]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/libcharon/encoding/payloads/proposal_substructure.c
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Support IKEv1 proposal encodings having both lifebytes and a lifetime
[thirdparty/strongswan.git] / src / libcharon / encoding / payloads / proposal_substructure.c
1 /*
2 * Copyright (C) 2005-2010 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include <stddef.h>
18
19 #include "proposal_substructure.h"
20
21 #include <encoding/payloads/encodings.h>
22 #include <encoding/payloads/transform_substructure.h>
23 #include <library.h>
24 #include <utils/linked_list.h>
25 #include <daemon.h>
26
27 /**
28 * IKEv2 Value for a proposal payload.
29 */
30 #define PROPOSAL_TYPE_VALUE 2
31
32 typedef struct private_proposal_substructure_t private_proposal_substructure_t;
33
34 /**
35 * Private data of an proposal_substructure_t object.
36 */
37 struct private_proposal_substructure_t {
38
39 /**
40 * Public proposal_substructure_t interface.
41 */
42 proposal_substructure_t public;
43
44 /**
45 * Next payload type.
46 */
47 u_int8_t next_payload;
48
49 /**
50 * reserved byte
51 */
52 u_int8_t reserved;
53
54 /**
55 * Length of this payload.
56 */
57 u_int16_t proposal_length;
58
59 /**
60 * Proposal number.
61 */
62 u_int8_t proposal_number;
63
64 /**
65 * Protocol ID.
66 */
67 u_int8_t protocol_id;
68
69 /**
70 * SPI size of the following SPI.
71 */
72 u_int8_t spi_size;
73
74 /**
75 * Number of transforms.
76 */
77 u_int8_t transforms_count;
78
79 /**
80 * SPI is stored as chunk.
81 */
82 chunk_t spi;
83
84 /**
85 * Transforms are stored in a linked_list_t.
86 */
87 linked_list_t *transforms;
88
89 /**
90 * Type of this payload, PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
91 */
92 payload_type_t type;
93 };
94
95 /**
96 * Encoding rules for a IKEv1 Proposal substructure.
97 */
98 static encoding_rule_t encodings_v1[] = {
99 /* 1 Byte next payload type, stored in the field next_payload */
100 { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) },
101 /* 1 Reserved Byte */
102 { RESERVED_BYTE, offsetof(private_proposal_substructure_t, reserved) },
103 /* Length of the whole proposal substructure payload*/
104 { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) },
105 /* proposal number is a number of 8 bit */
106 { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) },
107 /* protocol ID is a number of 8 bit */
108 { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) },
109 /* SPI Size has its own type */
110 { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) },
111 /* Number of transforms is a number of 8 bit */
112 { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) },
113 /* SPI is a chunk of variable size*/
114 { SPI, offsetof(private_proposal_substructure_t, spi) },
115 /* Transforms are stored in a transform substructure list */
116 { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1,
117 offsetof(private_proposal_substructure_t, transforms) },
118 };
119
120 /**
121 * Encoding rules for a IKEv2 Proposal substructure.
122 */
123 static encoding_rule_t encodings_v2[] = {
124 /* 1 Byte next payload type, stored in the field next_payload */
125 { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) },
126 /* 1 Reserved Byte */
127 { RESERVED_BYTE, offsetof(private_proposal_substructure_t, reserved) },
128 /* Length of the whole proposal substructure payload*/
129 { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) },
130 /* proposal number is a number of 8 bit */
131 { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) },
132 /* protocol ID is a number of 8 bit */
133 { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) },
134 /* SPI Size has its own type */
135 { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) },
136 /* Number of transforms is a number of 8 bit */
137 { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) },
138 /* SPI is a chunk of variable size*/
139 { SPI, offsetof(private_proposal_substructure_t, spi) },
140 /* Transforms are stored in a transform substructure list */
141 { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE,
142 offsetof(private_proposal_substructure_t, transforms) },
143 };
144
145 /*
146 1 2 3
147 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
148 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
149 ! 0 (last) or 2 ! RESERVED ! Proposal Length !
150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
151 ! Proposal # ! Protocol ID ! SPI Size !# of Transforms!
152 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
153 ~ SPI (variable) ~
154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
155 ! !
156 ~ <Transforms> ~
157 ! !
158 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
159 */
160
161 /**
162 * Encryption.
163 */
164 typedef enum {
165 IKEV1_ENCR_DES_CBC = 1,
166 IKEV1_ENCR_IDEA_CBC = 2,
167 IKEV1_ENCR_BLOWFISH_CBC = 3,
168 IKEV1_ENCR_RC5_R16_B64_CBC = 4,
169 IKEV1_ENCR_3DES_CBC = 5,
170 IKEV1_ENCR_CAST_CBC = 6,
171 IKEV1_ENCR_AES_CBC = 7,
172 IKEV1_ENCR_CAMELLIA_CBC = 8,
173 IKEV1_ENCR_LAST = 9,
174 } ikev1_encryption_t;
175
176 /**
177 * IKEv1 hash.
178 */
179 typedef enum {
180 IKEV1_HASH_MD5 = 1,
181 IKEV1_HASH_SHA1 = 2,
182 IKEV1_HASH_TIGER = 3,
183 IKEV1_HASH_SHA2_256 = 4,
184 IKEV1_HASH_SHA2_384 = 5,
185 IKEV1_HASH_SHA2_512 = 6,
186 } ikev1_hash_t;
187
188 /**
189 * IKEv1 Transform ID IKE.
190 */
191 typedef enum {
192 IKEV1_TRANSID_KEY_IKE = 1,
193 } ikev1_ike_transid_t;
194
195 /**
196 * IKEv1 Transform ID ESP.
197 */
198 typedef enum {
199 IKEV1_TRANSID_ESP_DES_IV64 = 1,
200 IKEV1_TRANSID_ESP_DES = 2,
201 IKEV1_TRANSID_ESP_3DES = 3,
202 IKEV1_TRANSID_ESP_RC5 = 4,
203 IKEV1_TRANSID_ESP_IDEA = 5,
204 IKEV1_TRANSID_ESP_CAST = 6,
205 IKEV1_TRANSID_ESP_BLOWFISH = 7,
206 IKEV1_TRANSID_ESP_3IDEA = 8,
207 IKEV1_TRANSID_ESP_DES_IV32 = 9,
208 IKEV1_TRANSID_ESP_RC4 = 10,
209 IKEV1_TRANSID_ESP_NULL = 11,
210 IKEV1_TRANSID_ESP_AES_CBC = 12,
211 } ikev1_esp_transid_t;
212
213 /**
214 * IKEv1 ESP Encapsulation mode.
215 */
216 typedef enum {
217 IKEV1_ENCAP_TUNNEL = 1,
218 IKEV1_ENCAP_TRANSPORT = 2,
219 IKEV1_ENCAP_UDP_TUNNEL = 3,
220 IKEV1_ENCAP_UDP_TRANSPORT = 4,
221 } ikev1_esp_encap_t;
222
223 /**
224 * IKEv1 Life duration types.
225 */
226 typedef enum {
227 IKEV1_LIFE_TYPE_SECONDS = 1,
228 IKEV1_LIFE_TYPE_KILOBYTES = 2,
229 } ikev1_life_type_t;
230
231 /**
232 * IKEv1 authenticaiton methods
233 */
234 typedef enum {
235 IKEV1_AUTH_PSK = 1,
236 IKEV1_AUTH_DSS_SIG = 2,
237 IKEV1_AUTH_RSA_SIG = 3,
238 IKEV1_AUTH_RSA_ENC = 4,
239 IKEV1_AUTH_RSA_ENC_REV = 5,
240 IKEV1_AUTH_XAUTH_INIT_PSK = 65001,
241 IKEV1_AUTH_XAUTH_RESP_PSK = 65002,
242 IKEV1_AUTH_XAUTH_INIT_DSS = 65003,
243 IKEV1_AUTH_XAUTH_RESP_DSS = 65004,
244 IKEV1_AUTH_XAUTH_INIT_RSA = 65005,
245 IKEV1_AUTH_XAUTH_RESP_RSA = 65006,
246 IKEV1_AUTH_XAUTH_INIT_RSA_ENC = 65007,
247 IKEV1_AUTH_XAUTH_RESP_RSA_ENC = 65008,
248 IKEV1_AUTH_XAUTH_INIT_RSA_ENC_REV = 65009,
249 IKEV1_AUTH_XAUTH_RESP_RSA_ENC_REV = 65010,
250 IKEV1_AUTH_HYBRID_INIT_RSA = 64221,
251 IKEV1_AUTH_HYBRID_RESP_RSA = 64222,
252 IKEV1_AUTH_HYBRID_INIT_DSS = 64223,
253 IKEV1_AUTH_HYBRID_RESP_DSS = 64224,
254
255 } ikev1_auth_method_t;
256
257 METHOD(payload_t, verify, status_t,
258 private_proposal_substructure_t *this)
259 {
260 status_t status = SUCCESS;
261 enumerator_t *enumerator;
262 payload_t *current;
263
264 if (this->next_payload != NO_PAYLOAD && this->next_payload != 2)
265 {
266 /* must be 0 or 2 */
267 DBG1(DBG_ENC, "inconsistent next payload");
268 return FAILED;
269 }
270 if (this->transforms_count != this->transforms->get_count(this->transforms))
271 {
272 /* must be the same! */
273 DBG1(DBG_ENC, "transform count invalid");
274 return FAILED;
275 }
276
277 switch (this->protocol_id)
278 {
279 case PROTO_AH:
280 case PROTO_ESP:
281 if (this->spi.len != 4)
282 {
283 DBG1(DBG_ENC, "invalid SPI length in %N proposal",
284 protocol_id_names, this->protocol_id);
285 return FAILED;
286 }
287 break;
288 case PROTO_IKE:
289 if (this->spi.len != 0 && this->spi.len != 8)
290 {
291 DBG1(DBG_ENC, "invalid SPI length in IKE proposal");
292 return FAILED;
293 }
294 break;
295 default:
296 break;
297 }
298 enumerator = this->transforms->create_enumerator(this->transforms);
299 while (enumerator->enumerate(enumerator, &current))
300 {
301 status = current->verify(current);
302 if (status != SUCCESS)
303 {
304 DBG1(DBG_ENC, "TRANSFORM_SUBSTRUCTURE verification failed");
305 break;
306 }
307 }
308 enumerator->destroy(enumerator);
309
310 /* proposal number is checked in SA payload */
311 return status;
312 }
313
314 METHOD(payload_t, get_encoding_rules, int,
315 private_proposal_substructure_t *this, encoding_rule_t **rules)
316 {
317 if (this->type == PROPOSAL_SUBSTRUCTURE)
318 {
319 *rules = encodings_v2;
320 return countof(encodings_v2);
321 }
322 *rules = encodings_v1;
323 return countof(encodings_v1);
324 }
325
326 METHOD(payload_t, get_header_length, int,
327 private_proposal_substructure_t *this)
328 {
329 return 8 + this->spi_size;
330 }
331
332 METHOD(payload_t, get_type, payload_type_t,
333 private_proposal_substructure_t *this)
334 {
335 return this->type;
336 }
337
338 METHOD(payload_t, get_next_type, payload_type_t,
339 private_proposal_substructure_t *this)
340 {
341 return this->next_payload;
342 }
343
344 METHOD(payload_t, set_next_type, void,
345 private_proposal_substructure_t *this, payload_type_t type)
346 {
347 }
348
349 /**
350 * (re-)compute the length of the payload.
351 */
352 static void compute_length(private_proposal_substructure_t *this)
353 {
354 enumerator_t *enumerator;
355 payload_t *transform;
356
357 this->transforms_count = 0;
358 this->proposal_length = get_header_length(this);
359 enumerator = this->transforms->create_enumerator(this->transforms);
360 while (enumerator->enumerate(enumerator, &transform))
361 {
362 this->proposal_length += transform->get_length(transform);
363 this->transforms_count++;
364 }
365 enumerator->destroy(enumerator);
366 }
367
368 METHOD(payload_t, get_length, size_t,
369 private_proposal_substructure_t *this)
370 {
371 return this->proposal_length;
372 }
373
374 /**
375 * Add a transform substructure to the proposal
376 */
377 static void add_transform_substructure(private_proposal_substructure_t *this,
378 transform_substructure_t *transform)
379 {
380 if (this->transforms->get_count(this->transforms) > 0)
381 {
382 transform_substructure_t *last;
383
384 this->transforms->get_last(this->transforms, (void **)&last);
385 last->set_is_last_transform(last, FALSE);
386 }
387 transform->set_is_last_transform(transform,TRUE);
388 this->transforms->insert_last(this->transforms, transform);
389 compute_length(this);
390 }
391
392 METHOD(proposal_substructure_t, set_is_last_proposal, void,
393 private_proposal_substructure_t *this, bool is_last)
394 {
395 this->next_payload = is_last ? 0 : PROPOSAL_TYPE_VALUE;
396 }
397
398 METHOD(proposal_substructure_t, set_proposal_number, void,
399 private_proposal_substructure_t *this,u_int8_t proposal_number)
400 {
401 this->proposal_number = proposal_number;
402 }
403
404 METHOD(proposal_substructure_t, get_proposal_number, u_int8_t,
405 private_proposal_substructure_t *this)
406 {
407 return this->proposal_number;
408 }
409
410 METHOD(proposal_substructure_t, set_protocol_id, void,
411 private_proposal_substructure_t *this,u_int8_t protocol_id)
412 {
413 this->protocol_id = protocol_id;
414 }
415
416 METHOD(proposal_substructure_t, get_protocol_id, u_int8_t,
417 private_proposal_substructure_t *this)
418 {
419 return this->protocol_id;
420 }
421
422 METHOD(proposal_substructure_t, set_spi, void,
423 private_proposal_substructure_t *this, chunk_t spi)
424 {
425 free(this->spi.ptr);
426 this->spi = chunk_clone(spi);
427 this->spi_size = spi.len;
428 compute_length(this);
429 }
430
431 METHOD(proposal_substructure_t, get_spi, chunk_t,
432 private_proposal_substructure_t *this)
433 {
434 return this->spi;
435 }
436
437 /**
438 * Add a transform to a proposal for IKEv2
439 */
440 static void add_to_proposal_v2(proposal_t *proposal,
441 transform_substructure_t *transform)
442 {
443 transform_attribute_t *tattr;
444 enumerator_t *enumerator;
445 u_int16_t key_length = 0;
446
447 enumerator = transform->create_attribute_enumerator(transform);
448 while (enumerator->enumerate(enumerator, &tattr))
449 {
450 if (tattr->get_attribute_type(tattr) == TATTR_IKEV2_KEY_LENGTH)
451 {
452 key_length = tattr->get_value(tattr);
453 break;
454 }
455 }
456 enumerator->destroy(enumerator);
457
458 proposal->add_algorithm(proposal,
459 transform->get_transform_type_or_number(transform),
460 transform->get_transform_id(transform), key_length);
461 }
462
463 /**
464 * Map IKEv1 to IKEv2 algorithms
465 */
466 typedef struct {
467 u_int16_t ikev1;
468 u_int16_t ikev2;
469 } algo_map_t;
470
471 /**
472 * Encryption algorithm mapping
473 */
474 static algo_map_t map_encr[] = {
475 { IKEV1_ENCR_DES_CBC, ENCR_DES },
476 { IKEV1_ENCR_IDEA_CBC, ENCR_IDEA },
477 { IKEV1_ENCR_BLOWFISH_CBC, ENCR_BLOWFISH },
478 { IKEV1_ENCR_3DES_CBC, ENCR_3DES },
479 { IKEV1_ENCR_CAST_CBC, ENCR_CAST },
480 { IKEV1_ENCR_AES_CBC, ENCR_AES_CBC },
481 { IKEV1_ENCR_CAMELLIA_CBC, ENCR_CAMELLIA_CBC },
482 };
483
484 /**
485 * Integrity algorithm mapping
486 */
487 static algo_map_t map_integ[] = {
488 { IKEV1_HASH_MD5, AUTH_HMAC_MD5_96 },
489 { IKEV1_HASH_SHA1, AUTH_HMAC_SHA1_96 },
490 { IKEV1_HASH_SHA2_256, AUTH_HMAC_SHA2_256_128 },
491 { IKEV1_HASH_SHA2_384, AUTH_HMAC_SHA2_384_192 },
492 { IKEV1_HASH_SHA2_512, AUTH_HMAC_SHA2_512_256 },
493 };
494
495 /**
496 * PRF algorithm mapping
497 */
498 static algo_map_t map_prf[] = {
499 { IKEV1_HASH_MD5, PRF_HMAC_MD5 },
500 { IKEV1_HASH_SHA1, PRF_HMAC_SHA1 },
501 { IKEV1_HASH_SHA2_256, PRF_HMAC_SHA2_256 },
502 { IKEV1_HASH_SHA2_384, PRF_HMAC_SHA2_384 },
503 { IKEV1_HASH_SHA2_512, PRF_HMAC_SHA2_512 },
504 };
505
506 /**
507 * Get IKEv2 algorithm from IKEv1 identifier
508 */
509 static u_int16_t get_alg_from_ikev1(transform_type_t type, u_int16_t value)
510 {
511 algo_map_t *map;
512 u_int16_t def;
513 int i, count;
514
515 switch (type)
516 {
517 case ENCRYPTION_ALGORITHM:
518 map = map_encr;
519 count = countof(map_encr);
520 def = ENCR_UNDEFINED;
521 break;
522 case INTEGRITY_ALGORITHM:
523 map = map_integ;
524 count = countof(map_integ);
525 def = AUTH_UNDEFINED;
526 break;
527 case PSEUDO_RANDOM_FUNCTION:
528 map = map_prf;
529 count = countof(map_prf);
530 def = PRF_UNDEFINED;
531 break;
532 default:
533 return 0;
534 }
535 for (i = 0; i < count; i++)
536 {
537 if (map[i].ikev1 == value)
538 {
539 return map[i].ikev2;
540 }
541 }
542 return def;
543 }
544
545 /**
546 * Get IKEv1 algorithm from IKEv2 identifier
547 */
548 static u_int16_t get_ikev1_from_alg(transform_type_t type, u_int16_t value)
549 {
550 algo_map_t *map;
551 int i, count;
552
553 switch (type)
554 {
555 case ENCRYPTION_ALGORITHM:
556 map = map_encr;
557 count = countof(map_encr);
558 break;
559 case INTEGRITY_ALGORITHM:
560 map = map_integ;
561 count = countof(map_integ);
562 break;
563 case PSEUDO_RANDOM_FUNCTION:
564 map = map_prf;
565 count = countof(map_prf);
566 break;
567 default:
568 return 0;
569 }
570 for (i = 0; i < count; i++)
571 {
572 if (map[i].ikev2 == value)
573 {
574 return map[i].ikev1;
575 }
576 }
577 return 0;
578 }
579
580 /**
581 * Get IKEv1 authentication attribute from auth_method_t
582 */
583 static u_int16_t get_ikev1_auth(auth_method_t method)
584 {
585 switch (method)
586 {
587 case AUTH_RSA:
588 return IKEV1_AUTH_RSA_SIG;
589 case AUTH_DSS:
590 return IKEV1_AUTH_DSS_SIG;
591 case AUTH_XAUTH_INIT_PSK:
592 return IKEV1_AUTH_XAUTH_INIT_PSK;
593 case AUTH_XAUTH_INIT_RSA:
594 return IKEV1_AUTH_XAUTH_INIT_RSA;
595 case AUTH_HYBRID_INIT_RSA:
596 return IKEV1_AUTH_HYBRID_INIT_RSA;
597 default:
598 /* TODO-IKEv1: Handle other XAUTH methods */
599 /* TODO-IKEv1: Handle ECDSA methods */
600 case AUTH_PSK:
601 return IKEV1_AUTH_PSK;
602 }
603 }
604
605 /**
606 * Get IKEv1 encapsulation mode
607 */
608 static u_int16_t get_ikev1_mode(ipsec_mode_t mode, bool udp)
609 {
610 switch (mode)
611 {
612 case MODE_TUNNEL:
613 return udp ? IKEV1_ENCAP_UDP_TUNNEL : IKEV1_ENCAP_TUNNEL;
614 case MODE_TRANSPORT:
615 return udp ? IKEV1_ENCAP_UDP_TRANSPORT : IKEV1_ENCAP_TRANSPORT;
616 default:
617 return IKEV1_ENCAP_TUNNEL;
618 }
619 }
620
621 /**
622 * Add an IKE transform to a proposal for IKEv1
623 */
624 static void add_to_proposal_v1_ike(proposal_t *proposal,
625 transform_substructure_t *transform)
626 {
627 transform_attribute_type_t type;
628 transform_attribute_t *tattr;
629 enumerator_t *enumerator;
630 u_int16_t value, key_length = 0;
631 u_int16_t encr = ENCR_UNDEFINED;
632
633 enumerator = transform->create_attribute_enumerator(transform);
634 while (enumerator->enumerate(enumerator, &tattr))
635 {
636 type = tattr->get_attribute_type(tattr);
637 value = tattr->get_value(tattr);
638 switch (type)
639 {
640 case TATTR_PH1_ENCRYPTION_ALGORITHM:
641 encr = get_alg_from_ikev1(ENCRYPTION_ALGORITHM, value);
642 break;
643 case TATTR_PH1_KEY_LENGTH:
644 key_length = value;
645 break;
646 case TATTR_PH1_HASH_ALGORITHM:
647 proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM,
648 get_alg_from_ikev1(INTEGRITY_ALGORITHM, value), 0);
649 proposal->add_algorithm(proposal, PSEUDO_RANDOM_FUNCTION,
650 get_alg_from_ikev1(PSEUDO_RANDOM_FUNCTION, value), 0);
651 break;
652 case TATTR_PH1_GROUP:
653 proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
654 value, 0);
655 break;
656 default:
657 /* TODO-IKEv1: lifetimes, authentication and other attributes */
658 break;
659 }
660 }
661 enumerator->destroy(enumerator);
662
663 if (encr != ENCR_UNDEFINED)
664 {
665 proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr, key_length);
666 }
667 }
668
669 /**
670 * Add an ESP transform to a proposal for IKEv1
671 */
672 static void add_to_proposal_v1_esp(proposal_t *proposal,
673 transform_substructure_t *transform)
674 {
675 transform_attribute_type_t type;
676 transform_attribute_t *tattr;
677 enumerator_t *enumerator;
678 u_int16_t value, key_length = 0;
679
680 enumerator = transform->create_attribute_enumerator(transform);
681 while (enumerator->enumerate(enumerator, &tattr))
682 {
683 type = tattr->get_attribute_type(tattr);
684 value = tattr->get_value(tattr);
685 switch (type)
686 {
687 case TATTR_PH2_KEY_LENGTH:
688 key_length = value;
689 break;
690 case TATTR_PH2_AUTH_ALGORITHM:
691 proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM,
692 get_alg_from_ikev1(INTEGRITY_ALGORITHM, value), 0);
693 break;
694 case TATTR_PH2_GROUP:
695 proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
696 value, 0);
697 break;
698 default:
699 /* TODO-IKEv1: lifetimes other attributes */
700 break;
701 }
702 }
703 enumerator->destroy(enumerator);
704
705 /* TODO-IKEv1: handle ESN attribute */
706 proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS,
707 NO_EXT_SEQ_NUMBERS, 0);
708
709 proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM,
710 transform->get_transform_id(transform), key_length);
711 }
712
713 METHOD(proposal_substructure_t, get_proposals, void,
714 private_proposal_substructure_t *this, linked_list_t *proposals)
715 {
716 transform_substructure_t *transform;
717 enumerator_t *enumerator;
718 proposal_t *proposal = NULL;
719 u_int64_t spi = 0;
720
721 switch (this->spi.len)
722 {
723 case 4:
724 spi = *((u_int32_t*)this->spi.ptr);
725 break;
726 case 8:
727 spi = *((u_int64_t*)this->spi.ptr);
728 break;
729 default:
730 break;
731 }
732
733 enumerator = this->transforms->create_enumerator(this->transforms);
734 while (enumerator->enumerate(enumerator, &transform))
735 {
736 if (!proposal)
737 {
738 proposal = proposal_create(this->protocol_id, this->proposal_number);
739 proposal->set_spi(proposal, spi);
740 proposals->insert_last(proposals, proposal);
741 }
742 if (this->type == PROPOSAL_SUBSTRUCTURE)
743 {
744 add_to_proposal_v2(proposal, transform);
745 }
746 else
747 {
748 switch (this->protocol_id)
749 {
750 case PROTO_IKE:
751 add_to_proposal_v1_ike(proposal, transform);
752 break;
753 case PROTO_ESP:
754 add_to_proposal_v1_esp(proposal, transform);
755 break;
756 default:
757 break;
758 }
759 /* create a new proposal for each transform in IKEv1 */
760 proposal = NULL;
761 }
762 }
763 enumerator->destroy(enumerator);
764 }
765
766 METHOD(proposal_substructure_t, create_substructure_enumerator, enumerator_t*,
767 private_proposal_substructure_t *this)
768 {
769 return this->transforms->create_enumerator(this->transforms);
770 }
771
772 /**
773 * Get an attribute from any transform, 0 if not found
774 */
775 static u_int64_t get_attr(private_proposal_substructure_t *this,
776 transform_attribute_type_t type)
777 {
778 enumerator_t *transforms, *attributes;
779 transform_substructure_t *transform;
780 transform_attribute_t *attr;
781
782 transforms = this->transforms->create_enumerator(this->transforms);
783 while (transforms->enumerate(transforms, &transform))
784 {
785 attributes = transform->create_attribute_enumerator(transform);
786 while (attributes->enumerate(attributes, &attr))
787 {
788 if (attr->get_attribute_type(attr) == type)
789 {
790 attributes->destroy(attributes);
791 transforms->destroy(transforms);
792 return attr->get_value(attr);
793 }
794 }
795 attributes->destroy(attributes);
796 }
797 transforms->destroy(transforms);
798 return 0;
799 }
800
801 /**
802 * Look up a lifetime duration of a given kind in all transforms
803 */
804 static u_int64_t get_life_duration(private_proposal_substructure_t *this,
805 transform_attribute_type_t type_attr, ikev1_life_type_t type,
806 transform_attribute_type_t dur_attr)
807 {
808 enumerator_t *transforms, *attributes;
809 transform_substructure_t *transform;
810 transform_attribute_t *attr;
811
812 transforms = this->transforms->create_enumerator(this->transforms);
813 while (transforms->enumerate(transforms, &transform))
814 {
815 attributes = transform->create_attribute_enumerator(transform);
816 while (attributes->enumerate(attributes, &attr))
817 {
818 if (attr->get_attribute_type(attr) == type_attr &&
819 attr->get_value(attr) == type)
820 { /* got type attribute, look for duration following next */
821 while (attributes->enumerate(attributes, &attr))
822 {
823 if (attr->get_attribute_type(attr) == dur_attr)
824 {
825 attributes->destroy(attributes);
826 transforms->destroy(transforms);
827 return attr->get_value(attr);
828 }
829 }
830 }
831 }
832 attributes->destroy(attributes);
833 }
834 transforms->destroy(transforms);
835 return 0;
836 }
837
838 METHOD(proposal_substructure_t, get_lifetime, u_int32_t,
839 private_proposal_substructure_t *this)
840 {
841 u_int32_t duration;
842
843 switch (this->protocol_id)
844 {
845 case PROTO_IKE:
846 return get_life_duration(this, TATTR_PH1_LIFE_TYPE,
847 IKEV1_LIFE_TYPE_SECONDS, TATTR_PH1_LIFE_DURATION);
848 case PROTO_ESP:
849 duration = get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE,
850 IKEV1_LIFE_TYPE_SECONDS, TATTR_PH2_SA_LIFE_DURATION);
851 if (!duration)
852 { /* default to 8 hours, RFC 2407 */
853 return 28800;
854 }
855 return duration;
856 default:
857 return 0;
858 }
859 }
860
861 METHOD(proposal_substructure_t, get_lifebytes, u_int64_t,
862 private_proposal_substructure_t *this)
863 {
864 switch (this->protocol_id)
865 {
866 case PROTO_ESP:
867 return 1000 * get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE,
868 IKEV1_LIFE_TYPE_KILOBYTES, TATTR_PH2_SA_LIFE_DURATION);
869 case PROTO_IKE:
870 default:
871 return 0;
872 }
873 }
874
875 METHOD(proposal_substructure_t, get_auth_method, auth_method_t,
876 private_proposal_substructure_t *this)
877 {
878 switch (get_attr(this, TATTR_PH1_AUTH_METHOD))
879 {
880 case IKEV1_AUTH_PSK:
881 return AUTH_PSK;
882 case IKEV1_AUTH_RSA_SIG:
883 return AUTH_RSA;
884 case IKEV1_AUTH_DSS_SIG:
885 return AUTH_DSS;
886 case IKEV1_AUTH_XAUTH_INIT_PSK:
887 return AUTH_XAUTH_INIT_PSK;
888 case IKEV1_AUTH_XAUTH_INIT_RSA:
889 return AUTH_XAUTH_INIT_RSA;
890 case IKEV1_AUTH_HYBRID_INIT_RSA:
891 return AUTH_HYBRID_INIT_RSA;
892 default:
893 /* TODO-IKEv1: other XAUTH, ECDSA sigs */
894 return AUTH_NONE;
895 }
896 }
897
898 METHOD(proposal_substructure_t, get_encap_mode, ipsec_mode_t,
899 private_proposal_substructure_t *this, bool *udp)
900 {
901 *udp = FALSE;
902 switch (get_attr(this, TATTR_PH2_ENCAP_MODE))
903 {
904 case IKEV1_ENCAP_TRANSPORT:
905 return MODE_TRANSPORT;
906 case IKEV1_ENCAP_TUNNEL:
907 return MODE_TRANSPORT;
908 case IKEV1_ENCAP_UDP_TRANSPORT:
909 *udp = TRUE;
910 return MODE_TRANSPORT;
911 case IKEV1_ENCAP_UDP_TUNNEL:
912 *udp = TRUE;
913 return MODE_TUNNEL;
914 default:
915 /* default to TUNNEL, RFC 2407 says implementation specific */
916 return MODE_TUNNEL;
917 }
918 }
919
920 METHOD2(payload_t, proposal_substructure_t, destroy, void,
921 private_proposal_substructure_t *this)
922 {
923 this->transforms->destroy_offset(this->transforms,
924 offsetof(payload_t, destroy));
925 chunk_free(&this->spi);
926 free(this);
927 }
928
929 /*
930 * Described in header.
931 */
932 proposal_substructure_t *proposal_substructure_create(payload_type_t type)
933 {
934 private_proposal_substructure_t *this;
935
936 INIT(this,
937 .public = {
938 .payload_interface = {
939 .verify = _verify,
940 .get_encoding_rules = _get_encoding_rules,
941 .get_header_length = _get_header_length,
942 .get_length = _get_length,
943 .get_next_type = _get_next_type,
944 .set_next_type = _set_next_type,
945 .get_type = _get_type,
946 .destroy = _destroy,
947 },
948 .set_proposal_number = _set_proposal_number,
949 .get_proposal_number = _get_proposal_number,
950 .set_protocol_id = _set_protocol_id,
951 .get_protocol_id = _get_protocol_id,
952 .set_is_last_proposal = _set_is_last_proposal,
953 .get_proposals = _get_proposals,
954 .create_substructure_enumerator = _create_substructure_enumerator,
955 .set_spi = _set_spi,
956 .get_spi = _get_spi,
957 .get_lifetime = _get_lifetime,
958 .get_lifebytes = _get_lifebytes,
959 .get_auth_method = _get_auth_method,
960 .get_encap_mode = _get_encap_mode,
961 .destroy = _destroy,
962 },
963 .next_payload = NO_PAYLOAD,
964 .transforms = linked_list_create(),
965 .type = type,
966 );
967 compute_length(this);
968
969 return &this->public;
970 }
971
972 /**
973 * Add an IKEv1 IKE proposal to the substructure
974 */
975 static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
976 proposal_t *proposal, u_int32_t lifetime,
977 auth_method_t method, int number)
978 {
979 transform_substructure_t *transform;
980 u_int16_t alg, key_size;
981 enumerator_t *enumerator;
982
983 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
984 number, IKEV1_TRANSID_KEY_IKE);
985
986 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
987 if (enumerator->enumerate(enumerator, &alg, &key_size))
988 {
989 alg = get_ikev1_from_alg(ENCRYPTION_ALGORITHM, alg);
990 if (alg)
991 {
992 transform->add_transform_attribute(transform,
993 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
994 TATTR_PH1_ENCRYPTION_ALGORITHM, alg));
995 if (key_size)
996 {
997 transform->add_transform_attribute(transform,
998 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
999 TATTR_PH1_KEY_LENGTH, key_size));
1000 }
1001 }
1002 }
1003 enumerator->destroy(enumerator);
1004
1005 /* encode the integrity algorithm as hash and assume use the same PRF */
1006 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1007 if (enumerator->enumerate(enumerator, &alg, &key_size))
1008 {
1009 alg = get_ikev1_from_alg(INTEGRITY_ALGORITHM, alg);
1010 if (alg)
1011 {
1012 transform->add_transform_attribute(transform,
1013 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1014 TATTR_PH1_HASH_ALGORITHM, alg));
1015 }
1016 }
1017 enumerator->destroy(enumerator);
1018
1019 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1020 if (enumerator->enumerate(enumerator, &alg, &key_size))
1021 {
1022 transform->add_transform_attribute(transform,
1023 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1024 TATTR_PH1_GROUP, alg));
1025 }
1026 enumerator->destroy(enumerator);
1027
1028 transform->add_transform_attribute(transform,
1029 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1030 TATTR_PH1_AUTH_METHOD, get_ikev1_auth(method)));
1031 transform->add_transform_attribute(transform,
1032 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1033 TATTR_PH1_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
1034 transform->add_transform_attribute(transform,
1035 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1036 TATTR_PH1_LIFE_DURATION, lifetime));
1037
1038 add_transform_substructure(this, transform);
1039 }
1040
1041 /**
1042 * Add an IKEv1 ESP proposal to the substructure
1043 */
1044 static void set_from_proposal_v1_esp(private_proposal_substructure_t *this,
1045 proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
1046 ipsec_mode_t mode, bool udp, int number)
1047 {
1048 transform_substructure_t *transform = NULL;
1049 u_int16_t alg, key_size;
1050 enumerator_t *enumerator;
1051
1052 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
1053 if (enumerator->enumerate(enumerator, &alg, &key_size))
1054 {
1055 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
1056 number, alg);
1057 if (key_size)
1058 {
1059 transform->add_transform_attribute(transform,
1060 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1061 TATTR_PH2_KEY_LENGTH, key_size));
1062 }
1063 }
1064 enumerator->destroy(enumerator);
1065 if (!transform)
1066 {
1067 return;
1068 }
1069
1070 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1071 if (enumerator->enumerate(enumerator, &alg, &key_size))
1072 {
1073 alg = get_ikev1_from_alg(INTEGRITY_ALGORITHM, alg);
1074 if (alg)
1075 {
1076 transform->add_transform_attribute(transform,
1077 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1078 TATTR_PH2_AUTH_ALGORITHM, alg));
1079 }
1080 }
1081 enumerator->destroy(enumerator);
1082
1083 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1084 if (enumerator->enumerate(enumerator, &alg, &key_size))
1085 {
1086 transform->add_transform_attribute(transform,
1087 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1088 TATTR_PH2_GROUP, alg));
1089 }
1090 enumerator->destroy(enumerator);
1091
1092 transform->add_transform_attribute(transform,
1093 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1094 TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
1095 if (lifetime)
1096 {
1097 transform->add_transform_attribute(transform,
1098 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1099 TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
1100 transform->add_transform_attribute(transform,
1101 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1102 TATTR_PH2_SA_LIFE_DURATION, lifetime));
1103 }
1104 if (lifebytes)
1105 {
1106 transform->add_transform_attribute(transform,
1107 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1108 TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
1109 transform->add_transform_attribute(transform,
1110 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1111 TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
1112 }
1113
1114 add_transform_substructure(this, transform);
1115 }
1116
1117 /**
1118 * Add an IKEv2 proposal to the substructure
1119 */
1120 static void set_from_proposal_v2(private_proposal_substructure_t *this,
1121 proposal_t *proposal)
1122 {
1123 transform_substructure_t *transform;
1124 u_int16_t alg, key_size;
1125 enumerator_t *enumerator;
1126
1127 /* encryption algorithm is only available in ESP */
1128 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
1129 while (enumerator->enumerate(enumerator, &alg, &key_size))
1130 {
1131 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1132 ENCRYPTION_ALGORITHM, alg);
1133 if (key_size)
1134 {
1135 transform->add_transform_attribute(transform,
1136 transform_attribute_create_value(TRANSFORM_ATTRIBUTE,
1137 TATTR_IKEV2_KEY_LENGTH, key_size));
1138 }
1139 add_transform_substructure(this, transform);
1140 }
1141 enumerator->destroy(enumerator);
1142
1143 /* integrity algorithms */
1144 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1145 while (enumerator->enumerate(enumerator, &alg, &key_size))
1146 {
1147 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1148 INTEGRITY_ALGORITHM, alg);
1149 add_transform_substructure(this, transform);
1150 }
1151 enumerator->destroy(enumerator);
1152
1153 /* prf algorithms */
1154 enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION);
1155 while (enumerator->enumerate(enumerator, &alg, &key_size))
1156 {
1157 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1158 PSEUDO_RANDOM_FUNCTION, alg);
1159 add_transform_substructure(this, transform);
1160 }
1161 enumerator->destroy(enumerator);
1162
1163 /* dh groups */
1164 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1165 while (enumerator->enumerate(enumerator, &alg, NULL))
1166 {
1167 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1168 DIFFIE_HELLMAN_GROUP, alg);
1169 add_transform_substructure(this, transform);
1170 }
1171 enumerator->destroy(enumerator);
1172
1173 /* extended sequence numbers */
1174 enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS);
1175 while (enumerator->enumerate(enumerator, &alg, NULL))
1176 {
1177 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1178 EXTENDED_SEQUENCE_NUMBERS, alg);
1179 add_transform_substructure(this, transform);
1180 }
1181 enumerator->destroy(enumerator);
1182 }
1183
1184 /**
1185 * Set SPI and other data from proposal, compute length
1186 */
1187 static void set_data(private_proposal_substructure_t *this, proposal_t *proposal)
1188 {
1189 u_int64_t spi64;
1190 u_int32_t spi32;
1191
1192 /* add SPI, if necessary */
1193 switch (proposal->get_protocol(proposal))
1194 {
1195 case PROTO_AH:
1196 case PROTO_ESP:
1197 spi32 = proposal->get_spi(proposal);
1198 this->spi = chunk_clone(chunk_from_thing(spi32));
1199 this->spi_size = this->spi.len;
1200 break;
1201 case PROTO_IKE:
1202 spi64 = proposal->get_spi(proposal);
1203 if (spi64)
1204 { /* IKE only uses SPIS when rekeying, but on initial setup */
1205 this->spi = chunk_clone(chunk_from_thing(spi64));
1206 this->spi_size = this->spi.len;
1207 }
1208 break;
1209 default:
1210 break;
1211 }
1212 this->proposal_number = proposal->get_number(proposal);
1213 this->protocol_id = proposal->get_protocol(proposal);
1214 compute_length(this);
1215 }
1216
1217 /*
1218 * Described in header.
1219 */
1220 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
1221 proposal_t *proposal)
1222 {
1223 private_proposal_substructure_t *this;
1224
1225 this = (private_proposal_substructure_t*)
1226 proposal_substructure_create(SECURITY_ASSOCIATION);
1227 set_from_proposal_v2(this, proposal);
1228 set_data(this, proposal);
1229
1230 return &this->public;
1231 }
1232
1233 /**
1234 * See header.
1235 */
1236 proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
1237 proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
1238 auth_method_t auth, ipsec_mode_t mode, bool udp)
1239 {
1240 private_proposal_substructure_t *this;
1241
1242 this = (private_proposal_substructure_t*)
1243 proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
1244 switch (proposal->get_protocol(proposal))
1245 {
1246 case PROTO_IKE:
1247 set_from_proposal_v1_ike(this, proposal, lifetime, auth, 1);
1248 break;
1249 case PROTO_ESP:
1250 set_from_proposal_v1_esp(this, proposal, lifetime,
1251 lifebytes, mode, udp, 1);
1252 break;
1253 default:
1254 break;
1255 }
1256 set_data(this, proposal);
1257
1258 return &this->public;
1259 }
1260
1261 /**
1262 * See header.
1263 */
1264 proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
1265 linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
1266 auth_method_t auth, ipsec_mode_t mode, bool udp)
1267 {
1268 private_proposal_substructure_t *this = NULL;
1269 enumerator_t *enumerator;
1270 proposal_t *proposal;
1271 int number = 0;
1272
1273 enumerator = proposals->create_enumerator(proposals);
1274 while (enumerator->enumerate(enumerator, &proposal))
1275 {
1276 if (!this)
1277 {
1278 this = (private_proposal_substructure_t*)
1279 proposal_substructure_create_from_proposal_v1(
1280 proposal, lifetime, lifebytes, auth, mode, udp);
1281 }
1282 else
1283 {
1284 switch (proposal->get_protocol(proposal))
1285 {
1286 case PROTO_IKE:
1287 set_from_proposal_v1_ike(this, proposal, lifetime,
1288 auth, ++number);
1289 break;
1290 case PROTO_ESP:
1291 set_from_proposal_v1_esp(this, proposal, lifetime,
1292 lifebytes, mode, udp, ++number);
1293 break;
1294 default:
1295 break;
1296 }
1297 }
1298 }
1299 enumerator->destroy(enumerator);
1300
1301 return &this->public;
1302 }
Unnamed repository; edit this file 'description' to name the repository.