2 * Copyright (C) 2012-2020 Tobias Brunner
3 * Copyright (C) 2005-2010 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * HSR Hochschule fuer Technik Rapperswil
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 #include "proposal_substructure.h"
22 #include <encoding/payloads/encodings.h>
23 #include <encoding/payloads/transform_substructure.h>
25 #include <collections/linked_list.h>
29 * IKEv2 Value for a proposal payload.
31 #define PROPOSAL_TYPE_VALUE 2
33 typedef struct private_proposal_substructure_t private_proposal_substructure_t
;
36 * Private data of an proposal_substructure_t object.
38 struct private_proposal_substructure_t
{
41 * Public proposal_substructure_t interface.
43 proposal_substructure_t
public;
56 * Length of this payload.
58 uint16_t proposal_length
;
63 uint8_t proposal_number
;
71 * SPI size of the following SPI.
76 * Number of transforms.
78 uint8_t transforms_count
;
81 * SPI is stored as chunk.
86 * Transforms are stored in a linked_list_t.
88 linked_list_t
*transforms
;
91 * Type of this payload, PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
97 * Encoding rules for a IKEv1 Proposal substructure.
99 static encoding_rule_t encodings_v1
[] = {
100 /* 1 Byte next payload type, stored in the field next_payload */
101 { U_INT_8
, offsetof(private_proposal_substructure_t
, next_payload
) },
102 /* 1 Reserved Byte */
103 { RESERVED_BYTE
, offsetof(private_proposal_substructure_t
, reserved
) },
104 /* Length of the whole proposal substructure payload*/
105 { PAYLOAD_LENGTH
, offsetof(private_proposal_substructure_t
, proposal_length
) },
106 /* proposal number is a number of 8 bit */
107 { U_INT_8
, offsetof(private_proposal_substructure_t
, proposal_number
) },
108 /* protocol ID is a number of 8 bit */
109 { U_INT_8
, offsetof(private_proposal_substructure_t
, protocol_id
) },
110 /* SPI Size has its own type */
111 { SPI_SIZE
, offsetof(private_proposal_substructure_t
, spi_size
) },
112 /* Number of transforms is a number of 8 bit */
113 { U_INT_8
, offsetof(private_proposal_substructure_t
, transforms_count
) },
114 /* SPI is a chunk of variable size*/
115 { SPI
, offsetof(private_proposal_substructure_t
, spi
) },
116 /* Transforms are stored in a transform substructure list */
117 { PAYLOAD_LIST
+ PLV1_TRANSFORM_SUBSTRUCTURE
,
118 offsetof(private_proposal_substructure_t
, transforms
) },
122 * Encoding rules for a IKEv2 Proposal substructure.
124 static encoding_rule_t encodings_v2
[] = {
125 /* 1 Byte next payload type, stored in the field next_payload */
126 { U_INT_8
, offsetof(private_proposal_substructure_t
, next_payload
) },
127 /* 1 Reserved Byte */
128 { RESERVED_BYTE
, offsetof(private_proposal_substructure_t
, reserved
) },
129 /* Length of the whole proposal substructure payload*/
130 { PAYLOAD_LENGTH
, offsetof(private_proposal_substructure_t
, proposal_length
) },
131 /* proposal number is a number of 8 bit */
132 { U_INT_8
, offsetof(private_proposal_substructure_t
, proposal_number
) },
133 /* protocol ID is a number of 8 bit */
134 { U_INT_8
, offsetof(private_proposal_substructure_t
, protocol_id
) },
135 /* SPI Size has its own type */
136 { SPI_SIZE
, offsetof(private_proposal_substructure_t
, spi_size
) },
137 /* Number of transforms is a number of 8 bit */
138 { U_INT_8
, offsetof(private_proposal_substructure_t
, transforms_count
) },
139 /* SPI is a chunk of variable size*/
140 { SPI
, offsetof(private_proposal_substructure_t
, spi
) },
141 /* Transforms are stored in a transform substructure list */
142 { PAYLOAD_LIST
+ PLV2_TRANSFORM_SUBSTRUCTURE
,
143 offsetof(private_proposal_substructure_t
, transforms
) },
148 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
149 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
150 ! 0 (last) or 2 ! RESERVED ! Proposal Length !
151 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
152 ! Proposal # ! Protocol ID ! SPI Size !# of Transforms!
153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
155 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
166 IKEV1_ENCR_DES_CBC
= 1,
167 IKEV1_ENCR_IDEA_CBC
= 2,
168 IKEV1_ENCR_BLOWFISH_CBC
= 3,
169 IKEV1_ENCR_RC5_R16_B64_CBC
= 4,
170 IKEV1_ENCR_3DES_CBC
= 5,
171 IKEV1_ENCR_CAST_CBC
= 6,
172 IKEV1_ENCR_AES_CBC
= 7,
173 IKEV1_ENCR_CAMELLIA_CBC
= 8,
174 /* FreeS/WAN proprietary */
175 IKEV1_ENCR_SERPENT_CBC
= 65004,
176 IKEV1_ENCR_TWOFISH_CBC
= 65005,
177 } ikev1_encryption_t
;
185 IKEV1_HASH_TIGER
= 3,
186 IKEV1_HASH_SHA2_256
= 4,
187 IKEV1_HASH_SHA2_384
= 5,
188 IKEV1_HASH_SHA2_512
= 6,
192 * IKEv1 Transform ID IKE.
195 IKEV1_TRANSID_KEY_IKE
= 1,
196 } ikev1_ike_transid_t
;
199 * IKEv1 Transform ID ESP encryption algorithm.
202 IKEV1_ESP_ENCR_DES_IV64
= 1,
203 IKEV1_ESP_ENCR_DES
= 2,
204 IKEV1_ESP_ENCR_3DES
= 3,
205 IKEV1_ESP_ENCR_RC5
= 4,
206 IKEV1_ESP_ENCR_IDEA
= 5,
207 IKEV1_ESP_ENCR_CAST
= 6,
208 IKEV1_ESP_ENCR_BLOWFISH
= 7,
209 IKEV1_ESP_ENCR_3IDEA
= 8,
210 IKEV1_ESP_ENCR_DES_IV32
= 9,
211 IKEV1_ESP_ENCR_RC4
= 10,
212 IKEV1_ESP_ENCR_NULL
= 11,
213 IKEV1_ESP_ENCR_AES_CBC
= 12,
214 IKEV1_ESP_ENCR_AES_CTR
= 13,
215 IKEV1_ESP_ENCR_AES_CCM_8
= 14,
216 IKEV1_ESP_ENCR_AES_CCM_12
= 15,
217 IKEV1_ESP_ENCR_AES_CCM_16
= 16,
218 IKEV1_ESP_ENCR_AES_GCM_8
= 18,
219 IKEV1_ESP_ENCR_AES_GCM_12
= 19,
220 IKEV1_ESP_ENCR_AES_GCM_16
= 20,
221 IKEV1_ESP_ENCR_SEED_CBC
= 21,
222 IKEV1_ESP_ENCR_CAMELLIA
= 22,
223 IKEV1_ESP_ENCR_NULL_AUTH_AES_GMAC
= 23,
224 /* FreeS/WAN proprietary */
225 IKEV1_ESP_ENCR_SERPENT
= 252,
226 IKEV1_ESP_ENCR_TWOFISH
= 253,
227 } ikev1_esp_transid_t
;
230 * IKEv1 Transform ID AH authentication algorithm.
233 IKEV1_AH_HMAC_MD5
= 2,
234 IKEV1_AH_HMAC_SHA
= 3,
235 IKEV1_AH_DES_MAC
= 4,
236 IKEV1_AH_HMAC_SHA2_256
= 5,
237 IKEV1_AH_HMAC_SHA2_384
= 6,
238 IKEV1_AH_HMAC_SHA2_512
= 7,
240 IKEV1_AH_AES_XCBC_MAC
= 9,
242 IKEV1_AH_AES_128_GMAC
= 11,
243 IKEV1_AH_AES_192_GMAC
= 12,
244 IKEV1_AH_AES_256_GMAC
= 13,
245 } ikev1_ah_transid_t
;
248 * IKEv1 authentication algorithm.
251 IKEV1_AUTH_HMAC_MD5
= 1,
252 IKEV1_AUTH_HMAC_SHA
= 2,
253 IKEV1_AUTH_DES_MAC
= 3,
255 IKEV1_AUTH_HMAC_SHA2_256
= 5,
256 IKEV1_AUTH_HMAC_SHA2_384
= 6,
257 IKEV1_AUTH_HMAC_SHA2_512
= 7,
258 IKEV1_AUTH_HMAC_RIPEMD
= 8,
259 IKEV1_AUTH_AES_XCBC_MAC
= 9,
260 IKEV1_AUTH_SIG_RSA
= 10,
261 IKEV1_AUTH_AES_128_GMAC
= 11,
262 IKEV1_AUTH_AES_192_GMAC
= 12,
263 IKEV1_AUTH_AES_256_GMAC
= 13,
267 * IKEv1 ESP Encapsulation mode.
270 IKEV1_ENCAP_TUNNEL
= 1,
271 IKEV1_ENCAP_TRANSPORT
= 2,
272 IKEV1_ENCAP_UDP_TUNNEL
= 3,
273 IKEV1_ENCAP_UDP_TRANSPORT
= 4,
274 IKEV1_ENCAP_UDP_TUNNEL_DRAFT_00_03
= 61443,
275 IKEV1_ENCAP_UDP_TRANSPORT_DRAFT_00_03
= 61444,
279 * IKEv1 Life duration types.
282 IKEV1_LIFE_TYPE_SECONDS
= 1,
283 IKEV1_LIFE_TYPE_KILOBYTES
= 2,
287 * IKEv1 authentication methods
291 IKEV1_AUTH_DSS_SIG
= 2,
292 IKEV1_AUTH_RSA_SIG
= 3,
293 IKEV1_AUTH_RSA_ENC
= 4,
294 IKEV1_AUTH_RSA_ENC_REV
= 5,
295 IKEV1_AUTH_ECDSA_256
= 9,
296 IKEV1_AUTH_ECDSA_384
= 10,
297 IKEV1_AUTH_ECDSA_521
= 11,
299 IKEV1_AUTH_XAUTH_INIT_PSK
= 65001,
300 IKEV1_AUTH_XAUTH_RESP_PSK
= 65002,
301 IKEV1_AUTH_XAUTH_INIT_DSS
= 65003,
302 IKEV1_AUTH_XAUTH_RESP_DSS
= 65004,
303 IKEV1_AUTH_XAUTH_INIT_RSA
= 65005,
304 IKEV1_AUTH_XAUTH_RESP_RSA
= 65006,
305 IKEV1_AUTH_XAUTH_INIT_RSA_ENC
= 65007,
306 IKEV1_AUTH_XAUTH_RESP_RSA_ENC
= 65008,
307 IKEV1_AUTH_XAUTH_INIT_RSA_ENC_REV
= 65009,
308 IKEV1_AUTH_XAUTH_RESP_RSA_ENC_REV
= 65010,
310 IKEV1_AUTH_HYBRID_INIT_RSA
= 64221,
311 IKEV1_AUTH_HYBRID_RESP_RSA
= 64222,
312 IKEV1_AUTH_HYBRID_INIT_DSS
= 64223,
313 IKEV1_AUTH_HYBRID_RESP_DSS
= 64224,
314 } ikev1_auth_method_t
;
317 * IKEv1 IPComp transform IDs
320 IKEV1_IPCOMP_OUI
= 1,
321 IKEV1_IPCOMP_DEFLATE
= 2,
322 IKEV1_IPCOMP_LZS
= 3,
323 } ikev1_ipcomp_transform_t
;
325 METHOD(payload_t
, verify
, status_t
,
326 private_proposal_substructure_t
*this)
328 status_t status
= SUCCESS
;
329 enumerator_t
*enumerator
;
332 if (this->next_payload
!= PL_NONE
&& this->next_payload
!= 2)
335 DBG1(DBG_ENC
, "inconsistent next payload");
338 if (this->transforms_count
!= this->transforms
->get_count(this->transforms
))
340 /* must be the same! */
341 DBG1(DBG_ENC
, "transform count invalid");
345 switch (this->protocol_id
)
348 if (this->spi
.len
!= 2 && this->spi
.len
!= 4)
350 DBG1(DBG_ENC
, "invalid CPI length in IPCOMP proposal");
356 if (this->spi
.len
!= 4)
358 DBG1(DBG_ENC
, "invalid SPI length in %N proposal",
359 protocol_id_names
, this->protocol_id
);
364 if (this->type
== PLV1_PROPOSAL_SUBSTRUCTURE
)
366 if (this->spi
.len
<= 16)
367 { /* according to RFC 2409, section 3.5 anything between
368 * 0 and 16 is fine */
372 else if (this->spi
.len
== 0 || this->spi
.len
== 8)
376 DBG1(DBG_ENC
, "invalid SPI length in IKE proposal");
381 enumerator
= this->transforms
->create_enumerator(this->transforms
);
382 while (enumerator
->enumerate(enumerator
, ¤t
))
384 status
= current
->verify(current
);
385 if (status
!= SUCCESS
)
387 DBG1(DBG_ENC
, "TRANSFORM_SUBSTRUCTURE verification failed");
391 enumerator
->destroy(enumerator
);
393 /* proposal number is checked in SA payload */
397 METHOD(payload_t
, get_encoding_rules
, int,
398 private_proposal_substructure_t
*this, encoding_rule_t
**rules
)
400 if (this->type
== PLV2_PROPOSAL_SUBSTRUCTURE
)
402 *rules
= encodings_v2
;
403 return countof(encodings_v2
);
405 *rules
= encodings_v1
;
406 return countof(encodings_v1
);
409 METHOD(payload_t
, get_header_length
, int,
410 private_proposal_substructure_t
*this)
412 return 8 + this->spi_size
;
415 METHOD(payload_t
, get_type
, payload_type_t
,
416 private_proposal_substructure_t
*this)
421 METHOD(payload_t
, get_next_type
, payload_type_t
,
422 private_proposal_substructure_t
*this)
424 return this->next_payload
;
427 METHOD(payload_t
, set_next_type
, void,
428 private_proposal_substructure_t
*this, payload_type_t type
)
433 * (re-)compute the length of the payload.
435 static void compute_length(private_proposal_substructure_t
*this)
437 enumerator_t
*enumerator
;
438 payload_t
*transform
;
440 this->transforms_count
= 0;
441 this->proposal_length
= get_header_length(this);
442 enumerator
= this->transforms
->create_enumerator(this->transforms
);
443 while (enumerator
->enumerate(enumerator
, &transform
))
445 this->proposal_length
+= transform
->get_length(transform
);
446 this->transforms_count
++;
448 enumerator
->destroy(enumerator
);
451 METHOD(payload_t
, get_length
, size_t,
452 private_proposal_substructure_t
*this)
454 return this->proposal_length
;
458 * Add a transform substructure to the proposal
460 static void add_transform_substructure(private_proposal_substructure_t
*this,
461 transform_substructure_t
*transform
)
463 if (this->transforms
->get_count(this->transforms
) > 0)
465 transform_substructure_t
*last
;
467 this->transforms
->get_last(this->transforms
, (void **)&last
);
468 last
->set_is_last_transform(last
, FALSE
);
470 transform
->set_is_last_transform(transform
,TRUE
);
471 this->transforms
->insert_last(this->transforms
, transform
);
472 compute_length(this);
475 METHOD(proposal_substructure_t
, set_is_last_proposal
, void,
476 private_proposal_substructure_t
*this, bool is_last
)
478 this->next_payload
= is_last
? 0 : PROPOSAL_TYPE_VALUE
;
481 METHOD(proposal_substructure_t
, set_proposal_number
, void,
482 private_proposal_substructure_t
*this,uint8_t proposal_number
)
484 this->proposal_number
= proposal_number
;
487 METHOD(proposal_substructure_t
, get_proposal_number
, uint8_t,
488 private_proposal_substructure_t
*this)
490 return this->proposal_number
;
493 METHOD(proposal_substructure_t
, set_protocol_id
, void,
494 private_proposal_substructure_t
*this,uint8_t protocol_id
)
496 this->protocol_id
= protocol_id
;
499 METHOD(proposal_substructure_t
, get_protocol_id
, uint8_t,
500 private_proposal_substructure_t
*this)
502 return this->protocol_id
;
505 METHOD(proposal_substructure_t
, set_spi
, void,
506 private_proposal_substructure_t
*this, chunk_t spi
)
509 this->spi
= chunk_clone(spi
);
510 this->spi_size
= spi
.len
;
511 compute_length(this);
514 METHOD(proposal_substructure_t
, get_spi
, chunk_t
,
515 private_proposal_substructure_t
*this)
520 METHOD(proposal_substructure_t
, get_cpi
, bool,
521 private_proposal_substructure_t
*this, uint16_t *cpi
)
524 transform_substructure_t
*transform
;
525 enumerator_t
*enumerator
;
527 if (this->protocol_id
!= PROTO_IPCOMP
)
532 enumerator
= this->transforms
->create_enumerator(this->transforms
);
533 while (enumerator
->enumerate(enumerator
, &transform
))
535 if (transform
->get_transform_id(transform
) == IKEV1_IPCOMP_DEFLATE
)
539 *cpi
= htons(untoh16(this->spi
.ptr
+ this->spi
.len
- 2));
541 enumerator
->destroy(enumerator
);
545 enumerator
->destroy(enumerator
);
550 * Add a transform to a proposal for IKEv2
552 static void add_to_proposal_v2(proposal_t
*proposal
,
553 transform_substructure_t
*transform
)
555 transform_attribute_t
*tattr
;
556 enumerator_t
*enumerator
;
557 uint16_t key_length
= 0;
559 enumerator
= transform
->create_attribute_enumerator(transform
);
560 while (enumerator
->enumerate(enumerator
, &tattr
))
562 if (tattr
->get_attribute_type(tattr
) == TATTR_IKEV2_KEY_LENGTH
)
564 key_length
= tattr
->get_value(tattr
);
568 enumerator
->destroy(enumerator
);
570 proposal
->add_algorithm(proposal
,
571 transform
->get_transform_type_or_number(transform
),
572 transform
->get_transform_id(transform
), key_length
);
576 * Map IKEv1 to IKEv2 algorithms
584 * Encryption algorithm mapping
586 static algo_map_t map_encr
[] = {
587 { IKEV1_ENCR_DES_CBC
, ENCR_DES
},
588 { IKEV1_ENCR_IDEA_CBC
, ENCR_IDEA
},
589 { IKEV1_ENCR_BLOWFISH_CBC
, ENCR_BLOWFISH
},
590 { IKEV1_ENCR_3DES_CBC
, ENCR_3DES
},
591 { IKEV1_ENCR_CAST_CBC
, ENCR_CAST
},
592 { IKEV1_ENCR_AES_CBC
, ENCR_AES_CBC
},
593 { IKEV1_ENCR_CAMELLIA_CBC
, ENCR_CAMELLIA_CBC
},
594 { IKEV1_ENCR_SERPENT_CBC
, ENCR_SERPENT_CBC
},
595 { IKEV1_ENCR_TWOFISH_CBC
, ENCR_TWOFISH_CBC
},
599 * Integrity algorithm mapping
601 static algo_map_t map_integ
[] = {
602 { IKEV1_HASH_MD5
, AUTH_HMAC_MD5_96
},
603 { IKEV1_HASH_SHA1
, AUTH_HMAC_SHA1_96
},
604 { IKEV1_HASH_SHA2_256
, AUTH_HMAC_SHA2_256_128
},
605 { IKEV1_HASH_SHA2_384
, AUTH_HMAC_SHA2_384_192
},
606 { IKEV1_HASH_SHA2_512
, AUTH_HMAC_SHA2_512_256
},
610 * PRF algorithm mapping
612 static algo_map_t map_prf
[] = {
613 { IKEV1_HASH_MD5
, PRF_HMAC_MD5
},
614 { IKEV1_HASH_SHA1
, PRF_HMAC_SHA1
},
615 { IKEV1_HASH_SHA2_256
, PRF_HMAC_SHA2_256
},
616 { IKEV1_HASH_SHA2_384
, PRF_HMAC_SHA2_384
},
617 { IKEV1_HASH_SHA2_512
, PRF_HMAC_SHA2_512
},
621 * ESP encryption algorithm mapping
623 static algo_map_t map_esp
[] = {
624 { IKEV1_ESP_ENCR_DES_IV64
, ENCR_DES_IV64
},
625 { IKEV1_ESP_ENCR_DES
, ENCR_DES
},
626 { IKEV1_ESP_ENCR_3DES
, ENCR_3DES
},
627 { IKEV1_ESP_ENCR_RC5
, ENCR_RC5
},
628 { IKEV1_ESP_ENCR_IDEA
, ENCR_IDEA
},
629 { IKEV1_ESP_ENCR_CAST
, ENCR_CAST
},
630 { IKEV1_ESP_ENCR_BLOWFISH
, ENCR_BLOWFISH
},
631 { IKEV1_ESP_ENCR_3IDEA
, ENCR_3IDEA
},
632 { IKEV1_ESP_ENCR_DES_IV32
, ENCR_DES_IV32
},
633 { IKEV1_ESP_ENCR_NULL
, ENCR_NULL
},
634 { IKEV1_ESP_ENCR_AES_CBC
, ENCR_AES_CBC
},
635 { IKEV1_ESP_ENCR_AES_CTR
, ENCR_AES_CTR
},
636 { IKEV1_ESP_ENCR_AES_CCM_8
, ENCR_AES_CCM_ICV8
},
637 { IKEV1_ESP_ENCR_AES_CCM_12
, ENCR_AES_CCM_ICV12
},
638 { IKEV1_ESP_ENCR_AES_CCM_16
, ENCR_AES_CCM_ICV16
},
639 { IKEV1_ESP_ENCR_AES_GCM_8
, ENCR_AES_GCM_ICV8
},
640 { IKEV1_ESP_ENCR_AES_GCM_12
, ENCR_AES_GCM_ICV12
},
641 { IKEV1_ESP_ENCR_AES_GCM_16
, ENCR_AES_GCM_ICV16
},
642 { IKEV1_ESP_ENCR_CAMELLIA
, ENCR_CAMELLIA_CBC
},
643 { IKEV1_ESP_ENCR_NULL_AUTH_AES_GMAC
, ENCR_NULL_AUTH_AES_GMAC
},
644 { IKEV1_ESP_ENCR_SERPENT
, ENCR_SERPENT_CBC
},
645 { IKEV1_ESP_ENCR_TWOFISH
, ENCR_TWOFISH_CBC
},
649 * AH authentication algorithm mapping
651 static algo_map_t map_ah
[] = {
652 { IKEV1_AH_HMAC_MD5
, AUTH_HMAC_MD5_96
},
653 { IKEV1_AH_HMAC_SHA
, AUTH_HMAC_SHA1_96
},
654 { IKEV1_AH_DES_MAC
, AUTH_DES_MAC
},
655 { IKEV1_AH_HMAC_SHA2_256
, AUTH_HMAC_SHA2_256_128
},
656 { IKEV1_AH_HMAC_SHA2_384
, AUTH_HMAC_SHA2_384_192
},
657 { IKEV1_AH_HMAC_SHA2_512
, AUTH_HMAC_SHA2_512_256
},
658 { IKEV1_AH_AES_XCBC_MAC
, AUTH_AES_XCBC_96
},
659 { IKEV1_AH_AES_128_GMAC
, AUTH_AES_128_GMAC
},
660 { IKEV1_AH_AES_192_GMAC
, AUTH_AES_192_GMAC
},
661 { IKEV1_AH_AES_256_GMAC
, AUTH_AES_256_GMAC
},
665 * ESP/AH authentication algorithm mapping
667 static algo_map_t map_auth
[] = {
668 { IKEV1_AUTH_HMAC_MD5
, AUTH_HMAC_MD5_96
},
669 { IKEV1_AUTH_HMAC_SHA
, AUTH_HMAC_SHA1_96
},
670 { IKEV1_AUTH_DES_MAC
, AUTH_DES_MAC
},
671 { IKEV1_AUTH_KPDK
, AUTH_KPDK_MD5
},
672 { IKEV1_AUTH_HMAC_SHA2_256
, AUTH_HMAC_SHA2_256_128
},
673 { IKEV1_AUTH_HMAC_SHA2_384
, AUTH_HMAC_SHA2_384_192
},
674 { IKEV1_AUTH_HMAC_SHA2_512
, AUTH_HMAC_SHA2_512_256
},
675 { IKEV1_AUTH_AES_XCBC_MAC
, AUTH_AES_XCBC_96
},
676 { IKEV1_AUTH_AES_128_GMAC
, AUTH_AES_128_GMAC
},
677 { IKEV1_AUTH_AES_192_GMAC
, AUTH_AES_192_GMAC
},
678 { IKEV1_AUTH_AES_256_GMAC
, AUTH_AES_256_GMAC
},
682 * Map an IKEv1 to an IKEv2 identifier
684 static uint16_t ikev2_from_ikev1(algo_map_t
*map
, int count
, uint16_t def
,
689 for (i
= 0; i
< count
; i
++)
691 if (map
[i
].ikev1
== value
)
700 * Map an IKEv2 to an IKEv1 identifier
702 static uint16_t ikev1_from_ikev2(algo_map_t
*map
, int count
, uint16_t value
)
706 for (i
= 0; i
< count
; i
++)
708 if (map
[i
].ikev2
== value
)
717 * Get IKEv2 algorithm from IKEv1 identifier
719 static uint16_t get_alg_from_ikev1(transform_type_t type
, uint16_t value
)
723 case ENCRYPTION_ALGORITHM
:
724 return ikev2_from_ikev1(map_encr
, countof(map_encr
),
725 ENCR_UNDEFINED
, value
);
726 case INTEGRITY_ALGORITHM
:
727 return ikev2_from_ikev1(map_integ
, countof(map_integ
),
728 AUTH_UNDEFINED
, value
);
729 case PSEUDO_RANDOM_FUNCTION
:
730 return ikev2_from_ikev1(map_prf
, countof(map_prf
),
731 PRF_UNDEFINED
, value
);
738 * Get IKEv1 algorithm from IKEv2 identifier
740 static uint16_t get_ikev1_from_alg(transform_type_t type
, uint16_t value
)
744 case ENCRYPTION_ALGORITHM
:
745 return ikev1_from_ikev2(map_encr
, countof(map_encr
), value
);
746 case INTEGRITY_ALGORITHM
:
747 return ikev1_from_ikev2(map_integ
, countof(map_integ
), value
);
748 case PSEUDO_RANDOM_FUNCTION
:
749 return ikev1_from_ikev2(map_prf
, countof(map_prf
), value
);
756 * Get IKEv2 algorithm from IKEv1 ESP/AH transform ID
758 static uint16_t get_alg_from_ikev1_transid(transform_type_t type
,
763 case ENCRYPTION_ALGORITHM
:
764 return ikev2_from_ikev1(map_esp
, countof(map_esp
),
765 ENCR_UNDEFINED
, value
);
766 case INTEGRITY_ALGORITHM
:
767 return ikev2_from_ikev1(map_ah
, countof(map_ah
),
768 AUTH_UNDEFINED
, value
);
775 * Get IKEv1 ESP/AH transform ID from IKEv2 identifier
777 static uint16_t get_ikev1_transid_from_alg(transform_type_t type
,
782 case ENCRYPTION_ALGORITHM
:
783 return ikev1_from_ikev2(map_esp
, countof(map_esp
), value
);
784 case INTEGRITY_ALGORITHM
:
785 return ikev1_from_ikev2(map_ah
, countof(map_ah
), value
);
792 * Get IKEv1 authentication algorithm from IKEv2 identifier
794 static uint16_t get_alg_from_ikev1_auth(uint16_t value
)
796 return ikev2_from_ikev1(map_auth
, countof(map_auth
), AUTH_UNDEFINED
, value
);
800 * Get IKEv1 authentication algorithm from IKEv2 identifier
802 static uint16_t get_ikev1_auth_from_alg(uint16_t value
)
804 return ikev1_from_ikev2(map_auth
, countof(map_auth
), value
);
808 * Get IKEv1 authentication attribute from auth_method_t
810 static uint16_t get_ikev1_auth(auth_method_t method
)
815 return IKEV1_AUTH_RSA_SIG
;
817 return IKEV1_AUTH_DSS_SIG
;
818 case AUTH_XAUTH_INIT_PSK
:
819 return IKEV1_AUTH_XAUTH_INIT_PSK
;
820 case AUTH_XAUTH_RESP_PSK
:
821 return IKEV1_AUTH_XAUTH_RESP_PSK
;
822 case AUTH_XAUTH_INIT_RSA
:
823 return IKEV1_AUTH_XAUTH_INIT_RSA
;
824 case AUTH_XAUTH_RESP_RSA
:
825 return IKEV1_AUTH_XAUTH_RESP_RSA
;
826 case AUTH_HYBRID_INIT_RSA
:
827 return IKEV1_AUTH_HYBRID_INIT_RSA
;
828 case AUTH_HYBRID_RESP_RSA
:
829 return IKEV1_AUTH_HYBRID_RESP_RSA
;
831 return IKEV1_AUTH_ECDSA_256
;
833 return IKEV1_AUTH_ECDSA_384
;
835 return IKEV1_AUTH_ECDSA_521
;
838 return IKEV1_AUTH_PSK
;
843 * Get IKEv1 encapsulation mode
845 static uint16_t get_ikev1_mode(ipsec_mode_t mode
, encap_t udp
)
853 return IKEV1_ENCAP_UDP_TUNNEL
;
854 case ENCAP_UDP_DRAFT_00_03
:
855 return IKEV1_ENCAP_UDP_TUNNEL_DRAFT_00_03
;
857 return IKEV1_ENCAP_TUNNEL
;
863 return IKEV1_ENCAP_UDP_TRANSPORT
;
864 case ENCAP_UDP_DRAFT_00_03
:
865 return IKEV1_ENCAP_UDP_TRANSPORT_DRAFT_00_03
;
867 return IKEV1_ENCAP_TRANSPORT
;
870 return IKEV1_ENCAP_TUNNEL
;
875 * Add an IKE transform to a proposal for IKEv1
877 static void add_to_proposal_v1_ike(proposal_t
*proposal
,
878 transform_substructure_t
*transform
)
880 transform_attribute_type_t type
;
881 transform_attribute_t
*tattr
;
882 enumerator_t
*enumerator
;
883 uint16_t value
, key_length
= 0;
884 uint16_t encr
= ENCR_UNDEFINED
;
886 enumerator
= transform
->create_attribute_enumerator(transform
);
887 while (enumerator
->enumerate(enumerator
, &tattr
))
889 type
= tattr
->get_attribute_type(tattr
);
890 value
= tattr
->get_value(tattr
);
893 case TATTR_PH1_ENCRYPTION_ALGORITHM
:
894 encr
= get_alg_from_ikev1(ENCRYPTION_ALGORITHM
, value
);
896 case TATTR_PH1_KEY_LENGTH
:
899 case TATTR_PH1_HASH_ALGORITHM
:
900 proposal
->add_algorithm(proposal
, INTEGRITY_ALGORITHM
,
901 get_alg_from_ikev1(INTEGRITY_ALGORITHM
, value
), 0);
902 proposal
->add_algorithm(proposal
, PSEUDO_RANDOM_FUNCTION
,
903 get_alg_from_ikev1(PSEUDO_RANDOM_FUNCTION
, value
), 0);
905 case TATTR_PH1_GROUP
:
906 proposal
->add_algorithm(proposal
, DIFFIE_HELLMAN_GROUP
,
913 enumerator
->destroy(enumerator
);
915 if (encr
!= ENCR_UNDEFINED
)
917 if (encr
== ENCR_AES_CBC
&& !key_length
)
918 { /* some implementations don't send a Key Length attribute for
919 * AES-128, early drafts of RFC 3602 allowed that */
922 proposal
->add_algorithm(proposal
, ENCRYPTION_ALGORITHM
, encr
, key_length
);
927 * Add an ESP/AH transform to a proposal for IKEv1
929 static void add_to_proposal_v1(proposal_t
*proposal
,
930 transform_substructure_t
*transform
, protocol_id_t proto
)
932 transform_attribute_type_t type
;
933 transform_attribute_t
*tattr
;
934 enumerator_t
*enumerator
;
935 uint16_t encr
, value
, key_length
= 0;
936 extended_sequence_numbers_t esn
= NO_EXT_SEQ_NUMBERS
;
938 enumerator
= transform
->create_attribute_enumerator(transform
);
939 while (enumerator
->enumerate(enumerator
, &tattr
))
941 type
= tattr
->get_attribute_type(tattr
);
942 value
= tattr
->get_value(tattr
);
945 case TATTR_PH2_KEY_LENGTH
:
948 case TATTR_PH2_AUTH_ALGORITHM
:
949 proposal
->add_algorithm(proposal
, INTEGRITY_ALGORITHM
,
950 get_alg_from_ikev1_auth(value
), 0);
952 case TATTR_PH2_GROUP
:
953 proposal
->add_algorithm(proposal
, DIFFIE_HELLMAN_GROUP
,
956 case TATTR_PH2_EXT_SEQ_NUMBER
:
957 esn
= EXT_SEQ_NUMBERS
;
963 enumerator
->destroy(enumerator
);
965 proposal
->add_algorithm(proposal
, EXTENDED_SEQUENCE_NUMBERS
, esn
, 0);
966 if (proto
== PROTO_ESP
)
968 encr
= get_alg_from_ikev1_transid(ENCRYPTION_ALGORITHM
,
969 transform
->get_transform_id(transform
));
972 if (encr
== ENCR_AES_CBC
&& !key_length
)
973 { /* some implementations don't send a Key Length attribute for
974 * AES-128, early drafts of RFC 3602 allowed that for IKE, some
975 * also seem to do it for ESP */
978 proposal
->add_algorithm(proposal
, ENCRYPTION_ALGORITHM
, encr
,
984 METHOD(proposal_substructure_t
, get_proposals
, void,
985 private_proposal_substructure_t
*this, linked_list_t
*proposals
)
987 transform_substructure_t
*transform
;
988 enumerator_t
*enumerator
;
989 proposal_t
*proposal
= NULL
;
992 switch (this->spi
.len
)
995 spi
= *((uint32_t*)this->spi
.ptr
);
998 spi
= *((uint64_t*)this->spi
.ptr
);
1004 enumerator
= this->transforms
->create_enumerator(this->transforms
);
1005 while (enumerator
->enumerate(enumerator
, &transform
))
1007 if (this->type
== PLV2_PROPOSAL_SUBSTRUCTURE
)
1011 proposal
= proposal_create(this->protocol_id
,
1012 this->proposal_number
);
1013 proposal
->set_spi(proposal
, spi
);
1014 proposals
->insert_last(proposals
, proposal
);
1016 add_to_proposal_v2(proposal
, transform
);
1020 /* create a new proposal for each transform in IKEv1 */
1021 proposal
= proposal_create_v1(
1022 this->protocol_id
, this->proposal_number
,
1023 transform
->get_transform_type_or_number(transform
));
1024 proposal
->set_spi(proposal
, spi
);
1025 proposals
->insert_last(proposals
, proposal
);
1026 switch (this->protocol_id
)
1029 add_to_proposal_v1_ike(proposal
, transform
);
1033 add_to_proposal_v1(proposal
, transform
, this->protocol_id
);
1040 enumerator
->destroy(enumerator
);
1043 METHOD(proposal_substructure_t
, create_substructure_enumerator
, enumerator_t
*,
1044 private_proposal_substructure_t
*this)
1046 return this->transforms
->create_enumerator(this->transforms
);
1050 * Get an attribute from any transform, 0 if not found
1052 static uint64_t get_attr(private_proposal_substructure_t
*this,
1053 transform_attribute_type_t type
)
1055 enumerator_t
*transforms
, *attributes
;
1056 transform_substructure_t
*transform
;
1057 transform_attribute_t
*attr
;
1059 transforms
= this->transforms
->create_enumerator(this->transforms
);
1060 while (transforms
->enumerate(transforms
, &transform
))
1062 attributes
= transform
->create_attribute_enumerator(transform
);
1063 while (attributes
->enumerate(attributes
, &attr
))
1065 if (attr
->get_attribute_type(attr
) == type
)
1067 attributes
->destroy(attributes
);
1068 transforms
->destroy(transforms
);
1069 return attr
->get_value(attr
);
1072 attributes
->destroy(attributes
);
1074 transforms
->destroy(transforms
);
1079 * Look up a lifetime duration of a given kind in all transforms
1081 static uint64_t get_life_duration(private_proposal_substructure_t
*this,
1082 transform_attribute_type_t type_attr
, ikev1_life_type_t type
,
1083 transform_attribute_type_t dur_attr
)
1085 enumerator_t
*transforms
, *attributes
;
1086 transform_substructure_t
*transform
;
1087 transform_attribute_t
*attr
;
1089 transforms
= this->transforms
->create_enumerator(this->transforms
);
1090 while (transforms
->enumerate(transforms
, &transform
))
1092 attributes
= transform
->create_attribute_enumerator(transform
);
1093 while (attributes
->enumerate(attributes
, &attr
))
1095 if (attr
->get_attribute_type(attr
) == type_attr
&&
1096 attr
->get_value(attr
) == type
)
1097 { /* got type attribute, look for duration following next */
1098 while (attributes
->enumerate(attributes
, &attr
))
1100 if (attr
->get_attribute_type(attr
) == dur_attr
)
1102 attributes
->destroy(attributes
);
1103 transforms
->destroy(transforms
);
1104 return attr
->get_value(attr
);
1109 attributes
->destroy(attributes
);
1111 transforms
->destroy(transforms
);
1115 METHOD(proposal_substructure_t
, get_lifetime
, uint32_t,
1116 private_proposal_substructure_t
*this)
1120 switch (this->protocol_id
)
1123 return get_life_duration(this, TATTR_PH1_LIFE_TYPE
,
1124 IKEV1_LIFE_TYPE_SECONDS
, TATTR_PH1_LIFE_DURATION
);
1127 duration
= get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE
,
1128 IKEV1_LIFE_TYPE_SECONDS
, TATTR_PH2_SA_LIFE_DURATION
);
1130 { /* default to 8 hours, RFC 2407 */
1139 METHOD(proposal_substructure_t
, get_lifebytes
, uint64_t,
1140 private_proposal_substructure_t
*this)
1142 switch (this->protocol_id
)
1146 return 1000 * get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE
,
1147 IKEV1_LIFE_TYPE_KILOBYTES
, TATTR_PH2_SA_LIFE_DURATION
);
1154 METHOD(proposal_substructure_t
, get_auth_method
, auth_method_t
,
1155 private_proposal_substructure_t
*this)
1157 switch (get_attr(this, TATTR_PH1_AUTH_METHOD
))
1159 case IKEV1_AUTH_PSK
:
1161 case IKEV1_AUTH_RSA_SIG
:
1163 case IKEV1_AUTH_DSS_SIG
:
1165 case IKEV1_AUTH_XAUTH_INIT_PSK
:
1166 return AUTH_XAUTH_INIT_PSK
;
1167 case IKEV1_AUTH_XAUTH_RESP_PSK
:
1168 return AUTH_XAUTH_RESP_PSK
;
1169 case IKEV1_AUTH_XAUTH_INIT_RSA
:
1170 return AUTH_XAUTH_INIT_RSA
;
1171 case IKEV1_AUTH_XAUTH_RESP_RSA
:
1172 return AUTH_XAUTH_RESP_RSA
;
1173 case IKEV1_AUTH_HYBRID_INIT_RSA
:
1174 return AUTH_HYBRID_INIT_RSA
;
1175 case IKEV1_AUTH_HYBRID_RESP_RSA
:
1176 return AUTH_HYBRID_RESP_RSA
;
1177 case IKEV1_AUTH_ECDSA_256
:
1178 return AUTH_ECDSA_256
;
1179 case IKEV1_AUTH_ECDSA_384
:
1180 return AUTH_ECDSA_384
;
1181 case IKEV1_AUTH_ECDSA_521
:
1182 return AUTH_ECDSA_521
;
1188 METHOD(proposal_substructure_t
, get_encap_mode
, ipsec_mode_t
,
1189 private_proposal_substructure_t
*this, bool *udp
)
1192 switch (get_attr(this, TATTR_PH2_ENCAP_MODE
))
1194 case IKEV1_ENCAP_TRANSPORT
:
1195 return MODE_TRANSPORT
;
1196 case IKEV1_ENCAP_TUNNEL
:
1198 case IKEV1_ENCAP_UDP_TRANSPORT
:
1199 case IKEV1_ENCAP_UDP_TRANSPORT_DRAFT_00_03
:
1201 return MODE_TRANSPORT
;
1202 case IKEV1_ENCAP_UDP_TUNNEL
:
1203 case IKEV1_ENCAP_UDP_TUNNEL_DRAFT_00_03
:
1207 /* default to TUNNEL, RFC 2407 says implementation specific */
1212 METHOD2(payload_t
, proposal_substructure_t
, destroy
, void,
1213 private_proposal_substructure_t
*this)
1215 this->transforms
->destroy_offset(this->transforms
,
1216 offsetof(payload_t
, destroy
));
1217 chunk_free(&this->spi
);
1222 * Described in header.
1224 proposal_substructure_t
*proposal_substructure_create(payload_type_t type
)
1226 private_proposal_substructure_t
*this;
1230 .payload_interface
= {
1232 .get_encoding_rules
= _get_encoding_rules
,
1233 .get_header_length
= _get_header_length
,
1234 .get_length
= _get_length
,
1235 .get_next_type
= _get_next_type
,
1236 .set_next_type
= _set_next_type
,
1237 .get_type
= _get_type
,
1238 .destroy
= _destroy
,
1240 .set_proposal_number
= _set_proposal_number
,
1241 .get_proposal_number
= _get_proposal_number
,
1242 .set_protocol_id
= _set_protocol_id
,
1243 .get_protocol_id
= _get_protocol_id
,
1244 .set_is_last_proposal
= _set_is_last_proposal
,
1245 .get_proposals
= _get_proposals
,
1246 .create_substructure_enumerator
= _create_substructure_enumerator
,
1247 .set_spi
= _set_spi
,
1248 .get_spi
= _get_spi
,
1249 .get_cpi
= _get_cpi
,
1250 .get_lifetime
= _get_lifetime
,
1251 .get_lifebytes
= _get_lifebytes
,
1252 .get_auth_method
= _get_auth_method
,
1253 .get_encap_mode
= _get_encap_mode
,
1254 .destroy
= _destroy
,
1256 .next_payload
= PL_NONE
,
1257 .transforms
= linked_list_create(),
1260 compute_length(this);
1262 return &this->public;
1266 * Add an IKEv1 IKE proposal to the substructure
1268 static void set_from_proposal_v1_ike(private_proposal_substructure_t
*this,
1269 proposal_t
*proposal
, uint32_t lifetime
,
1270 auth_method_t method
, int number
)
1272 transform_substructure_t
*transform
;
1273 uint16_t alg
, key_size
;
1274 enumerator_t
*enumerator
;
1276 transform
= transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE
,
1277 number
, IKEV1_TRANSID_KEY_IKE
);
1279 enumerator
= proposal
->create_enumerator(proposal
, ENCRYPTION_ALGORITHM
);
1280 while (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1282 alg
= get_ikev1_from_alg(ENCRYPTION_ALGORITHM
, alg
);
1285 transform
->add_transform_attribute(transform
,
1286 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1287 TATTR_PH1_ENCRYPTION_ALGORITHM
, alg
));
1290 transform
->add_transform_attribute(transform
,
1291 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1292 TATTR_PH1_KEY_LENGTH
, key_size
));
1297 enumerator
->destroy(enumerator
);
1299 /* encode the integrity algorithm as hash and assume use the same PRF */
1300 enumerator
= proposal
->create_enumerator(proposal
, INTEGRITY_ALGORITHM
);
1301 while (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1303 alg
= get_ikev1_from_alg(INTEGRITY_ALGORITHM
, alg
);
1306 transform
->add_transform_attribute(transform
,
1307 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1308 TATTR_PH1_HASH_ALGORITHM
, alg
));
1312 enumerator
->destroy(enumerator
);
1314 enumerator
= proposal
->create_enumerator(proposal
, DIFFIE_HELLMAN_GROUP
);
1315 if (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1317 transform
->add_transform_attribute(transform
,
1318 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1319 TATTR_PH1_GROUP
, alg
));
1321 enumerator
->destroy(enumerator
);
1323 transform
->add_transform_attribute(transform
,
1324 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1325 TATTR_PH1_AUTH_METHOD
, get_ikev1_auth(method
)));
1326 transform
->add_transform_attribute(transform
,
1327 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1328 TATTR_PH1_LIFE_TYPE
, IKEV1_LIFE_TYPE_SECONDS
));
1329 transform
->add_transform_attribute(transform
,
1330 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1331 TATTR_PH1_LIFE_DURATION
, lifetime
));
1333 add_transform_substructure(this, transform
);
1337 * Add an IKEv1 ESP/AH proposal to the substructure
1339 static void set_from_proposal_v1(private_proposal_substructure_t
*this,
1340 proposal_t
*proposal
, uint32_t lifetime
, uint64_t lifebytes
,
1341 ipsec_mode_t mode
, encap_t udp
, int number
)
1343 transform_substructure_t
*transform
= NULL
;
1344 uint16_t alg
, transid
, key_size
;
1345 enumerator_t
*enumerator
;
1347 enumerator
= proposal
->create_enumerator(proposal
, ENCRYPTION_ALGORITHM
);
1348 if (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1350 transid
= get_ikev1_transid_from_alg(ENCRYPTION_ALGORITHM
, alg
);
1353 transform
= transform_substructure_create_type(
1354 PLV1_TRANSFORM_SUBSTRUCTURE
, number
, transid
);
1357 transform
->add_transform_attribute(transform
,
1358 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1359 TATTR_PH2_KEY_LENGTH
, key_size
));
1363 enumerator
->destroy(enumerator
);
1365 enumerator
= proposal
->create_enumerator(proposal
, INTEGRITY_ALGORITHM
);
1366 if (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1368 transid
= get_ikev1_transid_from_alg(INTEGRITY_ALGORITHM
, alg
);
1369 alg
= get_ikev1_auth_from_alg(alg
);
1372 if (!transform
&& transid
)
1374 transform
= transform_substructure_create_type(
1375 PLV1_TRANSFORM_SUBSTRUCTURE
, number
, transid
);
1379 transform
->add_transform_attribute(transform
,
1380 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1381 TATTR_PH2_AUTH_ALGORITHM
, alg
));
1385 enumerator
->destroy(enumerator
);
1392 enumerator
= proposal
->create_enumerator(proposal
, DIFFIE_HELLMAN_GROUP
);
1393 if (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1395 transform
->add_transform_attribute(transform
,
1396 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1397 TATTR_PH2_GROUP
, alg
));
1399 enumerator
->destroy(enumerator
);
1401 transform
->add_transform_attribute(transform
,
1402 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1403 TATTR_PH2_ENCAP_MODE
, get_ikev1_mode(mode
, udp
)));
1406 transform
->add_transform_attribute(transform
,
1407 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1408 TATTR_PH2_SA_LIFE_TYPE
, IKEV1_LIFE_TYPE_SECONDS
));
1409 transform
->add_transform_attribute(transform
,
1410 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1411 TATTR_PH2_SA_LIFE_DURATION
, lifetime
));
1415 transform
->add_transform_attribute(transform
,
1416 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1417 TATTR_PH2_SA_LIFE_TYPE
, IKEV1_LIFE_TYPE_KILOBYTES
));
1418 transform
->add_transform_attribute(transform
,
1419 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1420 TATTR_PH2_SA_LIFE_DURATION
, lifebytes
/ 1000));
1423 enumerator
= proposal
->create_enumerator(proposal
,
1424 EXTENDED_SEQUENCE_NUMBERS
);
1425 while (enumerator
->enumerate(enumerator
, &alg
, NULL
))
1427 if (alg
== EXT_SEQ_NUMBERS
)
1429 transform
->add_transform_attribute(transform
,
1430 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1431 TATTR_PH2_EXT_SEQ_NUMBER
, alg
));
1434 enumerator
->destroy(enumerator
);
1435 add_transform_substructure(this, transform
);
1439 * Add an IKEv2 proposal to the substructure
1441 static void set_from_proposal_v2(private_proposal_substructure_t
*this,
1442 proposal_t
*proposal
)
1444 transform_substructure_t
*transform
;
1445 uint16_t alg
, key_size
;
1446 enumerator_t
*enumerator
;
1448 /* encryption algorithm is only available in ESP */
1449 enumerator
= proposal
->create_enumerator(proposal
, ENCRYPTION_ALGORITHM
);
1450 while (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1452 transform
= transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE
,
1453 ENCRYPTION_ALGORITHM
, alg
);
1456 transform
->add_transform_attribute(transform
,
1457 transform_attribute_create_value(PLV2_TRANSFORM_ATTRIBUTE
,
1458 TATTR_IKEV2_KEY_LENGTH
, key_size
));
1460 add_transform_substructure(this, transform
);
1462 enumerator
->destroy(enumerator
);
1464 /* integrity algorithms */
1465 enumerator
= proposal
->create_enumerator(proposal
, INTEGRITY_ALGORITHM
);
1466 while (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1468 transform
= transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE
,
1469 INTEGRITY_ALGORITHM
, alg
);
1470 add_transform_substructure(this, transform
);
1472 enumerator
->destroy(enumerator
);
1474 /* prf algorithms */
1475 enumerator
= proposal
->create_enumerator(proposal
, PSEUDO_RANDOM_FUNCTION
);
1476 while (enumerator
->enumerate(enumerator
, &alg
, &key_size
))
1478 transform
= transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE
,
1479 PSEUDO_RANDOM_FUNCTION
, alg
);
1480 add_transform_substructure(this, transform
);
1482 enumerator
->destroy(enumerator
);
1485 enumerator
= proposal
->create_enumerator(proposal
, DIFFIE_HELLMAN_GROUP
);
1486 while (enumerator
->enumerate(enumerator
, &alg
, NULL
))
1488 transform
= transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE
,
1489 DIFFIE_HELLMAN_GROUP
, alg
);
1490 add_transform_substructure(this, transform
);
1492 enumerator
->destroy(enumerator
);
1494 /* extended sequence numbers */
1495 enumerator
= proposal
->create_enumerator(proposal
, EXTENDED_SEQUENCE_NUMBERS
);
1496 while (enumerator
->enumerate(enumerator
, &alg
, NULL
))
1498 transform
= transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE
,
1499 EXTENDED_SEQUENCE_NUMBERS
, alg
);
1500 add_transform_substructure(this, transform
);
1502 enumerator
->destroy(enumerator
);
1506 * Set SPI and other data from proposal, compute length
1508 static void set_data(private_proposal_substructure_t
*this, proposal_t
*proposal
)
1513 /* add SPI, if necessary */
1514 switch (proposal
->get_protocol(proposal
))
1518 spi32
= proposal
->get_spi(proposal
);
1519 this->spi
= chunk_clone(chunk_from_thing(spi32
));
1520 this->spi_size
= this->spi
.len
;
1523 spi64
= proposal
->get_spi(proposal
);
1525 { /* IKE only uses SPIS when rekeying, but on initial setup */
1526 this->spi
= chunk_clone(chunk_from_thing(spi64
));
1527 this->spi_size
= this->spi
.len
;
1533 this->proposal_number
= proposal
->get_number(proposal
);
1534 this->protocol_id
= proposal
->get_protocol(proposal
);
1535 compute_length(this);
1539 * Described in header.
1541 proposal_substructure_t
*proposal_substructure_create_from_proposal_v2(
1542 proposal_t
*proposal
)
1544 private_proposal_substructure_t
*this;
1546 this = (private_proposal_substructure_t
*)
1547 proposal_substructure_create(PLV2_PROPOSAL_SUBSTRUCTURE
);
1548 set_from_proposal_v2(this, proposal
);
1549 set_data(this, proposal
);
1551 return &this->public;
1555 * Creates an IKEv1 proposal_substructure_t from a proposal_t.
1557 static proposal_substructure_t
*proposal_substructure_create_from_proposal_v1(
1558 proposal_t
*proposal
, uint32_t lifetime
, uint64_t lifebytes
,
1559 auth_method_t auth
, ipsec_mode_t mode
, encap_t udp
, uint8_t number
)
1561 private_proposal_substructure_t
*this;
1563 this = (private_proposal_substructure_t
*)
1564 proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE
);
1565 switch (proposal
->get_protocol(proposal
))
1568 set_from_proposal_v1_ike(this, proposal
, lifetime
, auth
, number
);
1572 set_from_proposal_v1(this, proposal
, lifetime
,
1573 lifebytes
, mode
, udp
, number
);
1578 set_data(this, proposal
);
1580 return &this->public;
1586 proposal_substructure_t
*proposal_substructure_create_from_proposals_v1(
1587 linked_list_t
*proposals
, uint32_t lifetime
, uint64_t lifebytes
,
1588 auth_method_t auth
, ipsec_mode_t mode
, encap_t udp
)
1590 private_proposal_substructure_t
*this = NULL
;
1591 enumerator_t
*enumerator
;
1592 proposal_t
*proposal
;
1595 enumerator
= proposals
->create_enumerator(proposals
);
1596 while (enumerator
->enumerate(enumerator
, &proposal
))
1599 { /* as responder the transform number is set and we only have a
1600 * single proposal, start with 1 otherwise */
1601 this = (private_proposal_substructure_t
*)
1602 proposal_substructure_create_from_proposal_v1(
1603 proposal
, lifetime
, lifebytes
, auth
, mode
, udp
,
1604 proposal
->get_transform_number(proposal
) ?: number
);
1608 switch (proposal
->get_protocol(proposal
))
1611 set_from_proposal_v1_ike(this, proposal
, lifetime
,
1616 set_from_proposal_v1(this, proposal
, lifetime
,
1617 lifebytes
, mode
, udp
, ++number
);
1624 enumerator
->destroy(enumerator
);
1626 return &this->public;
1632 proposal_substructure_t
*proposal_substructure_create_for_ipcomp_v1(
1633 uint32_t lifetime
, uint64_t lifebytes
, uint16_t cpi
,
1634 ipsec_mode_t mode
, encap_t udp
, uint8_t proposal_number
)
1636 private_proposal_substructure_t
*this;
1637 transform_substructure_t
*transform
;
1640 this = (private_proposal_substructure_t
*)
1641 proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE
);
1643 /* we currently support DEFLATE only */
1644 transform
= transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE
,
1645 1, IKEV1_IPCOMP_DEFLATE
);
1647 transform
->add_transform_attribute(transform
,
1648 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1649 TATTR_PH2_ENCAP_MODE
, get_ikev1_mode(mode
, udp
)));
1652 transform
->add_transform_attribute(transform
,
1653 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1654 TATTR_PH2_SA_LIFE_TYPE
, IKEV1_LIFE_TYPE_SECONDS
));
1655 transform
->add_transform_attribute(transform
,
1656 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1657 TATTR_PH2_SA_LIFE_DURATION
, lifetime
));
1661 transform
->add_transform_attribute(transform
,
1662 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1663 TATTR_PH2_SA_LIFE_TYPE
, IKEV1_LIFE_TYPE_KILOBYTES
));
1664 transform
->add_transform_attribute(transform
,
1665 transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE
,
1666 TATTR_PH2_SA_LIFE_DURATION
, lifebytes
/ 1000));
1669 add_transform_substructure(this, transform
);
1671 this->spi
= chunk_clone(chunk_from_thing(cpi
));
1672 this->spi_size
= this->spi
.len
;
1673 this->protocol_id
= PROTO_IPCOMP
;
1674 this->proposal_number
= proposal_number
;
1676 compute_length(this);
1678 return &this->public;