ike: Rename encryption_payload to encrypted_payload
authorTobias Brunner <tobias@strongswan.org>
Fri, 6 Jun 2014 14:35:49 +0000 (16:35 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 10 Oct 2014 07:30:25 +0000 (09:30 +0200)
12 files changed:
src/conftest/hooks/ike_auth_fill.c
src/libcharon/Android.mk
src/libcharon/Makefile.am
src/libcharon/encoding/message.c
src/libcharon/encoding/message.h
src/libcharon/encoding/parser.c
src/libcharon/encoding/payloads/encrypted_payload.c [new file with mode: 0644]
src/libcharon/encoding/payloads/encrypted_payload.h [new file with mode: 0644]
src/libcharon/encoding/payloads/encryption_payload.c [deleted file]
src/libcharon/encoding/payloads/encryption_payload.h [deleted file]
src/libcharon/encoding/payloads/payload.c
src/libcharon/encoding/payloads/payload.h

index 5cdd5be..e3eabe2 100644 (file)
@@ -19,7 +19,7 @@
 #include <netinet/udp.h>
 
 #include <encoding/payloads/cert_payload.h>
-#include <encoding/payloads/encryption_payload.h>
+#include <encoding/payloads/encrypted_payload.h>
 
 typedef struct private_ike_auth_fill_t private_ike_auth_fill_t;
 
index a28b459..a2e064e 100644 (file)
@@ -25,7 +25,7 @@ encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \
 encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \
 encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \
 encoding/payloads/encodings.c encoding/payloads/encodings.h \
-encoding/payloads/encryption_payload.c encoding/payloads/encryption_payload.h \
+encoding/payloads/encrypted_payload.c encoding/payloads/encrypted_payload.h \
 encoding/payloads/id_payload.c encoding/payloads/id_payload.h \
 encoding/payloads/ike_header.c encoding/payloads/ike_header.h \
 encoding/payloads/ke_payload.c  encoding/payloads/ke_payload.h \
index 0eaabf5..5fb1e3d 100644 (file)
@@ -23,7 +23,7 @@ encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \
 encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \
 encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \
 encoding/payloads/encodings.c encoding/payloads/encodings.h \
-encoding/payloads/encryption_payload.c encoding/payloads/encryption_payload.h \
+encoding/payloads/encrypted_payload.c encoding/payloads/encrypted_payload.h \
 encoding/payloads/id_payload.c encoding/payloads/id_payload.h \
 encoding/payloads/ike_header.c encoding/payloads/ike_header.h \
 encoding/payloads/ke_payload.c  encoding/payloads/ke_payload.h \
index f6f13ae..cecb554 100644 (file)
@@ -30,7 +30,7 @@
 #include <encoding/payloads/encodings.h>
 #include <encoding/payloads/payload.h>
 #include <encoding/payloads/hash_payload.h>
-#include <encoding/payloads/encryption_payload.h>
+#include <encoding/payloads/encrypted_payload.h>
 #include <encoding/payloads/unknown_payload.h>
 #include <encoding/payloads/cp_payload.h>
 
@@ -1392,11 +1392,11 @@ static void order_payloads(private_message_t *this)
 }
 
 /**
- * Wrap payloads in an encryption payload
+ * Wrap payloads in an encrypted payload
  */
-static encryption_payload_t* wrap_payloads(private_message_t *this)
+static encrypted_payload_t* wrap_payloads(private_message_t *this)
 {
-       encryption_payload_t *encryption;
+       encrypted_payload_t *encryption;
        linked_list_t *payloads;
        payload_t *current;
 
@@ -1410,11 +1410,11 @@ static encryption_payload_t* wrap_payloads(private_message_t *this)
 
        if (this->is_encrypted)
        {
-               encryption = encryption_payload_create(PLV1_ENCRYPTED);
+               encryption = encrypted_payload_create(PLV1_ENCRYPTED);
        }
        else
        {
-               encryption = encryption_payload_create(PLV2_ENCRYPTED);
+               encryption = encrypted_payload_create(PLV2_ENCRYPTED);
        }
        while (payloads->remove_first(payloads, (void**)&current) == SUCCESS)
        {
@@ -1459,7 +1459,7 @@ METHOD(message_t, generate, status_t,
        generator_t *generator;
        ike_header_t *ike_header;
        payload_t *payload, *next;
-       encryption_payload_t *encryption = NULL;
+       encrypted_payload_t *encryption = NULL;
        payload_type_t next_type;
        enumerator_t *enumerator;
        aead_t *aead = NULL;
@@ -1780,9 +1780,9 @@ static status_t parse_payloads(private_message_t *this)
        status_t status;
 
        if (this->is_encrypted)
-       {       /* wrap the whole encrypted IKEv1 message in a special encryption
+       {       /* wrap the whole encrypted IKEv1 message in a special encrypted
                 * payload which is then handled just like a regular payload */
-               encryption_payload_t *encryption;
+               encrypted_payload_t *encryption;
 
                status = this->parser->parse_payload(this->parser, PLV1_ENCRYPTED,
                                                                                         (payload_t**)&encryption);
@@ -1841,7 +1841,7 @@ static status_t parse_payloads(private_message_t *this)
  * Decrypt an encrypted payload and extract all contained payloads.
  */
 static status_t decrypt_and_extract(private_message_t *this, keymat_t *keymat,
-                                               payload_t *previous, encryption_payload_t *encryption)
+                                               payload_t *previous, encrypted_payload_t *encryption)
 {
        payload_t *encrypted;
        payload_type_t type;
@@ -1941,7 +1941,7 @@ static bool accept_unencrypted_mm(private_message_t *this, payload_type_t type)
 }
 
 /**
- * Decrypt payload from the encryption payload
+ * Decrypt payload from the encrypted payload
  */
 static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
 {
@@ -1961,7 +1961,7 @@ static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
 
                if (type == PLV2_ENCRYPTED || type == PLV1_ENCRYPTED)
                {
-                       encryption_payload_t *encryption;
+                       encrypted_payload_t *encryption;
 
                        if (was_encrypted)
                        {
@@ -1972,7 +1972,7 @@ static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
                        }
 
                        DBG2(DBG_ENC, "found an encrypted payload");
-                       encryption = (encryption_payload_t*)payload;
+                       encryption = (encrypted_payload_t*)payload;
                        this->payloads->remove_at(this->payloads, enumerator);
 
                        if (enumerator->enumerate(enumerator, NULL))
index 7631a7c..bc4aa08 100644 (file)
@@ -39,7 +39,7 @@ typedef struct message_t message_t;
  *
  * The message handles parsing and generation of payloads
  * via parser_t/generator_t. Encryption is done transparently
- * via the encryption_payload_t. A set of rules for messages
+ * via the encrypted_payload_t. A set of rules for messages
  * and payloads does check parsed messages.
  */
 struct message_t {
index c33e30d..d6240fd 100644 (file)
@@ -32,7 +32,7 @@
 #include <encoding/payloads/nonce_payload.h>
 #include <encoding/payloads/id_payload.h>
 #include <encoding/payloads/notify_payload.h>
-#include <encoding/payloads/encryption_payload.h>
+#include <encoding/payloads/encrypted_payload.h>
 #include <encoding/payloads/auth_payload.h>
 #include <encoding/payloads/cert_payload.h>
 #include <encoding/payloads/certreq_payload.h>
diff --git a/src/libcharon/encoding/payloads/encrypted_payload.c b/src/libcharon/encoding/payloads/encrypted_payload.c
new file mode 100644 (file)
index 0000000..d71f514
--- /dev/null
@@ -0,0 +1,631 @@
+/*
+ * Copyright (C) 2005-2010 Martin Willi
+ * Copyright (C) 2010 revosec AG
+ * Copyright (C) 2011 Tobias Brunner
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <stddef.h>
+#include <string.h>
+
+#include "encrypted_payload.h"
+
+#include <daemon.h>
+#include <encoding/payloads/encodings.h>
+#include <collections/linked_list.h>
+#include <encoding/generator.h>
+#include <encoding/parser.h>
+
+typedef struct private_encrypted_payload_t private_encrypted_payload_t;
+
+struct private_encrypted_payload_t {
+
+       /**
+        * Public encrypted_payload_t interface.
+        */
+       encrypted_payload_t public;
+
+       /**
+        * There is no next payload for an encrypted payload,
+        * since encrypted payload MUST be the last one.
+        * next_payload means here the first payload of the
+        * contained, encrypted payload.
+        */
+       u_int8_t next_payload;
+
+       /**
+        * Flags, including reserved bits
+        */
+       u_int8_t flags;
+
+       /**
+        * Length of this payload
+        */
+       u_int16_t payload_length;
+
+       /**
+        * Chunk containing the IV, plain, padding and ICV.
+        */
+       chunk_t encrypted;
+
+       /**
+        * AEAD transform to use
+        */
+       aead_t *aead;
+
+       /**
+        * Contained payloads
+        */
+       linked_list_t *payloads;
+
+       /**
+        * Type of payload, PLV2_ENCRYPTED or PLV1_ENCRYPTED
+        */
+       payload_type_t type;
+};
+
+/**
+ * Encoding rules to parse or generate a IKEv2-Encrypted Payload.
+ *
+ * The defined offsets are the positions in a object of type
+ * private_encrypted_payload_t.
+ */
+static encoding_rule_t encodings_v2[] = {
+       /* 1 Byte next payload type, stored in the field next_payload */
+       { U_INT_8,                      offsetof(private_encrypted_payload_t, next_payload)     },
+       /* Critical and 7 reserved bits, all stored for reconstruction */
+       { U_INT_8,                      offsetof(private_encrypted_payload_t, flags)                    },
+       /* Length of the whole encrypted payload*/
+       { PAYLOAD_LENGTH,       offsetof(private_encrypted_payload_t, payload_length)   },
+       /* encrypted data, stored in a chunk. contains iv, data, padding */
+       { CHUNK_DATA,           offsetof(private_encrypted_payload_t, encrypted)                },
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ! Next Payload  !C!  RESERVED   !         Payload Length        !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                     Initialization Vector                     !
+      !         (length is block size for encryption algorithm)       !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                    Encrypted IKE Payloads                     !
+      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !               !             Padding (0-255 octets)            !
+      +-+-+-+-+-+-+-+-+                               +-+-+-+-+-+-+-+-+
+      !                                               !  Pad Length   !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ~                    Integrity Checksum Data                    ~
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+/**
+ * Encoding rules to parse or generate a complete encrypted IKEv1 message.
+ *
+ * The defined offsets are the positions in a object of type
+ * private_encrypted_payload_t.
+ */
+static encoding_rule_t encodings_v1[] = {
+       /* encrypted data, stored in a chunk */
+       { ENCRYPTED_DATA,       offsetof(private_encrypted_payload_t, encrypted)                },
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                    Encrypted IKE Payloads                     !
+      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !               !             Padding (0-255 octets)            !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+METHOD(payload_t, verify, status_t,
+       private_encrypted_payload_t *this)
+{
+       return SUCCESS;
+}
+
+METHOD(payload_t, get_encoding_rules, int,
+       private_encrypted_payload_t *this, encoding_rule_t **rules)
+{
+       if (this->type == PLV2_ENCRYPTED)
+       {
+               *rules = encodings_v2;
+               return countof(encodings_v2);
+       }
+       *rules = encodings_v1;
+       return countof(encodings_v1);
+}
+
+METHOD(payload_t, get_header_length, int,
+       private_encrypted_payload_t *this)
+{
+       if (this->type == PLV2_ENCRYPTED)
+       {
+               return 4;
+       }
+       return 0;
+}
+
+METHOD(payload_t, get_type, payload_type_t,
+       private_encrypted_payload_t *this)
+{
+       return this->type;
+}
+
+METHOD(payload_t, get_next_type, payload_type_t,
+       private_encrypted_payload_t *this)
+{
+       return this->next_payload;
+}
+
+METHOD(payload_t, set_next_type, void,
+       private_encrypted_payload_t *this, payload_type_t type)
+{
+       /* the next payload is set during add, still allow this for IKEv1 */
+       this->next_payload = type;
+}
+
+/**
+ * Compute the length of the whole payload
+ */
+static void compute_length(private_encrypted_payload_t *this)
+{
+       enumerator_t *enumerator;
+       payload_t *payload;
+       size_t bs, length = 0;
+
+       if (this->encrypted.len)
+       {
+               length = this->encrypted.len;
+       }
+       else
+       {
+               enumerator = this->payloads->create_enumerator(this->payloads);
+               while (enumerator->enumerate(enumerator, &payload))
+               {
+                       length += payload->get_length(payload);
+               }
+               enumerator->destroy(enumerator);
+
+               if (this->aead)
+               {
+                       /* append padding */
+                       bs = this->aead->get_block_size(this->aead);
+                       length += bs - (length % bs);
+                       /* add iv */
+                       length += this->aead->get_iv_size(this->aead);
+                       /* add icv */
+                       length += this->aead->get_icv_size(this->aead);
+               }
+       }
+       length += get_header_length(this);
+       this->payload_length = length;
+}
+
+METHOD2(payload_t, encrypted_payload_t, get_length, size_t,
+       private_encrypted_payload_t *this)
+{
+       compute_length(this);
+       return this->payload_length;
+}
+
+METHOD(encrypted_payload_t, add_payload, void,
+       private_encrypted_payload_t *this, payload_t *payload)
+{
+       payload_t *last_payload;
+
+       if (this->payloads->get_count(this->payloads) > 0)
+       {
+               this->payloads->get_last(this->payloads, (void **)&last_payload);
+               last_payload->set_next_type(last_payload, payload->get_type(payload));
+       }
+       else
+       {
+               this->next_payload = payload->get_type(payload);
+       }
+       payload->set_next_type(payload, PL_NONE);
+       this->payloads->insert_last(this->payloads, payload);
+       compute_length(this);
+}
+
+METHOD(encrypted_payload_t, remove_payload, payload_t *,
+       private_encrypted_payload_t *this)
+{
+       payload_t *payload;
+
+       if (this->payloads->remove_first(this->payloads,
+                                                                        (void**)&payload) == SUCCESS)
+       {
+               return payload;
+       }
+       return NULL;
+}
+
+/**
+ * Generate payload before encryption
+ */
+static chunk_t generate(private_encrypted_payload_t *this,
+                                               generator_t *generator)
+{
+       payload_t *current, *next;
+       enumerator_t *enumerator;
+       u_int32_t *lenpos;
+       chunk_t chunk = chunk_empty;
+
+       enumerator = this->payloads->create_enumerator(this->payloads);
+       if (enumerator->enumerate(enumerator, &current))
+       {
+               this->next_payload = current->get_type(current);
+
+               while (enumerator->enumerate(enumerator, &next))
+               {
+                       current->set_next_type(current, next->get_type(next));
+                       generator->generate_payload(generator, current);
+                       current = next;
+               }
+               current->set_next_type(current, PL_NONE);
+               generator->generate_payload(generator, current);
+
+               chunk = generator->get_chunk(generator, &lenpos);
+               DBG2(DBG_ENC, "generated content in encrypted payload");
+       }
+       enumerator->destroy(enumerator);
+       return chunk;
+}
+
+/**
+ * Append the encrypted payload header to the associated data
+ */
+static chunk_t append_header(private_encrypted_payload_t *this, chunk_t assoc)
+{
+       struct {
+               u_int8_t next_payload;
+               u_int8_t flags;
+               u_int16_t length;
+       } __attribute__((packed)) header = {
+               .next_payload = this->next_payload,
+               .flags = this->flags,
+               .length = htons(get_length(this)),
+       };
+       return chunk_cat("cc", assoc, chunk_from_thing(header));
+}
+
+METHOD(encrypted_payload_t, encrypt, status_t,
+       private_encrypted_payload_t *this, u_int64_t mid, chunk_t assoc)
+{
+       chunk_t iv, plain, padding, icv, crypt;
+       generator_t *generator;
+       iv_gen_t *iv_gen;
+       rng_t *rng;
+       size_t bs;
+
+       if (this->aead == NULL)
+       {
+               DBG1(DBG_ENC, "encrypting encrypted payload failed, transform missing");
+               return INVALID_STATE;
+       }
+
+       rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
+       if (!rng)
+       {
+               DBG1(DBG_ENC, "encrypting encrypted payload failed, no RNG found");
+               return NOT_SUPPORTED;
+       }
+
+       iv_gen = this->aead->get_iv_gen(this->aead);
+       if (!iv_gen)
+       {
+               DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV generator");
+               return NOT_SUPPORTED;
+       }
+
+       assoc = append_header(this, assoc);
+
+       generator = generator_create();
+       plain = generate(this, generator);
+       bs = this->aead->get_block_size(this->aead);
+       /* we need at least one byte padding to store the padding length */
+       padding.len = bs - (plain.len % bs);
+       iv.len = this->aead->get_iv_size(this->aead);
+       icv.len = this->aead->get_icv_size(this->aead);
+
+       /* prepare data to authenticate-encrypt:
+        * | IV | plain | padding | ICV |
+        *       \____crypt______/   ^
+        *              |           /
+        *              v          /
+        *     assoc -> + ------->/
+        */
+       free(this->encrypted.ptr);
+       this->encrypted = chunk_alloc(iv.len + plain.len + padding.len + icv.len);
+       iv.ptr = this->encrypted.ptr;
+       memcpy(iv.ptr + iv.len, plain.ptr, plain.len);
+       plain.ptr = iv.ptr + iv.len;
+       padding.ptr = plain.ptr + plain.len;
+       icv.ptr = padding.ptr + padding.len;
+       crypt = chunk_create(plain.ptr, plain.len + padding.len);
+       generator->destroy(generator);
+
+       if (!iv_gen->get_iv(iv_gen, mid, iv.len, iv.ptr) ||
+               !rng->get_bytes(rng, padding.len - 1, padding.ptr))
+       {
+               DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV or padding");
+               rng->destroy(rng);
+               free(assoc.ptr);
+               return FAILED;
+       }
+       padding.ptr[padding.len - 1] = padding.len - 1;
+       rng->destroy(rng);
+
+       DBG3(DBG_ENC, "encrypted payload encryption:");
+       DBG3(DBG_ENC, "IV %B", &iv);
+       DBG3(DBG_ENC, "plain %B", &plain);
+       DBG3(DBG_ENC, "padding %B", &padding);
+       DBG3(DBG_ENC, "assoc %B", &assoc);
+
+       if (!this->aead->encrypt(this->aead, crypt, assoc, iv, NULL))
+       {
+               free(assoc.ptr);
+               return FAILED;
+       }
+
+       DBG3(DBG_ENC, "encrypted %B", &crypt);
+       DBG3(DBG_ENC, "ICV %B", &icv);
+
+       free(assoc.ptr);
+
+       return SUCCESS;
+}
+
+METHOD(encrypted_payload_t, encrypt_v1, status_t,
+       private_encrypted_payload_t *this, u_int64_t mid, chunk_t iv)
+{
+       generator_t *generator;
+       chunk_t plain, padding;
+       size_t bs;
+
+       if (this->aead == NULL)
+       {
+               DBG1(DBG_ENC, "encryption failed, transform missing");
+               return INVALID_STATE;
+       }
+
+       generator = generator_create();
+       plain = generate(this, generator);
+       bs = this->aead->get_block_size(this->aead);
+       padding.len = bs - (plain.len % bs);
+
+       /* prepare data to encrypt:
+        * | plain | padding | */
+       free(this->encrypted.ptr);
+       this->encrypted = chunk_alloc(plain.len + padding.len);
+       memcpy(this->encrypted.ptr, plain.ptr, plain.len);
+       plain.ptr = this->encrypted.ptr;
+       padding.ptr = plain.ptr + plain.len;
+       memset(padding.ptr, 0, padding.len);
+       generator->destroy(generator);
+
+       DBG3(DBG_ENC, "encrypting payloads:");
+       DBG3(DBG_ENC, "IV %B", &iv);
+       DBG3(DBG_ENC, "plain %B", &plain);
+       DBG3(DBG_ENC, "padding %B", &padding);
+
+       if (!this->aead->encrypt(this->aead, this->encrypted, chunk_empty, iv, NULL))
+       {
+               return FAILED;
+       }
+
+       DBG3(DBG_ENC, "encrypted %B", &this->encrypted);
+
+       return SUCCESS;
+}
+
+/**
+ * Parse the payloads after decryption.
+ */
+static status_t parse(private_encrypted_payload_t *this, chunk_t plain)
+{
+       parser_t *parser;
+       payload_type_t type;
+
+       parser = parser_create(plain);
+       type = this->next_payload;
+       while (type != PL_NONE)
+       {
+               payload_t *payload;
+
+               if (plain.len < 4 || untoh16(plain.ptr + 2) > plain.len)
+               {
+                       DBG1(DBG_ENC, "invalid %N payload length, decryption failed?",
+                                payload_type_names, type);
+                       parser->destroy(parser);
+                       return PARSE_ERROR;
+               }
+               if (parser->parse_payload(parser, type, &payload) != SUCCESS)
+               {
+                       parser->destroy(parser);
+                       return PARSE_ERROR;
+               }
+               if (payload->verify(payload) != SUCCESS)
+               {
+                       DBG1(DBG_ENC, "%N verification failed",
+                                payload_type_names, payload->get_type(payload));
+                       payload->destroy(payload);
+                       parser->destroy(parser);
+                       return VERIFY_ERROR;
+               }
+               type = payload->get_next_type(payload);
+               this->payloads->insert_last(this->payloads, payload);
+       }
+       parser->destroy(parser);
+       DBG2(DBG_ENC, "parsed content of encrypted payload");
+       return SUCCESS;
+}
+
+METHOD(encrypted_payload_t, decrypt, status_t,
+       private_encrypted_payload_t *this, chunk_t assoc)
+{
+       chunk_t iv, plain, padding, icv, crypt;
+       size_t bs;
+
+       if (this->aead == NULL)
+       {
+               DBG1(DBG_ENC, "decrypting encrypted payload failed, transform missing");
+               return INVALID_STATE;
+       }
+
+       /* prepare data to authenticate-decrypt:
+        * | IV | plain | padding | ICV |
+        *       \____crypt______/   ^
+        *              |           /
+        *              v          /
+        *     assoc -> + ------->/
+        */
+
+       bs = this->aead->get_block_size(this->aead);
+       iv.len = this->aead->get_iv_size(this->aead);
+       iv.ptr = this->encrypted.ptr;
+       icv.len = this->aead->get_icv_size(this->aead);
+       icv.ptr = this->encrypted.ptr + this->encrypted.len - icv.len;
+       crypt.ptr = iv.ptr + iv.len;
+       crypt.len = this->encrypted.len - iv.len;
+
+       if (iv.len + icv.len > this->encrypted.len ||
+               (crypt.len - icv.len) % bs)
+       {
+               DBG1(DBG_ENC, "decrypting encrypted payload failed, invalid length");
+               return FAILED;
+       }
+
+       assoc = append_header(this, assoc);
+
+       DBG3(DBG_ENC, "encrypted payload decryption:");
+       DBG3(DBG_ENC, "IV %B", &iv);
+       DBG3(DBG_ENC, "encrypted %B", &crypt);
+       DBG3(DBG_ENC, "ICV %B", &icv);
+       DBG3(DBG_ENC, "assoc %B", &assoc);
+
+       if (!this->aead->decrypt(this->aead, crypt, assoc, iv, NULL))
+       {
+               DBG1(DBG_ENC, "verifying encrypted payload integrity failed");
+               free(assoc.ptr);
+               return FAILED;
+       }
+       free(assoc.ptr);
+
+       plain = chunk_create(crypt.ptr, crypt.len - icv.len);
+       padding.len = plain.ptr[plain.len - 1] + 1;
+       if (padding.len > plain.len)
+       {
+               DBG1(DBG_ENC, "decrypting encrypted payload failed, "
+                        "padding invalid %B", &crypt);
+               return PARSE_ERROR;
+       }
+       plain.len -= padding.len;
+       padding.ptr = plain.ptr + plain.len;
+
+       DBG3(DBG_ENC, "plain %B", &plain);
+       DBG3(DBG_ENC, "padding %B", &padding);
+
+       return parse(this, plain);
+}
+
+METHOD(encrypted_payload_t, decrypt_v1, status_t,
+       private_encrypted_payload_t *this, chunk_t iv)
+{
+       if (this->aead == NULL)
+       {
+               DBG1(DBG_ENC, "decryption failed, transform missing");
+               return INVALID_STATE;
+       }
+
+       /* data must be a multiple of block size */
+       if (iv.len != this->aead->get_block_size(this->aead) ||
+               this->encrypted.len < iv.len || this->encrypted.len % iv.len)
+       {
+               DBG1(DBG_ENC, "decryption failed, invalid length");
+               return FAILED;
+       }
+
+       DBG3(DBG_ENC, "decrypting payloads:");
+       DBG3(DBG_ENC, "encrypted %B", &this->encrypted);
+
+       if (!this->aead->decrypt(this->aead, this->encrypted, chunk_empty, iv, NULL))
+       {
+               return FAILED;
+       }
+
+       DBG3(DBG_ENC, "plain %B", &this->encrypted);
+
+       return parse(this, this->encrypted);
+}
+
+METHOD(encrypted_payload_t, set_transform, void,
+       private_encrypted_payload_t *this, aead_t* aead)
+{
+       this->aead = aead;
+}
+
+METHOD2(payload_t, encrypted_payload_t, destroy, void,
+       private_encrypted_payload_t *this)
+{
+       this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
+       free(this->encrypted.ptr);
+       free(this);
+}
+
+/*
+ * Described in header
+ */
+encrypted_payload_t *encrypted_payload_create(payload_type_t type)
+{
+       private_encrypted_payload_t *this;
+
+       INIT(this,
+               .public = {
+                       .payload_interface = {
+                               .verify = _verify,
+                               .get_encoding_rules = _get_encoding_rules,
+                               .get_header_length = _get_header_length,
+                               .get_length = _get_length,
+                               .get_next_type = _get_next_type,
+                               .set_next_type = _set_next_type,
+                               .get_type = _get_type,
+                               .destroy = _destroy,
+                       },
+                       .get_length = _get_length,
+                       .add_payload = _add_payload,
+                       .remove_payload = _remove_payload,
+                       .set_transform = _set_transform,
+                       .encrypt = _encrypt,
+                       .decrypt = _decrypt,
+                       .destroy = _destroy,
+               },
+               .next_payload = PL_NONE,
+               .payloads = linked_list_create(),
+               .type = type,
+       );
+       this->payload_length = get_header_length(this);
+
+       if (type == PLV1_ENCRYPTED)
+       {
+               this->public.encrypt = _encrypt_v1;
+               this->public.decrypt = _decrypt_v1;
+       }
+
+       return &this->public;
+}
diff --git a/src/libcharon/encoding/payloads/encrypted_payload.h b/src/libcharon/encoding/payloads/encrypted_payload.h
new file mode 100644 (file)
index 0000000..57bcc21
--- /dev/null
@@ -0,0 +1,111 @@
+/*
+ * Copyright (C) 2005-2010 Martin Willi
+ * Copyright (C) 2010 revosec AG
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup encrypted_payload encrypted_payload
+ * @{ @ingroup payloads
+ */
+
+#ifndef ENCRYPTED_PAYLOAD_H_
+#define ENCRYPTED_PAYLOAD_H_
+
+typedef struct encrypted_payload_t encrypted_payload_t;
+
+#include <library.h>
+#include <crypto/aead.h>
+#include <encoding/payloads/payload.h>
+
+/**
+ * The encrypted payload as described in RFC section 3.14.
+ */
+struct encrypted_payload_t {
+
+       /**
+        * Implements payload_t interface.
+        */
+       payload_t payload_interface;
+
+       /**
+        * Get the payload length.
+        *
+        * @return                      (expected) payload length
+        */
+       size_t (*get_length)(encrypted_payload_t *this);
+
+       /**
+        * Adds a payload to this encryption payload.
+        *
+        * @param payload               payload_t object to add
+        */
+       void (*add_payload) (encrypted_payload_t *this, payload_t *payload);
+
+       /**
+        * Remove the first payload in the list
+        *
+        * @param payload               removed payload
+        * @return                              payload, NULL if none left
+        */
+       payload_t* (*remove_payload)(encrypted_payload_t *this);
+
+       /**
+        * Set the AEAD transform to use.
+        *
+        * @param aead          aead transform to use
+        */
+       void (*set_transform) (encrypted_payload_t *this, aead_t *aead);
+
+       /**
+        * Generate, encrypt and sign contained payloads.
+        *
+        * @param mid                   message ID
+        * @param assoc                 associated data
+        * @return
+        *                                              - SUCCESS if encryption successful
+        *                                              - FAILED if encryption failed
+        *                                              - INVALID_STATE if aead not supplied, but needed
+        */
+       status_t (*encrypt) (encrypted_payload_t *this, u_int64_t mid,
+                                                chunk_t assoc);
+
+       /**
+        * Decrypt, verify and parse contained payloads.
+        *
+        * @param assoc                 associated data
+        * @return
+        *                                              - SUCCESS if parsing successful
+        *                                              - PARSE_ERROR if sub-payload parsing failed
+        *                                              - VERIFY_ERROR if sub-payload verification failed
+        *                                              - FAILED if integrity check failed
+        *                                              - INVALID_STATE if aead not supplied, but needed
+        */
+       status_t (*decrypt) (encrypted_payload_t *this, chunk_t assoc);
+
+       /**
+        * Destroys an encrypted_payload_t object.
+        */
+       void (*destroy) (encrypted_payload_t *this);
+};
+
+/**
+ * Creates an empty encrypted_payload_t object.
+ *
+ * @param type         PLV2_ENCRYPTED or PLV1_ENCRYPTED
+ * @return                     encrypted_payload_t object
+ */
+encrypted_payload_t *encrypted_payload_create(payload_type_t type);
+
+#endif /** ENCRYPTED_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/encryption_payload.c b/src/libcharon/encoding/payloads/encryption_payload.c
deleted file mode 100644 (file)
index 9fd6641..0000000
+++ /dev/null
@@ -1,635 +0,0 @@
-/*
- * Copyright (C) 2005-2010 Martin Willi
- * Copyright (C) 2010 revosec AG
- * Copyright (C) 2011 Tobias Brunner
- * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-#include <stddef.h>
-#include <string.h>
-
-#include "encryption_payload.h"
-
-#include <daemon.h>
-#include <encoding/payloads/encodings.h>
-#include <collections/linked_list.h>
-#include <encoding/generator.h>
-#include <encoding/parser.h>
-
-typedef struct private_encryption_payload_t private_encryption_payload_t;
-
-/**
- * Private data of an encryption_payload_t' Object.
- *
- */
-struct private_encryption_payload_t {
-
-       /**
-        * Public encryption_payload_t interface.
-        */
-       encryption_payload_t public;
-
-       /**
-        * There is no next payload for an encryption payload,
-        * since encryption payload MUST be the last one.
-        * next_payload means here the first payload of the
-        * contained, encrypted payload.
-        */
-       u_int8_t next_payload;
-
-       /**
-        * Flags, including reserved bits
-        */
-       u_int8_t flags;
-
-       /**
-        * Length of this payload
-        */
-       u_int16_t payload_length;
-
-       /**
-        * Chunk containing the IV, plain, padding and ICV.
-        */
-       chunk_t encrypted;
-
-       /**
-        * AEAD transform to use
-        */
-       aead_t *aead;
-
-       /**
-        * Contained payloads
-        */
-       linked_list_t *payloads;
-
-       /**
-        * Type of payload, PLV2_ENCRYPTED or PLV1_ENCRYPTED
-        */
-       payload_type_t type;
-};
-
-/**
- * Encoding rules to parse or generate a IKEv2-Encryption Payload.
- *
- * The defined offsets are the positions in a object of type
- * private_encryption_payload_t.
- */
-static encoding_rule_t encodings_v2[] = {
-       /* 1 Byte next payload type, stored in the field next_payload */
-       { U_INT_8,                      offsetof(private_encryption_payload_t, next_payload)    },
-       /* Critical and 7 reserved bits, all stored for reconstruction */
-       { U_INT_8,                      offsetof(private_encryption_payload_t, flags)                   },
-       /* Length of the whole encryption payload*/
-       { PAYLOAD_LENGTH,       offsetof(private_encryption_payload_t, payload_length)  },
-       /* encrypted data, stored in a chunk. contains iv, data, padding */
-       { CHUNK_DATA,           offsetof(private_encryption_payload_t, encrypted)               },
-};
-
-/*
-                           1                   2                   3
-       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      ! Next Payload  !C!  RESERVED   !         Payload Length        !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !                     Initialization Vector                     !
-      !         (length is block size for encryption algorithm)       !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !                    Encrypted IKE Payloads                     !
-      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !               !             Padding (0-255 octets)            !
-      +-+-+-+-+-+-+-+-+                               +-+-+-+-+-+-+-+-+
-      !                                               !  Pad Length   !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      ~                    Integrity Checksum Data                    ~
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-*/
-
-/**
- * Encoding rules to parse or generate a complete encrypted IKEv1 message.
- *
- * The defined offsets are the positions in a object of type
- * private_encryption_payload_t.
- */
-static encoding_rule_t encodings_v1[] = {
-       /* encrypted data, stored in a chunk */
-       { ENCRYPTED_DATA,       offsetof(private_encryption_payload_t, encrypted)               },
-};
-
-/*
-                           1                   2                   3
-       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !                    Encrypted IKE Payloads                     !
-      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !               !             Padding (0-255 octets)            !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-*/
-
-METHOD(payload_t, verify, status_t,
-       private_encryption_payload_t *this)
-{
-       return SUCCESS;
-}
-
-METHOD(payload_t, get_encoding_rules, int,
-       private_encryption_payload_t *this, encoding_rule_t **rules)
-{
-       if (this->type == PLV2_ENCRYPTED)
-       {
-               *rules = encodings_v2;
-               return countof(encodings_v2);
-       }
-       *rules = encodings_v1;
-       return countof(encodings_v1);
-}
-
-METHOD(payload_t, get_header_length, int,
-       private_encryption_payload_t *this)
-{
-       if (this->type == PLV2_ENCRYPTED)
-       {
-               return 4;
-       }
-       return 0;
-}
-
-METHOD(payload_t, get_type, payload_type_t,
-       private_encryption_payload_t *this)
-{
-       return this->type;
-}
-
-METHOD(payload_t, get_next_type, payload_type_t,
-       private_encryption_payload_t *this)
-{
-       return this->next_payload;
-}
-
-METHOD(payload_t, set_next_type, void,
-       private_encryption_payload_t *this, payload_type_t type)
-{
-       /* the next payload is set during add, still allow this for IKEv1 */
-       this->next_payload = type;
-}
-
-/**
- * Compute the length of the whole payload
- */
-static void compute_length(private_encryption_payload_t *this)
-{
-       enumerator_t *enumerator;
-       payload_t *payload;
-       size_t bs, length = 0;
-
-       if (this->encrypted.len)
-       {
-               length = this->encrypted.len;
-       }
-       else
-       {
-               enumerator = this->payloads->create_enumerator(this->payloads);
-               while (enumerator->enumerate(enumerator, &payload))
-               {
-                       length += payload->get_length(payload);
-               }
-               enumerator->destroy(enumerator);
-
-               if (this->aead)
-               {
-                       /* append padding */
-                       bs = this->aead->get_block_size(this->aead);
-                       length += bs - (length % bs);
-                       /* add iv */
-                       length += this->aead->get_iv_size(this->aead);
-                       /* add icv */
-                       length += this->aead->get_icv_size(this->aead);
-               }
-       }
-       length += get_header_length(this);
-       this->payload_length = length;
-}
-
-METHOD2(payload_t, encryption_payload_t, get_length, size_t,
-       private_encryption_payload_t *this)
-{
-       compute_length(this);
-       return this->payload_length;
-}
-
-METHOD(encryption_payload_t, add_payload, void,
-       private_encryption_payload_t *this, payload_t *payload)
-{
-       payload_t *last_payload;
-
-       if (this->payloads->get_count(this->payloads) > 0)
-       {
-               this->payloads->get_last(this->payloads, (void **)&last_payload);
-               last_payload->set_next_type(last_payload, payload->get_type(payload));
-       }
-       else
-       {
-               this->next_payload = payload->get_type(payload);
-       }
-       payload->set_next_type(payload, PL_NONE);
-       this->payloads->insert_last(this->payloads, payload);
-       compute_length(this);
-}
-
-METHOD(encryption_payload_t, remove_payload, payload_t *,
-       private_encryption_payload_t *this)
-{
-       payload_t *payload;
-
-       if (this->payloads->remove_first(this->payloads,
-                                                                        (void**)&payload) == SUCCESS)
-       {
-               return payload;
-       }
-       return NULL;
-}
-
-/**
- * Generate payload before encryption
- */
-static chunk_t generate(private_encryption_payload_t *this,
-                                               generator_t *generator)
-{
-       payload_t *current, *next;
-       enumerator_t *enumerator;
-       u_int32_t *lenpos;
-       chunk_t chunk = chunk_empty;
-
-       enumerator = this->payloads->create_enumerator(this->payloads);
-       if (enumerator->enumerate(enumerator, &current))
-       {
-               this->next_payload = current->get_type(current);
-
-               while (enumerator->enumerate(enumerator, &next))
-               {
-                       current->set_next_type(current, next->get_type(next));
-                       generator->generate_payload(generator, current);
-                       current = next;
-               }
-               current->set_next_type(current, PL_NONE);
-               generator->generate_payload(generator, current);
-
-               chunk = generator->get_chunk(generator, &lenpos);
-               DBG2(DBG_ENC, "generated content in encryption payload");
-       }
-       enumerator->destroy(enumerator);
-       return chunk;
-}
-
-/**
- * Append the encryption payload header to the associated data
- */
-static chunk_t append_header(private_encryption_payload_t *this, chunk_t assoc)
-{
-       struct {
-               u_int8_t next_payload;
-               u_int8_t flags;
-               u_int16_t length;
-       } __attribute__((packed)) header = {
-               .next_payload = this->next_payload,
-               .flags = this->flags,
-               .length = htons(get_length(this)),
-       };
-       return chunk_cat("cc", assoc, chunk_from_thing(header));
-}
-
-METHOD(encryption_payload_t, encrypt, status_t,
-       private_encryption_payload_t *this, u_int64_t mid, chunk_t assoc)
-{
-       chunk_t iv, plain, padding, icv, crypt;
-       generator_t *generator;
-       iv_gen_t *iv_gen;
-       rng_t *rng;
-       size_t bs;
-
-       if (this->aead == NULL)
-       {
-               DBG1(DBG_ENC, "encrypting encryption payload failed, transform missing");
-               return INVALID_STATE;
-       }
-
-       rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
-       if (!rng)
-       {
-               DBG1(DBG_ENC, "encrypting encryption payload failed, no RNG found");
-               return NOT_SUPPORTED;
-       }
-
-       iv_gen = this->aead->get_iv_gen(this->aead);
-       if (!iv_gen)
-       {
-               DBG1(DBG_ENC, "encrypting encryption payload failed, no IV generator");
-               return NOT_SUPPORTED;
-       }
-
-       assoc = append_header(this, assoc);
-
-       generator = generator_create();
-       plain = generate(this, generator);
-       bs = this->aead->get_block_size(this->aead);
-       /* we need at least one byte padding to store the padding length */
-       padding.len = bs - (plain.len % bs);
-       iv.len = this->aead->get_iv_size(this->aead);
-       icv.len = this->aead->get_icv_size(this->aead);
-
-       /* prepare data to authenticate-encrypt:
-        * | IV | plain | padding | ICV |
-        *       \____crypt______/   ^
-        *              |           /
-        *              v          /
-        *     assoc -> + ------->/
-        */
-       free(this->encrypted.ptr);
-       this->encrypted = chunk_alloc(iv.len + plain.len + padding.len + icv.len);
-       iv.ptr = this->encrypted.ptr;
-       memcpy(iv.ptr + iv.len, plain.ptr, plain.len);
-       plain.ptr = iv.ptr + iv.len;
-       padding.ptr = plain.ptr + plain.len;
-       icv.ptr = padding.ptr + padding.len;
-       crypt = chunk_create(plain.ptr, plain.len + padding.len);
-       generator->destroy(generator);
-
-       if (!iv_gen->get_iv(iv_gen, mid, iv.len, iv.ptr) ||
-               !rng->get_bytes(rng, padding.len - 1, padding.ptr))
-       {
-               DBG1(DBG_ENC, "encrypting encryption payload failed, no IV or padding");
-               rng->destroy(rng);
-               free(assoc.ptr);
-               return FAILED;
-       }
-       padding.ptr[padding.len - 1] = padding.len - 1;
-       rng->destroy(rng);
-
-       DBG3(DBG_ENC, "encryption payload encryption:");
-       DBG3(DBG_ENC, "IV %B", &iv);
-       DBG3(DBG_ENC, "plain %B", &plain);
-       DBG3(DBG_ENC, "padding %B", &padding);
-       DBG3(DBG_ENC, "assoc %B", &assoc);
-
-       if (!this->aead->encrypt(this->aead, crypt, assoc, iv, NULL))
-       {
-               free(assoc.ptr);
-               return FAILED;
-       }
-
-       DBG3(DBG_ENC, "encrypted %B", &crypt);
-       DBG3(DBG_ENC, "ICV %B", &icv);
-
-       free(assoc.ptr);
-
-       return SUCCESS;
-}
-
-METHOD(encryption_payload_t, encrypt_v1, status_t,
-       private_encryption_payload_t *this, u_int64_t mid, chunk_t iv)
-{
-       generator_t *generator;
-       chunk_t plain, padding;
-       size_t bs;
-
-       if (this->aead == NULL)
-       {
-               DBG1(DBG_ENC, "encryption failed, transform missing");
-               return INVALID_STATE;
-       }
-
-       generator = generator_create();
-       plain = generate(this, generator);
-       bs = this->aead->get_block_size(this->aead);
-       padding.len = bs - (plain.len % bs);
-
-       /* prepare data to encrypt:
-        * | plain | padding | */
-       free(this->encrypted.ptr);
-       this->encrypted = chunk_alloc(plain.len + padding.len);
-       memcpy(this->encrypted.ptr, plain.ptr, plain.len);
-       plain.ptr = this->encrypted.ptr;
-       padding.ptr = plain.ptr + plain.len;
-       memset(padding.ptr, 0, padding.len);
-       generator->destroy(generator);
-
-       DBG3(DBG_ENC, "encrypting payloads:");
-       DBG3(DBG_ENC, "IV %B", &iv);
-       DBG3(DBG_ENC, "plain %B", &plain);
-       DBG3(DBG_ENC, "padding %B", &padding);
-
-       if (!this->aead->encrypt(this->aead, this->encrypted, chunk_empty, iv, NULL))
-       {
-               return FAILED;
-       }
-
-       DBG3(DBG_ENC, "encrypted %B", &this->encrypted);
-
-       return SUCCESS;
-}
-
-/**
- * Parse the payloads after decryption.
- */
-static status_t parse(private_encryption_payload_t *this, chunk_t plain)
-{
-       parser_t *parser;
-       payload_type_t type;
-
-       parser = parser_create(plain);
-       type = this->next_payload;
-       while (type != PL_NONE)
-       {
-               payload_t *payload;
-
-               if (plain.len < 4 || untoh16(plain.ptr + 2) > plain.len)
-               {
-                       DBG1(DBG_ENC, "invalid %N payload length, decryption failed?",
-                                payload_type_names, type);
-                       parser->destroy(parser);
-                       return PARSE_ERROR;
-               }
-               if (parser->parse_payload(parser, type, &payload) != SUCCESS)
-               {
-                       parser->destroy(parser);
-                       return PARSE_ERROR;
-               }
-               if (payload->verify(payload) != SUCCESS)
-               {
-                       DBG1(DBG_ENC, "%N verification failed",
-                                payload_type_names, payload->get_type(payload));
-                       payload->destroy(payload);
-                       parser->destroy(parser);
-                       return VERIFY_ERROR;
-               }
-               type = payload->get_next_type(payload);
-               this->payloads->insert_last(this->payloads, payload);
-       }
-       parser->destroy(parser);
-       DBG2(DBG_ENC, "parsed content of encryption payload");
-       return SUCCESS;
-}
-
-METHOD(encryption_payload_t, decrypt, status_t,
-       private_encryption_payload_t *this, chunk_t assoc)
-{
-       chunk_t iv, plain, padding, icv, crypt;
-       size_t bs;
-
-       if (this->aead == NULL)
-       {
-               DBG1(DBG_ENC, "decrypting encryption payload failed, transform missing");
-               return INVALID_STATE;
-       }
-
-       /* prepare data to authenticate-decrypt:
-        * | IV | plain | padding | ICV |
-        *       \____crypt______/   ^
-        *              |           /
-        *              v          /
-        *     assoc -> + ------->/
-        */
-
-       bs = this->aead->get_block_size(this->aead);
-       iv.len = this->aead->get_iv_size(this->aead);
-       iv.ptr = this->encrypted.ptr;
-       icv.len = this->aead->get_icv_size(this->aead);
-       icv.ptr = this->encrypted.ptr + this->encrypted.len - icv.len;
-       crypt.ptr = iv.ptr + iv.len;
-       crypt.len = this->encrypted.len - iv.len;
-
-       if (iv.len + icv.len > this->encrypted.len ||
-               (crypt.len - icv.len) % bs)
-       {
-               DBG1(DBG_ENC, "decrypting encryption payload failed, invalid length");
-               return FAILED;
-       }
-
-       assoc = append_header(this, assoc);
-
-       DBG3(DBG_ENC, "encryption payload decryption:");
-       DBG3(DBG_ENC, "IV %B", &iv);
-       DBG3(DBG_ENC, "encrypted %B", &crypt);
-       DBG3(DBG_ENC, "ICV %B", &icv);
-       DBG3(DBG_ENC, "assoc %B", &assoc);
-
-       if (!this->aead->decrypt(this->aead, crypt, assoc, iv, NULL))
-       {
-               DBG1(DBG_ENC, "verifying encryption payload integrity failed");
-               free(assoc.ptr);
-               return FAILED;
-       }
-       free(assoc.ptr);
-
-       plain = chunk_create(crypt.ptr, crypt.len - icv.len);
-       padding.len = plain.ptr[plain.len - 1] + 1;
-       if (padding.len > plain.len)
-       {
-               DBG1(DBG_ENC, "decrypting encryption payload failed, "
-                        "padding invalid %B", &crypt);
-               return PARSE_ERROR;
-       }
-       plain.len -= padding.len;
-       padding.ptr = plain.ptr + plain.len;
-
-       DBG3(DBG_ENC, "plain %B", &plain);
-       DBG3(DBG_ENC, "padding %B", &padding);
-
-       return parse(this, plain);
-}
-
-METHOD(encryption_payload_t, decrypt_v1, status_t,
-       private_encryption_payload_t *this, chunk_t iv)
-{
-       if (this->aead == NULL)
-       {
-               DBG1(DBG_ENC, "decryption failed, transform missing");
-               return INVALID_STATE;
-       }
-
-       /* data must be a multiple of block size */
-       if (iv.len != this->aead->get_block_size(this->aead) ||
-               this->encrypted.len < iv.len || this->encrypted.len % iv.len)
-       {
-               DBG1(DBG_ENC, "decryption failed, invalid length");
-               return FAILED;
-       }
-
-       DBG3(DBG_ENC, "decrypting payloads:");
-       DBG3(DBG_ENC, "encrypted %B", &this->encrypted);
-
-       if (!this->aead->decrypt(this->aead, this->encrypted, chunk_empty, iv, NULL))
-       {
-               return FAILED;
-       }
-
-       DBG3(DBG_ENC, "plain %B", &this->encrypted);
-
-       return parse(this, this->encrypted);
-}
-
-METHOD(encryption_payload_t, set_transform, void,
-       private_encryption_payload_t *this, aead_t* aead)
-{
-       this->aead = aead;
-}
-
-METHOD2(payload_t, encryption_payload_t, destroy, void,
-       private_encryption_payload_t *this)
-{
-       this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
-       free(this->encrypted.ptr);
-       free(this);
-}
-
-/*
- * Described in header
- */
-encryption_payload_t *encryption_payload_create(payload_type_t type)
-{
-       private_encryption_payload_t *this;
-
-       INIT(this,
-               .public = {
-                       .payload_interface = {
-                               .verify = _verify,
-                               .get_encoding_rules = _get_encoding_rules,
-                               .get_header_length = _get_header_length,
-                               .get_length = _get_length,
-                               .get_next_type = _get_next_type,
-                               .set_next_type = _set_next_type,
-                               .get_type = _get_type,
-                               .destroy = _destroy,
-                       },
-                       .get_length = _get_length,
-                       .add_payload = _add_payload,
-                       .remove_payload = _remove_payload,
-                       .set_transform = _set_transform,
-                       .encrypt = _encrypt,
-                       .decrypt = _decrypt,
-                       .destroy = _destroy,
-               },
-               .next_payload = PL_NONE,
-               .payloads = linked_list_create(),
-               .type = type,
-       );
-       this->payload_length = get_header_length(this);
-
-       if (type == PLV1_ENCRYPTED)
-       {
-               this->public.encrypt = _encrypt_v1;
-               this->public.decrypt = _decrypt_v1;
-       }
-
-       return &this->public;
-}
diff --git a/src/libcharon/encoding/payloads/encryption_payload.h b/src/libcharon/encoding/payloads/encryption_payload.h
deleted file mode 100644 (file)
index ee44c2d..0000000
+++ /dev/null
@@ -1,111 +0,0 @@
-/*
- * Copyright (C) 2005-2010 Martin Willi
- * Copyright (C) 2010 revosec AG
- * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- */
-
-/**
- * @defgroup encryption_payload encryption_payload
- * @{ @ingroup payloads
- */
-
-#ifndef ENCRYPTION_PAYLOAD_H_
-#define ENCRYPTION_PAYLOAD_H_
-
-typedef struct encryption_payload_t encryption_payload_t;
-
-#include <library.h>
-#include <crypto/aead.h>
-#include <encoding/payloads/payload.h>
-
-/**
- * The encryption payload as described in RFC section 3.14.
- */
-struct encryption_payload_t {
-
-       /**
-        * Implements payload_t interface.
-        */
-       payload_t payload_interface;
-
-       /**
-        * Get the payload length.
-        *
-        * @return                      (expected) payload length
-        */
-       size_t (*get_length)(encryption_payload_t *this);
-
-       /**
-        * Adds a payload to this encryption payload.
-        *
-        * @param payload               payload_t object to add
-        */
-       void (*add_payload) (encryption_payload_t *this, payload_t *payload);
-
-       /**
-        * Remove the first payload in the list
-        *
-        * @param payload               removed payload
-        * @return                              payload, NULL if none left
-        */
-       payload_t* (*remove_payload)(encryption_payload_t *this);
-
-       /**
-        * Set the AEAD transform to use.
-        *
-        * @param aead          aead transform to use
-        */
-       void (*set_transform) (encryption_payload_t *this, aead_t *aead);
-
-       /**
-        * Generate, encrypt and sign contained payloads.
-        *
-        * @param mid                   message ID
-        * @param assoc                 associated data
-        * @return
-        *                                              - SUCCESS if encryption successful
-        *                                              - FAILED if encryption failed
-        *                                              - INVALID_STATE if aead not supplied, but needed
-        */
-       status_t (*encrypt) (encryption_payload_t *this, u_int64_t mid,
-                                                chunk_t assoc);
-
-       /**
-        * Decrypt, verify and parse contained payloads.
-        *
-        * @param assoc                 associated data
-        * @return
-        *                                              - SUCCESS if parsing successful
-        *                                              - PARSE_ERROR if sub-payload parsing failed
-        *                                              - VERIFY_ERROR if sub-payload verification failed
-        *                                              - FAILED if integrity check failed
-        *                                              - INVALID_STATE if aead not supplied, but needed
-        */
-       status_t (*decrypt) (encryption_payload_t *this, chunk_t assoc);
-
-       /**
-        * Destroys an encryption_payload_t object.
-        */
-       void (*destroy) (encryption_payload_t *this);
-};
-
-/**
- * Creates an empty encryption_payload_t object.
- *
- * @param type         PLV2_ENCRYPTED or PLV1_ENCRYPTED
- * @return                     encryption_payload_t object
- */
-encryption_payload_t *encryption_payload_create(payload_type_t type);
-
-#endif /** ENCRYPTION_PAYLOAD_H_ @}*/
index fd61662..e687f27 100644 (file)
@@ -28,7 +28,7 @@
 #include <encoding/payloads/auth_payload.h>
 #include <encoding/payloads/cert_payload.h>
 #include <encoding/payloads/certreq_payload.h>
-#include <encoding/payloads/encryption_payload.h>
+#include <encoding/payloads/encrypted_payload.h>
 #include <encoding/payloads/ts_payload.h>
 #include <encoding/payloads/delete_payload.h>
 #include <encoding/payloads/vendor_id_payload.h>
@@ -244,7 +244,7 @@ payload_t *payload_create(payload_type_t type)
                        return (payload_t*)eap_payload_create();
                case PLV2_ENCRYPTED:
                case PLV1_ENCRYPTED:
-                       return (payload_t*)encryption_payload_create(type);
+                       return (payload_t*)encrypted_payload_create(type);
                case PLV1_FRAGMENT:
                        return (payload_t*)fragment_payload_create();
                default:
index d9dd619..f22470e 100644 (file)
@@ -193,7 +193,7 @@ enum payload_type_t {
        PLV2_TS_RESPONDER = 45,
 
        /**
-        * Encryption payload, contains other payloads (E).
+        * Encrypted payload, contains other payloads (E).
         */
        PLV2_ENCRYPTED = 46,