Implemented a manager for USIM cards/providers very similar to the SIM manager
authorMartin Willi <martin@strongswan.org>
Thu, 8 Oct 2009 07:08:46 +0000 (09:08 +0200)
committerMartin Willi <martin@strongswan.org>
Fri, 9 Oct 2009 11:02:19 +0000 (13:02 +0200)
src/charon/Makefile.am
src/charon/daemon.c
src/charon/daemon.h
src/charon/sa/authenticators/eap/usim_manager.c [new file with mode: 0644]
src/charon/sa/authenticators/eap/usim_manager.h [new file with mode: 0644]

index 4942b47..4fa4f6b 100644 (file)
@@ -71,6 +71,7 @@ sa/authenticators/eap_authenticator.c sa/authenticators/eap_authenticator.h \
 sa/authenticators/eap/eap_method.c sa/authenticators/eap/eap_method.h \
 sa/authenticators/eap/eap_manager.c sa/authenticators/eap/eap_manager.h \
 sa/authenticators/eap/sim_manager.c sa/authenticators/eap/sim_manager.h \
+sa/authenticators/eap/usim_manager.c sa/authenticators/eap/usim_manager.h \
 sa/authenticators/psk_authenticator.c sa/authenticators/psk_authenticator.h \
 sa/authenticators/pubkey_authenticator.c sa/authenticators/pubkey_authenticator.h \
 sa/child_sa.c sa/child_sa.h \
index 490357c..9f7abf7 100644 (file)
@@ -190,6 +190,7 @@ static void destroy(private_daemon_t *this)
        DESTROY_IF(this->public.controller);
        DESTROY_IF(this->public.eap);
        DESTROY_IF(this->public.sim);
+       DESTROY_IF(this->public.usim);
 #ifdef ME
        DESTROY_IF(this->public.connect_manager);
        DESTROY_IF(this->public.mediation_manager);
@@ -486,6 +487,7 @@ static bool initialize(private_daemon_t *this, bool syslog, level_t levels[])
        this->public.controller = controller_create();
        this->public.eap = eap_manager_create();
        this->public.sim = sim_manager_create();
+       this->public.usim = usim_manager_create();
        this->public.backends = backend_manager_create();
        this->public.attributes = attribute_manager_create();
        this->public.kernel_interface = kernel_interface_create();
@@ -568,6 +570,7 @@ private_daemon_t *daemon_create(void)
        this->public.controller = NULL;
        this->public.eap = NULL;
        this->public.sim = NULL;
+       this->public.usim = NULL;
        this->public.bus = NULL;
        this->public.file_loggers = linked_list_create();
        this->public.sys_loggers = linked_list_create();
index 7fcdc55..3af0b9b 100644 (file)
@@ -163,6 +163,7 @@ typedef struct daemon_t daemon_t;
 #include <credentials/credential_manager.h>
 #include <sa/authenticators/eap/eap_manager.h>
 #include <sa/authenticators/eap/sim_manager.h>
+#include <sa/authenticators/eap/usim_manager.h>
 
 #ifdef ME
 #include <sa/connect_manager.h>
@@ -285,6 +286,11 @@ struct daemon_t {
         */
        sim_manager_t *sim;
 
+       /**
+        * USIM manager to maintain USIM cards/providers
+        */
+       usim_manager_t *usim;
+
 #ifdef ME
        /**
         * Connect manager
diff --git a/src/charon/sa/authenticators/eap/usim_manager.c b/src/charon/sa/authenticators/eap/usim_manager.c
new file mode 100644 (file)
index 0000000..fa86e73
--- /dev/null
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2008-2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "usim_manager.h"
+
+#include <utils/linked_list.h>
+
+typedef struct private_usim_manager_t private_usim_manager_t;
+
+/**
+ * Private data of an usim_manager_t object.
+ */
+struct private_usim_manager_t {
+
+       /**
+        * Public usim_manager_t interface.
+        */
+       usim_manager_t public;
+
+       /**
+        * list of added cards
+        */
+       linked_list_t *cards;
+
+       /**
+        * list of added provider
+        */
+       linked_list_t *provider;
+};
+
+/**
+ * Implementation of usim_manager_t.add_card
+ */
+static void add_card(private_usim_manager_t *this, usim_card_t *card)
+{
+       this->cards->insert_last(this->cards, card);
+}
+
+/**
+ * Implementation of usim_manager_t.remove_card
+ */
+static void remove_card(private_usim_manager_t *this, usim_card_t *card)
+{
+       this->cards->remove(this->cards, card, NULL);
+}
+
+/**
+ * Implementation of usim_manager_t.create_card_enumerator
+ */
+static enumerator_t* create_card_enumerator(private_usim_manager_t *this)
+{
+       return this->cards->create_enumerator(this->cards);
+}
+
+/**
+ * Implementation of usim_manager_t.add_provider
+ */
+static void add_provider(private_usim_manager_t *this,
+                                                         usim_provider_t *provider)
+{
+       this->provider->insert_last(this->provider, provider);
+}
+
+/**
+ * Implementation of usim_manager_t.remove_provider
+ */
+static void remove_provider(private_usim_manager_t *this,
+                                                               usim_provider_t *provider)
+{
+       this->provider->remove(this->provider, provider, NULL);
+}
+
+/**
+ * Implementation of usim_manager_t.create_provider_enumerator
+ */
+static enumerator_t* create_provider_enumerator(private_usim_manager_t *this)
+{
+       return this->provider->create_enumerator(this->provider);
+}
+
+/**
+ * Implementation of usim_manager_t.destroy.
+ */
+static void destroy(private_usim_manager_t *this)
+{
+       this->cards->destroy(this->cards);
+       this->provider->destroy(this->provider);
+       free(this);
+}
+
+/**
+ * See header
+ */
+usim_manager_t *usim_manager_create()
+{
+       private_usim_manager_t *this = malloc_thing(private_usim_manager_t);
+
+       this->public.add_card = (void(*)(usim_manager_t*, usim_card_t *card))add_card;
+       this->public.remove_card = (void(*)(usim_manager_t*, usim_card_t *card))remove_card;
+       this->public.create_card_enumerator = (enumerator_t*(*)(usim_manager_t*))create_card_enumerator;
+       this->public.add_provider = (void(*)(usim_manager_t*, usim_provider_t *provider))add_provider;
+       this->public.remove_provider = (void(*)(usim_manager_t*, usim_provider_t *provider))remove_provider;
+       this->public.create_provider_enumerator = (enumerator_t*(*)(usim_manager_t*))create_provider_enumerator;
+       this->public.destroy = (void(*)(usim_manager_t*))destroy;
+
+       this->cards = linked_list_create();
+       this->provider = linked_list_create();
+
+       return &this->public;
+}
+
diff --git a/src/charon/sa/authenticators/eap/usim_manager.h b/src/charon/sa/authenticators/eap/usim_manager.h
new file mode 100644 (file)
index 0000000..6a2e0e5
--- /dev/null
@@ -0,0 +1,161 @@
+/*
+ * Copyright (C) 2008-2009 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup usim_manager usim_manager
+ * @{ @ingroup eap
+ */
+
+#ifndef USIM_MANAGER_H_
+#define USIM_MANAGER_H_
+
+#include <utils/identification.h>
+#include <utils/enumerator.h>
+
+typedef struct usim_manager_t usim_manager_t;
+typedef struct usim_card_t usim_card_t;
+typedef struct usim_provider_t usim_provider_t;
+
+/**
+ * Interface for a USIM card (used by EAP-AKA client).
+ */
+struct usim_provider_t {
+
+       /**
+        * Create a challenge for AKA authentication.
+        *
+        * @param imsi          peer identity to create challenge for
+        * @param rand          buffer receiving random value rand
+        * @param xres          buffer receiving expected authentication result xres
+        * @param ck            buffer receiving encryption key ck
+        * @param ik            buffer receiving integrity key ik
+        * @param autn          authentication token autn
+        * @return                      TRUE if quintuplet generated successfully
+        */
+       bool (*get_quintuplet)(usim_provider_t *this, identification_t *imsi,
+                                                  char rand[16], char xres[16],
+                                                  char ck[16], char ik[16], char autn[16]);
+
+       /**
+        * Process resynchroniusation request of a peer.
+        *
+        * @param imsi          peer identity requesting resynchronisation
+        * @param rand          random value rand
+        * @param auts          synchronization parameter auts
+        * @return                      TRUE if resynchronized successfully
+        */
+       bool (*resync)(usim_provider_t *this, identification_t *imsi,
+                                  char rand[16], char auts[16]);
+};
+
+/**
+ * Interface for a quintuplet provider (used by EAP-AKA server).
+ */
+struct usim_card_t {
+
+       /**
+        * Get the IMSI of this USIM.
+        *
+        * @return                      IMSI this USIM belongs to
+        */
+       identification_t *(*get_imsi)(usim_card_t *this);
+
+       /**
+        * Process authentication data and complete the quintuplet.
+        *
+        * If the received sequence number (in autn) is out of synf, INVALID_STATE
+        * is returned.
+        *
+        * @param rand          random value rand
+        * @param autn          authentication token autn
+        * @param ck            buffer receiving encryption key ck
+        * @param ik            buffer receiving integrity key ik
+        * @param res           buffer receiving authentication result res
+        * @return                      SUCCESS, FAILED, or INVALID_STATE if out of sync
+        */
+       status_t (*get_quintuplet)(usim_card_t *this, char rand[16], char autn[16],
+                                                          char ck[16], char ik[16], char res[16]);
+
+       /**
+        * Request parameter to start resynchronization.
+        *
+        * @param in            random value rand
+        * @param auts          resynchronization parameter auts
+        * @return                      TRUE if parameter generated successfully
+        */
+       bool (*resync)(usim_card_t *this, char rand[16], char auts[16]);
+};
+
+/**
+ * The EAP-AKA USIM manager handles multiple USIM cards and providers.
+ */
+struct usim_manager_t {
+
+       /**
+        * Register a USIM card (client) at the manager.
+        *
+        * @param card          usim card to register
+        */
+       void (*add_card)(usim_manager_t *this, usim_card_t *card);
+
+       /**
+        * Unregister a previously registered card from the manager.
+        *
+        * @param card          usim card to unregister
+        */
+       void (*remove_card)(usim_manager_t *this, usim_card_t *card);
+
+       /**
+        * Create an enumerator over all registered cards.
+        *
+        * @return                      enumerator over usim_card_t's
+        */
+       enumerator_t* (*create_card_enumerator)(usim_manager_t *this);
+
+       /**
+        * Register a triplet provider (server) at the manager.
+        *
+        * @param card          usim card to register
+        */
+       void (*add_provider)(usim_manager_t *this, usim_provider_t *provider);
+
+       /**
+        * Unregister a previously registered provider from the manager.
+        *
+        * @param card          usim card to unregister
+        */
+       void (*remove_provider)(usim_manager_t *this, usim_provider_t *provider);
+
+       /**
+        * Create an enumerator over all registered provider.
+        *
+        * @return                      enumerator over Usim_provider_t's
+        */
+       enumerator_t* (*create_provider_enumerator)(usim_manager_t *this);
+
+       /**
+        * Destroy a manager instance.
+        */
+       void (*destroy)(usim_manager_t *this);
+};
+
+/**
+ * Create an USIM manager to handle multiple USIM cards/providers.
+ *
+ * @return                     usim_t object
+ */
+usim_manager_t *usim_manager_create();
+
+#endif /** USIM_MANAGER_H_ @}*/