d088a7bf7e85aed49833423d270232de0b6ea230
[strongswan.git] / src / libcharon / encoding / message.c
1 /*
2 * Copyright (C) 2006-2011 Tobias Brunner
3 * Copyright (C) 2005-2010 Martin Willi
4 * Copyright (C) 2010 revosec AG
5 * Copyright (C) 2006 Daniel Roethlisberger
6 * Copyright (C) 2005 Jan Hutter
7 * Hochschule fuer Technik Rapperswil
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * for more details.
18 */
19
20 #include <stdlib.h>
21 #include <string.h>
22
23 #include "message.h"
24
25 #include <library.h>
26 #include <daemon.h>
27 #include <sa/keymat_v1.h>
28 #include <encoding/generator.h>
29 #include <encoding/parser.h>
30 #include <encoding/payloads/encodings.h>
31 #include <encoding/payloads/payload.h>
32 #include <encoding/payloads/encryption_payload.h>
33 #include <encoding/payloads/unknown_payload.h>
34 #include <encoding/payloads/cp_payload.h>
35
36 /**
37 * Max number of notify payloads per IKEv2 message
38 */
39 #define MAX_NOTIFY_PAYLOADS 20
40
41 /**
42 * Max number of delete payloads per IKEv2 message
43 */
44 #define MAX_DELETE_PAYLOADS 20
45
46 /**
47 * Max number of certificate payloads per IKEv2 message
48 */
49 #define MAX_CERT_PAYLOADS 8
50
51 /**
52 * Max number of vendor ID payloads per IKEv2 message
53 */
54 #define MAX_VID_PAYLOADS 20
55
56 /**
57 * Max number of certificate request payloads per IKEv1 message
58 */
59 #define MAX_CERTREQ_PAYLOADS 5
60
61 /**
62 * A payload rule defines the rules for a payload
63 * in a specific message rule. It defines if and how
64 * many times a payload must/can occur in a message
65 * and if it must be encrypted.
66 */
67 typedef struct {
68 /* Payload type */
69 payload_type_t type;
70 /* Minimal occurrence of this payload. */
71 size_t min_occurence;
72 /* Max occurrence of this payload. */
73 size_t max_occurence;
74 /* TRUE if payload must be encrypted */
75 bool encrypted;
76 /* If payload occurs, the message rule is fulfilled */
77 bool sufficient;
78 } payload_rule_t;
79
80 /**
81 * payload ordering structure allows us to reorder payloads according to RFC.
82 */
83 typedef struct {
84 /** payload type */
85 payload_type_t type;
86 /** notify type, if payload == NOTIFY */
87 notify_type_t notify;
88 } payload_order_t;
89
90 /**
91 * A message rule defines the kind of a message,
92 * if it has encrypted contents and a list
93 * of payload ordering rules and payload parsing rules.
94 */
95 typedef struct {
96 /** Type of message. */
97 exchange_type_t exchange_type;
98 /** Is message a request or response. */
99 bool is_request;
100 /** Message contains encrypted payloads. */
101 bool encrypted;
102 /** Number of payload rules which will follow */
103 int rule_count;
104 /** Pointer to first payload rule */
105 payload_rule_t *rules;
106 /** Number of payload order rules */
107 int order_count;
108 /** payload ordering rules */
109 payload_order_t *order;
110 } message_rule_t;
111
112 /**
113 * Message rule for IKE_SA_INIT from initiator.
114 */
115 static payload_rule_t ike_sa_init_i_rules[] = {
116 /* payload type min max encr suff */
117 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
118 {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
119 {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
120 {NONCE, 1, 1, FALSE, FALSE},
121 {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
122 };
123
124 /**
125 * payload order for IKE_SA_INIT initiator
126 */
127 static payload_order_t ike_sa_init_i_order[] = {
128 /* payload type notify type */
129 {NOTIFY, COOKIE},
130 {SECURITY_ASSOCIATION, 0},
131 {KEY_EXCHANGE, 0},
132 {NONCE, 0},
133 {NOTIFY, NAT_DETECTION_SOURCE_IP},
134 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
135 {NOTIFY, 0},
136 {VENDOR_ID, 0},
137 };
138
139 /**
140 * Message rule for IKE_SA_INIT from responder.
141 */
142 static payload_rule_t ike_sa_init_r_rules[] = {
143 /* payload type min max encr suff */
144 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, TRUE},
145 {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
146 {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
147 {NONCE, 1, 1, FALSE, FALSE},
148 {CERTIFICATE_REQUEST, 0, 1, FALSE, FALSE},
149 {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
150 };
151
152 /**
153 * payload order for IKE_SA_INIT responder
154 */
155 static payload_order_t ike_sa_init_r_order[] = {
156 /* payload type notify type */
157 {SECURITY_ASSOCIATION, 0},
158 {KEY_EXCHANGE, 0},
159 {NONCE, 0},
160 {NOTIFY, NAT_DETECTION_SOURCE_IP},
161 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
162 {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
163 {CERTIFICATE_REQUEST, 0},
164 {NOTIFY, 0},
165 {VENDOR_ID, 0},
166 };
167
168 /**
169 * Message rule for IKE_AUTH from initiator.
170 */
171 static payload_rule_t ike_auth_i_rules[] = {
172 /* payload type min max encr suff */
173 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
174 {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
175 {AUTHENTICATION, 0, 1, TRUE, TRUE},
176 {ID_INITIATOR, 0, 1, TRUE, FALSE},
177 {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
178 {CERTIFICATE_REQUEST, 0, 1, TRUE, FALSE},
179 {ID_RESPONDER, 0, 1, TRUE, FALSE},
180 #ifdef ME
181 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
182 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
183 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
184 #else
185 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
186 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
187 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
188 #endif /* ME */
189 {CONFIGURATION, 0, 1, TRUE, FALSE},
190 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
191 };
192
193 /**
194 * payload order for IKE_AUTH initiator
195 */
196 static payload_order_t ike_auth_i_order[] = {
197 /* payload type notify type */
198 {ID_INITIATOR, 0},
199 {CERTIFICATE, 0},
200 {NOTIFY, INITIAL_CONTACT},
201 {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
202 {CERTIFICATE_REQUEST, 0},
203 {ID_RESPONDER, 0},
204 {AUTHENTICATION, 0},
205 {EXTENSIBLE_AUTHENTICATION, 0},
206 {CONFIGURATION, 0},
207 {NOTIFY, IPCOMP_SUPPORTED},
208 {NOTIFY, USE_TRANSPORT_MODE},
209 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
210 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
211 {SECURITY_ASSOCIATION, 0},
212 {TRAFFIC_SELECTOR_INITIATOR, 0},
213 {TRAFFIC_SELECTOR_RESPONDER, 0},
214 {NOTIFY, MOBIKE_SUPPORTED},
215 {NOTIFY, ADDITIONAL_IP4_ADDRESS},
216 {NOTIFY, ADDITIONAL_IP6_ADDRESS},
217 {NOTIFY, NO_ADDITIONAL_ADDRESSES},
218 {NOTIFY, 0},
219 {VENDOR_ID, 0},
220 };
221
222 /**
223 * Message rule for IKE_AUTH from responder.
224 */
225 static payload_rule_t ike_auth_r_rules[] = {
226 /* payload type min max encr suff */
227 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
228 {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
229 {AUTHENTICATION, 0, 1, TRUE, TRUE},
230 {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
231 {ID_RESPONDER, 0, 1, TRUE, FALSE},
232 {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
233 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
234 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
235 {CONFIGURATION, 0, 1, TRUE, FALSE},
236 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
237 };
238
239 /**
240 * payload order for IKE_AUTH responder
241 */
242 static payload_order_t ike_auth_r_order[] = {
243 /* payload type notify type */
244 {ID_RESPONDER, 0},
245 {CERTIFICATE, 0},
246 {AUTHENTICATION, 0},
247 {EXTENSIBLE_AUTHENTICATION, 0},
248 {CONFIGURATION, 0},
249 {NOTIFY, IPCOMP_SUPPORTED},
250 {NOTIFY, USE_TRANSPORT_MODE},
251 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
252 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
253 {SECURITY_ASSOCIATION, 0},
254 {TRAFFIC_SELECTOR_INITIATOR, 0},
255 {TRAFFIC_SELECTOR_RESPONDER, 0},
256 {NOTIFY, AUTH_LIFETIME},
257 {NOTIFY, MOBIKE_SUPPORTED},
258 {NOTIFY, ADDITIONAL_IP4_ADDRESS},
259 {NOTIFY, ADDITIONAL_IP6_ADDRESS},
260 {NOTIFY, NO_ADDITIONAL_ADDRESSES},
261 {NOTIFY, 0},
262 {VENDOR_ID, 0},
263 };
264
265 /**
266 * Message rule for INFORMATIONAL from initiator.
267 */
268 static payload_rule_t informational_i_rules[] = {
269 /* payload type min max encr suff */
270 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
271 {CONFIGURATION, 0, 1, TRUE, FALSE},
272 {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
273 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
274 };
275
276 /**
277 * payload order for INFORMATIONAL initiator
278 */
279 static payload_order_t informational_i_order[] = {
280 /* payload type notify type */
281 {NOTIFY, UPDATE_SA_ADDRESSES},
282 {NOTIFY, NAT_DETECTION_SOURCE_IP},
283 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
284 {NOTIFY, COOKIE2},
285 {NOTIFY, 0},
286 {DELETE, 0},
287 {CONFIGURATION, 0},
288 };
289
290 /**
291 * Message rule for INFORMATIONAL from responder.
292 */
293 static payload_rule_t informational_r_rules[] = {
294 /* payload type min max encr suff */
295 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
296 {CONFIGURATION, 0, 1, TRUE, FALSE},
297 {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
298 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
299 };
300
301 /**
302 * payload order for INFORMATIONAL responder
303 */
304 static payload_order_t informational_r_order[] = {
305 /* payload type notify type */
306 {NOTIFY, UPDATE_SA_ADDRESSES},
307 {NOTIFY, NAT_DETECTION_SOURCE_IP},
308 {NOTIFY, NAT_DETECTION_DESTINATION_IP},
309 {NOTIFY, COOKIE2},
310 {NOTIFY, 0},
311 {DELETE, 0},
312 {CONFIGURATION, 0},
313 };
314
315 /**
316 * Message rule for CREATE_CHILD_SA from initiator.
317 */
318 static payload_rule_t create_child_sa_i_rules[] = {
319 /* payload type min max encr suff */
320 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
321 {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
322 {NONCE, 1, 1, TRUE, FALSE},
323 {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
324 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
325 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
326 {CONFIGURATION, 0, 1, TRUE, FALSE},
327 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
328 };
329
330 /**
331 * payload order for CREATE_CHILD_SA from initiator.
332 */
333 static payload_order_t create_child_sa_i_order[] = {
334 /* payload type notify type */
335 {NOTIFY, REKEY_SA},
336 {NOTIFY, IPCOMP_SUPPORTED},
337 {NOTIFY, USE_TRANSPORT_MODE},
338 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
339 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
340 {SECURITY_ASSOCIATION, 0},
341 {NONCE, 0},
342 {KEY_EXCHANGE, 0},
343 {TRAFFIC_SELECTOR_INITIATOR, 0},
344 {TRAFFIC_SELECTOR_RESPONDER, 0},
345 {NOTIFY, 0},
346 };
347
348 /**
349 * Message rule for CREATE_CHILD_SA from responder.
350 */
351 static payload_rule_t create_child_sa_r_rules[] = {
352 /* payload type min max encr suff */
353 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
354 {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
355 {NONCE, 1, 1, TRUE, FALSE},
356 {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
357 {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
358 {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
359 {CONFIGURATION, 0, 1, TRUE, FALSE},
360 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
361 };
362
363 /**
364 * payload order for CREATE_CHILD_SA from responder.
365 */
366 static payload_order_t create_child_sa_r_order[] = {
367 /* payload type notify type */
368 {NOTIFY, IPCOMP_SUPPORTED},
369 {NOTIFY, USE_TRANSPORT_MODE},
370 {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
371 {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
372 {SECURITY_ASSOCIATION, 0},
373 {NONCE, 0},
374 {KEY_EXCHANGE, 0},
375 {TRAFFIC_SELECTOR_INITIATOR, 0},
376 {TRAFFIC_SELECTOR_RESPONDER, 0},
377 {NOTIFY, ADDITIONAL_TS_POSSIBLE},
378 {NOTIFY, 0},
379 };
380
381 #ifdef ME
382 /**
383 * Message rule for ME_CONNECT from initiator.
384 */
385 static payload_rule_t me_connect_i_rules[] = {
386 /* payload type min max encr suff */
387 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
388 {ID_PEER, 1, 1, TRUE, FALSE},
389 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
390 };
391
392 /**
393 * payload order for ME_CONNECT from initiator.
394 */
395 static payload_order_t me_connect_i_order[] = {
396 /* payload type notify type */
397 {NOTIFY, 0},
398 {ID_PEER, 0},
399 {VENDOR_ID, 0},
400 };
401
402 /**
403 * Message rule for ME_CONNECT from responder.
404 */
405 static payload_rule_t me_connect_r_rules[] = {
406 /* payload type min max encr suff */
407 {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
408 {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
409 };
410
411 /**
412 * payload order for ME_CONNECT from responder.
413 */
414 static payload_order_t me_connect_r_order[] = {
415 /* payload type notify type */
416 {NOTIFY, 0},
417 {VENDOR_ID, 0},
418 };
419 #endif /* ME */
420
421 #ifdef USE_IKEV1
422 /**
423 * Message rule for ID_PROT from initiator.
424 */
425 static payload_rule_t id_prot_i_rules[] = {
426 /* payload type min max encr suff */
427 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
428 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
429 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
430 {NONCE_V1, 0, 1, FALSE, FALSE},
431 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
432 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
433 {ID_V1, 0, 1, TRUE, FALSE},
434 {CERTIFICATE_V1, 0, 1, TRUE, FALSE},
435 {SIGNATURE_V1, 0, 1, TRUE, FALSE},
436 {HASH_V1, 0, 1, TRUE, FALSE},
437 };
438
439 /**
440 * payload order for ID_PROT from initiator.
441 */
442 static payload_order_t id_prot_i_order[] = {
443 /* payload type notify type */
444 {SECURITY_ASSOCIATION_V1, 0},
445 {KEY_EXCHANGE_V1, 0},
446 {NONCE_V1, 0},
447 {ID_V1, 0},
448 {CERTIFICATE_V1, 0},
449 {SIGNATURE_V1, 0},
450 {HASH_V1, 0},
451 {CERTIFICATE_REQUEST_V1, 0},
452 {NOTIFY_V1, 0},
453 {VENDOR_ID_V1, 0},
454 };
455
456 /**
457 * Message rule for ID_PROT from responder.
458 */
459 static payload_rule_t id_prot_r_rules[] = {
460 /* payload type min max encr suff */
461 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
462 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
463 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
464 {NONCE_V1, 0, 1, FALSE, FALSE},
465 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
466 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
467 {ID_V1, 0, 1, TRUE, FALSE},
468 {CERTIFICATE_V1, 0, 1, TRUE, FALSE},
469 {SIGNATURE_V1, 0, 1, TRUE, FALSE},
470 {HASH_V1, 0, 1, TRUE, FALSE},
471 };
472
473 /**
474 * payload order for ID_PROT from responder.
475 */
476 static payload_order_t id_prot_r_order[] = {
477 /* payload type notify type */
478 {SECURITY_ASSOCIATION_V1, 0},
479 {KEY_EXCHANGE_V1, 0},
480 {NONCE_V1, 0},
481 {ID_V1, 0},
482 {CERTIFICATE_V1, 0},
483 {SIGNATURE_V1, 0},
484 {HASH_V1, 0},
485 {CERTIFICATE_REQUEST_V1, 0},
486 {NOTIFY_V1, 0},
487 {VENDOR_ID_V1, 0},
488 };
489
490 /**
491 * Message rule for AGGRESSIVE from initiator.
492 */
493 static payload_rule_t aggressive_i_rules[] = {
494 /* payload type min max encr suff */
495 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
496 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
497 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
498 {NONCE_V1, 0, 1, FALSE, FALSE},
499 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
500 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
501 {ID_V1, 0, 1, FALSE, FALSE},
502 {CERTIFICATE_V1, 0, 1, FALSE, FALSE},
503 {SIGNATURE_V1, 0, 1, FALSE, FALSE},
504 {HASH_V1, 0, 1, FALSE, FALSE},
505 };
506
507 /**
508 * payload order for AGGRESSIVE from initiator.
509 */
510 static payload_order_t aggressive_i_order[] = {
511 /* payload type notify type */
512 {SECURITY_ASSOCIATION_V1, 0},
513 {KEY_EXCHANGE_V1, 0},
514 {NONCE_V1, 0},
515 {ID_V1, 0},
516 {CERTIFICATE_V1, 0},
517 {SIGNATURE_V1, 0},
518 {HASH_V1, 0},
519 {CERTIFICATE_REQUEST_V1, 0},
520 {NOTIFY_V1, 0},
521 {VENDOR_ID_V1, 0},
522 };
523
524 /**
525 * Message rule for AGGRESSIVE from responder.
526 */
527 static payload_rule_t aggressive_r_rules[] = {
528 /* payload type min max encr suff */
529 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
530 {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
531 {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
532 {NONCE_V1, 0, 1, FALSE, FALSE},
533 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
534 {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
535 {ID_V1, 0, 1, FALSE, FALSE},
536 {CERTIFICATE_V1, 0, 1, FALSE, FALSE},
537 {SIGNATURE_V1, 0, 1, FALSE, FALSE},
538 {HASH_V1, 0, 1, FALSE, FALSE},
539 };
540
541 /**
542 * payload order for AGGRESSIVE from responder.
543 */
544 static payload_order_t aggressive_r_order[] = {
545 /* payload type notify type */
546 {SECURITY_ASSOCIATION_V1, 0},
547 {KEY_EXCHANGE_V1, 0},
548 {NONCE_V1, 0},
549 {ID_V1, 0},
550 {CERTIFICATE_V1, 0},
551 {SIGNATURE_V1, 0},
552 {HASH_V1, 0},
553 {CERTIFICATE_REQUEST_V1, 0},
554 {NOTIFY_V1, 0},
555 {VENDOR_ID_V1, 0},
556 };
557
558 /**
559 * Message rule for INFORMATIONAL_V1 from initiator.
560 */
561 static payload_rule_t informational_i_rules_v1[] = {
562 /* payload type min max encr suff */
563 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
564 {DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
565 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
566 };
567
568 /**
569 * payload order for INFORMATIONAL_V1 from initiator.
570 */
571 static payload_order_t informational_i_order_v1[] = {
572 /* payload type notify type */
573 {NOTIFY_V1, 0},
574 {DELETE_V1, 0},
575 {VENDOR_ID_V1, 0},
576 };
577
578 /**
579 * Message rule for QUICK_MODE from initiator.
580 */
581 static payload_rule_t quick_mode_i_rules[] = {
582 /* payload type min max encr suff */
583 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
584 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
585 {HASH_V1, 0, 1, TRUE, FALSE},
586 {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
587 {NONCE_V1, 0, 1, TRUE, FALSE},
588 {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
589 {ID_V1, 0, 2, TRUE, FALSE},
590 };
591
592 /**
593 * payload order for QUICK_MODE from initiator.
594 */
595 static payload_order_t quick_mode_i_order[] = {
596 /* payload type notify type */
597 {NOTIFY_V1, 0},
598 {VENDOR_ID_V1, 0},
599 {HASH_V1, 0},
600 {SECURITY_ASSOCIATION_V1, 0},
601 {NONCE_V1, 0},
602 {KEY_EXCHANGE_V1, 0},
603 {ID_V1, 0},
604 };
605
606 /**
607 * Message rule for QUICK_MODE from responder.
608 */
609 static payload_rule_t quick_mode_r_rules[] = {
610 /* payload type min max encr suff */
611 {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
612 {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
613 {HASH_V1, 0, 1, TRUE, FALSE},
614 {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
615 {NONCE_V1, 0, 1, TRUE, FALSE},
616 {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
617 {ID_V1, 0, 2, TRUE, FALSE},
618 };
619
620 /**
621 * payload order for QUICK_MODE from responder.
622 */
623 static payload_order_t quick_mode_r_order[] = {
624 /* payload type notify type */
625 {NOTIFY_V1, 0},
626 {VENDOR_ID_V1, 0},
627 {HASH_V1, 0},
628 {SECURITY_ASSOCIATION_V1, 0},
629 {NONCE_V1, 0},
630 {KEY_EXCHANGE_V1, 0},
631 {ID_V1, 0},
632 };
633
634 #endif /* USE_IKEV1 */
635
636 /**
637 * Message rules, defines allowed payloads.
638 */
639 static message_rule_t message_rules[] = {
640 {IKE_SA_INIT, TRUE, FALSE,
641 countof(ike_sa_init_i_rules), ike_sa_init_i_rules,
642 countof(ike_sa_init_i_order), ike_sa_init_i_order,
643 },
644 {IKE_SA_INIT, FALSE, FALSE,
645 countof(ike_sa_init_r_rules), ike_sa_init_r_rules,
646 countof(ike_sa_init_r_order), ike_sa_init_r_order,
647 },
648 {IKE_AUTH, TRUE, TRUE,
649 countof(ike_auth_i_rules), ike_auth_i_rules,
650 countof(ike_auth_i_order), ike_auth_i_order,
651 },
652 {IKE_AUTH, FALSE, TRUE,
653 countof(ike_auth_r_rules), ike_auth_r_rules,
654 countof(ike_auth_r_order), ike_auth_r_order,
655 },
656 {INFORMATIONAL, TRUE, TRUE,
657 countof(informational_i_rules), informational_i_rules,
658 countof(informational_i_order), informational_i_order,
659 },
660 {INFORMATIONAL, FALSE, TRUE,
661 countof(informational_r_rules), informational_r_rules,
662 countof(informational_r_order), informational_r_order,
663 },
664 {CREATE_CHILD_SA, TRUE, TRUE,
665 countof(create_child_sa_i_rules), create_child_sa_i_rules,
666 countof(create_child_sa_i_order), create_child_sa_i_order,
667 },
668 {CREATE_CHILD_SA, FALSE, TRUE,
669 countof(create_child_sa_r_rules), create_child_sa_r_rules,
670 countof(create_child_sa_r_order), create_child_sa_r_order,
671 },
672 #ifdef ME
673 {ME_CONNECT, TRUE, TRUE,
674 countof(me_connect_i_rules), me_connect_i_rules,
675 countof(me_connect_i_order), me_connect_i_order,
676 },
677 {ME_CONNECT, FALSE, TRUE,
678 countof(me_connect_r_rules), me_connect_r_rules,
679 countof(me_connect_r_order), me_connect_r_order,
680 },
681 #endif /* ME */
682 #ifdef USE_IKEV1
683 {ID_PROT, TRUE, FALSE,
684 countof(id_prot_i_rules), id_prot_i_rules,
685 countof(id_prot_i_order), id_prot_i_order,
686 },
687 {ID_PROT, FALSE, FALSE,
688 countof(id_prot_r_rules), id_prot_r_rules,
689 countof(id_prot_r_order), id_prot_r_order,
690 },
691 {AGGRESSIVE, TRUE, FALSE,
692 countof(aggressive_i_rules), aggressive_i_rules,
693 countof(aggressive_i_order), aggressive_i_order,
694 },
695 {AGGRESSIVE, FALSE, FALSE,
696 countof(aggressive_r_rules), aggressive_r_rules,
697 countof(aggressive_r_order), aggressive_r_order,
698 },
699 {INFORMATIONAL_V1, TRUE, TRUE,
700 countof(informational_i_rules_v1), informational_i_rules_v1,
701 countof(informational_i_order_v1), informational_i_order_v1,
702 },
703 {QUICK_MODE, TRUE, TRUE,
704 countof(quick_mode_i_rules), quick_mode_i_rules,
705 countof(quick_mode_i_order), quick_mode_i_order,
706 },
707 {QUICK_MODE, FALSE, TRUE,
708 countof(quick_mode_r_rules), quick_mode_r_rules,
709 countof(quick_mode_r_order), quick_mode_r_order,
710 },
711 /* TODO-IKEv1: define rules for other exchanges */
712 #endif /* USE_IKEV1 */
713 };
714
715
716 typedef struct private_message_t private_message_t;
717
718 /**
719 * Private data of an message_t object.
720 */
721 struct private_message_t {
722
723 /**
724 * Public part of a message_t object.
725 */
726 message_t public;
727
728 /**
729 * Minor version of message.
730 */
731 u_int8_t major_version;
732
733 /**
734 * Major version of message.
735 */
736 u_int8_t minor_version;
737
738 /**
739 * First Payload in message.
740 */
741 payload_type_t first_payload;
742
743 /**
744 * Assigned exchange type.
745 */
746 exchange_type_t exchange_type;
747
748 /**
749 * TRUE if message is a request, FALSE if a reply.
750 */
751 bool is_request;
752
753 /**
754 * The message is encrypted (IKEv1)
755 */
756 bool is_encrypted;
757
758 /**
759 * Higher version supported?
760 */
761 bool version_flag;
762
763 /**
764 * Reserved bits in IKE header
765 */
766 bool reserved[2];
767
768 /**
769 * Sorting of message disabled?
770 */
771 bool sort_disabled;
772
773 /**
774 * Message ID of this message.
775 */
776 u_int32_t message_id;
777
778 /**
779 * ID of assigned IKE_SA.
780 */
781 ike_sa_id_t *ike_sa_id;
782
783 /**
784 * Assigned UDP packet, stores incoming packet or last generated one.
785 */
786 packet_t *packet;
787
788 /**
789 * Linked List where payload data are stored in.
790 */
791 linked_list_t *payloads;
792
793 /**
794 * Assigned parser to parse Header and Body of this message.
795 */
796 parser_t *parser;
797
798 /**
799 * The message rule for this message instance
800 */
801 message_rule_t *rule;
802 };
803
804 /**
805 * Get the message rule that applies to this message
806 */
807 static message_rule_t* get_message_rule(private_message_t *this)
808 {
809 int i;
810
811 for (i = 0; i < countof(message_rules); i++)
812 {
813 if ((this->exchange_type == message_rules[i].exchange_type) &&
814 (this->is_request == message_rules[i].is_request))
815 {
816 return &message_rules[i];
817 }
818 }
819 return NULL;
820 }
821
822 /**
823 * Look up a payload rule
824 */
825 static payload_rule_t* get_payload_rule(private_message_t *this,
826 payload_type_t type)
827 {
828 int i;
829
830 for (i = 0; i < this->rule->rule_count;i++)
831 {
832 if (this->rule->rules[i].type == type)
833 {
834 return &this->rule->rules[i];
835 }
836 }
837 return NULL;
838 }
839
840 METHOD(message_t, set_ike_sa_id, void,
841 private_message_t *this,ike_sa_id_t *ike_sa_id)
842 {
843 DESTROY_IF(this->ike_sa_id);
844 this->ike_sa_id = ike_sa_id->clone(ike_sa_id);
845 }
846
847 METHOD(message_t, get_ike_sa_id, ike_sa_id_t*,
848 private_message_t *this)
849 {
850 return this->ike_sa_id;
851 }
852
853 METHOD(message_t, set_message_id, void,
854 private_message_t *this,u_int32_t message_id)
855 {
856 this->message_id = message_id;
857 }
858
859 METHOD(message_t, get_message_id, u_int32_t,
860 private_message_t *this)
861 {
862 return this->message_id;
863 }
864
865 METHOD(message_t, get_initiator_spi, u_int64_t,
866 private_message_t *this)
867 {
868 return (this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
869 }
870
871 METHOD(message_t, get_responder_spi, u_int64_t,
872 private_message_t *this)
873 {
874 return (this->ike_sa_id->get_responder_spi(this->ike_sa_id));
875 }
876
877 METHOD(message_t, set_major_version, void,
878 private_message_t *this, u_int8_t major_version)
879 {
880 this->major_version = major_version;
881 }
882
883 METHOD(message_t, get_major_version, u_int8_t,
884 private_message_t *this)
885 {
886 return this->major_version;
887 }
888
889 METHOD(message_t, set_minor_version, void,
890 private_message_t *this,u_int8_t minor_version)
891 {
892 this->minor_version = minor_version;
893 }
894
895 METHOD(message_t, get_minor_version, u_int8_t,
896 private_message_t *this)
897 {
898 return this->minor_version;
899 }
900
901 METHOD(message_t, set_exchange_type, void,
902 private_message_t *this, exchange_type_t exchange_type)
903 {
904 this->exchange_type = exchange_type;
905 }
906
907 METHOD(message_t, get_exchange_type, exchange_type_t,
908 private_message_t *this)
909 {
910 return this->exchange_type;
911 }
912
913 METHOD(message_t, get_first_payload_type, payload_type_t,
914 private_message_t *this)
915 {
916 return this->first_payload;
917 }
918
919 METHOD(message_t, set_request, void,
920 private_message_t *this, bool request)
921 {
922 this->is_request = request;
923 }
924
925 METHOD(message_t, get_request, bool,
926 private_message_t *this)
927 {
928 return this->is_request;
929 }
930
931 METHOD(message_t, set_version_flag, void,
932 private_message_t *this)
933 {
934 this->version_flag = TRUE;
935 }
936
937 METHOD(message_t, get_reserved_header_bit, bool,
938 private_message_t *this, u_int nr)
939 {
940 if (nr < countof(this->reserved))
941 {
942 return this->reserved[nr];
943 }
944 return FALSE;
945 }
946
947 METHOD(message_t, set_reserved_header_bit, void,
948 private_message_t *this, u_int nr)
949 {
950 if (nr < countof(this->reserved))
951 {
952 this->reserved[nr] = TRUE;
953 }
954 }
955
956 METHOD(message_t, is_encoded, bool,
957 private_message_t *this)
958 {
959 return this->packet->get_data(this->packet).ptr != NULL;
960 }
961
962 METHOD(message_t, add_payload, void,
963 private_message_t *this, payload_t *payload)
964 {
965 payload_t *last_payload;
966
967 if (this->payloads->get_count(this->payloads) > 0)
968 {
969 this->payloads->get_last(this->payloads, (void **)&last_payload);
970 last_payload->set_next_type(last_payload, payload->get_type(payload));
971 }
972 else
973 {
974 this->first_payload = payload->get_type(payload);
975 }
976 payload->set_next_type(payload, NO_PAYLOAD);
977 this->payloads->insert_last(this->payloads, payload);
978
979 DBG2(DBG_ENC ,"added payload of type %N to message",
980 payload_type_names, payload->get_type(payload));
981 }
982
983 METHOD(message_t, add_notify, void,
984 private_message_t *this, bool flush, notify_type_t type, chunk_t data)
985 {
986 notify_payload_t *notify;
987 payload_t *payload;
988
989 if (flush)
990 {
991 while (this->payloads->remove_last(this->payloads,
992 (void**)&payload) == SUCCESS)
993 {
994 payload->destroy(payload);
995 }
996 }
997 if (this->major_version == IKEV2_MAJOR_VERSION)
998 {
999 notify = notify_payload_create(NOTIFY);
1000 }
1001 else
1002 {
1003 notify = notify_payload_create(NOTIFY_V1);
1004 }
1005 notify->set_notify_type(notify, type);
1006 notify->set_notification_data(notify, data);
1007 add_payload(this, (payload_t*)notify);
1008 }
1009
1010 METHOD(message_t, set_source, void,
1011 private_message_t *this, host_t *host)
1012 {
1013 this->packet->set_source(this->packet, host);
1014 }
1015
1016 METHOD(message_t, set_destination, void,
1017 private_message_t *this, host_t *host)
1018 {
1019 this->packet->set_destination(this->packet, host);
1020 }
1021
1022 METHOD(message_t, get_source, host_t*,
1023 private_message_t *this)
1024 {
1025 return this->packet->get_source(this->packet);
1026 }
1027
1028 METHOD(message_t, get_destination, host_t*,
1029 private_message_t *this)
1030 {
1031 return this->packet->get_destination(this->packet);
1032 }
1033
1034 METHOD(message_t, create_payload_enumerator, enumerator_t*,
1035 private_message_t *this)
1036 {
1037 return this->payloads->create_enumerator(this->payloads);
1038 }
1039
1040 METHOD(message_t, remove_payload_at, void,
1041 private_message_t *this, enumerator_t *enumerator)
1042 {
1043 this->payloads->remove_at(this->payloads, enumerator);
1044 }
1045
1046 METHOD(message_t, get_payload, payload_t*,
1047 private_message_t *this, payload_type_t type)
1048 {
1049 payload_t *current, *found = NULL;
1050 enumerator_t *enumerator;
1051
1052 enumerator = create_payload_enumerator(this);
1053 while (enumerator->enumerate(enumerator, &current))
1054 {
1055 if (current->get_type(current) == type)
1056 {
1057 found = current;
1058 break;
1059 }
1060 }
1061 enumerator->destroy(enumerator);
1062 return found;
1063 }
1064
1065 METHOD(message_t, get_notify, notify_payload_t*,
1066 private_message_t *this, notify_type_t type)
1067 {
1068 enumerator_t *enumerator;
1069 notify_payload_t *notify = NULL;
1070 payload_t *payload;
1071
1072 enumerator = create_payload_enumerator(this);
1073 while (enumerator->enumerate(enumerator, &payload))
1074 {
1075 if (payload->get_type(payload) == NOTIFY)
1076 {
1077 notify = (notify_payload_t*)payload;
1078 if (notify->get_notify_type(notify) == type)
1079 {
1080 break;
1081 }
1082 notify = NULL;
1083 }
1084 }
1085 enumerator->destroy(enumerator);
1086 return notify;
1087 }
1088
1089 /**
1090 * get a string representation of the message
1091 */
1092 static char* get_string(private_message_t *this, char *buf, int len)
1093 {
1094 enumerator_t *enumerator;
1095 payload_t *payload;
1096 int written;
1097 char *pos = buf;
1098
1099 memset(buf, 0, len);
1100 len--;
1101
1102 written = snprintf(pos, len, "%N %s %u [",
1103 exchange_type_names, this->exchange_type,
1104 this->is_request ? "request" : "response",
1105 this->message_id);
1106 if (written >= len || written < 0)
1107 {
1108 return "";
1109 }
1110 pos += written;
1111 len -= written;
1112
1113 enumerator = create_payload_enumerator(this);
1114 while (enumerator->enumerate(enumerator, &payload))
1115 {
1116 written = snprintf(pos, len, " %N", payload_type_short_names,
1117 payload->get_type(payload));
1118 if (written >= len || written < 0)
1119 {
1120 return buf;
1121 }
1122 pos += written;
1123 len -= written;
1124 if (payload->get_type(payload) == NOTIFY)
1125 {
1126 notify_payload_t *notify;
1127 notify_type_t type;
1128 chunk_t data;
1129
1130 notify = (notify_payload_t*)payload;
1131 type = notify->get_notify_type(notify);
1132 data = notify->get_notification_data(notify);
1133 if (type == MS_NOTIFY_STATUS && data.len == 4)
1134 {
1135 written = snprintf(pos, len, "(%N(%d))", notify_type_short_names,
1136 type, untoh32(data.ptr));
1137 }
1138 else
1139 {
1140 written = snprintf(pos, len, "(%N)", notify_type_short_names,
1141 type);
1142 }
1143 if (written >= len || written < 0)
1144 {
1145 return buf;
1146 }
1147 pos += written;
1148 len -= written;
1149 }
1150 if (payload->get_type(payload) == EXTENSIBLE_AUTHENTICATION)
1151 {
1152 eap_payload_t *eap = (eap_payload_t*)payload;
1153 u_int32_t vendor;
1154 eap_type_t type;
1155 char method[64] = "";
1156
1157 type = eap->get_type(eap, &vendor);
1158 if (type)
1159 {
1160 if (vendor)
1161 {
1162 snprintf(method, sizeof(method), "/%d-%d", type, vendor);
1163 }
1164 else
1165 {
1166 snprintf(method, sizeof(method), "/%N",
1167 eap_type_short_names, type);
1168 }
1169 }
1170 written = snprintf(pos, len, "/%N%s", eap_code_short_names,
1171 eap->get_code(eap), method);
1172 if (written >= len || written < 0)
1173 {
1174 return buf;
1175 }
1176 pos += written;
1177 len -= written;
1178 }
1179 if (payload->get_type(payload) == CONFIGURATION)
1180 {
1181 cp_payload_t *cp = (cp_payload_t*)payload;
1182 enumerator_t *attributes;
1183 configuration_attribute_t *attribute;
1184 bool first = TRUE;
1185
1186 attributes = cp->create_attribute_enumerator(cp);
1187 while (attributes->enumerate(attributes, &attribute))
1188 {
1189 written = snprintf(pos, len, "%s%N", first ? "(" : " ",
1190 configuration_attribute_type_short_names,
1191 attribute->get_type(attribute));
1192 if (written >= len || written < 0)
1193 {
1194 return buf;
1195 }
1196 pos += written;
1197 len -= written;
1198 first = FALSE;
1199 }
1200 attributes->destroy(attributes);
1201 if (!first)
1202 {
1203 written = snprintf(pos, len, ")");
1204 if (written >= len || written < 0)
1205 {
1206 return buf;
1207 }
1208 pos += written;
1209 len -= written;
1210 }
1211 }
1212 }
1213 enumerator->destroy(enumerator);
1214
1215 /* remove last space */
1216 snprintf(pos, len, " ]");
1217 return buf;
1218 }
1219
1220 /**
1221 * reorder payloads depending on reordering rules
1222 */
1223 static void order_payloads(private_message_t *this)
1224 {
1225 linked_list_t *list;
1226 payload_t *payload;
1227 int i;
1228
1229 /* move to temp list */
1230 list = linked_list_create();
1231 while (this->payloads->remove_last(this->payloads,
1232 (void**)&payload) == SUCCESS)
1233 {
1234 list->insert_first(list, payload);
1235 }
1236 /* for each rule, ... */
1237 for (i = 0; i < this->rule->order_count; i++)
1238 {
1239 enumerator_t *enumerator;
1240 notify_payload_t *notify;
1241 payload_order_t order;
1242
1243 order = this->rule->order[i];
1244
1245 /* ... find all payload ... */
1246 enumerator = list->create_enumerator(list);
1247 while (enumerator->enumerate(enumerator, &payload))
1248 {
1249 /* ... with that type ... */
1250 if (payload->get_type(payload) == order.type)
1251 {
1252 notify = (notify_payload_t*)payload;
1253
1254 /**... and check notify for type. */
1255 if (order.type != NOTIFY || order.notify == 0 ||
1256 order.notify == notify->get_notify_type(notify))
1257 {
1258 list->remove_at(list, enumerator);
1259 add_payload(this, payload);
1260 }
1261 }
1262 }
1263 enumerator->destroy(enumerator);
1264 }
1265 /* append all payloads without a rule to the end */
1266 while (list->remove_last(list, (void**)&payload) == SUCCESS)
1267 {
1268 /* do not complain about payloads in private use space */
1269 if (payload->get_type(payload) < 128)
1270 {
1271 DBG1(DBG_ENC, "payload %N has no ordering rule in %N %s",
1272 payload_type_names, payload->get_type(payload),
1273 exchange_type_names, this->rule->exchange_type,
1274 this->rule->is_request ? "request" : "response");
1275 }
1276 add_payload(this, payload);
1277 }
1278 list->destroy(list);
1279 }
1280
1281 /**
1282 * Wrap payloads in an encryption payload
1283 */
1284 static encryption_payload_t* wrap_payloads(private_message_t *this,
1285 payload_type_t encryption_type)
1286 {
1287 encryption_payload_t *encryption;
1288 linked_list_t *payloads;
1289 payload_t *current;
1290
1291 /* copy all payloads in a temporary list */
1292 payloads = linked_list_create();
1293 while (this->payloads->remove_first(this->payloads,
1294 (void**)&current) == SUCCESS)
1295 {
1296 payloads->insert_last(payloads, current);
1297 }
1298
1299 encryption = encryption_payload_create(encryption_type);
1300 while (payloads->remove_first(payloads, (void**)&current) == SUCCESS)
1301 {
1302 payload_rule_t *rule;
1303 payload_type_t type;
1304 bool encrypt = TRUE;
1305
1306 type = current->get_type(current);
1307 rule = get_payload_rule(this, type);
1308 if (rule)
1309 {
1310 encrypt = rule->encrypted;
1311 }
1312 if (encrypt || this->is_encrypted)
1313 { /* encryption is forced for IKEv1 */
1314 DBG2(DBG_ENC, "insert payload %N to encryption payload",
1315 payload_type_names, type);
1316 encryption->add_payload(encryption, current);
1317 }
1318 else
1319 {
1320 DBG2(DBG_ENC, "insert payload %N unencrypted",
1321 payload_type_names, type);
1322 add_payload(this, current);
1323 }
1324 }
1325 payloads->destroy(payloads);
1326
1327 return encryption;
1328 }
1329
1330 METHOD(message_t, disable_sort, void,
1331 private_message_t *this)
1332 {
1333 this->sort_disabled = TRUE;
1334 }
1335
1336 METHOD(message_t, generate, status_t,
1337 private_message_t *this, keymat_t *keymat, packet_t **packet)
1338 {
1339 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
1340 generator_t *generator;
1341 ike_header_t *ike_header;
1342 payload_t *payload, *next;
1343 encryption_payload_t *encryption = NULL;
1344 payload_type_t next_type;
1345 enumerator_t *enumerator;
1346 aead_t *aead;
1347 chunk_t chunk;
1348 char str[BUF_LEN];
1349 u_int32_t *lenpos;
1350 bool encrypted = FALSE, *reserved;
1351 int i;
1352
1353 if (this->exchange_type == EXCHANGE_TYPE_UNDEFINED)
1354 {
1355 DBG1(DBG_ENC, "exchange type is not defined");
1356 return INVALID_STATE;
1357 }
1358
1359 if (this->packet->get_source(this->packet) == NULL ||
1360 this->packet->get_destination(this->packet) == NULL)
1361 {
1362 DBG1(DBG_ENC, "source/destination not defined");
1363 return INVALID_STATE;
1364 }
1365
1366 this->rule = get_message_rule(this);
1367 if (!this->rule)
1368 {
1369 DBG1(DBG_ENC, "no message rules specified for this message type");
1370 return NOT_SUPPORTED;
1371 }
1372
1373 if (!this->sort_disabled)
1374 {
1375 order_payloads(this);
1376 }
1377
1378 DBG1(DBG_ENC, "generating %s", get_string(this, str, sizeof(str)));
1379
1380 if (this->major_version == IKEV2_MAJOR_VERSION)
1381 {
1382 encrypted = this->rule->encrypted;
1383 }
1384 else
1385 { /* if at least one payload requires encryption, encrypt the message */
1386 /* TODO-IKEV1: set is_encrypted externally instead of this check? */
1387 enumerator = this->payloads->create_enumerator(this->payloads);
1388 while (enumerator->enumerate(enumerator, (void**)&payload))
1389 {
1390 payload_rule_t *rule;
1391 rule = get_payload_rule(this, payload->get_type(payload));
1392 if (rule && rule->encrypted)
1393 {
1394 this->is_encrypted = TRUE;
1395 encrypted = TRUE;
1396 break;
1397 }
1398 }
1399 enumerator->destroy(enumerator);
1400 }
1401
1402 aead = keymat->get_aead(keymat, FALSE);
1403 if (aead && encrypted)
1404 {
1405 encryption = wrap_payloads(this, this->is_encrypted ? ENCRYPTED_V1
1406 : ENCRYPTED);
1407 }
1408 else
1409 {
1410 DBG2(DBG_ENC, "not encrypting payloads");
1411 }
1412
1413 ike_header = ike_header_create_version(this->major_version,
1414 this->minor_version);
1415 ike_header->set_exchange_type(ike_header, this->exchange_type);
1416 ike_header->set_message_id(ike_header, this->message_id);
1417 if (this->major_version == IKEV2_MAJOR_VERSION)
1418 {
1419 ike_header->set_response_flag(ike_header, !this->is_request);
1420 ike_header->set_version_flag(ike_header, this->version_flag);
1421 ike_header->set_initiator_flag(ike_header,
1422 this->ike_sa_id->is_initiator(this->ike_sa_id));
1423 }
1424 else
1425 {
1426 ike_header->set_encryption_flag(ike_header, this->is_encrypted);
1427 }
1428 ike_header->set_initiator_spi(ike_header,
1429 this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
1430 ike_header->set_responder_spi(ike_header,
1431 this->ike_sa_id->get_responder_spi(this->ike_sa_id));
1432
1433 for (i = 0; i < countof(this->reserved); i++)
1434 {
1435 reserved = payload_get_field(&ike_header->payload_interface,
1436 RESERVED_BIT, i);
1437 if (reserved)
1438 {
1439 *reserved = this->reserved[i];
1440 }
1441 }
1442
1443 generator = generator_create();
1444
1445 /* generate all payloads with proper next type */
1446 payload = (payload_t*)ike_header;
1447 enumerator = create_payload_enumerator(this);
1448 while (enumerator->enumerate(enumerator, &next))
1449 {
1450 payload->set_next_type(payload, next->get_type(next));
1451 generator->generate_payload(generator, payload);
1452 payload = next;
1453 }
1454 enumerator->destroy(enumerator);
1455 if (this->is_encrypted)
1456 { /* for encrypted IKEv1 messages */
1457 next_type = encryption->payload_interface.get_next_type(
1458 (payload_t*)encryption);
1459 }
1460 else
1461 {
1462 next_type = encryption ? ENCRYPTED : NO_PAYLOAD;
1463 }
1464 payload->set_next_type(payload, next_type);
1465 generator->generate_payload(generator, payload);
1466 ike_header->destroy(ike_header);
1467
1468 if (encryption)
1469 {
1470 if (this->is_encrypted)
1471 { /* for IKEv1 instead of associated data we provide the IV */
1472 chunk = keymat_v1->get_iv(keymat_v1, this->message_id);
1473 }
1474 else
1475 { /* build associated data (without header of encryption payload) */
1476 chunk = generator->get_chunk(generator, &lenpos);
1477 /* fill in length, including encryption payload */
1478 htoun32(lenpos, chunk.len + encryption->get_length(encryption));
1479 }
1480 encryption->set_transform(encryption, aead);
1481 this->payloads->insert_last(this->payloads, encryption);
1482 if (!encryption->encrypt(encryption, chunk))
1483 {
1484 generator->destroy(generator);
1485 return INVALID_STATE;
1486 }
1487 generator->generate_payload(generator, &encryption->payload_interface);
1488 }
1489 chunk = generator->get_chunk(generator, &lenpos);
1490 htoun32(lenpos, chunk.len);
1491 this->packet->set_data(this->packet, chunk_clone(chunk));
1492 if (this->is_encrypted)
1493 { /* update the IV for the next IKEv1 message */
1494 chunk_t last_block;
1495 size_t bs = aead->get_block_size(aead);
1496 last_block = chunk_create(chunk.ptr + chunk.len - bs, bs);
1497 keymat_v1->update_iv(keymat_v1, this->message_id, last_block);
1498 keymat_v1->confirm_iv(keymat_v1, this->message_id);
1499 }
1500 generator->destroy(generator);
1501 *packet = this->packet->clone(this->packet);
1502 return SUCCESS;
1503 }
1504
1505 METHOD(message_t, get_packet, packet_t*,
1506 private_message_t *this)
1507 {
1508 if (this->packet == NULL)
1509 {
1510 return NULL;
1511 }
1512 return this->packet->clone(this->packet);
1513 }
1514
1515 METHOD(message_t, get_packet_data, chunk_t,
1516 private_message_t *this)
1517 {
1518 if (this->packet == NULL)
1519 {
1520 return chunk_empty;
1521 }
1522 return this->packet->get_data(this->packet);
1523 }
1524
1525 METHOD(message_t, parse_header, status_t,
1526 private_message_t *this)
1527 {
1528 ike_header_t *ike_header;
1529 status_t status;
1530 bool *reserved;
1531 int i;
1532
1533 DBG2(DBG_ENC, "parsing header of message");
1534
1535 this->parser->reset_context(this->parser);
1536 status = this->parser->parse_payload(this->parser, HEADER,
1537 (payload_t**)&ike_header);
1538 if (status != SUCCESS)
1539 {
1540 DBG1(DBG_ENC, "header could not be parsed");
1541 return status;
1542
1543 }
1544
1545 status = ike_header->payload_interface.verify(
1546 &ike_header->payload_interface);
1547 if (status != SUCCESS)
1548 {
1549 DBG1(DBG_ENC, "header verification failed");
1550 ike_header->destroy(ike_header);
1551 return status;
1552 }
1553
1554 DESTROY_IF(this->ike_sa_id);
1555 this->ike_sa_id = ike_sa_id_create(
1556 ike_header->get_initiator_spi(ike_header),
1557 ike_header->get_responder_spi(ike_header),
1558 ike_header->get_initiator_flag(ike_header));
1559
1560 this->exchange_type = ike_header->get_exchange_type(ike_header);
1561 this->message_id = ike_header->get_message_id(ike_header);
1562 this->is_request = !ike_header->get_response_flag(ike_header);
1563 this->is_encrypted = ike_header->get_encryption_flag(ike_header);
1564 this->major_version = ike_header->get_maj_version(ike_header);
1565 this->minor_version = ike_header->get_min_version(ike_header);
1566 this->first_payload = ike_header->payload_interface.get_next_type(
1567 &ike_header->payload_interface);
1568 for (i = 0; i < countof(this->reserved); i++)
1569 {
1570 reserved = payload_get_field(&ike_header->payload_interface,
1571 RESERVED_BIT, i);
1572 if (reserved)
1573 {
1574 this->reserved[i] = *reserved;
1575 }
1576 }
1577 ike_header->destroy(ike_header);
1578
1579 DBG2(DBG_ENC, "parsed a %N %s header", exchange_type_names,
1580 this->exchange_type, this->major_version == IKEV1_MAJOR_VERSION ?
1581 "message" : (this->is_request ? "request" : "response"));
1582 return SUCCESS;
1583 }
1584
1585 /**
1586 * Check if a payload is for a mediation extension connectivity check
1587 */
1588 static bool is_connectivity_check(private_message_t *this, payload_t *payload)
1589 {
1590 #ifdef ME
1591 if (this->exchange_type == INFORMATIONAL &&
1592 payload->get_type(payload) == NOTIFY)
1593 {
1594 notify_payload_t *notify = (notify_payload_t*)payload;
1595
1596 switch (notify->get_notify_type(notify))
1597 {
1598 case ME_CONNECTID:
1599 case ME_ENDPOINT:
1600 case ME_CONNECTAUTH:
1601 return TRUE;
1602 default:
1603 break;
1604 }
1605 }
1606 #endif /* !ME */
1607 return FALSE;
1608 }
1609
1610 /**
1611 * Parses and verifies the unencrypted payloads contained in the message
1612 */
1613 static status_t parse_payloads(private_message_t *this)
1614 {
1615 payload_type_t type = this->first_payload;
1616 payload_t *payload;
1617 status_t status;
1618
1619 if (this->is_encrypted)
1620 { /* wrap the whole encrypted IKEv1 message in a special encryption
1621 * payload which is then handled just like a regular payload */
1622 encryption_payload_t *encryption;
1623 status = this->parser->parse_payload(this->parser, ENCRYPTED_V1,
1624 (payload_t**)&encryption);
1625 if (status != SUCCESS)
1626 {
1627 DBG1(DBG_ENC, "failed to wrap encrypted IKEv1 message");
1628 return PARSE_ERROR;
1629 }
1630 encryption->payload_interface.set_next_type((payload_t*)encryption,
1631 this->first_payload);
1632 this->payloads->insert_last(this->payloads, encryption);
1633 return SUCCESS;
1634 }
1635
1636 while (type != NO_PAYLOAD)
1637 {
1638 DBG2(DBG_ENC, "starting parsing a %N payload",
1639 payload_type_names, type);
1640
1641 status = this->parser->parse_payload(this->parser, type, &payload);
1642 if (status != SUCCESS)
1643 {
1644 DBG1(DBG_ENC, "payload type %N could not be parsed",
1645 payload_type_names, type);
1646 return PARSE_ERROR;
1647 }
1648
1649 DBG2(DBG_ENC, "verifying payload of type %N", payload_type_names, type);
1650 status = payload->verify(payload);
1651 if (status != SUCCESS)
1652 {
1653 DBG1(DBG_ENC, "%N payload verification failed",
1654 payload_type_names, type);
1655 payload->destroy(payload);
1656 return VERIFY_ERROR;
1657 }
1658
1659 DBG2(DBG_ENC, "%N payload verified. Adding to payload list",
1660 payload_type_names, type);
1661 this->payloads->insert_last(this->payloads, payload);
1662
1663 /* an encryption payload is the last one, so STOP here. decryption is
1664 * done later */
1665 if (type == ENCRYPTED)
1666 {
1667 DBG2(DBG_ENC, "%N payload found. Stop parsing",
1668 payload_type_names, type);
1669 break;
1670 }
1671 type = payload->get_next_type(payload);
1672 }
1673 return SUCCESS;
1674 }
1675
1676 /**
1677 * Decrypt payload from the encryption payload
1678 */
1679 static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
1680 {
1681 bool was_encrypted = FALSE;
1682 payload_t *payload, *previous = NULL;
1683 enumerator_t *enumerator;
1684 payload_rule_t *rule;
1685 payload_type_t type;
1686 aead_t *aead;
1687 status_t status = SUCCESS;
1688
1689 enumerator = this->payloads->create_enumerator(this->payloads);
1690 while (enumerator->enumerate(enumerator, &payload))
1691 {
1692 type = payload->get_type(payload);
1693
1694 DBG2(DBG_ENC, "process payload of type %N", payload_type_names, type);
1695
1696 if (type == ENCRYPTED || type == ENCRYPTED_V1)
1697 {
1698 encryption_payload_t *encryption;
1699 payload_t *encrypted;
1700 chunk_t chunk;
1701 size_t bs;
1702
1703 encryption = (encryption_payload_t*)payload;
1704
1705 DBG2(DBG_ENC, "found an encryption payload");
1706
1707 if (this->payloads->has_more(this->payloads, enumerator))
1708 {
1709 DBG1(DBG_ENC, "encrypted payload is not last payload");
1710 status = VERIFY_ERROR;
1711 break;
1712 }
1713 aead = keymat->get_aead(keymat, TRUE);
1714 bs = aead->get_block_size(aead);
1715 encryption->set_transform(encryption, aead);
1716 chunk = this->packet->get_data(this->packet);
1717 if (chunk.len < encryption->get_length(encryption) ||
1718 chunk.len < bs)
1719 {
1720 DBG1(DBG_ENC, "invalid payload length");
1721 status = VERIFY_ERROR;
1722 break;
1723 }
1724 if (type == ENCRYPTED_V1)
1725 { /* instead of associated data we provide the IV, we also update
1726 * the IV with the last encrypted block */
1727 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
1728 chunk_t last_block = chunk_create(chunk.ptr + chunk.len - bs,
1729 bs);
1730 chunk = keymat_v1->get_iv(keymat_v1, this->message_id);
1731 keymat_v1->update_iv(keymat_v1, this->message_id, last_block);
1732 }
1733 else
1734 {
1735 chunk.len -= encryption->get_length(encryption);
1736 }
1737 status = encryption->decrypt(encryption, chunk);
1738 if (status != SUCCESS)
1739 {
1740 break;
1741 }
1742
1743 was_encrypted = TRUE;
1744 this->payloads->remove_at(this->payloads, enumerator);
1745
1746 while ((encrypted = encryption->remove_payload(encryption)))
1747 {
1748 type = encrypted->get_type(encrypted);
1749 if (previous)
1750 {
1751 previous->set_next_type(previous, type);
1752 }
1753 else
1754 {
1755 this->first_payload = type;
1756 }
1757 DBG2(DBG_ENC, "insert decrypted payload of type "
1758 "%N at end of list", payload_type_names, type);
1759 this->payloads->insert_last(this->payloads, encrypted);
1760 previous = encrypted;
1761 }
1762 encryption->destroy(encryption);
1763 }
1764 if (payload_is_known(type) && !was_encrypted &&
1765 !is_connectivity_check(this, payload))
1766 {
1767 rule = get_payload_rule(this, type);
1768 if (!rule || rule->encrypted)
1769 {
1770 DBG1(DBG_ENC, "payload type %N was not encrypted",
1771 payload_type_names, type);
1772 status = FAILED;
1773 break;
1774 }
1775 }
1776 previous = payload;
1777 }
1778 enumerator->destroy(enumerator);
1779 return status;
1780 }
1781
1782 /**
1783 * Verify a message and all payload according to message/payload rules
1784 */
1785 static status_t verify(private_message_t *this)
1786 {
1787 bool complete = FALSE;
1788 int i;
1789
1790 DBG2(DBG_ENC, "verifying message structure");
1791
1792 /* check for payloads with wrong count*/
1793 for (i = 0; i < this->rule->rule_count; i++)
1794 {
1795 enumerator_t *enumerator;
1796 payload_t *payload;
1797 payload_rule_t *rule;
1798 int found = 0;
1799
1800 rule = &this->rule->rules[i];
1801 enumerator = create_payload_enumerator(this);
1802 while (enumerator->enumerate(enumerator, &payload))
1803 {
1804 payload_type_t type;
1805
1806 type = payload->get_type(payload);
1807 if (type == rule->type)
1808 {
1809 found++;
1810 DBG2(DBG_ENC, "found payload of type %N",
1811 payload_type_names, type);
1812 if (found > rule->max_occurence)
1813 {
1814 DBG1(DBG_ENC, "payload of type %N more than %d times (%d) "
1815 "occurred in current message", payload_type_names,
1816 type, rule->max_occurence, found);
1817 enumerator->destroy(enumerator);
1818 return VERIFY_ERROR;
1819 }
1820 }
1821 }
1822 enumerator->destroy(enumerator);
1823
1824 if (!complete && found < rule->min_occurence)
1825 {
1826 DBG1(DBG_ENC, "payload of type %N not occurred %d times (%d)",
1827 payload_type_names, rule->type, rule->min_occurence, found);
1828 return VERIFY_ERROR;
1829 }
1830 if (found && rule->sufficient)
1831 {
1832 complete = TRUE;
1833 }
1834 }
1835 return SUCCESS;
1836 }
1837
1838 METHOD(message_t, parse_body, status_t,
1839 private_message_t *this, keymat_t *keymat)
1840 {
1841 status_t status = SUCCESS;
1842 char str[BUF_LEN];
1843
1844 DBG2(DBG_ENC, "parsing body of message, first payload is %N",
1845 payload_type_names, this->first_payload);
1846
1847 this->rule = get_message_rule(this);
1848 if (!this->rule)
1849 {
1850 DBG1(DBG_ENC, "no message rules specified for a %N %s",
1851 exchange_type_names, this->exchange_type,
1852 this->is_request ? "request" : "response");
1853 return PARSE_ERROR;
1854 }
1855
1856 status = parse_payloads(this);
1857 if (status != SUCCESS)
1858 { /* error is already logged */
1859 return status;
1860 }
1861
1862 status = decrypt_payloads(this, keymat);
1863 if (status != SUCCESS)
1864 {
1865 DBG1(DBG_ENC, "could not decrypt payloads");
1866 return status;
1867 }
1868
1869 status = verify(this);
1870 if (status != SUCCESS)
1871 {
1872 return status;
1873 }
1874
1875 DBG1(DBG_ENC, "parsed %s", get_string(this, str, sizeof(str)));
1876
1877 if (this->is_encrypted)
1878 { /* TODO-IKEv1: this should be done later when we know this is no
1879 * retransmit */
1880 keymat_v1_t *keymat_v1 = (keymat_v1_t*)keymat;
1881 keymat_v1->confirm_iv(keymat_v1, this->message_id);
1882 }
1883
1884 return SUCCESS;
1885 }
1886
1887 METHOD(message_t, destroy, void,
1888 private_message_t *this)
1889 {
1890 DESTROY_IF(this->ike_sa_id);
1891 this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
1892 this->packet->destroy(this->packet);
1893 this->parser->destroy(this->parser);
1894 free(this);
1895 }
1896
1897 /*
1898 * Described in header.
1899 */
1900 message_t *message_create_from_packet(packet_t *packet)
1901 {
1902 private_message_t *this;
1903
1904 INIT(this,
1905 .public = {
1906 .set_major_version = _set_major_version,
1907 .get_major_version = _get_major_version,
1908 .set_minor_version = _set_minor_version,
1909 .get_minor_version = _get_minor_version,
1910 .set_message_id = _set_message_id,
1911 .get_message_id = _get_message_id,
1912 .get_initiator_spi = _get_initiator_spi,
1913 .get_responder_spi = _get_responder_spi,
1914 .set_ike_sa_id = _set_ike_sa_id,
1915 .get_ike_sa_id = _get_ike_sa_id,
1916 .set_exchange_type = _set_exchange_type,
1917 .get_exchange_type = _get_exchange_type,
1918 .get_first_payload_type = _get_first_payload_type,
1919 .set_request = _set_request,
1920 .get_request = _get_request,
1921 .set_version_flag = _set_version_flag,
1922 .get_reserved_header_bit = _get_reserved_header_bit,
1923 .set_reserved_header_bit = _set_reserved_header_bit,
1924 .add_payload = _add_payload,
1925 .add_notify = _add_notify,
1926 .disable_sort = _disable_sort,
1927 .generate = _generate,
1928 .is_encoded = _is_encoded,
1929 .set_source = _set_source,
1930 .get_source = _get_source,
1931 .set_destination = _set_destination,
1932 .get_destination = _get_destination,
1933 .create_payload_enumerator = _create_payload_enumerator,
1934 .remove_payload_at = _remove_payload_at,
1935 .get_payload = _get_payload,
1936 .get_notify = _get_notify,
1937 .parse_header = _parse_header,
1938 .parse_body = _parse_body,
1939 .get_packet = _get_packet,
1940 .get_packet_data = _get_packet_data,
1941 .destroy = _destroy,
1942 },
1943 .exchange_type = EXCHANGE_TYPE_UNDEFINED,
1944 .is_request = TRUE,
1945 .first_payload = NO_PAYLOAD,
1946 .packet = packet,
1947 .payloads = linked_list_create(),
1948 .parser = parser_create(packet->get_data(packet)),
1949 );
1950
1951 return &this->public;
1952 }
1953
1954 /*
1955 * Described in header.
1956 */
1957 message_t *message_create(int major, int minor)
1958 {
1959 message_t *this = message_create_from_packet(packet_create());
1960
1961 this->set_major_version(this, major);
1962 this->set_minor_version(this, minor);
1963
1964 return this;
1965 }