Use message instead of attributes in hook
authorMartin Willi <martin@strongswan.org>
Fri, 27 Nov 2009 10:14:40 +0000 (11:14 +0100)
committerMartin Willi <martin@revosec.ch>
Fri, 26 Feb 2010 10:44:34 +0000 (11:44 +0100)
src/charon/sa/authenticators/eap/sim_manager.c
src/charon/sa/authenticators/eap/sim_manager.h
src/libsimaka/simaka_message.c
src/libsimaka/simaka_message.h

index 5060a31..1578650 100644 (file)
@@ -450,27 +450,20 @@ static void remove_hooks(private_sim_manager_t *this, sim_hooks_t *hooks)
 }
 
 /**
- * Implementation of sim_manager_t.attribute_hook
+ * Implementation of sim_manager_t.message_hook
  */
-static bool attribute_hook(private_sim_manager_t *this, eap_code_t code,
-                                                  eap_type_t type, u_int8_t subtype,
-                                                  u_int8_t attribute, chunk_t data)
+static void message_hook(private_sim_manager_t *this,
+                                                simaka_message_t *message, bool inbound, bool decrypted)
 {
        enumerator_t *enumerator;
        sim_hooks_t *hooks;
-       bool filter = FALSE;
 
        enumerator = this->hooks->create_enumerator(this->hooks);
        while (enumerator->enumerate(enumerator, &hooks))
        {
-               if (hooks->attribute(hooks, code, type, subtype, attribute, data))
-               {
-                       filter = TRUE;
-                       break;
-               }
+               hooks->message(hooks, message, inbound, decrypted);
        }
        enumerator->destroy(enumerator);
-       return filter;
 }
 
 /**
@@ -528,7 +521,7 @@ sim_manager_t *sim_manager_create()
        this->public.provider_gen_reauth = (identification_t*(*)(sim_manager_t*, identification_t *id, char mk[HASH_SIZE_SHA1]))provider_gen_reauth;
        this->public.add_hooks = (void(*)(sim_manager_t*, sim_hooks_t *hooks))add_hooks;
        this->public.remove_hooks = (void(*)(sim_manager_t*, sim_hooks_t *hooks))remove_hooks;
-       this->public.attribute_hook = (bool(*)(sim_manager_t*, eap_code_t code, eap_type_t type, u_int8_t subtype, u_int8_t attribute, chunk_t data))attribute_hook;
+       this->public.message_hook = (void(*)(sim_manager_t*, simaka_message_t *message, bool inbound, bool decrypted))message_hook;
        this->public.key_hook = (void(*)(sim_manager_t*, chunk_t k_encr, chunk_t k_auth))key_hook;
        this->public.destroy = (void(*)(sim_manager_t*))destroy;
 
index 49d27cb..9aa661a 100644 (file)
@@ -31,6 +31,9 @@ typedef struct sim_card_t sim_card_t;
 typedef struct sim_provider_t sim_provider_t;
 typedef struct sim_hooks_t sim_hooks_t;
 
+/** implemented in libsimaka, but we need it for the message hook */
+typedef struct simaka_message_t simaka_message_t;
+
 #define SIM_RAND_LEN   16
 #define SIM_SRES_LEN    4
 #define SIM_KC_LEN              8
@@ -245,17 +248,17 @@ struct sim_provider_t {
 struct sim_hooks_t {
 
        /**
-        * SIM/AKA attribute parsing hook.
+        * SIM/AKA message parsing.
+        *
+        * As a SIM/AKA optionally contains encrypted attributes, the hook
+        * might get invoked twice, once before and once after decryption.
         *
-        * @param code          code of EAP message the attribute was parsed from
-        * @param type          EAP method, SIM or AKA
-        * @param subtye        method specific subtype
-        * @param attribute     parsed SIM/AKA attribute type
-        * @param data          attribute data
-        * @return                      TRUE to filter out attribute from further processing
+        * @param message       SIM/AKA message
+        * @param inbound       TRUE for incoming messages, FALSE for outgoing
+        * @param decrypted     TRUE if AT_ENCR_DATA has been decrypted
         */
-       bool (*attribute)(sim_hooks_t *this, eap_code_t code, eap_type_t type,
-                                         u_int8_t subtype, u_int8_t attribute, chunk_t data);
+       void (*message)(sim_hooks_t *this, simaka_message_t *message,
+                                       bool inbound, bool decrypted);
 
        /**
         * SIM/AKA encryption/authentication key hooks.
@@ -478,18 +481,14 @@ struct sim_manager_t {
        void (*remove_hooks)(sim_manager_t *this, sim_hooks_t *hooks);
 
        /**
-        * Invoke SIM/AKA attribute hook.
+        * Invoke SIM/AKA message hook.
         *
-        * @param code          EAP message code (Request/response/success/failed)
-        * @param type          EAP method type, EAP-SIM or AKA
-        * @param subtype       method specific message subtype
-        * @param attribute     SIM/AKA attribute type
-        * @param data          attribute data
-        * @return                      TRUE to filter out attribute from further processing
+        * @param message       SIM message
+        * @param inbound       TRUE for incoming messages, FALSE for outgoing
+        * @param decrypted     TRUE if AT_ENCR_DATA has been decrypted
         */
-       bool (*attribute_hook)(sim_manager_t *this, eap_code_t code,
-                                                  eap_type_t type, u_int8_t subtype,
-                                                  u_int8_t attribute, chunk_t data);
+       void (*message_hook)(sim_manager_t *this, simaka_message_t *message,
+                                                bool inbound, bool decrypted);
 
        /**
         * Invoke SIM/AKA key hook.
index 22d111b..e0319e9 100644 (file)
@@ -256,16 +256,12 @@ static void add_attribute(private_simaka_message_t *this,
 {
        attr_t *attr;
 
-       if (!charon->sim->attribute_hook(charon->sim, this->hdr->code,
-                                                       this->hdr->type, this->hdr->subtype, type, data))
-       {
-               attr = malloc(sizeof(attr_t) + data.len);
-               attr->len = data.len;
-               attr->type = type;
-               memcpy(attr->data, data.ptr, data.len);
+       attr = malloc(sizeof(attr_t) + data.len);
+       attr->len = data.len;
+       attr->type = type;
+       memcpy(attr->data, data.ptr, data.len);
 
-               this->attributes->insert_last(this->attributes, attr);
-       }
+       this->attributes->insert_last(this->attributes, attr);
 }
 
 /**
@@ -463,6 +459,9 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
                                break;
                }
        }
+
+       charon->sim->message_hook(charon->sim, &this->public, TRUE, this->encrypted);
+
        return TRUE;
 }
 
@@ -604,6 +603,8 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
        u_int16_t len;
        signer_t *signer;
 
+       charon->sim->message_hook(charon->sim, &this->public, FALSE, TRUE);
+
        out = chunk_create(out_buf, sizeof(out_buf));
        encr = chunk_create(encr_buf, sizeof(encr_buf));
 
@@ -814,6 +815,9 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
                data = chunk_cata("cc", out, sigdata);
                signer->get_signature(signer, data, mac.ptr);
        }
+
+       charon->sim->message_hook(charon->sim, &this->public, FALSE, FALSE);
+
        return eap_payload_create_data(out);
 }
 
index ee9b3eb..341f729 100644 (file)
@@ -31,7 +31,6 @@
 
 #include "simaka_crypto.h"
 
-typedef struct simaka_message_t simaka_message_t;
 typedef enum simaka_attribute_t simaka_attribute_t;
 typedef enum simaka_subtype_t simaka_subtype_t;
 typedef enum simaka_notification_t simaka_notification_t;