Use real ID payload to build HASH_I|R for Main Mode authentication.
authorTobias Brunner <tobias@strongswan.org>
Tue, 13 Dec 2011 17:56:06 +0000 (18:56 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 20 Mar 2012 16:31:21 +0000 (17:31 +0100)
This is required for clients like the iPhone which set the protocol
and/or port fields of the ID payload.

src/libcharon/sa/authenticators/authenticator.c
src/libcharon/sa/authenticators/authenticator.h
src/libcharon/sa/authenticators/psk_v1_authenticator.c
src/libcharon/sa/authenticators/psk_v1_authenticator.h
src/libcharon/sa/authenticators/pubkey_v1_authenticator.c
src/libcharon/sa/authenticators/pubkey_v1_authenticator.h
src/libcharon/sa/keymat_v1.c
src/libcharon/sa/keymat_v1.h
src/libcharon/sa/tasks/main_mode.c

index b052dd8..f2319a4 100644 (file)
@@ -110,7 +110,8 @@ authenticator_t *authenticator_create_verifier(
  */
 authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
                                                                auth_method_t auth_method, diffie_hellman_t *dh,
-                                                               chunk_t dh_value, chunk_t sa_payload)
+                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                               chunk_t id_payload)
 {
        switch (auth_method)
        {
@@ -118,12 +119,14 @@ authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
                case AUTH_XAUTH_INIT_PSK:
                case AUTH_XAUTH_RESP_PSK:
                        return (authenticator_t*)psk_v1_authenticator_create(ike_sa,
-                                                                               initiator, dh, dh_value, sa_payload);
+                                                                               initiator, dh, dh_value, sa_payload,
+                                                                               id_payload);
                case AUTH_RSA:
                case AUTH_XAUTH_INIT_RSA:
                case AUTH_XAUTH_RESP_RSA:
                        return (authenticator_t*)pubkey_v1_authenticator_create(ike_sa,
-                                                                               initiator, dh, dh_value, sa_payload);
+                                                                               initiator, dh, dh_value, sa_payload,
+                                                                               id_payload);
                default:
                        return NULL;
        }
index 5a8d26d..3af9391 100644 (file)
@@ -194,7 +194,11 @@ authenticator_t *authenticator_create_verifier(
                                                                        char reserved[3]);
 
 /**
- * Create an IKEv1 authenticator to build and verify signatures or hash payloads.
+ * Create an IKEv1 authenticator to build and verify signatures or hash
+ * payloads.
+ *
+ * @note Due to the fixed ID, these authenticators can only be used in one
+ * direction at a time.
  *
  * @param ike_sa                       associated IKE_SA
  * @param initiator                    TRUE if we are the IKE_SA initiator
@@ -202,10 +206,13 @@ authenticator_t *authenticator_create_verifier(
  * @param dh                           diffie hellman key exchange
  * @param dh_value                     others public diffie hellman value
  * @param sa_payload           generated SA payload data, without payload header
+ * @param id_payload           encoded ID payload of peer to authenticate or verify
+ *                                                     without payload header (gets owned)
  * @return                                     authenticator, NULL if not supported
  */
 authenticator_t *authenticator_create_v1(ike_sa_t *ike_sa, bool initiator,
                                                                auth_method_t auth_method, diffie_hellman_t *dh,
-                                                               chunk_t dh_value, chunk_t sa_payload);
+                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                               chunk_t id_payload);
 
 #endif /** AUTHENTICATOR_H_ @}*/
index ecce922..11fd811 100644 (file)
@@ -55,6 +55,11 @@ struct private_psk_v1_authenticator_t {
         * Encoded SA payload, without fixed header
         */
        chunk_t sa_payload;
+
+       /**
+        * Encoded ID payload, without fixed header
+        */
+       chunk_t id_payload;
 };
 
 METHOD(authenticator_t, build, status_t,
@@ -68,7 +73,7 @@ METHOD(authenticator_t, build, status_t,
        keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
        hash = keymat->get_hash(keymat, this->initiator, dh, this->dh_value,
                                        this->ike_sa->get_id(this->ike_sa), this->sa_payload,
-                                       this->ike_sa->get_my_id(this->ike_sa));
+                                       this->id_payload);
        free(dh.ptr);
 
        hash_payload = hash_payload_create(HASH_V1);
@@ -97,9 +102,8 @@ METHOD(authenticator_t, process, status_t,
        keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
        hash = keymat->get_hash(keymat, !this->initiator, this->dh_value, dh,
                                        this->ike_sa->get_id(this->ike_sa), this->sa_payload,
-                                       this->ike_sa->get_other_id(this->ike_sa));
+                                       this->id_payload);
        free(dh.ptr);
-
        if (chunk_equals(hash, hash_payload->get_hash(hash_payload)))
        {
                free(hash.ptr);
@@ -113,6 +117,7 @@ METHOD(authenticator_t, process, status_t,
 METHOD(authenticator_t, destroy, void,
        private_psk_v1_authenticator_t *this)
 {
+       chunk_free(&this->id_payload);
        free(this);
 }
 
@@ -121,7 +126,8 @@ METHOD(authenticator_t, destroy, void,
  */
 psk_v1_authenticator_t *psk_v1_authenticator_create(ike_sa_t *ike_sa,
                                                                                bool initiator, diffie_hellman_t *dh,
-                                                                               chunk_t dh_value, chunk_t sa_payload)
+                                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                                               chunk_t id_payload)
 {
        private_psk_v1_authenticator_t *this;
 
@@ -139,6 +145,7 @@ psk_v1_authenticator_t *psk_v1_authenticator_create(ike_sa_t *ike_sa,
                .dh = dh,
                .dh_value = dh_value,
                .sa_payload = sa_payload,
+               .id_payload = id_payload,
        );
 
        return &this->public;
index 1103ee6..e01d49c 100644 (file)
@@ -44,10 +44,13 @@ struct psk_v1_authenticator_t {
  * @param dh                           diffie hellman key exchange
  * @param dh_value                     others public diffie hellman value
  * @param sa_payload           generated SA payload data, without payload header
+ * @param id_payload           encoded ID payload of peer to authenticate or verify
+ *                                                     without payload header (gets owned)
  * @return                                     PSK authenticator
  */
 psk_v1_authenticator_t *psk_v1_authenticator_create(ike_sa_t *ike_sa,
                                                                                bool initiator, diffie_hellman_t *dh,
-                                                                               chunk_t dh_value, chunk_t sa_payload);
+                                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                                               chunk_t id_payload);
 
 #endif /** PSK_V1_AUTHENTICATOR_H_ @}*/
index e3e7a80..a947349 100644 (file)
@@ -55,6 +55,11 @@ struct private_pubkey_v1_authenticator_t {
         * Encoded SA payload, without fixed header
         */
        chunk_t sa_payload;
+
+       /**
+        * Encoded ID payload, without fixed header
+        */
+       chunk_t id_payload;
 };
 
 METHOD(authenticator_t, build, status_t,
@@ -86,7 +91,8 @@ METHOD(authenticator_t, build, status_t,
        this->dh->get_my_public_value(this->dh, &dh);
        keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
        hash = keymat->get_hash(keymat, this->initiator, dh, this->dh_value,
-                                       this->ike_sa->get_id(this->ike_sa), this->sa_payload, id);
+                                       this->ike_sa->get_id(this->ike_sa), this->sa_payload,
+                                       this->id_payload);
        free(dh.ptr);
 
        if (private->sign(private, scheme, hash, &sig))
@@ -138,7 +144,8 @@ METHOD(authenticator_t, process, status_t,
        this->dh->get_my_public_value(this->dh, &dh);
        keymat = (keymat_v1_t*)this->ike_sa->get_keymat(this->ike_sa);
        hash = keymat->get_hash(keymat, !this->initiator, this->dh_value, dh,
-                                       this->ike_sa->get_id(this->ike_sa), this->sa_payload, id);
+                                       this->ike_sa->get_id(this->ike_sa), this->sa_payload,
+                                       this->id_payload);
        free(dh.ptr);
 
        sig = sig_payload->get_hash(sig_payload);
@@ -175,6 +182,7 @@ METHOD(authenticator_t, process, status_t,
 METHOD(authenticator_t, destroy, void,
        private_pubkey_v1_authenticator_t *this)
 {
+       chunk_free(&this->id_payload);
        free(this);
 }
 
@@ -183,7 +191,8 @@ METHOD(authenticator_t, destroy, void,
  */
 pubkey_v1_authenticator_t *pubkey_v1_authenticator_create(ike_sa_t *ike_sa,
                                                                                bool initiator, diffie_hellman_t *dh,
-                                                                               chunk_t dh_value, chunk_t sa_payload)
+                                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                                               chunk_t id_payload)
 {
        private_pubkey_v1_authenticator_t *this;
 
@@ -201,6 +210,7 @@ pubkey_v1_authenticator_t *pubkey_v1_authenticator_create(ike_sa_t *ike_sa,
                .dh = dh,
                .dh_value = dh_value,
                .sa_payload = sa_payload,
+               .id_payload = id_payload,
        );
 
        return &this->public;
index ed6d77c..48968d6 100644 (file)
@@ -43,10 +43,13 @@ struct pubkey_v1_authenticator_t {
  * @param dh                           diffie hellman key exchange
  * @param dh_value                     others public diffie hellman value
  * @param sa_payload           generated SA payload data, without payload header
+ * @param id_payload           encoded ID payload of peer to authenticate or verify
+ *                                                     without payload header (gets owned)
  * @return                                     pubkey authenticator
  */
 pubkey_v1_authenticator_t *pubkey_v1_authenticator_create(ike_sa_t *ike_sa,
                                                                                bool initiator, diffie_hellman_t *dh,
-                                                                               chunk_t dh_value, chunk_t sa_payload);
+                                                                               chunk_t dh_value, chunk_t sa_payload,
+                                                                               chunk_t id_payload);
 
 #endif /** PUBKEY_V1_AUTHENTICATOR_H_ @}*/
index 8cf10cd..8d38414 100755 (executable)
@@ -638,12 +638,10 @@ METHOD(keymat_v1_t, get_hasher, hasher_t*,
 
 METHOD(keymat_v1_t, get_hash, chunk_t,
        private_keymat_v1_t *this, bool initiator, chunk_t dh, chunk_t dh_other,
-       ike_sa_id_t *ike_sa_id, chunk_t sa_i, identification_t *id)
+       ike_sa_id_t *ike_sa_id, chunk_t sa_i, chunk_t id)
 {
        chunk_t hash, data;
        u_int64_t spi, spi_other;
-       /* TODO-IKEv1: get real bytes from ID header? */
-       u_int8_t id_header[4] = { id->get_type(id), 0, 0, 0 };
 
        /* HASH_I = prf(SKEYID, g^xi | g^xr | CKY-I | CKY-R | SAi_b | IDii_b )
         * HASH_R = prf(SKEYID, g^xr | g^xi | CKY-R | CKY-I | SAi_b | IDir_b )
@@ -658,9 +656,9 @@ METHOD(keymat_v1_t, get_hash, chunk_t,
                spi_other = ike_sa_id->get_initiator_spi(ike_sa_id);
                spi = ike_sa_id->get_responder_spi(ike_sa_id);
        }
-       data = chunk_cat("ccccccc", dh, dh_other,
+       data = chunk_cat("cccccc", dh, dh_other,
                                         chunk_from_thing(spi), chunk_from_thing(spi_other),
-                                        sa_i, chunk_from_thing(id_header), id->get_encoding(id));
+                                        sa_i, id);
 
        DBG3(DBG_IKE, "HASH_%c data %B", initiator ? 'I' : 'R', &data);
 
index 89314af..875ad9d 100644 (file)
@@ -99,12 +99,12 @@ struct keymat_v1_t {
         * @param dh_other              others public DH value
         * @param ike_sa_id             IKE_SA identifier
         * @param sa_i                  encoded SA payload of initiator
-        * @param id                    ID of peer to create hash for
+        * @param id                    encoded IDii payload for HASH_I (IDir for HASH_R)
         * @return                              allocated HASH data
         */
        chunk_t (*get_hash)(keymat_v1_t *this, bool initiator,
                                                chunk_t dh, chunk_t dh_other, ike_sa_id_t *ike_sa_id,
-                                               chunk_t sa_i, identification_t *id);
+                                               chunk_t sa_i, chunk_t id);
 
        /**
         * Get HASH data for integrity/authentication in Phase 2 exchanges.
index dffd5e4..0e93620 100755 (executable)
@@ -145,12 +145,14 @@ static auth_cfg_t *get_auth_cfg(peer_cfg_t *peer_cfg, bool local)
 /**
  * Create an authenticator, if supported
  */
-static authenticator_t *create_authenticator(private_main_mode_t *this)
+static authenticator_t *create_authenticator(private_main_mode_t *this,
+                                                                                        id_payload_t *id)
 {
        authenticator_t *authenticator;
        authenticator = authenticator_create_v1(this->ike_sa, this->initiator,
                                                                                        this->auth_method, this->dh,
-                                                                                       this->dh_value, this->sa_payload);
+                                                                                       this->dh_value, this->sa_payload,
+                                                                                       id->get_encoded(id));
        if (!authenticator)
        {
                DBG1(DBG_IKE, "negotiated authentication method %N not supported",
@@ -545,7 +547,7 @@ METHOD(task_t, build_i, status_t,
                        id_payload = id_payload_create_from_identification(ID_V1, id);
                        message->add_payload(message, &id_payload->payload_interface);
 
-                       authenticator = create_authenticator(this);
+                       authenticator = create_authenticator(this, id_payload);
                        if (!authenticator || authenticator->build(authenticator,
                                                                                                           message) != SUCCESS)
                        {
@@ -663,7 +665,7 @@ METHOD(task_t, process_r, status_t,
                                return send_notify(this, AUTHENTICATION_FAILED, chunk_empty);
                        }
 
-                       authenticator = create_authenticator(this);
+                       authenticator = create_authenticator(this, id_payload);
                        if (!authenticator || authenticator->process(authenticator,
                                                                                                                 message) != SUCCESS)
                        {
@@ -862,7 +864,7 @@ METHOD(task_t, build_r, status_t,
                        id_payload = id_payload_create_from_identification(ID_V1, id);
                        message->add_payload(message, &id_payload->payload_interface);
 
-                       authenticator = create_authenticator(this);
+                       authenticator = create_authenticator(this, id_payload);
                        if (!authenticator || authenticator->build(authenticator,
                                                                                                           message) != SUCCESS)
                        {
@@ -977,7 +979,7 @@ METHOD(task_t, process_i, status_t,
                        }
                        this->ike_sa->set_other_id(this->ike_sa, id);
 
-                       authenticator = create_authenticator(this);
+                       authenticator = create_authenticator(this, id_payload);
                        if (!authenticator || authenticator->process(authenticator,
                                                                                                                 message) != SUCCESS)
                        {