implemented and tested functionality to create sa_payload from
[strongswan.git] / Source / charon / encoding / payloads / sa_payload.c
index 83eb62a..d2aecf8 100644 (file)
@@ -1,10 +1,7 @@
 /**
  * @file sa_payload.c
  * 
- * @brief Declaration of the class sa_payload_t. 
- * 
- * An object of this type represents an IKEv2 SA-Payload and contains proposal 
- * substructures.
+ * @brief Implementation of sa_payload_t.
  * 
  */
 
 #include <utils/linked_list.h>
 
 
+typedef struct private_sa_payload_t private_sa_payload_t;
+
 /**
- * Private data of an sa_payload_t' Object
+ * Private data of an sa_payload_t object.
  * 
  */
-typedef struct private_sa_payload_s private_sa_payload_t;
-
-struct private_sa_payload_s {
+struct private_sa_payload_t {
        /**
-        * public sa_payload_t interface
+        * Public sa_payload_t interface.
         */
        sa_payload_t public;
        
        /**
-        * next payload type
+        * Next payload type.
         */
        u_int8_t  next_payload;
 
        /**
-        * Critical flag
+        * Critical flag.
         */
        bool critical;
        
        /**
-        * Length of this payload
+        * Length of this payload.
         */
        u_int16_t payload_length;
        
        /**
-        * Proposals in this payload are stored in a linked_list_t
+        * Proposals in this payload are stored in a linked_list_t.
         */
        linked_list_t * proposals;
        
@@ -69,10 +66,8 @@ struct private_sa_payload_s {
         * @brief Computes the length of this payload.
         *
         * @param this  calling private_sa_payload_t object
-        * @return              
-        *                              SUCCESS in any case
         */
-       status_t (*compute_length) (private_sa_payload_t *this);
+       void (*compute_length) (private_sa_payload_t *this);
 };
 
 /**
@@ -115,14 +110,13 @@ encoding_rule_t sa_payload_encodings[] = {
 */
 
 /**
- * Implements payload_t's verify function.
- * See #payload_s.verify for description.
+ * Implementation of payload_t.verify.
  */
 static status_t verify(private_sa_payload_t *this)
 {
        int proposal_number = 1;
-       status_t status;
-       linked_list_iterator_t *iterator;
+       status_t status = SUCCESS;
+       iterator_t *iterator;
        bool first = TRUE;
        
        if (this->critical)
@@ -132,19 +126,12 @@ static status_t verify(private_sa_payload_t *this)
        }
 
        /* check proposal numbering */          
-       status = this->proposals->create_iterator(this->proposals,&iterator,TRUE);
-       if (status != SUCCESS)
-       {
-               return status;
-       }
+       iterator = this->proposals->create_iterator(this->proposals,TRUE);
        
        while(iterator->has_next(iterator))
        {
                proposal_substructure_t *current_proposal;
-               status = iterator->current(iterator,(void **)&current_proposal);
-               {
-                       break;
-               }
+               iterator->current(iterator,(void **)&current_proposal);
                if (current_proposal->get_proposal_number(current_proposal) > proposal_number)
                {
                        if (first) 
@@ -168,6 +155,12 @@ static status_t verify(private_sa_payload_t *this)
                        status = FAILED;
                        break;
                }
+               
+               status = current_proposal->payload_interface.verify(&(current_proposal->payload_interface));
+               if (status != SUCCESS)
+               {
+                       break;
+               }
                first = FALSE;
        }
        
@@ -177,8 +170,7 @@ static status_t verify(private_sa_payload_t *this)
 
 
 /**
- * Implements payload_t's and sa_payload_t's destroy function.
- * See #payload_s.destroy or sa_payload_s.destroy for description.
+ * Implementation of payload_t.destroy and sa_payload_t.destroy.
  */
 static status_t destroy(private_sa_payload_t *this)
 {
@@ -186,10 +178,7 @@ static status_t destroy(private_sa_payload_t *this)
        while (this->proposals->get_count(this->proposals) > 0)
        {
                proposal_substructure_t *current_proposal;
-               if (this->proposals->remove_last(this->proposals,(void **)&current_proposal) != SUCCESS)
-               {
-                       break;
-               }
+               this->proposals->remove_last(this->proposals,(void **)&current_proposal);
                current_proposal->destroy(current_proposal);
        }
        this->proposals->destroy(this->proposals);
@@ -200,20 +189,16 @@ static status_t destroy(private_sa_payload_t *this)
 }
 
 /**
- * Implements payload_t's get_encoding_rules function.
- * See #payload_s.get_encoding_rules for description.
+ * Implementation of payload_t.get_encoding_rules.
  */
-static status_t get_encoding_rules(private_sa_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
+static void get_encoding_rules(private_sa_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
 {
        *rules = sa_payload_encodings;
        *rule_count = sizeof(sa_payload_encodings) / sizeof(encoding_rule_t);
-       
-       return SUCCESS;
 }
 
 /**
- * Implements payload_t's get_type function.
- * See #payload_s.get_type for description.
+ * Implementation of payload_t.get_type.
  */
 static payload_type_t get_type(private_sa_payload_t *this)
 {
@@ -221,8 +206,7 @@ static payload_type_t get_type(private_sa_payload_t *this)
 }
 
 /**
- * Implements payload_t's get_next_type function.
- * See #payload_s.get_next_type for description.
+ * Implementation of payload_t.get_next_type.
  */
 static payload_type_t get_next_type(private_sa_payload_t *this)
 {
@@ -230,18 +214,15 @@ static payload_type_t get_next_type(private_sa_payload_t *this)
 }
 
 /**
- * Implements payload_t's set_next_type function.
- * See #payload_s.set_next_type for description.
+ * Implementation of payload_t.set_next_type.
  */
-static status_t set_next_type(private_sa_payload_t *this,payload_type_t type)
+static void set_next_type(private_sa_payload_t *this,payload_type_t type)
 {
        this->next_payload = type;
-       return SUCCESS;
 }
 
 /**
- * Implements payload_t's get_length function.
- * See #payload_s.get_length for description.
+ * Implementation of payload_t.get_length.
  */
 static size_t get_length(private_sa_payload_t *this)
 {
@@ -250,40 +231,176 @@ static size_t get_length(private_sa_payload_t *this)
 }
 
 /**
- * Implements sa_payload_t's create_proposal_substructure_iterator function.
- * See #sa_payload_s.create_proposal_substructure_iterator for description.
+ * Implementation of sa_payload_t.create_proposal_substructure_iterator.
  */
-static status_t create_proposal_substructure_iterator (private_sa_payload_t *this,linked_list_iterator_t **iterator,bool forward)
+static iterator_t *create_proposal_substructure_iterator (private_sa_payload_t *this,bool forward)
 {
-       return (this->proposals->create_iterator(this->proposals,iterator,forward));
+       return this->proposals->create_iterator(this->proposals,forward);
 }
 
 /**
- * Implements sa_payload_t's add_proposal_substructure function.
- * See #sa_payload_s.add_proposal_substructure for description.
+ * Implementation of sa_payload_t.add_proposal_substructure.
  */
-static status_t add_proposal_substructure (private_sa_payload_t *this,proposal_substructure_t *proposal)
+static void add_proposal_substructure (private_sa_payload_t *this,proposal_substructure_t *proposal)
 {
        status_t status;
-       status = this->proposals->insert_last(this->proposals,(void *) proposal);
+       if (this->proposals->get_count(this->proposals) > 0)
+       {
+               proposal_substructure_t *last_proposal;
+               status = this->proposals->get_last(this->proposals,(void **) &last_proposal);
+               /* last transform is now not anymore last one */
+               last_proposal->set_is_last_proposal(last_proposal,FALSE);
+       }
+       proposal->set_is_last_proposal(proposal,TRUE);
+       
+       this->proposals->insert_last(this->proposals,(void *) proposal);
        this->compute_length(this);
-       return status;
 }
 
 /**
- * Implements private_sa_payload_t's compute_length function.
- * See #private_sa_payload_s.compute_length for description.
+ * Implementation of sa_payload_t.get_ike_proposals.
  */
-static status_t compute_length (private_sa_payload_t *this)
+static status_t get_ike_proposals (private_sa_payload_t *this,ike_proposal_t ** proposals, size_t *proposal_count)
 {
-       linked_list_iterator_t *iterator;
-       status_t status;
-       size_t length = SA_PAYLOAD_HEADER_LENGTH;
-       status = this->proposals->create_iterator(this->proposals,&iterator,TRUE);
-       if (status != SUCCESS)
+       int found_ike_proposals = 0;
+       int current_proposal_number = 0;
+       iterator_t *iterator;
+       ike_proposal_t *tmp_proposals;
+       
+               
+       iterator = this->proposals->create_iterator(this->proposals,TRUE);
+       
+       /* first find out the number of ike proposals and check their number of transforms and 
+        * if the SPI is empty!*/
+       while (iterator->has_next(iterator))
+       {
+               proposal_substructure_t *current_proposal;
+               iterator->current(iterator,(void **)&(current_proposal));
+               if (current_proposal->get_protocol_id(current_proposal) == IKE)
+               {
+                       /* a ike proposal consists of 4 transforms and an empty spi*/
+                       if ((current_proposal->get_transform_count(current_proposal) != 4) ||
+                           (current_proposal->get_spi_size(current_proposal) != 0))
+                   {
+                       iterator->destroy(iterator);
+                       return FAILED;
+                   }
+                       
+                       found_ike_proposals++;
+               }
+       }
+       iterator->reset(iterator);
+       
+       if (found_ike_proposals == 0)
+       {
+               iterator->destroy(iterator);
+               return NOT_FOUND;
+       }
+       
+       /* allocate memory to hold each proposal as ike_proposal_t */
+       
+       tmp_proposals = allocator_alloc(found_ike_proposals * sizeof(ike_proposal_t));
+       
+       /* create from each proposal_substructure a ike_proposal_t data area*/
+       while (iterator->has_next(iterator))
        {
-               return length;
+               proposal_substructure_t *current_proposal;
+               iterator->current(iterator,(void **)&(current_proposal));
+               if (current_proposal->get_protocol_id(current_proposal) == IKE)
+               {
+                       bool encryption_algorithm_found = FALSE;
+                       bool integrity_algorithm_found = FALSE;
+                       bool pseudo_random_function_found = FALSE;
+                       bool diffie_hellman_group_found = FALSE;
+                       status_t status;
+                       iterator_t *transforms;
+                       
+                       transforms = current_proposal->create_transform_substructure_iterator(current_proposal,TRUE);
+                       while (transforms->has_next(transforms))
+                       {
+                               transform_substructure_t *current_transform;
+                               transforms->current(transforms,(void **)&(current_transform));
+                               
+                               switch (current_transform->get_transform_type(current_transform))
+                               {
+                                       case ENCRYPTION_ALGORITHM:
+                                       {
+                                               tmp_proposals[current_proposal_number].encryption_algorithm = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].encryption_algorithm_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       encryption_algorithm_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case INTEGRITY_ALGORITHM:
+                                       {
+                                               tmp_proposals[current_proposal_number].integrity_algorithm = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].integrity_algorithm_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       integrity_algorithm_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case PSEUDO_RANDOM_FUNCTION:
+                                       {
+                                               tmp_proposals[current_proposal_number].pseudo_random_function = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].pseudo_random_function_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       pseudo_random_function_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case DIFFIE_HELLMAN_GROUP:
+                                       {
+                                               tmp_proposals[current_proposal_number].diffie_hellman_group = current_transform->get_transform_id(current_transform);
+                                               diffie_hellman_group_found = TRUE;
+                                               break;
+                                       }
+                                       default:
+                                       {
+                                               /* not a transform of an ike proposal. Break here */
+                                               break;
+                                       }
+                               }
+                               
+                       }
+
+                       transforms->destroy(transforms);
+                       
+                       if ((!encryption_algorithm_found) ||
+                               (!integrity_algorithm_found) ||
+                               (!pseudo_random_function_found) ||
+                               (!diffie_hellman_group_found))
+                       {
+                               /* one of needed transforms could not be found */
+                               iterator->reset(iterator);
+                               allocator_free(tmp_proposals);
+                               return FAILED;
+                       }
+                       
+                       current_proposal_number++;
+               }
        }
+
+       iterator->destroy(iterator);    
+       
+       *proposals = tmp_proposals;
+       *proposal_count = found_ike_proposals;
+
+       return SUCCESS;
+}
+
+/**
+ * Implementation of private_sa_payload_t.compute_length.
+ */
+static void compute_length (private_sa_payload_t *this)
+{
+       iterator_t *iterator;
+       size_t length = SA_PAYLOAD_HEADER_LENGTH;
+       iterator = this->proposals->create_iterator(this->proposals,TRUE);
        while (iterator->has_next(iterator))
        {
                payload_t *current_proposal;
@@ -293,34 +410,29 @@ static status_t compute_length (private_sa_payload_t *this)
        iterator->destroy(iterator);
        
        this->payload_length = length;
-               
-       return SUCCESS;
 }
 
 /*
- * Described in header
+ * Described in header.
  */
 sa_payload_t *sa_payload_create()
 {
        private_sa_payload_t *this = allocator_alloc_thing(private_sa_payload_t);
-       if (this == NULL)
-       {
-               return NULL;    
-       }       
        
        /* public interface */
        this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
-       this->public.payload_interface.get_encoding_rules = (status_t (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
+       this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
        this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
        this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
-       this->public.payload_interface.set_next_type = (status_t (*) (payload_t *,payload_type_t)) set_next_type;
+       this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
        this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type;
-       this->public.payload_interface.destroy = (status_t (*) (payload_t *))destroy;
+       this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
        
        /* public functions */
-       this->public.create_proposal_substructure_iterator = (status_t (*) (sa_payload_t *,linked_list_iterator_t **,bool)) create_proposal_substructure_iterator;
-       this->public.add_proposal_substructure = (status_t (*) (sa_payload_t *,proposal_substructure_t *)) add_proposal_substructure;
-       this->public.destroy = (status_t (*) (sa_payload_t *)) destroy;
+       this->public.create_proposal_substructure_iterator = (iterator_t* (*) (sa_payload_t *,bool)) create_proposal_substructure_iterator;
+       this->public.add_proposal_substructure = (void (*) (sa_payload_t *,proposal_substructure_t *)) add_proposal_substructure;
+       this->public.get_ike_proposals = (status_t (*) (sa_payload_t *, ike_proposal_t **, size_t *)) get_ike_proposals;
+       this->public.destroy = (void (*) (sa_payload_t *)) destroy;
        
        /* private functions */
        this->compute_length = compute_length;
@@ -331,13 +443,46 @@ sa_payload_t *sa_payload_create()
        this->payload_length = SA_PAYLOAD_HEADER_LENGTH;
 
        this->proposals = linked_list_create();
-       
-       if (this->proposals == NULL)
-       {
-               allocator_free(this);
-               return NULL;
-       }
        return (&(this->public));
 }
 
+/*
+ * Described in header.
+ */
+sa_payload_t *sa_payload_create_from_ike_proposals(ike_proposal_t *proposals, size_t proposal_count)
+{
+       int i;
+       sa_payload_t *sa_payload= sa_payload_create();
+       
+       for (i = 0; i < proposal_count; i++)
+       {
+               proposal_substructure_t *proposal_substructure;
+               transform_substructure_t *encryption_algorithm;
+               transform_substructure_t *integrity_algorithm;
+               transform_substructure_t *pseudo_random_function;
+               transform_substructure_t *diffie_hellman_group;
+               
+               /* create proposal substructure */
+               proposal_substructure = proposal_substructure_create();
+               proposal_substructure->set_protocol_id(proposal_substructure,IKE);
+               proposal_substructure->set_proposal_number(proposal_substructure,(i + 1));
+
+               /* create transform substructures to hold each specific transform for an ike proposal */
+               encryption_algorithm = transform_substructure_create_type(ENCRYPTION_ALGORITHM,proposals[i].encryption_algorithm,proposals[i].encryption_algorithm_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,encryption_algorithm);
+               
+               pseudo_random_function = transform_substructure_create_type(PSEUDO_RANDOM_FUNCTION,proposals[i].pseudo_random_function,proposals[i].pseudo_random_function_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,pseudo_random_function);
+
+               integrity_algorithm = transform_substructure_create_type(INTEGRITY_ALGORITHM,proposals[i].integrity_algorithm,proposals[i].integrity_algorithm_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,integrity_algorithm);
 
+               diffie_hellman_group = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP,proposals[i].diffie_hellman_group,0);
+               proposal_substructure->add_transform_substructure(proposal_substructure,diffie_hellman_group);
+               
+               /* add proposal to sa payload */
+               sa_payload->add_proposal_substructure(sa_payload,proposal_substructure);
+       }
+       
+       return sa_payload;
+}