iv_gen: Provide external sequence number (IKE, ESP)
[strongswan.git] / src / libcharon / encoding / message.c
1 /*
2 * Copyright (C) 2006-2013 Tobias Brunner
3 * Copyright (C) 2005-2010 Martin Willi
4 * Copyright (C) 2010 revosec AG
5 * Copyright (C) 2006 Daniel Roethlisberger
6 * Copyright (C) 2005 Jan Hutter
7 * Hochschule fuer Technik Rapperswil
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * for more details.
18 */
19
20 #include <stdlib.h>
21 #include <string.h>
22
23 #include "message.h"
24
25 #include <library.h>
26 #include <daemon.h>
27 #include <sa/ikev1/keymat_v1.h>
28 #include <encoding/generator.h>
29 #include <encoding/parser.h>
30 #include <encoding/payloads/encodings.h>
31 #include <encoding/payloads/payload.h>
32 #include <encoding/payloads/hash_payload.h>
33 #include <encoding/payloads/encryption_payload.h>
34 #include <encoding/payloads/unknown_payload.h>
35 #include <encoding/payloads/cp_payload.h>
36
37 /**
38 * Max number of notify payloads per IKEv2 message
39 */
40 #define MAX_NOTIFY_PAYLOADS 20
41
42 /**
43 * Max number of delete payloads per IKEv2 message
44 */
45 #define MAX_DELETE_PAYLOADS 20
46
47 /**
48 * Max number of certificate payloads per IKEv2 message
49 */
50 #define MAX_CERT_PAYLOADS 8
51
52 /**
53 * Max number of vendor ID payloads per IKEv2 message
54 */
55 #define MAX_VID_PAYLOADS 20
56
57 /**
58 * Max number of certificate request payloads per IKEv1 message
59 */
60 #define MAX_CERTREQ_PAYLOADS 20
61
62 /**
63 * Max number of NAT-D payloads per IKEv1 message
64 */
65 #define MAX_NAT_D_PAYLOADS 10
66
67 /**
68 * A payload rule defines the rules for a payload
69 * in a specific message rule. It defines if and how
70 * many times a payload must/can occur in a message
71 * and if it must be encrypted.
72 */
73 typedef struct {
74 /* Payload type */
75 payload_type_t type;
76 /* Minimal occurrence of this payload. */
77 size_t min_occurence;
78 /* Max occurrence of this payload. */
79 size_t max_occurence;
80 /* TRUE if payload must be encrypted */
81 bool encrypted;
82 /* If payload occurs, the message rule is fulfilled */
83 bool sufficient;
84 } payload_rule_t;
85
86 /**
87 * payload ordering structure allows us to reorder payloads according to RFC.
88 */
89 typedef struct {
90 /** payload type */
91 payload_type_t type;
92 /** notify type, if payload == NOTIFY */
93 notify_type_t notify;
94 } payload_order_t;
95
96 /**
97 * A message rule defines the kind of a message,
98 * if it has encrypted contents and a list
99 * of payload ordering rules and payload parsing rules.
100 */
101 typedef struct {
102 /** Type of message. */
103 exchange_type_t exchange_type;
104 /** Is message a request or response. */
105 bool is_request;
106 /** Message contains encrypted payloads. */
107 bool encrypted;
108 /** Number of payload rules which will follow */
109 int rule_count;
110 /** Pointer to first payload rule */
111 payload_rule_t *rules;
112 /** Number of payload order rules */
113 int order_count;
114 /** payload ordering rules */
115 payload_order_t *order;
116 } message_rule_t;
117
118 /**
119 * Message rule for IKE_SA_INIT from initiator.
120 */
121 static payload_rule_t ike_sa_init_i_rules[] = {
122 /* payload type min max encr suff */
123 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
124 {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
125 {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
126 {NONCE, 1, 1, FALSE, FALSE},
127 {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
128 };
129
130 /**
131 * payload order for IKE_SA_INIT initiator
132 */
133 static payload_order_t ike_sa_init_i_order[] = {
134 /* payload type notify type */
135 {NOTIFY, COOKIE},
136 {SECURITY_ASSOCIATION, 0},
137 {KEY_EXCHANGE, 0},
138 {NONCE, 0},
139 {NOTIFY, NAT_DETECTION_SOURCE_IP},
140 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
141 {NOTIFY, 0},
142 {VENDOR_ID, 0},
143 };
144
145 /**
146 * Message rule for IKE_SA_INIT from responder.
147 */
148 static payload_rule_t ike_sa_init_r_rules[] = {
149 /* payload type min max encr suff */
150 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, TRUE},
151 {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
152 {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
153 {NONCE, 1, 1, FALSE, FALSE},
154 {CERTIFICATE_REQUEST, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
155 {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
156 };
157
158 /**
159 * payload order for IKE_SA_INIT responder
160 */
161 static payload_order_t ike_sa_init_r_order[] = {
162 /* payload type notify type */
163 {SECURITY_ASSOCIATION, 0},
164 {KEY_EXCHANGE, 0},
165 {NONCE, 0},
166 {NOTIFY, NAT_DETECTION_SOURCE_IP},
167 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
168 {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
169 {CERTIFICATE_REQUEST, 0},
170 {NOTIFY, 0},
171 {VENDOR_ID, 0},
172 };
173
174 /**
175 * Message rule for IKE_AUTH from initiator.
176 */
177 static payload_rule_t ike_auth_i_rules[] = {
178 /* payload type min max encr suff */
179 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
180 {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
181 {AUTHENTICATION, 0, 1, TRUE, TRUE},
182 {ID_INITIATOR, 0, 1, TRUE, FALSE},
183 {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
184 {CERTIFICATE_REQUEST, 0, MAX_CERTREQ_PAYLOADS, TRUE, FALSE},
185 {ID_RESPONDER, 0, 1, TRUE, FALSE},
186 #ifdef ME
187 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
188 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
189 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
190 #else
191 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
192 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
193 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
194 #endif /* ME */
195 {CONFIGURATION, 0, 1, TRUE, FALSE},
196 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
197 };
198
199 /**
200 * payload order for IKE_AUTH initiator
201 */
202 static payload_order_t ike_auth_i_order[] = {
203 /* payload type notify type */
204 {ID_INITIATOR, 0},
205 {CERTIFICATE, 0},
206 {NOTIFY, INITIAL_CONTACT},
207 {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
208 {CERTIFICATE_REQUEST, 0},
209 {ID_RESPONDER, 0},
210 {AUTHENTICATION, 0},
211 {EXTENSIBLE_AUTHENTICATION, 0},
212 {CONFIGURATION, 0},
213 {NOTIFY, IPCOMP_SUPPORTED},
214 {NOTIFY, USE_TRANSPORT_MODE},
215 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
216 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
217 {SECURITY_ASSOCIATION, 0},
218 {TRAFFIC_SELECTOR_INITIATOR, 0},
219 {TRAFFIC_SELECTOR_RESPONDER, 0},
220 {NOTIFY, MOBIKE_SUPPORTED},
221 {NOTIFY, ADDITIONAL_IP4_ADDRESS},
222 {NOTIFY, ADDITIONAL_IP6_ADDRESS},
223 {NOTIFY, NO_ADDITIONAL_ADDRESSES},
224 {NOTIFY, 0},
225 {VENDOR_ID, 0},
226 };
227
228 /**
229 * Message rule for IKE_AUTH from responder.
230 */
231 static payload_rule_t ike_auth_r_rules[] = {
232 /* payload type min max encr suff */
233 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
234 {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
235 {AUTHENTICATION, 0, 1, TRUE, TRUE},
236 {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
237 {ID_RESPONDER, 0, 1, TRUE, FALSE},
238 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
239 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
240 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
241 {CONFIGURATION, 0, 1, TRUE, FALSE},
242 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
243 };
244
245 /**
246 * payload order for IKE_AUTH responder
247 */
248 static payload_order_t ike_auth_r_order[] = {
249 /* payload type notify type */
250 {ID_RESPONDER, 0},
251 {CERTIFICATE, 0},
252 {AUTHENTICATION, 0},
253 {EXTENSIBLE_AUTHENTICATION, 0},
254 {CONFIGURATION, 0},
255 {NOTIFY, IPCOMP_SUPPORTED},
256 {NOTIFY, USE_TRANSPORT_MODE},
257 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
258 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
259 {SECURITY_ASSOCIATION, 0},
260 {TRAFFIC_SELECTOR_INITIATOR, 0},
261 {TRAFFIC_SELECTOR_RESPONDER, 0},
262 {NOTIFY, AUTH_LIFETIME},
263 {NOTIFY, MOBIKE_SUPPORTED},
264 {NOTIFY, ADDITIONAL_IP4_ADDRESS},
265 {NOTIFY, ADDITIONAL_IP6_ADDRESS},
266 {NOTIFY, NO_ADDITIONAL_ADDRESSES},
267 {NOTIFY, 0},
268 {VENDOR_ID, 0},
269 };
270
271 /**
272 * Message rule for INFORMATIONAL from initiator.
273 */
274 static payload_rule_t informational_i_rules[] = {
275 /* payload type min max encr suff */
276 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
277 {CONFIGURATION, 0, 1, TRUE, FALSE},
278 {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
279 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
280 };
281
282 /**
283 * payload order for INFORMATIONAL initiator
284 */
285 static payload_order_t informational_i_order[] = {
286 /* payload type notify type */
287 {NOTIFY, UPDATE_SA_ADDRESSES},
288 {NOTIFY, NAT_DETECTION_SOURCE_IP},
289 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
290 {NOTIFY, COOKIE2},
291 {NOTIFY, 0},
292 {DELETE, 0},
293 {CONFIGURATION, 0},
294 };
295
296 /**
297 * Message rule for INFORMATIONAL from responder.
298 */
299 static payload_rule_t informational_r_rules[] = {
300 /* payload type min max encr suff */
301 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
302 {CONFIGURATION, 0, 1, TRUE, FALSE},
303 {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
304 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
305 };
306
307 /**
308 * payload order for INFORMATIONAL responder
309 */
310 static payload_order_t informational_r_order[] = {
311 /* payload type notify type */
312 {NOTIFY, UPDATE_SA_ADDRESSES},
313 {NOTIFY, NAT_DETECTION_SOURCE_IP},
314 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
315 {NOTIFY, COOKIE2},
316 {NOTIFY, 0},
317 {DELETE, 0},
318 {CONFIGURATION, 0},
319 };
320
321 /**
322 * Message rule for CREATE_CHILD_SA from initiator.
323 */
324 static payload_rule_t create_child_sa_i_rules[] = {
325 /* payload type min max encr suff */
326 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
327 {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
328 {NONCE, 1, 1, TRUE, FALSE},
329 {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
330 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
331 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
332 {CONFIGURATION, 0, 1, TRUE, FALSE},
333 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
334 };
335
336 /**
337 * payload order for CREATE_CHILD_SA from initiator.
338 */
339 static payload_order_t create_child_sa_i_order[] = {
340 /* payload type notify type */
341 {NOTIFY, REKEY_SA},
342 {NOTIFY, IPCOMP_SUPPORTED},
343 {NOTIFY, USE_TRANSPORT_MODE},
344 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
345 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
346 {SECURITY_ASSOCIATION, 0},
347 {NONCE, 0},
348 {KEY_EXCHANGE, 0},
349 {TRAFFIC_SELECTOR_INITIATOR, 0},
350 {TRAFFIC_SELECTOR_RESPONDER, 0},
351 {NOTIFY, 0},
352 };
353
354 /**
355 * Message rule for CREATE_CHILD_SA from responder.
356 */
357 static payload_rule_t create_child_sa_r_rules[] = {
358 /* payload type min max encr suff */
359 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
360 {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
361 {NONCE, 1, 1, TRUE, FALSE},
362 {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
363 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
364 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
365 {CONFIGURATION, 0, 1, TRUE, FALSE},
366 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
367 };
368
369 /**
370 * payload order for CREATE_CHILD_SA from responder.
371 */
372 static payload_order_t create_child_sa_r_order[] = {
373 /* payload type notify type */
374 {NOTIFY, IPCOMP_SUPPORTED},
375 {NOTIFY, USE_TRANSPORT_MODE},
376 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
377 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
378 {SECURITY_ASSOCIATION, 0},
379 {NONCE, 0},
380 {KEY_EXCHANGE, 0},
381 {TRAFFIC_SELECTOR_INITIATOR, 0},
382 {TRAFFIC_SELECTOR_RESPONDER, 0},
383 {NOTIFY, ADDITIONAL_TS_POSSIBLE},
384 {NOTIFY, 0},
385 };
386
387 #ifdef ME
388 /**
389 * Message rule for ME_CONNECT from initiator.
390 */
391 static payload_rule_t me_connect_i_rules[] = {
392 /* payload type min max encr suff */
393 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
394 {ID_PEER, 1, 1, TRUE, FALSE},
395 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
396 };
397
398 /**
399 * payload order for ME_CONNECT from initiator.
400 */
401 static payload_order_t me_connect_i_order[] = {
402 /* payload type notify type */
403 {NOTIFY, 0},
404 {ID_PEER, 0},
405 {VENDOR_ID, 0},
406 };
407
408 /**
409 * Message rule for ME_CONNECT from responder.
410 */
411 static payload_rule_t me_connect_r_rules[] = {
412 /* payload type min max encr suff */
413 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
414 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
415 };
416
417 /**
418 * payload order for ME_CONNECT from responder.
419 */
420 static payload_order_t me_connect_r_order[] = {
421 /* payload type notify type */
422 {NOTIFY, 0},
423 {VENDOR_ID, 0},
424 };
425 #endif /* ME */
426
427 #ifdef USE_IKEV1
428 /**
429 * Message rule for ID_PROT from initiator.
430 */
431 static payload_rule_t id_prot_i_rules[] = {
432 /* payload type min max encr suff */
433 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
434 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
435 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
436 {NONCE_V1, 0, 1, FALSE, FALSE},
437 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
438 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
439 {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
440 {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
441 {ID_V1, 0, 1, TRUE, FALSE},
442 {CERTIFICATE_V1, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
443 {SIGNATURE_V1, 0, 1, TRUE, FALSE},
444 {HASH_V1, 0, 1, TRUE, FALSE},
445 {FRAGMENT_V1, 0, 1, FALSE, TRUE},
446 };
447
448 /**
449 * payload order for ID_PROT from initiator.
450 */
451 static payload_order_t id_prot_i_order[] = {
452 /* payload type notify type */
453 {SECURITY_ASSOCIATION_V1, 0},
454 {KEY_EXCHANGE_V1, 0},
455 {NONCE_V1, 0},
456 {ID_V1, 0},
457 {CERTIFICATE_V1, 0},
458 {SIGNATURE_V1, 0},
459 {HASH_V1, 0},
460 {CERTIFICATE_REQUEST_V1, 0},
461 {NOTIFY_V1, 0},
462 {VENDOR_ID_V1, 0},
463 {NAT_D_V1, 0},
464 {NAT_D_DRAFT_00_03_V1, 0},
465 {FRAGMENT_V1, 0},
466 };
467
468 /**
469 * Message rule for ID_PROT from responder.
470 */
471 static payload_rule_t id_prot_r_rules[] = {
472 /* payload type min max encr suff */
473 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
474 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
475 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
476 {NONCE_V1, 0, 1, FALSE, FALSE},
477 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
478 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
479 {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
480 {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
481 {ID_V1, 0, 1, TRUE, FALSE},
482 {CERTIFICATE_V1, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
483 {SIGNATURE_V1, 0, 1, TRUE, FALSE},
484 {HASH_V1, 0, 1, TRUE, FALSE},
485 {FRAGMENT_V1, 0, 1, FALSE, TRUE},
486 };
487
488 /**
489 * payload order for ID_PROT from responder.
490 */
491 static payload_order_t id_prot_r_order[] = {
492 /* payload type notify type */
493 {SECURITY_ASSOCIATION_V1, 0},
494 {KEY_EXCHANGE_V1, 0},
495 {NONCE_V1, 0},
496 {ID_V1, 0},
497 {CERTIFICATE_V1, 0},
498 {SIGNATURE_V1, 0},
499 {HASH_V1, 0},
500 {CERTIFICATE_REQUEST_V1, 0},
501 {NOTIFY_V1, 0},
502 {VENDOR_ID_V1, 0},
503 {NAT_D_V1, 0},
504 {NAT_D_DRAFT_00_03_V1, 0},
505 {FRAGMENT_V1, 0},
506 };
507
508 /**
509 * Message rule for AGGRESSIVE from initiator.
510 */
511 static payload_rule_t aggressive_i_rules[] = {
512 /* payload type min max encr suff */
513 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
514 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
515 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
516 {NONCE_V1, 0, 1, FALSE, FALSE},
517 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
518 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
519 {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
520 {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
521 {ID_V1, 0, 1, FALSE, FALSE},
522 {CERTIFICATE_V1, 0, 1, TRUE, FALSE},
523 {SIGNATURE_V1, 0, 1, TRUE, FALSE},
524 {HASH_V1, 0, 1, TRUE, FALSE},
525 {FRAGMENT_V1, 0, 1, FALSE, TRUE},
526 };
527
528 /**
529 * payload order for AGGRESSIVE from initiator.
530 */
531 static payload_order_t aggressive_i_order[] = {
532 /* payload type notify type */
533 {SECURITY_ASSOCIATION_V1, 0},
534 {KEY_EXCHANGE_V1, 0},
535 {NONCE_V1, 0},
536 {ID_V1, 0},
537 {CERTIFICATE_V1, 0},
538 {NAT_D_V1, 0},
539 {NAT_D_DRAFT_00_03_V1, 0},
540 {SIGNATURE_V1, 0},
541 {HASH_V1, 0},
542 {CERTIFICATE_REQUEST_V1, 0},
543 {NOTIFY_V1, 0},
544 {VENDOR_ID_V1, 0},
545 {FRAGMENT_V1, 0},
546 };
547
548 /**
549 * Message rule for AGGRESSIVE from responder.
550 */
551 static payload_rule_t aggressive_r_rules[] = {
552 /* payload type min max encr suff */
553 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
554 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
555 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
556 {NONCE_V1, 0, 1, FALSE, FALSE},
557 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
558 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
559 {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
560 {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
561 {ID_V1, 0, 1, FALSE, FALSE},
562 {CERTIFICATE_V1, 0, 1, FALSE, FALSE},
563 {SIGNATURE_V1, 0, 1, FALSE, FALSE},
564 {HASH_V1, 0, 1, FALSE, FALSE},
565 {FRAGMENT_V1, 0, 1, FALSE, TRUE},
566 };
567
568 /**
569 * payload order for AGGRESSIVE from responder.
570 */
571 static payload_order_t aggressive_r_order[] = {
572 /* payload type notify type */
573 {SECURITY_ASSOCIATION_V1, 0},
574 {KEY_EXCHANGE_V1, 0},
575 {NONCE_V1, 0},
576 {ID_V1, 0},
577 {CERTIFICATE_V1, 0},
578 {NAT_D_V1, 0},
579 {NAT_D_DRAFT_00_03_V1, 0},
580 {SIGNATURE_V1, 0},
581 {HASH_V1, 0},
582 {CERTIFICATE_REQUEST_V1, 0},
583 {NOTIFY_V1, 0},
584 {VENDOR_ID_V1, 0},
585 {FRAGMENT_V1, 0},
586 };
587
588 /**
589 * Message rule for INFORMATIONAL_V1 from initiator.
590 */
591 static payload_rule_t informational_i_rules_v1[] = {
592 /* payload type min max encr suff */
593 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
594 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
595 {DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
596 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
597 };
598
599 /**
600 * payload order for INFORMATIONAL_V1 from initiator.
601 */
602 static payload_order_t informational_i_order_v1[] = {
603 /* payload type notify type */
604 {NOTIFY_V1, 0},
605 {DELETE_V1, 0},
606 {VENDOR_ID_V1, 0},
607 };
608
609 /**
610 * Message rule for INFORMATIONAL_V1 from responder.
611 */
612 static payload_rule_t informational_r_rules_v1[] = {
613 /* payload type min max encr suff */
614 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
615 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
616 {DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
617 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
618 };
619
620 /**
621 * payload order for INFORMATIONAL_V1 from responder.
622 */
623 static payload_order_t informational_r_order_v1[] = {
624 /* payload type notify type */
625 {NOTIFY_V1, 0},
626 {DELETE_V1, 0},
627 {VENDOR_ID_V1, 0},
628 };
629
630 /**
631 * Message rule for QUICK_MODE from initiator.
632 */
633 static payload_rule_t quick_mode_i_rules[] = {
634 /* payload type min max encr suff */
635 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
636 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
637 {HASH_V1, 0, 1, TRUE, FALSE},
638 {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
639 {NONCE_V1, 0, 1, TRUE, FALSE},
640 {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
641 {ID_V1, 0, 2, TRUE, FALSE},
642 {NAT_OA_V1, 0, 2, TRUE, FALSE},
643 {NAT_OA_DRAFT_00_03_V1, 0, 2, TRUE, FALSE},
644 };
645
646 /**
647 * payload order for QUICK_MODE from initiator.
648 */
649 static payload_order_t quick_mode_i_order[] = {
650 /* payload type notify type */
651 {NOTIFY_V1, 0},
652 {VENDOR_ID_V1, 0},
653 {HASH_V1, 0},
654 {SECURITY_ASSOCIATION_V1, 0},
655 {NONCE_V1, 0},
656 {KEY_EXCHANGE_V1, 0},
657 {ID_V1, 0},
658 {NAT_OA_V1, 0},
659 {NAT_OA_DRAFT_00_03_V1, 0},
660 };
661
662 /**
663 * Message rule for QUICK_MODE from responder.
664 */
665 static payload_rule_t quick_mode_r_rules[] = {
666 /* payload type min max encr suff */
667 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
668 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
669 {HASH_V1, 0, 1, TRUE, FALSE},
670 {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
671 {NONCE_V1, 0, 1, TRUE, FALSE},
672 {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
673 {ID_V1, 0, 2, TRUE, FALSE},
674 {NAT_OA_V1, 0, 2, TRUE, FALSE},
675 {NAT_OA_DRAFT_00_03_V1, 0, 2, TRUE, FALSE},
676 };
677
678 /**
679 * payload order for QUICK_MODE from responder.
680 */
681 static payload_order_t quick_mode_r_order[] = {
682 /* payload type notify type */
683 {NOTIFY_V1, 0},
684 {VENDOR_ID_V1, 0},
685 {HASH_V1, 0},
686 {SECURITY_ASSOCIATION_V1, 0},
687 {NONCE_V1, 0},
688 {KEY_EXCHANGE_V1, 0},
689 {ID_V1, 0},
690 {NAT_OA_V1, 0},
691 {NAT_OA_DRAFT_00_03_V1, 0},
692 };
693
694 /**
695 * Message rule for TRANSACTION.
696 */
697 static payload_rule_t transaction_payload_rules_v1[] = {
698 /* payload type min max encr suff */
699 {HASH_V1, 0, 1, TRUE, FALSE},
700 {CONFIGURATION_V1, 1, 1, FALSE, FALSE},
701 };
702
703 /**
704 * Payload order for TRANSACTION.
705 */
706 static payload_order_t transaction_payload_order_v1[] = {
707 /* payload type notify type */
708 {HASH_V1, 0},
709 {CONFIGURATION_V1, 0},
710 };
711
712 #endif /* USE_IKEV1 */
713
714 /**
715 * Message rules, defines allowed payloads.
716 */
717 static message_rule_t message_rules[] = {
718 {IKE_SA_INIT, TRUE, FALSE,
719 countof(ike_sa_init_i_rules), ike_sa_init_i_rules,
720 countof(ike_sa_init_i_order), ike_sa_init_i_order,
721 },
722 {IKE_SA_INIT, FALSE, FALSE,
723 countof(ike_sa_init_r_rules), ike_sa_init_r_rules,
724 countof(ike_sa_init_r_order), ike_sa_init_r_order,
725 },
726 {IKE_AUTH, TRUE, TRUE,
727 countof(ike_auth_i_rules), ike_auth_i_rules,
728 countof(ike_auth_i_order), ike_auth_i_order,
729 },
730 {IKE_AUTH, FALSE, TRUE,
731 countof(ike_auth_r_rules), ike_auth_r_rules,
732 countof(ike_auth_r_order), ike_auth_r_order,
733 },
734 {INFORMATIONAL, TRUE, TRUE,
735 countof(informational_i_rules), informational_i_rules,
736 countof(informational_i_order), informational_i_order,
737 },
738 {INFORMATIONAL, FALSE, TRUE,
739 countof(informational_r_rules), informational_r_rules,
740 countof(informational_r_order), informational_r_order,
741 },
742 {CREATE_CHILD_SA, TRUE, TRUE,
743 countof(create_child_sa_i_rules), create_child_sa_i_rules,
744 countof(create_child_sa_i_order), create_child_sa_i_order,
745 },
746 {CREATE_CHILD_SA, FALSE, TRUE,
747 countof(create_child_sa_r_rules), create_child_sa_r_rules,
748 countof(create_child_sa_r_order), create_child_sa_r_order,
749 },
750 #ifdef ME
751 {ME_CONNECT, TRUE, TRUE,
752 countof(me_connect_i_rules), me_connect_i_rules,
753 countof(me_connect_i_order), me_connect_i_order,
754 },
755 {ME_CONNECT, FALSE, TRUE,
756 countof(me_connect_r_rules), me_connect_r_rules,
757 countof(me_connect_r_order), me_connect_r_order,
758 },
759 #endif /* ME */
760 #ifdef USE_IKEV1
761 {ID_PROT, TRUE, FALSE,
762 countof(id_prot_i_rules), id_prot_i_rules,
763 countof(id_prot_i_order), id_prot_i_order,
764 },
765 {ID_PROT, FALSE, FALSE,
766 countof(id_prot_r_rules), id_prot_r_rules,
767 countof(id_prot_r_order), id_prot_r_order,
768 },
769 {AGGRESSIVE, TRUE, FALSE,
770 countof(aggressive_i_rules), aggressive_i_rules,
771 countof(aggressive_i_order), aggressive_i_order,
772 },
773 {AGGRESSIVE, FALSE, FALSE,
774 countof(aggressive_r_rules), aggressive_r_rules,
775 countof(aggressive_r_order), aggressive_r_order,
776 },
777 {INFORMATIONAL_V1, TRUE, TRUE,
778 countof(informational_i_rules_v1), informational_i_rules_v1,
779 countof(informational_i_order_v1), informational_i_order_v1,
780 },
781 {INFORMATIONAL_V1, FALSE, TRUE,
782 countof(informational_r_rules_v1), informational_r_rules_v1,
783 countof(informational_r_order_v1), informational_r_order_v1,
784 },
785 {QUICK_MODE, TRUE, TRUE,
786 countof(quick_mode_i_rules), quick_mode_i_rules,
787 countof(quick_mode_i_order), quick_mode_i_order,
788 },
789 {QUICK_MODE, FALSE, TRUE,
790 countof(quick_mode_r_rules), quick_mode_r_rules,
791 countof(quick_mode_r_order), quick_mode_r_order,
792 },
793 {TRANSACTION, TRUE, TRUE,
794 countof(transaction_payload_rules_v1), transaction_payload_rules_v1,
795 countof(transaction_payload_order_v1), transaction_payload_order_v1,
796 },
797 {TRANSACTION, FALSE, TRUE,
798 countof(transaction_payload_rules_v1), transaction_payload_rules_v1,
799 countof(transaction_payload_order_v1), transaction_payload_order_v1,
800 },
801 /* TODO-IKEv1: define rules for other exchanges */
802 #endif /* USE_IKEV1 */
803 };
804
805
806 typedef struct private_message_t private_message_t;
807
808 /**
809 * Private data of an message_t object.
810 */
811 struct private_message_t {
812
813 /**
814 * Public part of a message_t object.
815 */
816 message_t public;
817
818 /**
819 * Minor version of message.
820 */
821 u_int8_t major_version;
822
823 /**
824 * Major version of message.
825 */
826 u_int8_t minor_version;
827
828 /**
829 * First Payload in message.
830 */
831 payload_type_t first_payload;
832
833 /**
834 * Assigned exchange type.
835 */
836 exchange_type_t exchange_type;
837
838 /**
839 * TRUE if message is a request, FALSE if a reply.
840 */
841 bool is_request;
842
843 /**
844 * The message is encrypted (IKEv1)
845 */
846 bool is_encrypted;
847
848 /**
849 * Higher version supported?
850 */
851 bool version_flag;
852
853 /**
854 * Reserved bits in IKE header
855 */
856 bool reserved[2];
857
858 /**
859 * Sorting of message disabled?
860 */
861 bool sort_disabled;
862
863 /**
864 * Message ID of this message.
865 */
866 u_int32_t message_id;
867
868 /**
869 * ID of assigned IKE_SA.
870 */
871 ike_sa_id_t *ike_sa_id;
872
873 /**
874 * Assigned UDP packet, stores incoming packet or last generated one.
875 */
876 packet_t *packet;
877
878 /**
879 * Linked List where payload data are stored in.
880 */
881 linked_list_t *payloads;
882
883 /**
884 * Assigned parser to parse Header and Body of this message.
885 */
886 parser_t *parser;
887
888 /**
889 * The message rule for this message instance
890 */
891 message_rule_t *rule;
892 };
893
894 /**
895 * Get the message rule that applies to this message
896 */
897 static message_rule_t* get_message_rule(private_message_t *this)
898 {
899 int i;
900
901 for (i = 0; i < countof(message_rules); i++)
902 {
903 if ((this->exchange_type == message_rules[i].exchange_type) &&
904 (this->is_request == message_rules[i].is_request))
905 {
906 return &message_rules[i];
907 }
908 }
909 return NULL;
910 }
911
912 /**
913 * Look up a payload rule
914 */
915 static payload_rule_t* get_payload_rule(private_message_t *this,
916 payload_type_t type)
917 {
918 int i;
919
920 for (i = 0; i < this->rule->rule_count;i++)
921 {
922 if (this->rule->rules[i].type == type)
923 {
924 return &this->rule->rules[i];
925 }
926 }
927 return NULL;
928 }
929
930 METHOD(message_t, set_ike_sa_id, void,
931 private_message_t *this,ike_sa_id_t *ike_sa_id)
932 {
933 DESTROY_IF(this->ike_sa_id);
934 this->ike_sa_id = ike_sa_id->clone(ike_sa_id);
935 }
936
937 METHOD(message_t, get_ike_sa_id, ike_sa_id_t*,
938 private_message_t *this)
939 {
940 return this->ike_sa_id;
941 }
942
943 METHOD(message_t, set_message_id, void,
944 private_message_t *this,u_int32_t message_id)
945 {
946 this->message_id = message_id;
947 }
948
949 METHOD(message_t, get_message_id, u_int32_t,
950 private_message_t *this)
951 {
952 return this->message_id;
953 }
954
955 METHOD(message_t, get_initiator_spi, u_int64_t,
956 private_message_t *this)
957 {
958 return (this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
959 }
960
961 METHOD(message_t, get_responder_spi, u_int64_t,
962 private_message_t *this)
963 {
964 return (this->ike_sa_id->get_responder_spi(this->ike_sa_id));
965 }
966
967 METHOD(message_t, set_major_version, void,
968 private_message_t *this, u_int8_t major_version)
969 {
970 this->major_version = major_version;
971 }
972
973 METHOD(message_t, get_major_version, u_int8_t,
974 private_message_t *this)
975 {
976 return this->major_version;
977 }
978
979 METHOD(message_t, set_minor_version, void,
980 private_message_t *this,u_int8_t minor_version)
981 {
982 this->minor_version = minor_version;
983 }
984
985 METHOD(message_t, get_minor_version, u_int8_t,
986 private_message_t *this)
987 {
988 return this->minor_version;
989 }
990
991 METHOD(message_t, set_exchange_type, void,
992 private_message_t *this, exchange_type_t exchange_type)
993 {
994 this->exchange_type = exchange_type;
995 }
996
997 METHOD(message_t, get_exchange_type, exchange_type_t,
998 private_message_t *this)
999 {
1000 return this->exchange_type;
1001 }
1002
1003 METHOD(message_t, get_first_payload_type, payload_type_t,
1004 private_message_t *this)
1005 {
1006 return this->first_payload;
1007 }
1008
1009 METHOD(message_t, set_request, void,
1010 private_message_t *this, bool request)
1011 {
1012 this->is_request = request;
1013 }
1014
1015 METHOD(message_t, get_request, bool,
1016 private_message_t *this)
1017 {
1018 return this->is_request;
1019 }
1020
1021 METHOD(message_t, set_version_flag, void,
1022 private_message_t *this)
1023 {
1024 this->version_flag = TRUE;
1025 }
1026
1027 METHOD(message_t, get_reserved_header_bit, bool,
1028 private_message_t *this, u_int nr)
1029 {
1030 if (nr < countof(this->reserved))
1031 {
1032 return this->reserved[nr];
1033 }
1034 return FALSE;
1035 }
1036
1037 METHOD(message_t, set_reserved_header_bit, void,
1038 private_message_t *this, u_int nr)
1039 {
1040 if (nr < countof(this->reserved))
1041 {
1042 this->reserved[nr] = TRUE;
1043 }
1044 }
1045
1046 METHOD(message_t, is_encoded, bool,
1047 private_message_t *this)
1048 {
1049 return this->packet->get_data(this->packet).ptr != NULL;
1050 }
1051
1052 METHOD(message_t, add_payload, void,
1053 private_message_t *this, payload_t *payload)
1054 {
1055 payload_t *last_payload;
1056
1057 if (this->payloads->get_count(this->payloads) > 0)
1058 {
1059 this->payloads->get_last(this->payloads, (void **)&last_payload);
1060 last_payload->set_next_type(last_payload, payload->get_type(payload));
1061 }
1062 else
1063 {
1064 this->first_payload = payload->get_type(payload);
1065 }
1066 payload->set_next_type(payload, NO_PAYLOAD);
1067 this->payloads->insert_last(this->payloads, payload);
1068
1069 DBG2(DBG_ENC ,"added payload of type %N to message",
1070 payload_type_names, payload->get_type(payload));
1071 }
1072
1073 METHOD(message_t, add_notify, void,
1074 private_message_t *this, bool flush, notify_type_t type, chunk_t data)
1075 {
1076 notify_payload_t *notify;
1077 payload_t *payload;
1078
1079 if (flush)
1080 {
1081 while (this->payloads->remove_last(this->payloads,
1082 (void**)&payload) == SUCCESS)
1083 {
1084 payload->destroy(payload);
1085 }
1086 }
1087 if (this->major_version == IKEV2_MAJOR_VERSION)
1088 {
1089 notify = notify_payload_create(NOTIFY);
1090 }
1091 else
1092 {
1093 notify = notify_payload_create(NOTIFY_V1);
1094 }
1095 notify->set_notify_type(notify, type);
1096 notify->set_notification_data(notify, data);
1097 add_payload(this, (payload_t*)notify);
1098 }
1099
1100 METHOD(message_t, set_source, void,
1101 private_message_t *this, host_t *host)
1102 {
1103 this->packet->set_source(this->packet, host);
1104 }
1105
1106 METHOD(message_t, set_destination, void,
1107 private_message_t *this, host_t *host)
1108 {
1109 this->packet->set_destination(this->packet, host);
1110 }
1111
1112 METHOD(message_t, get_source, host_t*,
1113 private_message_t *this)
1114 {
1115 return this->packet->get_source(this->packet);
1116 }
1117
1118 METHOD(message_t, get_destination, host_t*,
1119 private_message_t *this)
1120 {
1121 return this->packet->get_destination(this->packet);
1122 }
1123
1124 METHOD(message_t, create_payload_enumerator, enumerator_t*,
1125 private_message_t *this)
1126 {
1127 return this->payloads->create_enumerator(this->payloads);
1128 }
1129
1130 METHOD(message_t, remove_payload_at, void,
1131 private_message_t *this, enumerator_t *enumerator)
1132 {
1133 this->payloads->remove_at(this->payloads, enumerator);
1134 }
1135
1136 METHOD(message_t, get_payload, payload_t*,
1137 private_message_t *this, payload_type_t type)
1138 {
1139 payload_t *current, *found = NULL;
1140 enumerator_t *enumerator;
1141
1142 enumerator = create_payload_enumerator(this);
1143 while (enumerator->enumerate(enumerator, &current))
1144 {
1145 if (current->get_type(current) == type)
1146 {
1147 found = current;
1148 break;
1149 }
1150 }
1151 enumerator->destroy(enumerator);
1152 return found;
1153 }
1154
1155 METHOD(message_t, get_notify, notify_payload_t*,
1156 private_message_t *this, notify_type_t type)
1157 {
1158 enumerator_t *enumerator;
1159 notify_payload_t *notify = NULL;
1160 payload_t *payload;
1161
1162 enumerator = create_payload_enumerator(this);
1163 while (enumerator->enumerate(enumerator, &payload))
1164 {
1165 if (payload->get_type(payload) == NOTIFY ||
1166 payload->get_type(payload) == NOTIFY_V1)
1167 {
1168 notify = (notify_payload_t*)payload;
1169 if (notify->get_notify_type(notify) == type)
1170 {
1171 break;
1172 }
1173 notify = NULL;
1174 }
1175 }
1176 enumerator->destroy(enumerator);
1177 return notify;
1178 }
1179
1180 /**
1181 * get a string representation of the message
1182 */
1183 static char* get_string(private_message_t *this, char *buf, int len)
1184 {
1185 enumerator_t *enumerator;
1186 payload_t *payload;
1187 int written;
1188 char *pos = buf;
1189
1190 memset(buf, 0, len);
1191 len--;
1192
1193 written = snprintf(pos, len, "%N %s %u [",
1194 exchange_type_names, this->exchange_type,
1195 this->is_request ? "request" : "response",
1196 this->message_id);
1197 if (written >= len || written < 0)
1198 {
1199 return "";
1200 }
1201 pos += written;
1202 len -= written;
1203
1204 enumerator = create_payload_enumerator(this);
1205 while (enumerator->enumerate(enumerator, &payload))
1206 {
1207 written = snprintf(pos, len, " %N", payload_type_short_names,
1208 payload->get_type(payload));
1209 if (written >= len || written < 0)
1210 {
1211 return buf;
1212 }
1213 pos += written;
1214 len -= written;
1215 if (payload->get_type(payload) == NOTIFY ||
1216 payload->get_type(payload) == NOTIFY_V1)
1217 {
1218 notify_payload_t *notify;
1219 notify_type_t type;
1220 chunk_t data;
1221
1222 notify = (notify_payload_t*)payload;
1223 type = notify->get_notify_type(notify);
1224 data = notify->get_notification_data(notify);
1225 if (type == MS_NOTIFY_STATUS && data.len == 4)
1226 {
1227 written = snprintf(pos, len, "(%N(%d))", notify_type_short_names,
1228 type, untoh32(data.ptr));
1229 }
1230 else
1231 {
1232 written = snprintf(pos, len, "(%N)", notify_type_short_names,
1233 type);
1234 }
1235 if (written >= len || written < 0)
1236 {
1237 return buf;
1238 }
1239 pos += written;
1240 len -= written;
1241 }
1242 if (payload->get_type(payload) == EXTENSIBLE_AUTHENTICATION)
1243 {
1244 eap_payload_t *eap = (eap_payload_t*)payload;
1245 u_int32_t vendor;
1246 eap_type_t type;
1247 char method[64] = "";
1248
1249 type = eap->get_type(eap, &vendor);
1250 if (type)
1251 {
1252 if (vendor)
1253 {
1254 snprintf(method, sizeof(method), "/%d-%d", type, vendor);
1255 }
1256 else
1257 {
1258 snprintf(method, sizeof(method), "/%N",
1259 eap_type_short_names, type);
1260 }
1261 }
1262 written = snprintf(pos, len, "/%N%s", eap_code_short_names,
1263 eap->get_code(eap), method);
1264 if (written >= len || written < 0)
1265 {
1266 return buf;
1267 }
1268 pos += written;
1269 len -= written;
1270 }
1271 if (payload->get_type(payload) == CONFIGURATION ||
1272 payload->get_type(payload) == CONFIGURATION_V1)
1273 {
1274 cp_payload_t *cp = (cp_payload_t*)payload;
1275 enumerator_t *attributes;
1276 configuration_attribute_t *attribute;
1277 bool first = TRUE;
1278 char *pfx;
1279
1280 switch (cp->get_type(cp))
1281 {
1282 case CFG_REQUEST:
1283 pfx = "RQ(";
1284 break;
1285 case CFG_REPLY:
1286 pfx = "RP(";
1287 break;
1288 case CFG_SET:
1289 pfx = "S(";
1290 break;
1291 case CFG_ACK:
1292 pfx = "A(";
1293 break;
1294 default:
1295 pfx = "(";
1296 break;
1297 }
1298
1299 attributes = cp->create_attribute_enumerator(cp);
1300 while (attributes->enumerate(attributes, &attribute))
1301 {
1302 written = snprintf(pos, len, "%s%N", first ? pfx : " ",
1303 configuration_attribute_type_short_names,
1304 attribute->get_type(attribute));
1305 if (written >= len || written < 0)
1306 {
1307 return buf;
1308 }
1309 pos += written;
1310 len -= written;
1311 first = FALSE;
1312 }
1313 attributes->destroy(attributes);
1314 if (!first)
1315 {
1316 written = snprintf(pos, len, ")");
1317 if (written >= len || written < 0)
1318 {
1319 return buf;
1320 }
1321 pos += written;
1322 len -= written;
1323 }
1324 }
1325 }
1326 enumerator->destroy(enumerator);
1327
1328 /* remove last space */
1329 snprintf(pos, len, " ]");
1330 return buf;
1331 }
1332
1333 /**
1334 * reorder payloads depending on reordering rules
1335 */
1336 static void order_payloads(private_message_t *this)
1337 {
1338 linked_list_t *list;
1339 payload_t *payload;
1340 int i;
1341
1342 /* move to temp list */
1343 list = linked_list_create();
1344 while (this->payloads->remove_last(this->payloads,
1345 (void**)&payload) == SUCCESS)
1346 {
1347 list->insert_first(list, payload);
1348 }
1349 /* for each rule, ... */
1350 for (i = 0; i < this->rule->order_count; i++)
1351 {
1352 enumerator_t *enumerator;
1353 notify_payload_t *notify;
1354 payload_order_t order;
1355
1356 order = this->rule->order[i];
1357
1358 /* ... find all payload ... */
1359 enumerator = list->create_enumerator(list);
1360 while (enumerator->enumerate(enumerator, &payload))
1361 {
1362 /* ... with that type ... */
1363 if (payload->get_type(payload) == order.type)
1364 {
1365 notify = (notify_payload_t*)payload;
1366
1367 /**... and check notify for type. */
1368 if (order.type != NOTIFY || order.notify == 0 ||
1369 order.notify == notify->get_notify_type(notify))
1370 {
1371 list->remove_at(list, enumerator);
1372 add_payload(this, payload);
1373 }
1374 }
1375 }
1376 enumerator->destroy(enumerator);
1377 }
1378 /* append all payloads without a rule to the end */
1379 while (list->remove_last(list, (void**)&payload) == SUCCESS)
1380 {
1381 /* do not complain about payloads in private use space */
1382 if (payload->get_type(payload) < 128)
1383 {
1384 DBG1(DBG_ENC, "payload %N has no ordering rule in %N %s",
1385 payload_type_names, payload->get_type(payload),
1386 exchange_type_names, this->rule->exchange_type,
1387 this->rule->is_request ? "request" : "response");
1388 }
1389 add_payload(this, payload);
1390 }
1391 list->destroy(list);
1392 }
1393
1394 /**
1395 * Wrap payloads in an encryption payload
1396 */
1397 static encryption_payload_t* wrap_payloads(private_message_t *this)
1398 {
1399 encryption_payload_t *encryption;
1400 linked_list_t *payloads;
1401 payload_t *current;
1402
1403 /* copy all payloads in a temporary list */
1404 payloads = linked_list_create();
1405 while (this->payloads->remove_first(this->payloads,
1406 (void**)&current) == SUCCESS)
1407 {
1408 payloads->insert_last(payloads, current);
1409 }
1410
1411 if (this->is_encrypted)
1412 {
1413 encryption = encryption_payload_create(ENCRYPTED_V1);
1414 }
1415 else
1416 {
1417 encryption = encryption_payload_create(ENCRYPTED);
1418 }
1419 while (payloads->remove_first(payloads, (void**)&current) == SUCCESS)
1420 {
1421 payload_rule_t *rule;
1422 payload_type_t type;
1423 bool encrypt = TRUE;
1424
1425 type = current->get_type(current);
1426 rule = get_payload_rule(this, type);
1427 if (rule)
1428 {
1429 encrypt = rule->encrypted;
1430 }
1431 if (encrypt || this->is_encrypted)
1432 { /* encryption is forced for IKEv1 */
1433 DBG2(DBG_ENC, "insert payload %N into encrypted payload",
1434 payload_type_names, type);
1435 encryption->add_payload(encryption, current);
1436 }
1437 else
1438 {
1439 DBG2(DBG_ENC, "insert payload %N unencrypted",
1440 payload_type_names, type);
1441 add_payload(this, current);
1442 }
1443 }
1444 payloads->destroy(payloads);
1445
1446 return encryption;
1447 }
1448
1449 METHOD(message_t, disable_sort, void,
1450 private_message_t *this)
1451 {
1452 this->sort_disabled = TRUE;
1453 }
1454
1455 METHOD(message_t, generate, status_t,
1456 private_message_t *this, keymat_t *keymat, packet_t **packet)
1457 {
1458 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
1459 generator_t *generator;
1460 ike_header_t *ike_header;
1461 payload_t *payload, *next;
1462 encryption_payload_t *encryption = NULL;
1463 payload_type_t next_type;
1464 enumerator_t *enumerator;
1465 aead_t *aead = NULL;
1466 chunk_t chunk, hash = chunk_empty;
1467 char str[BUF_LEN];
1468 u_int32_t *lenpos;
1469 bool encrypted = FALSE, *reserved;
1470 int i;
1471
1472 if (this->exchange_type == EXCHANGE_TYPE_UNDEFINED)
1473 {
1474 DBG1(DBG_ENC, "exchange type is not defined");
1475 return INVALID_STATE;
1476 }
1477
1478 if (this->packet->get_source(this->packet) == NULL ||
1479 this->packet->get_destination(this->packet) == NULL)
1480 {
1481 DBG1(DBG_ENC, "source/destination not defined");
1482 return INVALID_STATE;
1483 }
1484
1485 this->rule = get_message_rule(this);
1486 if (!this->rule)
1487 {
1488 DBG1(DBG_ENC, "no message rules specified for this message type");
1489 return NOT_SUPPORTED;
1490 }
1491
1492 if (!this->sort_disabled)
1493 {
1494 order_payloads(this);
1495 }
1496 if (keymat && keymat->get_version(keymat) == IKEV1)
1497 {
1498 /* get a hash for this message, if any is required */
1499 if (keymat_v1->get_hash_phase2(keymat_v1, &this->public, &hash))
1500 { /* insert a HASH payload as first payload */
1501 hash_payload_t *hash_payload;
1502
1503 hash_payload = hash_payload_create(HASH_V1);
1504 hash_payload->set_hash(hash_payload, hash);
1505 this->payloads->insert_first(this->payloads, hash_payload);
1506 if (this->exchange_type == INFORMATIONAL_V1)
1507 {
1508 this->is_encrypted = encrypted = TRUE;
1509 }
1510 chunk_free(&hash);
1511 }
1512 }
1513 if (this->major_version == IKEV2_MAJOR_VERSION)
1514 {
1515 encrypted = this->rule->encrypted;
1516 }
1517 else if (!encrypted)
1518 {
1519 /* If at least one payload requires encryption, encrypt the message.
1520 * If no key material is available, the flag will be reset below. */
1521 enumerator = this->payloads->create_enumerator(this->payloads);
1522 while (enumerator->enumerate(enumerator, (void**)&payload))
1523 {
1524 payload_rule_t *rule;
1525
1526 rule = get_payload_rule(this, payload->get_type(payload));
1527 if (rule && rule->encrypted)
1528 {
1529 this->is_encrypted = encrypted = TRUE;
1530 break;
1531 }
1532 }
1533 enumerator->destroy(enumerator);
1534 }
1535
1536 DBG1(DBG_ENC, "generating %s", get_string(this, str, sizeof(str)));
1537
1538 if (keymat)
1539 {
1540 aead = keymat->get_aead(keymat, FALSE);
1541 }
1542 if (aead && encrypted)
1543 {
1544 encryption = wrap_payloads(this);
1545 }
1546 else
1547 {
1548 DBG2(DBG_ENC, "not encrypting payloads");
1549 this->is_encrypted = FALSE;
1550 }
1551
1552 ike_header = ike_header_create_version(this->major_version,
1553 this->minor_version);
1554 ike_header->set_exchange_type(ike_header, this->exchange_type);
1555 ike_header->set_message_id(ike_header, this->message_id);
1556 if (this->major_version == IKEV2_MAJOR_VERSION)
1557 {
1558 ike_header->set_response_flag(ike_header, !this->is_request);
1559 ike_header->set_version_flag(ike_header, this->version_flag);
1560 ike_header->set_initiator_flag(ike_header,
1561 this->ike_sa_id->is_initiator(this->ike_sa_id));
1562 }
1563 else
1564 {
1565 ike_header->set_encryption_flag(ike_header, this->is_encrypted);
1566 }
1567 ike_header->set_initiator_spi(ike_header,
1568 this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
1569 ike_header->set_responder_spi(ike_header,
1570 this->ike_sa_id->get_responder_spi(this->ike_sa_id));
1571
1572 for (i = 0; i < countof(this->reserved); i++)
1573 {
1574 reserved = payload_get_field(&ike_header->payload_interface,
1575 RESERVED_BIT, i);
1576 if (reserved)
1577 {
1578 *reserved = this->reserved[i];
1579 }
1580 }
1581
1582 generator = generator_create();
1583
1584 /* generate all payloads with proper next type */
1585 payload = (payload_t*)ike_header;
1586 enumerator = create_payload_enumerator(this);
1587 while (enumerator->enumerate(enumerator, &next))
1588 {
1589 payload->set_next_type(payload, next->get_type(next));
1590 generator->generate_payload(generator, payload);
1591 payload = next;
1592 }
1593 enumerator->destroy(enumerator);
1594 if (this->is_encrypted)
1595 { /* for encrypted IKEv1 messages */
1596 next_type = encryption->payload_interface.get_next_type(
1597 (payload_t*)encryption);
1598 }
1599 else
1600 {
1601 next_type = encryption ? ENCRYPTED : NO_PAYLOAD;
1602 }
1603 payload->set_next_type(payload, next_type);
1604 generator->generate_payload(generator, payload);
1605 ike_header->destroy(ike_header);
1606
1607 if (encryption)
1608 { /* set_transform() has to be called before get_length() */
1609 encryption->set_transform(encryption, aead);
1610 if (this->is_encrypted)
1611 { /* for IKEv1 instead of associated data we provide the IV */
1612 if (!keymat_v1->get_iv(keymat_v1, this->message_id, &chunk))
1613 {
1614 generator->destroy(generator);
1615 return FAILED;
1616 }
1617 }
1618 else
1619 { /* build associated data (without header of encryption payload) */
1620 chunk = generator->get_chunk(generator, &lenpos);
1621 /* fill in length, including encryption payload */
1622 htoun32(lenpos, chunk.len + encryption->get_length(encryption));
1623 }
1624 this->payloads->insert_last(this->payloads, encryption);
1625 if (encryption->encrypt(encryption, this->message_id, chunk) != SUCCESS)
1626 {
1627 generator->destroy(generator);
1628 return INVALID_STATE;
1629 }
1630 generator->generate_payload(generator, &encryption->payload_interface);
1631 }
1632 chunk = generator->get_chunk(generator, &lenpos);
1633 htoun32(lenpos, chunk.len);
1634 this->packet->set_data(this->packet, chunk_clone(chunk));
1635 if (this->is_encrypted)
1636 {
1637 /* update the IV for the next IKEv1 message */
1638 chunk_t last_block;
1639 size_t bs;
1640
1641 bs = aead->get_block_size(aead);
1642 last_block = chunk_create(chunk.ptr + chunk.len - bs, bs);
1643 if (!keymat_v1->update_iv(keymat_v1, this->message_id, last_block) ||
1644 !keymat_v1->confirm_iv(keymat_v1, this->message_id))
1645 {
1646 generator->destroy(generator);
1647 return FAILED;
1648 }
1649 }
1650 generator->destroy(generator);
1651 *packet = this->packet->clone(this->packet);
1652 return SUCCESS;
1653 }
1654
1655 METHOD(message_t, get_packet, packet_t*,
1656 private_message_t *this)
1657 {
1658 if (this->packet == NULL)
1659 {
1660 return NULL;
1661 }
1662 return this->packet->clone(this->packet);
1663 }
1664
1665 METHOD(message_t, get_packet_data, chunk_t,
1666 private_message_t *this)
1667 {
1668 if (this->packet == NULL)
1669 {
1670 return chunk_empty;
1671 }
1672 return this->packet->get_data(this->packet);
1673 }
1674
1675 METHOD(message_t, parse_header, status_t,
1676 private_message_t *this)
1677 {
1678 ike_header_t *ike_header;
1679 status_t status;
1680 bool *reserved;
1681 int i;
1682
1683 DBG2(DBG_ENC, "parsing header of message");
1684
1685 this->parser->reset_context(this->parser);
1686 status = this->parser->parse_payload(this->parser, HEADER,
1687 (payload_t**)&ike_header);
1688 if (status != SUCCESS)
1689 {
1690 DBG1(DBG_ENC, "header could not be parsed");
1691 return status;
1692
1693 }
1694
1695 status = ike_header->payload_interface.verify(
1696 &ike_header->payload_interface);
1697 if (status != SUCCESS)
1698 {
1699 DBG1(DBG_ENC, "header verification failed");
1700 ike_header->destroy(ike_header);
1701 return status;
1702 }
1703
1704 DESTROY_IF(this->ike_sa_id);
1705 this->ike_sa_id = ike_sa_id_create(
1706 ike_header->get_maj_version(ike_header),
1707 ike_header->get_initiator_spi(ike_header),
1708 ike_header->get_responder_spi(ike_header),
1709 ike_header->get_initiator_flag(ike_header));
1710
1711 this->exchange_type = ike_header->get_exchange_type(ike_header);
1712 this->message_id = ike_header->get_message_id(ike_header);
1713 this->major_version = ike_header->get_maj_version(ike_header);
1714 this->minor_version = ike_header->get_min_version(ike_header);
1715 if (this->major_version == IKEV2_MAJOR_VERSION)
1716 {
1717 this->is_request = !ike_header->get_response_flag(ike_header);
1718 }
1719 else
1720 {
1721 this->is_encrypted = ike_header->get_encryption_flag(ike_header);
1722 }
1723 this->first_payload = ike_header->payload_interface.get_next_type(
1724 &ike_header->payload_interface);
1725 if (this->first_payload == FRAGMENT_V1 && this->is_encrypted)
1726 { /* racoon sets the encryted bit when sending a fragment, but these
1727 * messages are really not encrypted */
1728 this->is_encrypted = FALSE;
1729 }
1730
1731 for (i = 0; i < countof(this->reserved); i++)
1732 {
1733 reserved = payload_get_field(&ike_header->payload_interface,
1734 RESERVED_BIT, i);
1735 if (reserved)
1736 {
1737 this->reserved[i] = *reserved;
1738 }
1739 }
1740 ike_header->destroy(ike_header);
1741
1742 DBG2(DBG_ENC, "parsed a %N %s header", exchange_type_names,
1743 this->exchange_type, this->major_version == IKEV1_MAJOR_VERSION ?
1744 "message" : (this->is_request ? "request" : "response"));
1745 return SUCCESS;
1746 }
1747
1748 /**
1749 * Check if a payload is for a mediation extension connectivity check
1750 */
1751 static bool is_connectivity_check(private_message_t *this, payload_t *payload)
1752 {
1753 #ifdef ME
1754 if (this->exchange_type == INFORMATIONAL &&
1755 payload->get_type(payload) == NOTIFY)
1756 {
1757 notify_payload_t *notify = (notify_payload_t*)payload;
1758
1759 switch (notify->get_notify_type(notify))
1760 {
1761 case ME_CONNECTID:
1762 case ME_ENDPOINT:
1763 case ME_CONNECTAUTH:
1764 return TRUE;
1765 default:
1766 break;
1767 }
1768 }
1769 #endif /* !ME */
1770 return FALSE;
1771 }
1772
1773 /**
1774 * Parses and verifies the unencrypted payloads contained in the message
1775 */
1776 static status_t parse_payloads(private_message_t *this)
1777 {
1778 payload_type_t type = this->first_payload;
1779 payload_t *payload;
1780 status_t status;
1781
1782 if (this->is_encrypted)
1783 { /* wrap the whole encrypted IKEv1 message in a special encryption
1784 * payload which is then handled just like a regular payload */
1785 encryption_payload_t *encryption;
1786
1787 status = this->parser->parse_payload(this->parser, ENCRYPTED_V1,
1788 (payload_t**)&encryption);
1789 if (status != SUCCESS)
1790 {
1791 DBG1(DBG_ENC, "failed to wrap encrypted IKEv1 message");
1792 return PARSE_ERROR;
1793 }
1794 encryption->payload_interface.set_next_type((payload_t*)encryption,
1795 this->first_payload);
1796 this->payloads->insert_last(this->payloads, encryption);
1797 return SUCCESS;
1798 }
1799
1800 while (type != NO_PAYLOAD)
1801 {
1802 DBG2(DBG_ENC, "starting parsing a %N payload",
1803 payload_type_names, type);
1804
1805 status = this->parser->parse_payload(this->parser, type, &payload);
1806 if (status != SUCCESS)
1807 {
1808 DBG1(DBG_ENC, "payload type %N could not be parsed",
1809 payload_type_names, type);
1810 return PARSE_ERROR;
1811 }
1812
1813 DBG2(DBG_ENC, "verifying payload of type %N", payload_type_names, type);
1814 status = payload->verify(payload);
1815 if (status != SUCCESS)
1816 {
1817 DBG1(DBG_ENC, "%N payload verification failed",
1818 payload_type_names, type);
1819 payload->destroy(payload);
1820 return VERIFY_ERROR;
1821 }
1822
1823 DBG2(DBG_ENC, "%N payload verified, adding to payload list",
1824 payload_type_names, type);
1825 this->payloads->insert_last(this->payloads, payload);
1826
1827 /* an encrypted payload is the last one, so STOP here. decryption is
1828 * done later */
1829 if (type == ENCRYPTED)
1830 {
1831 DBG2(DBG_ENC, "%N payload found, stop parsing",
1832 payload_type_names, type);
1833 break;
1834 }
1835 type = payload->get_next_type(payload);
1836 }
1837 return SUCCESS;
1838 }
1839
1840 /**
1841 * Decrypt an encrypted payload and extract all contained payloads.
1842 */
1843 static status_t decrypt_and_extract(private_message_t *this, keymat_t *keymat,
1844 payload_t *previous, encryption_payload_t *encryption)
1845 {
1846 payload_t *encrypted;
1847 payload_type_t type;
1848 chunk_t chunk;
1849 aead_t *aead;
1850 size_t bs;
1851 status_t status = SUCCESS;
1852
1853 if (!keymat)
1854 {
1855 DBG1(DBG_ENC, "found encrypted payload, but no keymat");
1856 return INVALID_ARG;
1857 }
1858 aead = keymat->get_aead(keymat, TRUE);
1859 if (!aead)
1860 {
1861 DBG1(DBG_ENC, "found encrypted payload, but no transform set");
1862 return INVALID_ARG;
1863 }
1864 bs = aead->get_block_size(aead);
1865 encryption->set_transform(encryption, aead);
1866 chunk = this->packet->get_data(this->packet);
1867 if (chunk.len < encryption->get_length(encryption) ||
1868 chunk.len < bs)
1869 {
1870 DBG1(DBG_ENC, "invalid payload length");
1871 return VERIFY_ERROR;
1872 }
1873 if (keymat->get_version(keymat) == IKEV1)
1874 { /* instead of associated data we provide the IV, we also update
1875 * the IV with the last encrypted block */
1876 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
1877 chunk_t iv;
1878
1879 if (keymat_v1->get_iv(keymat_v1, this->message_id, &iv))
1880 {
1881 status = encryption->decrypt(encryption, iv);
1882 if (status == SUCCESS)
1883 {
1884 if (!keymat_v1->update_iv(keymat_v1, this->message_id,
1885 chunk_create(chunk.ptr + chunk.len - bs, bs)))
1886 {
1887 status = FAILED;
1888 }
1889 }
1890 }
1891 else
1892 {
1893 status = FAILED;
1894 }
1895 }
1896 else
1897 {
1898 chunk.len -= encryption->get_length(encryption);
1899 status = encryption->decrypt(encryption, chunk);
1900 }
1901 if (status != SUCCESS)
1902 {
1903 return status;
1904 }
1905
1906 while ((encrypted = encryption->remove_payload(encryption)))
1907 {
1908 type = encrypted->get_type(encrypted);
1909 if (previous)
1910 {
1911 previous->set_next_type(previous, type);
1912 }
1913 else
1914 {
1915 this->first_payload = type;
1916 }
1917 DBG2(DBG_ENC, "insert decrypted payload of type %N at end of list",
1918 payload_type_names, type);
1919 this->payloads->insert_last(this->payloads, encrypted);
1920 previous = encrypted;
1921 }
1922 return SUCCESS;
1923 }
1924
1925 /**
1926 * Decrypt payload from the encryption payload
1927 */
1928 static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
1929 {
1930 payload_t *payload, *previous = NULL;
1931 enumerator_t *enumerator;
1932 payload_rule_t *rule;
1933 payload_type_t type;
1934 status_t status = SUCCESS;
1935 bool was_encrypted = FALSE;
1936
1937 enumerator = this->payloads->create_enumerator(this->payloads);
1938 while (enumerator->enumerate(enumerator, &payload))
1939 {
1940 type = payload->get_type(payload);
1941
1942 DBG2(DBG_ENC, "process payload of type %N", payload_type_names, type);
1943
1944 if (type == ENCRYPTED || type == ENCRYPTED_V1)
1945 {
1946 encryption_payload_t *encryption;
1947
1948 if (was_encrypted)
1949 {
1950 DBG1(DBG_ENC, "encrypted payload can't contain other payloads "
1951 "of type %N", payload_type_names, type);
1952 status = VERIFY_ERROR;
1953 break;
1954 }
1955
1956 DBG2(DBG_ENC, "found an encrypted payload");
1957 encryption = (encryption_payload_t*)payload;
1958 this->payloads->remove_at(this->payloads, enumerator);
1959
1960 if (enumerator->enumerate(enumerator, NULL))
1961 {
1962 DBG1(DBG_ENC, "encrypted payload is not last payload");
1963 encryption->destroy(encryption);
1964 status = VERIFY_ERROR;
1965 break;
1966 }
1967 status = decrypt_and_extract(this, keymat, previous, encryption);
1968 encryption->destroy(encryption);
1969 if (status != SUCCESS)
1970 {
1971 break;
1972 }
1973 was_encrypted = TRUE;
1974 }
1975
1976 if (payload_is_known(type) && !was_encrypted &&
1977 !is_connectivity_check(this, payload) &&
1978 this->exchange_type != AGGRESSIVE)
1979 {
1980 rule = get_payload_rule(this, type);
1981 if (!rule || rule->encrypted)
1982 {
1983 DBG1(DBG_ENC, "payload type %N was not encrypted",
1984 payload_type_names, type);
1985 status = FAILED;
1986 break;
1987 }
1988 }
1989 previous = payload;
1990 }
1991 enumerator->destroy(enumerator);
1992 return status;
1993 }
1994
1995 /**
1996 * Verify a message and all payload according to message/payload rules
1997 */
1998 static status_t verify(private_message_t *this)
1999 {
2000 bool complete = FALSE;
2001 int i;
2002
2003 DBG2(DBG_ENC, "verifying message structure");
2004
2005 /* check for payloads with wrong count */
2006 for (i = 0; i < this->rule->rule_count; i++)
2007 {
2008 enumerator_t *enumerator;
2009 payload_t *payload;
2010 payload_rule_t *rule;
2011 int found = 0;
2012
2013 rule = &this->rule->rules[i];
2014 enumerator = create_payload_enumerator(this);
2015 while (enumerator->enumerate(enumerator, &payload))
2016 {
2017 payload_type_t type;
2018
2019 type = payload->get_type(payload);
2020 if (type == rule->type)
2021 {
2022 found++;
2023 DBG2(DBG_ENC, "found payload of type %N",
2024 payload_type_names, type);
2025 if (found > rule->max_occurence)
2026 {
2027 DBG1(DBG_ENC, "payload of type %N more than %d times (%d) "
2028 "occurred in current message", payload_type_names,
2029 type, rule->max_occurence, found);
2030 enumerator->destroy(enumerator);
2031 return VERIFY_ERROR;
2032 }
2033 }
2034 }
2035 enumerator->destroy(enumerator);
2036
2037 if (!complete && found < rule->min_occurence)
2038 {
2039 DBG1(DBG_ENC, "payload of type %N not occurred %d times (%d)",
2040 payload_type_names, rule->type, rule->min_occurence, found);
2041 return VERIFY_ERROR;
2042 }
2043 if (found && rule->sufficient)
2044 {
2045 complete = TRUE;
2046 }
2047 }
2048 return SUCCESS;
2049 }
2050
2051 METHOD(message_t, parse_body, status_t,
2052 private_message_t *this, keymat_t *keymat)
2053 {
2054 status_t status = SUCCESS;
2055 char str[BUF_LEN];
2056
2057 DBG2(DBG_ENC, "parsing body of message, first payload is %N",
2058 payload_type_names, this->first_payload);
2059
2060 this->rule = get_message_rule(this);
2061 if (!this->rule)
2062 {
2063 DBG1(DBG_ENC, "no message rules specified for a %N %s",
2064 exchange_type_names, this->exchange_type,
2065 this->is_request ? "request" : "response");
2066 return NOT_SUPPORTED;
2067 }
2068
2069 status = parse_payloads(this);
2070 if (status != SUCCESS)
2071 { /* error is already logged */
2072 return status;
2073 }
2074
2075 status = decrypt_payloads(this, keymat);
2076 if (status != SUCCESS)
2077 {
2078 DBG1(DBG_ENC, "could not decrypt payloads");
2079 return status;
2080 }
2081
2082 status = verify(this);
2083 if (status != SUCCESS)
2084 {
2085 return status;
2086 }
2087
2088 DBG1(DBG_ENC, "parsed %s", get_string(this, str, sizeof(str)));
2089
2090 if (keymat && keymat->get_version(keymat) == IKEV1)
2091 {
2092 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
2093 chunk_t hash;
2094
2095 if (keymat_v1->get_hash_phase2(keymat_v1, &this->public, &hash))
2096 {
2097 hash_payload_t *hash_payload;
2098 chunk_t other_hash;
2099
2100 if (this->first_payload != HASH_V1)
2101 {
2102 if (this->exchange_type == INFORMATIONAL_V1)
2103 {
2104 DBG1(DBG_ENC, "ignoring unprotected INFORMATIONAL from %H",
2105 this->packet->get_source(this->packet));
2106 }
2107 else
2108 {
2109 DBG1(DBG_ENC, "expected HASH payload as first payload");
2110 }
2111 chunk_free(&hash);
2112 return VERIFY_ERROR;
2113 }
2114 hash_payload = (hash_payload_t*)get_payload(this, HASH_V1);
2115 other_hash = hash_payload->get_hash(hash_payload);
2116 DBG3(DBG_ENC, "HASH received %B\nHASH expected %B",
2117 &other_hash, &hash);
2118 if (!chunk_equals(hash, other_hash))
2119 {
2120 DBG1(DBG_ENC, "received HASH payload does not match");
2121 chunk_free(&hash);
2122 return FAILED;
2123 }
2124 chunk_free(&hash);
2125 }
2126 if (this->is_encrypted)
2127 { /* message verified, confirm IV */
2128 if (!keymat_v1->confirm_iv(keymat_v1, this->message_id))
2129 {
2130 return FAILED;
2131 }
2132 }
2133 }
2134 return SUCCESS;
2135 }
2136
2137 METHOD(message_t, destroy, void,
2138 private_message_t *this)
2139 {
2140 DESTROY_IF(this->ike_sa_id);
2141 this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
2142 this->packet->destroy(this->packet);
2143 this->parser->destroy(this->parser);
2144 free(this);
2145 }
2146
2147 /*
2148 * Described in header.
2149 */
2150 message_t *message_create_from_packet(packet_t *packet)
2151 {
2152 private_message_t *this;
2153
2154 INIT(this,
2155 .public = {
2156 .set_major_version = _set_major_version,
2157 .get_major_version = _get_major_version,
2158 .set_minor_version = _set_minor_version,
2159 .get_minor_version = _get_minor_version,
2160 .set_message_id = _set_message_id,
2161 .get_message_id = _get_message_id,
2162 .get_initiator_spi = _get_initiator_spi,
2163 .get_responder_spi = _get_responder_spi,
2164 .set_ike_sa_id = _set_ike_sa_id,
2165 .get_ike_sa_id = _get_ike_sa_id,
2166 .set_exchange_type = _set_exchange_type,
2167 .get_exchange_type = _get_exchange_type,
2168 .get_first_payload_type = _get_first_payload_type,
2169 .set_request = _set_request,
2170 .get_request = _get_request,
2171 .set_version_flag = _set_version_flag,
2172 .get_reserved_header_bit = _get_reserved_header_bit,
2173 .set_reserved_header_bit = _set_reserved_header_bit,
2174 .add_payload = _add_payload,
2175 .add_notify = _add_notify,
2176 .disable_sort = _disable_sort,
2177 .generate = _generate,
2178 .is_encoded = _is_encoded,
2179 .set_source = _set_source,
2180 .get_source = _get_source,
2181 .set_destination = _set_destination,
2182 .get_destination = _get_destination,
2183 .create_payload_enumerator = _create_payload_enumerator,
2184 .remove_payload_at = _remove_payload_at,
2185 .get_payload = _get_payload,
2186 .get_notify = _get_notify,
2187 .parse_header = _parse_header,
2188 .parse_body = _parse_body,
2189 .get_packet = _get_packet,
2190 .get_packet_data = _get_packet_data,
2191 .destroy = _destroy,
2192 },
2193 .exchange_type = EXCHANGE_TYPE_UNDEFINED,
2194 .is_request = TRUE,
2195 .first_payload = NO_PAYLOAD,
2196 .packet = packet,
2197 .payloads = linked_list_create(),
2198 .parser = parser_create(packet->get_data(packet)),
2199 );
2200
2201 return &this->public;
2202 }
2203
2204 /*
2205 * Described in header.
2206 */
2207 message_t *message_create(int major, int minor)
2208 {
2209 message_t *this = message_create_from_packet(packet_create());
2210
2211 this->set_major_version(this, major);
2212 this->set_minor_version(this, minor);
2213
2214 return this;
2215 }