- reworked configuration framework completly
[strongswan.git] / Source / charon / encoding / payloads / encryption_payload.c
1 /**
2 * @file encryption_payload.c
3 *
4 * @brief Implementation of encryption_payload_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 /* offsetof macro */
24 #include <stddef.h>
25
26 #include "encryption_payload.h"
27
28 #include <daemon.h>
29 #include <encoding/payloads/encodings.h>
30 #include <utils/allocator.h>
31 #include <utils/linked_list.h>
32 #include <utils/logger.h>
33 #include <encoding/generator.h>
34 #include <encoding/parser.h>
35 #include <utils/iterator.h>
36 #include <utils/randomizer.h>
37 #include <transforms/signers/signer.h>
38
39
40
41
42 typedef struct private_encryption_payload_t private_encryption_payload_t;
43
44 /**
45 * Private data of an encryption_payload_t' Object.
46 *
47 */
48 struct private_encryption_payload_t {
49
50 /**
51 * Public encryption_payload_t interface.
52 */
53 encryption_payload_t public;
54
55 /**
56 * There is no next payload for an encryption payload,
57 * since encryption payload MUST be the last one.
58 * next_payload means here the first payload of the
59 * contained, encrypted payload.
60 */
61 u_int8_t next_payload;
62
63 /**
64 * Critical flag.
65 */
66 bool critical;
67
68 /**
69 * Length of this payload
70 */
71 u_int16_t payload_length;
72
73 /**
74 * Chunk containing the iv, data, padding,
75 * and (an eventually not calculated) signature.
76 */
77 chunk_t encrypted;
78
79 /**
80 * Chunk containing the data in decrypted (unpadded) form.
81 */
82 chunk_t decrypted;
83
84 /**
85 * Signer set by set_signer.
86 */
87 signer_t *signer;
88
89 /**
90 * Crypter, supplied by encrypt/decrypt
91 */
92 crypter_t *crypter;
93
94 /**
95 * Contained payloads of this encrpytion_payload.
96 */
97 linked_list_t *payloads;
98
99 /**
100 * logger for this payload, uses MESSAGE context
101 */
102 logger_t *logger;
103
104 /**
105 * @brief Computes the length of this payload.
106 *
107 * @param this calling private_encryption_payload_t object
108 */
109 void (*compute_length) (private_encryption_payload_t *this);
110
111 /**
112 * @brief Generate payloads (unencrypted) in chunk decrypted.
113 *
114 * @param this calling private_encryption_payload_t object
115 */
116 void (*generate) (private_encryption_payload_t *this);
117
118 /**
119 * @brief Parse payloads from a (unencrypted) chunk.
120 *
121 * @param this calling private_encryption_payload_t object
122 */
123 status_t (*parse) (private_encryption_payload_t *this);
124 };
125
126 /**
127 * Encoding rules to parse or generate a IKEv2-Encryption Payload.
128 *
129 * The defined offsets are the positions in a object of type
130 * private_encryption_payload_t.
131 *
132 */
133 encoding_rule_t encryption_payload_encodings[] = {
134 /* 1 Byte next payload type, stored in the field next_payload */
135 { U_INT_8, offsetof(private_encryption_payload_t, next_payload) },
136 /* the critical bit */
137 { FLAG, offsetof(private_encryption_payload_t, critical) },
138 /* 7 Bit reserved bits, nowhere stored */
139 { RESERVED_BIT, 0 },
140 { RESERVED_BIT, 0 },
141 { RESERVED_BIT, 0 },
142 { RESERVED_BIT, 0 },
143 { RESERVED_BIT, 0 },
144 { RESERVED_BIT, 0 },
145 { RESERVED_BIT, 0 },
146 /* Length of the whole encryption payload*/
147 { PAYLOAD_LENGTH, offsetof(private_encryption_payload_t, payload_length) },
148 /* encrypted data, stored in a chunk. contains iv, data, padding */
149 { ENCRYPTED_DATA, offsetof(private_encryption_payload_t, encrypted) },
150 };
151
152 /*
153 1 2 3
154 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
155 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
156 ! Next Payload !C! RESERVED ! Payload Length !
157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
158 ! Initialization Vector !
159 ! (length is block size for encryption algorithm) !
160 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
161 ! Encrypted IKE Payloads !
162 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
163 ! ! Padding (0-255 octets) !
164 +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
165 ! ! Pad Length !
166 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
167 ~ Integrity Checksum Data ~
168 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
169 */
170
171 /**
172 * Implementation of payload_t.verify.
173 */
174 static status_t verify(private_encryption_payload_t *this)
175 {
176 return SUCCESS;
177 }
178
179 /**
180 * Implementation of payload_t.get_encoding_rules.
181 */
182 static void get_encoding_rules(private_encryption_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
183 {
184 *rules = encryption_payload_encodings;
185 *rule_count = sizeof(encryption_payload_encodings) / sizeof(encoding_rule_t);
186 }
187
188 /**
189 * Implementation of payload_t.get_type.
190 */
191 static payload_type_t get_type(private_encryption_payload_t *this)
192 {
193 return ENCRYPTED;
194 }
195
196 /**
197 * Implementation of payload_t.get_next_type.
198 */
199 static payload_type_t get_next_type(private_encryption_payload_t *this)
200 {
201 /* returns first contained payload here */
202 return (this->next_payload);
203 }
204
205 /**
206 * Implementation of payload_t.set_next_type.
207 */
208 static void set_next_type(private_encryption_payload_t *this, payload_type_t type)
209 {
210 /* set next type is not allowed, since this payload MUST be the last one
211 * and so nothing is done in here*/
212 }
213
214 /**
215 * Implementation of payload_t.get_length.
216 */
217 static size_t get_length(private_encryption_payload_t *this)
218 {
219 this->compute_length(this);
220 return this->payload_length;
221 }
222
223 /**
224 * Implementation of payload_t.create_payload_iterator.
225 */
226 static iterator_t *create_payload_iterator (private_encryption_payload_t *this, bool forward)
227 {
228 return (this->payloads->create_iterator(this->payloads, forward));
229 }
230
231 /**
232 * Implementation of payload_t.add_payload.
233 */
234 static void add_payload(private_encryption_payload_t *this, payload_t *payload)
235 {
236 payload_t *last_payload;
237 if (this->payloads->get_count(this->payloads) > 0)
238 {
239 this->payloads->get_last(this->payloads,(void **) &last_payload);
240 last_payload->set_next_type(last_payload, payload->get_type(payload));
241 }
242 else
243 {
244 this->next_payload = payload->get_type(payload);
245 }
246 payload->set_next_type(payload, NO_PAYLOAD);
247 this->payloads->insert_last(this->payloads, (void*)payload);
248 this->compute_length(this);
249 }
250
251 /**
252 * Implementation of encryption_payload_t.remove_first_payload.
253 */
254 static status_t remove_first_payload(private_encryption_payload_t *this, payload_t **payload)
255 {
256 return this->payloads->remove_first(this->payloads, (void**)payload);
257 }
258
259 /**
260 * Implementation of encryption_payload_t.get_payload_count.
261 */
262 static size_t get_payload_count(private_encryption_payload_t *this)
263 {
264 return this->payloads->get_count(this->payloads);
265 }
266
267
268 /**
269 * Implementation of encryption_payload_t.encrypt.
270 */
271 static status_t encrypt(private_encryption_payload_t *this)
272 {
273 chunk_t iv, padding, to_crypt, result;
274 randomizer_t *randomizer;
275 status_t status;
276 size_t block_size;
277
278 if (this->signer == NULL || this->crypter == NULL)
279 {
280 this->logger->log(this->logger, ERROR, "could not encrypt, signer/crypter not set");
281 return INVALID_STATE;
282 }
283
284 /* for random data in iv and padding */
285 randomizer = randomizer_create();
286
287
288 /* build payload chunk */
289 this->generate(this);
290
291 this->logger->log(this->logger, CONTROL|LEVEL2, "encrypting payloads");
292 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data to encrypt", this->decrypted);
293
294 /* build padding */
295 block_size = this->crypter->get_block_size(this->crypter);
296 padding.len = block_size - ((this->decrypted.len + 1) % block_size);
297 randomizer->allocate_pseudo_random_bytes(randomizer, padding.len, &padding);
298
299 /* concatenate payload data, padding, padding len */
300 to_crypt.len = this->decrypted.len + padding.len + 1;
301 to_crypt.ptr = allocator_alloc(to_crypt.len);
302
303 memcpy(to_crypt.ptr, this->decrypted.ptr, this->decrypted.len);
304 memcpy(to_crypt.ptr + this->decrypted.len, padding.ptr, padding.len);
305 *(to_crypt.ptr + to_crypt.len - 1) = padding.len;
306
307 /* build iv */
308 iv.len = block_size;
309 randomizer->allocate_pseudo_random_bytes(randomizer, iv.len, &iv);
310 randomizer->destroy(randomizer);
311
312 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before encryption with padding", to_crypt);
313
314 /* encrypt to_crypt chunk */
315 allocator_free(this->encrypted.ptr);
316 status = this->crypter->encrypt(this->crypter, to_crypt, iv, &result);
317 allocator_free(padding.ptr);
318 allocator_free(to_crypt.ptr);
319 if (status != SUCCESS)
320 {
321 this->logger->log(this->logger, ERROR|LEVEL1, "encryption failed");
322 allocator_free(iv.ptr);
323 return status;
324 }
325 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after encryption", result);
326
327
328 /* build encrypted result with iv and signature */
329 this->encrypted.len = iv.len + result.len + this->signer->get_block_size(this->signer);
330 allocator_free(this->encrypted.ptr);
331 this->encrypted.ptr = allocator_alloc(this->encrypted.len);
332
333 /* fill in result, signature is left out */
334 memcpy(this->encrypted.ptr, iv.ptr, iv.len);
335 memcpy(this->encrypted.ptr + iv.len, result.ptr, result.len);
336
337 allocator_free(result.ptr);
338 allocator_free(iv.ptr);
339 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after encryption with IV and (invalid) signature", this->encrypted);
340
341 return SUCCESS;
342 }
343
344 /**
345 * Implementation of encryption_payload_t.encrypt.
346 */
347 static status_t decrypt(private_encryption_payload_t *this)
348 {
349 chunk_t iv, concatenated;
350 u_int8_t padding_length;
351 status_t status;
352
353
354 this->logger->log(this->logger, CONTROL|LEVEL2, "decrypting encryption payload");
355 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before decryption with IV and (invalid) signature", this->encrypted);
356
357
358 if (this->signer == NULL || this->crypter == NULL)
359 {
360 this->logger->log(this->logger, ERROR, "could not decrypt, no crypter/signer set");
361 return INVALID_STATE;
362 }
363
364 /* get IV */
365 iv.len = this->crypter->get_block_size(this->crypter);
366
367 iv.ptr = this->encrypted.ptr;
368
369 /* point concatenated to data + padding + padding_length*/
370 concatenated.ptr = this->encrypted.ptr + iv.len;
371 concatenated.len = this->encrypted.len - iv.len - this->signer->get_block_size(this->signer);
372
373 /* check the size of input:
374 * concatenated must be at least on block_size of crypter
375 */
376 if (concatenated.len < iv.len)
377 {
378 this->logger->log(this->logger, ERROR|LEVEL1, "could not decrypt, invalid input");
379 return FAILED;
380 }
381
382 /* free previus data, if any */
383 allocator_free(this->decrypted.ptr);
384
385 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data before decryption", concatenated);
386
387 status = this->crypter->decrypt(this->crypter, concatenated, iv, &(this->decrypted));
388 if (status != SUCCESS)
389 {
390 this->logger->log(this->logger, ERROR|LEVEL1, "could not decrypt, decryption failed");
391 return FAILED;
392 }
393 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after decryption with padding", this->decrypted);
394
395
396 /* get padding length, sits just bevore signature */
397 padding_length = *(this->decrypted.ptr + this->decrypted.len - 1);
398 /* add one byte to the padding length, since the padding_length field is not included */
399 padding_length++;
400 this->decrypted.len -= padding_length;
401
402 /* check size again */
403 if (padding_length > concatenated.len || this->decrypted.len < 0)
404 {
405 this->logger->log(this->logger, ERROR|LEVEL1, "decryption failed, invalid padding length found. Invalid key?");
406 /* decryption failed :-/ */
407 return FAILED;
408 }
409
410 /* free padding */
411 this->decrypted.ptr = allocator_realloc(this->decrypted.ptr, this->decrypted.len);
412 this->logger->log_chunk(this->logger, RAW|LEVEL2, "data after decryption without padding", this->decrypted);
413 this->logger->log(this->logger, CONTROL|LEVEL2, "decryption successful, trying to parse content");
414 return (this->parse(this));
415 }
416
417 /**
418 * Implementation of encryption_payload_t.set_transforms.
419 */
420 static void set_transforms(private_encryption_payload_t *this, crypter_t* crypter, signer_t* signer)
421 {
422 this->signer = signer;
423 this->crypter = crypter;
424 }
425
426 /**
427 * Implementation of encryption_payload_t.build_signature.
428 */
429 static status_t build_signature(private_encryption_payload_t *this, chunk_t data)
430 {
431 chunk_t data_without_sig = data;
432 chunk_t sig;
433
434 if (this->signer == NULL)
435 {
436 this->logger->log(this->logger, ERROR, "unable to build signature, no signer set");
437 return INVALID_STATE;
438 }
439
440 sig.len = this->signer->get_block_size(this->signer);
441 data_without_sig.len -= sig.len;
442 sig.ptr = data.ptr + data_without_sig.len;
443 this->logger->log(this->logger, CONTROL|LEVEL2, "building signature");
444 this->signer->get_signature(this->signer, data_without_sig, sig.ptr);
445 return SUCCESS;
446 }
447
448 /**
449 * Implementation of encryption_payload_t.verify_signature.
450 */
451 static status_t verify_signature(private_encryption_payload_t *this, chunk_t data)
452 {
453 chunk_t sig, data_without_sig;
454 bool valid;
455
456 if (this->signer == NULL)
457 {
458 this->logger->log(this->logger, ERROR, "unable to verify signature, no signer set");
459 return INVALID_STATE;
460 }
461 /* find signature in data chunk */
462 sig.len = this->signer->get_block_size(this->signer);
463 if (data.len <= sig.len)
464 {
465 this->logger->log(this->logger, ERROR|LEVEL1, "unable to verify signature, invalid input");
466 return FAILED;
467 }
468 sig.ptr = data.ptr + data.len - sig.len;
469
470 /* verify it */
471 data_without_sig.len = data.len - sig.len;
472 data_without_sig.ptr = data.ptr;
473 valid = this->signer->verify_signature(this->signer, data_without_sig, sig);
474
475 if (!valid)
476 {
477 this->logger->log(this->logger, ERROR|LEVEL1, "signature verification failed");
478 return FAILED;
479 }
480
481 this->logger->log(this->logger, CONTROL|LEVEL2, "signature verification successful");
482 return SUCCESS;
483 }
484
485 /**
486 * Implementation of private_encryption_payload_t.generate.
487 */
488 static void generate(private_encryption_payload_t *this)
489 {
490 payload_t *current_payload, *next_payload;
491 generator_t *generator;
492 iterator_t *iterator;
493
494 /* recalculate length before generating */
495 this->compute_length(this);
496
497 /* create iterator */
498 iterator = this->payloads->create_iterator(this->payloads, TRUE);
499
500 /* get first payload */
501 if (iterator->has_next(iterator))
502 {
503 iterator->current(iterator, (void**)&current_payload);
504 this->next_payload = current_payload->get_type(current_payload);
505 }
506 else
507 {
508 /* no paylads? */
509 this->logger->log(this->logger, CONTROL|LEVEL1, "generating contained payloads, but no available");
510 allocator_free(this->decrypted.ptr);
511 this->decrypted = CHUNK_INITIALIZER;
512 iterator->destroy(iterator);
513 return;
514 }
515
516 generator = generator_create();
517
518 /* build all payload, except last */
519 while(iterator->has_next(iterator))
520 {
521 iterator->current(iterator, (void**)&next_payload);
522 current_payload->set_next_type(current_payload, next_payload->get_type(next_payload));
523 generator->generate_payload(generator, current_payload);
524 current_payload = next_payload;
525 }
526 iterator->destroy(iterator);
527
528 /* build last payload */
529 current_payload->set_next_type(current_payload, NO_PAYLOAD);
530 generator->generate_payload(generator, current_payload);
531
532 /* free already generated data */
533 allocator_free(this->decrypted.ptr);
534
535 generator->write_to_chunk(generator, &(this->decrypted));
536 generator->destroy(generator);
537 this->logger->log(this->logger, CONTROL|LEVEL1, "successfully generated content in encrpytion payload");
538 }
539
540 /**
541 * Implementation of private_encryption_payload_t.parse.
542 */
543 static status_t parse(private_encryption_payload_t *this)
544 {
545 parser_t *parser;
546 status_t status;
547 payload_type_t current_payload_type;
548
549 /* check if there is decrypted data */
550 if (this->decrypted.ptr == NULL)
551 {
552 this->logger->log(this->logger, ERROR, "unable to parse, no input!");
553 return INVALID_STATE;
554 }
555
556 /* build a parser on the decrypted data */
557 parser = parser_create(this->decrypted);
558
559 current_payload_type = this->next_payload;
560 /* parse all payloads */
561 while (current_payload_type != NO_PAYLOAD)
562 {
563 payload_t *current_payload;
564
565 status = parser->parse_payload(parser, current_payload_type, (payload_t**)&current_payload);
566 if (status != SUCCESS)
567 {
568 parser->destroy(parser);
569 return PARSE_ERROR;
570 }
571
572 status = current_payload->verify(current_payload);
573 if (status != SUCCESS)
574 {
575 this->logger->log(this->logger, ERROR|LEVEL1, "%s verification failed: %s",
576 mapping_find(payload_type_m,current_payload->get_type(current_payload)),
577 mapping_find(status_m, status));
578 current_payload->destroy(current_payload);
579 parser->destroy(parser);
580 return VERIFY_ERROR;
581 }
582
583 /* get next payload type */
584 current_payload_type = current_payload->get_next_type(current_payload);
585
586 this->payloads->insert_last(this->payloads,current_payload);
587 }
588 parser->destroy(parser);
589 this->logger->log(this->logger, CONTROL|LEVEL1, "succesfully parsed content of encryption payload");
590 return SUCCESS;
591 }
592
593 /**
594 * Implementation of private_encryption_payload_t.compute_length.
595 */
596 static void compute_length(private_encryption_payload_t *this)
597 {
598 iterator_t *iterator;
599 size_t block_size, length = 0;
600 iterator = this->payloads->create_iterator(this->payloads, TRUE);
601
602 /* count payload length */
603 while (iterator->has_next(iterator))
604 {
605 payload_t *current_payload;
606 iterator->current(iterator, (void **) &current_payload);
607 length += current_payload->get_length(current_payload);
608 }
609 iterator->destroy(iterator);
610
611 if (this->crypter && this->signer)
612 {
613 /* append one byte for padding length */
614 length++;
615 /* append padding */
616 block_size = this->crypter->get_block_size(this->crypter);
617 length += block_size - length % block_size;
618 /* add iv */
619 length += block_size;
620 /* add signature */
621 length += this->signer->get_block_size(this->signer);
622 }
623 length += ENCRYPTION_PAYLOAD_HEADER_LENGTH;
624 this->payload_length = length;
625 }
626
627
628 /**
629 * Implementation of payload_t.destroy.
630 */
631 static void destroy(private_encryption_payload_t *this)
632 {
633 /* all proposals are getting destroyed */
634 while (this->payloads->get_count(this->payloads) > 0)
635 {
636 payload_t *current_payload;
637 this->payloads->remove_last(this->payloads,(void **)&current_payload);
638 current_payload->destroy(current_payload);
639 }
640 this->payloads->destroy(this->payloads);
641 charon->logger_manager->destroy_logger(charon->logger_manager, this->logger);
642 allocator_free(this->encrypted.ptr);
643 allocator_free(this->decrypted.ptr);
644 allocator_free(this);
645 }
646
647 /*
648 * Described in header
649 */
650 encryption_payload_t *encryption_payload_create()
651 {
652 private_encryption_payload_t *this = allocator_alloc_thing(private_encryption_payload_t);
653
654 /* payload_t interface functions */
655 this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
656 this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
657 this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
658 this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
659 this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
660 this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type;
661 this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
662
663 /* public functions */
664 this->public.create_payload_iterator = (iterator_t * (*) (encryption_payload_t *,bool)) create_payload_iterator;
665 this->public.add_payload = (void (*) (encryption_payload_t *,payload_t *)) add_payload;
666 this->public.remove_first_payload = (status_t (*)(encryption_payload_t*, payload_t **)) remove_first_payload;
667 this->public.get_payload_count = (size_t (*)(encryption_payload_t*)) get_payload_count;
668
669 this->public.encrypt = (status_t (*) (encryption_payload_t *)) encrypt;
670 this->public.decrypt = (status_t (*) (encryption_payload_t *)) decrypt;
671 this->public.set_transforms = (void (*) (encryption_payload_t*,crypter_t*,signer_t*)) set_transforms;
672 this->public.build_signature = (status_t (*) (encryption_payload_t*, chunk_t)) build_signature;
673 this->public.verify_signature = (status_t (*) (encryption_payload_t*, chunk_t)) verify_signature;
674 this->public.destroy = (void (*) (encryption_payload_t *)) destroy;
675
676 /* private functions */
677 this->compute_length = compute_length;
678 this->generate = generate;
679 this->parse = parse;
680 this->logger = charon->logger_manager->create_logger(charon->logger_manager, ENCRYPTION_PAYLOAD, NULL);
681
682 /* set default values of the fields */
683 this->critical = TRUE;
684 this->next_payload = NO_PAYLOAD;
685 this->payload_length = ENCRYPTION_PAYLOAD_HEADER_LENGTH;
686 this->encrypted = CHUNK_INITIALIZER;
687 this->decrypted = CHUNK_INITIALIZER;
688 this->signer = NULL;
689 this->crypter = NULL;
690 this->payloads = linked_list_create();
691
692 return (&(this->public));
693 }