implemented and tested functionality to create sa_payload from
authorJan Hutter <jhutter@hsr.ch>
Thu, 1 Dec 2005 08:48:57 +0000 (08:48 -0000)
committerJan Hutter <jhutter@hsr.ch>
Thu, 1 Dec 2005 08:48:57 +0000 (08:48 -0000)
ike_proposal_t's and also generate ike_proposal_t's from sa_payload

12 files changed:
Source/charon/config/init_config.h
Source/charon/encoding/payloads/proposal_substructure.c
Source/charon/encoding/payloads/proposal_substructure.h
Source/charon/encoding/payloads/sa_payload.c
Source/charon/encoding/payloads/sa_payload.h
Source/charon/encoding/payloads/transform_attribute.c
Source/charon/encoding/payloads/transform_attribute.h
Source/charon/encoding/payloads/transform_substructure.c
Source/charon/encoding/payloads/transform_substructure.h
Source/charon/testcases/generator_test.c
Source/charon/testcases/parser_test.c
Source/charon/testcases/testcases.c

index 876ead8..7ff46cc 100644 (file)
 
 #include <types.h>
 #include <network/host.h>
-#include <encoding/payloads/sa_payload.h>
 #include <utils/iterator.h>
+#include <transforms/crypters/crypter.h>
+#include <transforms/prfs/prf.h>
+#include <transforms/signers/signer.h>
+#include <transforms/diffie_hellman.h>
 
 typedef struct ike_proposal_t ike_proposal_t;
 
@@ -65,11 +68,12 @@ struct ike_proposal_t {
        u_int16_t pseudo_random_function_key_length;
        
        /**
-        * Diffie hellman group
+        * Diffie hellman group.
         */
        diffie_hellman_group_t diffie_hellman_group;
 };
 
+
 typedef struct init_config_t init_config_t;
 
 /**
index 354eedb..05b375e 100644 (file)
@@ -144,7 +144,7 @@ static status_t verify(private_proposal_substructure_t *this)
        status_t status = SUCCESS;
        iterator_t *iterator;
        
-       if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != PROPOSAL_SUBSTRUCTURE))
+       if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2))
        {
                /* must be 0 or 2 */
                return FAILED;
@@ -251,6 +251,15 @@ static void add_transform_substructure (private_proposal_substructure_t *this,tr
 }
 
 /**
+ * Implementation of proposal_substructure_t.proposal_substructure_t.
+ */
+static void set_is_last_proposal (private_proposal_substructure_t *this, bool is_last)
+{
+       this->next_payload = (is_last) ? 0: PROPOSAL_TYPE_VALUE;
+}
+
+
+/**
  * Implementation of proposal_substructure_t.set_proposal_number.
  */
 static void set_proposal_number(private_proposal_substructure_t *this,u_int8_t proposal_number)
@@ -374,6 +383,22 @@ static void compute_length (private_proposal_substructure_t *this)
 }
 
 /**
+ * Implementation of proposal_substructure_t.get_transform_count.
+ */
+static size_t get_transform_count (private_proposal_substructure_t *this)
+{
+       return this->transforms->get_count(this->transforms);
+}
+
+/**
+ * Implementation of proposal_substructure_t.get_spi_size.
+ */
+static size_t get_spi_size (private_proposal_substructure_t *this)
+{
+       return  this->spi.len;
+}
+
+/**
  * Implementation of proposal_substructure_t.clone.
  */
 static private_proposal_substructure_t* clone(private_proposal_substructure_t *this)
@@ -464,8 +489,12 @@ proposal_substructure_t *proposal_substructure_create()
        this->public.set_protocol_id = (void (*) (proposal_substructure_t *,u_int8_t))set_protocol_id;
        this->public.get_protocol_id = (u_int8_t (*) (proposal_substructure_t *)) get_protocol_id;
        this->public.get_info_for_transform_type =      (status_t (*) (proposal_substructure_t *,transform_type_t,u_int16_t *, u_int16_t *))get_info_for_transform_type;
+       this->public.set_is_last_proposal = (void (*) (proposal_substructure_t *,bool)) set_is_last_proposal;
+       
        this->public.set_spi = (void (*) (proposal_substructure_t *,chunk_t))set_spi;
        this->public.get_spi = (chunk_t (*) (proposal_substructure_t *)) get_spi;
+       this->public.get_transform_count = (size_t (*) (proposal_substructure_t *)) get_transform_count;
+       this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size;      
        this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone;
        this->public.destroy = (void (*) (proposal_substructure_t *)) destroy;
        
index f131cf7..a2015fb 100644 (file)
 #include <utils/linked_list.h>
 
 /**
+ * IKEv1 Value for a proposal payload.
+ * 
+ * @ingroup payloads
+ */
+#define PROPOSAL_TYPE_VALUE 2
+
+/**
  * Length of the proposal substructure header
  * (without spi).
  * 
@@ -107,6 +114,22 @@ struct proposal_substructure_t {
        u_int8_t (*get_proposal_number) (proposal_substructure_t *this);
 
        /**
+        * @brief get the number of transforms in current proposal.
+        * 
+        * @param this          calling proposal_substructure_t object
+        * @return                      transform count in current proposal
+        */
+       size_t (*get_transform_count) (proposal_substructure_t *this);
+
+       /**
+        * @brief get size of the set spi in bytes.
+        * 
+        * @param this          calling proposal_substructure_t object
+        * @return                      size of the spi in bytes
+        */
+       size_t (*get_spi_size) (proposal_substructure_t *this);
+
+       /**
         * @brief Sets the protocol id of current proposal.
         *
         * @param this          calling proposal_substructure_t object
@@ -136,6 +159,16 @@ struct proposal_substructure_t {
         */
        status_t (*get_info_for_transform_type) (proposal_substructure_t *this,transform_type_t type, u_int16_t *transform_id, u_int16_t *key_length);
 
+       /**
+        * @brief Sets the next_payload field of this substructure
+        * 
+        * If this is the last proposal, next payload field is set to 0,
+        * otherwise to 2
+        *
+        * @param this          calling proposal_substructure_t object
+        * @param is_last       When TRUE, next payload field is set to 0, otherwise to 2
+        */
+       void (*set_is_last_proposal) (proposal_substructure_t *this, bool is_last);
 
        /**
         * @brief Returns the currently set SPI of this proposal.
index 4054c6f..d2aecf8 100644 (file)
@@ -243,11 +243,157 @@ static iterator_t *create_proposal_substructure_iterator (private_sa_payload_t *
  */
 static void add_proposal_substructure (private_sa_payload_t *this,proposal_substructure_t *proposal)
 {
+       status_t status;
+       if (this->proposals->get_count(this->proposals) > 0)
+       {
+               proposal_substructure_t *last_proposal;
+               status = this->proposals->get_last(this->proposals,(void **) &last_proposal);
+               /* last transform is now not anymore last one */
+               last_proposal->set_is_last_proposal(last_proposal,FALSE);
+       }
+       proposal->set_is_last_proposal(proposal,TRUE);
+       
        this->proposals->insert_last(this->proposals,(void *) proposal);
        this->compute_length(this);
 }
 
 /**
+ * Implementation of sa_payload_t.get_ike_proposals.
+ */
+static status_t get_ike_proposals (private_sa_payload_t *this,ike_proposal_t ** proposals, size_t *proposal_count)
+{
+       int found_ike_proposals = 0;
+       int current_proposal_number = 0;
+       iterator_t *iterator;
+       ike_proposal_t *tmp_proposals;
+       
+               
+       iterator = this->proposals->create_iterator(this->proposals,TRUE);
+       
+       /* first find out the number of ike proposals and check their number of transforms and 
+        * if the SPI is empty!*/
+       while (iterator->has_next(iterator))
+       {
+               proposal_substructure_t *current_proposal;
+               iterator->current(iterator,(void **)&(current_proposal));
+               if (current_proposal->get_protocol_id(current_proposal) == IKE)
+               {
+                       /* a ike proposal consists of 4 transforms and an empty spi*/
+                       if ((current_proposal->get_transform_count(current_proposal) != 4) ||
+                           (current_proposal->get_spi_size(current_proposal) != 0))
+                   {
+                       iterator->destroy(iterator);
+                       return FAILED;
+                   }
+                       
+                       found_ike_proposals++;
+               }
+       }
+       iterator->reset(iterator);
+       
+       if (found_ike_proposals == 0)
+       {
+               iterator->destroy(iterator);
+               return NOT_FOUND;
+       }
+       
+       /* allocate memory to hold each proposal as ike_proposal_t */
+       
+       tmp_proposals = allocator_alloc(found_ike_proposals * sizeof(ike_proposal_t));
+       
+       /* create from each proposal_substructure a ike_proposal_t data area*/
+       while (iterator->has_next(iterator))
+       {
+               proposal_substructure_t *current_proposal;
+               iterator->current(iterator,(void **)&(current_proposal));
+               if (current_proposal->get_protocol_id(current_proposal) == IKE)
+               {
+                       bool encryption_algorithm_found = FALSE;
+                       bool integrity_algorithm_found = FALSE;
+                       bool pseudo_random_function_found = FALSE;
+                       bool diffie_hellman_group_found = FALSE;
+                       status_t status;
+                       iterator_t *transforms;
+                       
+                       transforms = current_proposal->create_transform_substructure_iterator(current_proposal,TRUE);
+                       while (transforms->has_next(transforms))
+                       {
+                               transform_substructure_t *current_transform;
+                               transforms->current(transforms,(void **)&(current_transform));
+                               
+                               switch (current_transform->get_transform_type(current_transform))
+                               {
+                                       case ENCRYPTION_ALGORITHM:
+                                       {
+                                               tmp_proposals[current_proposal_number].encryption_algorithm = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].encryption_algorithm_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       encryption_algorithm_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case INTEGRITY_ALGORITHM:
+                                       {
+                                               tmp_proposals[current_proposal_number].integrity_algorithm = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].integrity_algorithm_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       integrity_algorithm_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case PSEUDO_RANDOM_FUNCTION:
+                                       {
+                                               tmp_proposals[current_proposal_number].pseudo_random_function = current_transform->get_transform_id(current_transform);
+                                               status = current_transform->get_key_length(current_transform,&(tmp_proposals[current_proposal_number].pseudo_random_function_key_length));
+                                               if (status == SUCCESS)
+                                               {
+                                                       pseudo_random_function_found = TRUE;
+                                               }
+                                               break;
+                                       }
+                                       case DIFFIE_HELLMAN_GROUP:
+                                       {
+                                               tmp_proposals[current_proposal_number].diffie_hellman_group = current_transform->get_transform_id(current_transform);
+                                               diffie_hellman_group_found = TRUE;
+                                               break;
+                                       }
+                                       default:
+                                       {
+                                               /* not a transform of an ike proposal. Break here */
+                                               break;
+                                       }
+                               }
+                               
+                       }
+
+                       transforms->destroy(transforms);
+                       
+                       if ((!encryption_algorithm_found) ||
+                               (!integrity_algorithm_found) ||
+                               (!pseudo_random_function_found) ||
+                               (!diffie_hellman_group_found))
+                       {
+                               /* one of needed transforms could not be found */
+                               iterator->reset(iterator);
+                               allocator_free(tmp_proposals);
+                               return FAILED;
+                       }
+                       
+                       current_proposal_number++;
+               }
+       }
+
+       iterator->destroy(iterator);    
+       
+       *proposals = tmp_proposals;
+       *proposal_count = found_ike_proposals;
+
+       return SUCCESS;
+}
+
+/**
  * Implementation of private_sa_payload_t.compute_length.
  */
 static void compute_length (private_sa_payload_t *this)
@@ -285,6 +431,7 @@ sa_payload_t *sa_payload_create()
        /* public functions */
        this->public.create_proposal_substructure_iterator = (iterator_t* (*) (sa_payload_t *,bool)) create_proposal_substructure_iterator;
        this->public.add_proposal_substructure = (void (*) (sa_payload_t *,proposal_substructure_t *)) add_proposal_substructure;
+       this->public.get_ike_proposals = (status_t (*) (sa_payload_t *, ike_proposal_t **, size_t *)) get_ike_proposals;
        this->public.destroy = (void (*) (sa_payload_t *)) destroy;
        
        /* private functions */
@@ -299,4 +446,43 @@ sa_payload_t *sa_payload_create()
        return (&(this->public));
 }
 
+/*
+ * Described in header.
+ */
+sa_payload_t *sa_payload_create_from_ike_proposals(ike_proposal_t *proposals, size_t proposal_count)
+{
+       int i;
+       sa_payload_t *sa_payload= sa_payload_create();
+       
+       for (i = 0; i < proposal_count; i++)
+       {
+               proposal_substructure_t *proposal_substructure;
+               transform_substructure_t *encryption_algorithm;
+               transform_substructure_t *integrity_algorithm;
+               transform_substructure_t *pseudo_random_function;
+               transform_substructure_t *diffie_hellman_group;
+               
+               /* create proposal substructure */
+               proposal_substructure = proposal_substructure_create();
+               proposal_substructure->set_protocol_id(proposal_substructure,IKE);
+               proposal_substructure->set_proposal_number(proposal_substructure,(i + 1));
 
+               /* create transform substructures to hold each specific transform for an ike proposal */
+               encryption_algorithm = transform_substructure_create_type(ENCRYPTION_ALGORITHM,proposals[i].encryption_algorithm,proposals[i].encryption_algorithm_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,encryption_algorithm);
+               
+               pseudo_random_function = transform_substructure_create_type(PSEUDO_RANDOM_FUNCTION,proposals[i].pseudo_random_function,proposals[i].pseudo_random_function_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,pseudo_random_function);
+
+               integrity_algorithm = transform_substructure_create_type(INTEGRITY_ALGORITHM,proposals[i].integrity_algorithm,proposals[i].integrity_algorithm_key_length);
+               proposal_substructure->add_transform_substructure(proposal_substructure,integrity_algorithm);
+
+               diffie_hellman_group = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP,proposals[i].diffie_hellman_group,0);
+               proposal_substructure->add_transform_substructure(proposal_substructure,diffie_hellman_group);
+               
+               /* add proposal to sa payload */
+               sa_payload->add_proposal_substructure(sa_payload,proposal_substructure);
+       }
+       
+       return sa_payload;
+}
index dbd0bd1..ad450b3 100644 (file)
@@ -27,6 +27,7 @@
 #include <encoding/payloads/payload.h>
 #include <encoding/payloads/proposal_substructure.h>
 #include <utils/linked_list.h>
+#include <config/init_config.h>
 
 /**
  * Critical flag must not be set.
@@ -82,6 +83,22 @@ struct sa_payload_t {
         * @param proposal  proposal_substructure_t object to add
         */
        void (*add_proposal_substructure) (sa_payload_t *this,proposal_substructure_t *proposal);
+       
+       /**
+        * Creates an array of ike_proposal_t's in this SA payload.
+        * 
+        * An IKE proposal consist of transform of type ENCRYPTION_ALGORITHM,
+        * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM and DIFFIE_HELLMAN_GROUP
+        * 
+        * @param proposals                     the pointer to the first entry of ike_proposal_t's is set
+        * @param proposal_count        the number of found proposals is written at this location
+        * @return
+        *                                                      - SUCCESS if an IKE proposal could be found
+        *                                                      - NOT_FOUND if no IKE proposal could be found
+        *                                                      - FAILED if a proposal does not contain all needed transforms
+        *                                                        for a IKE_PROPOSAL 
+        */
+       status_t (*get_ike_proposals) (sa_payload_t *this, ike_proposal_t **proposals, size_t *proposal_count); 
 
        /**
         * @brief Destroys an sa_payload_t object.
@@ -100,5 +117,15 @@ struct sa_payload_t {
  */
 sa_payload_t *sa_payload_create();
 
+/**
+ * @brief Creates a sa_payload_t object from array of ike_proposal_t's.
+ * 
+ * @return                                     created sa_payload_t object
+ * @param proposals                    pointer to first proposal in array of type ike_proposal_t
+ * @param proposal_count       number of ike_proposal_t's in array
+ * 
+ * @ingroup payloads
+ */
+sa_payload_t *sa_payload_create_from_ike_proposals(ike_proposal_t *proposals, size_t proposal_count);
 
 #endif /*SA_PAYLOAD_H_*/
index c85895f..9f9d829 100644 (file)
@@ -322,3 +322,13 @@ transform_attribute_t *transform_attribute_create()
        return (&(this->public));
 }
 
+/*
+ * Described in header.
+ */
+transform_attribute_t *transform_attribute_create_key_length(u_int16_t key_length)
+{
+       transform_attribute_t *attribute = transform_attribute_create();
+       attribute->set_attribute_type(attribute,KEY_LENGTH);
+       attribute->set_value(attribute,key_length);
+       return attribute;
+}
index 8a0deb7..5820932 100644 (file)
@@ -132,11 +132,23 @@ struct transform_attribute_t {
 };
 
 /**
- * @brief Creates an empty transform_attribute_t object
+ * @brief Creates an empty transform_attribute_t object.
  * 
  * @return                     created transform_attribute_t object
+ * 
  * @ingroup payloads
  */
 transform_attribute_t *transform_attribute_create();
 
+/**
+ * @brief Creates an transform_attribute_t of type KEY_LENGTH.
+ * 
+ * @param key_length   key length in bytes
+ * @return                             created transform_attribute_t object
+ * 
+ * @ingroup payloads
+ */
+transform_attribute_t *transform_attribute_create_key_length(u_int16_t key_length);
+
+
 #endif /*TRANSFORM_ATTRIBUTE_H_*/
index 3c91b25..99af36c 100644 (file)
@@ -448,7 +448,7 @@ static void destroy(private_transform_substructure_t *this)
 }
 
 /*
- * Described in header
+ * Described in header.
  */
 transform_substructure_t *transform_substructure_create()
 {
@@ -488,3 +488,31 @@ transform_substructure_t *transform_substructure_create()
        
        return (&(this->public));
 }
+
+/*
+ * Described in header
+ */
+transform_substructure_t *transform_substructure_create_type(transform_type_t transform_type, u_int16_t transform_id, u_int16_t key_length)
+{
+       transform_substructure_t *transform = transform_substructure_create();
+       
+       transform->set_transform_type(transform,transform_type);
+       transform->set_transform_id(transform,transform_id);
+       
+       switch (transform_type)
+       {
+               case ENCRYPTION_ALGORITHM:
+               case PSEUDO_RANDOM_FUNCTION:
+               case INTEGRITY_ALGORITHM:
+               {
+                       transform_attribute_t *attribute = transform_attribute_create_key_length(key_length);
+                       transform->add_transform_attribute(transform,attribute);
+                       break;
+               }
+               default:
+               {
+                       /* no keylength attribute is created */
+               }
+       }       
+       return transform;
+}
index ac8684c..6671dbc 100644 (file)
@@ -137,7 +137,7 @@ struct transform_substructure_t {
         * @brief Sets the next_payload field of this substructure
         * 
         * If this is the last transform, next payload field is set to 0,
-        * otherwise to 3 (payload type of transform in IKEv1)
+        * otherwise to 3
         *
         * @param this          calling transform_substructure_t object
         * @param is_last       When TRUE, next payload field is set to 0, otherwise to 3
@@ -213,7 +213,7 @@ struct transform_substructure_t {
 };
 
 /**
- * @brief Creates an empty transform_substructure_t object
+ * @brief Creates an empty transform_substructure_t object.
  * 
  * @return                     created transform_substructure_t object
  * 
@@ -221,4 +221,20 @@ struct transform_substructure_t {
  */
 transform_substructure_t *transform_substructure_create();
 
+/**
+ * @brief Creates an empty transform_substructure_t object.
+ * 
+ * The key length is used for the transport types ENCRYPTION_ALGORITHM,
+ * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all 
+ * other transport types the key_length parameter is not used
+ * 
+ * @return                                     created transform_substructure_t object
+ * @param transform_type       type of transform to create
+ * @param transform_id         transform id specifying the specific algorithm of a transform type
+ * @param key_length           Key length for key lenght attribute
+ * 
+ * @ingroup payloads
+ */
+transform_substructure_t *transform_substructure_create_type(transform_type_t transform_type, u_int16_t transform_id, u_int16_t key_length);
+
 #endif /*TRANSFORM_SUBSTRUCTURE_H_*/
index 6f13eec..1df430a 100644 (file)
@@ -417,6 +417,8 @@ void test_generator_with_sa_payload(tester_t *tester)
        transform_attribute_t *attribute1, *attribute2, *attribute3;
        transform_substructure_t *transform1, *transform2;
        proposal_substructure_t *proposal1, *proposal2;
+       ike_proposal_t *ike_proposals;
+       size_t ike_proposal_count;
        sa_payload_t *sa_payload;
        ike_header_t *ike_header;
        
@@ -429,6 +431,9 @@ void test_generator_with_sa_payload(tester_t *tester)
        /* create generator */
        generator = generator_create();
        tester->assert_true(tester,(generator != NULL), "generator create check");
+       
+       /* --------------------------- */
+       /* test first with self created proposals */
 
        /* create attribute 1 */        
        attribute1 = transform_attribute_create();
@@ -527,7 +532,7 @@ void test_generator_with_sa_payload(tester_t *tester)
                /* sa payload header */
                0x00,0x00,0x00,0x44,
                /* proposal header */
-               0x00,0x00,0x00,0x38,
+               0x02,0x00,0x00,0x38,
                0x07,0x04,0x08,0x02,
                /* SPI */
                0x41,0x42,0x43,0x44,
@@ -560,6 +565,79 @@ void test_generator_with_sa_payload(tester_t *tester)
        ike_header->destroy(ike_header);
        sa_payload->destroy(sa_payload);
        generator->destroy(generator);
+       
+       
+       /* test with automatic created proposals */
+       
+       generator = generator_create();
+       tester->assert_true(tester,(generator != NULL), "generator create check");
+       
+
+       ike_proposal_count = 2;
+       ike_proposals = allocator_alloc(ike_proposal_count * (sizeof(ike_proposal_t)));
+       
+       ike_proposals[0].encryption_algorithm = 1;
+       ike_proposals[0].encryption_algorithm_key_length = 20;
+       ike_proposals[0].pseudo_random_function = 2;
+       ike_proposals[0].pseudo_random_function_key_length = 22;
+       ike_proposals[0].integrity_algorithm = 3;
+       ike_proposals[0].integrity_algorithm_key_length = 24;
+       ike_proposals[0].diffie_hellman_group = 4;
+
+       ike_proposals[1].encryption_algorithm = 5;
+       ike_proposals[1].encryption_algorithm_key_length = 26;
+       ike_proposals[1].pseudo_random_function = 6;
+       ike_proposals[1].pseudo_random_function_key_length = 28;
+       ike_proposals[1].integrity_algorithm = 7;
+       ike_proposals[1].integrity_algorithm_key_length = 30;
+       ike_proposals[1].diffie_hellman_group = 8;
+       
+       sa_payload = sa_payload_create_from_ike_proposals(ike_proposals,ike_proposal_count);
+       tester->assert_true(tester,(sa_payload != NULL), "sa_payload create check");
+
+       generator->generate_payload(generator,(payload_t *)sa_payload);
+       generator->write_to_chunk(generator,&generated_data);
+       logger->log_chunk(logger,RAW,"generated",&generated_data);      
+
+       u_int8_t expected_generation2[] = {     
+               0x00,0x00,0x00,0x6C, /* payload header*/
+                       0x02,0x00,0x00,0x34,  /* a proposal */
+                       0x01,0x01,0x00,0x04,
+                               0x03,0x00,0x00,0x0C, /* transform 1 */
+                               0x01,0x00,0x00,0x01,  
+                                       0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 2 */
+                               0x02,0x00,0x00,0x02,  
+                                       0x80,0x0E,0x00,0x16, /* keylength attribute with 20 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 3 */
+                               0x03,0x00,0x00,0x03,  
+                                       0x80,0x0E,0x00,0x18, /* keylength attribute with 20 bytes length */
+                               0x00,0x00,0x00,0x08, /* transform 4 */
+                               0x04,0x00,0x00,0x04, 
+                       0x00,0x00,0x00,0x34,  /* a proposal */
+                       0x02,0x01,0x00,0x04,
+                               0x03,0x00,0x00,0x0C, /* transform 1 */
+                               0x01,0x00,0x00,0x05,  
+                                       0x80,0x0E,0x00,0x1A, /* keylength attribute with 16 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 2 */
+                               0x02,0x00,0x00,0x06,  
+                                       0x80,0x0E,0x00,0x1C, /* keylength attribute with 16 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 3 */
+                               0x03,0x00,0x00,0x07,  
+                                       0x80,0x0E,0x00,0x1E, /* keylength attribute with 16 bytes length */
+                               0x00,0x00,0x00,0x08, /* transform 4 */
+                               0x04,0x00,0x00,0x08,            
+
+       };
+
+       logger->log_bytes(logger,RAW,"expected",expected_generation2,sizeof(expected_generation2));     
+       
+       tester->assert_true(tester,(memcmp(expected_generation2,generated_data.ptr,sizeof(expected_generation2)) == 0), "compare generated data");
+
+       sa_payload->destroy(sa_payload);
+       allocator_free(ike_proposals);
+       allocator_free_chunk(&generated_data);
+       generator->destroy(generator);
                
        charon->logger_manager->destroy_logger(charon->logger_manager,logger);  
        
index f6f0fb2..b873306 100644 (file)
@@ -96,9 +96,13 @@ void test_parser_with_sa_payload(tester_t *tester)
        parser_t *parser;
        sa_payload_t *sa_payload;
        status_t status;
-       chunk_t sa_chunk;
+       chunk_t sa_chunk, sa_chunk2;
        iterator_t *proposals, *transforms, *attributes;
+    ike_proposal_t *ike_proposals;
+    size_t ike_proposal_count;
        
+       /* first test generic parsing functionality */
+               
        u_int8_t sa_bytes[] = {
                0x00,0x80,0x00,0x24, /* payload header*/
                        0x00,0x00,0x00,0x20,  /* a proposal */
@@ -107,7 +111,7 @@ void test_parser_with_sa_payload(tester_t *tester)
                                0x00,0x00,0x00,0x14, /* transform */
                                0x07,0x00,0x00,0x03,  
                                        0x80,0x01,0x00,0x05, /* attribute without length */
-                                       0x00,0x03,0x00,0x04, /* attribute with lenngth */
+                                       0x00,0x03,0x00,0x04, /* attribute with length */
                                                0x01,0x02,0x03,0x04
                                                                
                
@@ -181,6 +185,85 @@ void test_parser_with_sa_payload(tester_t *tester)
        proposals->destroy(proposals);
        
        sa_payload->destroy(sa_payload);
+       
+       
+       
+       /* now test SA functionality after parsing an SA payload*/
+       
+       u_int8_t sa_bytes2[] = {
+               0x00,0x00,0x00,0x6C, /* payload header*/
+                       0x02,0x00,0x00,0x34,  /* a proposal */
+                       0x01,0x01,0x00,0x04,
+                               0x03,0x00,0x00,0x0C, /* transform 1 */
+                               0x01,0x00,0x00,0x01,  
+                                       0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 2 */
+                               0x02,0x00,0x00,0x01,  
+                                       0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 3 */
+                               0x03,0x00,0x00,0x01,  
+                                       0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
+                               0x00,0x00,0x00,0x08, /* transform 4 */
+                               0x04,0x00,0x00,0x01, 
+                       0x00,0x00,0x00,0x34,  /* a proposal */
+                       0x01,0x01,0x00,0x04,
+                               0x03,0x00,0x00,0x0C, /* transform 1 */
+                               0x01,0x00,0x00,0x02,  
+                                       0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 2 */
+                               0x02,0x00,0x00,0x02,  
+                                       0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
+                               0x03,0x00,0x00,0x0C, /* transform 3 */
+                               0x03,0x00,0x00,0x02,  
+                                       0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
+                               0x00,0x00,0x00,0x08, /* transform 4 */
+                               0x04,0x00,0x00,0x02,            
+       };
+       
+       sa_chunk2.ptr = sa_bytes2;
+       sa_chunk2.len = sizeof(sa_bytes2);
+               
+       parser = parser_create(sa_chunk2);
+       tester->assert_true(tester,(parser != NULL), "parser create check");
+       status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
+       tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
+       parser->destroy(parser);
+       
+       if (status != SUCCESS)
+       {
+               return; 
+       }
+
+       status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
+       tester->assert_true(tester,(status == SUCCESS),"verify call check");
+
+       status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);       
+       tester->assert_true(tester,(status == SUCCESS),"get ike proposals call check"); 
+       
+       tester->assert_true(tester,(ike_proposal_count == 2),"ike proposal count check");
+       tester->assert_true(tester,(ike_proposals[0].encryption_algorithm == 1),"ike proposal content check");  
+       tester->assert_true(tester,(ike_proposals[0].encryption_algorithm_key_length == 20),"ike proposal content check");      
+       tester->assert_true(tester,(ike_proposals[0].integrity_algorithm == 1),"ike proposal content check");   
+       tester->assert_true(tester,(ike_proposals[0].integrity_algorithm_key_length == 20),"ike proposal content check");       
+       tester->assert_true(tester,(ike_proposals[0].pseudo_random_function == 1),"ike proposal content check");        
+       tester->assert_true(tester,(ike_proposals[0].pseudo_random_function_key_length == 20),"ike proposal content check");            
+       tester->assert_true(tester,(ike_proposals[0].diffie_hellman_group == 1),"ike proposal content check");  
+       
+       tester->assert_true(tester,(ike_proposals[1].encryption_algorithm == 2),"ike proposal content check");  
+       tester->assert_true(tester,(ike_proposals[1].encryption_algorithm_key_length == 16),"ike proposal content check");      
+       tester->assert_true(tester,(ike_proposals[1].integrity_algorithm == 2),"ike proposal content check");   
+       tester->assert_true(tester,(ike_proposals[1].integrity_algorithm_key_length == 16),"ike proposal content check");       
+       tester->assert_true(tester,(ike_proposals[1].pseudo_random_function == 2),"ike proposal content check");        
+       tester->assert_true(tester,(ike_proposals[1].pseudo_random_function_key_length == 16),"ike proposal content check");            
+       tester->assert_true(tester,(ike_proposals[1].diffie_hellman_group == 2),"ike proposal content check");  
+       
+       
+       if (status == SUCCESS)
+       {
+               allocator_free(ike_proposals);
+       }
+       
+       sa_payload->destroy(sa_payload);
 }
 
 /*
index 45aa477..4ec6834 100644 (file)
@@ -210,8 +210,8 @@ int main()
        
        tester_t *tester = tester_create(test_output, FALSE);
        
-       //tester->perform_tests(tester,all_tests);
-       tester->perform_test(tester,&init_config_test); 
+       tester->perform_tests(tester,all_tests);
+//     tester->perform_test(tester,&generator_test5); 
        
        
        tester->destroy(tester);