -{ - return (this->payloads->create_iterator(this->payloads, forward)); -} - -/** - * Implementation of payload_t.add_payload. - */ -static void add_payload(private_encryption_payload_t *this, payload_t *payload) -{ - payload_t *last_payload; - if (this->payloads->get_count(this->payloads) > 0) - { - this->payloads->get_last(this->payloads,(void **) &last_payload); - last_payload->set_next_type(last_payload, payload->get_type(payload)); - } - else - { - this->next_payload = payload->get_type(payload); - } - payload->set_next_type(payload, NO_PAYLOAD); - this->payloads->insert_last(this->payloads, (void*)payload); - compute_length(this); -} - -/** - * Implementation of encryption_payload_t.remove_first_payload. - */ -static status_t remove_first_payload(private_encryption_payload_t *this, payload_t **payload) -{ - return this->payloads->remove_first(this->payloads, (void**)payload); -} - -/** - * Implementation of encryption_payload_t.get_payload_count. - */ -static size_t get_payload_count(private_encryption_payload_t *this) -{ - return this->payloads->get_count(this->payloads); -} - -/** - * Generate payload before encryption. - */ -static void generate(private_encryption_payload_t *this) -{ - payload_t *current_payload, *next_payload; - generator_t *generator; - iterator_t *iterator; - - /* recalculate length before generating */ - compute_length(this); - - /* create iterator */ - iterator = this->payloads->create_iterator(this->payloads, TRUE); - - /* get first payload */ - if (iterator->iterate(iterator, (void**)¤t_payload)) - { - this->next_payload = current_payload->get_type(current_payload); - } - else - { - /* no paylads? */ - DBG2(DBG_ENC, "generating contained payloads, but none available"); - free(this->decrypted.ptr); - this->decrypted = chunk_empty; - iterator->destroy(iterator); - return; - } - - generator = generator_create(); - - /* build all payload, except last */ - while(iterator->iterate(iterator, (void**)&next_payload)) - { - current_payload->set_next_type(current_payload, next_payload->get_type(next_payload)); - generator->generate_payload(generator, current_payload); - current_payload = next_payload; - } - iterator->destroy(iterator); - - /* build last payload */ - current_payload->set_next_type(current_payload, NO_PAYLOAD); - generator->generate_payload(generator, current_payload); - - /* free already generated data */ - free(this->decrypted.ptr); - - generator->write_to_chunk(generator, &(this->decrypted)); - generator->destroy(generator); - DBG2(DBG_ENC, "successfully generated content in encryption payload"); -} - -/** - * Implementation of encryption_payload_t.encrypt. - */ -static status_t encrypt(private_encryption_payload_t *this) -{ - chunk_t iv, padding, to_crypt, result; - rng_t *rng; - size_t block_size; - - if (this->signer == NULL || this->crypter == NULL) - { - DBG1(DBG_ENC, "could not encrypt, signer/crypter not set"); - return INVALID_STATE; - } - - /* for random data in iv and padding */ - rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); - if (!rng) - { - DBG1(DBG_ENC, "could not encrypt, no RNG found"); - return FAILED; - } - /* build payload chunk */ - generate(this); - - DBG2(DBG_ENC, "encrypting payloads"); - DBG3(DBG_ENC, "data to encrypt %B", &this->decrypted); - - /* build padding */ - block_size = this->crypter->get_block_size(this->crypter); - padding.len = block_size - ((this->decrypted.len + 1) % block_size); - rng->allocate_bytes(rng, padding.len, &padding); - - /* concatenate payload data, padding, padding len */ - to_crypt.len = this->decrypted.len + padding.len + 1; - to_crypt.ptr = malloc(to_crypt.len); - - memcpy(to_crypt.ptr, this->decrypted.ptr, this->decrypted.len); - memcpy(to_crypt.ptr + this->decrypted.len, padding.ptr, padding.len); - *(to_crypt.ptr + to_crypt.len - 1) = padding.len; - - /* build iv */ - iv.len = block_size; - rng->allocate_bytes(rng, iv.len, &iv); - rng->destroy(rng); - - DBG3(DBG_ENC, "data before encryption with padding %B", &to_crypt); - - /* encrypt to_crypt chunk */ - free(this->encrypted.ptr); - this->crypter->encrypt(this->crypter, to_crypt, iv, &result); - free(padding.ptr); - free(to_crypt.ptr); - - DBG3(DBG_ENC, "data after encryption %B", &result); - - /* build encrypted result with iv and signature */ - this->encrypted.len = iv.len + result.len + this->signer->get_block_size(this->signer); - free(this->encrypted.ptr); - this->encrypted.ptr = malloc(this->encrypted.len); - - /* fill in result, signature is left out */ - memcpy(this->encrypted.ptr, iv.ptr, iv.len); - memcpy(this->encrypted.ptr + iv.len, result.ptr, result.len); - - free(result.ptr); - free(iv.ptr); - DBG3(DBG_ENC, "data after encryption with IV and (invalid) signature %B", - &this->encrypted); - - return SUCCESS; -} - -/** - * Parse the payloads after decryption. - */ -static status_t parse(private_encryption_payload_t *this) -{ - parser_t *parser; - status_t status; - payload_type_t current_payload_type; - - /* build a parser on the decrypted data */ - parser = parser_create(this->decrypted); - - current_payload_type = this->next_payload; - /* parse all payloads */ - while (current_payload_type != NO_PAYLOAD) - { - payload_t *current_payload; - - status = parser->parse_payload(parser, current_payload_type, (payload_t**)¤t_payload); - if (status != SUCCESS) - { - parser->destroy(parser); - return PARSE_ERROR; - } - - status = current_payload->verify(current_payload); - if (status != SUCCESS) - { - DBG1(DBG_ENC, "%N verification failed", - payload_type_names, current_payload->get_type(current_payload)); - current_payload->destroy(current_payload); - parser->destroy(parser); - return VERIFY_ERROR; - } - - /* get next payload type */ - current_payload_type = current_payload->get_next_type(current_payload); - - this->payloads->insert_last(this->payloads,current_payload); - } - parser->destroy(parser); - DBG2(DBG_ENC, "succesfully parsed content of encryption payload"); - return SUCCESS; -} - -/** - * Implementation of encryption_payload_t.encrypt. - */ -static status_t decrypt(private_encryption_payload_t *this) -{ - chunk_t iv, concatenated; - u_int8_t padding_length; - - DBG2(DBG_ENC, "decrypting encryption payload"); - DBG3(DBG_ENC, "data before decryption with IV and (invalid) signature %B", - &this->encrypted); - - if (this->signer == NULL || this->crypter == NULL) - { - DBG1(DBG_ENC, "could not decrypt, no crypter/signer set"); - return INVALID_STATE; - } - - /* get IV */ - iv.len = this->crypter->get_block_size(this->crypter); - - iv.ptr = this->encrypted.ptr; - - /* point concatenated to data + padding + padding_length*/ - concatenated.ptr = this->encrypted.ptr + iv.len; - concatenated.len = this->encrypted.len - iv.len - - this->signer->get_block_size(this->signer); - - /* concatenated must be a multiple of block_size of crypter */ - if (concatenated.len < iv.len || concatenated.len % iv.len) - { - DBG1(DBG_ENC, "could not decrypt, invalid input"); - return FAILED; - } - - /* free previus data, if any */ - free(this->decrypted.ptr); - - DBG3(DBG_ENC, "data before decryption %B", &concatenated); - - this->crypter->decrypt(this->crypter, concatenated, iv, &this->decrypted); - - DBG3(DBG_ENC, "data after decryption with padding %B", &this->decrypted); - - /* get padding length, sits just bevore signature */ - padding_length = *(this->decrypted.ptr + this->decrypted.len - 1); - /* add one byte to the padding length, since the padding_length field is - * not included */ - padding_length++; - this->decrypted.len -= padding_length; - - /* check size again */ - if (padding_length > concatenated.len || this->decrypted.len < 0) - { - DBG1(DBG_ENC, "decryption failed, invalid padding length found. Invalid key?"); - /* decryption failed :-/ */ - return FAILED; - } - - /* free padding */ - this->decrypted.ptr = realloc(this->decrypted.ptr, this->decrypted.len); - DBG3(DBG_ENC, "data after decryption without padding %B", &this->decrypted); - DBG2(DBG_ENC, "decryption successful, trying to parse content"); - return parse(this); -} - -/** - * Implementation of encryption_payload_t.set_transforms. - */ -static void set_transforms(private_encryption_payload_t *this, crypter_t* crypter, signer_t* signer) -{ - this->signer = signer; - this->crypter = crypter; -} - -/** - * Implementation of encryption_payload_t.build_signature. - */ -static status_t build_signature(private_encryption_payload_t *this, chunk_t data) -{ - chunk_t data_without_sig = data; - chunk_t sig; - - if (this->signer == NULL) - { - DBG1(DBG_ENC, "unable to build signature, no signer set"); - return INVALID_STATE; - } - - sig.len = this->signer->get_block_size(this->signer); - data_without_sig.len -= sig.len; - sig.ptr = data.ptr + data_without_sig.len; - DBG2(DBG_ENC, "building signature"); - this->signer->get_signature(this->signer, data_without_sig, sig.ptr); - return SUCCESS; -} - -/** - * Implementation of encryption_payload_t.verify_signature. - */ -static status_t verify_signature(private_encryption_payload_t *this, chunk_t data) -{ - chunk_t sig, data_without_sig; - bool valid; - - if (this->signer == NULL) - { - DBG1(DBG_ENC, "unable to verify signature, no signer set"); - return INVALID_STATE; - } - /* find signature in data chunk */ - sig.len = this->signer->get_block_size(this->signer); - if (data.len <= sig.len) - { - DBG1(DBG_ENC, "unable to verify signature, invalid input"); - return FAILED; - } - sig.ptr = data.ptr + data.len - sig.len; - - /* verify it */ - data_without_sig.len = data.len - sig.len; - data_without_sig.ptr = data.ptr; - valid = this->signer->verify_signature(this->signer, data_without_sig, sig); - - if (!valid) - { - DBG1(DBG_ENC, "signature verification failed"); - return FAILED; - } - - DBG2(DBG_ENC, "signature verification successful"); - return SUCCESS; -} - -/** - * Implementation of payload_t.destroy. - */ -static void destroy(private_encryption_payload_t *this) -{ - this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy)); - free(this->encrypted.ptr); - free(this->decrypted.ptr); - free(this); -} - -/* - * Described in header - */ -encryption_payload_t *encryption_payload_create() -{ - private_encryption_payload_t *this = malloc_thing(private_encryption_payload_t); - - /* payload_t interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.create_payload_iterator = (iterator_t * (*) (encryption_payload_t *,bool)) create_payload_iterator; - this->public.add_payload = (void (*) (encryption_payload_t *,payload_t *)) add_payload; - this->public.remove_first_payload = (status_t (*)(encryption_payload_t*, payload_t **)) remove_first_payload; - this->public.get_payload_count = (size_t (*)(encryption_payload_t*)) get_payload_count; - - this->public.encrypt = (status_t (*) (encryption_payload_t *)) encrypt; - this->public.decrypt = (status_t (*) (encryption_payload_t *)) decrypt; - this->public.set_transforms = (void (*) (encryption_payload_t*,crypter_t*,signer_t*)) set_transforms; - this->public.build_signature = (status_t (*) (encryption_payload_t*, chunk_t)) build_signature; - this->public.verify_signature = (status_t (*) (encryption_payload_t*, chunk_t)) verify_signature; - this->public.destroy = (void (*) (encryption_payload_t *)) destroy; - - /* set default values of the fields */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = ENCRYPTION_PAYLOAD_HEADER_LENGTH; - this->encrypted = chunk_empty; - this->decrypted = chunk_empty; - this->signer = NULL; - this->crypter = NULL; - this->payloads = linked_list_create(); - - return (&(this->public)); -} diff --git a/src/charon/encoding/payloads/encryption_payload.h b/src/charon/encoding/payloads/encryption_payload.h deleted file mode 100644 index ac5326b87..000000000 --- a/src/charon/encoding/payloads/encryption_payload.h +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup encryption_payload encryption_payload - * @{ @ingroup payloads - */ - -#ifndef ENCRYPTION_PAYLOAD_H_ -#define ENCRYPTION_PAYLOAD_H_ - -typedef struct encryption_payload_t encryption_payload_t; - -#include <library.h> -#include <crypto/crypters/crypter.h> -#include <crypto/signers/signer.h> -#include <encoding/payloads/payload.h> -#include <utils/linked_list.h> - -/** - * Encrpytion payload length in bytes without IV and following data. - */ -#define ENCRYPTION_PAYLOAD_HEADER_LENGTH 4 - - -/** - * The encryption payload as described in RFC section 3.14. - * - * Before any crypt/decrypt/sign/verify operation can occur, - * the transforms must be set. After that, a parsed encryption payload - * can be decrypted, which also will parse the contained payloads. - * Encryption is done the same way, added payloads will get generated - * and then encrypted. - * For signature building, there is the FULL packet needed. Meaning it - * must be builded after generation of all payloads and the encryption - * of the encryption payload. - * Signature verificatin is done before decryption. - */ -struct encryption_payload_t { - /** - * Implements payload_t interface. - */ - payload_t payload_interface; - - /** - * Creates an iterator for all contained payloads. - * - * iterator_t object has to get destroyed by the caller. - * - * @param forward iterator direction (TRUE: front to end) - * return created iterator_t object - */ - iterator_t *(*create_payload_iterator) (encryption_payload_t *this, bool forward); - - /** - * Adds a payload to this encryption payload. - * - * @param payload payload_t object to add - */ - void (*add_payload) (encryption_payload_t *this, payload_t *payload); - - /** - * Reove the last payload in the contained payload list. - * - * @param payload removed payload - * @return - * - SUCCESS, or - * - NOT_FOUND if list empty - */ - status_t (*remove_first_payload) (encryption_payload_t *this, payload_t **payload); - - /** - * Get the number of payloads. - * - * @return number of contained payloads - */ - size_t (*get_payload_count) (encryption_payload_t *this); - - /** - * Set transforms to use. - * - * To decryption, encryption, signature building and verifying, - * the payload needs a crypter and a signer object. - * - * @warning Do NOT call this function again after encryption, since - * the signer must be the same while encrypting and signature building! - * - * @param crypter crypter_t to use for data de-/encryption - * @param signer signer_t to use for data signing/verifying - */ - void (*set_transforms) (encryption_payload_t *this, crypter_t *crypter, signer_t *signer); - - /** - * Generate and encrypt contained payloads. - * - * This function generates the content for added payloads - * and encrypts them. Signature is not built, since we need - * additional data (the full message). - * - * @return SUCCESS, or INVALID_STATE if transforms not set - */ - status_t (*encrypt) (encryption_payload_t *this); - - /** - * Decrypt and parse contained payloads. - * - * This function decrypts the contained data. After, - * the payloads are parsed internally and are accessible - * via the iterator. - * - * @return - * - SUCCESS, or - * - INVALID_STATE if transforms not set, or - * - FAILED if data is invalid - */ - status_t (*decrypt) (encryption_payload_t *this); - - /** - * Build the signature. - * - * The signature is built over the FULL message, so the header - * and every payload (inclusive this one) must already be generated. - * The generated message is supplied via the data paramater. - * - * @param data chunk contains the already generated message - * @return - * - SUCCESS, or - * - INVALID_STATE if transforms not set - */ - status_t (*build_signature) (encryption_payload_t *this, chunk_t data); - - /** - * Verify the signature. - * - * Since the signature is built over the full message, we need - * this data to do the verification. The message data - * is supplied via the data argument. - * - * @param data chunk contains the message - * @return - * - SUCCESS, or - * - FAILED if signature invalid, or - * - INVALID_STATE if transforms not set - */ - status_t (*verify_signature) (encryption_payload_t *this, chunk_t data); - - /** - * Destroys an encryption_payload_t object. - */ - void (*destroy) (encryption_payload_t *this); -}; - -/** - * Creates an empty encryption_payload_t object. - * - * @return encryption_payload_t object - */ -encryption_payload_t *encryption_payload_create(void); - -#endif /** ENCRYPTION_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/endpoint_notify.c b/src/charon/encoding/payloads/endpoint_notify.c deleted file mode 100644 index faec1ea71..000000000 --- a/src/charon/encoding/payloads/endpoint_notify.c +++ /dev/null @@ -1,422 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "endpoint_notify.h" - -#include <math.h> - -#include <daemon.h> - -typedef struct private_endpoint_notify_t private_endpoint_notify_t; - -/** - * Private data of an notify_payload_t object. - */ -struct private_endpoint_notify_t { - /** - * Public endpoint_notify_t interface. - */ - endpoint_notify_t public; - - /** - * Priority - */ - u_int32_t priority; - - /** - * Family - */ - me_endpoint_family_t family; - - /** - * Endpoint type - */ - me_endpoint_type_t type; - - /** - * Endpoint - */ - host_t *endpoint; - - /** - * Base (used for server reflexive endpoints) - */ - host_t *base; -}; - -/* Notification data: - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Priority ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Family ! Type ! Port ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! IP Address (variable) ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -ENUM(me_endpoint_type_names, HOST, RELAYED, - "HOST", - "PEER_REFLEXIVE", - "SERVER_REFLEXIVE", - "RELAYED" -); - -/** - * Helper functions to parse integer values - */ -static status_t parse_uint8(u_int8_t **cur, u_int8_t *top, u_int8_t *val) -{ - if (*cur + sizeof(u_int8_t) > top) - { - return FAILED; - } - *val = *(u_int8_t*)*cur; - *cur += sizeof(u_int8_t); - return SUCCESS; -} - -static status_t parse_uint16(u_int8_t **cur, u_int8_t *top, u_int16_t *val) -{ - if (*cur + sizeof(u_int16_t) > top) - { - return FAILED; - } - *val = ntohs(*(u_int16_t*)*cur); - *cur += sizeof(u_int16_t); - return SUCCESS; -} - -static status_t parse_uint32(u_int8_t **cur, u_int8_t *top, u_int32_t *val) -{ - if (*cur + sizeof(u_int32_t) > top) - { - return FAILED; - } - *val = ntohl(*(u_int32_t*)*cur); - *cur += sizeof(u_int32_t); - return SUCCESS; -} - -/** - * Parses the notification data of a ME_ENDPOINT notify - */ -static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t data) -{ - u_int8_t family, type, addr_family; - u_int16_t port; - chunk_t addr; - u_int8_t *cur = data.ptr; - u_int8_t *top = data.ptr + data.len; - - DBG3(DBG_IKE, "me_endpoint_data %B", &data); - - if (parse_uint32(&cur, top, &this->priority) != SUCCESS) - { - DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid priority"); - return FAILED; - } - - if (parse_uint8(&cur, top, &family) != SUCCESS || family >= MAX_FAMILY) - { - DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid family"); - return FAILED; - } - this->family = (me_endpoint_family_t)family; - - if (parse_uint8(&cur, top, &type) != SUCCESS || - type == NO_TYPE || type >= MAX_TYPE) - { - DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid type"); - return FAILED; - } - this->type = (me_endpoint_type_t)type; - - addr_family = AF_INET; - addr.len = 4; - - switch(this->family) - { - case IPv6: - addr_family = AF_INET6; - addr.len = 16; - /* fall-through */ - case IPv4: - if (parse_uint16(&cur, top, &port) != SUCCESS) - { - DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid port"); - return FAILED; - } - - if (cur + addr.len > top) - { - DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid IP address"); - return FAILED; - } - - addr.ptr = cur; - this->endpoint = host_create_from_chunk(addr_family, addr, port); - break; - case NO_FAMILY: - default: - this->endpoint = NULL; - break; - } - return SUCCESS; -} - - -/** - * Generates the notification data of a ME_ENDPOINT notify - */ -static chunk_t build_notification_data(private_endpoint_notify_t *this) -{ - chunk_t prio_chunk, family_chunk, type_chunk, port_chunk, addr_chunk; - chunk_t data; - u_int32_t prio; - u_int16_t port; - u_int8_t family, type; - - prio = htonl(this->priority); - prio_chunk = chunk_from_thing(prio); - family = this->family; - family_chunk = chunk_from_thing(family); - type = this->type; - type_chunk = chunk_from_thing(type); - - if (this->endpoint) - { - port = htons(this->endpoint->get_port(this->endpoint)); - addr_chunk = this->endpoint->get_address(this->endpoint); - } - else - { - port = 0; - addr_chunk = chunk_empty; - } - port_chunk = chunk_from_thing(port); - - /* data = prio | family | type | port | addr */ - data = chunk_cat("ccccc", prio_chunk, family_chunk, type_chunk, - port_chunk, addr_chunk); - DBG3(DBG_IKE, "me_endpoint_data %B", &data); - return data; -} - -/** - * Implementation of endpoint_notify_t.build_notify - */ -static notify_payload_t *build_notify(private_endpoint_notify_t *this) -{ - chunk_t data; - notify_payload_t *notify; - - notify = notify_payload_create(); - notify->set_notify_type(notify, ME_ENDPOINT); - data = build_notification_data(this); - notify->set_notification_data(notify, data); - chunk_free(&data); - - return notify; -} - -/** - * Implementation of endpoint_notify_t.get_priority. - */ -static u_int32_t get_priority(private_endpoint_notify_t *this) -{ - return this->priority; -} - -/** - * Implementation of endpoint_notify_t.set_priority. - */ -static void set_priority(private_endpoint_notify_t *this, u_int32_t priority) -{ - this->priority = priority; -} - -/** - * Implementation of endpoint_notify_t.get_type. - */ -static me_endpoint_type_t get_type(private_endpoint_notify_t *this) -{ - return this->type; -} - -/** - * Implementation of endpoint_notify_t.get_family. - */ -static me_endpoint_family_t get_family(private_endpoint_notify_t *this) -{ - return this->family; -} - -/** - * Implementation of endpoint_notify_t.get_host. - */ -static host_t *get_host(private_endpoint_notify_t *this) -{ - return this->endpoint; -} - -/** - * Implementation of endpoint_notify_t.get_base. - */ -static host_t *get_base(private_endpoint_notify_t *this) -{ - return (!this->base) ? this->endpoint : this->base; -} - -/** - * Implementation of endpoint_notify_t.clone. - */ -static endpoint_notify_t *_clone(private_endpoint_notify_t *this) -{ - private_endpoint_notify_t *clone = (private_endpoint_notify_t*)endpoint_notify_create(); - - clone->priority = this->priority; - clone->type = this->type; - clone->family = this->family; - if (this->endpoint) - { - clone->endpoint = this->endpoint->clone(this->endpoint); - } - - if (this->base) - { - clone->base = this->base->clone(this->base); - } - - return &clone->public; -} - -/** - * Implementation of endpoint_notify_t.destroy. - */ -static status_t destroy(private_endpoint_notify_t *this) -{ - DESTROY_IF(this->endpoint); - DESTROY_IF(this->base); - free(this); - return SUCCESS; -} - -/* - * Described in header - */ -endpoint_notify_t *endpoint_notify_create() -{ - private_endpoint_notify_t *this = malloc_thing(private_endpoint_notify_t); - - /* public functions */ - this->public.get_priority = (u_int32_t (*) (endpoint_notify_t *)) get_priority; - this->public.set_priority = (void (*) (endpoint_notify_t *, u_int32_t)) set_priority; - this->public.get_type = (me_endpoint_type_t (*) (endpoint_notify_t *)) get_type; - this->public.get_family = (me_endpoint_family_t (*) (endpoint_notify_t *)) get_family; - this->public.get_host = (host_t *(*) (endpoint_notify_t *)) get_host; - this->public.get_base = (host_t *(*) (endpoint_notify_t *)) get_base; - this->public.build_notify = (notify_payload_t *(*) (endpoint_notify_t *)) build_notify; - this->public.clone = (endpoint_notify_t *(*) (endpoint_notify_t *)) _clone; - this->public.destroy = (void (*) (endpoint_notify_t *)) destroy; - - /* set default values of the fields */ - this->priority = 0; - this->family = NO_FAMILY; - this->type = NO_TYPE; - this->endpoint = NULL; - this->base = NULL; - - return &this->public; -} - -/** - * Described in header - */ -endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, host_t *host, host_t *base) -{ - private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); - - this->type = type; - - switch(type) - { - case HOST: - this->priority = pow(2, 16) * ME_PRIO_HOST; - break; - case PEER_REFLEXIVE: - this->priority = pow(2, 16) * ME_PRIO_PEER; - break; - case SERVER_REFLEXIVE: - this->priority = pow(2, 16) * ME_PRIO_SERVER; - break; - case RELAYED: - default: - this->priority = pow(2, 16) * ME_PRIO_RELAY; - break; - } - - /* FIXME: if there is more than one ip address we should vary this priority */ - this->priority += 65535; - - if (!host) - { - return &this->public; - } - - switch(host->get_family(host)) - { - case AF_INET: - this->family = IPv4; - break; - case AF_INET6: - this->family = IPv6; - break; - default: - /* unsupported family type, we do not set the host - * (family is set to NO_FAMILY) */ - return &this->public; - } - - this->endpoint = host->clone(host); - - if (base) - { - this->base = base->clone(base); - } - - return &this->public; -} - -/** - * Described in header - */ -endpoint_notify_t *endpoint_notify_create_from_payload(notify_payload_t *notify) -{ - if (notify->get_notify_type(notify) != ME_ENDPOINT) - { - return NULL; - } - - private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); - chunk_t data = notify->get_notification_data(notify); - if (parse_notification_data(this, data) != SUCCESS) - { - destroy(this); - return NULL; - } - return &this->public; -} diff --git a/src/charon/encoding/payloads/endpoint_notify.h b/src/charon/encoding/payloads/endpoint_notify.h deleted file mode 100644 index 120eef49a..000000000 --- a/src/charon/encoding/payloads/endpoint_notify.h +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup endpoint_notify endpoint_notify - * @{ @ingroup payloads - */ - -#ifndef ENDPOINT_NOTIFY_H_ -#define ENDPOINT_NOTIFY_H_ - -#define ME_PRIO_HOST 255 -#define ME_PRIO_PEER 128 -#define ME_PRIO_SERVER 64 -#define ME_PRIO_RELAY 0 - -typedef enum me_endpoint_family_t me_endpoint_family_t; -typedef enum me_endpoint_type_t me_endpoint_type_t; -typedef struct endpoint_notify_t endpoint_notify_t; - -#include <encoding/payloads/notify_payload.h> - -/** - * ME endpoint families. - */ -enum me_endpoint_family_t { - - NO_FAMILY = 0, - - IPv4 = 1, - - IPv6 = 2, - - MAX_FAMILY = 3 - -}; - -/** - * ME endpoint types. - */ -enum me_endpoint_type_t { - - NO_TYPE = 0, - - HOST = 1, - - PEER_REFLEXIVE = 2, - - SERVER_REFLEXIVE = 3, - - RELAYED = 4, - - MAX_TYPE = 5 - -}; - -/** - * enum name for me_endpoint_type_t. - */ -extern enum_name_t *me_endpoint_type_names; - -/** - * Class representing a ME_ENDPOINT Notify payload. In fact it's not - * the notify per se, but the notification data of that notify that is - * handled with this class. - */ -struct endpoint_notify_t { - /** - * Returns the priority of this endpoint. - * - * @return priority - */ - u_int32_t (*get_priority) (endpoint_notify_t *this); - - /** - * Sets the priority of this endpoint. - * - * @param priority priority - */ - void (*set_priority) (endpoint_notify_t *this, u_int32_t priority); - - /** - * Returns the endpoint type of this endpoint. - * - * @return endpoint type - */ - me_endpoint_type_t (*get_type) (endpoint_notify_t *this); - - /** - * Returns the endpoint family of this endpoint. - * - * @return endpoint family - */ - me_endpoint_family_t (*get_family) (endpoint_notify_t *this); - - /** - * Returns the host of this endpoint. - * - * @return host - */ - host_t *(*get_host) (endpoint_notify_t *this); - - /** - * Returns the base of this endpoint. - * - * If this is not a SERVER_REFLEXIVE endpoint, the returned host is the same - * as the one returned by get_host. - * - * @return host - */ - host_t *(*get_base) (endpoint_notify_t *this); - - /** - * Generates a notification payload from this endpoint. - * - * @return built notify_payload_t - */ - notify_payload_t *(*build_notify) (endpoint_notify_t *this); - - /** - * Clones an endpoint_notify_t object. - * - * @return cloned object - */ - endpoint_notify_t *(*clone) (endpoint_notify_t *this); - - /** - * Destroys an endpoint_notify_t object. - */ - void (*destroy) (endpoint_notify_t *this); -}; - -/** - * Creates an empty endpoint_notify_t object. - * - * @return created endpoint_notify_t object - */ -endpoint_notify_t *endpoint_notify_create(void); - - -/** - * Creates an endpoint_notify_t object from a host. - * - * @param type the endpoint type - * @param host host to base the notify on (gets cloned) - * @param base base of the endpoint, applies only to reflexive endpoints (gets cloned) - * @return created endpoint_notify_t object - */ -endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, - host_t *host, host_t *base); - -/** - * Creates an endpoint_notify_t object from a notify payload. - * - * @param notify the notify payload - * @return - created endpoint_notify_t object - * - NULL if invalid payload - */ -endpoint_notify_t *endpoint_notify_create_from_payload(notify_payload_t *notify); - -#endif /** ENDPOINT_NOTIFY_H_ @}*/ diff --git a/src/charon/encoding/payloads/id_payload.c b/src/charon/encoding/payloads/id_payload.c deleted file mode 100644 index 4158c3e07..000000000 --- a/src/charon/encoding/payloads/id_payload.c +++ /dev/null @@ -1,293 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "id_payload.h" - -#include <daemon.h> -#include <encoding/payloads/encodings.h> - -typedef struct private_id_payload_t private_id_payload_t; - -/** - * Private data of an id_payload_t object. - * - */ -struct private_id_payload_t { - /** - * Public id_payload_t interface. - */ - id_payload_t public; - - /** - * one of ID_INITIATOR, ID_RESPONDER - */ - payload_type_t payload_type; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Type of the ID Data. - */ - u_int8_t id_type; - - /** - * The contained id data value. - */ - chunk_t id_data; -}; - -/** - * Encoding rules to parse or generate a ID payload - * - * The defined offsets are the positions in a object of type - * private_id_payload_t. - * - */ -encoding_rule_t id_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_id_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_id_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_id_payload_t, payload_length) }, - /* 1 Byte ID type*/ - { U_INT_8, offsetof(private_id_payload_t, id_type) }, - /* 3 reserved bytes */ - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - /* some id data bytes, length is defined in PAYLOAD_LENGTH */ - { ID_DATA, offsetof(private_id_payload_t, id_data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ID Type ! RESERVED | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Identification Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_id_payload_t *this) -{ - if ((this->id_type == 0) || - (this->id_type == 4) || - ((this->id_type >= 6) && (this->id_type <= 8)) || - ((this->id_type >= 12) && (this->id_type <= 200))) - { - /* reserved IDs */ - DBG1(DBG_ENC, "received ID with reserved type %d", this->id_type); - return FAILED; - } - - return SUCCESS; -} - -/** - * Implementation of id_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_id_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = id_payload_encodings; - *rule_count = sizeof(id_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_id_payload_t *this) -{ - return this->payload_type; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_id_payload_t *this) -{ - return this->next_payload; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_id_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_id_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of id_payload_t.set_type. - */ -static void set_id_type (private_id_payload_t *this, id_type_t type) -{ - this->id_type = type; -} - -/** - * Implementation of id_payload_t.get_id_type. - */ -static id_type_t get_id_type (private_id_payload_t *this) -{ - return (this->id_type); -} - -/** - * Implementation of id_payload_t.set_data. - */ -static void set_data (private_id_payload_t *this, chunk_t data) -{ - if (this->id_data.ptr != NULL) - { - chunk_free(&(this->id_data)); - } - this->id_data.ptr = clalloc(data.ptr,data.len); - this->id_data.len = data.len; - this->payload_length = ID_PAYLOAD_HEADER_LENGTH + this->id_data.len; -} - - -/** - * Implementation of id_payload_t.get_data_clone. - */ -static chunk_t get_data (private_id_payload_t *this) -{ - return (this->id_data); -} - -/** - * Implementation of id_payload_t.get_data_clone. - */ -static chunk_t get_data_clone (private_id_payload_t *this) -{ - chunk_t cloned_data; - if (this->id_data.ptr == NULL) - { - return (this->id_data); - } - cloned_data.ptr = clalloc(this->id_data.ptr,this->id_data.len); - cloned_data.len = this->id_data.len; - return cloned_data; -} - -/** - * Implementation of id_payload_t.get_identification. - */ -static identification_t *get_identification (private_id_payload_t *this) -{ - return identification_create_from_encoding(this->id_type,this->id_data); -} - -/** - * Implementation of payload_t.destroy and id_payload_t.destroy. - */ -static void destroy(private_id_payload_t *this) -{ - if (this->id_data.ptr != NULL) - { - chunk_free(&(this->id_data)); - } - free(this); -} - -/* - * Described in header. - */ -id_payload_t *id_payload_create(payload_type_t payload_type) -{ - private_id_payload_t *this = malloc_thing(private_id_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (id_payload_t *)) destroy; - this->public.set_id_type = (void (*) (id_payload_t *,id_type_t)) set_id_type; - this->public.get_id_type = (id_type_t (*) (id_payload_t *)) get_id_type; - this->public.set_data = (void (*) (id_payload_t *,chunk_t)) set_data; - this->public.get_data = (chunk_t (*) (id_payload_t *)) get_data; - this->public.get_data_clone = (chunk_t (*) (id_payload_t *)) get_data_clone; - - this->public.get_identification = (identification_t * (*) (id_payload_t *this)) get_identification; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length =ID_PAYLOAD_HEADER_LENGTH; - this->id_data = chunk_empty; - this->payload_type = payload_type; - - return (&(this->public)); -} - -/* - * Described in header. - */ -id_payload_t *id_payload_create_from_identification(payload_type_t payload_type, identification_t *identification) -{ - id_payload_t *this= id_payload_create(payload_type); - this->set_data(this,identification->get_encoding(identification)); - this->set_id_type(this,identification->get_type(identification)); - return this; -} diff --git a/src/charon/encoding/payloads/id_payload.h b/src/charon/encoding/payloads/id_payload.h deleted file mode 100644 index 5502dc961..000000000 --- a/src/charon/encoding/payloads/id_payload.h +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup id_payload id_payload - * @{ @ingroup payloads - */ - -#ifndef ID_PAYLOAD_H_ -#define ID_PAYLOAD_H_ - -typedef struct id_payload_t id_payload_t; - -#include <library.h> -#include <utils/identification.h> -#include <encoding/payloads/payload.h> - -/** - * Length of a id payload without the data in bytes. - */ -#define ID_PAYLOAD_HEADER_LENGTH 8 - -/** - * Object representing an IKEv2 ID payload. - * - * The ID payload format is described in RFC section 3.5. - */ -struct id_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Set the ID type. - * - * @param type Type of ID - */ - void (*set_id_type) (id_payload_t *this, id_type_t type); - - /** - * Get the ID type. - * - * @return type of the ID - */ - id_type_t (*get_id_type) (id_payload_t *this); - - /** - * Set the ID data. - * - * Data are getting cloned. - * - * @param data ID data as chunk_t - */ - void (*set_data) (id_payload_t *this, chunk_t data); - - /** - * Get the ID data. - * - * Returned data are a copy of the internal one - * - * @return ID data as chunk_t - */ - chunk_t (*get_data_clone) (id_payload_t *this); - - /** - * Get the ID data. - * - * Returned data are NOT copied. - * - * @return ID data as chunk_t - */ - chunk_t (*get_data) (id_payload_t *this); - - /** - * Creates an identification object of this id payload. - * - * Returned object has to get destroyed by the caller. - * - * @return identification_t object - */ - identification_t *(*get_identification) (id_payload_t *this); - - /** - * Destroys an id_payload_t object. - */ - void (*destroy) (id_payload_t *this); -}; - -/** - * Creates an empty id_payload_t object. - * - * @param payload_type one of ID_INITIATOR, ID_RESPONDER - * @return id_payload_t object - */ -id_payload_t *id_payload_create(payload_type_t payload_type); - -/** - * Creates an id_payload_t from an existing identification_t object. - * - * @param payload_type one of ID_INITIATOR, ID_RESPONDER - * @param identification identification_t object - * @return id_payload_t object - */ -id_payload_t *id_payload_create_from_identification(payload_type_t payload_type, - identification_t *identification); - -#endif /** ID_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/ike_header.c b/src/charon/encoding/payloads/ike_header.c deleted file mode 100644 index 735f01304..000000000 --- a/src/charon/encoding/payloads/ike_header.c +++ /dev/null @@ -1,415 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/* offsetof macro */ -#include <stddef.h> - -#include "ike_header.h" - -#include <encoding/payloads/encodings.h> - - -typedef struct private_ike_header_t private_ike_header_t; - -/** - * Private data of an ike_header_t object. - */ -struct private_ike_header_t { - /** - * Public interface. - */ - ike_header_t public; - - /** - * SPI of the initiator. - */ - u_int64_t initiator_spi; - - /** - * SPI of the responder. - */ - u_int64_t responder_spi; - - /** - * Next payload type. - */ - u_int8_t next_payload; - /** - * IKE major version. - */ - u_int8_t maj_version; - - /** - * IKE minor version. - */ - u_int8_t min_version; - - /** - * Exchange type . - */ - u_int8_t exchange_type; - - /** - * Flags of the Message. - */ - struct { - /** - * Sender is initiator of the associated IKE_SA_INIT-Exchange. - */ - bool initiator; - - /** - * Is protocol supporting higher version? - */ - bool version; - - /** - * TRUE, if this is a response, FALSE if its a Request. - */ - bool response; - } flags; - - /** - * Associated Message-ID. - */ - u_int32_t message_id; - - /** - * Length of the whole IKEv2-Message (header and all payloads). - */ - u_int32_t length; -}; - -ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED, - "EXCHANGE_TYPE_UNDEFINED"); -ENUM_NEXT(exchange_type_names, IKE_SA_INIT, INFORMATIONAL, EXCHANGE_TYPE_UNDEFINED, - "IKE_SA_INIT", - "IKE_AUTH", - "CREATE_CHILD_SA", - "INFORMATIONAL"); -#ifdef ME -ENUM_NEXT(exchange_type_names, ME_CONNECT, ME_CONNECT, INFORMATIONAL, - "ME_CONNECT"); -ENUM_END(exchange_type_names, ME_CONNECT); -#else -ENUM_END(exchange_type_names, INFORMATIONAL); -#endif /* ME */ - -/** - * Encoding rules to parse or generate a IKEv2-Header. - * - * The defined offsets are the positions in a object of type - * ike_header_t. - */ -encoding_rule_t ike_header_encodings[] = { - /* 8 Byte SPI, stored in the field initiator_spi */ - { IKE_SPI, offsetof(private_ike_header_t, initiator_spi) }, - /* 8 Byte SPI, stored in the field responder_spi */ - { IKE_SPI, offsetof(private_ike_header_t, responder_spi) }, - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_ike_header_t, next_payload) }, - /* 4 Bit major version, stored in the field maj_version */ - { U_INT_4, offsetof(private_ike_header_t, maj_version) }, - /* 4 Bit minor version, stored in the field min_version */ - { U_INT_4, offsetof(private_ike_header_t, min_version) }, - /* 8 Bit for the exchange type */ - { U_INT_8, offsetof(private_ike_header_t, exchange_type) }, - /* 2 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* 3 Bit flags, stored in the fields response, version and initiator */ - { FLAG, offsetof(private_ike_header_t, flags.response) }, - { FLAG, offsetof(private_ike_header_t, flags.version) }, - { FLAG, offsetof(private_ike_header_t, flags.initiator) }, - /* 3 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* 4 Byte message id, stored in the field message_id */ - { U_INT_32, offsetof(private_ike_header_t, message_id) }, - /* 4 Byte length fied, stored in the field length */ - { HEADER_LENGTH, offsetof(private_ike_header_t, length) } -}; - - -/* 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! IKE_SA Initiator's SPI ! - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! IKE_SA Responder's SPI ! - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Message ID ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_ike_header_t *this) -{ - if ((this->exchange_type < IKE_SA_INIT) || - ((this->exchange_type > INFORMATIONAL) -#ifdef ME - && (this->exchange_type != ME_CONNECT) -#endif /* ME */ - )) - { - /* unsupported exchange type */ - return FAILED; - } - - if (this->initiator_spi == 0 -#ifdef ME - /* we allow zero spi for INFORMATIONAL exchanges, - * to allow connectivity checks */ - && this->exchange_type != INFORMATIONAL -#endif /* ME */ - ) - { - /* initiator spi not set */ - return FAILED; - } - - /* verification of version is not done in here */ - - return SUCCESS; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(payload_t *this,payload_type_t type) -{ - ((private_ike_header_t *)this)->next_payload = type; -} -/** - * Implementation of ike_header_t.get_initiator_spi. - */ -static u_int64_t get_initiator_spi(private_ike_header_t *this) -{ - return this->initiator_spi; -} - -/** - * Implementation of ike_header_t.set_initiator_spi. - */ -static void set_initiator_spi(private_ike_header_t *this, u_int64_t initiator_spi) -{ - this->initiator_spi = initiator_spi; -} - -/** - * Implementation of ike_header_t.get_responder_spi. - */ -static u_int64_t get_responder_spi(private_ike_header_t *this) -{ - return this->responder_spi; -} - -/** - * Implementation of ike_header_t.set_responder_spi. - */ -static void set_responder_spi(private_ike_header_t *this, u_int64_t responder_spi) -{ - this->responder_spi = responder_spi; -} - -/** - * Implementation of ike_header_t.get_maj_version. - */ -static u_int8_t get_maj_version(private_ike_header_t *this) -{ - return this->maj_version; -} - -/** - * Implementation of ike_header_t.get_min_version. - */ -static u_int8_t get_min_version(private_ike_header_t *this) -{ - return this->min_version; -} - -/** - * Implementation of ike_header_t.get_response_flag. - */ -static bool get_response_flag(private_ike_header_t *this) -{ - return this->flags.response; -} - -/** - * Implementation of ike_header_t.set_response_flag. - */ -static void set_response_flag(private_ike_header_t *this, bool response) -{ - this->flags.response = response; -} - -/** - * Implementation of ike_header_t.get_version_flag. - */ -static bool get_version_flag(private_ike_header_t *this) -{ - return this->flags.version; -} - -/** - * Implementation of ike_header_t.get_initiator_flag. - */ -static bool get_initiator_flag(private_ike_header_t *this) -{ - return this->flags.initiator; -} - -/** - * Implementation of ike_header_t.set_initiator_flag. - */ -static void set_initiator_flag(private_ike_header_t *this, bool initiator) -{ - this->flags.initiator = initiator; -} - -/** - * Implementation of ike_header_t.get_exchange_type. - */ -static u_int8_t get_exchange_type(private_ike_header_t *this) -{ - return this->exchange_type; -} - -/** - * Implementation of ike_header_t.set_exchange_type. - */ -static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type) -{ - this->exchange_type = exchange_type; -} - -/** - * Implements ike_header_t's get_message_id function. - * See #ike_header_t.get_message_id for description. - */ -static u_int32_t get_message_id(private_ike_header_t *this) -{ - return this->message_id; -} - -/** - * Implementation of ike_header_t.set_message_id. - */ -static void set_message_id(private_ike_header_t *this, u_int32_t message_id) -{ - this->message_id = message_id; -} - -/** - * Implementation of ike_header_t.destroy and payload_t.destroy. - */ -static void destroy(ike_header_t *this) -{ - free(this); -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = ike_header_encodings; - *rule_count = sizeof(ike_header_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(payload_t *this) -{ - return HEADER; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(payload_t *this) -{ - return (((private_ike_header_t*)this)->next_payload); -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(payload_t *this) -{ - return (((private_ike_header_t*)this)->length); -} - -/* - * Described in header. - */ -ike_header_t *ike_header_create() -{ - private_ike_header_t *this = malloc_thing(private_ike_header_t); - - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = get_encoding_rules; - this->public.payload_interface.get_length = get_length; - this->public.payload_interface.get_next_type = get_next_type; - this->public.payload_interface.set_next_type = set_next_type; - this->public.payload_interface.get_type = get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - this->public.destroy = destroy; - - this->public.get_initiator_spi = (u_int64_t (*) (ike_header_t*))get_initiator_spi; - this->public.set_initiator_spi = (void (*) (ike_header_t*,u_int64_t))set_initiator_spi; - this->public.get_responder_spi = (u_int64_t (*) (ike_header_t*))get_responder_spi; - this->public.set_responder_spi = (void (*) (ike_header_t *,u_int64_t))set_responder_spi; - this->public.get_maj_version = (u_int8_t (*) (ike_header_t*))get_maj_version; - this->public.get_min_version = (u_int8_t (*) (ike_header_t*))get_min_version; - this->public.get_response_flag = (bool (*) (ike_header_t*))get_response_flag; - this->public.set_response_flag = (void (*) (ike_header_t*,bool))set_response_flag; - this->public.get_version_flag = (bool (*) (ike_header_t*))get_version_flag; - this->public.get_initiator_flag = (bool (*) (ike_header_t*))get_initiator_flag; - this->public.set_initiator_flag = (void (*) (ike_header_t*,bool))set_initiator_flag; - this->public.get_exchange_type = (u_int8_t (*) (ike_header_t*))get_exchange_type; - this->public.set_exchange_type = (void (*) (ike_header_t*,u_int8_t))set_exchange_type; - this->public.get_message_id = (u_int32_t (*) (ike_header_t*))get_message_id; - this->public.set_message_id = (void (*) (ike_header_t*,u_int32_t))set_message_id; - - /* set default values of the fields */ - this->initiator_spi = 0; - this->responder_spi = 0; - this->next_payload = 0; - this->maj_version = IKE_MAJOR_VERSION; - this->min_version = IKE_MINOR_VERSION; - this->exchange_type = EXCHANGE_TYPE_UNDEFINED; - this->flags.initiator = TRUE; - this->flags.version = HIGHER_VERSION_SUPPORTED_FLAG; - this->flags.response = FALSE; - this->message_id = 0; - this->length = IKE_HEADER_LENGTH; - - return (ike_header_t*)this; -} diff --git a/src/charon/encoding/payloads/ike_header.h b/src/charon/encoding/payloads/ike_header.h deleted file mode 100644 index e63e8bf06..000000000 --- a/src/charon/encoding/payloads/ike_header.h +++ /dev/null @@ -1,227 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ike_header ike_header - * @{ @ingroup payloads - */ - -#ifndef IKE_HEADER_H_ -#define IKE_HEADER_H_ - -typedef enum exchange_type_t exchange_type_t; -typedef struct ike_header_t ike_header_t; - -#include <library.h> -#include <encoding/payloads/payload.h> - -/** - * Major Version of IKEv2. - */ -#define IKE_MAJOR_VERSION 2 - -/** - * Minor Version of IKEv2. - */ -#define IKE_MINOR_VERSION 0 - -/** - * Flag in IKEv2-Header. Always 0. - */ -#define HIGHER_VERSION_SUPPORTED_FLAG 0 - -/** - * Length of IKE Header in Bytes. - */ -#define IKE_HEADER_LENGTH 28 - -/** - * Different types of IKE-Exchanges. - * - * See RFC for different types. - */ -enum exchange_type_t{ - - /** - * EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type. - */ - EXCHANGE_TYPE_UNDEFINED = 255, - - /** - * IKE_SA_INIT. - */ - IKE_SA_INIT = 34, - - /** - * IKE_AUTH. - */ - IKE_AUTH = 35, - - /** - * CREATE_CHILD_SA. - */ - CREATE_CHILD_SA = 36, - - /** - * INFORMATIONAL. - */ - INFORMATIONAL = 37, -#ifdef ME - /** - * ME_CONNECT - */ - ME_CONNECT = 240 -#endif /* ME */ -}; - -/** - * enum name for exchange_type_t - */ -extern enum_name_t *exchange_type_names; - -/** - * An object of this type represents an IKEv2 header and is used to - * generate and parse IKEv2 headers. - * - * The header format of an IKEv2-Message is compatible to the - * ISAKMP-Header format to allow implementations supporting - * both versions of the IKE-protocol. - */ -struct ike_header_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the initiator spi. - * - * @return initiator_spi - */ - u_int64_t (*get_initiator_spi) (ike_header_t *this); - - /** - * Set the initiator spi. - * - * @param initiator_spi initiator_spi - */ - void (*set_initiator_spi) (ike_header_t *this, u_int64_t initiator_spi); - - /** - * Get the responder spi. - * - * @return responder_spi - */ - u_int64_t (*get_responder_spi) (ike_header_t *this); - - /** - * Set the responder spi. - * - * @param responder_spi responder_spi - */ - void (*set_responder_spi) (ike_header_t *this, u_int64_t responder_spi); - - /** - * Get the major version. - * - * @return major version - */ - u_int8_t (*get_maj_version) (ike_header_t *this); - - /** - * Get the minor version. - * - * @return minor version - */ - u_int8_t (*get_min_version) (ike_header_t *this); - - /** - * Get the response flag. - * - * @return response flag - */ - bool (*get_response_flag) (ike_header_t *this); - - /** - * Set the response flag- - * - * @param response response flag - */ - void (*set_response_flag) (ike_header_t *this, bool response); - /** - * Get "higher version supported"-flag. - * - * @return version flag - */ - bool (*get_version_flag) (ike_header_t *this); - - /** - * Get the initiator flag. - * - * @return initiator flag - */ - bool (*get_initiator_flag) (ike_header_t *this); - - /** - * Set the initiator flag. - * - * @param initiator initiator flag - */ - void (*set_initiator_flag) (ike_header_t *this, bool initiator); - - /** - * Get the exchange type. - * - * @return exchange type - */ - u_int8_t (*get_exchange_type) (ike_header_t *this); - - /** - * Set the exchange type. - * - * @param exchange_type exchange type - */ - void (*set_exchange_type) (ike_header_t *this, u_int8_t exchange_type); - - /** - * Get the message id. - * - * @return message id - */ - u_int32_t (*get_message_id) (ike_header_t *this); - - /** - * Set the message id. - * - * @param initiator_spi message id - */ - void (*set_message_id) (ike_header_t *this, u_int32_t message_id); - - /** - * Destroys a ike_header_t object. - */ - void (*destroy) (ike_header_t *this); -}; - -/** - * Create an ike_header_t object - * - * @return ike_header_t object - */ -ike_header_t *ike_header_create(void); - -#endif /** IKE_HEADER_H_ @}*/ diff --git a/src/charon/encoding/payloads/ke_payload.c b/src/charon/encoding/payloads/ke_payload.c deleted file mode 100644 index 1bc79f084..000000000 --- a/src/charon/encoding/payloads/ke_payload.c +++ /dev/null @@ -1,270 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "ke_payload.h" - -#include <encoding/payloads/encodings.h> - - -typedef struct private_ke_payload_t private_ke_payload_t; - -/** - * Private data of an ke_payload_t object. - * - */ -struct private_ke_payload_t { - /** - * Public ke_payload_t interface. - */ - ke_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * DH Group Number. - */ - u_int16_t dh_group_number; - - /** - * Key Exchange Data of this KE payload. - */ - chunk_t key_exchange_data; -}; - -/** - * Encoding rules to parse or generate a IKEv2-KE Payload. - * - * The defined offsets are the positions in a object of type - * private_ke_payload_t. - * - */ -encoding_rule_t ke_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_ke_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_ke_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_ke_payload_t, payload_length) }, - /* DH Group number as 16 bit field*/ - { U_INT_16, offsetof(private_ke_payload_t, dh_group_number) }, - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - /* Key Exchange Data is from variable size */ - { KEY_EXCHANGE_DATA, offsetof(private_ke_payload_t, key_exchange_data)} -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! DH Group # ! RESERVED ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Key Exchange Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_ke_payload_t *this) -{ - /* dh group is not verified in here */ - return SUCCESS; -} - -/** - * Implementation of payload_t.destroy. - */ -static void destroy(private_ke_payload_t *this) -{ - if (this->key_exchange_data.ptr != NULL) - { - free(this->key_exchange_data.ptr); - } - free(this); -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_ke_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = ke_payload_encodings; - *rule_count = sizeof(ke_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_ke_payload_t *this) -{ - return KEY_EXCHANGE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_ke_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_ke_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute the length of the payload. - */ -static void compute_length(private_ke_payload_t *this) -{ - size_t length = KE_PAYLOAD_HEADER_LENGTH; - if (this->key_exchange_data.ptr != NULL) - { - length += this->key_exchange_data.len; - } - this->payload_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_ke_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of ke_payload_t.get_key_exchange_data. - */ -static chunk_t get_key_exchange_data(private_ke_payload_t *this) -{ - return (this->key_exchange_data); -} - -/** - * Implementation of ke_payload_t.set_key_exchange_data. - */ -static void set_key_exchange_data(private_ke_payload_t *this, chunk_t key_exchange_data) -{ - /* destroy existing data first */ - if (this->key_exchange_data.ptr != NULL) - { - /* free existing value */ - free(this->key_exchange_data.ptr); - this->key_exchange_data.ptr = NULL; - this->key_exchange_data.len = 0; - - } - - this->key_exchange_data = chunk_clone(key_exchange_data); - compute_length(this); -} - -/** - * Implementation of ke_payload_t.get_dh_group_number. - */ -static diffie_hellman_group_t get_dh_group_number(private_ke_payload_t *this) -{ - return this->dh_group_number; -} - -/** - * Implementation of ke_payload_t.set_dh_group_number. - */ -static void set_dh_group_number(private_ke_payload_t *this, diffie_hellman_group_t dh_group_number) -{ - this->dh_group_number = dh_group_number; -} - -/* - * Described in header - */ -ke_payload_t *ke_payload_create() -{ - private_ke_payload_t *this = malloc_thing(private_ke_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.get_key_exchange_data = (chunk_t (*) (ke_payload_t *)) get_key_exchange_data; - this->public.set_key_exchange_data = (void (*) (ke_payload_t *,chunk_t)) set_key_exchange_data; - this->public.get_dh_group_number = (diffie_hellman_group_t (*) (ke_payload_t *)) get_dh_group_number; - this->public.set_dh_group_number =(void (*) (ke_payload_t *,diffie_hellman_group_t)) set_dh_group_number; - this->public.destroy = (void (*) (ke_payload_t *)) destroy; - - /* set default values of the fields */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = KE_PAYLOAD_HEADER_LENGTH; - this->key_exchange_data = chunk_empty; - this->dh_group_number = MODP_NONE; - - return &this->public; -} - -/* - * Described in header - */ -ke_payload_t *ke_payload_create_from_diffie_hellman(diffie_hellman_t *dh) -{ - private_ke_payload_t *this = (private_ke_payload_t*)ke_payload_create(); - - dh->get_my_public_value(dh, &this->key_exchange_data); - this->dh_group_number = dh->get_dh_group(dh); - compute_length(this); - - return &this->public; -} diff --git a/src/charon/encoding/payloads/ke_payload.h b/src/charon/encoding/payloads/ke_payload.h deleted file mode 100644 index 3ca05009e..000000000 --- a/src/charon/encoding/payloads/ke_payload.h +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ke_payload ke_payload - * @{ @ingroup payloads - */ - -#ifndef KE_PAYLOAD_H_ -#define KE_PAYLOAD_H_ - -typedef struct ke_payload_t ke_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/transform_substructure.h> -#include <utils/linked_list.h> -#include <crypto/diffie_hellman.h> - -/** - * KE payload length in bytes without any key exchange data. - */ -#define KE_PAYLOAD_HEADER_LENGTH 8 - -/** - * Class representing an IKEv2-KE Payload. - * - * The KE Payload format is described in RFC section 3.4. - */ -struct ke_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Returns the currently set key exchange data of this KE payload. - * - * @warning Returned data are not copied. - * - * @return chunk_t pointing to the value - */ - chunk_t (*get_key_exchange_data) (ke_payload_t *this); - - /** - * Sets the key exchange data of this KE payload. - * - * Value is getting copied. - * - * @param key_exchange_data chunk_t pointing to the value to set - */ - void (*set_key_exchange_data) (ke_payload_t *this, chunk_t key_exchange_data); - - /** - * Gets the Diffie-Hellman Group Number of this KE payload. - * - * @return DH Group Number of this payload - */ - diffie_hellman_group_t (*get_dh_group_number) (ke_payload_t *this); - - /** - * Sets the Diffie-Hellman Group Number of this KE payload. - * - * @param dh_group_number DH Group to set - */ - void (*set_dh_group_number) (ke_payload_t *this, - diffie_hellman_group_t dh_group_number); - - /** - * Destroys an ke_payload_t object. - */ - void (*destroy) (ke_payload_t *this); -}; - -/** - * Creates an empty ke_payload_t object - * - * @return ke_payload_t object - */ -ke_payload_t *ke_payload_create(void); - -/** - * Creates a ke_payload_t from a diffie_hellman_t - * - * @param diffie_hellman diffie hellman object containing group and key - * @return ke_payload_t object - */ -ke_payload_t *ke_payload_create_from_diffie_hellman( - diffie_hellman_t *diffie_hellman); - -#endif /** KE_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/nonce_payload.c b/src/charon/encoding/payloads/nonce_payload.c deleted file mode 100644 index 4ad5ce9dd..000000000 --- a/src/charon/encoding/payloads/nonce_payload.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/* offsetof macro */ -#include <stddef.h> - -#include "nonce_payload.h" - -#include <encoding/payloads/encodings.h> - - -typedef struct private_nonce_payload_t private_nonce_payload_t; - -/** - * Private data of an nonce_payload_t object. - * - */ -struct private_nonce_payload_t { - /** - * Public nonce_payload_t interface. - */ - nonce_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * The contained nonce value. - */ - chunk_t nonce; -}; - -/** - * Encoding rules to parse or generate a nonce payload - * - * The defined offsets are the positions in a object of type - * private_nonce_payload_t. - * - */ -encoding_rule_t nonce_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_nonce_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_nonce_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole nonce payload*/ - { PAYLOAD_LENGTH, offsetof(private_nonce_payload_t, payload_length) }, - /* some nonce bytes, lenth is defined in PAYLOAD_LENGTH */ - { NONCE_DATA, offsetof(private_nonce_payload_t, nonce) } -}; - -/* 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Nonce Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_nonce_payload_t *this) -{ - if ((this->nonce.len < 16) || ((this->nonce.len > 256))) - { - /* nonce length is wrong */ - return FAILED; - } - - return SUCCESS; -} - -/** - * Implementation of nonce_payload_t.set_nonce. - */ -static status_t set_nonce(private_nonce_payload_t *this, chunk_t nonce) -{ - this->nonce.ptr = clalloc(nonce.ptr, nonce.len); - this->nonce.len = nonce.len; - this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + nonce.len; - return SUCCESS; -} - -/** - * Implementation of nonce_payload_t.get_nonce. - */ -static chunk_t get_nonce(private_nonce_payload_t *this) -{ - chunk_t nonce; - nonce.ptr = clalloc(this->nonce.ptr,this->nonce.len); - nonce.len = this->nonce.len; - return nonce; -} - -/** - * Implementation of nonce_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_nonce_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = nonce_payload_encodings; - *rule_count = sizeof(nonce_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_nonce_payload_t *this) -{ - return NONCE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_nonce_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_nonce_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute the length of the payload. - */ -static void compute_length(private_nonce_payload_t *this) -{ - this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + this->nonce.len; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_nonce_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of payload_t.destroy and nonce_payload_t.destroy. - */ -static void destroy(private_nonce_payload_t *this) -{ - if (this->nonce.ptr != NULL) - { - free(this->nonce.ptr); - } - - free(this); -} - -/* - * Described in header - */ -nonce_payload_t *nonce_payload_create() -{ - private_nonce_payload_t *this = malloc_thing(private_nonce_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (nonce_payload_t *)) destroy; - this->public.set_nonce = (void (*) (nonce_payload_t *,chunk_t)) set_nonce; - this->public.get_nonce = (chunk_t (*) (nonce_payload_t *)) get_nonce; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH; - this->nonce.ptr = NULL; - this->nonce.len = 0; - - return (&(this->public)); -} - - diff --git a/src/charon/encoding/payloads/nonce_payload.h b/src/charon/encoding/payloads/nonce_payload.h deleted file mode 100644 index e9212202e..000000000 --- a/src/charon/encoding/payloads/nonce_payload.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup nonce_payload nonce_payload - * @{ @ingroup payloads - */ - -#ifndef NONCE_PAYLOAD_H_ -#define NONCE_PAYLOAD_H_ - -typedef struct nonce_payload_t nonce_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> - -/** - * Nonce size in bytes for nonces sending to other peer. - */ -#define NONCE_SIZE 32 - -/** - * Length of a nonce payload without a nonce in bytes. - */ -#define NONCE_PAYLOAD_HEADER_LENGTH 4 - -/** - * Object representing an IKEv2 Nonce payload. - * - * The Nonce payload format is described in RFC section 3.3. - */ -struct nonce_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Set the nonce value. - * - * @param nonce chunk containing the nonce, will be cloned - */ - void (*set_nonce) (nonce_payload_t *this, chunk_t nonce); - - /** - * Get the nonce value. - * - * @return a chunk containing the cloned nonce - */ - chunk_t (*get_nonce) (nonce_payload_t *this); - - /** - * Destroys an nonce_payload_t object. - */ - void (*destroy) (nonce_payload_t *this); -}; - -/** - * Creates an empty nonce_payload_t object - * - * @return nonce_payload_t object - */ -nonce_payload_t *nonce_payload_create(void); - -#endif /** NONCE_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/notify_payload.c b/src/charon/encoding/payloads/notify_payload.c deleted file mode 100644 index 469698ef5..000000000 --- a/src/charon/encoding/payloads/notify_payload.c +++ /dev/null @@ -1,617 +0,0 @@ -/* - * Copyright (C) 2006-2008 Tobias Brunner - * Copyright (C) 2006 Daniel Roethlisberger - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "notify_payload.h" - -#include <daemon.h> -#include <encoding/payloads/encodings.h> -#include <crypto/hashers/hasher.h> - -ENUM_BEGIN(notify_type_names, UNSUPPORTED_CRITICAL_PAYLOAD, UNSUPPORTED_CRITICAL_PAYLOAD, - "UNSUPPORTED_CRITICAL_PAYLOAD"); -ENUM_NEXT(notify_type_names, INVALID_IKE_SPI, INVALID_MAJOR_VERSION, UNSUPPORTED_CRITICAL_PAYLOAD, - "INVALID_IKE_SPI", - "INVALID_MAJOR_VERSION"); -ENUM_NEXT(notify_type_names, INVALID_SYNTAX, INVALID_SYNTAX, INVALID_MAJOR_VERSION, - "INVALID_SYNTAX"); -ENUM_NEXT(notify_type_names, INVALID_MESSAGE_ID, INVALID_MESSAGE_ID, INVALID_SYNTAX, - "INVALID_MESSAGE_ID"); -ENUM_NEXT(notify_type_names, INVALID_SPI, INVALID_SPI, INVALID_MESSAGE_ID, - "INVALID_SPI"); -ENUM_NEXT(notify_type_names, NO_PROPOSAL_CHOSEN, NO_PROPOSAL_CHOSEN, INVALID_SPI, - "NO_PROPOSAL_CHOSEN"); -ENUM_NEXT(notify_type_names, INVALID_KE_PAYLOAD, INVALID_KE_PAYLOAD, NO_PROPOSAL_CHOSEN, - "INVALID_KE_PAYLOAD"); -ENUM_NEXT(notify_type_names, AUTHENTICATION_FAILED, AUTHENTICATION_FAILED, INVALID_KE_PAYLOAD, - "AUTHENTICATION_FAILED"); -ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, USE_ASSIGNED_HoA, AUTHENTICATION_FAILED, - "SINGLE_PAIR_REQUIRED", - "NO_ADDITIONAL_SAS", - "INTERNAL_ADDRESS_FAILURE", - "FAILED_CP_REQUIRED", - "TS_UNACCEPTABLE", - "INVALID_SELECTORS", - "UNACCEPTABLE_ADDRESSES", - "UNEXPECTED_NAT_DETECTED", - "USE_ASSIGNED_HoA"); -ENUM_NEXT(notify_type_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, USE_ASSIGNED_HoA, - "ME_CONNECT_FAILED"); -ENUM_NEXT(notify_type_names, INITIAL_CONTACT, LINK_ID, ME_CONNECT_FAILED, - "INITIAL_CONTACT", - "SET_WINDOW_SIZE", - "ADDITIONAL_TS_POSSIBLE", - "IPCOMP_SUPPORTED", - "NAT_DETECTION_SOURCE_IP", - "NAT_DETECTION_DESTINATION_IP", - "COOKIE", - "USE_TRANSPORT_MODE", - "HTTP_CERT_LOOKUP_SUPPORTED", - "REKEY_SA", - "ESP_TFC_PADDING_NOT_SUPPORTED", - "NON_FIRST_FRAGMENTS_ALSO", - "MOBIKE_SUPPORTED", - "ADDITIONAL_IP4_ADDRESS", - "ADDITIONAL_IP6_ADDRESS", - "NO_ADDITIONAL_ADDRESSES", - "UPDATE_SA_ADDRESSES", - "COOKIE2", - "NO_NATS_ALLOWED", - "AUTH_LIFETIME", - "MULTIPLE_AUTH_SUPPORTED", - "ANOTHER_AUTH_FOLLOWS", - "REDIRECT_SUPPORTED", - "REDIRECT", - "REDIRECTED_FROM", - "TICKET_LT_OPAQUE", - "TICKET_REQUEST", - "TICKET_ACK", - "TICKET_NACK", - "TICKET_OPAQUE", - "LINK_ID"); -ENUM_NEXT(notify_type_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, LINK_ID, - "EAP_ONLY_AUTHENTICATION"); -ENUM_NEXT(notify_type_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, - "USE_BEET_MODE"); -ENUM_NEXT(notify_type_names, ME_MEDIATION, ME_RESPONSE, USE_BEET_MODE, - "ME_MEDIATION", - "ME_ENDPOINT", - "ME_CALLBACK", - "ME_CONNECTID", - "ME_CONNECTKEY", - "ME_CONNECTAUTH", - "ME_RESPONSE"); -ENUM_END(notify_type_names, ME_RESPONSE); - - -ENUM_BEGIN(notify_type_short_names, UNSUPPORTED_CRITICAL_PAYLOAD, UNSUPPORTED_CRITICAL_PAYLOAD, - "CRIT"); -ENUM_NEXT(notify_type_short_names, INVALID_IKE_SPI, INVALID_MAJOR_VERSION, UNSUPPORTED_CRITICAL_PAYLOAD, - "INVAL_IKE_SPI", - "INVAL_MAJOR"); -ENUM_NEXT(notify_type_short_names, INVALID_SYNTAX, INVALID_SYNTAX, INVALID_MAJOR_VERSION, - "INVAL_SYN"); -ENUM_NEXT(notify_type_short_names, INVALID_MESSAGE_ID, INVALID_MESSAGE_ID, INVALID_SYNTAX, - "INVAL_MID"); -ENUM_NEXT(notify_type_short_names, INVALID_SPI, INVALID_SPI, INVALID_MESSAGE_ID, - "INVAL_SPI"); -ENUM_NEXT(notify_type_short_names, NO_PROPOSAL_CHOSEN, NO_PROPOSAL_CHOSEN, INVALID_SPI, - "NO_PROP"); -ENUM_NEXT(notify_type_short_names, INVALID_KE_PAYLOAD, INVALID_KE_PAYLOAD, NO_PROPOSAL_CHOSEN, - "INVAL_KE"); -ENUM_NEXT(notify_type_short_names, AUTHENTICATION_FAILED, AUTHENTICATION_FAILED, INVALID_KE_PAYLOAD, - "AUTH_FAILED"); -ENUM_NEXT(notify_type_short_names, SINGLE_PAIR_REQUIRED, USE_ASSIGNED_HoA, AUTHENTICATION_FAILED, - "SINGLE_PAIR", - "NO_ADD_SAS", - "INT_ADDR_FAIL", - "FAIL_CP_REQ", - "TS_UNACCEPT", - "INVAL_SEL", - "UNACCEPT_ADDR", - "UNEXPECT_NAT", - "ASSIGNED_HoA"); -ENUM_NEXT(notify_type_short_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, USE_ASSIGNED_HoA, - "ME_CONN_FAIL"); -ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, LINK_ID, ME_CONNECT_FAILED, - "INIT_CONTACT", - "SET_WINSIZE", - "ADD_TS_POSS", - "IPCOMP_SUPP", - "NATD_S_IP", - "NATD_D_IP", - "COOKIE", - "USE_TRANSP", - "HTTP_CERT_LOOK", - "REKEY_SA", - "ESP_TFC_PAD_N", - "NON_FIRST_FRAG", - "MOBIKE_SUP", - "ADD_4_ADDR", - "ADD_6_ADDR", - "NO_ADD_ADDR", - "UPD_SA_ADDR", - "COOKIE2", - "NO_NATS", - "AUTH_LFT", - "MULT_AUTH", - "AUTH_FOLLOWS", - "REDIR_SUP", - "REDIR", - "REDIR_FROM", - "TKT_LT_OPAK", - "TKT_REQ", - "TKT_ACK", - "TKT_NACK", - "TKT_OPAK", - "LINK_ID"); -ENUM_NEXT(notify_type_short_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, LINK_ID, - "EAP_ONLY"); -ENUM_NEXT(notify_type_short_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, - "BEET_MODE"); -ENUM_NEXT(notify_type_short_names, ME_MEDIATION, ME_RESPONSE, USE_BEET_MODE, - "ME_MED", - "ME_EP", - "ME_CB", - "ME_CID", - "ME_CKEY", - "ME_CAUTH", - "ME_R"); -ENUM_END(notify_type_short_names, ME_RESPONSE); - - -typedef struct private_notify_payload_t private_notify_payload_t; - -/** - * Private data of an notify_payload_t object. - * - */ -struct private_notify_payload_t { - /** - * Public notify_payload_t interface. - */ - notify_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Protocol id. - */ - u_int8_t protocol_id; - - /** - * Spi size. - */ - u_int8_t spi_size; - - /** - * Notify message type. - */ - u_int16_t notify_type; - - /** - * Security parameter index (spi). - */ - chunk_t spi; - - /** - * Notification data. - */ - chunk_t notification_data; -}; - -/** - * Encoding rules to parse or generate a IKEv2-Notify Payload. - * - * The defined offsets are the positions in a object of type - * private_notify_payload_t. - * - */ -encoding_rule_t notify_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_notify_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_notify_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_notify_payload_t, payload_length) }, - /* Protocol ID as 8 bit field*/ - { U_INT_8, offsetof(private_notify_payload_t, protocol_id) }, - /* SPI Size as 8 bit field*/ - { SPI_SIZE, offsetof(private_notify_payload_t, spi_size) }, - /* Notify message type as 16 bit field*/ - { U_INT_16, offsetof(private_notify_payload_t, notify_type) }, - /* SPI as variable length field*/ - { SPI, offsetof(private_notify_payload_t, spi) }, - /* Key Exchange Data is from variable size */ - { NOTIFICATION_DATA, offsetof(private_notify_payload_t, notification_data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Protocol ID ! SPI Size ! Notify Message Type ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Security Parameter Index (SPI) ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Notification Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_notify_payload_t *this) -{ - bool bad_length = FALSE; - - switch (this->protocol_id) - { - case PROTO_NONE: - case PROTO_IKE: - case PROTO_AH: - case PROTO_ESP: - break; - default: - DBG1(DBG_ENC, "Unknown protocol (%d)", this->protocol_id); - return FAILED; - } - - switch (this->notify_type) - { - case INVALID_KE_PAYLOAD: - { - if (this->notification_data.len != 2) - { - bad_length = TRUE; - } - break; - } - case NAT_DETECTION_SOURCE_IP: - case NAT_DETECTION_DESTINATION_IP: - case ME_CONNECTAUTH: - { - if (this->notification_data.len != HASH_SIZE_SHA1) - { - bad_length = TRUE; - } - break; - } - case INVALID_SYNTAX: - case INVALID_MAJOR_VERSION: - case NO_PROPOSAL_CHOSEN: - { - if (this->notification_data.len != 0) - { - bad_length = TRUE; - } - break; - } - case ADDITIONAL_IP4_ADDRESS: - { - if (this->notification_data.len != 4) - { - bad_length = TRUE; - } - break; - } - case ADDITIONAL_IP6_ADDRESS: - { - if (this->notification_data.len != 16) - { - bad_length = TRUE; - } - break; - } - case AUTH_LIFETIME: - { - if (this->notification_data.len != 4) - { - bad_length = TRUE; - } - break; - } - case IPCOMP_SUPPORTED: - { - if (this->notification_data.len != 3) - { - bad_length = TRUE; - } - break; - } - case ME_ENDPOINT: - if (this->notification_data.len != 8 && - this->notification_data.len != 12 && - this->notification_data.len != 24) - { - bad_length = TRUE; - } - break; - case ME_CONNECTID: - if (this->notification_data.len < 4 || - this->notification_data.len > 16) - { - bad_length = TRUE; - } - break; - case ME_CONNECTKEY: - if (this->notification_data.len < 16 || - this->notification_data.len > 32) - { - bad_length = TRUE; - } - break; - default: - /* TODO: verify */ - break; - } - if (bad_length) - { - DBG1(DBG_ENC, "invalid notify data length for %N (%d)", - notify_type_names, this->notify_type, - this->notification_data.len); - return FAILED; - } - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_notify_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = notify_payload_encodings; - *rule_count = sizeof(notify_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_notify_payload_t *this) -{ - return NOTIFY; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_notify_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_notify_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute the payloads length. - */ -static void compute_length (private_notify_payload_t *this) -{ - size_t length = NOTIFY_PAYLOAD_HEADER_LENGTH; - if (this->notification_data.ptr != NULL) - { - length += this->notification_data.len; - } - if (this->spi.ptr != NULL) - { - length += this->spi.len; - } - this->payload_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_notify_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of notify_payload_t.get_protocol_id. - */ -static u_int8_t get_protocol_id(private_notify_payload_t *this) -{ - return this->protocol_id; -} - -/** - * Implementation of notify_payload_t.set_protocol_id. - */ -static void set_protocol_id(private_notify_payload_t *this, u_int8_t protocol_id) -{ - this->protocol_id = protocol_id; -} - -/** - * Implementation of notify_payload_t.get_notify_type. - */ -static notify_type_t get_notify_type(private_notify_payload_t *this) -{ - return this->notify_type; -} - -/** - * Implementation of notify_payload_t.set_notify_type. - */ -static void set_notify_type(private_notify_payload_t *this, u_int16_t notify_type) -{ - this->notify_type = notify_type; -} - -/** - * Implementation of notify_payload_t.get_spi. - */ -static u_int32_t get_spi(private_notify_payload_t *this) -{ - switch (this->protocol_id) - { - case PROTO_AH: - case PROTO_ESP: - if (this->spi.len == 4) - { - return *((u_int32_t*)this->spi.ptr); - } - default: - break; - } - return 0; -} - -/** - * Implementation of notify_payload_t.set_spi. - */ -static void set_spi(private_notify_payload_t *this, u_int32_t spi) -{ - chunk_free(&this->spi); - switch (this->protocol_id) - { - case PROTO_AH: - case PROTO_ESP: - this->spi = chunk_alloc(4); - *((u_int32_t*)this->spi.ptr) = spi; - break; - default: - break; - } - this->spi_size = this->spi.len; - compute_length(this); -} - -/** - * Implementation of notify_payload_t.get_notification_data. - */ -static chunk_t get_notification_data(private_notify_payload_t *this) -{ - return (this->notification_data); -} - -/** - * Implementation of notify_payload_t.set_notification_data. - */ -static status_t set_notification_data(private_notify_payload_t *this, chunk_t notification_data) -{ - chunk_free(&this->notification_data); - if (notification_data.len > 0) - { - this->notification_data = chunk_clone(notification_data); - } - compute_length(this); - return SUCCESS; -} - -/** - * Implementation of notify_payload_t.destroy and notify_payload_t.destroy. - */ -static status_t destroy(private_notify_payload_t *this) -{ - chunk_free(&this->notification_data); - chunk_free(&this->spi); - free(this); - return SUCCESS; -} - -/* - * Described in header - */ -notify_payload_t *notify_payload_create() -{ - private_notify_payload_t *this = malloc_thing(private_notify_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.get_protocol_id = (u_int8_t (*) (notify_payload_t *)) get_protocol_id; - this->public.set_protocol_id = (void (*) (notify_payload_t *,u_int8_t)) set_protocol_id; - this->public.get_notify_type = (notify_type_t (*) (notify_payload_t *)) get_notify_type; - this->public.set_notify_type = (void (*) (notify_payload_t *,notify_type_t)) set_notify_type; - this->public.get_spi = (u_int32_t (*) (notify_payload_t *)) get_spi; - this->public.set_spi = (void (*) (notify_payload_t *,u_int32_t)) set_spi; - this->public.get_notification_data = (chunk_t (*) (notify_payload_t *)) get_notification_data; - this->public.set_notification_data = (void (*) (notify_payload_t *,chunk_t)) set_notification_data; - this->public.destroy = (void (*) (notify_payload_t *)) destroy; - - /* set default values of the fields */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = NOTIFY_PAYLOAD_HEADER_LENGTH; - this->protocol_id = 0; - this->notify_type = 0; - this->spi.ptr = NULL; - this->spi.len = 0; - this->spi_size = 0; - this->notification_data.ptr = NULL; - this->notification_data.len = 0; - - return &this->public; -} - -/* - * Described in header. - */ -notify_payload_t *notify_payload_create_from_protocol_and_type(protocol_id_t protocol_id, notify_type_t notify_type) -{ - notify_payload_t *notify = notify_payload_create(); - - notify->set_notify_type(notify,notify_type); - notify->set_protocol_id(notify,protocol_id); - - return notify; -} diff --git a/src/charon/encoding/payloads/notify_payload.h b/src/charon/encoding/payloads/notify_payload.h deleted file mode 100644 index 0e1bc23b8..000000000 --- a/src/charon/encoding/payloads/notify_payload.h +++ /dev/null @@ -1,232 +0,0 @@ -/* - * Copyright (C) 2006-2008 Tobias Brunner - * Copyright (C) 2006 Daniel Roethlisberger - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup notify_payload notify_payload - * @{ @ingroup payloads - */ - -#ifndef NOTIFY_PAYLOAD_H_ -#define NOTIFY_PAYLOAD_H_ - -typedef enum notify_type_t notify_type_t; -typedef struct notify_payload_t notify_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/proposal_substructure.h> -#include <utils/linked_list.h> - -/** - * Notify payload length in bytes without any spi and notification data. - */ -#define NOTIFY_PAYLOAD_HEADER_LENGTH 8 - -/** - * Notify message types. - * - * See IKEv2 RFC 3.10.1. - */ -enum notify_type_t { - /* notify error messages */ - UNSUPPORTED_CRITICAL_PAYLOAD = 1, - INVALID_IKE_SPI = 4, - INVALID_MAJOR_VERSION = 5, - INVALID_SYNTAX = 7, - INVALID_MESSAGE_ID = 9, - INVALID_SPI = 11, - NO_PROPOSAL_CHOSEN = 14, - INVALID_KE_PAYLOAD = 17, - AUTHENTICATION_FAILED = 24, - SINGLE_PAIR_REQUIRED = 34, - NO_ADDITIONAL_SAS = 35, - INTERNAL_ADDRESS_FAILURE = 36, - FAILED_CP_REQUIRED = 37, - TS_UNACCEPTABLE = 38, - INVALID_SELECTORS = 39, - /* mobile extension, RFC 4555 */ - UNACCEPTABLE_ADDRESSES = 40, - UNEXPECTED_NAT_DETECTED = 41, - /* mobile IPv6 bootstrapping, RFC 5026 */ - USE_ASSIGNED_HoA = 42, - - /* IKE-ME, private use */ - ME_CONNECT_FAILED = 8192, - - /* notify status messages */ - INITIAL_CONTACT = 16384, - SET_WINDOW_SIZE = 16385, - ADDITIONAL_TS_POSSIBLE = 16386, - IPCOMP_SUPPORTED = 16387, - NAT_DETECTION_SOURCE_IP = 16388, - NAT_DETECTION_DESTINATION_IP = 16389, - COOKIE = 16390, - USE_TRANSPORT_MODE = 16391, - HTTP_CERT_LOOKUP_SUPPORTED = 16392, - REKEY_SA = 16393, - ESP_TFC_PADDING_NOT_SUPPORTED = 16394, - NON_FIRST_FRAGMENTS_ALSO = 16395, - /* mobike extension, RFC4555 */ - MOBIKE_SUPPORTED = 16396, - ADDITIONAL_IP4_ADDRESS = 16397, - ADDITIONAL_IP6_ADDRESS = 16398, - NO_ADDITIONAL_ADDRESSES = 16399, - UPDATE_SA_ADDRESSES = 16400, - COOKIE2 = 16401, - NO_NATS_ALLOWED = 16402, - /* repeated authentication extension, RFC4478 */ - AUTH_LIFETIME = 16403, - /* multiple authentication exchanges, RFC 4739 */ - MULTIPLE_AUTH_SUPPORTED = 16404, - ANOTHER_AUTH_FOLLOWS = 16405, - /* redirect mechanism, RFC 5685 */ - REDIRECT_SUPPORTED = 16406, - REDIRECT = 16407, - REDIRECTED_FROM = 16408, - /* draft-ietf-ipsecme-ikev2-resumption, assigned by IANA */ - TICKET_LT_OPAQUE = 16409, - TICKET_REQUEST = 16410, - TICKET_ACK = 16411, - TICKET_NACK = 16412, - TICKET_OPAQUE = 16413, - LINK_ID = 16414, - - /* draft-eronen-ipsec-ikev2-eap-auth, not assigned by IANA yet */ - EAP_ONLY_AUTHENTICATION = 40960, - /* BEET mode, not even a draft yet. private use */ - USE_BEET_MODE = 40961, - /* IKE-ME, private use */ - ME_MEDIATION = 40962, - ME_ENDPOINT = 40963, - ME_CALLBACK = 40964, - ME_CONNECTID = 40965, - ME_CONNECTKEY = 40966, - ME_CONNECTAUTH = 40967, - ME_RESPONSE = 40968 -}; - -/** - * enum name for notify_type_t. - */ -extern enum_name_t *notify_type_names; - -/** - * enum name for notify_type_t (shorter strings). - */ -extern enum_name_t *notify_type_short_names; - -/** - * Class representing an IKEv2-Notify Payload. - * - * The Notify Payload format is described in Draft section 3.10. - */ -struct notify_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Gets the protocol id of this payload. - * - * @return protocol id of this payload - */ - u_int8_t (*get_protocol_id) (notify_payload_t *this); - - /** - * Sets the protocol id of this payload. - * - * @param protocol_id protocol id to set - */ - void (*set_protocol_id) (notify_payload_t *this, u_int8_t protocol_id); - - /** - * Gets the notify message type of this payload. - * - * @return notify message type of this payload - */ - notify_type_t (*get_notify_type) (notify_payload_t *this); - - /** - * Sets notify message type of this payload. - * - * @param type notify message type to set - */ - void (*set_notify_type) (notify_payload_t *this, notify_type_t type); - - /** - * Returns the currently set spi of this payload. - * - * This is only valid for notifys with protocol AH|ESP - * - * @return SPI value - */ - u_int32_t (*get_spi) (notify_payload_t *this); - - /** - * Sets the spi of this payload. - * - * This is only valid for notifys with protocol AH|ESP - * - * @param spi SPI value - */ - void (*set_spi) (notify_payload_t *this, u_int32_t spi); - - /** - * Returns the currently set notification data of payload. - * - * Returned data are not copied. - * - * @return chunk_t pointing to the value - */ - chunk_t (*get_notification_data) (notify_payload_t *this); - - /** - * Sets the notification data of this payload. - * - * @warning Value is getting copied. - * - * @param notification_data chunk_t pointing to the value to set - */ - void (*set_notification_data) (notify_payload_t *this, - chunk_t notification_data); - - /** - * Destroys an notify_payload_t object. - */ - void (*destroy) (notify_payload_t *this); -}; - -/** - * Creates an empty notify_payload_t object - * - * @return created notify_payload_t object - */ -notify_payload_t *notify_payload_create(void); - -/** - * Creates an notify_payload_t object of specific type for specific protocol id. - * - * @param protocol_id protocol id (IKE, AH or ESP) - * @param type notify type (see notify_type_t) - * @return notify_payload_t object - */ -notify_payload_t *notify_payload_create_from_protocol_and_type( - protocol_id_t protocol_id, notify_type_t type); - -#endif /** NOTIFY_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/payload.c b/src/charon/encoding/payloads/payload.c deleted file mode 100644 index 1cee6d2aa..000000000 --- a/src/charon/encoding/payloads/payload.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - - -#include "payload.h" - -#include <encoding/payloads/ike_header.h> -#include <encoding/payloads/sa_payload.h> -#include <encoding/payloads/nonce_payload.h> -#include <encoding/payloads/id_payload.h> -#include <encoding/payloads/ke_payload.h> -#include <encoding/payloads/notify_payload.h> -#include <encoding/payloads/auth_payload.h> -#include <encoding/payloads/cert_payload.h> -#include <encoding/payloads/certreq_payload.h> -#include <encoding/payloads/encryption_payload.h> -#include <encoding/payloads/ts_payload.h> -#include <encoding/payloads/delete_payload.h> -#include <encoding/payloads/vendor_id_payload.h> -#include <encoding/payloads/cp_payload.h> -#include <encoding/payloads/configuration_attribute.h> -#include <encoding/payloads/eap_payload.h> -#include <encoding/payloads/unknown_payload.h> - - -ENUM_BEGIN(payload_type_names, NO_PAYLOAD, NO_PAYLOAD, - "NO_PAYLOAD"); -ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, NO_PAYLOAD, - "SECURITY_ASSOCIATION", - "KEY_EXCHANGE", - "ID_INITIATOR", - "ID_RESPONDER", - "CERTIFICATE", - "CERTIFICATE_REQUEST", - "AUTHENTICATION", - "NONCE", - "NOTIFY", - "DELETE", - "VENDOR_ID", - "TRAFFIC_SELECTOR_INITIATOR", - "TRAFFIC_SELECTOR_RESPONDER", - "ENCRYPTED", - "CONFIGURATION", - "EXTENSIBLE_AUTHENTICATION"); -#ifdef ME -ENUM_NEXT(payload_type_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION, - "ID_PEER"); -ENUM_NEXT(payload_type_names, HEADER, UNKNOWN_PAYLOAD, ID_PEER, - "HEADER", - "PROPOSAL_SUBSTRUCTURE", - "TRANSFORM_SUBSTRUCTURE", - "TRANSFORM_ATTRIBUTE", - "TRAFFIC_SELECTOR_SUBSTRUCTURE", - "CONFIGURATION_ATTRIBUTE", - "UNKNOWN_PAYLOAD"); -#else -ENUM_NEXT(payload_type_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, - "HEADER", - "PROPOSAL_SUBSTRUCTURE", - "TRANSFORM_SUBSTRUCTURE", - "TRANSFORM_ATTRIBUTE", - "TRAFFIC_SELECTOR_SUBSTRUCTURE", - "CONFIGURATION_ATTRIBUTE", - "UNKNOWN_PAYLOAD"); -#endif /* ME */ -ENUM_END(payload_type_names, UNKNOWN_PAYLOAD); - -/* short forms of payload names */ -ENUM_BEGIN(payload_type_short_names, NO_PAYLOAD, NO_PAYLOAD, - "--"); -ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, NO_PAYLOAD, - "SA", - "KE", - "IDi", - "IDr", - "CERT", - "CERTREQ", - "AUTH", - "No", - "N", - "D", - "V", - "TSi", - "TSr", - "E", - "CP", - "EAP"); -#ifdef ME -ENUM_NEXT(payload_type_short_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION, - "IDp"); -ENUM_NEXT(payload_type_short_names, HEADER, UNKNOWN_PAYLOAD, ID_PEER, - "HDR", - "PROP", - "TRANS", - "TRANSATTR", - "TSSUB", - "CPATTR", - "??"); -#else -ENUM_NEXT(payload_type_short_names, HEADER, UNKNOWN_PAYLOAD, EXTENSIBLE_AUTHENTICATION, - "HDR", - "PROP", - "TRANS", - "TRANSATTR", - "TSSUB", - "CPATTR", - "??"); -#endif /* ME */ -ENUM_END(payload_type_short_names, UNKNOWN_PAYLOAD); - -/* - * see header - */ -payload_t *payload_create(payload_type_t type) -{ - switch (type) - { - case HEADER: - return (payload_t*)ike_header_create(); - case SECURITY_ASSOCIATION: - return (payload_t*)sa_payload_create(); - case PROPOSAL_SUBSTRUCTURE: - return (payload_t*)proposal_substructure_create(); - case TRANSFORM_SUBSTRUCTURE: - return (payload_t*)transform_substructure_create(); - case TRANSFORM_ATTRIBUTE: - return (payload_t*)transform_attribute_create(); - case NONCE: - return (payload_t*)nonce_payload_create(); - case ID_INITIATOR: - return (payload_t*)id_payload_create(ID_INITIATOR); - case ID_RESPONDER: - return (payload_t*)id_payload_create(ID_RESPONDER); -#ifdef ME - case ID_PEER: - return (payload_t*)id_payload_create(ID_PEER); -#endif /* ME */ - case AUTHENTICATION: - return (payload_t*)auth_payload_create(); - case CERTIFICATE: - return (payload_t*)cert_payload_create(); - case CERTIFICATE_REQUEST: - return (payload_t*)certreq_payload_create(); - case TRAFFIC_SELECTOR_SUBSTRUCTURE: - return (payload_t*)traffic_selector_substructure_create(); - case TRAFFIC_SELECTOR_INITIATOR: - return (payload_t*)ts_payload_create(TRUE); - case TRAFFIC_SELECTOR_RESPONDER: - return (payload_t*)ts_payload_create(FALSE); - case KEY_EXCHANGE: - return (payload_t*)ke_payload_create(); - case NOTIFY: - return (payload_t*)notify_payload_create(); - case DELETE: - return (payload_t*)delete_payload_create(0); - case VENDOR_ID: - return (payload_t*)vendor_id_payload_create(); - case CONFIGURATION: - return (payload_t*)cp_payload_create(); - case CONFIGURATION_ATTRIBUTE: - return (payload_t*)configuration_attribute_create(); - case EXTENSIBLE_AUTHENTICATION: - return (payload_t*)eap_payload_create(); - case ENCRYPTED: - return (payload_t*)encryption_payload_create(); - default: - return (payload_t*)unknown_payload_create(); - } -} - diff --git a/src/charon/encoding/payloads/payload.h b/src/charon/encoding/payloads/payload.h deleted file mode 100644 index 2e783cb30..000000000 --- a/src/charon/encoding/payloads/payload.h +++ /dev/null @@ -1,272 +0,0 @@ -/* - * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup payload payload - * @{ @ingroup payloads - */ - -#ifndef PAYLOAD_H_ -#define PAYLOAD_H_ - -typedef enum payload_type_t payload_type_t; -typedef struct payload_t payload_t; - -#include <library.h> -#include <encoding/payloads/encodings.h> - - -/** - * Payload-Types of a IKEv2-Message. - * - * Header and substructures are also defined as - * payload types with values from PRIVATE USE space. - */ -enum payload_type_t{ - - /** - * End of payload list in next_payload - */ - NO_PAYLOAD = 0, - - /** - * The security association (SA) payload containing proposals. - */ - SECURITY_ASSOCIATION = 33, - - /** - * The key exchange (KE) payload containing diffie-hellman values. - */ - KEY_EXCHANGE = 34, - - /** - * Identification for the original initiator (IDi). - */ - ID_INITIATOR = 35, - - /** - * Identification for the original responder (IDr). - */ - ID_RESPONDER = 36, - - /** - * Certificate payload with certificates (CERT). - */ - CERTIFICATE = 37, - - /** - * Certificate request payload (CERTREQ). - */ - CERTIFICATE_REQUEST = 38, - - /** - * Authentication payload contains auth data (AUTH). - */ - AUTHENTICATION = 39, - - /** - * Nonces, for initator and responder (Ni, Nr, N) - */ - NONCE = 40, - - /** - * Notify paylaod (N). - */ - NOTIFY = 41, - - /** - * Delete payload (D) - */ - DELETE = 42, - - /** - * Vendor id paylpoad (V). - */ - VENDOR_ID = 43, - - /** - * Traffic selector for the original initiator (TSi). - */ - TRAFFIC_SELECTOR_INITIATOR = 44, - - /** - * Traffic selector for the original responser (TSr). - */ - TRAFFIC_SELECTOR_RESPONDER = 45, - - /** - * Encryption payload, contains other payloads (E). - */ - ENCRYPTED = 46, - - /** - * Configuration payload (CP). - */ - CONFIGURATION = 47, - - /** - * Extensible authentication payload (EAP). - */ - EXTENSIBLE_AUTHENTICATION = 48, - -#ifdef ME - /** - * Identification payload for peers has a value from - * the PRIVATE USE space. - */ - ID_PEER = 128, -#endif /* ME */ - - /** - * Header has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle IKEv2-Header like a payload. - */ - HEADER = 140, - - /** - * PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a proposal substructure like a payload. - */ - PROPOSAL_SUBSTRUCTURE = 141, - - /** - * TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a transform substructure like a payload. - */ - TRANSFORM_SUBSTRUCTURE = 142, - - /** - * TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a transform attribute like a payload. - */ - TRANSFORM_ATTRIBUTE = 143, - - /** - * TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a transform selector like a payload. - */ - TRAFFIC_SELECTOR_SUBSTRUCTURE = 144, - - /** - * CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a transform attribute like a payload. - */ - CONFIGURATION_ATTRIBUTE = 145, - - /** - * A unknown payload has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just - * used internally to handle a unknown payload. - */ - UNKNOWN_PAYLOAD = 146, -}; - - -/** - * enum names for payload_type_t. - */ -extern enum_name_t *payload_type_names; - -/** - * enum names for payload_type_t in a short form. - */ -extern enum_name_t *payload_type_short_names; - -/** - * Generic interface for all payload types (incl.header and substructures). - * - * To handle all kinds of payloads on a generic way, this interface must - * be implemented by every payload. This allows parser_t/generator_t a simple - * handling of all payloads. - */ -struct payload_t { - - /** - * Get encoding rules for this payload. - * - * @param rules location to store pointer of first rule - * @param rule_count location to store number of rules - */ - void (*get_encoding_rules) (payload_t *this, encoding_rule_t **rules, size_t *rule_count); - - /** - * Get type of payload. - * - * @return type of this payload - */ - payload_type_t (*get_type) (payload_t *this); - - /** - * Get type of next payload or NO_PAYLOAD (0) if this is the last one. - * - * @return type of next payload - */ - payload_type_t (*get_next_type) (payload_t *this); - - /** - * Set type of next payload. - * - * @param type type of next payload - */ - void (*set_next_type) (payload_t *this,payload_type_t type); - - /** - * Get length of payload. - * - * @return length of this payload - */ - size_t (*get_length) (payload_t *this); - - /** - * Verifies payload structure and makes consistence check. - * - * @return SUCCESS, FAILED if consistence not given - */ - status_t (*verify) (payload_t *this); - - /** - * Destroys a payload and all included substructures. - */ - void (*destroy) (payload_t *this); -}; - -/** - * Create an empty payload. - * - * Useful for the parser, who wants a generic constructor for all payloads. - * It supports all payload_t methods. If a payload type is not known, - * an unknwon_paylod is created with the chunk of data in it. - * - * @param type type of the payload to create - * @return payload_t object - */ -payload_t *payload_create(payload_type_t type); - -#endif /** PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/proposal_substructure.c b/src/charon/encoding/payloads/proposal_substructure.c deleted file mode 100644 index c93f73a68..000000000 --- a/src/charon/encoding/payloads/proposal_substructure.c +++ /dev/null @@ -1,598 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "proposal_substructure.h" - -#include <encoding/payloads/encodings.h> -#include <encoding/payloads/transform_substructure.h> -#include <library.h> -#include <utils/linked_list.h> -#include <daemon.h> - - -/** - * IKEv1 Value for a proposal payload. - */ -#define PROPOSAL_TYPE_VALUE 2 - - -typedef struct private_proposal_substructure_t private_proposal_substructure_t; - -/** - * Private data of an proposal_substructure_t object. - * - */ -struct private_proposal_substructure_t { - /** - * Public proposal_substructure_t interface. - */ - proposal_substructure_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Length of this payload. - */ - u_int16_t proposal_length; - - /** - * Proposal number. - */ - u_int8_t proposal_number; - - /** - * Protocol ID. - */ - u_int8_t protocol_id; - - /** - * SPI size of the following SPI. - */ - u_int8_t spi_size; - - /** - * Number of transforms. - */ - u_int8_t transforms_count; - - /** - * SPI is stored as chunk. - */ - chunk_t spi; - - /** - * Transforms are stored in a linked_list_t. - */ - linked_list_t * transforms; -}; - -/** - * Encoding rules to parse or generate a Proposal substructure. - * - * The defined offsets are the positions in a object of type - * private_proposal_substructure_t. - */ -encoding_rule_t proposal_substructure_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) }, - /* Reserved Byte is skipped */ - { RESERVED_BYTE, 0 }, - /* Length of the whole proposal substructure payload*/ - { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) }, - /* proposal number is a number of 8 bit */ - { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) }, - /* protocol ID is a number of 8 bit */ - { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) }, - /* SPI Size has its own type */ - { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) }, - /* Number of transforms is a number of 8 bit */ - { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) }, - /* SPI is a chunk of variable size*/ - { SPI, offsetof(private_proposal_substructure_t, spi) }, - /* Transforms are stored in a transform substructure, - offset points to a linked_list_t pointer */ - { TRANSFORMS, offsetof(private_proposal_substructure_t, transforms) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! 0 (last) or 2 ! RESERVED ! Proposal Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Proposal # ! Protocol ID ! SPI Size !# of Transforms! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ~ SPI (variable) ~ - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ <Transforms> ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_proposal_substructure_t *this) -{ - status_t status = SUCCESS; - iterator_t *iterator; - payload_t *current_transform; - - if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2)) - { - /* must be 0 or 2 */ - DBG1(DBG_ENC, "inconsistent next payload"); - return FAILED; - } - if (this->transforms_count != this->transforms->get_count(this->transforms)) - { - /* must be the same! */ - DBG1(DBG_ENC, "transform count invalid"); - return FAILED; - } - - switch (this->protocol_id) - { - case PROTO_AH: - case PROTO_ESP: - if (this->spi.len != 4) - { - DBG1(DBG_ENC, "invalid SPI length in %N proposal", - protocol_id_names, this->protocol_id); - return FAILED; - } - break; - case PROTO_IKE: - if (this->spi.len != 0 && this->spi.len != 8) - { - DBG1(DBG_ENC, "invalid SPI length in IKE proposal"); - return FAILED; - } - break; - default: - DBG1(DBG_ENC, "invalid proposal protocol (%d)", this->protocol_id); - return FAILED; - } - if ((this->protocol_id == 0) || (this->protocol_id >= 4)) - { - /* reserved are not supported */ - DBG1(DBG_ENC, "invalid protocol"); - return FAILED; - } - - iterator = this->transforms->create_iterator(this->transforms,TRUE); - while(iterator->iterate(iterator, (void**)¤t_transform)) - { - status = current_transform->verify(current_transform); - if (status != SUCCESS) - { - DBG1(DBG_ENC, "TRANSFORM_SUBSTRUCTURE verification failed"); - break; - } - } - iterator->destroy(iterator); - - /* proposal number is checked in SA payload */ - return status; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_proposal_substructure_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = proposal_substructure_encodings; - *rule_count = sizeof(proposal_substructure_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_proposal_substructure_t *this) -{ - return PROPOSAL_SUBSTRUCTURE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_proposal_substructure_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_proposal_substructure_t *this,payload_type_t type) -{ -} - -/** - * (re-)compute the length of the payload. - */ -static void compute_length(private_proposal_substructure_t *this) -{ - iterator_t *iterator; - payload_t *current_transform; - size_t transforms_count = 0; - size_t length = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH; - - iterator = this->transforms->create_iterator(this->transforms,TRUE); - while (iterator->iterate(iterator, (void**)¤t_transform)) - { - length += current_transform->get_length(current_transform); - transforms_count++; - } - iterator->destroy(iterator); - - length += this->spi.len; - this->transforms_count = transforms_count; - this->proposal_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_proposal_substructure_t *this) -{ - compute_length(this); - return this->proposal_length; -} - -/** - * Implementation of proposal_substructure_t.create_transform_substructure_iterator. - */ -static iterator_t *create_transform_substructure_iterator (private_proposal_substructure_t *this,bool forward) -{ - return (this->transforms->create_iterator(this->transforms,forward)); -} - -/** - * Implementation of proposal_substructure_t.add_transform_substructure. - */ -static void add_transform_substructure (private_proposal_substructure_t *this,transform_substructure_t *transform) -{ - status_t status; - if (this->transforms->get_count(this->transforms) > 0) - { - transform_substructure_t *last_transform; - status = this->transforms->get_last(this->transforms,(void **) &last_transform); - /* last transform is now not anymore last one */ - last_transform->set_is_last_transform(last_transform,FALSE); - - } - transform->set_is_last_transform(transform,TRUE); - - this->transforms->insert_last(this->transforms,(void *) transform); - compute_length(this); -} - -/** - * Implementation of proposal_substructure_t.proposal_substructure_t. - */ -static void set_is_last_proposal (private_proposal_substructure_t *this, bool is_last) -{ - this->next_payload = (is_last) ? 0: PROPOSAL_TYPE_VALUE; -} - -/** - * Implementation of proposal_substructure_t.set_proposal_number. - */ -static void set_proposal_number(private_proposal_substructure_t *this,u_int8_t proposal_number) -{ - this->proposal_number = proposal_number; -} - -/** - * Implementation of proposal_substructure_t.get_proposal_number. - */ -static u_int8_t get_proposal_number (private_proposal_substructure_t *this) -{ - return (this->proposal_number); -} - -/** - * Implementation of proposal_substructure_t.set_protocol_id. - */ -static void set_protocol_id(private_proposal_substructure_t *this,u_int8_t protocol_id) -{ - this->protocol_id = protocol_id; -} - -/** - * Implementation of proposal_substructure_t.get_protocol_id. - */ -static u_int8_t get_protocol_id(private_proposal_substructure_t *this) -{ - return (this->protocol_id); -} - -/** - * Implementation of proposal_substructure_t.set_spi. - */ -static void set_spi(private_proposal_substructure_t *this, chunk_t spi) -{ - /* first delete already set spi value */ - if (this->spi.ptr != NULL) - { - free(this->spi.ptr); - this->spi.ptr = NULL; - this->spi.len = 0; - compute_length(this); - } - - this->spi.ptr = clalloc(spi.ptr,spi.len); - this->spi.len = spi.len; - this->spi_size = spi.len; - compute_length(this); -} - -/** - * Implementation of proposal_substructure_t.get_spi. - */ -static chunk_t get_spi(private_proposal_substructure_t *this) -{ - chunk_t spi; - spi.ptr = this->spi.ptr; - spi.len = this->spi.len; - - return spi; -} - -/** - * Implementation of proposal_substructure_t.get_transform_count. - */ -static size_t get_transform_count (private_proposal_substructure_t *this) -{ - return this->transforms->get_count(this->transforms); -} - -/** - * Implementation of proposal_substructure_t.get_spi_size. - */ -static size_t get_spi_size (private_proposal_substructure_t *this) -{ - return this->spi.len; -} - -/** - * Implementation of proposal_substructure_t.get_proposal. - */ -proposal_t* get_proposal(private_proposal_substructure_t *this) -{ - iterator_t *iterator; - transform_substructure_t *transform; - proposal_t *proposal; - u_int64_t spi; - - proposal = proposal_create(this->protocol_id); - - iterator = this->transforms->create_iterator(this->transforms, TRUE); - while (iterator->iterate(iterator, (void**)&transform)) - { - transform_type_t transform_type; - u_int16_t transform_id; - u_int16_t key_length = 0; - - transform_type = transform->get_transform_type(transform); - transform_id = transform->get_transform_id(transform); - transform->get_key_length(transform, &key_length); - - proposal->add_algorithm(proposal, transform_type, transform_id, key_length); - } - iterator->destroy(iterator); - - switch (this->spi.len) - { - case 4: - spi = *((u_int32_t*)this->spi.ptr); - break; - case 8: - spi = *((u_int64_t*)this->spi.ptr); - break; - default: - spi = 0; - } - proposal->set_spi(proposal, spi); - - return proposal; -} - -/** - * Implementation of proposal_substructure_t.clone. - */ -static private_proposal_substructure_t* clone_(private_proposal_substructure_t *this) -{ - private_proposal_substructure_t *clone; - iterator_t *transforms; - transform_substructure_t *current_transform; - - clone = (private_proposal_substructure_t *) proposal_substructure_create(); - clone->next_payload = this->next_payload; - clone->proposal_number = this->proposal_number; - clone->protocol_id = this->protocol_id; - clone->spi_size = this->spi_size; - if (this->spi.ptr != NULL) - { - clone->spi.ptr = clalloc(this->spi.ptr,this->spi.len); - clone->spi.len = this->spi.len; - } - - transforms = this->transforms->create_iterator(this->transforms,FALSE); - while (transforms->iterate(transforms, (void**)¤t_transform)) - { - current_transform = current_transform->clone(current_transform); - clone->public.add_transform_substructure(&clone->public, current_transform); - } - transforms->destroy(transforms); - - return clone; -} - -/** - * Implements payload_t's and proposal_substructure_t's destroy function. - * See #payload_s.destroy or proposal_substructure_s.destroy for description. - */ -static void destroy(private_proposal_substructure_t *this) -{ - this->transforms->destroy_offset(this->transforms, - offsetof(transform_substructure_t, destroy)); - chunk_free(&this->spi); - free(this); -} - -/* - * Described in header. - */ -proposal_substructure_t *proposal_substructure_create() -{ - private_proposal_substructure_t *this = malloc_thing(private_proposal_substructure_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - - /* public functions */ - this->public.create_transform_substructure_iterator = (iterator_t* (*) (proposal_substructure_t *,bool)) create_transform_substructure_iterator; - this->public.add_transform_substructure = (void (*) (proposal_substructure_t *,transform_substructure_t *)) add_transform_substructure; - this->public.set_proposal_number = (void (*) (proposal_substructure_t *,u_int8_t))set_proposal_number; - this->public.get_proposal_number = (u_int8_t (*) (proposal_substructure_t *)) get_proposal_number; - this->public.set_protocol_id = (void (*) (proposal_substructure_t *,u_int8_t))set_protocol_id; - this->public.get_protocol_id = (u_int8_t (*) (proposal_substructure_t *)) get_protocol_id; - this->public.set_is_last_proposal = (void (*) (proposal_substructure_t *,bool)) set_is_last_proposal; - this->public.get_proposal = (proposal_t* (*) (proposal_substructure_t*))get_proposal; - this->public.set_spi = (void (*) (proposal_substructure_t *,chunk_t))set_spi; - this->public.get_spi = (chunk_t (*) (proposal_substructure_t *)) get_spi; - this->public.get_transform_count = (size_t (*) (proposal_substructure_t *)) get_transform_count; - this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size; - this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone_; - this->public.destroy = (void (*) (proposal_substructure_t *)) destroy; - - /* set default values of the fields */ - this->next_payload = NO_PAYLOAD; - this->proposal_length = 0; - this->proposal_number = 0; - this->protocol_id = 0; - this->transforms_count = 0; - this->spi_size = 0; - this->spi.ptr = NULL; - this->spi.len = 0; - - this->transforms = linked_list_create(); - - return (&(this->public)); -} - -/* - * Described in header. - */ -proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t *proposal) -{ - transform_substructure_t *transform; - private_proposal_substructure_t *this; - u_int16_t alg, key_size; - enumerator_t *enumerator; - - this = (private_proposal_substructure_t*)proposal_substructure_create(); - - /* encryption algorithm is only availble in ESP */ - enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM); - while (enumerator->enumerate(enumerator, &alg, &key_size)) - { - transform = transform_substructure_create_type(ENCRYPTION_ALGORITHM, - alg, key_size); - add_transform_substructure(this, transform); - } - enumerator->destroy(enumerator); - - /* integrity algorithms */ - enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM); - while (enumerator->enumerate(enumerator, &alg, &key_size)) - { - transform = transform_substructure_create_type(INTEGRITY_ALGORITHM, - alg, key_size); - add_transform_substructure(this, transform); - } - enumerator->destroy(enumerator); - - /* prf algorithms */ - enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION); - while (enumerator->enumerate(enumerator, &alg, &key_size)) - { - transform = transform_substructure_create_type(PSEUDO_RANDOM_FUNCTION, - alg, key_size); - add_transform_substructure(this, transform); - } - enumerator->destroy(enumerator); - - /* dh groups */ - enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP); - while (enumerator->enumerate(enumerator, &alg, NULL)) - { - transform = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP, - alg, 0); - add_transform_substructure(this, transform); - } - enumerator->destroy(enumerator); - - /* extended sequence numbers */ - enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS); - while (enumerator->enumerate(enumerator, &alg, NULL)) - { - transform = transform_substructure_create_type(EXTENDED_SEQUENCE_NUMBERS, - alg, 0); - add_transform_substructure(this, transform); - } - enumerator->destroy(enumerator); - - /* add SPI, if necessary */ - switch (proposal->get_protocol(proposal)) - { - case PROTO_AH: - case PROTO_ESP: - this->spi_size = this->spi.len = 4; - this->spi.ptr = malloc(this->spi_size); - *((u_int32_t*)this->spi.ptr) = proposal->get_spi(proposal); - break; - case PROTO_IKE: - if (proposal->get_spi(proposal)) - { /* IKE only uses SPIS when rekeying, but on initial setup */ - this->spi_size = this->spi.len = 8; - this->spi.ptr = malloc(this->spi_size); - *((u_int64_t*)this->spi.ptr) = proposal->get_spi(proposal); - } - break; - default: - break; - } - this->proposal_number = 0; - this->protocol_id = proposal->get_protocol(proposal); - - return &this->public; -} diff --git a/src/charon/encoding/payloads/proposal_substructure.h b/src/charon/encoding/payloads/proposal_substructure.h deleted file mode 100644 index 4934802af..000000000 --- a/src/charon/encoding/payloads/proposal_substructure.h +++ /dev/null @@ -1,173 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup proposal_substructure proposal_substructure - * @{ @ingroup payloads - */ - -#ifndef PROPOSAL_SUBSTRUCTURE_H_ -#define PROPOSAL_SUBSTRUCTURE_H_ - -typedef struct proposal_substructure_t proposal_substructure_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/transform_substructure.h> -#include <config/proposal.h> -#include <utils/linked_list.h> - - -/** - * Length of the proposal substructure header (without spi). - */ -#define PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH 8 - -/** - * Class representing an IKEv2-PROPOSAL SUBSTRUCTURE. - * - * The PROPOSAL SUBSTRUCTURE format is described in RFC section 3.3.1. - */ -struct proposal_substructure_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Creates an iterator of stored transform_substructure_t objects. - * - * @param forward iterator direction (TRUE: front to end) - * @return created iterator_t object - */ - iterator_t *(*create_transform_substructure_iterator) ( - proposal_substructure_t *this, bool forward); - - /** - * Adds a transform_substructure_t object to this object. - * - * @param transform transform_substructure_t object to add - */ - void (*add_transform_substructure) (proposal_substructure_t *this, - transform_substructure_t *transform); - - /** - * Sets the proposal number of current proposal. - * - * @param id proposal number to set - */ - void (*set_proposal_number) (proposal_substructure_t *this, - u_int8_t proposal_number); - - /** - * get proposal number of current proposal. - * - * @return proposal number of current proposal substructure. - */ - u_int8_t (*get_proposal_number) (proposal_substructure_t *this); - - /** - * get the number of transforms in current proposal. - * - * @return transform count in current proposal - */ - size_t (*get_transform_count) (proposal_substructure_t *this); - - /** - * get size of the set spi in bytes. - * - * @return size of the spi in bytes - */ - size_t (*get_spi_size) (proposal_substructure_t *this); - - /** - * Sets the protocol id of current proposal. - * - * @param id protocol id to set - */ - void (*set_protocol_id) (proposal_substructure_t *this, - u_int8_t protocol_id); - - /** - * get protocol id of current proposal. - * - * @return protocol id of current proposal substructure. - */ - u_int8_t (*get_protocol_id) (proposal_substructure_t *this); - - /** - * Sets the next_payload field of this substructure - * - * If this is the last proposal, next payload field is set to 0, - * otherwise to 2 - * - * @param is_last When TRUE, next payload field is set to 0, otherwise to 2 - */ - void (*set_is_last_proposal) (proposal_substructure_t *this, bool is_last); - - /** - * Returns the currently set SPI of this proposal. - * - * @return chunk_t pointing to the value - */ - chunk_t (*get_spi) (proposal_substructure_t *this); - - /** - * Sets the SPI of the current proposal. - * - * @warning SPI is getting copied - * - * @param spi chunk_t pointing to the value to set - */ - void (*set_spi) (proposal_substructure_t *this, chunk_t spi); - - /** - * Get a proposal_t from the propsal_substructure_t. - * - * @return proposal_t - */ - proposal_t * (*get_proposal) (proposal_substructure_t *this); - - /** - * Clones an proposal_substructure_t object. - * - * @return cloned object - */ - proposal_substructure_t* (*clone) (proposal_substructure_t *this); - - /** - * Destroys an proposal_substructure_t object. - */ - void (*destroy) (proposal_substructure_t *this); -}; - -/** - * Creates an empty proposal_substructure_t object - * - * @return proposal_substructure_t object - */ -proposal_substructure_t *proposal_substructure_create(void); - -/** - * Creates a proposal_substructure_t from a proposal_t. - * - * @param proposal proposal to build a substruct out of it - * @return proposal_substructure_t object - */ -proposal_substructure_t *proposal_substructure_create_from_proposal( - proposal_t *proposal); - -#endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/ diff --git a/src/charon/encoding/payloads/sa_payload.c b/src/charon/encoding/payloads/sa_payload.c deleted file mode 100644 index 187a8fee0..000000000 --- a/src/charon/encoding/payloads/sa_payload.c +++ /dev/null @@ -1,368 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "sa_payload.h" - -#include <encoding/payloads/encodings.h> -#include <utils/linked_list.h> -#include <daemon.h> - - -typedef struct private_sa_payload_t private_sa_payload_t; - -/** - * Private data of an sa_payload_t object. - * - */ -struct private_sa_payload_t { - /** - * Public sa_payload_t interface. - */ - sa_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Proposals in this payload are stored in a linked_list_t. - */ - linked_list_t * proposals; -}; - -/** - * Encoding rules to parse or generate a IKEv2-SA Payload - * - * The defined offsets are the positions in a object of type - * private_sa_payload_t. - * - */ -encoding_rule_t sa_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_sa_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_sa_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole SA payload*/ - { PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) }, - /* Proposals are stored in a proposal substructure, - offset points to a linked_list_t pointer */ - { PROPOSALS, offsetof(private_sa_payload_t, proposals) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ <Proposals> ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_sa_payload_t *this) -{ - int expected_number = 1, current_number; - status_t status = SUCCESS; - iterator_t *iterator; - proposal_substructure_t *current_proposal; - bool first = TRUE; - - /* check proposal numbering */ - iterator = this->proposals->create_iterator(this->proposals,TRUE); - - while(iterator->iterate(iterator, (void**)¤t_proposal)) - { - current_number = current_proposal->get_proposal_number(current_proposal); - if (current_number < expected_number) - { - if (current_number != (expected_number + 1)) - { - DBG1(DBG_ENC, "proposal number is %d, expected %d or %d", - current_number, expected_number, expected_number + 1); - status = FAILED; - break; - } - } - else if (current_number < expected_number) - { - /* must not be smaller then proceeding one */ - DBG1(DBG_ENC, "proposal number smaller than that of previous proposal"); - status = FAILED; - break; - } - - status = current_proposal->payload_interface.verify(&(current_proposal->payload_interface)); - if (status != SUCCESS) - { - DBG1(DBG_ENC, "PROPOSAL_SUBSTRUCTURE verification failed"); - break; - } - first = FALSE; - expected_number = current_number; - } - - iterator->destroy(iterator); - return status; -} - - -/** - * Implementation of payload_t.destroy and sa_payload_t.destroy. - */ -static status_t destroy(private_sa_payload_t *this) -{ - this->proposals->destroy_offset(this->proposals, - offsetof(proposal_substructure_t, destroy)); - free(this); - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_sa_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = sa_payload_encodings; - *rule_count = sizeof(sa_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_sa_payload_t *this) -{ - return SECURITY_ASSOCIATION; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_sa_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_sa_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute length of the payload. - */ -static void compute_length (private_sa_payload_t *this) -{ - iterator_t *iterator; - payload_t *current_proposal; - size_t length = SA_PAYLOAD_HEADER_LENGTH; - - iterator = this->proposals->create_iterator(this->proposals,TRUE); - while (iterator->iterate(iterator, (void **)¤t_proposal)) - { - length += current_proposal->get_length(current_proposal); - } - iterator->destroy(iterator); - - this->payload_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_sa_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of sa_payload_t.create_proposal_substructure_iterator. - */ -static iterator_t *create_proposal_substructure_iterator (private_sa_payload_t *this,bool forward) -{ - return this->proposals->create_iterator(this->proposals,forward); -} - -/** - * Implementation of sa_payload_t.add_proposal_substructure. - */ -static void add_proposal_substructure(private_sa_payload_t *this,proposal_substructure_t *proposal) -{ - status_t status; - u_int proposal_count = this->proposals->get_count(this->proposals); - - if (proposal_count > 0) - { - proposal_substructure_t *last_proposal; - status = this->proposals->get_last(this->proposals,(void **) &last_proposal); - /* last transform is now not anymore last one */ - last_proposal->set_is_last_proposal(last_proposal, FALSE); - } - proposal->set_is_last_proposal(proposal, TRUE); - proposal->set_proposal_number(proposal, proposal_count + 1); - this->proposals->insert_last(this->proposals,(void *) proposal); - compute_length(this); -} - -/** - * Implementation of sa_payload_t.add_proposal. - */ -static void add_proposal(private_sa_payload_t *this, proposal_t *proposal) -{ - proposal_substructure_t *substructure; - - substructure = proposal_substructure_create_from_proposal(proposal); - add_proposal_substructure(this, substructure); -} - -/** - * Implementation of sa_payload_t.get_proposals. - */ -static linked_list_t *get_proposals(private_sa_payload_t *this) -{ - int struct_number = 0; - int ignore_struct_number = 0; - iterator_t *iterator; - proposal_substructure_t *proposal_struct; - linked_list_t *proposal_list; - - /* this list will hold our proposals */ - proposal_list = linked_list_create(); - - /* we do not support proposals split up to two proposal substructures, as - * AH+ESP bundles are not supported in RFC4301 anymore. - * To handle such structures safely, we just skip proposals with multiple - * protocols. - */ - iterator = this->proposals->create_iterator(this->proposals, TRUE); - while (iterator->iterate(iterator, (void **)&proposal_struct)) - { - proposal_t *proposal; - - /* check if a proposal has a single protocol */ - if (proposal_struct->get_proposal_number(proposal_struct) == struct_number) - { - if (ignore_struct_number < struct_number) - { - /* remova an already added, if first of series */ - proposal_list->remove_last(proposal_list, (void**)&proposal); - proposal->destroy(proposal); - ignore_struct_number = struct_number; - } - continue; - } - struct_number++; - proposal = proposal_struct->get_proposal(proposal_struct); - if (proposal) - { - proposal_list->insert_last(proposal_list, proposal); - } - } - iterator->destroy(iterator); - return proposal_list; -} - -/* - * Described in header. - */ -sa_payload_t *sa_payload_create() -{ - private_sa_payload_t *this = malloc_thing(private_sa_payload_t); - - /* public interface */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.create_proposal_substructure_iterator = (iterator_t* (*) (sa_payload_t *,bool)) create_proposal_substructure_iterator; - this->public.add_proposal_substructure = (void (*) (sa_payload_t *,proposal_substructure_t *)) add_proposal_substructure; - this->public.add_proposal = (void (*) (sa_payload_t*,proposal_t*))add_proposal; - this->public.get_proposals = (linked_list_t* (*) (sa_payload_t *)) get_proposals; - this->public.destroy = (void (*) (sa_payload_t *)) destroy; - - /* set default values of the fields */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = SA_PAYLOAD_HEADER_LENGTH; - this->proposals = linked_list_create(); - return &this->public; -} - -/* - * Described in header. - */ -sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals) -{ - iterator_t *iterator; - proposal_t *proposal; - sa_payload_t *sa_payload = sa_payload_create(); - - /* add every payload from the list */ - iterator = proposals->create_iterator(proposals, TRUE); - while (iterator->iterate(iterator, (void**)&proposal)) - { - add_proposal((private_sa_payload_t*)sa_payload, proposal); - } - iterator->destroy(iterator); - - return sa_payload; -} - -/* - * Described in header. - */ -sa_payload_t *sa_payload_create_from_proposal(proposal_t *proposal) -{ - sa_payload_t *sa_payload = sa_payload_create(); - - add_proposal((private_sa_payload_t*)sa_payload, proposal); - - return sa_payload; -} diff --git a/src/charon/encoding/payloads/sa_payload.h b/src/charon/encoding/payloads/sa_payload.h deleted file mode 100644 index 25f5a2407..000000000 --- a/src/charon/encoding/payloads/sa_payload.h +++ /dev/null @@ -1,115 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup sa_payload sa_payload - * @{ @ingroup payloads - */ - -#ifndef SA_PAYLOAD_H_ -#define SA_PAYLOAD_H_ - -typedef struct sa_payload_t sa_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/proposal_substructure.h> -#include <utils/linked_list.h> - -/** - * SA_PAYLOAD length in bytes without any proposal substructure. - */ -#define SA_PAYLOAD_HEADER_LENGTH 4 - -/** - * Class representing an IKEv2-SA Payload. - * - * The SA Payload format is described in RFC section 3.3. - */ -struct sa_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Creates an iterator of stored proposal_substructure_t objects. - * - * When deleting an proposal using this iterator, - * the length of this transform substructure has to be refreshed - * by calling get_length()! - * - * @param forward iterator direction (TRUE: front to end) - * @return created iterator_t object - */ - iterator_t *(*create_proposal_substructure_iterator) (sa_payload_t *this, - bool forward); - - /** - * Adds a proposal_substructure_t object to this object. - * - * @param proposal proposal_substructure_t object to add - */ - void (*add_proposal_substructure) (sa_payload_t *this, - proposal_substructure_t *proposal); - - /** - * Gets the proposals in this payload as a list. - * - * @return a list containing proposal_t s - */ - linked_list_t *(*get_proposals) (sa_payload_t *this); - - /** - * Add a child proposal (AH/ESP) to the payload. - * - * @param proposal child proposal to add to the payload - */ - void (*add_proposal) (sa_payload_t *this, proposal_t *proposal); - - /** - * Destroys an sa_payload_t object. - */ - void (*destroy) (sa_payload_t *this); -}; - -/** - * Creates an empty sa_payload_t object - * - * @return created sa_payload_t object - */ -sa_payload_t *sa_payload_create(void); - -/** - * Creates a sa_payload_t object from a list of proposals. - * - * @param proposals list of proposals to build the payload from - * @return sa_payload_t object - */ -sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals); - -/** - * Creates a sa_payload_t object from a single proposal. - * - * This is only for convenience. Use sa_payload_create_from_proposal_list - * if you want to add more than one proposal. - * - * @param proposal proposal from which the payload should be built. - * @return sa_payload_t object - */ -sa_payload_t *sa_payload_create_from_proposal(proposal_t *proposal); - -#endif /** SA_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/traffic_selector_substructure.c b/src/charon/encoding/payloads/traffic_selector_substructure.c deleted file mode 100644 index f24857591..000000000 --- a/src/charon/encoding/payloads/traffic_selector_substructure.c +++ /dev/null @@ -1,276 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include "traffic_selector_substructure.h" - -#include <encoding/payloads/encodings.h> -#include <utils/linked_list.h> - - -typedef struct private_traffic_selector_substructure_t private_traffic_selector_substructure_t; - -/** - * Private data of an traffic_selector_substructure_t object. - * - */ -struct private_traffic_selector_substructure_t { - /** - * Public traffic_selector_substructure_t interface. - */ - traffic_selector_substructure_t public; - - /** - * Type of traffic selector. - */ - u_int8_t ts_type; - - /** - * IP Protocol ID. - */ - u_int8_t ip_protocol_id; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Start port number. - */ - u_int16_t start_port; - - /** - * End port number. - */ - u_int16_t end_port; - - /** - * Starting address. - */ - chunk_t starting_address; - - /** - * Ending address. - */ - chunk_t ending_address; -}; - -/** - * Encoding rules to parse or generate a TS payload - * - * The defined offsets are the positions in a object of type - * private_traffic_selector_substructure_t. - * - */ -encoding_rule_t traffic_selector_substructure_encodings[] = { - /* 1 Byte next ts type*/ - { TS_TYPE, offsetof(private_traffic_selector_substructure_t, ts_type) }, - /* 1 Byte IP protocol id*/ - { U_INT_8, offsetof(private_traffic_selector_substructure_t, ip_protocol_id) }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_traffic_selector_substructure_t, payload_length) }, - /* 2 Byte start port*/ - { U_INT_16, offsetof(private_traffic_selector_substructure_t, start_port) }, - /* 2 Byte end port*/ - { U_INT_16, offsetof(private_traffic_selector_substructure_t, end_port) }, - /* starting address is either 4 or 16 byte */ - { ADDRESS, offsetof(private_traffic_selector_substructure_t, starting_address) }, - /* ending address is either 4 or 16 byte */ - { ADDRESS, offsetof(private_traffic_selector_substructure_t, ending_address) } - -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! TS Type !IP Protocol ID*| Selector Length | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - | Start Port* | End Port* | - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Starting Address* ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Ending Address* ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_traffic_selector_substructure_t *this) -{ - if (this->start_port > this->end_port) - { - return FAILED; - } - switch (this->ts_type) - { - case TS_IPV4_ADDR_RANGE: - { - if ((this->starting_address.len != 4) || - (this->ending_address.len != 4)) - { - /* ipv4 address must be 4 bytes long */ - return FAILED; - } - break; - } - case TS_IPV6_ADDR_RANGE: - { - if ((this->starting_address.len != 16) || - (this->ending_address.len != 16)) - { - /* ipv6 address must be 16 bytes long */ - return FAILED; - } - break; - } - default: - { - /* not supported ts type */ - return FAILED; - } - } - - return SUCCESS; -} - -/** - * Implementation of traffic_selector_substructure_t.get_encoding_rules. - */ -static void get_encoding_rules(private_traffic_selector_substructure_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = traffic_selector_substructure_encodings; - *rule_count = sizeof(traffic_selector_substructure_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_traffic_selector_substructure_t *this) -{ - return TRAFFIC_SELECTOR_SUBSTRUCTURE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_traffic_selector_substructure_t *this) -{ - return 0; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_traffic_selector_substructure_t *this,payload_type_t type) -{ - -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_traffic_selector_substructure_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of traffic_selector_substructure_t.get_traffic_selector. - */ -static traffic_selector_t *get_traffic_selector(private_traffic_selector_substructure_t *this) -{ - traffic_selector_t *ts; - ts = traffic_selector_create_from_bytes(this->ip_protocol_id, this->ts_type, - this->starting_address, this->start_port, - this->ending_address, this->end_port); - return ts; -} - -/** - * recompute length field of the payload - */ -void compute_length(private_traffic_selector_substructure_t *this) -{ - this->payload_length = TRAFFIC_SELECTOR_HEADER_LENGTH + - this->ending_address.len + this->starting_address.len; -} - -/** - * Implementation of payload_t.destroy and traffic_selector_substructure_t.destroy. - */ -static void destroy(private_traffic_selector_substructure_t *this) -{ - free(this->starting_address.ptr); - free(this->ending_address.ptr); - free(this); -} - -/* - * Described in header - */ -traffic_selector_substructure_t *traffic_selector_substructure_create() -{ - private_traffic_selector_substructure_t *this = malloc_thing(private_traffic_selector_substructure_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.get_traffic_selector = (traffic_selector_t* (*)(traffic_selector_substructure_t*))get_traffic_selector; - this->public.destroy = (void (*) (traffic_selector_substructure_t *)) destroy; - - /* private variables */ - this->payload_length = TRAFFIC_SELECTOR_HEADER_LENGTH; - this->start_port = 0; - this->end_port = 0; - this->starting_address = chunk_empty; - this->ending_address = chunk_empty; - this->ip_protocol_id = 0; - /* must be set to be valid */ - this->ts_type = TS_IPV4_ADDR_RANGE; - - return (&(this->public)); -} - -/* - * Described in header - */ -traffic_selector_substructure_t *traffic_selector_substructure_create_from_traffic_selector(traffic_selector_t *traffic_selector) -{ - private_traffic_selector_substructure_t *this = (private_traffic_selector_substructure_t*)traffic_selector_substructure_create(); - this->ts_type = traffic_selector->get_type(traffic_selector); - this->ip_protocol_id = traffic_selector->get_protocol(traffic_selector); - this->start_port = traffic_selector->get_from_port(traffic_selector); - this->end_port = traffic_selector->get_to_port(traffic_selector); - this->starting_address = chunk_clone(traffic_selector->get_from_address(traffic_selector)); - this->ending_address = chunk_clone(traffic_selector->get_to_address(traffic_selector)); - - compute_length(this); - - return &(this->public); -} diff --git a/src/charon/encoding/payloads/traffic_selector_substructure.h b/src/charon/encoding/payloads/traffic_selector_substructure.h deleted file mode 100644 index 0109fd7f5..000000000 --- a/src/charon/encoding/payloads/traffic_selector_substructure.h +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup traffic_selector_substructure traffic_selector_substructure - * @{ @ingroup payloads - */ - -#ifndef TRAFFIC_SELECTOR_SUBSTRUCTURE_H_ -#define TRAFFIC_SELECTOR_SUBSTRUCTURE_H_ - -typedef struct traffic_selector_substructure_t traffic_selector_substructure_t; - -#include <library.h> -#include <utils/host.h> -#include <selectors/traffic_selector.h> -#include <encoding/payloads/payload.h> - -/** - * Length of a TRAFFIC SELECTOR SUBSTRUCTURE without start and end address. - */ -#define TRAFFIC_SELECTOR_HEADER_LENGTH 8 - -/** - * Class representing an IKEv2 TRAFFIC SELECTOR. - * - * The TRAFFIC SELECTOR format is described in RFC section 3.13.1. - */ -struct traffic_selector_substructure_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the type of Traffic selector. - * - * @return type of traffic selector - * - */ - ts_type_t (*get_ts_type) (traffic_selector_substructure_t *this); - - /** - * Set the type of Traffic selector. - * - * @param ts_type type of traffic selector - */ - void (*set_ts_type) (traffic_selector_substructure_t *this, - ts_type_t ts_type); - - /** - * Get the IP protocol ID of Traffic selector. - * - * @return type of traffic selector - * - */ - u_int8_t (*get_protocol_id) (traffic_selector_substructure_t *this); - - /** - * Set the IP protocol ID of Traffic selector - * - * @param protocol_id protocol ID of traffic selector - */ - void (*set_protocol_id) (traffic_selector_substructure_t *this, - u_int8_t protocol_id); - - /** - * Get the start port and address as host_t object. - * - * Returned host_t object has to get destroyed by the caller. - * - * @return start host as host_t object - * - */ - host_t *(*get_start_host) (traffic_selector_substructure_t *this); - - /** - * Set the start port and address as host_t object. - * - * @param start_host start host as host_t object - */ - void (*set_start_host) (traffic_selector_substructure_t *this, - host_t *start_host); - - /** - * Get the end port and address as host_t object. - * - * Returned host_t object has to get destroyed by the caller. - * - * @return end host as host_t object - * - */ - host_t *(*get_end_host) (traffic_selector_substructure_t *this); - - /** - * Set the end port and address as host_t object. - * - * @param end_host end host as host_t object - */ - void (*set_end_host) (traffic_selector_substructure_t *this, - host_t *end_host); - - /** - * Get a traffic_selector_t from this substructure. - * - * @warning traffic_selector_t must be destroyed after usage. - * - * @return contained traffic_selector_t - */ - traffic_selector_t *(*get_traffic_selector) ( - traffic_selector_substructure_t *this); - - /** - * Destroys an traffic_selector_substructure_t object. - */ - void (*destroy) (traffic_selector_substructure_t *this); -}; - -/** - * Creates an empty traffic_selector_substructure_t object. - * - * TS type is set to default TS_IPV4_ADDR_RANGE! - * - * @return traffic_selector_substructure_t object - */ -traffic_selector_substructure_t *traffic_selector_substructure_create(void); - -/** - * Creates an initialized traffif selector substructure using - * the values from a traffic_selector_t. - * - * @param traffic_selector traffic_selector_t to use for initialization - * @return traffic_selector_substructure_t object - */ -traffic_selector_substructure_t *traffic_selector_substructure_create_from_traffic_selector( - traffic_selector_t *traffic_selector); - -#endif /** TRAFFIC_SELECTOR_SUBSTRUCTURE_H_ @}*/ diff --git a/src/charon/encoding/payloads/transform_attribute.c b/src/charon/encoding/payloads/transform_attribute.c deleted file mode 100644 index 8bf2ddef4..000000000 --- a/src/charon/encoding/payloads/transform_attribute.c +++ /dev/null @@ -1,325 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <string.h> -#include <stddef.h> - -#include "transform_attribute.h" - -#include <encoding/payloads/encodings.h> -#include <library.h> - -typedef struct private_transform_attribute_t private_transform_attribute_t; - -/** - * Private data of an transform_attribute_t object. - * - */ -struct private_transform_attribute_t { - /** - * Public transform_attribute_t interface. - */ - transform_attribute_t public; - - /** - * Attribute Format Flag. - * - * - TRUE means value is stored in attribute_length_or_value - * - FALSE means value is stored in attribute_value - */ - bool attribute_format; - - /** - * Type of the attribute. - */ - u_int16_t attribute_type; - - /** - * Attribute Length if attribute_format is 0, attribute Value otherwise. - */ - u_int16_t attribute_length_or_value; - - /** - * Attribute value as chunk if attribute_format is 0 (FALSE). - */ - chunk_t attribute_value; -}; - - -ENUM_BEGIN(transform_attribute_type_name, ATTRIBUTE_UNDEFINED, ATTRIBUTE_UNDEFINED, - "ATTRIBUTE_UNDEFINED"); -ENUM_NEXT(transform_attribute_type_name, KEY_LENGTH, KEY_LENGTH, ATTRIBUTE_UNDEFINED, - "KEY_LENGTH"); -ENUM_END(transform_attribute_type_name, KEY_LENGTH); - -/** - * Encoding rules to parse or generate a Transform attribute. - * - * The defined offsets are the positions in a object of type - * private_transform_attribute_t. - * - */ -encoding_rule_t transform_attribute_encodings[] = { - /* Flag defining the format of this payload */ - { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) }, - /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_transform_attribute_t, attribute_type) }, - /* Length or value, depending on the attribute format flag */ - { ATTRIBUTE_LENGTH_OR_VALUE, offsetof(private_transform_attribute_t, attribute_length_or_value) }, - /* Value of attribute if attribute format flag is zero */ - { ATTRIBUTE_VALUE, offsetof(private_transform_attribute_t, attribute_value) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - !A! Attribute Type ! AF=0 Attribute Length ! - !F! ! AF=1 Attribute Value ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! AF=0 Attribute Value ! - ! AF=1 Not Transmitted ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_transform_attribute_t *this) -{ - if (this->attribute_type != KEY_LENGTH) - { - return FAILED; - } - - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_transform_attribute_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = transform_attribute_encodings; - *rule_count = sizeof(transform_attribute_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_transform_attribute_t *this) -{ - return TRANSFORM_ATTRIBUTE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_transform_attribute_t *this) -{ - return (NO_PAYLOAD); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_transform_attribute_t *this,payload_type_t type) -{ -} - -/** - * Implementation of transform_attribute_t.get_length. - */ -static size_t get_length(private_transform_attribute_t *this) -{ - if (this->attribute_format == TRUE) - { - /*Attribute size is only 4 byte */ - return 4; - } - return (this->attribute_length_or_value + 4); -} - -/** - * Implementation of transform_attribute_t.set_value_chunk. - */ -static void set_value_chunk(private_transform_attribute_t *this, chunk_t value) -{ - if (this->attribute_value.ptr != NULL) - { - /* free existing value */ - free(this->attribute_value.ptr); - this->attribute_value.ptr = NULL; - this->attribute_value.len = 0; - - } - - if (value.len > 2) - { - this->attribute_value.ptr = clalloc(value.ptr,value.len); - this->attribute_value.len = value.len; - this->attribute_length_or_value = value.len; - /* attribute has not a fixed length */ - this->attribute_format = FALSE; - } - else - { - memcpy(&(this->attribute_length_or_value),value.ptr,value.len); - } -} - -/** - * Implementation of transform_attribute_t.set_value. - */ -static void set_value(private_transform_attribute_t *this, u_int16_t value) -{ - if (this->attribute_value.ptr != NULL) - { - /* free existing value */ - free(this->attribute_value.ptr); - this->attribute_value.ptr = NULL; - this->attribute_value.len = 0; - - } - this->attribute_length_or_value = value; -} - -/** - * Implementation of transform_attribute_t.get_value_chunk. - */ -static chunk_t get_value_chunk (private_transform_attribute_t *this) -{ - chunk_t value; - - if (this->attribute_format == FALSE) - { - value.ptr = this->attribute_value.ptr; - value.len = this->attribute_value.len; - } - else - { - value.ptr = (void *) &(this->attribute_length_or_value); - value.len = 2; - } - - return value; -} - -/** - * Implementation of transform_attribute_t.get_value. - */ -static u_int16_t get_value (private_transform_attribute_t *this) -{ - return this->attribute_length_or_value; -} - - -/** - * Implementation of transform_attribute_t.set_attribute_type. - */ -static void set_attribute_type (private_transform_attribute_t *this, u_int16_t type) -{ - this->attribute_type = type & 0x7FFF; -} - -/** - * Implementation of transform_attribute_t.get_attribute_type. - */ -static u_int16_t get_attribute_type (private_transform_attribute_t *this) -{ - return this->attribute_type; -} - -/** - * Implementation of transform_attribute_t.clone. - */ -static transform_attribute_t * _clone(private_transform_attribute_t *this) -{ - private_transform_attribute_t *new_clone; - - new_clone = (private_transform_attribute_t *) transform_attribute_create(); - - new_clone->attribute_format = this->attribute_format; - new_clone->attribute_type = this->attribute_type; - new_clone->attribute_length_or_value = this->attribute_length_or_value; - - if (!new_clone->attribute_format) - { - new_clone->attribute_value.ptr = clalloc(this->attribute_value.ptr,this->attribute_value.len); - new_clone->attribute_value.len = this->attribute_value.len; - } - - return (transform_attribute_t *) new_clone; -} - -/** - * Implementation of transform_attribute_t.destroy and payload_t.destroy. - */ -static void destroy(private_transform_attribute_t *this) -{ - if (this->attribute_value.ptr != NULL) - { - free(this->attribute_value.ptr); - } - free(this); -} - -/* - * Described in header. - */ -transform_attribute_t *transform_attribute_create() -{ - private_transform_attribute_t *this = malloc_thing(private_transform_attribute_t); - - /* payload interface */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.set_value_chunk = (void (*) (transform_attribute_t *,chunk_t)) set_value_chunk; - this->public.set_value = (void (*) (transform_attribute_t *,u_int16_t)) set_value; - this->public.get_value_chunk = (chunk_t (*) (transform_attribute_t *)) get_value_chunk; - this->public.get_value = (u_int16_t (*) (transform_attribute_t *)) get_value; - this->public.set_attribute_type = (void (*) (transform_attribute_t *,u_int16_t type)) set_attribute_type; - this->public.get_attribute_type = (u_int16_t (*) (transform_attribute_t *)) get_attribute_type; - this->public.clone = (transform_attribute_t * (*) (transform_attribute_t *)) _clone; - this->public.destroy = (void (*) (transform_attribute_t *)) destroy; - - /* set default values of the fields */ - this->attribute_format = TRUE; - this->attribute_type = 0; - this->attribute_length_or_value = 0; - this->attribute_value.ptr = NULL; - this->attribute_value.len = 0; - - return (&(this->public)); -} - -/* - * Described in header. - */ -transform_attribute_t *transform_attribute_create_key_length(u_int16_t key_length) -{ - transform_attribute_t *attribute = transform_attribute_create(); - attribute->set_attribute_type(attribute,KEY_LENGTH); - attribute->set_value(attribute,key_length); - return attribute; -} diff --git a/src/charon/encoding/payloads/transform_attribute.h b/src/charon/encoding/payloads/transform_attribute.h deleted file mode 100644 index a5fe0154b..000000000 --- a/src/charon/encoding/payloads/transform_attribute.h +++ /dev/null @@ -1,132 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup transform_attribute transform_attribute - * @{ @ingroup payloads - */ - -#ifndef TRANSFORM_ATTRIBUTE_H_ -#define TRANSFORM_ATTRIBUTE_H_ - -typedef enum transform_attribute_type_t transform_attribute_type_t; -typedef struct transform_attribute_t transform_attribute_t; - -#include <library.h> -#include <encoding/payloads/payload.h> - - -/** - * Type of the attribute, as in IKEv2 RFC 3.3.5. - */ -enum transform_attribute_type_t { - ATTRIBUTE_UNDEFINED = 16384, - KEY_LENGTH = 14 -}; - -/** - * enum name for transform_attribute_type_t. - */ -extern enum_name_t *transform_attribute_type_names; - -/** - * Class representing an IKEv2- TRANSFORM Attribute. - * - * The TRANSFORM ATTRIBUTE format is described in RFC section 3.3.5. - */ -struct transform_attribute_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Returns the currently set value of the attribute. - * - * Returned data are not copied. - * - * @return chunk_t pointing to the value - */ - chunk_t (*get_value_chunk) (transform_attribute_t *this); - - /** - * Returns the currently set value of the attribute. - * - * Returned data are not copied. - * - * @return value - */ - u_int16_t (*get_value) (transform_attribute_t *this); - - /** - * Sets the value of the attribute. - * - * Value is getting copied. - * - * @param value chunk_t pointing to the value to set - */ - void (*set_value_chunk) (transform_attribute_t *this, chunk_t value); - - /** - * Sets the value of the attribute. - * - * @param value value to set - */ - void (*set_value) (transform_attribute_t *this, u_int16_t value); - - /** - * Sets the type of the attribute. - * - * @param type type to set (most significant bit is set to zero) - */ - void (*set_attribute_type) (transform_attribute_t *this, u_int16_t type); - - /** - * get the type of the attribute. - * - * @return type of the value - */ - u_int16_t (*get_attribute_type) (transform_attribute_t *this); - - /** - * Clones an transform_attribute_t object. - * - * @return cloned transform_attribute_t object - */ - transform_attribute_t * (*clone) (transform_attribute_t *this); - - /** - * Destroys an transform_attribute_t object. - */ - void (*destroy) (transform_attribute_t *this); -}; - -/** - * Creates an empty transform_attribute_t object. - * - * @return transform_attribute_t object - */ -transform_attribute_t *transform_attribute_create(void); - -/** - * Creates an transform_attribute_t of type KEY_LENGTH. - * - * @param key_length key length in bytes - * @return transform_attribute_t object - */ -transform_attribute_t *transform_attribute_create_key_length(u_int16_t key_length); - -#endif /** TRANSFORM_ATTRIBUTE_H_ @}*/ diff --git a/src/charon/encoding/payloads/transform_substructure.c b/src/charon/encoding/payloads/transform_substructure.c deleted file mode 100644 index c94f6c1a2..000000000 --- a/src/charon/encoding/payloads/transform_substructure.c +++ /dev/null @@ -1,402 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "transform_substructure.h" - -#include <encoding/payloads/transform_attribute.h> -#include <encoding/payloads/encodings.h> -#include <library.h> -#include <utils/linked_list.h> -#include <daemon.h> - - -typedef struct private_transform_substructure_t private_transform_substructure_t; - -/** - * Private data of an transform_substructure_t object. - * - */ -struct private_transform_substructure_t { - /** - * Public transform_substructure_t interface. - */ - transform_substructure_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - - /** - * Length of this payload. - */ - u_int16_t transform_length; - - - /** - * Type of the transform. - */ - u_int8_t transform_type; - - /** - * Transform ID. - */ - u_int16_t transform_id; - - /** - * Transforms Attributes are stored in a linked_list_t. - */ - linked_list_t *attributes; -}; - - -/** - * Encoding rules to parse or generate a Transform substructure. - * - * The defined offsets are the positions in a object of type - * private_transform_substructure_t. - * - */ -encoding_rule_t transform_substructure_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_transform_substructure_t, next_payload) }, - /* Reserved Byte is skipped */ - { RESERVED_BYTE, 0 }, - /* Length of the whole transform substructure*/ - { PAYLOAD_LENGTH, offsetof(private_transform_substructure_t, transform_length) }, - /* transform type is a number of 8 bit */ - { U_INT_8, offsetof(private_transform_substructure_t, transform_type) }, - /* Reserved Byte is skipped */ - { RESERVED_BYTE, 0 }, - /* tranform ID is a number of 8 bit */ - { U_INT_16, offsetof(private_transform_substructure_t, transform_id) }, - /* Attributes are stored in a transform attribute, - offset points to a linked_list_t pointer */ - { TRANSFORM_ATTRIBUTES, offsetof(private_transform_substructure_t, attributes) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! 0 (last) or 3 ! RESERVED ! Transform Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - !Transform Type ! RESERVED ! Transform ID ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Transform Attributes ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_transform_substructure_t *this) -{ - status_t status = SUCCESS; - iterator_t *iterator; - payload_t *current_attributes; - - if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 3)) - { - /* must be 0 or 3 */ - DBG1(DBG_ENC, "inconsistent next payload"); - return FAILED; - } - - switch (this->transform_type) - { - case ENCRYPTION_ALGORITHM: - case PSEUDO_RANDOM_FUNCTION: - case INTEGRITY_ALGORITHM: - case DIFFIE_HELLMAN_GROUP: - case EXTENDED_SEQUENCE_NUMBERS: - /* we don't check transform ID, we want to reply - * cleanly with NO_PROPOSAL_CHOSEN or so if we don't support it */ - break; - default: - { - DBG1(DBG_ENC, "invalid transform type: %d", this->transform_type); - return FAILED; - } - } - iterator = this->attributes->create_iterator(this->attributes,TRUE); - - while(iterator->iterate(iterator, (void**)¤t_attributes)) - { - status = current_attributes->verify(current_attributes); - if (status != SUCCESS) - { - DBG1(DBG_ENC, "TRANSFORM_ATTRIBUTE verification failed"); - } - } - iterator->destroy(iterator); - - /* proposal number is checked in SA payload */ - return status; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_transform_substructure_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = transform_substructure_encodings; - *rule_count = sizeof(transform_substructure_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_type(private_transform_substructure_t *this) -{ - return TRANSFORM_SUBSTRUCTURE; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_transform_substructure_t *this) -{ - return (this->next_payload); -} - -/** - * recompute the length of the payload. - */ -static void compute_length (private_transform_substructure_t *this) -{ - iterator_t *iterator; - payload_t *current_attribute; - size_t length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; - - iterator = this->attributes->create_iterator(this->attributes,TRUE); - while (iterator->iterate(iterator, (void**)¤t_attribute)) - { - length += current_attribute->get_length(current_attribute); - } - iterator->destroy(iterator); - - this->transform_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_transform_substructure_t *this) -{ - compute_length(this); - return this->transform_length; -} - -/** - * Implementation of transform_substructure_t.create_transform_attribute_iterator. - */ -static iterator_t *create_transform_attribute_iterator (private_transform_substructure_t *this,bool forward) -{ - return this->attributes->create_iterator(this->attributes,forward); -} - -/** - * Implementation of transform_substructure_t.add_transform_attribute. - */ -static void add_transform_attribute (private_transform_substructure_t *this,transform_attribute_t *attribute) -{ - this->attributes->insert_last(this->attributes,(void *) attribute); - compute_length(this); -} - -/** - * Implementation of transform_substructure_t.set_is_last_transform. - */ -static void set_is_last_transform (private_transform_substructure_t *this, bool is_last) -{ - this->next_payload = (is_last) ? 0: TRANSFORM_TYPE_VALUE; -} - -/** - * Implementation of transform_substructure_t.get_is_last_transform. - */ -static bool get_is_last_transform (private_transform_substructure_t *this) -{ - return ((this->next_payload == TRANSFORM_TYPE_VALUE) ? FALSE : TRUE); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_transform_substructure_t *this,payload_type_t type) -{ -} - -/** - * Implementation of transform_substructure_t.set_transform_type. - */ -static void set_transform_type (private_transform_substructure_t *this,u_int8_t type) -{ - this->transform_type = type; -} - -/** - * Implementation of transform_substructure_t.get_transform_type. - */ -static u_int8_t get_transform_type (private_transform_substructure_t *this) -{ - return this->transform_type; -} - -/** - * Implementation of transform_substructure_t.set_transform_id. - */ -static void set_transform_id (private_transform_substructure_t *this,u_int16_t id) -{ - this->transform_id = id; -} - -/** - * Implementation of transform_substructure_t.get_transform_id. - */ -static u_int16_t get_transform_id (private_transform_substructure_t *this) -{ - return this->transform_id; -} - -/** - * Implementation of transform_substructure_t.clone. - */ -static transform_substructure_t *clone_(private_transform_substructure_t *this) -{ - private_transform_substructure_t *clone; - iterator_t *attributes; - transform_attribute_t *current_attribute; - - clone = (private_transform_substructure_t *) transform_substructure_create(); - clone->next_payload = this->next_payload; - clone->transform_type = this->transform_type; - clone->transform_id = this->transform_id; - - attributes = this->attributes->create_iterator(this->attributes, FALSE); - while (attributes->iterate(attributes, (void**)¤t_attribute)) - { - current_attribute = current_attribute->clone(current_attribute); - clone->public.add_transform_attribute(&clone->public, current_attribute); - } - attributes->destroy(attributes); - - return &clone->public; -} - - -/** - * Implementation of transform_substructure_t.get_key_length. - */ -static status_t get_key_length(private_transform_substructure_t *this, u_int16_t *key_length) -{ - iterator_t *attributes; - transform_attribute_t *current_attribute; - - attributes = this->attributes->create_iterator(this->attributes, TRUE); - while (attributes->iterate(attributes, (void**)¤t_attribute)) - { - if (current_attribute->get_attribute_type(current_attribute) == KEY_LENGTH) - { - *key_length = current_attribute->get_value(current_attribute); - attributes->destroy(attributes); - return SUCCESS; - } - } - attributes->destroy(attributes); - return FAILED; -} - - -/** - * Implementation of transform_substructure_t.destroy and payload_t.destroy. - */ -static void destroy(private_transform_substructure_t *this) -{ - this->attributes->destroy_offset(this->attributes, - offsetof(transform_attribute_t, destroy)); - free(this); -} - -/* - * Described in header. - */ -transform_substructure_t *transform_substructure_create() -{ - private_transform_substructure_t *this = malloc_thing(private_transform_substructure_t); - - /* payload interface */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.create_transform_attribute_iterator = (iterator_t * (*) (transform_substructure_t *,bool)) create_transform_attribute_iterator; - this->public.add_transform_attribute = (void (*) (transform_substructure_t *,transform_attribute_t *)) add_transform_attribute; - this->public.set_is_last_transform = (void (*) (transform_substructure_t *,bool)) set_is_last_transform; - this->public.get_is_last_transform = (bool (*) (transform_substructure_t *)) get_is_last_transform; - this->public.set_transform_type = (void (*) (transform_substructure_t *,u_int8_t)) set_transform_type; - this->public.get_transform_type = (u_int8_t (*) (transform_substructure_t *)) get_transform_type; - this->public.set_transform_id = (void (*) (transform_substructure_t *,u_int16_t)) set_transform_id; - this->public.get_transform_id = (u_int16_t (*) (transform_substructure_t *)) get_transform_id; - this->public.get_key_length = (status_t (*) (transform_substructure_t *,u_int16_t *)) get_key_length; - this->public.clone = (transform_substructure_t* (*) (transform_substructure_t *)) clone_; - this->public.destroy = (void (*) (transform_substructure_t *)) destroy; - - /* set default values of the fields */ - this->next_payload = NO_PAYLOAD; - this->transform_length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; - this->transform_id = 0; - this->transform_type = 0; - this->attributes = linked_list_create(); - - return (&(this->public)); -} - -/* - * Described in header - */ -transform_substructure_t *transform_substructure_create_type( - transform_type_t transform_type, - u_int16_t transform_id, u_int16_t key_length) -{ - transform_substructure_t *transform = transform_substructure_create(); - - transform->set_transform_type(transform,transform_type); - transform->set_transform_id(transform,transform_id); - - if (key_length) - { - transform_attribute_t *attribute; - - attribute = transform_attribute_create_key_length(key_length); - transform->add_transform_attribute(transform, attribute); - - } - return transform; -} - diff --git a/src/charon/encoding/payloads/transform_substructure.h b/src/charon/encoding/payloads/transform_substructure.h deleted file mode 100644 index 5d31f8c0a..000000000 --- a/src/charon/encoding/payloads/transform_substructure.h +++ /dev/null @@ -1,174 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup transform_substructure transform_substructure - * @{ @ingroup payloads - */ - -#ifndef TRANSFORM_SUBSTRUCTURE_H_ -#define TRANSFORM_SUBSTRUCTURE_H_ - -typedef struct transform_substructure_t transform_substructure_t; - -#include <library.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/transform_attribute.h> -#include <utils/linked_list.h> -#include <crypto/diffie_hellman.h> -#include <crypto/signers/signer.h> -#include <crypto/prfs/prf.h> -#include <crypto/crypters/crypter.h> -#include <config/proposal.h> - - -/** - * IKEv1 Value for a transform payload. - */ -#define TRANSFORM_TYPE_VALUE 3 - -/** - * Length of the transform substructure header in bytes. - */ -#define TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH 8 - - -/** - * Class representing an IKEv2- TRANSFORM SUBSTRUCTURE. - * - * The TRANSFORM SUBSTRUCTURE format is described in RFC section 3.3.2. - */ -struct transform_substructure_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Creates an iterator of stored transform_attribute_t objects. - * - * When deleting an transform attribute using this iterator, - * the length of this transform substructure has to be refreshed - * by calling get_length(). - * - * @param forward iterator direction (TRUE: front to end) - * @return created iterator_t object. - */ - iterator_t * (*create_transform_attribute_iterator) ( - transform_substructure_t *this, bool forward); - - /** - * Adds a transform_attribute_t object to this object. - * - * @param proposal transform_attribute_t object to add - */ - void (*add_transform_attribute) (transform_substructure_t *this, - transform_attribute_t *attribute); - - /** - * Sets the next_payload field of this substructure - * - * If this is the last transform, next payload field is set to 0, - * otherwise to 3 - * - * @param is_last When TRUE, next payload field is set to 0, otherwise to 3 - */ - void (*set_is_last_transform) (transform_substructure_t *this, bool is_last); - - /** - * Checks if this is the last transform. - * - * @return TRUE if this is the last Transform, FALSE otherwise - */ - bool (*get_is_last_transform) (transform_substructure_t *this); - - /** - * Sets transform type of the current transform substructure. - * - * @param type type value to set - */ - void (*set_transform_type) (transform_substructure_t *this, u_int8_t type); - - /** - * get transform type of the current transform. - * - * @return Transform type of current transform substructure. - */ - u_int8_t (*get_transform_type) (transform_substructure_t *this); - - /** - * Sets transform id of the current transform substructure. - * - * @param id transform id to set - */ - void (*set_transform_id) (transform_substructure_t *this, u_int16_t id); - - /** - * get transform id of the current transform. - * - * @return Transform id of current transform substructure. - */ - u_int16_t (*get_transform_id) (transform_substructure_t *this); - - /** - * get transform id of the current transform. - * - * @param key_length The key length is written to this location - * @return - * - SUCCESS if a key length attribute is contained - * - FAILED if no key length attribute is part of this - * transform or key length uses more then 16 bit! - */ - status_t (*get_key_length) (transform_substructure_t *this, - u_int16_t *key_length); - - /** - * Clones an transform_substructure_t object. - * - * @return cloned transform_substructure_t object - */ - transform_substructure_t* (*clone) (transform_substructure_t *this); - - /** - * Destroys an transform_substructure_t object. - */ - void (*destroy) (transform_substructure_t *this); -}; - -/** - * Creates an empty transform_substructure_t object. - * - * @return created transform_substructure_t object - */ -transform_substructure_t *transform_substructure_create(void); - -/** - * Creates an empty transform_substructure_t object. - * - * The key length is used for the transport types ENCRYPTION_ALGORITHM, - * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all - * other transport types the key_length parameter is not used - * - * @param transform_type type of transform to create - * @param transform_id transform id specifying the specific algorithm of a transform type - * @param key_length Key length for key lenght attribute - * @return transform_substructure_t object - */ -transform_substructure_t *transform_substructure_create_type( - transform_type_t transform_type, u_int16_t transform_id, - u_int16_t key_length); - -#endif /** TRANSFORM_SUBSTRUCTURE_H_ @}*/ diff --git a/src/charon/encoding/payloads/ts_payload.c b/src/charon/encoding/payloads/ts_payload.c deleted file mode 100644 index 6bf3e4293..000000000 --- a/src/charon/encoding/payloads/ts_payload.c +++ /dev/null @@ -1,334 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "ts_payload.h" - -#include <encoding/payloads/encodings.h> -#include <utils/linked_list.h> - -typedef struct private_ts_payload_t private_ts_payload_t; - -/** - * Private data of an ts_payload_t object. - * - */ -struct private_ts_payload_t { - /** - * Public ts_payload_t interface. - */ - ts_payload_t public; - - /** - * TRUE if this TS payload is of type TSi, FALSE for TSr. - */ - bool is_initiator; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * Number of traffic selectors - */ - u_int8_t number_of_traffic_selectors; - - /** - * Contains the traffic selectors of type traffic_selector_substructure_t. - */ - linked_list_t *traffic_selectors; -}; - -/** - * Encoding rules to parse or generate a TS payload - * - * The defined offsets are the positions in a object of type - * private_ts_payload_t. - * - */ -encoding_rule_t ts_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_ts_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_ts_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_ts_payload_t, payload_length)}, - /* 1 Byte TS type*/ - { U_INT_8, offsetof(private_ts_payload_t, number_of_traffic_selectors) }, - /* 3 reserved bytes */ - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, - /* some ts data bytes, length is defined in PAYLOAD_LENGTH */ - { TRAFFIC_SELECTORS, offsetof(private_ts_payload_t, traffic_selectors) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Number of TSs ! RESERVED ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ <Traffic Selectors> ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_ts_payload_t *this) -{ - iterator_t *iterator; - payload_t *current_traffic_selector; - status_t status = SUCCESS; - - if (this->number_of_traffic_selectors != (this->traffic_selectors->get_count(this->traffic_selectors))) - { - /* must be the same */ - return FAILED; - } - - iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); - while(iterator->iterate(iterator, (void**)¤t_traffic_selector)) - { - status = current_traffic_selector->verify(current_traffic_selector); - if (status != SUCCESS) - { - break; - } - } - iterator->destroy(iterator); - - return status; -} - -/** - * Implementation of ts_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_ts_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = ts_payload_encodings; - *rule_count = sizeof(ts_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_ts_payload_t *this) -{ - if (this->is_initiator) - { - return TRAFFIC_SELECTOR_INITIATOR; - } - else - { - return TRAFFIC_SELECTOR_RESPONDER; - } -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_ts_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_ts_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * recompute the length of the payload. - */ -static void compute_length (private_ts_payload_t *this) -{ - iterator_t *iterator; - size_t ts_count = 0; - size_t length = TS_PAYLOAD_HEADER_LENGTH; - payload_t *current_traffic_selector; - - iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); - while (iterator->iterate(iterator, (void**)¤t_traffic_selector)) - { - length += current_traffic_selector->get_length(current_traffic_selector); - ts_count++; - } - iterator->destroy(iterator); - - this->number_of_traffic_selectors= ts_count; - this->payload_length = length; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_ts_payload_t *this) -{ - compute_length(this); - return this->payload_length; -} - -/** - * Implementation of ts_payload_t.get_initiator. - */ -static bool get_initiator (private_ts_payload_t *this) -{ - return (this->is_initiator); -} - -/** - * Implementation of ts_payload_t.set_initiator. - */ -static void set_initiator (private_ts_payload_t *this,bool is_initiator) -{ - this->is_initiator = is_initiator; -} - -/** - * Implementation of ts_payload_t.add_traffic_selector_substructure. - */ -static void add_traffic_selector_substructure (private_ts_payload_t *this,traffic_selector_substructure_t *traffic_selector) -{ - this->traffic_selectors->insert_last(this->traffic_selectors,traffic_selector); - this->number_of_traffic_selectors = this->traffic_selectors->get_count(this->traffic_selectors); -} - -/** - * Implementation of ts_payload_t.create_traffic_selector_substructure_iterator. - */ -static iterator_t * create_traffic_selector_substructure_iterator (private_ts_payload_t *this, bool forward) -{ - return this->traffic_selectors->create_iterator(this->traffic_selectors,forward); -} - -/** - * Implementation of ts_payload_t.get_traffic_selectors. - */ -static linked_list_t *get_traffic_selectors(private_ts_payload_t *this) -{ - traffic_selector_t *ts; - iterator_t *iterator; - traffic_selector_substructure_t *ts_substructure; - linked_list_t *ts_list = linked_list_create(); - - iterator = this->traffic_selectors->create_iterator(this->traffic_selectors, TRUE); - while (iterator->iterate(iterator, (void**)&ts_substructure)) - { - ts = ts_substructure->get_traffic_selector(ts_substructure); - ts_list->insert_last(ts_list, (void*)ts); - } - iterator->destroy(iterator); - - return ts_list; -} - -/** - * Implementation of payload_t.destroy and ts_payload_t.destroy. - */ -static void destroy(private_ts_payload_t *this) -{ - this->traffic_selectors->destroy_offset(this->traffic_selectors, - offsetof(payload_t, destroy)); - free(this); -} - -/* - * Described in header - */ -ts_payload_t *ts_payload_create(bool is_initiator) -{ - private_ts_payload_t *this = malloc_thing(private_ts_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (ts_payload_t *)) destroy; - this->public.get_initiator = (bool (*) (ts_payload_t *)) get_initiator; - this->public.set_initiator = (void (*) (ts_payload_t *,bool)) set_initiator; - this->public.add_traffic_selector_substructure = (void (*) (ts_payload_t *,traffic_selector_substructure_t *)) add_traffic_selector_substructure; - this->public.create_traffic_selector_substructure_iterator = (iterator_t* (*) (ts_payload_t *,bool)) create_traffic_selector_substructure_iterator; - this->public.get_traffic_selectors = (linked_list_t *(*) (ts_payload_t *)) get_traffic_selectors; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length =TS_PAYLOAD_HEADER_LENGTH; - this->is_initiator = is_initiator; - this->number_of_traffic_selectors = 0; - this->traffic_selectors = linked_list_create(); - - return &(this->public); -} - -/* - * Described in header - */ -ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, linked_list_t *traffic_selectors) -{ - iterator_t *iterator; - traffic_selector_t *ts; - traffic_selector_substructure_t *ts_substructure; - private_ts_payload_t *this; - - this = (private_ts_payload_t*)ts_payload_create(is_initiator); - - iterator = traffic_selectors->create_iterator(traffic_selectors, TRUE); - while (iterator->iterate(iterator, (void**)&ts)) - { - ts_substructure = traffic_selector_substructure_create_from_traffic_selector(ts); - this->public.add_traffic_selector_substructure(&(this->public), ts_substructure); - } - iterator->destroy(iterator); - - return &(this->public); -} - diff --git a/src/charon/encoding/payloads/ts_payload.h b/src/charon/encoding/payloads/ts_payload.h deleted file mode 100644 index d322ff1a8..000000000 --- a/src/charon/encoding/payloads/ts_payload.h +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup ts_payload ts_payload - * @{ @ingroup payloads - */ - - -#ifndef TS_PAYLOAD_H_ -#define TS_PAYLOAD_H_ - -typedef struct ts_payload_t ts_payload_t; - -#include <library.h> -#include <utils/linked_list.h> -#include <selectors/traffic_selector.h> -#include <encoding/payloads/payload.h> -#include <encoding/payloads/traffic_selector_substructure.h> - -/** - * Length of a TS payload without the Traffic selectors. - */ -#define TS_PAYLOAD_HEADER_LENGTH 8 - - -/** - * Class representing an IKEv2 TS payload. - * - * The TS payload format is described in RFC section 3.13. - */ -struct ts_payload_t { - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the type of TSpayload (TSi or TSr). - * - * @return - * - TRUE if this payload is of type TSi - * - FALSE if this payload is of type TSr - */ - bool (*get_initiator) (ts_payload_t *this); - - /** - * Set the type of TS payload (TSi or TSr). - * - * @param is_initiator - * - TRUE if this payload is of type TSi - * - FALSE if this payload is of type TSr - */ - void (*set_initiator) (ts_payload_t *this,bool is_initiator); - - /** - * Adds a traffic_selector_substructure_t object to this object. - * - * @param traffic_selector traffic_selector_substructure_t object to add - */ - void (*add_traffic_selector_substructure) (ts_payload_t *this, - traffic_selector_substructure_t *traffic_selector); - - /** - * Creates an iterator of stored traffic_selector_substructure_t objects. - * - * When removing an traffic_selector_substructure_t object - * using this iterator, the length of this payload - * has to get refreshed by calling payload_t.get_length! - * - * @param forward iterator direction (TRUE: front to end) - * @return created iterator_t object - */ - iterator_t *(*create_traffic_selector_substructure_iterator) ( - ts_payload_t *this, bool forward); - - /** - * Get a list of nested traffic selectors as traffic_selector_t. - * - * Resulting list and its traffic selectors must be destroyed after usage - * - * @return list of traffic selectors - */ - linked_list_t *(*get_traffic_selectors) (ts_payload_t *this); - - /** - * Destroys an ts_payload_t object. - */ - void (*destroy) (ts_payload_t *this); -}; - -/** - * Creates an empty ts_payload_t object. - * - * @param is_initiator - * - TRUE if this payload is of type TSi - * - FALSE if this payload is of type TSr - * @return ts_payload_t object - */ -ts_payload_t *ts_payload_create(bool is_initiator); - -/** - * Creates ts_payload with a list of traffic_selector_t - * - * @param is_initiator - * - TRUE if this payload is of type TSi - * - FALSE if this payload is of type TSr - * @param traffic_selectors list of traffic selectors to include - * @return ts_payload_t object - */ -ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, - linked_list_t *traffic_selectors); - -#endif /** TS_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/unknown_payload.c b/src/charon/encoding/payloads/unknown_payload.c deleted file mode 100644 index dd5547dc3..000000000 --- a/src/charon/encoding/payloads/unknown_payload.c +++ /dev/null @@ -1,201 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "unknown_payload.h" - - - -typedef struct private_unknown_payload_t private_unknown_payload_t; - -/** - * Private data of an unknown_payload_t object. - */ -struct private_unknown_payload_t { - - /** - * Public unknown_payload_t interface. - */ - unknown_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * The contained data. - */ - chunk_t data; -}; - -/** - * Encoding rules to parse an payload which is not further specified. - * - * The defined offsets are the positions in a object of type - * private_unknown_payload_t. - * - */ -encoding_rule_t unknown_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_unknown_payload_t, next_payload)}, - /* the critical bit */ - { FLAG, offsetof(private_unknown_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_unknown_payload_t, payload_length)}, - /* some unknown data bytes, length is defined in PAYLOAD_LENGTH */ - { UNKNOWN_DATA, offsetof(private_unknown_payload_t, data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! ! - ~ Data of any type ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_unknown_payload_t *this) -{ - /* can't do any checks, so we assume its good */ - return SUCCESS; -} - -/** - * Implementation of payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_unknown_payload_t *this, encoding_rule_t **rules, size_t *rule_count) -{ - *rules = unknown_payload_encodings; - *rule_count = sizeof(unknown_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_unknown_payload_t *this) -{ - return UNKNOWN_PAYLOAD; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_unknown_payload_t *this) -{ - return (this->next_payload); -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_unknown_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_unknown_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of unknown_payload_t.get_data. - */ -static bool is_critical(private_unknown_payload_t *this) -{ - return this->critical; -} - -/** - * Implementation of unknown_payload_t.get_data. - */ -static chunk_t get_data (private_unknown_payload_t *this) -{ - return (this->data); -} - -/** - * Implementation of payload_t.destroy and unknown_payload_t.destroy. - */ -static void destroy(private_unknown_payload_t *this) -{ - if (this->data.ptr != NULL) - { - chunk_free(&(this->data)); - } - - free(this); -} - -/* - * Described in header - */ -unknown_payload_t *unknown_payload_create() -{ - private_unknown_payload_t *this = malloc_thing(private_unknown_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (unknown_payload_t *)) destroy; - this->public.is_critical = (bool (*) (unknown_payload_t *)) is_critical; - this->public.get_data = (chunk_t (*) (unknown_payload_t *)) get_data; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = UNKNOWN_PAYLOAD_HEADER_LENGTH; - this->data = chunk_empty; - - return (&(this->public)); -} diff --git a/src/charon/encoding/payloads/unknown_payload.h b/src/charon/encoding/payloads/unknown_payload.h deleted file mode 100644 index c761ed2b6..000000000 --- a/src/charon/encoding/payloads/unknown_payload.h +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (C) 2005-2006 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup unknown_payload unknown_payload - * @{ @ingroup payloads - */ - -#ifndef UNKNOWN_PAYLOAD_H_ -#define UNKNOWN_PAYLOAD_H_ - -typedef struct unknown_payload_t unknown_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> - -/** - * Header length of the unknown payload. - */ -#define UNKNOWN_PAYLOAD_HEADER_LENGTH 4 - -/** - * Payload which can't be processed further. - * - * When the parser finds an unknown payload, he builds an instance of - * this class. This allows further processing of this payload, such as - * a check for the critical bit in the header. - */ -struct unknown_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the raw data of this payload, without - * the generic payload header. - * - * Returned data are NOT copied and must not be freed. - * - * @return data as chunk_t - */ - chunk_t (*get_data) (unknown_payload_t *this); - - /** - * Get the critical flag. - * - * @return TRUE if payload is critical, FALSE if not - */ - bool (*is_critical) (unknown_payload_t *this); - - /** - * Destroys an unknown_payload_t object. - */ - void (*destroy) (unknown_payload_t *this); -}; - -/** - * Creates an empty unknown_payload_t object. - * - * @return unknown_payload_t object - */ -unknown_payload_t *unknown_payload_create(void); - -#endif /** UNKNOWN_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/vendor_id_payload.c b/src/charon/encoding/payloads/vendor_id_payload.c deleted file mode 100644 index bf33d2418..000000000 --- a/src/charon/encoding/payloads/vendor_id_payload.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -#include <stddef.h> - -#include "vendor_id_payload.h" - -typedef struct private_vendor_id_payload_t private_vendor_id_payload_t; - -/** - * Private data of an vendor_id_payload_t object. - */ -struct private_vendor_id_payload_t { - - /** - * Public vendor_id_payload_t interface. - */ - vendor_id_payload_t public; - - /** - * Next payload type. - */ - u_int8_t next_payload; - - /** - * Critical flag. - */ - bool critical; - - /** - * Length of this payload. - */ - u_int16_t payload_length; - - /** - * The contained data. - */ - chunk_t data; -}; - -/** - * Encoding rules to parse or generate a VENDOR ID payload - * - * The defined offsets are the positions in a object of type - * private_vendor_id_payload_t. - */ -encoding_rule_t vendor_id_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_vendor_id_payload_t, next_payload) }, - /* the critical bit */ - { FLAG, offsetof(private_vendor_id_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_vendor_id_payload_t, payload_length)}, - /* some vendor_id data bytes, length is defined in PAYLOAD_LENGTH */ - { VID_DATA, offsetof(private_vendor_id_payload_t, data) } -}; - -/* - 1 2 3 - 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! Next Payload !C! RESERVED ! Payload Length ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - + ! - ~ VID Data ~ - ! ! - +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -*/ - -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_vendor_id_payload_t *this) -{ - return SUCCESS; -} - -/** - * Implementation of vendor_id_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_vendor_id_payload_t *this, - encoding_rule_t **rules, size_t *rule_count) -{ - *rules = vendor_id_payload_encodings; - *rule_count = sizeof(vendor_id_payload_encodings) / sizeof(encoding_rule_t); -} - -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_vendor_id_payload_t *this) -{ - return VENDOR_ID; -} - -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_vendor_id_payload_t *this) -{ - return this->next_payload; -} - -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_vendor_id_payload_t *this,payload_type_t type) -{ - this->next_payload = type; -} - -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_vendor_id_payload_t *this) -{ - return this->payload_length; -} - -/** - * Implementation of vendor_id_payload_t.get_data. - */ -static chunk_t get_data(private_vendor_id_payload_t *this) -{ - return this->data; -} - -/** - * Implementation of payload_t.destroy and vendor_id_payload_t.destroy. - */ -static void destroy(private_vendor_id_payload_t *this) -{ - free(this->data.ptr); - free(this); -} - -/* - * Described in header - */ -vendor_id_payload_t *vendor_id_payload_create() -{ - private_vendor_id_payload_t *this = malloc_thing(private_vendor_id_payload_t); - - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - this->public.get_data = (chunk_t (*) (vendor_id_payload_t *)) get_data; - - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = VENDOR_ID_PAYLOAD_HEADER_LENGTH; - this->data = chunk_empty; - - return &this->public; -} - -/* - * Described in header - */ -vendor_id_payload_t *vendor_id_payload_create_data(chunk_t data) -{ - private_vendor_id_payload_t *this; - - this = (private_vendor_id_payload_t*)vendor_id_payload_create(); - this->payload_length += data.len; - this->data = data; - - return &this->public; -} - diff --git a/src/charon/encoding/payloads/vendor_id_payload.h b/src/charon/encoding/payloads/vendor_id_payload.h deleted file mode 100644 index 241535cac..000000000 --- a/src/charon/encoding/payloads/vendor_id_payload.h +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (C) 2005-2009 Martin Willi - * Copyright (C) 2005 Jan Hutter - * Hochschule fuer Technik Rapperswil - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - */ - -/** - * @defgroup vendor_id_payload vendor_id_payload - * @{ @ingroup payloads - */ - -#ifndef VENDOR_ID_PAYLOAD_H_ -#define VENDOR_ID_PAYLOAD_H_ - -typedef struct vendor_id_payload_t vendor_id_payload_t; - -#include <library.h> -#include <encoding/payloads/payload.h> - -/** - * Length of a VENDOR ID payload without the VID data in bytes. - */ -#define VENDOR_ID_PAYLOAD_HEADER_LENGTH 4 - -/** - * Class representing an IKEv2 VENDOR ID payload. - * - * The VENDOR ID payload format is described in RFC section 3.12. - */ -struct vendor_id_payload_t { - - /** - * The payload_t interface. - */ - payload_t payload_interface; - - /** - * Get the VID data. - * - * @return VID data, pointing to an internal chunk_t - */ - chunk_t (*get_data)(vendor_id_payload_t *this); -}; - -/** - * Creates an empty Vendor ID payload. - * - * @return vendor ID payload - */ -vendor_id_payload_t *vendor_id_payload_create(); - -/** - * Creates a vendor ID payload using a chunk of data - * - * @param data data to use in vendor ID payload, gets owned by payload - * @return vendor ID payload - */ -vendor_id_payload_t *vendor_id_payload_create_data(chunk_t data); - -#endif /** VENDOR_ID_PAYLOAD_H_ @}*/ |