2 * Copyright (C) 2006-2013 Tobias Brunner
3 * Copyright (C) 2005-2010 Martin Willi
4 * Copyright (C) 2010 revosec AG
5 * Copyright (C) 2006 Daniel Roethlisberger
6 * Copyright (C) 2005 Jan Hutter
7 * Hochschule fuer Technik Rapperswil
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
27 #include <sa/ikev1/keymat_v1.h>
28 #include <encoding/generator.h>
29 #include <encoding/parser.h>
30 #include <encoding/payloads/encodings.h>
31 #include <encoding/payloads/payload.h>
32 #include <encoding/payloads/hash_payload.h>
33 #include <encoding/payloads/encryption_payload.h>
34 #include <encoding/payloads/unknown_payload.h>
35 #include <encoding/payloads/cp_payload.h>
38 * Max number of notify payloads per IKEv2 message
40 #define MAX_NOTIFY_PAYLOADS 20
43 * Max number of delete payloads per IKEv2 message
45 #define MAX_DELETE_PAYLOADS 20
48 * Max number of certificate payloads per IKEv2 message
50 #define MAX_CERT_PAYLOADS 8
53 * Max number of vendor ID payloads per IKEv2 message
55 #define MAX_VID_PAYLOADS 20
58 * Max number of certificate request payloads per IKEv1 message
60 #define MAX_CERTREQ_PAYLOADS 20
63 * Max number of NAT-D payloads per IKEv1 message
65 #define MAX_NAT_D_PAYLOADS 10
68 * A payload rule defines the rules for a payload
69 * in a specific message rule. It defines if and how
70 * many times a payload must/can occur in a message
71 * and if it must be encrypted.
76 /* Minimal occurrence of this payload. */
78 /* Max occurrence of this payload. */
80 /* TRUE if payload must be encrypted */
82 /* If payload occurs, the message rule is fulfilled */
87 * payload ordering structure allows us to reorder payloads according to RFC.
92 /** notify type, if payload == NOTIFY */
97 * A message rule defines the kind of a message,
98 * if it has encrypted contents and a list
99 * of payload ordering rules and payload parsing rules.
102 /** Type of message. */
103 exchange_type_t exchange_type
;
104 /** Is message a request or response. */
106 /** Message contains encrypted payloads. */
108 /** Number of payload rules which will follow */
110 /** Pointer to first payload rule */
111 payload_rule_t
*rules
;
112 /** Number of payload order rules */
114 /** payload ordering rules */
115 payload_order_t
*order
;
119 * Message rule for IKE_SA_INIT from initiator.
121 static payload_rule_t ike_sa_init_i_rules
[] = {
122 /* payload type min max encr suff */
123 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
124 {SECURITY_ASSOCIATION
, 1, 1, FALSE
, FALSE
},
125 {KEY_EXCHANGE
, 1, 1, FALSE
, FALSE
},
126 {NONCE
, 1, 1, FALSE
, FALSE
},
127 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
131 * payload order for IKE_SA_INIT initiator
133 static payload_order_t ike_sa_init_i_order
[] = {
134 /* payload type notify type */
136 {SECURITY_ASSOCIATION
, 0},
139 {NOTIFY
, NAT_DETECTION_SOURCE_IP
},
140 {NOTIFY
, NAT_DETECTION_DESTINATION_IP
},
146 * Message rule for IKE_SA_INIT from responder.
148 static payload_rule_t ike_sa_init_r_rules
[] = {
149 /* payload type min max encr suff */
150 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, TRUE
},
151 {SECURITY_ASSOCIATION
, 1, 1, FALSE
, FALSE
},
152 {KEY_EXCHANGE
, 1, 1, FALSE
, FALSE
},
153 {NONCE
, 1, 1, FALSE
, FALSE
},
154 {CERTIFICATE_REQUEST
, 0, MAX_CERTREQ_PAYLOADS
, FALSE
, FALSE
},
155 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
159 * payload order for IKE_SA_INIT responder
161 static payload_order_t ike_sa_init_r_order
[] = {
162 /* payload type notify type */
163 {SECURITY_ASSOCIATION
, 0},
166 {NOTIFY
, NAT_DETECTION_SOURCE_IP
},
167 {NOTIFY
, NAT_DETECTION_DESTINATION_IP
},
168 {NOTIFY
, HTTP_CERT_LOOKUP_SUPPORTED
},
169 {CERTIFICATE_REQUEST
, 0},
175 * Message rule for IKE_AUTH from initiator.
177 static payload_rule_t ike_auth_i_rules
[] = {
178 /* payload type min max encr suff */
179 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
180 {EXTENSIBLE_AUTHENTICATION
, 0, 1, TRUE
, TRUE
},
181 {AUTHENTICATION
, 0, 1, TRUE
, TRUE
},
182 {ID_INITIATOR
, 0, 1, TRUE
, FALSE
},
183 {CERTIFICATE
, 0, MAX_CERT_PAYLOADS
, TRUE
, FALSE
},
184 {CERTIFICATE_REQUEST
, 0, MAX_CERTREQ_PAYLOADS
, TRUE
, FALSE
},
185 {ID_RESPONDER
, 0, 1, TRUE
, FALSE
},
187 {SECURITY_ASSOCIATION
, 0, 1, TRUE
, FALSE
},
188 {TRAFFIC_SELECTOR_INITIATOR
, 0, 1, TRUE
, FALSE
},
189 {TRAFFIC_SELECTOR_RESPONDER
, 0, 1, TRUE
, FALSE
},
191 {SECURITY_ASSOCIATION
, 0, 1, TRUE
, FALSE
},
192 {TRAFFIC_SELECTOR_INITIATOR
, 0, 1, TRUE
, FALSE
},
193 {TRAFFIC_SELECTOR_RESPONDER
, 0, 1, TRUE
, FALSE
},
195 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
196 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
200 * payload order for IKE_AUTH initiator
202 static payload_order_t ike_auth_i_order
[] = {
203 /* payload type notify type */
206 {NOTIFY
, INITIAL_CONTACT
},
207 {NOTIFY
, HTTP_CERT_LOOKUP_SUPPORTED
},
208 {CERTIFICATE_REQUEST
, 0},
211 {EXTENSIBLE_AUTHENTICATION
, 0},
213 {NOTIFY
, IPCOMP_SUPPORTED
},
214 {NOTIFY
, USE_TRANSPORT_MODE
},
215 {NOTIFY
, ESP_TFC_PADDING_NOT_SUPPORTED
},
216 {NOTIFY
, NON_FIRST_FRAGMENTS_ALSO
},
217 {SECURITY_ASSOCIATION
, 0},
218 {TRAFFIC_SELECTOR_INITIATOR
, 0},
219 {TRAFFIC_SELECTOR_RESPONDER
, 0},
220 {NOTIFY
, MOBIKE_SUPPORTED
},
221 {NOTIFY
, ADDITIONAL_IP4_ADDRESS
},
222 {NOTIFY
, ADDITIONAL_IP6_ADDRESS
},
223 {NOTIFY
, NO_ADDITIONAL_ADDRESSES
},
229 * Message rule for IKE_AUTH from responder.
231 static payload_rule_t ike_auth_r_rules
[] = {
232 /* payload type min max encr suff */
233 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, TRUE
},
234 {EXTENSIBLE_AUTHENTICATION
, 0, 1, TRUE
, TRUE
},
235 {AUTHENTICATION
, 0, 1, TRUE
, TRUE
},
236 {CERTIFICATE
, 0, MAX_CERT_PAYLOADS
, TRUE
, FALSE
},
237 {ID_RESPONDER
, 0, 1, TRUE
, FALSE
},
238 {SECURITY_ASSOCIATION
, 0, 1, TRUE
, FALSE
},
239 {TRAFFIC_SELECTOR_INITIATOR
, 0, 1, TRUE
, FALSE
},
240 {TRAFFIC_SELECTOR_RESPONDER
, 0, 1, TRUE
, FALSE
},
241 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
242 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
246 * payload order for IKE_AUTH responder
248 static payload_order_t ike_auth_r_order
[] = {
249 /* payload type notify type */
253 {EXTENSIBLE_AUTHENTICATION
, 0},
255 {NOTIFY
, IPCOMP_SUPPORTED
},
256 {NOTIFY
, USE_TRANSPORT_MODE
},
257 {NOTIFY
, ESP_TFC_PADDING_NOT_SUPPORTED
},
258 {NOTIFY
, NON_FIRST_FRAGMENTS_ALSO
},
259 {SECURITY_ASSOCIATION
, 0},
260 {TRAFFIC_SELECTOR_INITIATOR
, 0},
261 {TRAFFIC_SELECTOR_RESPONDER
, 0},
262 {NOTIFY
, AUTH_LIFETIME
},
263 {NOTIFY
, MOBIKE_SUPPORTED
},
264 {NOTIFY
, ADDITIONAL_IP4_ADDRESS
},
265 {NOTIFY
, ADDITIONAL_IP6_ADDRESS
},
266 {NOTIFY
, NO_ADDITIONAL_ADDRESSES
},
272 * Message rule for INFORMATIONAL from initiator.
274 static payload_rule_t informational_i_rules
[] = {
275 /* payload type min max encr suff */
276 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
277 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
278 {DELETE
, 0, MAX_DELETE_PAYLOADS
, TRUE
, FALSE
},
279 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
283 * payload order for INFORMATIONAL initiator
285 static payload_order_t informational_i_order
[] = {
286 /* payload type notify type */
287 {NOTIFY
, UPDATE_SA_ADDRESSES
},
288 {NOTIFY
, NAT_DETECTION_SOURCE_IP
},
289 {NOTIFY
, NAT_DETECTION_DESTINATION_IP
},
297 * Message rule for INFORMATIONAL from responder.
299 static payload_rule_t informational_r_rules
[] = {
300 /* payload type min max encr suff */
301 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
302 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
303 {DELETE
, 0, MAX_DELETE_PAYLOADS
, TRUE
, FALSE
},
304 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
308 * payload order for INFORMATIONAL responder
310 static payload_order_t informational_r_order
[] = {
311 /* payload type notify type */
312 {NOTIFY
, UPDATE_SA_ADDRESSES
},
313 {NOTIFY
, NAT_DETECTION_SOURCE_IP
},
314 {NOTIFY
, NAT_DETECTION_DESTINATION_IP
},
322 * Message rule for CREATE_CHILD_SA from initiator.
324 static payload_rule_t create_child_sa_i_rules
[] = {
325 /* payload type min max encr suff */
326 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
327 {SECURITY_ASSOCIATION
, 1, 1, TRUE
, FALSE
},
328 {NONCE
, 1, 1, TRUE
, FALSE
},
329 {KEY_EXCHANGE
, 0, 1, TRUE
, FALSE
},
330 {TRAFFIC_SELECTOR_INITIATOR
, 0, 1, TRUE
, FALSE
},
331 {TRAFFIC_SELECTOR_RESPONDER
, 0, 1, TRUE
, FALSE
},
332 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
333 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
337 * payload order for CREATE_CHILD_SA from initiator.
339 static payload_order_t create_child_sa_i_order
[] = {
340 /* payload type notify type */
342 {NOTIFY
, IPCOMP_SUPPORTED
},
343 {NOTIFY
, USE_TRANSPORT_MODE
},
344 {NOTIFY
, ESP_TFC_PADDING_NOT_SUPPORTED
},
345 {NOTIFY
, NON_FIRST_FRAGMENTS_ALSO
},
346 {SECURITY_ASSOCIATION
, 0},
349 {TRAFFIC_SELECTOR_INITIATOR
, 0},
350 {TRAFFIC_SELECTOR_RESPONDER
, 0},
355 * Message rule for CREATE_CHILD_SA from responder.
357 static payload_rule_t create_child_sa_r_rules
[] = {
358 /* payload type min max encr suff */
359 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, TRUE
},
360 {SECURITY_ASSOCIATION
, 1, 1, TRUE
, FALSE
},
361 {NONCE
, 1, 1, TRUE
, FALSE
},
362 {KEY_EXCHANGE
, 0, 1, TRUE
, FALSE
},
363 {TRAFFIC_SELECTOR_INITIATOR
, 0, 1, TRUE
, FALSE
},
364 {TRAFFIC_SELECTOR_RESPONDER
, 0, 1, TRUE
, FALSE
},
365 {CONFIGURATION
, 0, 1, TRUE
, FALSE
},
366 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
370 * payload order for CREATE_CHILD_SA from responder.
372 static payload_order_t create_child_sa_r_order
[] = {
373 /* payload type notify type */
374 {NOTIFY
, IPCOMP_SUPPORTED
},
375 {NOTIFY
, USE_TRANSPORT_MODE
},
376 {NOTIFY
, ESP_TFC_PADDING_NOT_SUPPORTED
},
377 {NOTIFY
, NON_FIRST_FRAGMENTS_ALSO
},
378 {SECURITY_ASSOCIATION
, 0},
381 {TRAFFIC_SELECTOR_INITIATOR
, 0},
382 {TRAFFIC_SELECTOR_RESPONDER
, 0},
383 {NOTIFY
, ADDITIONAL_TS_POSSIBLE
},
389 * Message rule for ME_CONNECT from initiator.
391 static payload_rule_t me_connect_i_rules
[] = {
392 /* payload type min max encr suff */
393 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, TRUE
},
394 {ID_PEER
, 1, 1, TRUE
, FALSE
},
395 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
}
399 * payload order for ME_CONNECT from initiator.
401 static payload_order_t me_connect_i_order
[] = {
402 /* payload type notify type */
409 * Message rule for ME_CONNECT from responder.
411 static payload_rule_t me_connect_r_rules
[] = {
412 /* payload type min max encr suff */
413 {NOTIFY
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, TRUE
},
414 {VENDOR_ID
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
}
418 * payload order for ME_CONNECT from responder.
420 static payload_order_t me_connect_r_order
[] = {
421 /* payload type notify type */
429 * Message rule for ID_PROT from initiator.
431 static payload_rule_t id_prot_i_rules
[] = {
432 /* payload type min max encr suff */
433 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
434 {SECURITY_ASSOCIATION_V1
, 0, 1, FALSE
, FALSE
},
435 {KEY_EXCHANGE_V1
, 0, 1, FALSE
, FALSE
},
436 {NONCE_V1
, 0, 1, FALSE
, FALSE
},
437 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
438 {CERTIFICATE_REQUEST_V1
, 0, MAX_CERTREQ_PAYLOADS
, FALSE
, FALSE
},
439 {NAT_D_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
440 {NAT_D_DRAFT_00_03_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
441 {ID_V1
, 0, 1, TRUE
, FALSE
},
442 {CERTIFICATE_V1
, 0, MAX_CERT_PAYLOADS
, TRUE
, FALSE
},
443 {SIGNATURE_V1
, 0, 1, TRUE
, FALSE
},
444 {HASH_V1
, 0, 1, TRUE
, FALSE
},
445 {FRAGMENT_V1
, 0, 1, FALSE
, TRUE
},
449 * payload order for ID_PROT from initiator.
451 static payload_order_t id_prot_i_order
[] = {
452 /* payload type notify type */
453 {SECURITY_ASSOCIATION_V1
, 0},
454 {KEY_EXCHANGE_V1
, 0},
460 {CERTIFICATE_REQUEST_V1
, 0},
464 {NAT_D_DRAFT_00_03_V1
, 0},
469 * Message rule for ID_PROT from responder.
471 static payload_rule_t id_prot_r_rules
[] = {
472 /* payload type min max encr suff */
473 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
474 {SECURITY_ASSOCIATION_V1
, 0, 1, FALSE
, FALSE
},
475 {KEY_EXCHANGE_V1
, 0, 1, FALSE
, FALSE
},
476 {NONCE_V1
, 0, 1, FALSE
, FALSE
},
477 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
478 {CERTIFICATE_REQUEST_V1
, 0, MAX_CERTREQ_PAYLOADS
, FALSE
, FALSE
},
479 {NAT_D_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
480 {NAT_D_DRAFT_00_03_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
481 {ID_V1
, 0, 1, TRUE
, FALSE
},
482 {CERTIFICATE_V1
, 0, MAX_CERT_PAYLOADS
, TRUE
, FALSE
},
483 {SIGNATURE_V1
, 0, 1, TRUE
, FALSE
},
484 {HASH_V1
, 0, 1, TRUE
, FALSE
},
485 {FRAGMENT_V1
, 0, 1, FALSE
, TRUE
},
489 * payload order for ID_PROT from responder.
491 static payload_order_t id_prot_r_order
[] = {
492 /* payload type notify type */
493 {SECURITY_ASSOCIATION_V1
, 0},
494 {KEY_EXCHANGE_V1
, 0},
500 {CERTIFICATE_REQUEST_V1
, 0},
504 {NAT_D_DRAFT_00_03_V1
, 0},
509 * Message rule for AGGRESSIVE from initiator.
511 static payload_rule_t aggressive_i_rules
[] = {
512 /* payload type min max encr suff */
513 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
514 {SECURITY_ASSOCIATION_V1
, 0, 1, FALSE
, FALSE
},
515 {KEY_EXCHANGE_V1
, 0, 1, FALSE
, FALSE
},
516 {NONCE_V1
, 0, 1, FALSE
, FALSE
},
517 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
518 {CERTIFICATE_REQUEST_V1
, 0, MAX_CERTREQ_PAYLOADS
, FALSE
, FALSE
},
519 {NAT_D_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
520 {NAT_D_DRAFT_00_03_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
521 {ID_V1
, 0, 1, FALSE
, FALSE
},
522 {CERTIFICATE_V1
, 0, 1, TRUE
, FALSE
},
523 {SIGNATURE_V1
, 0, 1, TRUE
, FALSE
},
524 {HASH_V1
, 0, 1, TRUE
, FALSE
},
525 {FRAGMENT_V1
, 0, 1, FALSE
, TRUE
},
529 * payload order for AGGRESSIVE from initiator.
531 static payload_order_t aggressive_i_order
[] = {
532 /* payload type notify type */
533 {SECURITY_ASSOCIATION_V1
, 0},
534 {KEY_EXCHANGE_V1
, 0},
539 {NAT_D_DRAFT_00_03_V1
, 0},
542 {CERTIFICATE_REQUEST_V1
, 0},
549 * Message rule for AGGRESSIVE from responder.
551 static payload_rule_t aggressive_r_rules
[] = {
552 /* payload type min max encr suff */
553 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
554 {SECURITY_ASSOCIATION_V1
, 0, 1, FALSE
, FALSE
},
555 {KEY_EXCHANGE_V1
, 0, 1, FALSE
, FALSE
},
556 {NONCE_V1
, 0, 1, FALSE
, FALSE
},
557 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, FALSE
, FALSE
},
558 {CERTIFICATE_REQUEST_V1
, 0, MAX_CERTREQ_PAYLOADS
, FALSE
, FALSE
},
559 {NAT_D_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
560 {NAT_D_DRAFT_00_03_V1
, 0, MAX_NAT_D_PAYLOADS
, FALSE
, FALSE
},
561 {ID_V1
, 0, 1, FALSE
, FALSE
},
562 {CERTIFICATE_V1
, 0, 1, FALSE
, FALSE
},
563 {SIGNATURE_V1
, 0, 1, FALSE
, FALSE
},
564 {HASH_V1
, 0, 1, FALSE
, FALSE
},
565 {FRAGMENT_V1
, 0, 1, FALSE
, TRUE
},
569 * payload order for AGGRESSIVE from responder.
571 static payload_order_t aggressive_r_order
[] = {
572 /* payload type notify type */
573 {SECURITY_ASSOCIATION_V1
, 0},
574 {KEY_EXCHANGE_V1
, 0},
579 {NAT_D_DRAFT_00_03_V1
, 0},
582 {CERTIFICATE_REQUEST_V1
, 0},
589 * Message rule for INFORMATIONAL_V1 from initiator.
591 static payload_rule_t informational_i_rules_v1
[] = {
592 /* payload type min max encr suff */
593 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
594 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
595 {DELETE_V1
, 0, MAX_DELETE_PAYLOADS
, TRUE
, FALSE
},
596 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
600 * payload order for INFORMATIONAL_V1 from initiator.
602 static payload_order_t informational_i_order_v1
[] = {
603 /* payload type notify type */
610 * Message rule for INFORMATIONAL_V1 from responder.
612 static payload_rule_t informational_r_rules_v1
[] = {
613 /* payload type min max encr suff */
614 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, FALSE
, FALSE
},
615 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
616 {DELETE_V1
, 0, MAX_DELETE_PAYLOADS
, TRUE
, FALSE
},
617 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
621 * payload order for INFORMATIONAL_V1 from responder.
623 static payload_order_t informational_r_order_v1
[] = {
624 /* payload type notify type */
631 * Message rule for QUICK_MODE from initiator.
633 static payload_rule_t quick_mode_i_rules
[] = {
634 /* payload type min max encr suff */
635 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
636 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
637 {HASH_V1
, 0, 1, TRUE
, FALSE
},
638 {SECURITY_ASSOCIATION_V1
, 0, 2, TRUE
, FALSE
},
639 {NONCE_V1
, 0, 1, TRUE
, FALSE
},
640 {KEY_EXCHANGE_V1
, 0, 1, TRUE
, FALSE
},
641 {ID_V1
, 0, 2, TRUE
, FALSE
},
642 {NAT_OA_V1
, 0, 2, TRUE
, FALSE
},
643 {NAT_OA_DRAFT_00_03_V1
, 0, 2, TRUE
, FALSE
},
647 * payload order for QUICK_MODE from initiator.
649 static payload_order_t quick_mode_i_order
[] = {
650 /* payload type notify type */
654 {SECURITY_ASSOCIATION_V1
, 0},
656 {KEY_EXCHANGE_V1
, 0},
659 {NAT_OA_DRAFT_00_03_V1
, 0},
663 * Message rule for QUICK_MODE from responder.
665 static payload_rule_t quick_mode_r_rules
[] = {
666 /* payload type min max encr suff */
667 {NOTIFY_V1
, 0, MAX_NOTIFY_PAYLOADS
, TRUE
, FALSE
},
668 {VENDOR_ID_V1
, 0, MAX_VID_PAYLOADS
, TRUE
, FALSE
},
669 {HASH_V1
, 0, 1, TRUE
, FALSE
},
670 {SECURITY_ASSOCIATION_V1
, 0, 2, TRUE
, FALSE
},
671 {NONCE_V1
, 0, 1, TRUE
, FALSE
},
672 {KEY_EXCHANGE_V1
, 0, 1, TRUE
, FALSE
},
673 {ID_V1
, 0, 2, TRUE
, FALSE
},
674 {NAT_OA_V1
, 0, 2, TRUE
, FALSE
},
675 {NAT_OA_DRAFT_00_03_V1
, 0, 2, TRUE
, FALSE
},
679 * payload order for QUICK_MODE from responder.
681 static payload_order_t quick_mode_r_order
[] = {
682 /* payload type notify type */
686 {SECURITY_ASSOCIATION_V1
, 0},
688 {KEY_EXCHANGE_V1
, 0},
691 {NAT_OA_DRAFT_00_03_V1
, 0},
695 * Message rule for TRANSACTION.
697 static payload_rule_t transaction_payload_rules_v1
[] = {
698 /* payload type min max encr suff */
699 {HASH_V1
, 0, 1, TRUE
, FALSE
},
700 {CONFIGURATION_V1
, 1, 1, FALSE
, FALSE
},
704 * Payload order for TRANSACTION.
706 static payload_order_t transaction_payload_order_v1
[] = {
707 /* payload type notify type */
709 {CONFIGURATION_V1
, 0},
712 #endif /* USE_IKEV1 */
715 * Message rules, defines allowed payloads.
717 static message_rule_t message_rules
[] = {
718 {IKE_SA_INIT
, TRUE
, FALSE
,
719 countof(ike_sa_init_i_rules
), ike_sa_init_i_rules
,
720 countof(ike_sa_init_i_order
), ike_sa_init_i_order
,
722 {IKE_SA_INIT
, FALSE
, FALSE
,
723 countof(ike_sa_init_r_rules
), ike_sa_init_r_rules
,
724 countof(ike_sa_init_r_order
), ike_sa_init_r_order
,
726 {IKE_AUTH
, TRUE
, TRUE
,
727 countof(ike_auth_i_rules
), ike_auth_i_rules
,
728 countof(ike_auth_i_order
), ike_auth_i_order
,
730 {IKE_AUTH
, FALSE
, TRUE
,
731 countof(ike_auth_r_rules
), ike_auth_r_rules
,
732 countof(ike_auth_r_order
), ike_auth_r_order
,
734 {INFORMATIONAL
, TRUE
, TRUE
,
735 countof(informational_i_rules
), informational_i_rules
,
736 countof(informational_i_order
), informational_i_order
,
738 {INFORMATIONAL
, FALSE
, TRUE
,
739 countof(informational_r_rules
), informational_r_rules
,
740 countof(informational_r_order
), informational_r_order
,
742 {CREATE_CHILD_SA
, TRUE
, TRUE
,
743 countof(create_child_sa_i_rules
), create_child_sa_i_rules
,
744 countof(create_child_sa_i_order
), create_child_sa_i_order
,
746 {CREATE_CHILD_SA
, FALSE
, TRUE
,
747 countof(create_child_sa_r_rules
), create_child_sa_r_rules
,
748 countof(create_child_sa_r_order
), create_child_sa_r_order
,
751 {ME_CONNECT
, TRUE
, TRUE
,
752 countof(me_connect_i_rules
), me_connect_i_rules
,
753 countof(me_connect_i_order
), me_connect_i_order
,
755 {ME_CONNECT
, FALSE
, TRUE
,
756 countof(me_connect_r_rules
), me_connect_r_rules
,
757 countof(me_connect_r_order
), me_connect_r_order
,
761 {ID_PROT
, TRUE
, FALSE
,
762 countof(id_prot_i_rules
), id_prot_i_rules
,
763 countof(id_prot_i_order
), id_prot_i_order
,
765 {ID_PROT
, FALSE
, FALSE
,
766 countof(id_prot_r_rules
), id_prot_r_rules
,
767 countof(id_prot_r_order
), id_prot_r_order
,
769 {AGGRESSIVE
, TRUE
, FALSE
,
770 countof(aggressive_i_rules
), aggressive_i_rules
,
771 countof(aggressive_i_order
), aggressive_i_order
,
773 {AGGRESSIVE
, FALSE
, FALSE
,
774 countof(aggressive_r_rules
), aggressive_r_rules
,
775 countof(aggressive_r_order
), aggressive_r_order
,
777 {INFORMATIONAL_V1
, TRUE
, TRUE
,
778 countof(informational_i_rules_v1
), informational_i_rules_v1
,
779 countof(informational_i_order_v1
), informational_i_order_v1
,
781 {INFORMATIONAL_V1
, FALSE
, TRUE
,
782 countof(informational_r_rules_v1
), informational_r_rules_v1
,
783 countof(informational_r_order_v1
), informational_r_order_v1
,
785 {QUICK_MODE
, TRUE
, TRUE
,
786 countof(quick_mode_i_rules
), quick_mode_i_rules
,
787 countof(quick_mode_i_order
), quick_mode_i_order
,
789 {QUICK_MODE
, FALSE
, TRUE
,
790 countof(quick_mode_r_rules
), quick_mode_r_rules
,
791 countof(quick_mode_r_order
), quick_mode_r_order
,
793 {TRANSACTION
, TRUE
, TRUE
,
794 countof(transaction_payload_rules_v1
), transaction_payload_rules_v1
,
795 countof(transaction_payload_order_v1
), transaction_payload_order_v1
,
797 {TRANSACTION
, FALSE
, TRUE
,
798 countof(transaction_payload_rules_v1
), transaction_payload_rules_v1
,
799 countof(transaction_payload_order_v1
), transaction_payload_order_v1
,
801 /* TODO-IKEv1: define rules for other exchanges */
802 #endif /* USE_IKEV1 */
806 typedef struct private_message_t private_message_t
;
809 * Private data of an message_t object.
811 struct private_message_t
{
814 * Public part of a message_t object.
819 * Minor version of message.
821 u_int8_t major_version
;
824 * Major version of message.
826 u_int8_t minor_version
;
829 * First Payload in message.
831 payload_type_t first_payload
;
834 * Assigned exchange type.
836 exchange_type_t exchange_type
;
839 * TRUE if message is a request, FALSE if a reply.
844 * The message is encrypted (IKEv1)
849 * Higher version supported?
854 * Reserved bits in IKE header
859 * Sorting of message disabled?
864 * Message ID of this message.
866 u_int32_t message_id
;
869 * ID of assigned IKE_SA.
871 ike_sa_id_t
*ike_sa_id
;
874 * Assigned UDP packet, stores incoming packet or last generated one.
879 * Linked List where payload data are stored in.
881 linked_list_t
*payloads
;
884 * Assigned parser to parse Header and Body of this message.
889 * The message rule for this message instance
891 message_rule_t
*rule
;
895 * Get the message rule that applies to this message
897 static message_rule_t
* get_message_rule(private_message_t
*this)
901 for (i
= 0; i
< countof(message_rules
); i
++)
903 if ((this->exchange_type
== message_rules
[i
].exchange_type
) &&
904 (this->is_request
== message_rules
[i
].is_request
))
906 return &message_rules
[i
];
913 * Look up a payload rule
915 static payload_rule_t
* get_payload_rule(private_message_t
*this,
920 for (i
= 0; i
< this->rule
->rule_count
;i
++)
922 if (this->rule
->rules
[i
].type
== type
)
924 return &this->rule
->rules
[i
];
930 METHOD(message_t
, set_ike_sa_id
, void,
931 private_message_t
*this,ike_sa_id_t
*ike_sa_id
)
933 DESTROY_IF(this->ike_sa_id
);
934 this->ike_sa_id
= ike_sa_id
->clone(ike_sa_id
);
937 METHOD(message_t
, get_ike_sa_id
, ike_sa_id_t
*,
938 private_message_t
*this)
940 return this->ike_sa_id
;
943 METHOD(message_t
, set_message_id
, void,
944 private_message_t
*this,u_int32_t message_id
)
946 this->message_id
= message_id
;
949 METHOD(message_t
, get_message_id
, u_int32_t
,
950 private_message_t
*this)
952 return this->message_id
;
955 METHOD(message_t
, get_initiator_spi
, u_int64_t
,
956 private_message_t
*this)
958 return (this->ike_sa_id
->get_initiator_spi(this->ike_sa_id
));
961 METHOD(message_t
, get_responder_spi
, u_int64_t
,
962 private_message_t
*this)
964 return (this->ike_sa_id
->get_responder_spi(this->ike_sa_id
));
967 METHOD(message_t
, set_major_version
, void,
968 private_message_t
*this, u_int8_t major_version
)
970 this->major_version
= major_version
;
973 METHOD(message_t
, get_major_version
, u_int8_t
,
974 private_message_t
*this)
976 return this->major_version
;
979 METHOD(message_t
, set_minor_version
, void,
980 private_message_t
*this,u_int8_t minor_version
)
982 this->minor_version
= minor_version
;
985 METHOD(message_t
, get_minor_version
, u_int8_t
,
986 private_message_t
*this)
988 return this->minor_version
;
991 METHOD(message_t
, set_exchange_type
, void,
992 private_message_t
*this, exchange_type_t exchange_type
)
994 this->exchange_type
= exchange_type
;
997 METHOD(message_t
, get_exchange_type
, exchange_type_t
,
998 private_message_t
*this)
1000 return this->exchange_type
;
1003 METHOD(message_t
, get_first_payload_type
, payload_type_t
,
1004 private_message_t
*this)
1006 return this->first_payload
;
1009 METHOD(message_t
, set_request
, void,
1010 private_message_t
*this, bool request
)
1012 this->is_request
= request
;
1015 METHOD(message_t
, get_request
, bool,
1016 private_message_t
*this)
1018 return this->is_request
;
1021 METHOD(message_t
, set_version_flag
, void,
1022 private_message_t
*this)
1024 this->version_flag
= TRUE
;
1027 METHOD(message_t
, get_reserved_header_bit
, bool,
1028 private_message_t
*this, u_int nr
)
1030 if (nr
< countof(this->reserved
))
1032 return this->reserved
[nr
];
1037 METHOD(message_t
, set_reserved_header_bit
, void,
1038 private_message_t
*this, u_int nr
)
1040 if (nr
< countof(this->reserved
))
1042 this->reserved
[nr
] = TRUE
;
1046 METHOD(message_t
, is_encoded
, bool,
1047 private_message_t
*this)
1049 return this->packet
->get_data(this->packet
).ptr
!= NULL
;
1052 METHOD(message_t
, add_payload
, void,
1053 private_message_t
*this, payload_t
*payload
)
1055 payload_t
*last_payload
;
1057 if (this->payloads
->get_count(this->payloads
) > 0)
1059 this->payloads
->get_last(this->payloads
, (void **)&last_payload
);
1060 last_payload
->set_next_type(last_payload
, payload
->get_type(payload
));
1064 this->first_payload
= payload
->get_type(payload
);
1066 payload
->set_next_type(payload
, NO_PAYLOAD
);
1067 this->payloads
->insert_last(this->payloads
, payload
);
1069 DBG2(DBG_ENC
,"added payload of type %N to message",
1070 payload_type_names
, payload
->get_type(payload
));
1073 METHOD(message_t
, add_notify
, void,
1074 private_message_t
*this, bool flush
, notify_type_t type
, chunk_t data
)
1076 notify_payload_t
*notify
;
1081 while (this->payloads
->remove_last(this->payloads
,
1082 (void**)&payload
) == SUCCESS
)
1084 payload
->destroy(payload
);
1087 if (this->major_version
== IKEV2_MAJOR_VERSION
)
1089 notify
= notify_payload_create(NOTIFY
);
1093 notify
= notify_payload_create(NOTIFY_V1
);
1095 notify
->set_notify_type(notify
, type
);
1096 notify
->set_notification_data(notify
, data
);
1097 add_payload(this, (payload_t
*)notify
);
1100 METHOD(message_t
, set_source
, void,
1101 private_message_t
*this, host_t
*host
)
1103 this->packet
->set_source(this->packet
, host
);
1106 METHOD(message_t
, set_destination
, void,
1107 private_message_t
*this, host_t
*host
)
1109 this->packet
->set_destination(this->packet
, host
);
1112 METHOD(message_t
, get_source
, host_t
*,
1113 private_message_t
*this)
1115 return this->packet
->get_source(this->packet
);
1118 METHOD(message_t
, get_destination
, host_t
*,
1119 private_message_t
*this)
1121 return this->packet
->get_destination(this->packet
);
1124 METHOD(message_t
, create_payload_enumerator
, enumerator_t
*,
1125 private_message_t
*this)
1127 return this->payloads
->create_enumerator(this->payloads
);
1130 METHOD(message_t
, remove_payload_at
, void,
1131 private_message_t
*this, enumerator_t
*enumerator
)
1133 this->payloads
->remove_at(this->payloads
, enumerator
);
1136 METHOD(message_t
, get_payload
, payload_t
*,
1137 private_message_t
*this, payload_type_t type
)
1139 payload_t
*current
, *found
= NULL
;
1140 enumerator_t
*enumerator
;
1142 enumerator
= create_payload_enumerator(this);
1143 while (enumerator
->enumerate(enumerator
, ¤t
))
1145 if (current
->get_type(current
) == type
)
1151 enumerator
->destroy(enumerator
);
1155 METHOD(message_t
, get_notify
, notify_payload_t
*,
1156 private_message_t
*this, notify_type_t type
)
1158 enumerator_t
*enumerator
;
1159 notify_payload_t
*notify
= NULL
;
1162 enumerator
= create_payload_enumerator(this);
1163 while (enumerator
->enumerate(enumerator
, &payload
))
1165 if (payload
->get_type(payload
) == NOTIFY
||
1166 payload
->get_type(payload
) == NOTIFY_V1
)
1168 notify
= (notify_payload_t
*)payload
;
1169 if (notify
->get_notify_type(notify
) == type
)
1176 enumerator
->destroy(enumerator
);
1181 * get a string representation of the message
1183 static char* get_string(private_message_t
*this, char *buf
, int len
)
1185 enumerator_t
*enumerator
;
1190 memset(buf
, 0, len
);
1193 written
= snprintf(pos
, len
, "%N %s %u [",
1194 exchange_type_names
, this->exchange_type
,
1195 this->is_request ?
"request" : "response",
1197 if (written
>= len
|| written
< 0)
1204 enumerator
= create_payload_enumerator(this);
1205 while (enumerator
->enumerate(enumerator
, &payload
))
1207 written
= snprintf(pos
, len
, " %N", payload_type_short_names
,
1208 payload
->get_type(payload
));
1209 if (written
>= len
|| written
< 0)
1215 if (payload
->get_type(payload
) == NOTIFY
||
1216 payload
->get_type(payload
) == NOTIFY_V1
)
1218 notify_payload_t
*notify
;
1222 notify
= (notify_payload_t
*)payload
;
1223 type
= notify
->get_notify_type(notify
);
1224 data
= notify
->get_notification_data(notify
);
1225 if (type
== MS_NOTIFY_STATUS
&& data
.len
== 4)
1227 written
= snprintf(pos
, len
, "(%N(%d))", notify_type_short_names
,
1228 type
, untoh32(data
.ptr
));
1232 written
= snprintf(pos
, len
, "(%N)", notify_type_short_names
,
1235 if (written
>= len
|| written
< 0)
1242 if (payload
->get_type(payload
) == EXTENSIBLE_AUTHENTICATION
)
1244 eap_payload_t
*eap
= (eap_payload_t
*)payload
;
1247 char method
[64] = "";
1249 type
= eap
->get_type(eap
, &vendor
);
1254 snprintf(method
, sizeof(method
), "/%d-%d", type
, vendor
);
1258 snprintf(method
, sizeof(method
), "/%N",
1259 eap_type_short_names
, type
);
1262 written
= snprintf(pos
, len
, "/%N%s", eap_code_short_names
,
1263 eap
->get_code(eap
), method
);
1264 if (written
>= len
|| written
< 0)
1271 if (payload
->get_type(payload
) == CONFIGURATION
||
1272 payload
->get_type(payload
) == CONFIGURATION_V1
)
1274 cp_payload_t
*cp
= (cp_payload_t
*)payload
;
1275 enumerator_t
*attributes
;
1276 configuration_attribute_t
*attribute
;
1280 switch (cp
->get_type(cp
))
1299 attributes
= cp
->create_attribute_enumerator(cp
);
1300 while (attributes
->enumerate(attributes
, &attribute
))
1302 written
= snprintf(pos
, len
, "%s%N", first ? pfx
: " ",
1303 configuration_attribute_type_short_names
,
1304 attribute
->get_type(attribute
));
1305 if (written
>= len
|| written
< 0)
1313 attributes
->destroy(attributes
);
1316 written
= snprintf(pos
, len
, ")");
1317 if (written
>= len
|| written
< 0)
1326 enumerator
->destroy(enumerator
);
1328 /* remove last space */
1329 snprintf(pos
, len
, " ]");
1334 * reorder payloads depending on reordering rules
1336 static void order_payloads(private_message_t
*this)
1338 linked_list_t
*list
;
1342 /* move to temp list */
1343 list
= linked_list_create();
1344 while (this->payloads
->remove_last(this->payloads
,
1345 (void**)&payload
) == SUCCESS
)
1347 list
->insert_first(list
, payload
);
1349 /* for each rule, ... */
1350 for (i
= 0; i
< this->rule
->order_count
; i
++)
1352 enumerator_t
*enumerator
;
1353 notify_payload_t
*notify
;
1354 payload_order_t order
;
1356 order
= this->rule
->order
[i
];
1358 /* ... find all payload ... */
1359 enumerator
= list
->create_enumerator(list
);
1360 while (enumerator
->enumerate(enumerator
, &payload
))
1362 /* ... with that type ... */
1363 if (payload
->get_type(payload
) == order
.type
)
1365 notify
= (notify_payload_t
*)payload
;
1367 /**... and check notify for type. */
1368 if (order
.type
!= NOTIFY
|| order
.notify
== 0 ||
1369 order
.notify
== notify
->get_notify_type(notify
))
1371 list
->remove_at(list
, enumerator
);
1372 add_payload(this, payload
);
1376 enumerator
->destroy(enumerator
);
1378 /* append all payloads without a rule to the end */
1379 while (list
->remove_last(list
, (void**)&payload
) == SUCCESS
)
1381 /* do not complain about payloads in private use space */
1382 if (payload
->get_type(payload
) < 128)
1384 DBG1(DBG_ENC
, "payload %N has no ordering rule in %N %s",
1385 payload_type_names
, payload
->get_type(payload
),
1386 exchange_type_names
, this->rule
->exchange_type
,
1387 this->rule
->is_request ?
"request" : "response");
1389 add_payload(this, payload
);
1391 list
->destroy(list
);
1395 * Wrap payloads in an encryption payload
1397 static encryption_payload_t
* wrap_payloads(private_message_t
*this)
1399 encryption_payload_t
*encryption
;
1400 linked_list_t
*payloads
;
1403 /* copy all payloads in a temporary list */
1404 payloads
= linked_list_create();
1405 while (this->payloads
->remove_first(this->payloads
,
1406 (void**)¤t
) == SUCCESS
)
1408 payloads
->insert_last(payloads
, current
);
1411 if (this->is_encrypted
)
1413 encryption
= encryption_payload_create(ENCRYPTED_V1
);
1417 encryption
= encryption_payload_create(ENCRYPTED
);
1419 while (payloads
->remove_first(payloads
, (void**)¤t
) == SUCCESS
)
1421 payload_rule_t
*rule
;
1422 payload_type_t type
;
1423 bool encrypt
= TRUE
;
1425 type
= current
->get_type(current
);
1426 rule
= get_payload_rule(this, type
);
1429 encrypt
= rule
->encrypted
;
1431 if (encrypt
|| this->is_encrypted
)
1432 { /* encryption is forced for IKEv1 */
1433 DBG2(DBG_ENC
, "insert payload %N into encrypted payload",
1434 payload_type_names
, type
);
1435 encryption
->add_payload(encryption
, current
);
1439 DBG2(DBG_ENC
, "insert payload %N unencrypted",
1440 payload_type_names
, type
);
1441 add_payload(this, current
);
1444 payloads
->destroy(payloads
);
1449 METHOD(message_t
, disable_sort
, void,
1450 private_message_t
*this)
1452 this->sort_disabled
= TRUE
;
1455 METHOD(message_t
, generate
, status_t
,
1456 private_message_t
*this, keymat_t
*keymat
, packet_t
**packet
)
1458 keymat_v1_t
*keymat_v1
= (keymat_v1_t
*)keymat
;
1459 generator_t
*generator
;
1460 ike_header_t
*ike_header
;
1461 payload_t
*payload
, *next
;
1462 encryption_payload_t
*encryption
= NULL
;
1463 payload_type_t next_type
;
1464 enumerator_t
*enumerator
;
1465 aead_t
*aead
= NULL
;
1466 chunk_t chunk
, hash
= chunk_empty
;
1469 bool encrypted
= FALSE
, *reserved
;
1472 if (this->exchange_type
== EXCHANGE_TYPE_UNDEFINED
)
1474 DBG1(DBG_ENC
, "exchange type is not defined");
1475 return INVALID_STATE
;
1478 if (this->packet
->get_source(this->packet
) == NULL
||
1479 this->packet
->get_destination(this->packet
) == NULL
)
1481 DBG1(DBG_ENC
, "source/destination not defined");
1482 return INVALID_STATE
;
1485 this->rule
= get_message_rule(this);
1488 DBG1(DBG_ENC
, "no message rules specified for this message type");
1489 return NOT_SUPPORTED
;
1492 if (!this->sort_disabled
)
1494 order_payloads(this);
1496 if (keymat
&& keymat
->get_version(keymat
) == IKEV1
)
1498 /* get a hash for this message, if any is required */
1499 if (keymat_v1
->get_hash_phase2(keymat_v1
, &this->public, &hash
))
1500 { /* insert a HASH payload as first payload */
1501 hash_payload_t
*hash_payload
;
1503 hash_payload
= hash_payload_create(HASH_V1
);
1504 hash_payload
->set_hash(hash_payload
, hash
);
1505 this->payloads
->insert_first(this->payloads
, hash_payload
);
1506 if (this->exchange_type
== INFORMATIONAL_V1
)
1508 this->is_encrypted
= encrypted
= TRUE
;
1513 if (this->major_version
== IKEV2_MAJOR_VERSION
)
1515 encrypted
= this->rule
->encrypted
;
1517 else if (!encrypted
)
1519 /* If at least one payload requires encryption, encrypt the message.
1520 * If no key material is available, the flag will be reset below. */
1521 enumerator
= this->payloads
->create_enumerator(this->payloads
);
1522 while (enumerator
->enumerate(enumerator
, (void**)&payload
))
1524 payload_rule_t
*rule
;
1526 rule
= get_payload_rule(this, payload
->get_type(payload
));
1527 if (rule
&& rule
->encrypted
)
1529 this->is_encrypted
= encrypted
= TRUE
;
1533 enumerator
->destroy(enumerator
);
1536 DBG1(DBG_ENC
, "generating %s", get_string(this, str
, sizeof(str
)));
1540 aead
= keymat
->get_aead(keymat
, FALSE
);
1542 if (aead
&& encrypted
)
1544 encryption
= wrap_payloads(this);
1548 DBG2(DBG_ENC
, "not encrypting payloads");
1549 this->is_encrypted
= FALSE
;
1552 ike_header
= ike_header_create_version(this->major_version
,
1553 this->minor_version
);
1554 ike_header
->set_exchange_type(ike_header
, this->exchange_type
);
1555 ike_header
->set_message_id(ike_header
, this->message_id
);
1556 if (this->major_version
== IKEV2_MAJOR_VERSION
)
1558 ike_header
->set_response_flag(ike_header
, !this->is_request
);
1559 ike_header
->set_version_flag(ike_header
, this->version_flag
);
1560 ike_header
->set_initiator_flag(ike_header
,
1561 this->ike_sa_id
->is_initiator(this->ike_sa_id
));
1565 ike_header
->set_encryption_flag(ike_header
, this->is_encrypted
);
1567 ike_header
->set_initiator_spi(ike_header
,
1568 this->ike_sa_id
->get_initiator_spi(this->ike_sa_id
));
1569 ike_header
->set_responder_spi(ike_header
,
1570 this->ike_sa_id
->get_responder_spi(this->ike_sa_id
));
1572 for (i
= 0; i
< countof(this->reserved
); i
++)
1574 reserved
= payload_get_field(&ike_header
->payload_interface
,
1578 *reserved
= this->reserved
[i
];
1582 generator
= generator_create();
1584 /* generate all payloads with proper next type */
1585 payload
= (payload_t
*)ike_header
;
1586 enumerator
= create_payload_enumerator(this);
1587 while (enumerator
->enumerate(enumerator
, &next
))
1589 payload
->set_next_type(payload
, next
->get_type(next
));
1590 generator
->generate_payload(generator
, payload
);
1593 enumerator
->destroy(enumerator
);
1594 if (this->is_encrypted
)
1595 { /* for encrypted IKEv1 messages */
1596 next_type
= encryption
->payload_interface
.get_next_type(
1597 (payload_t
*)encryption
);
1601 next_type
= encryption ? ENCRYPTED
: NO_PAYLOAD
;
1603 payload
->set_next_type(payload
, next_type
);
1604 generator
->generate_payload(generator
, payload
);
1605 ike_header
->destroy(ike_header
);
1608 { /* set_transform() has to be called before get_length() */
1609 encryption
->set_transform(encryption
, aead
);
1610 if (this->is_encrypted
)
1611 { /* for IKEv1 instead of associated data we provide the IV */
1612 if (!keymat_v1
->get_iv(keymat_v1
, this->message_id
, &chunk
))
1614 generator
->destroy(generator
);
1619 { /* build associated data (without header of encryption payload) */
1620 chunk
= generator
->get_chunk(generator
, &lenpos
);
1621 /* fill in length, including encryption payload */
1622 htoun32(lenpos
, chunk
.len
+ encryption
->get_length(encryption
));
1624 this->payloads
->insert_last(this->payloads
, encryption
);
1625 if (encryption
->encrypt(encryption
, this->message_id
, chunk
) != SUCCESS
)
1627 generator
->destroy(generator
);
1628 return INVALID_STATE
;
1630 generator
->generate_payload(generator
, &encryption
->payload_interface
);
1632 chunk
= generator
->get_chunk(generator
, &lenpos
);
1633 htoun32(lenpos
, chunk
.len
);
1634 this->packet
->set_data(this->packet
, chunk_clone(chunk
));
1635 if (this->is_encrypted
)
1637 /* update the IV for the next IKEv1 message */
1641 bs
= aead
->get_block_size(aead
);
1642 last_block
= chunk_create(chunk
.ptr
+ chunk
.len
- bs
, bs
);
1643 if (!keymat_v1
->update_iv(keymat_v1
, this->message_id
, last_block
) ||
1644 !keymat_v1
->confirm_iv(keymat_v1
, this->message_id
))
1646 generator
->destroy(generator
);
1650 generator
->destroy(generator
);
1651 *packet
= this->packet
->clone(this->packet
);
1655 METHOD(message_t
, get_packet
, packet_t
*,
1656 private_message_t
*this)
1658 if (this->packet
== NULL
)
1662 return this->packet
->clone(this->packet
);
1665 METHOD(message_t
, get_packet_data
, chunk_t
,
1666 private_message_t
*this)
1668 if (this->packet
== NULL
)
1672 return this->packet
->get_data(this->packet
);
1675 METHOD(message_t
, parse_header
, status_t
,
1676 private_message_t
*this)
1678 ike_header_t
*ike_header
;
1683 DBG2(DBG_ENC
, "parsing header of message");
1685 this->parser
->reset_context(this->parser
);
1686 status
= this->parser
->parse_payload(this->parser
, HEADER
,
1687 (payload_t
**)&ike_header
);
1688 if (status
!= SUCCESS
)
1690 DBG1(DBG_ENC
, "header could not be parsed");
1695 status
= ike_header
->payload_interface
.verify(
1696 &ike_header
->payload_interface
);
1697 if (status
!= SUCCESS
)
1699 DBG1(DBG_ENC
, "header verification failed");
1700 ike_header
->destroy(ike_header
);
1704 DESTROY_IF(this->ike_sa_id
);
1705 this->ike_sa_id
= ike_sa_id_create(
1706 ike_header
->get_maj_version(ike_header
),
1707 ike_header
->get_initiator_spi(ike_header
),
1708 ike_header
->get_responder_spi(ike_header
),
1709 ike_header
->get_initiator_flag(ike_header
));
1711 this->exchange_type
= ike_header
->get_exchange_type(ike_header
);
1712 this->message_id
= ike_header
->get_message_id(ike_header
);
1713 this->major_version
= ike_header
->get_maj_version(ike_header
);
1714 this->minor_version
= ike_header
->get_min_version(ike_header
);
1715 if (this->major_version
== IKEV2_MAJOR_VERSION
)
1717 this->is_request
= !ike_header
->get_response_flag(ike_header
);
1721 this->is_encrypted
= ike_header
->get_encryption_flag(ike_header
);
1723 this->first_payload
= ike_header
->payload_interface
.get_next_type(
1724 &ike_header
->payload_interface
);
1725 if (this->first_payload
== FRAGMENT_V1
&& this->is_encrypted
)
1726 { /* racoon sets the encryted bit when sending a fragment, but these
1727 * messages are really not encrypted */
1728 this->is_encrypted
= FALSE
;
1731 for (i
= 0; i
< countof(this->reserved
); i
++)
1733 reserved
= payload_get_field(&ike_header
->payload_interface
,
1737 this->reserved
[i
] = *reserved
;
1740 ike_header
->destroy(ike_header
);
1742 DBG2(DBG_ENC
, "parsed a %N %s header", exchange_type_names
,
1743 this->exchange_type
, this->major_version
== IKEV1_MAJOR_VERSION ?
1744 "message" : (this->is_request ?
"request" : "response"));
1749 * Check if a payload is for a mediation extension connectivity check
1751 static bool is_connectivity_check(private_message_t
*this, payload_t
*payload
)
1754 if (this->exchange_type
== INFORMATIONAL
&&
1755 payload
->get_type(payload
) == NOTIFY
)
1757 notify_payload_t
*notify
= (notify_payload_t
*)payload
;
1759 switch (notify
->get_notify_type(notify
))
1763 case ME_CONNECTAUTH
:
1774 * Parses and verifies the unencrypted payloads contained in the message
1776 static status_t
parse_payloads(private_message_t
*this)
1778 payload_type_t type
= this->first_payload
;
1782 if (this->is_encrypted
)
1783 { /* wrap the whole encrypted IKEv1 message in a special encryption
1784 * payload which is then handled just like a regular payload */
1785 encryption_payload_t
*encryption
;
1787 status
= this->parser
->parse_payload(this->parser
, ENCRYPTED_V1
,
1788 (payload_t
**)&encryption
);
1789 if (status
!= SUCCESS
)
1791 DBG1(DBG_ENC
, "failed to wrap encrypted IKEv1 message");
1794 encryption
->payload_interface
.set_next_type((payload_t
*)encryption
,
1795 this->first_payload
);
1796 this->payloads
->insert_last(this->payloads
, encryption
);
1800 while (type
!= NO_PAYLOAD
)
1802 DBG2(DBG_ENC
, "starting parsing a %N payload",
1803 payload_type_names
, type
);
1805 status
= this->parser
->parse_payload(this->parser
, type
, &payload
);
1806 if (status
!= SUCCESS
)
1808 DBG1(DBG_ENC
, "payload type %N could not be parsed",
1809 payload_type_names
, type
);
1813 DBG2(DBG_ENC
, "verifying payload of type %N", payload_type_names
, type
);
1814 status
= payload
->verify(payload
);
1815 if (status
!= SUCCESS
)
1817 DBG1(DBG_ENC
, "%N payload verification failed",
1818 payload_type_names
, type
);
1819 payload
->destroy(payload
);
1820 return VERIFY_ERROR
;
1823 DBG2(DBG_ENC
, "%N payload verified, adding to payload list",
1824 payload_type_names
, type
);
1825 this->payloads
->insert_last(this->payloads
, payload
);
1827 /* an encrypted payload is the last one, so STOP here. decryption is
1829 if (type
== ENCRYPTED
)
1831 DBG2(DBG_ENC
, "%N payload found, stop parsing",
1832 payload_type_names
, type
);
1835 type
= payload
->get_next_type(payload
);
1841 * Decrypt an encrypted payload and extract all contained payloads.
1843 static status_t
decrypt_and_extract(private_message_t
*this, keymat_t
*keymat
,
1844 payload_t
*previous
, encryption_payload_t
*encryption
)
1846 payload_t
*encrypted
;
1847 payload_type_t type
;
1851 status_t status
= SUCCESS
;
1855 DBG1(DBG_ENC
, "found encrypted payload, but no keymat");
1858 aead
= keymat
->get_aead(keymat
, TRUE
);
1861 DBG1(DBG_ENC
, "found encrypted payload, but no transform set");
1864 bs
= aead
->get_block_size(aead
);
1865 encryption
->set_transform(encryption
, aead
);
1866 chunk
= this->packet
->get_data(this->packet
);
1867 if (chunk
.len
< encryption
->get_length(encryption
) ||
1870 DBG1(DBG_ENC
, "invalid payload length");
1871 return VERIFY_ERROR
;
1873 if (keymat
->get_version(keymat
) == IKEV1
)
1874 { /* instead of associated data we provide the IV, we also update
1875 * the IV with the last encrypted block */
1876 keymat_v1_t
*keymat_v1
= (keymat_v1_t
*)keymat
;
1879 if (keymat_v1
->get_iv(keymat_v1
, this->message_id
, &iv
))
1881 status
= encryption
->decrypt(encryption
, iv
);
1882 if (status
== SUCCESS
)
1884 if (!keymat_v1
->update_iv(keymat_v1
, this->message_id
,
1885 chunk_create(chunk
.ptr
+ chunk
.len
- bs
, bs
)))
1898 chunk
.len
-= encryption
->get_length(encryption
);
1899 status
= encryption
->decrypt(encryption
, chunk
);
1901 if (status
!= SUCCESS
)
1906 while ((encrypted
= encryption
->remove_payload(encryption
)))
1908 type
= encrypted
->get_type(encrypted
);
1911 previous
->set_next_type(previous
, type
);
1915 this->first_payload
= type
;
1917 DBG2(DBG_ENC
, "insert decrypted payload of type %N at end of list",
1918 payload_type_names
, type
);
1919 this->payloads
->insert_last(this->payloads
, encrypted
);
1920 previous
= encrypted
;
1926 * Decrypt payload from the encryption payload
1928 static status_t
decrypt_payloads(private_message_t
*this, keymat_t
*keymat
)
1930 payload_t
*payload
, *previous
= NULL
;
1931 enumerator_t
*enumerator
;
1932 payload_rule_t
*rule
;
1933 payload_type_t type
;
1934 status_t status
= SUCCESS
;
1935 bool was_encrypted
= FALSE
;
1937 enumerator
= this->payloads
->create_enumerator(this->payloads
);
1938 while (enumerator
->enumerate(enumerator
, &payload
))
1940 type
= payload
->get_type(payload
);
1942 DBG2(DBG_ENC
, "process payload of type %N", payload_type_names
, type
);
1944 if (type
== ENCRYPTED
|| type
== ENCRYPTED_V1
)
1946 encryption_payload_t
*encryption
;
1950 DBG1(DBG_ENC
, "encrypted payload can't contain other payloads "
1951 "of type %N", payload_type_names
, type
);
1952 status
= VERIFY_ERROR
;
1956 DBG2(DBG_ENC
, "found an encrypted payload");
1957 encryption
= (encryption_payload_t
*)payload
;
1958 this->payloads
->remove_at(this->payloads
, enumerator
);
1960 if (enumerator
->enumerate(enumerator
, NULL
))
1962 DBG1(DBG_ENC
, "encrypted payload is not last payload");
1963 encryption
->destroy(encryption
);
1964 status
= VERIFY_ERROR
;
1967 status
= decrypt_and_extract(this, keymat
, previous
, encryption
);
1968 encryption
->destroy(encryption
);
1969 if (status
!= SUCCESS
)
1973 was_encrypted
= TRUE
;
1976 if (payload_is_known(type
) && !was_encrypted
&&
1977 !is_connectivity_check(this, payload
) &&
1978 this->exchange_type
!= AGGRESSIVE
)
1980 rule
= get_payload_rule(this, type
);
1981 if (!rule
|| rule
->encrypted
)
1983 DBG1(DBG_ENC
, "payload type %N was not encrypted",
1984 payload_type_names
, type
);
1991 enumerator
->destroy(enumerator
);
1996 * Verify a message and all payload according to message/payload rules
1998 static status_t
verify(private_message_t
*this)
2000 bool complete
= FALSE
;
2003 DBG2(DBG_ENC
, "verifying message structure");
2005 /* check for payloads with wrong count */
2006 for (i
= 0; i
< this->rule
->rule_count
; i
++)
2008 enumerator_t
*enumerator
;
2010 payload_rule_t
*rule
;
2013 rule
= &this->rule
->rules
[i
];
2014 enumerator
= create_payload_enumerator(this);
2015 while (enumerator
->enumerate(enumerator
, &payload
))
2017 payload_type_t type
;
2019 type
= payload
->get_type(payload
);
2020 if (type
== rule
->type
)
2023 DBG2(DBG_ENC
, "found payload of type %N",
2024 payload_type_names
, type
);
2025 if (found
> rule
->max_occurence
)
2027 DBG1(DBG_ENC
, "payload of type %N more than %d times (%d) "
2028 "occurred in current message", payload_type_names
,
2029 type
, rule
->max_occurence
, found
);
2030 enumerator
->destroy(enumerator
);
2031 return VERIFY_ERROR
;
2035 enumerator
->destroy(enumerator
);
2037 if (!complete
&& found
< rule
->min_occurence
)
2039 DBG1(DBG_ENC
, "payload of type %N not occurred %d times (%d)",
2040 payload_type_names
, rule
->type
, rule
->min_occurence
, found
);
2041 return VERIFY_ERROR
;
2043 if (found
&& rule
->sufficient
)
2051 METHOD(message_t
, parse_body
, status_t
,
2052 private_message_t
*this, keymat_t
*keymat
)
2054 status_t status
= SUCCESS
;
2057 DBG2(DBG_ENC
, "parsing body of message, first payload is %N",
2058 payload_type_names
, this->first_payload
);
2060 this->rule
= get_message_rule(this);
2063 DBG1(DBG_ENC
, "no message rules specified for a %N %s",
2064 exchange_type_names
, this->exchange_type
,
2065 this->is_request ?
"request" : "response");
2066 return NOT_SUPPORTED
;
2069 status
= parse_payloads(this);
2070 if (status
!= SUCCESS
)
2071 { /* error is already logged */
2075 status
= decrypt_payloads(this, keymat
);
2076 if (status
!= SUCCESS
)
2078 DBG1(DBG_ENC
, "could not decrypt payloads");
2082 status
= verify(this);
2083 if (status
!= SUCCESS
)
2088 DBG1(DBG_ENC
, "parsed %s", get_string(this, str
, sizeof(str
)));
2090 if (keymat
&& keymat
->get_version(keymat
) == IKEV1
)
2092 keymat_v1_t
*keymat_v1
= (keymat_v1_t
*)keymat
;
2095 if (keymat_v1
->get_hash_phase2(keymat_v1
, &this->public, &hash
))
2097 hash_payload_t
*hash_payload
;
2100 if (this->first_payload
!= HASH_V1
)
2102 if (this->exchange_type
== INFORMATIONAL_V1
)
2104 DBG1(DBG_ENC
, "ignoring unprotected INFORMATIONAL from %H",
2105 this->packet
->get_source(this->packet
));
2109 DBG1(DBG_ENC
, "expected HASH payload as first payload");
2112 return VERIFY_ERROR
;
2114 hash_payload
= (hash_payload_t
*)get_payload(this, HASH_V1
);
2115 other_hash
= hash_payload
->get_hash(hash_payload
);
2116 DBG3(DBG_ENC
, "HASH received %B\nHASH expected %B",
2117 &other_hash
, &hash
);
2118 if (!chunk_equals(hash
, other_hash
))
2120 DBG1(DBG_ENC
, "received HASH payload does not match");
2126 if (this->is_encrypted
)
2127 { /* message verified, confirm IV */
2128 if (!keymat_v1
->confirm_iv(keymat_v1
, this->message_id
))
2137 METHOD(message_t
, destroy
, void,
2138 private_message_t
*this)
2140 DESTROY_IF(this->ike_sa_id
);
2141 this->payloads
->destroy_offset(this->payloads
, offsetof(payload_t
, destroy
));
2142 this->packet
->destroy(this->packet
);
2143 this->parser
->destroy(this->parser
);
2148 * Described in header.
2150 message_t
*message_create_from_packet(packet_t
*packet
)
2152 private_message_t
*this;
2156 .set_major_version
= _set_major_version
,
2157 .get_major_version
= _get_major_version
,
2158 .set_minor_version
= _set_minor_version
,
2159 .get_minor_version
= _get_minor_version
,
2160 .set_message_id
= _set_message_id
,
2161 .get_message_id
= _get_message_id
,
2162 .get_initiator_spi
= _get_initiator_spi
,
2163 .get_responder_spi
= _get_responder_spi
,
2164 .set_ike_sa_id
= _set_ike_sa_id
,
2165 .get_ike_sa_id
= _get_ike_sa_id
,
2166 .set_exchange_type
= _set_exchange_type
,
2167 .get_exchange_type
= _get_exchange_type
,
2168 .get_first_payload_type
= _get_first_payload_type
,
2169 .set_request
= _set_request
,
2170 .get_request
= _get_request
,
2171 .set_version_flag
= _set_version_flag
,
2172 .get_reserved_header_bit
= _get_reserved_header_bit
,
2173 .set_reserved_header_bit
= _set_reserved_header_bit
,
2174 .add_payload
= _add_payload
,
2175 .add_notify
= _add_notify
,
2176 .disable_sort
= _disable_sort
,
2177 .generate
= _generate
,
2178 .is_encoded
= _is_encoded
,
2179 .set_source
= _set_source
,
2180 .get_source
= _get_source
,
2181 .set_destination
= _set_destination
,
2182 .get_destination
= _get_destination
,
2183 .create_payload_enumerator
= _create_payload_enumerator
,
2184 .remove_payload_at
= _remove_payload_at
,
2185 .get_payload
= _get_payload
,
2186 .get_notify
= _get_notify
,
2187 .parse_header
= _parse_header
,
2188 .parse_body
= _parse_body
,
2189 .get_packet
= _get_packet
,
2190 .get_packet_data
= _get_packet_data
,
2191 .destroy
= _destroy
,
2193 .exchange_type
= EXCHANGE_TYPE_UNDEFINED
,
2195 .first_payload
= NO_PAYLOAD
,
2197 .payloads
= linked_list_create(),
2198 .parser
= parser_create(packet
->get_data(packet
)),
2201 return &this->public;
2205 * Described in header.
2207 message_t
*message_create(int major
, int minor
)
2209 message_t
*this = message_create_from_packet(packet_create());
2211 this->set_major_version(this, major
);
2212 this->set_minor_version(this, minor
);