Added missing auth_method_t enum names
[strongswan.git] / src / libcharon / sa / authenticators / authenticator.c
1 /*
2 * Copyright (C) 2006-2009 Martin Willi
3 * Copyright (C) 2008 Tobias Brunner
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #include <string.h>
18
19 #include "authenticator.h"
20
21 #include <sa/authenticators/pubkey_authenticator.h>
22 #include <sa/authenticators/psk_authenticator.h>
23 #include <sa/authenticators/eap_authenticator.h>
24 #include <sa/authenticators/psk_v1_authenticator.h>
25 #include <sa/authenticators/pubkey_v1_authenticator.h>
26 #include <encoding/payloads/auth_payload.h>
27
28
29 ENUM_BEGIN(auth_method_names, AUTH_RSA, AUTH_DSS,
30 "RSA signature",
31 "pre-shared key",
32 "DSS signature");
33 ENUM_NEXT(auth_method_names, AUTH_ECDSA_256, AUTH_ECDSA_521, AUTH_DSS,
34 "ECDSA-256 signature",
35 "ECDSA-384 signature",
36 "ECDSA-521 signature");
37 ENUM_NEXT(auth_method_names, AUTH_XAUTH_INIT_PSK, AUTH_HYBRID_RESP_RSA, AUTH_ECDSA_521,
38 "XAuthInitPSK",
39 "XAuthRespPSK",
40 "XAuthInitRSA",
41 "XauthRespRSA",
42 "HybridInitRSA",
43 "HybridRespRSA",
44 );
45 ENUM_END(auth_method_names, AUTH_HYBRID_RESP_RSA);
46
47 /**
48 * Described in header.
49 */
50 authenticator_t *authenticator_create_builder(ike_sa_t *ike_sa, auth_cfg_t *cfg,
51 chunk_t received_nonce, chunk_t sent_nonce,
52 chunk_t received_init, chunk_t sent_init,
53 char reserved[3])
54 {
55 switch ((uintptr_t)cfg->get(cfg, AUTH_RULE_AUTH_CLASS))
56 {
57 case AUTH_CLASS_ANY:
58 /* defaults to PUBKEY */
59 case AUTH_CLASS_PUBKEY:
60 return (authenticator_t*)pubkey_authenticator_create_builder(ike_sa,
61 received_nonce, sent_init, reserved);
62 case AUTH_CLASS_PSK:
63 return (authenticator_t*)psk_authenticator_create_builder(ike_sa,
64 received_nonce, sent_init, reserved);
65 case AUTH_CLASS_EAP:
66 return (authenticator_t*)eap_authenticator_create_builder(ike_sa,
67 received_nonce, sent_nonce,
68 received_init, sent_init, reserved);
69 default:
70 return NULL;
71 }
72 }
73
74 /**
75 * Described in header.
76 */
77 authenticator_t *authenticator_create_verifier(
78 ike_sa_t *ike_sa, message_t *message,
79 chunk_t received_nonce, chunk_t sent_nonce,
80 chunk_t received_init, chunk_t sent_init,
81 char reserved[3])
82 {
83 auth_payload_t *auth_payload;
84
85 auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
86 if (auth_payload == NULL)
87 {
88 return (authenticator_t*)eap_authenticator_create_verifier(ike_sa,
89 received_nonce, sent_nonce,
90 received_init, sent_init, reserved);
91 }
92 switch (auth_payload->get_auth_method(auth_payload))
93 {
94 case AUTH_RSA:
95 case AUTH_ECDSA_256:
96 case AUTH_ECDSA_384:
97 case AUTH_ECDSA_521:
98 return (authenticator_t*)pubkey_authenticator_create_verifier(ike_sa,
99 sent_nonce, received_init, reserved);
100 case AUTH_PSK:
101 return (authenticator_t*)psk_authenticator_create_verifier(ike_sa,
102 sent_nonce, received_init, reserved);
103 default:
104 return NULL;
105 }
106 }
107
108 /**
109 * Described in header.
110 */
111 authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
112 auth_method_t auth_method, diffie_hellman_t *dh,
113 chunk_t dh_value, chunk_t sa_payload)
114 {
115 switch (auth_method)
116 {
117 case AUTH_PSK:
118 case AUTH_XAUTH_INIT_PSK:
119 case AUTH_XAUTH_RESP_PSK:
120 return (authenticator_t*)psk_v1_authenticator_create(ike_sa,
121 initiator, dh, dh_value, sa_payload);
122 case AUTH_RSA:
123 case AUTH_XAUTH_INIT_RSA:
124 case AUTH_XAUTH_RESP_RSA:
125 return (authenticator_t*)pubkey_v1_authenticator_create(ike_sa,
126 initiator, dh, dh_value, sa_payload);
127 default:
128 return NULL;
129 }
130 }