ikev1: Use actual local identity as initiator or aggressive mode responder
[strongswan.git] / src / libcharon / sa / ikev1 / phase1.c
1 /*
2 * Copyright (C) 2012-2017 Tobias Brunner
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * Copyright (C) 2012 Martin Willi
6 * Copyright (C) 2012 revosec AG
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 #include "phase1.h"
20
21 #include <daemon.h>
22 #include <sa/ikev1/keymat_v1.h>
23 #include <encoding/payloads/ke_payload.h>
24 #include <encoding/payloads/nonce_payload.h>
25 #include <collections/linked_list.h>
26
27 typedef struct private_phase1_t private_phase1_t;
28
29 /**
30 * Private data of an phase1_t object.
31 */
32 struct private_phase1_t {
33
34 /**
35 * Public phase1_t interface.
36 */
37 phase1_t public;
38
39 /**
40 * IKE_SA we negotiate
41 */
42 ike_sa_t *ike_sa;
43
44 /**
45 * Currently selected peer config
46 */
47 peer_cfg_t *peer_cfg;
48
49 /**
50 * Other possible peer config candidates
51 */
52 linked_list_t *candidates;
53
54 /**
55 * Acting as initiator
56 */
57 bool initiator;
58
59 /**
60 * Extracted SA payload bytes
61 */
62 chunk_t sa_payload;
63
64 /**
65 * DH exchange
66 */
67 diffie_hellman_t *dh;
68
69 /**
70 * Keymat derivation (from SA)
71 */
72 keymat_v1_t *keymat;
73
74 /**
75 * Received public DH value from peer
76 */
77 chunk_t dh_value;
78
79 /**
80 * Initiators nonce
81 */
82 chunk_t nonce_i;
83
84 /**
85 * Responder nonce
86 */
87 chunk_t nonce_r;
88 };
89
90 /**
91 * Get the first authentication config from peer config
92 */
93 static auth_cfg_t *get_auth_cfg(peer_cfg_t *peer_cfg, bool local)
94 {
95 enumerator_t *enumerator;
96 auth_cfg_t *cfg = NULL;
97
98 enumerator = peer_cfg->create_auth_cfg_enumerator(peer_cfg, local);
99 enumerator->enumerate(enumerator, &cfg);
100 enumerator->destroy(enumerator);
101 return cfg;
102 }
103
104 /**
105 * Find a shared key for the given identities
106 */
107 static shared_key_t *find_shared_key(identification_t *my_id, host_t *me,
108 identification_t *other_id, host_t *other)
109 {
110 identification_t *any_id = NULL;
111 shared_key_t *shared_key;
112
113 if (!other_id)
114 {
115 any_id = identification_create_from_encoding(ID_ANY, chunk_empty);
116 other_id = any_id;
117 }
118 shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE,
119 my_id, other_id);
120 if (!shared_key)
121 {
122 DBG1(DBG_IKE, "no shared key found for '%Y'[%H] - '%Y'[%H]",
123 my_id, me, other_id, other);
124 }
125 DESTROY_IF(any_id);
126 return shared_key;
127 }
128
129 /**
130 * Lookup a shared secret for this IKE_SA
131 */
132 static shared_key_t *lookup_shared_key(private_phase1_t *this,
133 peer_cfg_t *peer_cfg)
134 {
135 host_t *me, *other;
136 identification_t *my_id, *other_id;
137 shared_key_t *shared_key = NULL;
138 auth_cfg_t *my_auth, *other_auth;
139 enumerator_t *enumerator;
140
141 me = this->ike_sa->get_my_host(this->ike_sa);
142 other = this->ike_sa->get_other_host(this->ike_sa);
143
144 if (peer_cfg)
145 { /* as initiator or aggressive responder, use identities */
146 other_auth = get_auth_cfg(peer_cfg, FALSE);
147 if (other_auth)
148 {
149 my_id = this->ike_sa->get_my_id(this->ike_sa);
150 if (peer_cfg->use_aggressive(peer_cfg))
151 {
152 other_id = this->ike_sa->get_other_id(this->ike_sa);
153 }
154 else
155 {
156 other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY);
157 }
158 shared_key = find_shared_key(my_id, me, other_id, other);
159 }
160 }
161 else
162 { /* as responder, we try to find a config by IP addresses and use the
163 * configured identities to find the PSK */
164 enumerator = charon->backends->create_peer_cfg_enumerator(
165 charon->backends, me, other, NULL, NULL, IKEV1);
166 while (enumerator->enumerate(enumerator, &peer_cfg))
167 {
168 my_auth = get_auth_cfg(peer_cfg, TRUE);
169 other_auth = get_auth_cfg(peer_cfg, FALSE);
170 if (my_auth && other_auth)
171 {
172 my_id = my_auth->get(my_auth, AUTH_RULE_IDENTITY);
173 other_id = other_auth->get(other_auth, AUTH_RULE_IDENTITY);
174 if (my_id)
175 {
176 shared_key = find_shared_key(my_id, me, other_id, other);
177 if (shared_key)
178 {
179 break;
180 }
181 }
182 }
183 }
184 enumerator->destroy(enumerator);
185 }
186 if (!shared_key)
187 { /* try to get a PSK for IP addresses */
188 my_id = identification_create_from_sockaddr(me->get_sockaddr(me));
189 other_id = identification_create_from_sockaddr(
190 other->get_sockaddr(other));
191 if (my_id && other_id)
192 {
193 shared_key = lib->credmgr->get_shared(lib->credmgr, SHARED_IKE,
194 my_id, other_id);
195 }
196 DESTROY_IF(my_id);
197 DESTROY_IF(other_id);
198 if (!shared_key)
199 {
200 DBG1(DBG_IKE, "no shared key found for %H - %H", me, other);
201 }
202 }
203 return shared_key;
204 }
205
206 METHOD(phase1_t, create_hasher, bool,
207 private_phase1_t *this)
208 {
209 return this->keymat->create_hasher(this->keymat,
210 this->ike_sa->get_proposal(this->ike_sa));
211 }
212
213 METHOD(phase1_t, create_dh, bool,
214 private_phase1_t *this, diffie_hellman_group_t group)
215 {
216 this->dh = this->keymat->keymat.create_dh(&this->keymat->keymat, group);
217 return this->dh != NULL;
218 }
219
220 METHOD(phase1_t, derive_keys, bool,
221 private_phase1_t *this, peer_cfg_t *peer_cfg, auth_method_t method)
222 {
223 shared_key_t *shared_key = NULL;
224
225 switch (method)
226 {
227 case AUTH_PSK:
228 case AUTH_XAUTH_INIT_PSK:
229 case AUTH_XAUTH_RESP_PSK:
230 shared_key = lookup_shared_key(this, peer_cfg);
231 if (!shared_key)
232 {
233 return FALSE;
234 }
235 break;
236 default:
237 break;
238 }
239
240 if (!this->keymat->derive_ike_keys(this->keymat,
241 this->ike_sa->get_proposal(this->ike_sa),
242 this->dh, this->dh_value, this->nonce_i, this->nonce_r,
243 this->ike_sa->get_id(this->ike_sa), method, shared_key))
244 {
245 DESTROY_IF(shared_key);
246 DBG1(DBG_IKE, "key derivation for %N failed", auth_method_names, method);
247 return FALSE;
248 }
249 charon->bus->ike_keys(charon->bus, this->ike_sa, this->dh, this->dh_value,
250 this->nonce_i, this->nonce_r, NULL, shared_key,
251 method);
252 DESTROY_IF(shared_key);
253 return TRUE;
254 }
255
256 /**
257 * Check if a peer skipped authentication by using Hybrid authentication
258 */
259 static bool skipped_auth(private_phase1_t *this,
260 auth_method_t method, bool local)
261 {
262 bool initiator;
263
264 initiator = local == this->initiator;
265 if (initiator && method == AUTH_HYBRID_INIT_RSA)
266 {
267 return TRUE;
268 }
269 if (!initiator && method == AUTH_HYBRID_RESP_RSA)
270 {
271 return TRUE;
272 }
273 return FALSE;
274 }
275
276 /**
277 * Check if remote authentication constraints fulfilled
278 */
279 static bool check_constraints(private_phase1_t *this, auth_method_t method)
280 {
281 identification_t *id;
282 auth_cfg_t *auth, *cfg;
283 peer_cfg_t *peer_cfg;
284
285 auth = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
286 /* auth identity to comply */
287 id = this->ike_sa->get_other_id(this->ike_sa);
288 auth->add(auth, AUTH_RULE_IDENTITY, id->clone(id));
289 if (skipped_auth(this, method, FALSE))
290 {
291 return TRUE;
292 }
293 peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
294 cfg = get_auth_cfg(peer_cfg, FALSE);
295 return cfg && auth->complies(auth, cfg, TRUE);
296 }
297
298 /**
299 * Save authentication information after authentication succeeded
300 */
301 static void save_auth_cfg(private_phase1_t *this,
302 auth_method_t method, bool local)
303 {
304 auth_cfg_t *auth;
305
306 if (skipped_auth(this, method, local))
307 {
308 return;
309 }
310 auth = auth_cfg_create();
311 /* for local config, we _copy_ entries from the config, as it contains
312 * certificates we must send later. */
313 auth->merge(auth, this->ike_sa->get_auth_cfg(this->ike_sa, local), local);
314 this->ike_sa->add_auth_cfg(this->ike_sa, local, auth);
315 }
316
317 /**
318 * Create an authenticator instance
319 */
320 static authenticator_t* create_authenticator(private_phase1_t *this,
321 auth_method_t method, chunk_t id)
322 {
323 authenticator_t *authenticator;
324
325 authenticator = authenticator_create_v1(this->ike_sa, this->initiator,
326 method, this->dh, this->dh_value, this->sa_payload, id);
327 if (!authenticator)
328 {
329 DBG1(DBG_IKE, "negotiated authentication method %N not supported",
330 auth_method_names, method);
331 }
332 return authenticator;
333 }
334
335 METHOD(phase1_t, verify_auth, bool,
336 private_phase1_t *this, auth_method_t method, message_t *message,
337 chunk_t id_data)
338 {
339 authenticator_t *authenticator;
340 status_t status;
341
342 authenticator = create_authenticator(this, method, id_data);
343 if (authenticator)
344 {
345 status = authenticator->process(authenticator, message);
346 authenticator->destroy(authenticator);
347 if (status == SUCCESS && check_constraints(this, method))
348 {
349 save_auth_cfg(this, method, FALSE);
350 return TRUE;
351 }
352 }
353 return FALSE;
354 }
355
356 METHOD(phase1_t, build_auth, bool,
357 private_phase1_t *this, auth_method_t method, message_t *message,
358 chunk_t id_data)
359 {
360 authenticator_t *authenticator;
361 status_t status;
362
363 authenticator = create_authenticator(this, method, id_data);
364 if (authenticator)
365 {
366 status = authenticator->build(authenticator, message);
367 authenticator->destroy(authenticator);
368 if (status == SUCCESS)
369 {
370 save_auth_cfg(this, method, TRUE);
371 return TRUE;
372 }
373 }
374 return FALSE;
375 }
376
377 /**
378 * Get the two auth classes from local or remote config
379 */
380 static void get_auth_class(peer_cfg_t *peer_cfg, bool local,
381 auth_class_t *c1, auth_class_t *c2)
382 {
383 enumerator_t *enumerator;
384 auth_cfg_t *auth;
385
386 *c1 = *c2 = AUTH_CLASS_ANY;
387
388 enumerator = peer_cfg->create_auth_cfg_enumerator(peer_cfg, local);
389 while (enumerator->enumerate(enumerator, &auth))
390 {
391 if (*c1 == AUTH_CLASS_ANY)
392 {
393 *c1 = (uintptr_t)auth->get(auth, AUTH_RULE_AUTH_CLASS);
394 }
395 else
396 {
397 *c2 = (uintptr_t)auth->get(auth, AUTH_RULE_AUTH_CLASS);
398 break;
399 }
400 }
401 enumerator->destroy(enumerator);
402 }
403
404 /**
405 * Select an auth method to use by checking what key we have
406 */
407 static auth_method_t get_pubkey_method(private_phase1_t *this, auth_cfg_t *auth)
408 {
409 auth_method_t method = AUTH_NONE;
410 identification_t *id;
411 private_key_t *private;
412
413 if (auth)
414 {
415 id = (identification_t*)auth->get(auth, AUTH_RULE_IDENTITY);
416 if (id)
417 {
418 private = lib->credmgr->get_private(lib->credmgr, KEY_ANY, id, NULL);
419 if (private)
420 {
421 switch (private->get_type(private))
422 {
423 case KEY_RSA:
424 method = AUTH_RSA;
425 break;
426 case KEY_ECDSA:
427 switch (private->get_keysize(private))
428 {
429 case 256:
430 method = AUTH_ECDSA_256;
431 break;
432 case 384:
433 method = AUTH_ECDSA_384;
434 break;
435 case 521:
436 method = AUTH_ECDSA_521;
437 break;
438 default:
439 DBG1(DBG_IKE, "%d bit ECDSA private key size not "
440 "supported", private->get_keysize(private));
441 break;
442 }
443 break;
444 default:
445 DBG1(DBG_IKE, "private key of type %N not supported",
446 key_type_names, private->get_type(private));
447 break;
448 }
449 private->destroy(private);
450 }
451 else
452 {
453 DBG1(DBG_IKE, "no private key found for '%Y'", id);
454 }
455 }
456 }
457 return method;
458 }
459
460 /**
461 * Calculate authentication method from a peer config
462 */
463 static auth_method_t calc_auth_method(private_phase1_t *this,
464 peer_cfg_t *peer_cfg)
465 {
466 auth_class_t i1, i2, r1, r2;
467
468 get_auth_class(peer_cfg, this->initiator, &i1, &i2);
469 get_auth_class(peer_cfg, !this->initiator, &r1, &r2);
470
471 if (i1 == AUTH_CLASS_PUBKEY && r1 == AUTH_CLASS_PUBKEY)
472 {
473 if (i2 == AUTH_CLASS_ANY && r2 == AUTH_CLASS_ANY)
474 {
475 /* for any pubkey method, return RSA */
476 return AUTH_RSA;
477 }
478 if (i2 == AUTH_CLASS_XAUTH)
479 {
480 return AUTH_XAUTH_INIT_RSA;
481 }
482 if (r2 == AUTH_CLASS_XAUTH)
483 {
484 return AUTH_XAUTH_RESP_RSA;
485 }
486 }
487 if (i1 == AUTH_CLASS_PSK && r1 == AUTH_CLASS_PSK)
488 {
489 if (i2 == AUTH_CLASS_ANY && r2 == AUTH_CLASS_ANY)
490 {
491 return AUTH_PSK;
492 }
493 if (i2 == AUTH_CLASS_XAUTH)
494 {
495 return AUTH_XAUTH_INIT_PSK;
496 }
497 if (r2 == AUTH_CLASS_XAUTH)
498 {
499 return AUTH_XAUTH_RESP_PSK;
500 }
501 }
502 if (i1 == AUTH_CLASS_XAUTH && r1 == AUTH_CLASS_PUBKEY &&
503 i2 == AUTH_CLASS_ANY && r2 == AUTH_CLASS_ANY)
504 {
505 return AUTH_HYBRID_INIT_RSA;
506 }
507 return AUTH_NONE;
508 }
509
510 METHOD(phase1_t, get_auth_method, auth_method_t,
511 private_phase1_t *this, peer_cfg_t *peer_cfg)
512 {
513 auth_method_t method;
514
515 method = calc_auth_method(this, peer_cfg);
516 if (method == AUTH_RSA)
517 {
518 return get_pubkey_method(this, get_auth_cfg(peer_cfg, TRUE));
519 }
520 return method;
521 }
522
523 /**
524 * Check if a peer config can be used with a given auth method
525 */
526 static bool check_auth_method(private_phase1_t *this, peer_cfg_t *peer_cfg,
527 auth_method_t given)
528 {
529 auth_method_t method;
530
531 method = calc_auth_method(this, peer_cfg);
532 switch (given)
533 {
534 case AUTH_ECDSA_256:
535 case AUTH_ECDSA_384:
536 case AUTH_ECDSA_521:
537 return method == AUTH_RSA;
538 default:
539 return method == given;
540 }
541 }
542
543 METHOD(phase1_t, select_config, peer_cfg_t*,
544 private_phase1_t *this, auth_method_t method, bool aggressive,
545 identification_t *id)
546 {
547 enumerator_t *enumerator;
548 peer_cfg_t *current;
549 host_t *me, *other;
550 int unusable = 0;
551
552 if (this->peer_cfg)
553 { /* try to find an alternative config */
554 if (this->candidates->remove_first(this->candidates,
555 (void**)&current) != SUCCESS)
556 {
557 DBG1(DBG_CFG, "no alternative config found");
558 return NULL;
559 }
560 DBG1(DBG_CFG, "switching to peer config '%s'",
561 current->get_name(current));
562 return current;
563 }
564
565 me = this->ike_sa->get_my_host(this->ike_sa);
566 other = this->ike_sa->get_other_host(this->ike_sa);
567 DBG1(DBG_CFG, "looking for %N peer configs matching %H...%H[%Y]",
568 auth_method_names, method, me, other, id);
569 enumerator = charon->backends->create_peer_cfg_enumerator(charon->backends,
570 me, other, NULL, id, IKEV1);
571 while (enumerator->enumerate(enumerator, &current))
572 {
573 if (check_auth_method(this, current, method) &&
574 current->use_aggressive(current) == aggressive)
575 {
576 current->get_ref(current);
577 if (!this->peer_cfg)
578 {
579 this->peer_cfg = current;
580 }
581 else
582 {
583 this->candidates->insert_last(this->candidates, current);
584 }
585 }
586 else
587 {
588 unusable++;
589 }
590 }
591 enumerator->destroy(enumerator);
592
593 if (this->peer_cfg)
594 {
595 DBG1(DBG_CFG, "selected peer config \"%s\"",
596 this->peer_cfg->get_name(this->peer_cfg));
597 return this->peer_cfg->get_ref(this->peer_cfg);
598 }
599 if (unusable)
600 {
601 DBG1(DBG_IKE, "found %d matching config%s, but none allows %N "
602 "authentication using %s Mode", unusable, unusable > 1 ? "s" : "",
603 auth_method_names, method, aggressive ? "Aggressive" : "Main");
604 return NULL;
605 }
606 DBG1(DBG_IKE, "no peer config found");
607 return NULL;
608 }
609
610 METHOD(phase1_t, get_id, identification_t*,
611 private_phase1_t *this, peer_cfg_t *peer_cfg, bool local)
612 {
613 identification_t *id = NULL;
614 auth_cfg_t *auth;
615
616 auth = get_auth_cfg(peer_cfg, local);
617 if (auth)
618 {
619 id = auth->get(auth, AUTH_RULE_IDENTITY);
620 if (local && (!id || id->get_type(id) == ID_ANY))
621 { /* no ID configured, use local IP address */
622 host_t *me;
623
624 me = this->ike_sa->get_my_host(this->ike_sa);
625 if (!me->is_anyaddr(me))
626 {
627 id = identification_create_from_sockaddr(me->get_sockaddr(me));
628 auth = this->ike_sa->get_auth_cfg(this->ike_sa, TRUE);
629 auth->add(auth, AUTH_RULE_IDENTITY, id);
630 }
631 }
632 }
633 return id;
634 }
635
636 METHOD(phase1_t, has_virtual_ip, bool,
637 private_phase1_t *this, peer_cfg_t *peer_cfg)
638 {
639 enumerator_t *enumerator;
640 bool found = FALSE;
641 host_t *host;
642
643 enumerator = peer_cfg->create_virtual_ip_enumerator(peer_cfg);
644 found = enumerator->enumerate(enumerator, &host);
645 enumerator->destroy(enumerator);
646
647 return found;
648 }
649
650 METHOD(phase1_t, has_pool, bool,
651 private_phase1_t *this, peer_cfg_t *peer_cfg)
652 {
653 enumerator_t *enumerator;
654 bool found = FALSE;
655 char *pool;
656
657 enumerator = peer_cfg->create_pool_enumerator(peer_cfg);
658 found = enumerator->enumerate(enumerator, &pool);
659 enumerator->destroy(enumerator);
660
661 return found;
662 }
663
664 METHOD(phase1_t, save_sa_payload, bool,
665 private_phase1_t *this, message_t *message)
666 {
667 enumerator_t *enumerator;
668 payload_t *payload, *sa = NULL;
669 chunk_t data;
670 size_t offset = IKE_HEADER_LENGTH;
671
672 enumerator = message->create_payload_enumerator(message);
673 while (enumerator->enumerate(enumerator, &payload))
674 {
675 if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
676 {
677 sa = payload;
678 break;
679 }
680 else
681 {
682 offset += payload->get_length(payload);
683 }
684 }
685 enumerator->destroy(enumerator);
686
687 data = message->get_packet_data(message);
688 if (sa && data.len >= offset + sa->get_length(sa))
689 {
690 /* Get SA payload without 4 byte fixed header */
691 data = chunk_skip(data, offset);
692 data.len = sa->get_length(sa);
693 data = chunk_skip(data, 4);
694 this->sa_payload = chunk_clone(data);
695 return TRUE;
696 }
697 DBG1(DBG_IKE, "unable to extract SA payload encoding");
698 return FALSE;
699 }
700
701 METHOD(phase1_t, add_nonce_ke, bool,
702 private_phase1_t *this, message_t *message)
703 {
704 nonce_payload_t *nonce_payload;
705 ke_payload_t *ke_payload;
706 nonce_gen_t *nonceg;
707 chunk_t nonce;
708
709 ke_payload = ke_payload_create_from_diffie_hellman(PLV1_KEY_EXCHANGE,
710 this->dh);
711 if (!ke_payload)
712 {
713 DBG1(DBG_IKE, "creating KE payload failed");
714 return FALSE;
715 }
716 message->add_payload(message, &ke_payload->payload_interface);
717
718 nonceg = this->keymat->keymat.create_nonce_gen(&this->keymat->keymat);
719 if (!nonceg)
720 {
721 DBG1(DBG_IKE, "no nonce generator found to create nonce");
722 return FALSE;
723 }
724 if (!nonceg->allocate_nonce(nonceg, NONCE_SIZE, &nonce))
725 {
726 DBG1(DBG_IKE, "nonce allocation failed");
727 nonceg->destroy(nonceg);
728 return FALSE;
729 }
730 nonceg->destroy(nonceg);
731
732 nonce_payload = nonce_payload_create(PLV1_NONCE);
733 nonce_payload->set_nonce(nonce_payload, nonce);
734 message->add_payload(message, &nonce_payload->payload_interface);
735
736 if (this->initiator)
737 {
738 this->nonce_i = nonce;
739 }
740 else
741 {
742 this->nonce_r = nonce;
743 }
744 return TRUE;
745 }
746
747 METHOD(phase1_t, get_nonce_ke, bool,
748 private_phase1_t *this, message_t *message)
749 {
750 nonce_payload_t *nonce_payload;
751 ke_payload_t *ke_payload;
752
753 ke_payload = (ke_payload_t*)message->get_payload(message, PLV1_KEY_EXCHANGE);
754 if (!ke_payload)
755 {
756 DBG1(DBG_IKE, "KE payload missing in message");
757 return FALSE;
758 }
759 this->dh_value = chunk_clone(ke_payload->get_key_exchange_data(ke_payload));
760 if (!this->dh->set_other_public_value(this->dh, this->dh_value))
761 {
762 DBG1(DBG_IKE, "unable to apply received KE value");
763 return FALSE;
764 }
765
766 nonce_payload = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
767 if (!nonce_payload)
768 {
769 DBG1(DBG_IKE, "NONCE payload missing in message");
770 return FALSE;
771 }
772
773 if (this->initiator)
774 {
775 this->nonce_r = nonce_payload->get_nonce(nonce_payload);
776 }
777 else
778 {
779 this->nonce_i = nonce_payload->get_nonce(nonce_payload);
780 }
781 return TRUE;
782 }
783
784 METHOD(phase1_t, destroy, void,
785 private_phase1_t *this)
786 {
787 DESTROY_IF(this->peer_cfg);
788 this->candidates->destroy_offset(this->candidates,
789 offsetof(peer_cfg_t, destroy));
790 chunk_free(&this->sa_payload);
791 DESTROY_IF(this->dh);
792 free(this->dh_value.ptr);
793 free(this->nonce_i.ptr);
794 free(this->nonce_r.ptr);
795 free(this);
796 }
797
798 /**
799 * See header
800 */
801 phase1_t *phase1_create(ike_sa_t *ike_sa, bool initiator)
802 {
803 private_phase1_t *this;
804
805 INIT(this,
806 .public = {
807 .create_hasher = _create_hasher,
808 .create_dh = _create_dh,
809 .derive_keys = _derive_keys,
810 .get_auth_method = _get_auth_method,
811 .get_id = _get_id,
812 .select_config = _select_config,
813 .has_virtual_ip = _has_virtual_ip,
814 .has_pool = _has_pool,
815 .verify_auth = _verify_auth,
816 .build_auth = _build_auth,
817 .save_sa_payload = _save_sa_payload,
818 .add_nonce_ke = _add_nonce_ke,
819 .get_nonce_ke = _get_nonce_ke,
820 .destroy = _destroy,
821 },
822 .candidates = linked_list_create(),
823 .ike_sa = ike_sa,
824 .initiator = initiator,
825 .keymat = (keymat_v1_t*)ike_sa->get_keymat(ike_sa),
826 );
827
828 return &this->public;
829 }