df25e64e99e4e4583173357134d1b92fa5ea573e
[strongswan.git] / src / libimcv / seg / seg_contract.c
1 /*
2 * Copyright (C) 2014 Andreas Steffen
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "seg_contract.h"
17 #include "seg_env.h"
18 #include "ietf/ietf_attr_pa_tnc_error.h"
19 #include "tcg/seg/tcg_seg_attr_seg_env.h"
20
21 #include <utils/debug.h>
22 #include <bio/bio_writer.h>
23
24 #include <tncif_pa_subtypes.h>
25
26 typedef struct private_seg_contract_t private_seg_contract_t;
27
28 /**
29 * Private data of a seg_contract_t object.
30 */
31 struct private_seg_contract_t {
32
33 /**
34 * Public seg_contract_t interface.
35 */
36 seg_contract_t public;
37
38 /**
39 * PA-TNC message type
40 */
41 pen_type_t msg_type;
42
43 /**
44 * Maximum PA-TNC attribute size
45 */
46 uint32_t max_attr_size;
47
48 /**
49 * Maximum PA-TNC attribute segment size
50 */
51 uint32_t max_seg_size;
52
53 /**
54 * Maximum PA-TNC attribute segment size
55 */
56 uint32_t last_base_attr_id;
57
58 /**
59 * List of attribute segment envelopes
60 */
61
62 linked_list_t *seg_envs;
63
64 /**
65 * Is this a null contract?
66 */
67 bool is_null;
68
69 /**
70 * Contract role
71 */
72 bool is_issuer;
73
74 /**
75 * Issuer ID (either IMV ID or IMC ID)
76 */
77 TNC_UInt32 issuer_id;
78
79 /**
80 * IMC/IMV role
81 */
82 bool is_imc;
83
84 };
85
86 METHOD(seg_contract_t, get_msg_type, pen_type_t,
87 private_seg_contract_t *this)
88 {
89 return this->msg_type;
90 }
91
92 METHOD(seg_contract_t, set_max_size, void,
93 private_seg_contract_t *this, uint32_t max_attr_size, uint32_t max_seg_size)
94 {
95 this->max_attr_size = max_attr_size;
96 this->max_seg_size = max_seg_size;
97 this->is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE &&
98 max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE;
99 }
100
101 METHOD(seg_contract_t, get_max_size, void,
102 private_seg_contract_t *this, uint32_t *max_attr_size, uint32_t *max_seg_size)
103 {
104 if (max_attr_size)
105 {
106 *max_attr_size = this->max_attr_size;
107 }
108 if (max_seg_size)
109 {
110 *max_seg_size = this->max_seg_size;
111 }
112 }
113
114 METHOD(seg_contract_t, check_size, bool,
115 private_seg_contract_t *this, pa_tnc_attr_t *attr, bool *oversize)
116 {
117 chunk_t attr_value;
118 size_t attr_len;
119
120 *oversize = FALSE;
121
122 if (this->is_null)
123 {
124 /* null segmentation contract */
125 return FALSE;
126 }
127 attr->build(attr);
128 attr_value = attr->get_value(attr);
129 attr_len = PA_TNC_ATTR_HEADER_SIZE + attr_value.len;
130
131 if (attr_len > this->max_attr_size)
132 {
133 /* oversize attribute */
134 *oversize = TRUE;
135 return FALSE;
136 }
137 if (this->max_seg_size == SEG_CONTRACT_NO_FRAGMENTATION)
138 {
139 /* no fragmentation wanted */
140 return FALSE;
141 }
142 return attr_value.len > this->max_seg_size + TCG_SEG_ATTR_SEG_ENV_HEADER;
143 }
144
145 METHOD(seg_contract_t, first_segment, pa_tnc_attr_t*,
146 private_seg_contract_t *this, pa_tnc_attr_t *attr)
147 {
148 seg_env_t *seg_env;
149
150 seg_env = seg_env_create(++this->last_base_attr_id, attr,
151 this->max_seg_size);
152 if (!seg_env)
153 {
154 return NULL;
155 }
156 this->seg_envs->insert_last(this->seg_envs, seg_env);
157
158 return seg_env->first_segment(seg_env);
159 }
160
161 METHOD(seg_contract_t, next_segment, pa_tnc_attr_t*,
162 private_seg_contract_t *this, uint32_t base_attr_id)
163 {
164 pa_tnc_attr_t *seg_env_attr = NULL;
165 seg_env_t *seg_env;
166 bool last_segment = FALSE;
167 enumerator_t *enumerator;
168
169 enumerator = this->seg_envs->create_enumerator(this->seg_envs);
170 while (enumerator->enumerate(enumerator, &seg_env))
171 {
172 if (seg_env->get_base_attr_id(seg_env) == base_attr_id)
173 {
174 seg_env_attr = seg_env->next_segment(seg_env, &last_segment);
175 if (!seg_env_attr)
176 {
177 break;
178 }
179 if (last_segment)
180 {
181 this->seg_envs->remove_at(this->seg_envs, enumerator);
182 seg_env->destroy(seg_env);
183 }
184 break;
185 }
186 }
187 enumerator->destroy(enumerator);
188
189 return seg_env_attr;
190 }
191
192 METHOD(seg_contract_t, add_segment, pa_tnc_attr_t*,
193 private_seg_contract_t *this, pa_tnc_attr_t *attr, pa_tnc_attr_t **error,
194 bool *more)
195 {
196 tcg_seg_attr_seg_env_t *seg_env_attr;
197 seg_env_t *current, *seg_env = NULL;
198 pa_tnc_attr_t *base_attr;
199 pen_type_t error_code;
200 uint32_t base_attr_id;
201 uint8_t flags;
202 chunk_t segment_data, msg_info;
203 enumerator_t *enumerator;
204
205 seg_env_attr = (tcg_seg_attr_seg_env_t*)attr;
206 base_attr_id = seg_env_attr->get_base_attr_id(seg_env_attr);
207 segment_data = seg_env_attr->get_segment(seg_env_attr, &flags);
208 *more = flags & SEG_ENV_FLAG_MORE;
209 *error = NULL;
210
211 enumerator = this->seg_envs->create_enumerator(this->seg_envs);
212 while (enumerator->enumerate(enumerator, &current))
213 {
214 if (current->get_base_attr_id(current) == base_attr_id)
215 {
216 seg_env = current;
217 this->seg_envs->remove_at(this->seg_envs, enumerator);
218 break;
219 }
220 }
221 enumerator->destroy(enumerator);
222
223 if (flags & SEG_ENV_FLAG_START)
224 {
225 if (seg_env)
226 {
227 DBG1(DBG_TNC, "base attribute ID %d is already in use",
228 base_attr_id);
229 this->seg_envs->insert_last(this->seg_envs, seg_env);
230 return NULL;
231 }
232 DBG2(DBG_TNC, "received first segment for base attribute ID %d "
233 "(%d bytes)", base_attr_id, segment_data.len);
234 seg_env = seg_env_create_from_data(base_attr_id, segment_data,
235 this->max_seg_size, error);
236 if (!seg_env)
237 {
238 return NULL;
239 }
240 }
241 else
242 {
243 if (!seg_env)
244 {
245 DBG1(DBG_TNC, "base attribute ID %d not found", base_attr_id);
246 return NULL;
247 }
248 DBG2(DBG_TNC, "received %s segment for base attribute ID %d "
249 "(%d bytes)", (*more) ? "next" : "last", base_attr_id,
250 segment_data.len);
251 if (!seg_env->add_segment(seg_env, segment_data, error))
252 {
253 seg_env->destroy(seg_env);
254 return NULL;
255 }
256 }
257 base_attr = seg_env->get_base_attr(seg_env);
258
259 if (*more)
260 {
261 /* reinsert into list since more segments are to come */
262 this->seg_envs->insert_last(this->seg_envs, seg_env);
263 }
264 else
265 {
266 /* added the last segment */
267 if (!base_attr)
268 {
269 /* base attribute waits for more data */
270 DBG1(DBG_TNC, "insufficient bytes for PA-TNC attribute value");
271 msg_info = seg_env->get_base_attr_info(seg_env);
272 error_code = pen_type_create(PEN_IETF, PA_ERROR_INVALID_PARAMETER);
273 *error = ietf_attr_pa_tnc_error_create_with_offset(error_code,
274 msg_info, PA_TNC_ATTR_INFO_SIZE);
275 }
276 seg_env->destroy(seg_env);
277 }
278 return base_attr;
279 }
280
281 METHOD(seg_contract_t, is_issuer, bool,
282 private_seg_contract_t *this)
283 {
284 return this->is_issuer;
285 }
286
287 METHOD(seg_contract_t, is_null, bool,
288 private_seg_contract_t *this)
289 {
290 return this->is_null;
291 }
292
293 METHOD(seg_contract_t, get_info_string, void,
294 private_seg_contract_t *this, char *buf, size_t len, bool request)
295 {
296 enum_name_t *pa_subtype_names;
297 uint32_t msg_vid, msg_subtype;
298 char *pos = buf;
299 int written;
300
301 /* nul-terminate the string buffer */
302 buf[--len] = '\0';
303
304 if (this->is_issuer && request)
305 {
306 written = snprintf(pos, len, "%s %d requests",
307 this->is_imc ? "IMC" : "IMV", this->issuer_id);
308 }
309 else
310 {
311 written = snprintf(pos, len, "received");
312 }
313 if (written < 0 || written > len)
314 {
315 return;
316 }
317 pos += written;
318 len -= written;
319
320 written = snprintf(pos, len, " a %ssegmentation contract%s ",
321 this->is_null ? "null" : "", request ? "" : " response");
322 if (written < 0 || written > len)
323 {
324 return;
325 }
326 pos += written;
327 len -= written;
328
329 if (!this->is_issuer && this->issuer_id != TNC_IMVID_ANY)
330 {
331 written = snprintf(pos, len, "from %s %d ",
332 this->is_imc ? "IMV" : "IMC", this->issuer_id);
333 if (written < 0 || written > len)
334 {
335 return;
336 }
337 pos += written;
338 len -= written;
339 }
340
341 msg_vid = this->msg_type.vendor_id;
342 msg_subtype = this->msg_type.type;
343 pa_subtype_names = get_pa_subtype_names(msg_vid);
344 if (pa_subtype_names)
345 {
346 written = snprintf(pos, len, "for PA message type '%N/%N' "
347 "0x%06x/0x%08x", pen_names, msg_vid,
348 pa_subtype_names, msg_subtype, msg_vid,
349 msg_subtype);
350 }
351 else
352 {
353 written = snprintf(pos, len, "for PA message type '%N' "
354 "0x%06x/0x%08x", pen_names, msg_vid,
355 msg_vid, msg_subtype);
356 }
357 if (written < 0 || written > len)
358 {
359 return;
360 }
361 pos += written;
362 len -= written;
363
364 if (!this->is_null)
365 {
366 written = snprintf(pos, len, "\n maximum attribute size of %u bytes "
367 "with ", this->max_attr_size);
368 if (written < 0 || written > len)
369 {
370 return;
371 }
372 pos += written;
373 len -= written;
374
375 if (this->max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE)
376 {
377 written = snprintf(pos, len, "no segmentation");
378 }
379 else
380 {
381 written = snprintf(pos, len, "maximum segment size of %u bytes",
382 this->max_seg_size);
383 }
384 }
385 }
386
387 METHOD(seg_contract_t, destroy, void,
388 private_seg_contract_t *this)
389 {
390 this->seg_envs->destroy_offset(this->seg_envs, offsetof(seg_env_t, destroy));
391 free(this);
392 }
393
394 /**
395 * See header
396 */
397 seg_contract_t *seg_contract_create(pen_type_t msg_type,
398 uint32_t max_attr_size,
399 uint32_t max_seg_size,
400 bool is_issuer, TNC_UInt32 issuer_id,
401 bool is_imc)
402 {
403 private_seg_contract_t *this;
404
405 INIT(this,
406 .public = {
407 .get_msg_type = _get_msg_type,
408 .set_max_size = _set_max_size,
409 .get_max_size = _get_max_size,
410 .check_size = _check_size,
411 .first_segment = _first_segment,
412 .next_segment = _next_segment,
413 .add_segment = _add_segment,
414 .is_issuer = _is_issuer,
415 .is_null = _is_null,
416 .get_info_string = _get_info_string,
417 .destroy = _destroy,
418 },
419 .msg_type = msg_type,
420 .max_attr_size = max_attr_size,
421 .max_seg_size = max_seg_size,
422 .seg_envs = linked_list_create(),
423 .is_issuer = is_issuer,
424 .issuer_id = issuer_id,
425 .is_imc = is_imc,
426 .is_null = max_attr_size == SEG_CONTRACT_MAX_SIZE_VALUE &&
427 max_seg_size == SEG_CONTRACT_MAX_SIZE_VALUE,
428 );
429
430 return &this->public;
431 }
432