fixed mapping of IKEv1 algorithms
[strongswan.git] / src / libcharon / encoding / payloads / proposal_substructure.c
1 /*
2 * Copyright (C) 2005-2010 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include <stddef.h>
18
19 #include "proposal_substructure.h"
20
21 #include <encoding/payloads/encodings.h>
22 #include <encoding/payloads/transform_substructure.h>
23 #include <library.h>
24 #include <utils/linked_list.h>
25 #include <daemon.h>
26
27 /**
28 * IKEv2 Value for a proposal payload.
29 */
30 #define PROPOSAL_TYPE_VALUE 2
31
32 typedef struct private_proposal_substructure_t private_proposal_substructure_t;
33
34 /**
35 * Private data of an proposal_substructure_t object.
36 */
37 struct private_proposal_substructure_t {
38
39 /**
40 * Public proposal_substructure_t interface.
41 */
42 proposal_substructure_t public;
43
44 /**
45 * Next payload type.
46 */
47 u_int8_t next_payload;
48
49 /**
50 * reserved byte
51 */
52 u_int8_t reserved;
53
54 /**
55 * Length of this payload.
56 */
57 u_int16_t proposal_length;
58
59 /**
60 * Proposal number.
61 */
62 u_int8_t proposal_number;
63
64 /**
65 * Protocol ID.
66 */
67 u_int8_t protocol_id;
68
69 /**
70 * SPI size of the following SPI.
71 */
72 u_int8_t spi_size;
73
74 /**
75 * Number of transforms.
76 */
77 u_int8_t transforms_count;
78
79 /**
80 * SPI is stored as chunk.
81 */
82 chunk_t spi;
83
84 /**
85 * Transforms are stored in a linked_list_t.
86 */
87 linked_list_t *transforms;
88
89 /**
90 * Type of this payload, PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
91 */
92 payload_type_t type;
93 };
94
95 /**
96 * Encoding rules for a IKEv1 Proposal substructure.
97 */
98 static encoding_rule_t encodings_v1[] = {
99 /* 1 Byte next payload type, stored in the field next_payload */
100 { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) },
101 /* 1 Reserved Byte */
102 { RESERVED_BYTE, offsetof(private_proposal_substructure_t, reserved) },
103 /* Length of the whole proposal substructure payload*/
104 { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) },
105 /* proposal number is a number of 8 bit */
106 { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) },
107 /* protocol ID is a number of 8 bit */
108 { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) },
109 /* SPI Size has its own type */
110 { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) },
111 /* Number of transforms is a number of 8 bit */
112 { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) },
113 /* SPI is a chunk of variable size*/
114 { SPI, offsetof(private_proposal_substructure_t, spi) },
115 /* Transforms are stored in a transform substructure list */
116 { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1,
117 offsetof(private_proposal_substructure_t, transforms) },
118 };
119
120 /**
121 * Encoding rules for a IKEv2 Proposal substructure.
122 */
123 static encoding_rule_t encodings_v2[] = {
124 /* 1 Byte next payload type, stored in the field next_payload */
125 { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) },
126 /* 1 Reserved Byte */
127 { RESERVED_BYTE, offsetof(private_proposal_substructure_t, reserved) },
128 /* Length of the whole proposal substructure payload*/
129 { PAYLOAD_LENGTH, offsetof(private_proposal_substructure_t, proposal_length) },
130 /* proposal number is a number of 8 bit */
131 { U_INT_8, offsetof(private_proposal_substructure_t, proposal_number) },
132 /* protocol ID is a number of 8 bit */
133 { U_INT_8, offsetof(private_proposal_substructure_t, protocol_id) },
134 /* SPI Size has its own type */
135 { SPI_SIZE, offsetof(private_proposal_substructure_t, spi_size) },
136 /* Number of transforms is a number of 8 bit */
137 { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) },
138 /* SPI is a chunk of variable size*/
139 { SPI, offsetof(private_proposal_substructure_t, spi) },
140 /* Transforms are stored in a transform substructure list */
141 { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE,
142 offsetof(private_proposal_substructure_t, transforms) },
143 };
144
145 /*
146 1 2 3
147 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
148 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
149 ! 0 (last) or 2 ! RESERVED ! Proposal Length !
150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
151 ! Proposal # ! Protocol ID ! SPI Size !# of Transforms!
152 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
153 ~ SPI (variable) ~
154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
155 ! !
156 ~ <Transforms> ~
157 ! !
158 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
159 */
160
161 /**
162 * Encryption.
163 */
164 typedef enum {
165 IKEV1_ENCR_DES_CBC = 1,
166 IKEV1_ENCR_IDEA_CBC = 2,
167 IKEV1_ENCR_BLOWFISH_CBC = 3,
168 IKEV1_ENCR_RC5_R16_B64_CBC = 4,
169 IKEV1_ENCR_3DES_CBC = 5,
170 IKEV1_ENCR_CAST_CBC = 6,
171 IKEV1_ENCR_AES_CBC = 7,
172 IKEV1_ENCR_CAMELLIA_CBC = 8,
173 /* FreeS/WAN proprietary */
174 IKEV1_ENCR_SERPENT_CBC = 65004,
175 IKEV1_ENCR_TWOFISH_CBC = 65005,
176 } ikev1_encryption_t;
177
178 /**
179 * IKEv1 hash.
180 */
181 typedef enum {
182 IKEV1_HASH_MD5 = 1,
183 IKEV1_HASH_SHA1 = 2,
184 IKEV1_HASH_TIGER = 3,
185 IKEV1_HASH_SHA2_256 = 4,
186 IKEV1_HASH_SHA2_384 = 5,
187 IKEV1_HASH_SHA2_512 = 6,
188 } ikev1_hash_t;
189
190 /**
191 * IKEv1 Transform ID IKE.
192 */
193 typedef enum {
194 IKEV1_TRANSID_KEY_IKE = 1,
195 } ikev1_ike_transid_t;
196
197 /**
198 * IKEv1 Transform ID ESP encryption algorithm.
199 */
200 typedef enum {
201 IKEV1_ESP_ENCR_DES_IV64 = 1,
202 IKEV1_ESP_ENCR_DES = 2,
203 IKEV1_ESP_ENCR_3DES = 3,
204 IKEV1_ESP_ENCR_RC5 = 4,
205 IKEV1_ESP_ENCR_IDEA = 5,
206 IKEV1_ESP_ENCR_CAST = 6,
207 IKEV1_ESP_ENCR_BLOWFISH = 7,
208 IKEV1_ESP_ENCR_3IDEA = 8,
209 IKEV1_ESP_ENCR_DES_IV32 = 9,
210 IKEV1_ESP_ENCR_RC4 = 10,
211 IKEV1_ESP_ENCR_NULL = 11,
212 IKEV1_ESP_ENCR_AES_CBC = 12,
213 IKEV1_ESP_ENCR_AES_CTR = 13,
214 IKEV1_ESP_ENCR_AES_CCM_8 = 14,
215 IKEV1_ESP_ENCR_AES_CCM_12 = 15,
216 IKEV1_ESP_ENCR_AES_CCM_16 = 16,
217 IKEV1_ESP_ENCR_AES_GCM_8 = 18,
218 IKEV1_ESP_ENCR_AES_GCM_12 = 19,
219 IKEV1_ESP_ENCR_AES_GCM_16 = 20,
220 IKEV1_ESP_ENCR_SEED_CBC = 21,
221 IKEV1_ESP_ENCR_CAMELLIA = 22,
222 IKEV1_ESP_ENCR_NULL_AUTH_AES_GMAC = 23,
223 /* FreeS/WAN proprietary */
224 IKEV1_ESP_ENCR_SERPENT = 252,
225 IKEV1_ESP_ENCR_TWOFISH = 253,
226 } ikev1_esp_encr_transid_t;
227
228 /**
229 * IKEv1 Transform ID ESP authentication algorithm.
230 */
231 typedef enum {
232 IKEV1_ESP_AUTH_HMAC_MD5 = 1,
233 IKEV1_ESP_AUTH_HMAC_SHA = 2,
234 IKEV1_ESP_AUTH_DES_MAC = 3,
235 IKEV1_ESP_AUTH_KPDK = 4,
236 IKEV1_ESP_AUTH_HMAC_SHA2_256 = 5,
237 IKEV1_ESP_AUTH_HMAC_SHA2_384 = 6,
238 IKEV1_ESP_AUTH_HMAC_SHA2_512 = 7,
239 IKEV1_ESP_AUTH_HMAC_RIPEMD = 8,
240 IKEV1_ESP_AUTH_AES_XCBC_MAC = 9,
241 IKEV1_ESP_AUTH_SIG_RSA = 10,
242 IKEV1_ESP_AUTH_AES_128_GMAC = 11,
243 IKEV1_ESP_AUTH_AES_192_GMAC = 12,
244 IKEV1_ESP_AUTH_AES_256_GMAC = 13,
245 } ikev1_esp_auth_transid_it;
246
247 /**
248 * IKEv1 ESP Encapsulation mode.
249 */
250 typedef enum {
251 IKEV1_ENCAP_TUNNEL = 1,
252 IKEV1_ENCAP_TRANSPORT = 2,
253 IKEV1_ENCAP_UDP_TUNNEL = 3,
254 IKEV1_ENCAP_UDP_TRANSPORT = 4,
255 } ikev1_esp_encap_t;
256
257 /**
258 * IKEv1 Life duration types.
259 */
260 typedef enum {
261 IKEV1_LIFE_TYPE_SECONDS = 1,
262 IKEV1_LIFE_TYPE_KILOBYTES = 2,
263 } ikev1_life_type_t;
264
265 /**
266 * IKEv1 authentication methods
267 */
268 typedef enum {
269 IKEV1_AUTH_PSK = 1,
270 IKEV1_AUTH_DSS_SIG = 2,
271 IKEV1_AUTH_RSA_SIG = 3,
272 IKEV1_AUTH_RSA_ENC = 4,
273 IKEV1_AUTH_RSA_ENC_REV = 5,
274 IKEV1_AUTH_ECDSA_256 = 9,
275 IKEV1_AUTH_ECDSA_384 = 10,
276 IKEV1_AUTH_ECDSA_521 = 11,
277 /* XAuth Modes */
278 IKEV1_AUTH_XAUTH_INIT_PSK = 65001,
279 IKEV1_AUTH_XAUTH_RESP_PSK = 65002,
280 IKEV1_AUTH_XAUTH_INIT_DSS = 65003,
281 IKEV1_AUTH_XAUTH_RESP_DSS = 65004,
282 IKEV1_AUTH_XAUTH_INIT_RSA = 65005,
283 IKEV1_AUTH_XAUTH_RESP_RSA = 65006,
284 IKEV1_AUTH_XAUTH_INIT_RSA_ENC = 65007,
285 IKEV1_AUTH_XAUTH_RESP_RSA_ENC = 65008,
286 IKEV1_AUTH_XAUTH_INIT_RSA_ENC_REV = 65009,
287 IKEV1_AUTH_XAUTH_RESP_RSA_ENC_REV = 65010,
288 /* Hybrid Modes */
289 IKEV1_AUTH_HYBRID_INIT_RSA = 64221,
290 IKEV1_AUTH_HYBRID_RESP_RSA = 64222,
291 IKEV1_AUTH_HYBRID_INIT_DSS = 64223,
292 IKEV1_AUTH_HYBRID_RESP_DSS = 64224,
293 } ikev1_auth_method_t;
294
295 METHOD(payload_t, verify, status_t,
296 private_proposal_substructure_t *this)
297 {
298 status_t status = SUCCESS;
299 enumerator_t *enumerator;
300 payload_t *current;
301
302 if (this->next_payload != NO_PAYLOAD && this->next_payload != 2)
303 {
304 /* must be 0 or 2 */
305 DBG1(DBG_ENC, "inconsistent next payload");
306 return FAILED;
307 }
308 if (this->transforms_count != this->transforms->get_count(this->transforms))
309 {
310 /* must be the same! */
311 DBG1(DBG_ENC, "transform count invalid");
312 return FAILED;
313 }
314
315 switch (this->protocol_id)
316 {
317 case PROTO_AH:
318 case PROTO_ESP:
319 if (this->spi.len != 4)
320 {
321 DBG1(DBG_ENC, "invalid SPI length in %N proposal",
322 protocol_id_names, this->protocol_id);
323 return FAILED;
324 }
325 break;
326 case PROTO_IKE:
327 if (this->spi.len != 0 && this->spi.len != 8)
328 {
329 DBG1(DBG_ENC, "invalid SPI length in IKE proposal");
330 return FAILED;
331 }
332 break;
333 default:
334 break;
335 }
336 enumerator = this->transforms->create_enumerator(this->transforms);
337 while (enumerator->enumerate(enumerator, &current))
338 {
339 status = current->verify(current);
340 if (status != SUCCESS)
341 {
342 DBG1(DBG_ENC, "TRANSFORM_SUBSTRUCTURE verification failed");
343 break;
344 }
345 }
346 enumerator->destroy(enumerator);
347
348 /* proposal number is checked in SA payload */
349 return status;
350 }
351
352 METHOD(payload_t, get_encoding_rules, int,
353 private_proposal_substructure_t *this, encoding_rule_t **rules)
354 {
355 if (this->type == PROPOSAL_SUBSTRUCTURE)
356 {
357 *rules = encodings_v2;
358 return countof(encodings_v2);
359 }
360 *rules = encodings_v1;
361 return countof(encodings_v1);
362 }
363
364 METHOD(payload_t, get_header_length, int,
365 private_proposal_substructure_t *this)
366 {
367 return 8 + this->spi_size;
368 }
369
370 METHOD(payload_t, get_type, payload_type_t,
371 private_proposal_substructure_t *this)
372 {
373 return this->type;
374 }
375
376 METHOD(payload_t, get_next_type, payload_type_t,
377 private_proposal_substructure_t *this)
378 {
379 return this->next_payload;
380 }
381
382 METHOD(payload_t, set_next_type, void,
383 private_proposal_substructure_t *this, payload_type_t type)
384 {
385 }
386
387 /**
388 * (re-)compute the length of the payload.
389 */
390 static void compute_length(private_proposal_substructure_t *this)
391 {
392 enumerator_t *enumerator;
393 payload_t *transform;
394
395 this->transforms_count = 0;
396 this->proposal_length = get_header_length(this);
397 enumerator = this->transforms->create_enumerator(this->transforms);
398 while (enumerator->enumerate(enumerator, &transform))
399 {
400 this->proposal_length += transform->get_length(transform);
401 this->transforms_count++;
402 }
403 enumerator->destroy(enumerator);
404 }
405
406 METHOD(payload_t, get_length, size_t,
407 private_proposal_substructure_t *this)
408 {
409 return this->proposal_length;
410 }
411
412 /**
413 * Add a transform substructure to the proposal
414 */
415 static void add_transform_substructure(private_proposal_substructure_t *this,
416 transform_substructure_t *transform)
417 {
418 if (this->transforms->get_count(this->transforms) > 0)
419 {
420 transform_substructure_t *last;
421
422 this->transforms->get_last(this->transforms, (void **)&last);
423 last->set_is_last_transform(last, FALSE);
424 }
425 transform->set_is_last_transform(transform,TRUE);
426 this->transforms->insert_last(this->transforms, transform);
427 compute_length(this);
428 }
429
430 METHOD(proposal_substructure_t, set_is_last_proposal, void,
431 private_proposal_substructure_t *this, bool is_last)
432 {
433 this->next_payload = is_last ? 0 : PROPOSAL_TYPE_VALUE;
434 }
435
436 METHOD(proposal_substructure_t, set_proposal_number, void,
437 private_proposal_substructure_t *this,u_int8_t proposal_number)
438 {
439 this->proposal_number = proposal_number;
440 }
441
442 METHOD(proposal_substructure_t, get_proposal_number, u_int8_t,
443 private_proposal_substructure_t *this)
444 {
445 return this->proposal_number;
446 }
447
448 METHOD(proposal_substructure_t, set_protocol_id, void,
449 private_proposal_substructure_t *this,u_int8_t protocol_id)
450 {
451 this->protocol_id = protocol_id;
452 }
453
454 METHOD(proposal_substructure_t, get_protocol_id, u_int8_t,
455 private_proposal_substructure_t *this)
456 {
457 return this->protocol_id;
458 }
459
460 METHOD(proposal_substructure_t, set_spi, void,
461 private_proposal_substructure_t *this, chunk_t spi)
462 {
463 free(this->spi.ptr);
464 this->spi = chunk_clone(spi);
465 this->spi_size = spi.len;
466 compute_length(this);
467 }
468
469 METHOD(proposal_substructure_t, get_spi, chunk_t,
470 private_proposal_substructure_t *this)
471 {
472 return this->spi;
473 }
474
475 /**
476 * Add a transform to a proposal for IKEv2
477 */
478 static void add_to_proposal_v2(proposal_t *proposal,
479 transform_substructure_t *transform)
480 {
481 transform_attribute_t *tattr;
482 enumerator_t *enumerator;
483 u_int16_t key_length = 0;
484
485 enumerator = transform->create_attribute_enumerator(transform);
486 while (enumerator->enumerate(enumerator, &tattr))
487 {
488 if (tattr->get_attribute_type(tattr) == TATTR_IKEV2_KEY_LENGTH)
489 {
490 key_length = tattr->get_value(tattr);
491 break;
492 }
493 }
494 enumerator->destroy(enumerator);
495
496 proposal->add_algorithm(proposal,
497 transform->get_transform_type_or_number(transform),
498 transform->get_transform_id(transform), key_length);
499 }
500
501 /**
502 * Map IKEv1 to IKEv2 algorithms
503 */
504 typedef struct {
505 u_int16_t ikev1;
506 u_int16_t ikev2;
507 } algo_map_t;
508
509 /**
510 * Encryption algorithm mapping
511 */
512 static algo_map_t map_encr[] = {
513 { IKEV1_ENCR_DES_CBC, ENCR_DES },
514 { IKEV1_ENCR_IDEA_CBC, ENCR_IDEA },
515 { IKEV1_ENCR_BLOWFISH_CBC, ENCR_BLOWFISH },
516 { IKEV1_ENCR_3DES_CBC, ENCR_3DES },
517 { IKEV1_ENCR_CAST_CBC, ENCR_CAST },
518 { IKEV1_ENCR_AES_CBC, ENCR_AES_CBC },
519 { IKEV1_ENCR_CAMELLIA_CBC, ENCR_CAMELLIA_CBC },
520 { IKEV1_ENCR_SERPENT_CBC, ENCR_SERPENT_CBC },
521 { IKEV1_ENCR_TWOFISH_CBC, ENCR_TWOFISH_CBC },
522 };
523
524 /**
525 * Integrity algorithm mapping
526 */
527 static algo_map_t map_integ[] = {
528 { IKEV1_HASH_MD5, AUTH_HMAC_MD5_96 },
529 { IKEV1_HASH_SHA1, AUTH_HMAC_SHA1_96 },
530 { IKEV1_HASH_SHA2_256, AUTH_HMAC_SHA2_256_128 },
531 { IKEV1_HASH_SHA2_384, AUTH_HMAC_SHA2_384_192 },
532 { IKEV1_HASH_SHA2_512, AUTH_HMAC_SHA2_512_256 },
533 };
534
535 /**
536 * PRF algorithm mapping
537 */
538 static algo_map_t map_prf[] = {
539 { IKEV1_HASH_MD5, PRF_HMAC_MD5 },
540 { IKEV1_HASH_SHA1, PRF_HMAC_SHA1 },
541 { IKEV1_HASH_SHA2_256, PRF_HMAC_SHA2_256 },
542 { IKEV1_HASH_SHA2_384, PRF_HMAC_SHA2_384 },
543 { IKEV1_HASH_SHA2_512, PRF_HMAC_SHA2_512 },
544 };
545
546 /**
547 * ESP encryption algorithm mapping
548 */
549 static algo_map_t map_esp_encr[] = {
550 { IKEV1_ESP_ENCR_DES_IV64, ENCR_DES_IV64 },
551 { IKEV1_ESP_ENCR_DES, ENCR_DES },
552 { IKEV1_ESP_ENCR_3DES, ENCR_3DES },
553 { IKEV1_ESP_ENCR_RC5, ENCR_RC5 },
554 { IKEV1_ESP_ENCR_IDEA, ENCR_IDEA },
555 { IKEV1_ESP_ENCR_CAST, ENCR_CAST },
556 { IKEV1_ESP_ENCR_BLOWFISH, ENCR_BLOWFISH },
557 { IKEV1_ESP_ENCR_3IDEA, ENCR_3IDEA },
558 { IKEV1_ESP_ENCR_DES_IV32, ENCR_DES_IV32 },
559 { IKEV1_ESP_ENCR_NULL, ENCR_NULL },
560 { IKEV1_ESP_ENCR_AES_CBC, ENCR_AES_CBC },
561 { IKEV1_ESP_ENCR_AES_CTR, ENCR_AES_CTR },
562 { IKEV1_ESP_ENCR_AES_CCM_8, ENCR_AES_CCM_ICV8 },
563 { IKEV1_ESP_ENCR_AES_CCM_12, ENCR_AES_CCM_ICV12 },
564 { IKEV1_ESP_ENCR_AES_CCM_16, ENCR_AES_CCM_ICV16 },
565 { IKEV1_ESP_ENCR_AES_GCM_8, ENCR_AES_GCM_ICV8 },
566 { IKEV1_ESP_ENCR_AES_GCM_12, ENCR_AES_GCM_ICV12 },
567 { IKEV1_ESP_ENCR_AES_GCM_16, ENCR_AES_GCM_ICV16 },
568 { IKEV1_ESP_ENCR_CAMELLIA, ENCR_CAMELLIA_CBC },
569 { IKEV1_ESP_ENCR_NULL_AUTH_AES_GMAC, ENCR_NULL_AUTH_AES_GMAC },
570 { IKEV1_ESP_ENCR_SERPENT, ENCR_SERPENT_CBC },
571 { IKEV1_ESP_ENCR_TWOFISH, ENCR_TWOFISH_CBC },
572 };
573
574 /**
575 * ESP authentication algorithm mapping
576 */
577 static algo_map_t map_esp_auth[] = {
578 { IKEV1_ESP_AUTH_HMAC_MD5, AUTH_HMAC_MD5_96 },
579 { IKEV1_ESP_AUTH_HMAC_SHA, AUTH_HMAC_SHA1_96 },
580 { IKEV1_ESP_AUTH_DES_MAC, AUTH_DES_MAC },
581 { IKEV1_ESP_AUTH_KPDK, AUTH_KPDK_MD5 },
582 { IKEV1_ESP_AUTH_HMAC_SHA2_256, AUTH_HMAC_SHA2_256_128 },
583 { IKEV1_ESP_AUTH_HMAC_SHA2_384, AUTH_HMAC_SHA2_384_192 },
584 { IKEV1_ESP_AUTH_HMAC_SHA2_512, AUTH_HMAC_SHA2_512_256 },
585 { IKEV1_ESP_AUTH_AES_XCBC_MAC, AUTH_AES_XCBC_96 },
586 { IKEV1_ESP_AUTH_AES_128_GMAC, AUTH_AES_128_GMAC },
587 { IKEV1_ESP_AUTH_AES_192_GMAC, AUTH_AES_192_GMAC },
588 { IKEV1_ESP_AUTH_AES_256_GMAC, AUTH_AES_256_GMAC },
589 };
590
591 /**
592 * Get IKEv2 algorithm from IKEv1 identifier
593 */
594 static u_int16_t get_alg_from_ikev1(transform_type_t type, u_int16_t value)
595 {
596 algo_map_t *map;
597 u_int16_t def;
598 int i, count;
599
600 switch (type)
601 {
602 case ENCRYPTION_ALGORITHM:
603 map = map_encr;
604 count = countof(map_encr);
605 def = ENCR_UNDEFINED;
606 break;
607 case INTEGRITY_ALGORITHM:
608 map = map_integ;
609 count = countof(map_integ);
610 def = AUTH_UNDEFINED;
611 break;
612 case PSEUDO_RANDOM_FUNCTION:
613 map = map_prf;
614 count = countof(map_prf);
615 def = PRF_UNDEFINED;
616 break;
617 default:
618 return 0;
619 }
620 for (i = 0; i < count; i++)
621 {
622 if (map[i].ikev1 == value)
623 {
624 return map[i].ikev2;
625 }
626 }
627 return def;
628 }
629
630 /**
631 * Get IKEv1 algorithm from IKEv2 identifier
632 */
633 static u_int16_t get_ikev1_from_alg(transform_type_t type, u_int16_t value)
634 {
635 algo_map_t *map;
636 int i, count;
637
638 switch (type)
639 {
640 case ENCRYPTION_ALGORITHM:
641 map = map_encr;
642 count = countof(map_encr);
643 break;
644 case INTEGRITY_ALGORITHM:
645 map = map_integ;
646 count = countof(map_integ);
647 break;
648 case PSEUDO_RANDOM_FUNCTION:
649 map = map_prf;
650 count = countof(map_prf);
651 break;
652 default:
653 return 0;
654 }
655 for (i = 0; i < count; i++)
656 {
657 if (map[i].ikev2 == value)
658 {
659 return map[i].ikev1;
660 }
661 }
662 return 0;
663 }
664
665 /**
666 * Get IKEv2 algorithm from IKEv1 ESP transaction ID
667 */
668 static u_int16_t get_alg_from_ikev1_transid(transform_type_t type, u_int16_t value)
669 {
670 algo_map_t *map;
671 u_int16_t def;
672 int i, count;
673
674 switch (type)
675 {
676 case ENCRYPTION_ALGORITHM:
677 map = map_esp_encr;
678 count = countof(map_esp_encr);
679 def = ENCR_UNDEFINED;
680 break;
681 case INTEGRITY_ALGORITHM:
682 map = map_esp_auth;
683 count = countof(map_esp_auth);
684 def = AUTH_UNDEFINED;
685 break;
686 default:
687 return 0;
688 }
689 for (i = 0; i < count; i++)
690 {
691 if (map[i].ikev1 == value)
692 {
693 return map[i].ikev2;
694 }
695 }
696 return def;
697 }
698
699 /**
700 * Get IKEv1 ESP transaction ID from IKEv2 identifier
701 */
702 static u_int16_t get_ikev1_transid_from_alg(transform_type_t type, u_int16_t value)
703 {
704 algo_map_t *map;
705 int i, count;
706
707 switch (type)
708 {
709 case ENCRYPTION_ALGORITHM:
710 map = map_esp_encr;
711 count = countof(map_esp_encr);
712 break;
713 case INTEGRITY_ALGORITHM:
714 map = map_esp_auth;
715 count = countof(map_esp_auth);
716 break;
717 default:
718 return 0;
719 }
720 for (i = 0; i < count; i++)
721 {
722 if (map[i].ikev2 == value)
723 {
724 return map[i].ikev1;
725 }
726 }
727 return 0;
728 }
729 /**
730 * Get IKEv1 authentication attribute from auth_method_t
731 */
732 static u_int16_t get_ikev1_auth(auth_method_t method)
733 {
734 switch (method)
735 {
736 case AUTH_RSA:
737 return IKEV1_AUTH_RSA_SIG;
738 case AUTH_DSS:
739 return IKEV1_AUTH_DSS_SIG;
740 case AUTH_XAUTH_INIT_PSK:
741 return IKEV1_AUTH_XAUTH_INIT_PSK;
742 case AUTH_XAUTH_INIT_RSA:
743 return IKEV1_AUTH_XAUTH_INIT_RSA;
744 case AUTH_HYBRID_INIT_RSA:
745 return IKEV1_AUTH_HYBRID_INIT_RSA;
746 case AUTH_ECDSA_256:
747 return IKEV1_AUTH_ECDSA_256;
748 case AUTH_ECDSA_384:
749 return IKEV1_AUTH_ECDSA_384;
750 case AUTH_ECDSA_521:
751 return IKEV1_AUTH_ECDSA_521;
752 case AUTH_PSK:
753 default:
754 return IKEV1_AUTH_PSK;
755 }
756 }
757
758 /**
759 * Get IKEv1 encapsulation mode
760 */
761 static u_int16_t get_ikev1_mode(ipsec_mode_t mode, bool udp)
762 {
763 switch (mode)
764 {
765 case MODE_TUNNEL:
766 return udp ? IKEV1_ENCAP_UDP_TUNNEL : IKEV1_ENCAP_TUNNEL;
767 case MODE_TRANSPORT:
768 return udp ? IKEV1_ENCAP_UDP_TRANSPORT : IKEV1_ENCAP_TRANSPORT;
769 default:
770 return IKEV1_ENCAP_TUNNEL;
771 }
772 }
773
774 /**
775 * Add an IKE transform to a proposal for IKEv1
776 */
777 static void add_to_proposal_v1_ike(proposal_t *proposal,
778 transform_substructure_t *transform)
779 {
780 transform_attribute_type_t type;
781 transform_attribute_t *tattr;
782 enumerator_t *enumerator;
783 u_int16_t value, key_length = 0;
784 u_int16_t encr = ENCR_UNDEFINED;
785
786 enumerator = transform->create_attribute_enumerator(transform);
787 while (enumerator->enumerate(enumerator, &tattr))
788 {
789 type = tattr->get_attribute_type(tattr);
790 value = tattr->get_value(tattr);
791 switch (type)
792 {
793 case TATTR_PH1_ENCRYPTION_ALGORITHM:
794 encr = get_alg_from_ikev1(ENCRYPTION_ALGORITHM, value);
795 break;
796 case TATTR_PH1_KEY_LENGTH:
797 key_length = value;
798 break;
799 case TATTR_PH1_HASH_ALGORITHM:
800 proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM,
801 get_alg_from_ikev1(INTEGRITY_ALGORITHM, value), 0);
802 proposal->add_algorithm(proposal, PSEUDO_RANDOM_FUNCTION,
803 get_alg_from_ikev1(PSEUDO_RANDOM_FUNCTION, value), 0);
804 break;
805 case TATTR_PH1_GROUP:
806 proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
807 value, 0);
808 break;
809 default:
810 break;
811 }
812 }
813 enumerator->destroy(enumerator);
814
815 if (encr != ENCR_UNDEFINED)
816 {
817 proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr, key_length);
818 }
819 }
820
821 /**
822 * Add an ESP transform to a proposal for IKEv1
823 */
824 static void add_to_proposal_v1_esp(proposal_t *proposal,
825 transform_substructure_t *transform)
826 {
827 transform_attribute_type_t type;
828 transform_attribute_t *tattr;
829 enumerator_t *enumerator;
830 u_int16_t encr, value, key_length = 0;
831
832 enumerator = transform->create_attribute_enumerator(transform);
833 while (enumerator->enumerate(enumerator, &tattr))
834 {
835 type = tattr->get_attribute_type(tattr);
836 value = tattr->get_value(tattr);
837 switch (type)
838 {
839 case TATTR_PH2_KEY_LENGTH:
840 key_length = value;
841 break;
842 case TATTR_PH2_AUTH_ALGORITHM:
843 proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM,
844 get_alg_from_ikev1_transid(INTEGRITY_ALGORITHM,
845 value), 0);
846 break;
847 case TATTR_PH2_GROUP:
848 proposal->add_algorithm(proposal, DIFFIE_HELLMAN_GROUP,
849 value, 0);
850 break;
851 default:
852 break;
853 }
854 }
855 enumerator->destroy(enumerator);
856
857 /* TODO-IKEv1: handle ESN attribute */
858 proposal->add_algorithm(proposal, EXTENDED_SEQUENCE_NUMBERS,
859 NO_EXT_SEQ_NUMBERS, 0);
860 encr = get_alg_from_ikev1_transid(ENCRYPTION_ALGORITHM,
861 transform->get_transform_id(transform));
862 if (encr)
863 {
864 proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, encr,
865 key_length);
866 }
867 }
868
869 METHOD(proposal_substructure_t, get_proposals, void,
870 private_proposal_substructure_t *this, linked_list_t *proposals)
871 {
872 transform_substructure_t *transform;
873 enumerator_t *enumerator;
874 proposal_t *proposal = NULL;
875 u_int64_t spi = 0;
876
877 switch (this->spi.len)
878 {
879 case 4:
880 spi = *((u_int32_t*)this->spi.ptr);
881 break;
882 case 8:
883 spi = *((u_int64_t*)this->spi.ptr);
884 break;
885 default:
886 break;
887 }
888
889 enumerator = this->transforms->create_enumerator(this->transforms);
890 while (enumerator->enumerate(enumerator, &transform))
891 {
892 if (!proposal)
893 {
894 proposal = proposal_create(this->protocol_id, this->proposal_number);
895 proposal->set_spi(proposal, spi);
896 proposals->insert_last(proposals, proposal);
897 }
898 if (this->type == PROPOSAL_SUBSTRUCTURE)
899 {
900 add_to_proposal_v2(proposal, transform);
901 }
902 else
903 {
904 switch (this->protocol_id)
905 {
906 case PROTO_IKE:
907 add_to_proposal_v1_ike(proposal, transform);
908 break;
909 case PROTO_ESP:
910 add_to_proposal_v1_esp(proposal, transform);
911 break;
912 default:
913 break;
914 }
915 /* create a new proposal for each transform in IKEv1 */
916 proposal = NULL;
917 }
918 }
919 enumerator->destroy(enumerator);
920 }
921
922 METHOD(proposal_substructure_t, create_substructure_enumerator, enumerator_t*,
923 private_proposal_substructure_t *this)
924 {
925 return this->transforms->create_enumerator(this->transforms);
926 }
927
928 /**
929 * Get an attribute from any transform, 0 if not found
930 */
931 static u_int64_t get_attr(private_proposal_substructure_t *this,
932 transform_attribute_type_t type)
933 {
934 enumerator_t *transforms, *attributes;
935 transform_substructure_t *transform;
936 transform_attribute_t *attr;
937
938 transforms = this->transforms->create_enumerator(this->transforms);
939 while (transforms->enumerate(transforms, &transform))
940 {
941 attributes = transform->create_attribute_enumerator(transform);
942 while (attributes->enumerate(attributes, &attr))
943 {
944 if (attr->get_attribute_type(attr) == type)
945 {
946 attributes->destroy(attributes);
947 transforms->destroy(transforms);
948 return attr->get_value(attr);
949 }
950 }
951 attributes->destroy(attributes);
952 }
953 transforms->destroy(transforms);
954 return 0;
955 }
956
957 /**
958 * Look up a lifetime duration of a given kind in all transforms
959 */
960 static u_int64_t get_life_duration(private_proposal_substructure_t *this,
961 transform_attribute_type_t type_attr, ikev1_life_type_t type,
962 transform_attribute_type_t dur_attr)
963 {
964 enumerator_t *transforms, *attributes;
965 transform_substructure_t *transform;
966 transform_attribute_t *attr;
967
968 transforms = this->transforms->create_enumerator(this->transforms);
969 while (transforms->enumerate(transforms, &transform))
970 {
971 attributes = transform->create_attribute_enumerator(transform);
972 while (attributes->enumerate(attributes, &attr))
973 {
974 if (attr->get_attribute_type(attr) == type_attr &&
975 attr->get_value(attr) == type)
976 { /* got type attribute, look for duration following next */
977 while (attributes->enumerate(attributes, &attr))
978 {
979 if (attr->get_attribute_type(attr) == dur_attr)
980 {
981 attributes->destroy(attributes);
982 transforms->destroy(transforms);
983 return attr->get_value(attr);
984 }
985 }
986 }
987 }
988 attributes->destroy(attributes);
989 }
990 transforms->destroy(transforms);
991 return 0;
992 }
993
994 METHOD(proposal_substructure_t, get_lifetime, u_int32_t,
995 private_proposal_substructure_t *this)
996 {
997 u_int32_t duration;
998
999 switch (this->protocol_id)
1000 {
1001 case PROTO_IKE:
1002 return get_life_duration(this, TATTR_PH1_LIFE_TYPE,
1003 IKEV1_LIFE_TYPE_SECONDS, TATTR_PH1_LIFE_DURATION);
1004 case PROTO_ESP:
1005 duration = get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE,
1006 IKEV1_LIFE_TYPE_SECONDS, TATTR_PH2_SA_LIFE_DURATION);
1007 if (!duration)
1008 { /* default to 8 hours, RFC 2407 */
1009 return 28800;
1010 }
1011 return duration;
1012 default:
1013 return 0;
1014 }
1015 }
1016
1017 METHOD(proposal_substructure_t, get_lifebytes, u_int64_t,
1018 private_proposal_substructure_t *this)
1019 {
1020 switch (this->protocol_id)
1021 {
1022 case PROTO_ESP:
1023 return 1000 * get_life_duration(this, TATTR_PH2_SA_LIFE_TYPE,
1024 IKEV1_LIFE_TYPE_KILOBYTES, TATTR_PH2_SA_LIFE_DURATION);
1025 case PROTO_IKE:
1026 default:
1027 return 0;
1028 }
1029 }
1030
1031 METHOD(proposal_substructure_t, get_auth_method, auth_method_t,
1032 private_proposal_substructure_t *this)
1033 {
1034 switch (get_attr(this, TATTR_PH1_AUTH_METHOD))
1035 {
1036 case IKEV1_AUTH_PSK:
1037 return AUTH_PSK;
1038 case IKEV1_AUTH_RSA_SIG:
1039 return AUTH_RSA;
1040 case IKEV1_AUTH_DSS_SIG:
1041 return AUTH_DSS;
1042 case IKEV1_AUTH_XAUTH_INIT_PSK:
1043 return AUTH_XAUTH_INIT_PSK;
1044 case IKEV1_AUTH_XAUTH_INIT_RSA:
1045 return AUTH_XAUTH_INIT_RSA;
1046 case IKEV1_AUTH_HYBRID_INIT_RSA:
1047 return AUTH_HYBRID_INIT_RSA;
1048 case IKEV1_AUTH_ECDSA_256:
1049 return AUTH_ECDSA_256;
1050 case IKEV1_AUTH_ECDSA_384:
1051 return AUTH_ECDSA_384;
1052 case IKEV1_AUTH_ECDSA_521:
1053 return AUTH_ECDSA_521;
1054 default:
1055 return AUTH_NONE;
1056 }
1057 }
1058
1059 METHOD(proposal_substructure_t, get_encap_mode, ipsec_mode_t,
1060 private_proposal_substructure_t *this, bool *udp)
1061 {
1062 *udp = FALSE;
1063 switch (get_attr(this, TATTR_PH2_ENCAP_MODE))
1064 {
1065 case IKEV1_ENCAP_TRANSPORT:
1066 return MODE_TRANSPORT;
1067 case IKEV1_ENCAP_TUNNEL:
1068 return MODE_TUNNEL;
1069 case IKEV1_ENCAP_UDP_TRANSPORT:
1070 *udp = TRUE;
1071 return MODE_TRANSPORT;
1072 case IKEV1_ENCAP_UDP_TUNNEL:
1073 *udp = TRUE;
1074 return MODE_TUNNEL;
1075 default:
1076 /* default to TUNNEL, RFC 2407 says implementation specific */
1077 return MODE_TUNNEL;
1078 }
1079 }
1080
1081 METHOD2(payload_t, proposal_substructure_t, destroy, void,
1082 private_proposal_substructure_t *this)
1083 {
1084 this->transforms->destroy_offset(this->transforms,
1085 offsetof(payload_t, destroy));
1086 chunk_free(&this->spi);
1087 free(this);
1088 }
1089
1090 /*
1091 * Described in header.
1092 */
1093 proposal_substructure_t *proposal_substructure_create(payload_type_t type)
1094 {
1095 private_proposal_substructure_t *this;
1096
1097 INIT(this,
1098 .public = {
1099 .payload_interface = {
1100 .verify = _verify,
1101 .get_encoding_rules = _get_encoding_rules,
1102 .get_header_length = _get_header_length,
1103 .get_length = _get_length,
1104 .get_next_type = _get_next_type,
1105 .set_next_type = _set_next_type,
1106 .get_type = _get_type,
1107 .destroy = _destroy,
1108 },
1109 .set_proposal_number = _set_proposal_number,
1110 .get_proposal_number = _get_proposal_number,
1111 .set_protocol_id = _set_protocol_id,
1112 .get_protocol_id = _get_protocol_id,
1113 .set_is_last_proposal = _set_is_last_proposal,
1114 .get_proposals = _get_proposals,
1115 .create_substructure_enumerator = _create_substructure_enumerator,
1116 .set_spi = _set_spi,
1117 .get_spi = _get_spi,
1118 .get_lifetime = _get_lifetime,
1119 .get_lifebytes = _get_lifebytes,
1120 .get_auth_method = _get_auth_method,
1121 .get_encap_mode = _get_encap_mode,
1122 .destroy = _destroy,
1123 },
1124 .next_payload = NO_PAYLOAD,
1125 .transforms = linked_list_create(),
1126 .type = type,
1127 );
1128 compute_length(this);
1129
1130 return &this->public;
1131 }
1132
1133 /**
1134 * Add an IKEv1 IKE proposal to the substructure
1135 */
1136 static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
1137 proposal_t *proposal, u_int32_t lifetime,
1138 auth_method_t method, int number)
1139 {
1140 transform_substructure_t *transform;
1141 u_int16_t alg, key_size;
1142 enumerator_t *enumerator;
1143
1144 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
1145 number, IKEV1_TRANSID_KEY_IKE);
1146
1147 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
1148 if (enumerator->enumerate(enumerator, &alg, &key_size))
1149 {
1150 alg = get_ikev1_from_alg(ENCRYPTION_ALGORITHM, alg);
1151 if (alg)
1152 {
1153 transform->add_transform_attribute(transform,
1154 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1155 TATTR_PH1_ENCRYPTION_ALGORITHM, alg));
1156 if (key_size)
1157 {
1158 transform->add_transform_attribute(transform,
1159 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1160 TATTR_PH1_KEY_LENGTH, key_size));
1161 }
1162 }
1163 }
1164 enumerator->destroy(enumerator);
1165
1166 /* encode the integrity algorithm as hash and assume use the same PRF */
1167 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1168 if (enumerator->enumerate(enumerator, &alg, &key_size))
1169 {
1170 alg = get_ikev1_from_alg(INTEGRITY_ALGORITHM, alg);
1171 if (alg)
1172 {
1173 transform->add_transform_attribute(transform,
1174 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1175 TATTR_PH1_HASH_ALGORITHM, alg));
1176 }
1177 }
1178 enumerator->destroy(enumerator);
1179
1180 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1181 if (enumerator->enumerate(enumerator, &alg, &key_size))
1182 {
1183 transform->add_transform_attribute(transform,
1184 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1185 TATTR_PH1_GROUP, alg));
1186 }
1187 enumerator->destroy(enumerator);
1188
1189 transform->add_transform_attribute(transform,
1190 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1191 TATTR_PH1_AUTH_METHOD, get_ikev1_auth(method)));
1192 transform->add_transform_attribute(transform,
1193 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1194 TATTR_PH1_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
1195 transform->add_transform_attribute(transform,
1196 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1197 TATTR_PH1_LIFE_DURATION, lifetime));
1198
1199 add_transform_substructure(this, transform);
1200 }
1201
1202 /**
1203 * Add an IKEv1 ESP proposal to the substructure
1204 */
1205 static void set_from_proposal_v1_esp(private_proposal_substructure_t *this,
1206 proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
1207 ipsec_mode_t mode, bool udp, int number)
1208 {
1209 transform_substructure_t *transform = NULL;
1210 u_int16_t alg, key_size;
1211 enumerator_t *enumerator;
1212
1213 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
1214 if (enumerator->enumerate(enumerator, &alg, &key_size))
1215 {
1216 alg = get_ikev1_transid_from_alg(ENCRYPTION_ALGORITHM, alg);
1217 if (alg)
1218 {
1219 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
1220 number, alg);
1221 if (key_size)
1222 {
1223 transform->add_transform_attribute(transform,
1224 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1225 TATTR_PH2_KEY_LENGTH, key_size));
1226 }
1227 }
1228 }
1229 enumerator->destroy(enumerator);
1230 if (!transform)
1231 {
1232 return;
1233 }
1234
1235 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1236 if (enumerator->enumerate(enumerator, &alg, &key_size))
1237 {
1238 alg = get_ikev1_transid_from_alg(INTEGRITY_ALGORITHM, alg);
1239 if (alg)
1240 {
1241 transform->add_transform_attribute(transform,
1242 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1243 TATTR_PH2_AUTH_ALGORITHM, alg));
1244 }
1245 }
1246 enumerator->destroy(enumerator);
1247
1248 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1249 if (enumerator->enumerate(enumerator, &alg, &key_size))
1250 {
1251 transform->add_transform_attribute(transform,
1252 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1253 TATTR_PH2_GROUP, alg));
1254 }
1255 enumerator->destroy(enumerator);
1256
1257 transform->add_transform_attribute(transform,
1258 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1259 TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
1260 if (lifetime)
1261 {
1262 transform->add_transform_attribute(transform,
1263 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1264 TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
1265 transform->add_transform_attribute(transform,
1266 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1267 TATTR_PH2_SA_LIFE_DURATION, lifetime));
1268 }
1269 if (lifebytes)
1270 {
1271 transform->add_transform_attribute(transform,
1272 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1273 TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
1274 transform->add_transform_attribute(transform,
1275 transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
1276 TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
1277 }
1278
1279 add_transform_substructure(this, transform);
1280 }
1281
1282 /**
1283 * Add an IKEv2 proposal to the substructure
1284 */
1285 static void set_from_proposal_v2(private_proposal_substructure_t *this,
1286 proposal_t *proposal)
1287 {
1288 transform_substructure_t *transform;
1289 u_int16_t alg, key_size;
1290 enumerator_t *enumerator;
1291
1292 /* encryption algorithm is only available in ESP */
1293 enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
1294 while (enumerator->enumerate(enumerator, &alg, &key_size))
1295 {
1296 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1297 ENCRYPTION_ALGORITHM, alg);
1298 if (key_size)
1299 {
1300 transform->add_transform_attribute(transform,
1301 transform_attribute_create_value(TRANSFORM_ATTRIBUTE,
1302 TATTR_IKEV2_KEY_LENGTH, key_size));
1303 }
1304 add_transform_substructure(this, transform);
1305 }
1306 enumerator->destroy(enumerator);
1307
1308 /* integrity algorithms */
1309 enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
1310 while (enumerator->enumerate(enumerator, &alg, &key_size))
1311 {
1312 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1313 INTEGRITY_ALGORITHM, alg);
1314 add_transform_substructure(this, transform);
1315 }
1316 enumerator->destroy(enumerator);
1317
1318 /* prf algorithms */
1319 enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION);
1320 while (enumerator->enumerate(enumerator, &alg, &key_size))
1321 {
1322 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1323 PSEUDO_RANDOM_FUNCTION, alg);
1324 add_transform_substructure(this, transform);
1325 }
1326 enumerator->destroy(enumerator);
1327
1328 /* dh groups */
1329 enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
1330 while (enumerator->enumerate(enumerator, &alg, NULL))
1331 {
1332 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1333 DIFFIE_HELLMAN_GROUP, alg);
1334 add_transform_substructure(this, transform);
1335 }
1336 enumerator->destroy(enumerator);
1337
1338 /* extended sequence numbers */
1339 enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS);
1340 while (enumerator->enumerate(enumerator, &alg, NULL))
1341 {
1342 transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
1343 EXTENDED_SEQUENCE_NUMBERS, alg);
1344 add_transform_substructure(this, transform);
1345 }
1346 enumerator->destroy(enumerator);
1347 }
1348
1349 /**
1350 * Set SPI and other data from proposal, compute length
1351 */
1352 static void set_data(private_proposal_substructure_t *this, proposal_t *proposal)
1353 {
1354 u_int64_t spi64;
1355 u_int32_t spi32;
1356
1357 /* add SPI, if necessary */
1358 switch (proposal->get_protocol(proposal))
1359 {
1360 case PROTO_AH:
1361 case PROTO_ESP:
1362 spi32 = proposal->get_spi(proposal);
1363 this->spi = chunk_clone(chunk_from_thing(spi32));
1364 this->spi_size = this->spi.len;
1365 break;
1366 case PROTO_IKE:
1367 spi64 = proposal->get_spi(proposal);
1368 if (spi64)
1369 { /* IKE only uses SPIS when rekeying, but on initial setup */
1370 this->spi = chunk_clone(chunk_from_thing(spi64));
1371 this->spi_size = this->spi.len;
1372 }
1373 break;
1374 default:
1375 break;
1376 }
1377 this->proposal_number = proposal->get_number(proposal);
1378 this->protocol_id = proposal->get_protocol(proposal);
1379 compute_length(this);
1380 }
1381
1382 /*
1383 * Described in header.
1384 */
1385 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
1386 proposal_t *proposal)
1387 {
1388 private_proposal_substructure_t *this;
1389
1390 this = (private_proposal_substructure_t*)
1391 proposal_substructure_create(SECURITY_ASSOCIATION);
1392 set_from_proposal_v2(this, proposal);
1393 set_data(this, proposal);
1394
1395 return &this->public;
1396 }
1397
1398 /**
1399 * See header.
1400 */
1401 proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
1402 proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
1403 auth_method_t auth, ipsec_mode_t mode, bool udp)
1404 {
1405 private_proposal_substructure_t *this;
1406
1407 this = (private_proposal_substructure_t*)
1408 proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
1409 switch (proposal->get_protocol(proposal))
1410 {
1411 case PROTO_IKE:
1412 set_from_proposal_v1_ike(this, proposal, lifetime, auth, 1);
1413 break;
1414 case PROTO_ESP:
1415 set_from_proposal_v1_esp(this, proposal, lifetime,
1416 lifebytes, mode, udp, 1);
1417 break;
1418 default:
1419 break;
1420 }
1421 set_data(this, proposal);
1422
1423 return &this->public;
1424 }
1425
1426 /**
1427 * See header.
1428 */
1429 proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
1430 linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
1431 auth_method_t auth, ipsec_mode_t mode, bool udp)
1432 {
1433 private_proposal_substructure_t *this = NULL;
1434 enumerator_t *enumerator;
1435 proposal_t *proposal;
1436 int number = 0;
1437
1438 enumerator = proposals->create_enumerator(proposals);
1439 while (enumerator->enumerate(enumerator, &proposal))
1440 {
1441 if (!this)
1442 {
1443 this = (private_proposal_substructure_t*)
1444 proposal_substructure_create_from_proposal_v1(
1445 proposal, lifetime, lifebytes, auth, mode, udp);
1446 ++number;
1447 }
1448 else
1449 {
1450 switch (proposal->get_protocol(proposal))
1451 {
1452 case PROTO_IKE:
1453 set_from_proposal_v1_ike(this, proposal, lifetime,
1454 auth, ++number);
1455 break;
1456 case PROTO_ESP:
1457 set_from_proposal_v1_esp(this, proposal, lifetime,
1458 lifebytes, mode, udp, ++number);
1459 break;
1460 default:
1461 break;
1462 }
1463 }
1464 }
1465 enumerator->destroy(enumerator);
1466
1467 return &this->public;
1468 }