- added and tested auth_payload_t class
[strongswan.git] / Source / charon / encoding / payloads / auth_payload.c
1 /**
2 * @file auth_payload.h
3 *
4 * @brief Interface of auth_payload_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include "auth_payload.h"
24
25 #include <encoding/payloads/encodings.h>
26 #include <utils/allocator.h>
27
28 /**
29 * String mappings for auth_method_t.
30 */
31 mapping_t auth_method_m[] = {
32 {RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"},
33 {SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"},
34 {DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"},
35 {MAPPING_END, NULL}
36 };
37
38
39 typedef struct private_auth_payload_t private_auth_payload_t;
40
41 /**
42 * Private data of an auth_payload_t object.
43 *
44 */
45 struct private_auth_payload_t {
46 /**
47 * Public auth_payload_t interface.
48 */
49 auth_payload_t public;
50
51 /**
52 * Next payload type.
53 */
54 u_int8_t next_payload;
55
56 /**
57 * Critical flag.
58 */
59 bool critical;
60
61 /**
62 * Length of this payload.
63 */
64 u_int16_t payload_length;
65
66 /**
67 * Method of the AUTH Data.
68 */
69 u_int8_t auth_method;
70
71 /**
72 * The contained auth data value.
73 */
74 chunk_t auth_data;
75 };
76
77 /**
78 * Encoding rules to parse or generate a AUTH payload
79 *
80 * The defined offsets are the positions in a object of type
81 * private_auth_payload_t.
82 *
83 */
84 encoding_rule_t auth_payload_encodings[] = {
85 /* 1 Byte next payload type, stored in the field next_payload */
86 { U_INT_8, offsetof(private_auth_payload_t, next_payload) },
87 /* the critical bit */
88 { FLAG, offsetof(private_auth_payload_t, critical) },
89 /* 7 Bit reserved bits, nowhere stored */
90 { RESERVED_BIT, 0 },
91 { RESERVED_BIT, 0 },
92 { RESERVED_BIT, 0 },
93 { RESERVED_BIT, 0 },
94 { RESERVED_BIT, 0 },
95 { RESERVED_BIT, 0 },
96 { RESERVED_BIT, 0 },
97 /* Length of the whole payload*/
98 { PAYLOAD_LENGTH, offsetof(private_auth_payload_t, payload_length)},
99 /* 1 Byte AUTH type*/
100 { U_INT_8, offsetof(private_auth_payload_t, auth_method) },
101 /* 3 reserved bytes */
102 { RESERVED_BYTE, 0 },
103 { RESERVED_BYTE, 0 },
104 { RESERVED_BYTE, 0 },
105 /* some auth data bytes, length is defined in PAYLOAD_LENGTH */
106 { AUTH_DATA, offsetof(private_auth_payload_t, auth_data) }
107 };
108
109 /*
110 1 2 3
111 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
112 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
113 ! Next Payload !C! RESERVED ! Payload Length !
114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
115 ! Auth Method ! RESERVED !
116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
117 ! !
118 ~ Authentication Data ~
119 ! !
120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
121 */
122
123 /**
124 * Implementation of payload_t.verify.
125 */
126 static status_t verify(private_auth_payload_t *this)
127 {
128 if (this->critical)
129 {
130 /* critical bit is set! */
131 return FAILED;
132 }
133 if ((this->auth_method == 0) ||
134 ((this->auth_method >= 4) && (this->auth_method <= 200)))
135 {
136 /* reserved IDs */
137 return FAILED;
138 }
139 return SUCCESS;
140 }
141
142 /**
143 * Implementation of auth_payload_t.get_encoding_rules.
144 */
145 static void get_encoding_rules(private_auth_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
146 {
147 *rules = auth_payload_encodings;
148 *rule_count = sizeof(auth_payload_encodings) / sizeof(encoding_rule_t);
149 }
150
151 /**
152 * Implementation of payload_t.get_type.
153 */
154 static payload_type_t get_payload_type(private_auth_payload_t *this)
155 {
156 return AUTHENTICATION;
157 }
158
159 /**
160 * Implementation of payload_t.get_next_type.
161 */
162 static payload_type_t get_next_type(private_auth_payload_t *this)
163 {
164 return (this->next_payload);
165 }
166
167 /**
168 * Implementation of payload_t.set_next_type.
169 */
170 static void set_next_type(private_auth_payload_t *this,payload_type_t type)
171 {
172 this->next_payload = type;
173 }
174
175 /**
176 * Implementation of payload_t.get_length.
177 */
178 static size_t get_length(private_auth_payload_t *this)
179 {
180 return this->payload_length;
181 }
182
183 /**
184 * Implementation of auth_payload_t.set_auth_method.
185 */
186 static void set_auth_method (private_auth_payload_t *this, auth_method_t method)
187 {
188 this->auth_method = method;
189 }
190
191 /**
192 * Implementation of auth_payload_t.get_auth_method.
193 */
194 static auth_method_t get_auth_method (private_auth_payload_t *this)
195 {
196 return (this->auth_method);
197 }
198
199 /**
200 * Implementation of auth_payload_t.set_data.
201 */
202 static void set_data (private_auth_payload_t *this, chunk_t data)
203 {
204 if (this->auth_data.ptr != NULL)
205 {
206 allocator_free_chunk(&(this->auth_data));
207 }
208 this->auth_data.ptr = allocator_clone_bytes(data.ptr,data.len);
209 this->auth_data.len = data.len;
210 this->payload_length = AUTH_PAYLOAD_HEADER_LENGTH + this->auth_data.len;
211 }
212
213 /**
214 * Implementation of auth_payload_t.get_data.
215 */
216 static chunk_t get_data (private_auth_payload_t *this)
217 {
218 chunk_t cloned_data;
219 if (this->auth_data.ptr == NULL)
220 {
221 return (this->auth_data);
222 }
223 cloned_data.ptr = allocator_clone_bytes(this->auth_data.ptr,this->auth_data.len);
224 cloned_data.len = this->auth_data.len;
225 return cloned_data;
226 }
227
228 /**
229 * Implementation of payload_t.destroy and auth_payload_t.destroy.
230 */
231 static void destroy(private_auth_payload_t *this)
232 {
233 if (this->auth_data.ptr != NULL)
234 {
235 allocator_free_chunk(&(this->auth_data));
236 }
237
238 allocator_free(this);
239 }
240
241 /*
242 * Described in header
243 */
244 auth_payload_t *auth_payload_create()
245 {
246 private_auth_payload_t *this = allocator_alloc_thing(private_auth_payload_t);
247
248 /* interface functions */
249 this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
250 this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
251 this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
252 this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
253 this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
254 this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type;
255 this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
256
257 /* public functions */
258 this->public.destroy = (void (*) (auth_payload_t *)) destroy;
259 this->public.set_auth_method = (void (*) (auth_payload_t *,auth_method_t)) set_auth_method;
260 this->public.get_auth_method = (auth_method_t (*) (auth_payload_t *)) get_auth_method;
261 this->public.set_data = (void (*) (auth_payload_t *,chunk_t)) set_data;
262 this->public.get_data = (chunk_t (*) (auth_payload_t *)) get_data;
263
264 /* private variables */
265 this->critical = FALSE;
266 this->next_payload = NO_PAYLOAD;
267 this->payload_length =AUTH_PAYLOAD_HEADER_LENGTH;
268 this->auth_data = CHUNK_INITIALIZER;
269
270 return (&(this->public));
271 }