removed deprecated iterator methods (has_next & current)
[strongswan.git] / src / charon / encoding / payloads / proposal_substructure.c
1 /**
2 * @file proposal_substructure.h
3 *
4 * @brief Implementation of proposal_substructure_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005-2006 Martin Willi
10 * Copyright (C) 2005 Jan Hutter
11 * Hochschule fuer Technik Rapperswil
12 *
13 * This program is free software; you can redistribute it and/or modify it
14 * under the terms of the GNU General Public License as published by the
15 * Free Software Foundation; either version 2 of the License, or (at your
16 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
17 *
18 * This program is distributed in the hope that it will be useful, but
19 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
20 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
21 * for more details.
22 */
23
24 #include <stddef.h>
25
26 #include "proposal_substructure.h"
27
28 #include <encoding/payloads/encodings.h>
29 #include <encoding/payloads/transform_substructure.h>
30 #include <types.h>
31 #include <utils/linked_list.h>
32 #include <daemon.h>
33
34
35 /**
36 * IKEv1 Value for a proposal payload.
37 */
38 #define PROPOSAL_TYPE_VALUE 2
39
40
41 typedef struct private_proposal_substructure_t private_proposal_substructure_t;
42
43 /**
44 * Private data of an proposal_substructure_t object.
45 *
46 */
47 struct private_proposal_substructure_t {
48 /**
49 * Public proposal_substructure_t interface.
50 */
51 proposal_substructure_t public;
52
53 /**
54 * Next payload type.
55 */
56 u_int8_t next_payload;
57
58 /**
59 * Length of this payload.
60 */
61 u_int16_t proposal_length;
62
63 /**
64 * Proposal number.
65 */
66 u_int8_t proposal_number;
67
68 /**
69 * Protocol ID.
70 */
71 u_int8_t protocol_id;
72
73 /**
74 * SPI size of the following SPI.
75 */
76 u_int8_t spi_size;
77
78 /**
79 * Number of transforms.
80 */
81 u_int8_t transforms_count;
82
83 /**
84 * SPI is stored as chunk.
85 */
86 chunk_t spi;
87
88 /**
89 * Transforms are stored in a linked_list_t.
90 */
91 linked_list_t * transforms;
92 };
93
94 /**
95 * Encoding rules to parse or generate a Proposal substructure.
96 *
97 * The defined offsets are the positions in a object of type
98 * private_proposal_substructure_t.
99 */
100 encoding_rule_t proposal_substructure_encodings[] = {
101 /* 1 Byte next payload type, stored in the field next_payload */
102 { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) },
103 /* Reserved Byte is skipped */
104 { RESERVED_BYTE, 0 },
105 /* Length of the whole proposal substructure payload*/
106 { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) },
107 /* proposal number is a number of 8 bit */
108 { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) },
109 /* protocol ID is a number of 8 bit */
110 { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) },
111 /* SPI Size has its own type */
112 { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) },
113 /* Number of transforms is a number of 8 bit */
114 { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) },
115 /* SPI is a chunk of variable size*/
116 { SPI, offsetof(private_proposal_substructure_t, spi) },
117 /* Transforms are stored in a transform substructure,
118 offset points to a linked_list_t pointer */
119 { TRANSFORMS, offsetof(private_proposal_substructure_t, transforms) }
120 };
121
122 /*
123 1 2 3
124 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
125 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
126 ! 0 (last) or 2 ! RESERVED ! Proposal Length !
127 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
128 ! Proposal # ! Protocol ID ! SPI Size !# of Transforms!
129 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
130 ~ SPI (variable) ~
131 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
132 ! !
133 ~ <Transforms> ~
134 ! !
135 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
136 */
137
138 /**
139 * Implementation of payload_t.verify.
140 */
141 static status_t verify(private_proposal_substructure_t *this)
142 {
143 status_t status = SUCCESS;
144 iterator_t *iterator;
145 payload_t *current_transform;
146
147 if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2))
148 {
149 /* must be 0 or 2 */
150 DBG1(SIG_DBG_ENC, "inconsistent next payload");
151 return FAILED;
152 }
153 if (this->transforms_count != this->transforms->get_count(this->transforms))
154 {
155 /* must be the same! */
156 DBG1(SIG_DBG_ENC, "transform count invalid");
157 return FAILED;
158 }
159
160 switch (this->protocol_id)
161 {
162 case PROTO_AH:
163 case PROTO_ESP:
164 if (this->spi.len != 4)
165 {
166 DBG1(SIG_DBG_ENC, "invalid SPI length in %N proposal",
167 protocol_id_names, this->protocol_id);
168 return FAILED;
169 }
170 break;
171 case PROTO_IKE:
172 if (this->spi.len != 0 && this->spi.len != 8)
173 {
174 DBG1(SIG_DBG_ENC, "invalid SPI length in IKE proposal");
175 return FAILED;
176 }
177 break;
178 default:
179 DBG1(SIG_DBG_ENC, "invalid proposal protocol (%d)", this->protocol_id);
180 return FAILED;
181 }
182 if ((this->protocol_id == 0) || (this->protocol_id >= 4))
183 {
184 /* reserved are not supported */
185 DBG1(SIG_DBG_ENC, "invalid protocol");
186 return FAILED;
187 }
188
189 iterator = this->transforms->create_iterator(this->transforms,TRUE);
190 while(iterator->iterate(iterator, (void**)&current_transform))
191 {
192 status = current_transform->verify(current_transform);
193 if (status != SUCCESS)
194 {
195 DBG1(SIG_DBG_ENC, "TRANSFORM_SUBSTRUCTURE verification failed");
196 break;
197 }
198 }
199 iterator->destroy(iterator);
200
201 /* proposal number is checked in SA payload */
202 return status;
203 }
204
205 /**
206 * Implementation of payload_t.get_encoding_rules.
207 */
208 static void get_encoding_rules(private_proposal_substructure_t *this, encoding_rule_t **rules, size_t *rule_count)
209 {
210 *rules = proposal_substructure_encodings;
211 *rule_count = sizeof(proposal_substructure_encodings) / sizeof(encoding_rule_t);
212 }
213
214 /**
215 * Implementation of payload_t.get_type.
216 */
217 static payload_type_t get_type(private_proposal_substructure_t *this)
218 {
219 return PROPOSAL_SUBSTRUCTURE;
220 }
221
222 /**
223 * Implementation of payload_t.get_next_type.
224 */
225 static payload_type_t get_next_type(private_proposal_substructure_t *this)
226 {
227 return (this->next_payload);
228 }
229
230 /**
231 * Implementation of payload_t.set_next_type.
232 */
233 static void set_next_type(private_proposal_substructure_t *this,payload_type_t type)
234 {
235 }
236
237 /**
238 * (re-)compute the length of the payload.
239 */
240 static void compute_length(private_proposal_substructure_t *this)
241 {
242 iterator_t *iterator;
243 payload_t *current_transform;
244 size_t transforms_count = 0;
245 size_t length = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH;
246
247 iterator = this->transforms->create_iterator(this->transforms,TRUE);
248 while (iterator->iterate(iterator, (void**)&current_transform))
249 {
250 length += current_transform->get_length(current_transform);
251 transforms_count++;
252 }
253 iterator->destroy(iterator);
254
255 length += this->spi.len;
256 this->transforms_count = transforms_count;
257 this->proposal_length = length;
258 }
259
260 /**
261 * Implementation of payload_t.get_length.
262 */
263 static size_t get_length(private_proposal_substructure_t *this)
264 {
265 compute_length(this);
266 return this->proposal_length;
267 }
268
269 /**
270 * Implementation of proposal_substructure_t.create_transform_substructure_iterator.
271 */
272 static iterator_t *create_transform_substructure_iterator (private_proposal_substructure_t *this,bool forward)
273 {
274 return (this->transforms->create_iterator(this->transforms,forward));
275 }
276
277 /**
278 * Implementation of proposal_substructure_t.add_transform_substructure.
279 */
280 static void add_transform_substructure (private_proposal_substructure_t *this,transform_substructure_t *transform)
281 {
282 status_t status;
283 if (this->transforms->get_count(this->transforms) > 0)
284 {
285 transform_substructure_t *last_transform;
286 status = this->transforms->get_last(this->transforms,(void **) &last_transform);
287 /* last transform is now not anymore last one */
288 last_transform->set_is_last_transform(last_transform,FALSE);
289
290 }
291 transform->set_is_last_transform(transform,TRUE);
292
293 this->transforms->insert_last(this->transforms,(void *) transform);
294 compute_length(this);
295 }
296
297 /**
298 * Implementation of proposal_substructure_t.proposal_substructure_t.
299 */
300 static void set_is_last_proposal (private_proposal_substructure_t *this, bool is_last)
301 {
302 this->next_payload = (is_last) ? 0: PROPOSAL_TYPE_VALUE;
303 }
304
305 /**
306 * Implementation of proposal_substructure_t.set_proposal_number.
307 */
308 static void set_proposal_number(private_proposal_substructure_t *this,u_int8_t proposal_number)
309 {
310 this->proposal_number = proposal_number;
311 }
312
313 /**
314 * Implementation of proposal_substructure_t.get_proposal_number.
315 */
316 static u_int8_t get_proposal_number (private_proposal_substructure_t *this)
317 {
318 return (this->proposal_number);
319 }
320
321 /**
322 * Implementation of proposal_substructure_t.set_protocol_id.
323 */
324 static void set_protocol_id(private_proposal_substructure_t *this,u_int8_t protocol_id)
325 {
326 this->protocol_id = protocol_id;
327 }
328
329 /**
330 * Implementation of proposal_substructure_t.get_protocol_id.
331 */
332 static u_int8_t get_protocol_id(private_proposal_substructure_t *this)
333 {
334 return (this->protocol_id);
335 }
336
337 /**
338 * Implementation of proposal_substructure_t.set_spi.
339 */
340 static void set_spi(private_proposal_substructure_t *this, chunk_t spi)
341 {
342 /* first delete already set spi value */
343 if (this->spi.ptr != NULL)
344 {
345 free(this->spi.ptr);
346 this->spi.ptr = NULL;
347 this->spi.len = 0;
348 compute_length(this);
349 }
350
351 this->spi.ptr = clalloc(spi.ptr,spi.len);
352 this->spi.len = spi.len;
353 this->spi_size = spi.len;
354 compute_length(this);
355 }
356
357 /**
358 * Implementation of proposal_substructure_t.get_spi.
359 */
360 static chunk_t get_spi(private_proposal_substructure_t *this)
361 {
362 chunk_t spi;
363 spi.ptr = this->spi.ptr;
364 spi.len = this->spi.len;
365
366 return spi;
367 }
368
369 /**
370 * Implementation of proposal_substructure_t.get_transform_count.
371 */
372 static size_t get_transform_count (private_proposal_substructure_t *this)
373 {
374 return this->transforms->get_count(this->transforms);
375 }
376
377 /**
378 * Implementation of proposal_substructure_t.get_spi_size.
379 */
380 static size_t get_spi_size (private_proposal_substructure_t *this)
381 {
382 return this->spi.len;
383 }
384
385 /**
386 * Implementation of proposal_substructure_t.get_proposal.
387 */
388 proposal_t* get_proposal(private_proposal_substructure_t *this)
389 {
390 iterator_t *iterator;
391 transform_substructure_t *transform;
392 proposal_t *proposal;
393 u_int64_t spi;
394
395 proposal = proposal_create(this->protocol_id);
396
397 iterator = this->transforms->create_iterator(this->transforms, TRUE);
398 while (iterator->iterate(iterator, (void**)&transform))
399 {
400 transform_type_t transform_type;
401 u_int16_t transform_id;
402 u_int16_t key_length = 0;
403
404 transform_type = transform->get_transform_type(transform);
405 transform_id = transform->get_transform_id(transform);
406 transform->get_key_length(transform, &key_length);
407
408 proposal->add_algorithm(proposal, transform_type, transform_id, key_length);
409 }
410 iterator->destroy(iterator);
411
412 switch (this->spi.len)
413 {
414 case 4:
415 spi = *((u_int32_t*)this->spi.ptr);
416 break;
417 case 8:
418 spi = *((u_int64_t*)this->spi.ptr);
419 break;
420 default:
421 spi = 0;
422 }
423 proposal->set_spi(proposal, spi);
424
425 return proposal;
426 }
427
428 /**
429 * Implementation of proposal_substructure_t.clone.
430 */
431 static private_proposal_substructure_t* clone_(private_proposal_substructure_t *this)
432 {
433 private_proposal_substructure_t *clone;
434 iterator_t *transforms;
435 transform_substructure_t *current_transform;
436
437 clone = (private_proposal_substructure_t *) proposal_substructure_create();
438 clone->next_payload = this->next_payload;
439 clone->proposal_number = this->proposal_number;
440 clone->protocol_id = this->protocol_id;
441 clone->spi_size = this->spi_size;
442 if (this->spi.ptr != NULL)
443 {
444 clone->spi.ptr = clalloc(this->spi.ptr,this->spi.len);
445 clone->spi.len = this->spi.len;
446 }
447
448 transforms = this->transforms->create_iterator(this->transforms,FALSE);
449 while (transforms->iterate(transforms, (void**)&current_transform))
450 {
451 current_transform = current_transform->clone(current_transform);
452 clone->public.add_transform_substructure(&clone->public, current_transform);
453 }
454 transforms->destroy(transforms);
455
456 return clone;
457 }
458
459 /**
460 * Implements payload_t's and proposal_substructure_t's destroy function.
461 * See #payload_s.destroy or proposal_substructure_s.destroy for description.
462 */
463 static void destroy(private_proposal_substructure_t *this)
464 {
465 this->transforms->destroy_offset(this->transforms,
466 offsetof(transform_substructure_t, destroy));
467 chunk_free(&this->spi);
468 free(this);
469 }
470
471 /*
472 * Described in header.
473 */
474 proposal_substructure_t *proposal_substructure_create()
475 {
476 private_proposal_substructure_t *this = malloc_thing(private_proposal_substructure_t);
477
478 /* interface functions */
479 this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
480 this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
481 this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
482 this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
483 this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
484 this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type;
485 this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
486
487
488 /* public functions */
489 this->public.create_transform_substructure_iterator = (iterator_t* (*) (proposal_substructure_t *,bool)) create_transform_substructure_iterator;
490 this->public.add_transform_substructure = (void (*) (proposal_substructure_t *,transform_substructure_t *)) add_transform_substructure;
491 this->public.set_proposal_number = (void (*) (proposal_substructure_t *,u_int8_t))set_proposal_number;
492 this->public.get_proposal_number = (u_int8_t (*) (proposal_substructure_t *)) get_proposal_number;
493 this->public.set_protocol_id = (void (*) (proposal_substructure_t *,u_int8_t))set_protocol_id;
494 this->public.get_protocol_id = (u_int8_t (*) (proposal_substructure_t *)) get_protocol_id;
495 this->public.set_is_last_proposal = (void (*) (proposal_substructure_t *,bool)) set_is_last_proposal;
496 this->public.get_proposal = (proposal_t* (*) (proposal_substructure_t*))get_proposal;
497 this->public.set_spi = (void (*) (proposal_substructure_t *,chunk_t))set_spi;
498 this->public.get_spi = (chunk_t (*) (proposal_substructure_t *)) get_spi;
499 this->public.get_transform_count = (size_t (*) (proposal_substructure_t *)) get_transform_count;
500 this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size;
501 this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone_;
502 this->public.destroy = (void (*) (proposal_substructure_t *)) destroy;
503
504 /* set default values of the fields */
505 this->next_payload = NO_PAYLOAD;
506 this->proposal_length = 0;
507 this->proposal_number = 0;
508 this->protocol_id = 0;
509 this->transforms_count = 0;
510 this->spi_size = 0;
511 this->spi.ptr = NULL;
512 this->spi.len = 0;
513
514 this->transforms = linked_list_create();
515
516 return (&(this->public));
517 }
518
519 /*
520 * Described in header.
521 */
522 proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t *proposal)
523 {
524 private_proposal_substructure_t *this = (private_proposal_substructure_t*)
525 proposal_substructure_create();
526 iterator_t *iterator;
527 algorithm_t *algo;
528 transform_substructure_t *transform;
529
530 /* encryption algorithm is only availble in ESP */
531 iterator = proposal->create_algorithm_iterator(proposal, ENCRYPTION_ALGORITHM);
532 while (iterator->iterate(iterator, (void**)&algo))
533 {
534 transform = transform_substructure_create_type(ENCRYPTION_ALGORITHM,
535 algo->algorithm, algo->key_size);
536 this->public.add_transform_substructure(&(this->public), transform);
537 }
538 iterator->destroy(iterator);
539
540 /* integrity algorithms */
541 iterator = proposal->create_algorithm_iterator(proposal, INTEGRITY_ALGORITHM);
542 while (iterator->iterate(iterator, (void**)&algo))
543 {
544 transform = transform_substructure_create_type(INTEGRITY_ALGORITHM,
545 algo->algorithm, algo->key_size);
546 this->public.add_transform_substructure(&(this->public), transform);
547 }
548 iterator->destroy(iterator);
549
550 /* prf algorithms */
551 iterator = proposal->create_algorithm_iterator(proposal, PSEUDO_RANDOM_FUNCTION);
552 while (iterator->iterate(iterator, (void**)&algo))
553 {
554 transform = transform_substructure_create_type(PSEUDO_RANDOM_FUNCTION,
555 algo->algorithm, algo->key_size);
556 this->public.add_transform_substructure(&(this->public), transform);
557 }
558 iterator->destroy(iterator);
559
560 /* dh groups */
561 iterator = proposal->create_algorithm_iterator(proposal, DIFFIE_HELLMAN_GROUP);
562 while (iterator->iterate(iterator, (void**)&algo))
563 {
564 transform = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP, algo->algorithm, 0);
565 this->public.add_transform_substructure(&(this->public), transform);
566 }
567 iterator->destroy(iterator);
568
569 /* extended sequence numbers */
570 iterator = proposal->create_algorithm_iterator(proposal, EXTENDED_SEQUENCE_NUMBERS);
571 while (iterator->iterate(iterator, (void**)&algo))
572 {
573 transform = transform_substructure_create_type(EXTENDED_SEQUENCE_NUMBERS,
574 algo->algorithm, 0);
575 this->public.add_transform_substructure(&(this->public), transform);
576 }
577 iterator->destroy(iterator);
578
579 /* add SPI, if necessary */
580 switch (proposal->get_protocol(proposal))
581 {
582 case PROTO_AH:
583 case PROTO_ESP:
584 this->spi_size = this->spi.len = 4;
585 this->spi.ptr = malloc(this->spi_size);
586 *((u_int32_t*)this->spi.ptr) = proposal->get_spi(proposal);
587 break;
588 case PROTO_IKE:
589 if (proposal->get_spi(proposal))
590 { /* IKE only uses SPIS when rekeying, but on initial setup */
591 this->spi_size = this->spi.len = 8;
592 this->spi.ptr = malloc(this->spi_size);
593 *((u_int64_t*)this->spi.ptr) = proposal->get_spi(proposal);
594 }
595 break;
596 default:
597 break;
598 }
599 this->proposal_number = 0;
600 this->protocol_id = proposal->get_protocol(proposal);
601
602 return &this->public;
603 }