ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

- code cleanup of encoding package

This commit is contained in:
Martin Willi 2005-12-06 13:44:22 +00:00
parent 59de50868b
commit c3dc864eaa
46 changed files with 341 additions and 244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
Source/charon/encoding/generator.c
View File

@ -62,10 +62,7 @@ struct private_generator_t {
* Public part of a generator_t object.
*/
generator_t public;
/* private functions and fields */
/**
* Generates a U_INT-Field type and writes it to buffer.
*
@ -73,9 +70,9 @@ struct private_generator_t {
* @param int_type type of U_INT field (U_INT_4, U_INT_8, etc.)
* ATTRIBUTE_TYPE is also generated in this function
* @param offset offset of value in data struct
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @return
* - SUCCESS
* - SUCCESS
* - FAILED if allignment is wrong
*/
void (*generate_u_int_type) (private_generator_t *this,encoding_type_t int_type,u_int32_t offset);
@ -117,7 +114,7 @@ struct private_generator_t {
* it to the buffer.
*
* @param this private_generator_t object
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @param bits number of bits to generate
*/
void (*generate_reserved_field) (private_generator_t *this,int bits);
@ -126,8 +123,8 @@ struct private_generator_t {
* Generates a FLAG field.
*
* @param this private_generator_t object
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @param offset offset of flag value in data struct
* @param generator_contexts generator_contexts_t object where the context is written or read from
* @param offset offset of flag value in data struct
*/
void (*generate_flag) (private_generator_t *this,u_int32_t offset);
@ -144,8 +141,8 @@ struct private_generator_t {
/**
* Generates a bytestream from a chunk_t.
*
* @param this private_generator_t object
* @param offset offset of chunk_t value in data struct
* @param this private_generator_t object
* @param offset offset of chunk_t value in data struct
*/
void (*generate_from_chunk) (private_generator_t *this,u_int32_t offset);
@ -167,7 +164,7 @@ struct private_generator_t {
* is increased.
*
* @param this calling private_generator_t object
* @param bytes pointer to bytes to write
* @param bytes pointer to bytes to write
* @param number_of_bytes number of bytes to write into buffer
*/
void (*write_bytes_to_buffer) (private_generator_t *this,void * bytes,size_t number_of_bytes);
@ -179,9 +176,9 @@ struct private_generator_t {
* @warning buffer size is not check to hold the data if offset is to large.
*
* @param this calling private_generator_t object
* @param bytes pointer to bytes to write
* @param bytes pointer to bytes to write
* @param number_of_bytes number of bytes to write into buffer
* @param offset offset to write the data into
* @param offset offset to write the data into
*/
void (*write_bytes_to_buffer_at_offset) (private_generator_t *this,void * bytes,size_t number_of_bytes,u_int32_t offset);
@ -557,7 +554,6 @@ static void make_space_available (private_generator_t *this, size_t bits)
while (((this->get_current_buffer_space(this) * 8) - this->current_bit) < bits)
{
/* must increase buffer */
u_int8_t *new_buffer;
size_t old_buffer_size = this->get_current_buffer_size(this);
size_t new_buffer_size = old_buffer_size + GENERATOR_DATA_BUFFER_INCREASE_VALUE;
size_t out_position_offset = ((this->out_position) - (this->buffer));
@ -566,13 +562,7 @@ static void make_space_available (private_generator_t *this, size_t bits)
old_buffer_size, new_buffer_size);
/* Reallocate space for new buffer */
new_buffer = allocator_realloc(this->buffer,new_buffer_size);
if (new_buffer == NULL)
{
this->logger->log(this->logger, ERROR, "reallocation of gen buffer failed!!!");
}
this->buffer = new_buffer;
this->buffer = allocator_realloc(this->buffer,new_buffer_size);
this->out_position = (this->buffer + out_position_offset);
this->roof_position = (this->buffer + new_buffer_size);
@ -620,7 +610,6 @@ static void write_bytes_to_buffer_at_offset (private_generator_t *this,void * by
read_position++;
write_position++;
}
}
/**
@ -968,7 +957,6 @@ static void generate_payload (private_generator_t *this,payload_t *payload)
else
{
this->generate_u_int_type(this,U_INT_16,rules[i].offset);
// status = this->write_bytes_to_buffer(this,(this->data_struct + rules[i].offset),2);
}
break;
}
@ -1031,7 +1019,6 @@ static void generate_payload (private_generator_t *this,payload_t *payload)
}
this->logger->log_bytes(this->logger, RAW|MORE, "generated data for this payload",
payload_start, this->out_position-payload_start);
}
/**
@ -1048,7 +1035,7 @@ static status_t destroy(private_generator_t *this)
/*
* Described in header
*/
generator_t * generator_create()
generator_t *generator_create()
{
private_generator_t *this;

30
Source/charon/encoding/generator.h
View File

@ -30,18 +30,34 @@
/**
* Generating is done in a data buffer.
* This is thehe start size of this buffer in bytes.
*
* @ingroup enconding
*/
#define GENERATOR_DATA_BUFFER_SIZE 500
/**
* Number of bytes to increase the buffer, if it is to small.
*
* @ingroup enconding
*/
#define GENERATOR_DATA_BUFFER_INCREASE_VALUE 500
typedef struct generator_t generator_t;
/**
* A generator_t class used to generate IKEv2 payloads.
* @brief A generator_t class used to generate IKEv2 payloads.
*
* After creation, multiple payloads can be generated with the generate_payload
* method. The generated bytes are appended. After all payloads are added,
* the write_to_chunk method writes out all generated data since
* the creation of the generator. After that, the generator must be destroyed.
* The generater uses a set of encoding rules, which it can get from
* the supplied payload. With this rules, the generater can generate
* the payload and all substructures automatically.
*
* @b Constructor:
* - generator_create()
*
* @ingroup encoding
*/
@ -58,28 +74,28 @@ struct generator_t {
void (*generate_payload) (generator_t *this,payload_t *payload);
/**
* Writes all generated data of current generator context to a chunk.
* @brief Writes all generated data of the generator to a chunk.
*
* @param this generator_t object
* @param[out] data chunk to write the data to
* @param[out] data chunk to write the data to
*/
void (*write_to_chunk) (generator_t *this,chunk_t *data);
/**
* @brief Destroys a generator_t object.
*
* @param this generator_t object
* @param this generator_t object
*/
void (*destroy) (generator_t *this);
};
/**
* Constructor to create a generator.
* @brief Constructor to create a generator.
*
* Returns a new generator_t object.
* @return generator_t object.
*
* @ingroup encoding
*/
generator_t * generator_create();
generator_t *generator_create();
#endif /*GENERATOR_H_*/

46
Source/charon/encoding/message.c
View File

@ -747,7 +747,8 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) &current_payload);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "Payload type %s could not be parsed",mapping_find(payload_type_m,current_payload_type));
this->logger->log(this->logger, ERROR, "Payload type %s could not be parsed",
mapping_find(payload_type_m,current_payload_type));
return status;
}
@ -758,7 +759,8 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
status = current_payload->verify(current_payload);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "Payload type %s could not be verified",mapping_find(payload_type_m,current_payload_type));
this->logger->log(this->logger, ERROR, "Payload type %s verification failed",
mapping_find(payload_type_m,current_payload_type));
current_payload->destroy(current_payload);
status = VERIFY_ERROR;
return status;
@ -771,7 +773,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
/* an encryption payload is the last one, so STOP here. decryption is done later */
if (current_payload_type == ENCRYPTED)
{
this->logger->log(this->logger, CONTROL|MOST, "Payload of type encrypted found. Stop parsing.",
this->logger->log(this->logger, CONTROL|MOST, "Payload of type encrypted found. Stop parsing",
mapping_find(payload_type_m, current_payload_type));
break;
}
@ -779,13 +781,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
/* get next payload type */
current_payload_type = current_payload->get_next_type(current_payload);
}
this->logger->log(this->logger, CONTROL, "Message a %s %s contains %d payloads",
mapping_find(exchange_type_m, this->exchange_type),
this->is_request ? "request" : "response",
this->payloads->get_count(this->payloads));
/* */
if (current_payload_type == ENCRYPTED)
status = this->decrypt_payloads(this,crypter,signer);
if (status != SUCCESS)
@ -799,6 +795,12 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
{
this->logger->log(this->logger, ERROR, "Verification of message failed");
}
this->logger->log(this->logger, CONTROL, "Message a %s %s contains %d payloads",
mapping_find(exchange_type_m, this->exchange_type),
this->is_request ? "request" : "response",
this->payloads->get_count(this->payloads));
return status;
}
@ -836,7 +838,7 @@ static status_t verify(private_message_t *this)
unknown_payload_t *unknown_payload = (unknown_payload_t*)current_payload;
if (unknown_payload->is_critical(unknown_payload))
{
this->logger->log(this->logger, ERROR, "%s (%d) is not supported, but its critical!",
this->logger->log(this->logger, ERROR|MORE, "%s (%d) is not supported, but its critical!",
mapping_find(payload_type_m, current_payload_type), current_payload_type);
iterator->destroy(iterator);
return NOT_SUPPORTED;
@ -846,13 +848,13 @@ static status_t verify(private_message_t *this)
{
found_payloads++;
total_found_payloads++;
this->logger->log(this->logger, CONTROL | MOST, "Found payload of type %s",
this->logger->log(this->logger, CONTROL|MOST, "Found payload of type %s",
mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type));
/* as soon as ohe payload occures more then specified, the verification fails */
if (found_payloads > this->message_rule->payload_rules[i].max_occurence)
{
this->logger->log(this->logger, ERROR, "Payload of type %s more than %d times (%d) occured in current message",
this->logger->log(this->logger, ERROR|MORE, "Payload of type %s more than %d times (%d) occured in current message",
mapping_find(payload_type_m, current_payload_type),
this->message_rule->payload_rules[i].max_occurence, found_payloads);
iterator->destroy(iterator);
@ -863,7 +865,7 @@ static status_t verify(private_message_t *this)
if (found_payloads < this->message_rule->payload_rules[i].min_occurence)
{
this->logger->log(this->logger, ERROR, "Payload of type %s not occured %d times (%d)",
this->logger->log(this->logger, ERROR|MORE, "Payload of type %s not occured %d times (%d)",
mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type),
this->message_rule->payload_rules[i].min_occurence, found_payloads);
iterator->destroy(iterator);
@ -906,7 +908,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
/* needed to check */
current_payload_type = current_payload->get_type(current_payload);
this->logger->log(this->logger, CONTROL | MOST, "Process payload of type %s",mapping_find(payload_type_m,current_payload_type));
this->logger->log(this->logger, CONTROL|MOST, "Process payload of type %s",
mapping_find(payload_type_m,current_payload_type));
if (current_payload_type == ENCRYPTED)
{
@ -915,7 +918,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
encryption_payload = (encryption_payload_t*)current_payload;
this->logger->log(this->logger, CONTROL | MORE, "Found an encryption payload");
this->logger->log(this->logger, CONTROL | MOST, "Found an encryption payload");
if (payload_number != this->payloads->get_count(this->payloads))
{
@ -934,7 +937,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
iterator->destroy(iterator);
return status;
}
this->logger->log(this->logger, CONTROL | MORE, "Decrypt content of encryption payload");
this->logger->log(this->logger, CONTROL | MOST, "Decrypt content of encryption payload");
status = encryption_payload->decrypt(encryption_payload);
if (status != SUCCESS)
{
@ -950,7 +953,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
/* check if there are payloads contained in the encryption payload */
if (encryption_payload->get_payload_count(encryption_payload) == 0)
{
this->logger->log(this->logger, CONTROL | MOST, "Encrypted payload is empty");
this->logger->log(this->logger, CONTROL|MOST, "Encrypted payload is empty");
/* remove the encryption payload, is not needed anymore */
iterator->remove(iterator);
/* encrypted payload contains no other payload */
@ -958,7 +961,6 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
}
else
{
this->logger->log(this->logger, CONTROL | MOST, "Encrypted payload is not empty");
/* encryption_payload is replaced with first payload contained in encryption_payload */
encryption_payload->remove_first_payload(encryption_payload, &current_encrypted_payload);
iterator->replace(iterator,NULL,(void *) current_encrypted_payload);
@ -981,7 +983,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
while (encryption_payload->get_payload_count(encryption_payload) > 0)
{
encryption_payload->remove_first_payload(encryption_payload, &current_encrypted_payload);
this->logger->log(this->logger, CONTROL | MORE, "Insert unencrypted payload of type %s at end of list.",mapping_find(payload_type_m,current_encrypted_payload->get_type(current_encrypted_payload)));
this->logger->log(this->logger, CONTROL | MORE, "Insert unencrypted payload of type %s at end of list.",
mapping_find(payload_type_m,current_encrypted_payload->get_type(current_encrypted_payload)));
this->payloads->insert_last(this->payloads,current_encrypted_payload);
}
@ -1008,7 +1011,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig
/* payload was not encrypted, but should have been. or vice-versa */
this->logger->log(this->logger, ERROR | MORE, "Payload type %s should be %s!",
mapping_find(payload_type_m,current_payload_type),
(payload_rule->encrypted) ? "encrypted": "not encrypted");
(payload_rule->encrypted) ? "encrypted" : "not encrypted");
iterator->destroy(iterator);
return FAILED;
}
@ -1057,7 +1060,8 @@ static status_t encrypt_payloads (private_message_t *this,crypter_t *crypter, si
bool to_encrypt = FALSE;
all_payloads->remove_first(all_payloads,(void **)&current_payload);
this->logger->log(this->logger, CONTROL | MOST, "Get rule for payload %s", mapping_find(payload_type_m,current_payload->get_type(current_payload)));
this->logger->log(this->logger, CONTROL | ALL, "Get rule for payload %s",
mapping_find(payload_type_m,current_payload->get_type(current_payload)));
status = this->get_payload_rule(this,current_payload->get_type(current_payload),&payload_rule);
/* for payload types which are not found in supported payload list, it is presumed

6
Source/charon/encoding/message.h
View File

@ -335,7 +335,7 @@ struct message_t {
* Call message_t.parse_header afterwards.
*
* @param packet packet_t object which is assigned to message
* @return created message_t object
* @return message_t object
*
* @ingroup encoding
*/
@ -349,7 +349,7 @@ message_t * message_create_from_packet(packet_t *packet);
* - original_initiator is set to TRUE
* - is_request is set to TRUE
*
* @return created message_t object
* @return message_t object
*
* @ingroup encoding
*/
@ -358,7 +358,7 @@ message_t * message_create();
/**
* @brief Creates an message_t object of type reply containing a notify payload.
*
* @return created message_t object
* @return message_t object
*
* @ingroup encoding
*/

1
Source/charon/encoding/parser.c
View File

@ -1044,7 +1044,6 @@ parser_t *parser_create(chunk_t data)
this->public.get_remaining_byte_count = (int (*) (parser_t *))get_remaining_byte_count;
this->public.destroy = (void(*)(parser_t*)) destroy;
this->parse_uint4 = parse_uint4;
this->parse_uint8 = parse_uint8;
this->parse_uint15 = parse_uint15;

8
Source/charon/encoding/parser.h
View File

@ -31,12 +31,15 @@
typedef struct parser_t parser_t;
/**
* A parser_t class to parse IKEv2 payloads.
* @brief A parser_t class to parse IKEv2 payloads.
*
* A parser is used for parsing one chunk of data. Multiple
* payloads can be parsed out of the chunk using parse_payload.
* The parser remains the state until destroyed.
*
* @b Constructors:
* - parser_create()
*
* @ingroup encoding
*/
struct parser_t {
@ -53,7 +56,6 @@ struct parser_t {
* @param[out] payload pointer where parsed payload was allocated
* @return
* - SUCCESSFUL if succeeded,
* - NOT_SUPPORTED if payload_type is not supported
* - PARSE_ERROR if corrupted/invalid data found
*/
status_t (*parse_payload) (parser_t *this, payload_type_t payload_type, payload_t **payload);
@ -84,7 +86,7 @@ struct parser_t {
* @brief Constructor to create a parser_t object.
*
* @param data chunk of data to parse with this parser_t object
* @return the parser_t object
* @return parser_t object
*
* @ingroup encoding
*/

9
Source/charon/encoding/payloads/auth_payload.c
View File

@ -29,10 +29,10 @@
* String mappings for auth_method_t.
*/
mapping_t auth_method_m[] = {
{RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"},
{SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"},
{DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"},
{MAPPING_END, NULL}
{RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"},
{SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"},
{DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"},
{MAPPING_END, NULL}
};
@ -43,6 +43,7 @@ typedef struct private_auth_payload_t private_auth_payload_t;
*
*/
struct private_auth_payload_t {
/**
* Public auth_payload_t interface.
*/

23
Source/charon/encoding/payloads/auth_payload.h
View File

@ -61,20 +61,28 @@ enum auth_method_t {
DSS_DIGITAL_SIGNATURE = 3,
};
/**
* string mappings for auth method.
*
* @ingroup payloads
*/
extern mapping_t auth_method_m[];
typedef struct auth_payload_t auth_payload_t;
/**
* Object representing an IKEv2 AUTH payload.
* @brief Object representing an IKEv2 AUTH payload.
*
* The AUTH payload format is described in draft section 3.8.
*
* @ingroup payloads
* @b Constructors:
* - auth_payload_create()
*
* @ingroup payloads
*/
struct auth_payload_t {
/**
* The payload_t interface.
*/
@ -82,10 +90,9 @@ struct auth_payload_t {
/**
* @brief Set the AUTH method.
*
*
* @param this calling auth_payload_t object
* @param method Method of AUTH
* @param method auth_method_t to use
*/
void (*set_auth_method) (auth_payload_t *this, auth_method_t method);
@ -93,7 +100,7 @@ struct auth_payload_t {
* @brief Get the AUTH method.
*
* @param this calling auth_payload_t object
* @return Method of the AUTH
* @return auth_method_t used
*/
auth_method_t (*get_auth_method) (auth_payload_t *this);
@ -110,7 +117,7 @@ struct auth_payload_t {
/**
* @brief Get the AUTH data.
*
* Returned data are a copy of the internal one
* Returned data are a copy of the internal one.
*
* @param this calling auth_payload_t object
* @return AUTH data as chunk_t
@ -130,7 +137,7 @@ struct auth_payload_t {
/**
* @brief Destroys an auth_payload_t object.
*
* @param this auth_payload_t object to destroy
* @param this auth_payload_t object to destroy
*/
void (*destroy) (auth_payload_t *this);
};
@ -138,7 +145,7 @@ struct auth_payload_t {
/**
* @brief Creates an empty auth_payload_t object.
*
* @return created auth_payload_t object
* @return auth_payload_t object
*
* @ingroup payloads
*/

26
Source/charon/encoding/payloads/cert_payload.c
View File

@ -29,19 +29,19 @@
* String mappings for cert_encoding_t.
*/
mapping_t cert_encoding_m[] = {
{PKCS7_WRAPPED_X509_CERTIFICATE, "PKCS7_WRAPPED_X509_CERTIFICATE"},
{PGP_CERTIFICATE, "PGP_CERTIFICATE"},
{DNS_SIGNED_KEY, "DNS_SIGNED_KEY"},
{X509_CERTIFICATE_SIGNATURE, "X509_CERTIFICATE_SIGNATURE"},
{KERBEROS_TOKEN, "KERBEROS_TOKEN"},
{CERTIFICATE_REVOCATION_LIST, "CERTIFICATE_REVOCATION_LIST"},
{AUTHORITY_REVOCATION_LIST, "AUTHORITY_REVOCATION_LIST"},
{SPKI_CERTIFICATE, "SPKI_CERTIFICATE"},
{X509_CERTIFICATE_ATTRIBUTE, "X509_CERTIFICATE_ATTRIBUTE"},
{RAW_SA_KEY, "RAW_SA_KEY"},
{HASH_AND_URL_X509_CERTIFICATE, "HASH_AND_URL_X509_CERTIFICATE"},
{HASH_AND_URL_X509_BUNDLE, "HASH_AND_URL_X509_BUNDLE"},
{MAPPING_END, NULL}
{PKCS7_WRAPPED_X509_CERTIFICATE, "PKCS7_WRAPPED_X509_CERTIFICATE"},
{PGP_CERTIFICATE, "PGP_CERTIFICATE"},
{DNS_SIGNED_KEY, "DNS_SIGNED_KEY"},
{X509_CERTIFICATE_SIGNATURE, "X509_CERTIFICATE_SIGNATURE"},
{KERBEROS_TOKEN, "KERBEROS_TOKEN"},
{CERTIFICATE_REVOCATION_LIST, "CERTIFICATE_REVOCATION_LIST"},
{AUTHORITY_REVOCATION_LIST, "AUTHORITY_REVOCATION_LIST"},
{SPKI_CERTIFICATE, "SPKI_CERTIFICATE"},
{X509_CERTIFICATE_ATTRIBUTE, "X509_CERTIFICATE_ATTRIBUTE"},
{RAW_SA_KEY, "RAW_SA_KEY"},
{HASH_AND_URL_X509_CERTIFICATE, "HASH_AND_URL_X509_CERTIFICATE"},
{HASH_AND_URL_X509_BUNDLE, "HASH_AND_URL_X509_BUNDLE"},
{MAPPING_END, NULL}
};

20
Source/charon/encoding/payloads/cert_payload.h
View File

@ -37,7 +37,7 @@
typedef enum cert_encoding_t cert_encoding_t;
/**
* Cert Encoding.
* @brief Certificate encoding, as described in IKEv2 draft section 3.6
*
* @ingroup payloads
*/
@ -56,6 +56,11 @@ enum cert_encoding_t {
HASH_AND_URL_X509_BUNDLE = 13
};
/**
* string mappings for cert_encoding_t.
*
* @ingroup payloads
*/
extern mapping_t cert_encoding_m[];
@ -65,11 +70,17 @@ typedef struct cert_payload_t cert_payload_t;
* Object representing an IKEv2 CERT payload.
*
* The CERT payload format is described in draft section 3.6.
* This is just a dummy implementation to fullfill the standards
* requirements. A full implementation would offer setters/getters
* for the different encoding types.
*
* @b Constructors:
* - cert_payload_create()
*
* @ingroup payloads
*
*/
struct cert_payload_t {
/**
* The payload_t interface.
*/
@ -77,7 +88,6 @@ struct cert_payload_t {
/**
* @brief Set the CERT encoding.
*
*
* @param this calling cert_payload_t object
* @param encoding CERT encoding
@ -125,7 +135,7 @@ struct cert_payload_t {
/**
* @brief Destroys an cert_payload_t object.
*
* @param this cert_payload_t object to destroy
* @param this cert_payload_t object to destroy
*/
void (*destroy) (cert_payload_t *this);
};
@ -133,7 +143,7 @@ struct cert_payload_t {
/**
* @brief Creates an empty cert_payload_t object.
*
* @return created cert_payload_t object
* @return cert_payload_t object
*
* @ingroup payloads
*/

12
Source/charon/encoding/payloads/certreq_payload.h
View File

@ -38,12 +38,17 @@
typedef struct certreq_payload_t certreq_payload_t;
/**
* Object representing an IKEv2 CERTREQ payload.
* @brief Class representing an IKEv2 CERTREQ payload.
*
* The CERTREQ payload format is described in draft section 3.7.
* This is just a dummy implementation to fullfill the standards
* requirements. A full implementation would offer setters/getters
* for the different encoding types.
*
* @b Constructors:
* - certreq_payload_create()
*
* @ingroup payloads
*
*/
struct certreq_payload_t {
/**
@ -53,7 +58,6 @@ struct certreq_payload_t {
/**
* @brief Set the CERT encoding.
*
*
* @param this calling certreq_payload_t object
* @param encoding CERT encoding
@ -109,7 +113,7 @@ struct certreq_payload_t {
/**
* @brief Creates an empty certreq_payload_t object.
*
* @return created certreq_payload_t object
* @return certreq_payload_t object
*
* @ingroup payloads
*/

5
Source/charon/encoding/payloads/configuration_attribute.h
View File

@ -70,10 +70,13 @@ extern mapping_t configuration_attribute_type_m[];
typedef struct configuration_attribute_t configuration_attribute_t;
/**
* Object representing an IKEv2- CONFIGURATION Attribute.
* @brief Class representing an IKEv2-CONFIGURATION Attribute.
*
* The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1.
*
* @b Constructors:
* - configuration_attribute_create()
*
* @ingroup payloads
*/
struct configuration_attribute_t {

10
Source/charon/encoding/payloads/cp_payload.c
View File

@ -34,11 +34,11 @@
* String mappings for config_type_t.
*/
mapping_t config_type_m[] = {
{CFG_REQUEST, "CFG_REQUEST"},
{CFG_REPLY, "CFG_REPLY"},
{CFG_SET, "CFG_SET"},
{CFG_ACK, "CFG_ACK"},
{MAPPING_END, NULL}
{CFG_REQUEST, "CFG_REQUEST"},
{CFG_REPLY, "CFG_REPLY"},
{CFG_SET, "CFG_SET"},
{CFG_ACK, "CFG_ACK"},
{MAPPING_END, NULL}
};

30
Source/charon/encoding/payloads/cp_payload.h
View File

@ -51,16 +51,24 @@ enum config_type_t {
CFG_ACK = 4,
};
/**
* string mappings for config_type_t.
*
* @ingroup payloads
*/
extern mapping_t config_type_m[];
typedef struct cp_payload_t cp_payload_t;
/**
* Class representing an IKEv2-CP Payload.
* @brief Class representing an IKEv2-CP Payload.
*
* The CP Payload format is described in RFC section 3.15.
*
* @b Constructors:
* - cp_payload_create()
*
* @ingroup payloads
*/
struct cp_payload_t {
@ -90,19 +98,31 @@ struct cp_payload_t {
* @warning The added configuration_attribute_t object is
* getting destroyed in destroy function of cp_payload_t.
*
* @param this calling cp_payload_t object
* @param attribute configuration_attribute_t object to add
* @param this calling cp_payload_t object
* @param attribute configuration_attribute_t object to add
*/
void (*add_configuration_attribute) (cp_payload_t *this, configuration_attribute_t *attribute);
/**
* @brief Set the config type.
*
* @param this calling cp_payload_t object
* @param config_type config_type_t to set
*/
void (*set_config_type) (cp_payload_t *this,config_type_t config_type);
/**
* @brief Get the config type.
*
* @param this calling cp_payload_t object
* @return config_type_t
*/
config_type_t (*get_config_type) (cp_payload_t *this);
/**
* @brief Destroys an cp_payload_t object.
*
* @param this cp_payload_t object to destroy
* @param this cp_payload_t object to destroy
*/
void (*destroy) (cp_payload_t *this);
};
@ -110,7 +130,7 @@ struct cp_payload_t {
/**
* @brief Creates an empty cp_payload_t object
*
* @return created cp_payload_t object
* @return cp_payload_t object
*
* @ingroup payloads
*/

12
Source/charon/encoding/payloads/delete_payload.h
View File

@ -39,12 +39,14 @@
typedef struct delete_payload_t delete_payload_t;
/**
* Object representing an IKEv2 DELETE payload.
* @brief Class representing an IKEv2 DELETE payload.
*
* The DELETE payload format is described in draft section 3.11.
*
* @ingroup payloads
* @b Constructors:
* - delete_payload_create()
*
* @ingroup payloads
*/
struct delete_payload_t {
/**
@ -54,7 +56,6 @@ struct delete_payload_t {
/**
* @brief Set the protocol ID.
*
*
* @param this calling delete_payload_t object
* @param protocol_id protocol ID
@ -82,13 +83,12 @@ struct delete_payload_t {
* @brief Get the SPI size.
*
* @param this calling delete_payload_t object
* @return SPI size
* @return SPI size
*/
u_int8_t (*get_spi_size) (delete_payload_t *this);
/**
* @brief Set the SPI count.
*
*
* @param this calling delete_payload_t object
* @param spi_count SPI count
@ -144,7 +144,7 @@ struct delete_payload_t {
/**
* @brief Creates an empty delete_payload_t object.
*
* @return created delete_payload_t object
* @return delete_payload_t object
*
* @ingroup payloads
*/

8
Source/charon/encoding/payloads/eap_payload.h
View File

@ -37,12 +37,14 @@
typedef struct eap_payload_t eap_payload_t;
/**
* Object representing an IKEv2 EAP payload.
* @brief Class representing an IKEv2 EAP payload.
*
* The EAP payload format is described in draft section 3.16.
*
* @ingroup payloads
* @b Constructors:
* - eap_payload_create()
*
* @ingroup payloads
*/
struct eap_payload_t {
/**
@ -91,7 +93,7 @@ struct eap_payload_t {
/**
* @brief Creates an empty eap_payload_t object.
*
* @return created eap_payload_t object
* @return eap_payload_t object
*
* @ingroup payloads
*/

2
Source/charon/encoding/payloads/encodings.c
View File

@ -1,7 +1,7 @@
/**
* @file encodings.c
*
* @brief Encoding types of fields in a IKEv2 payload.
* @brief String mappings of encoding_type_t.
*
*/

30
Source/charon/encoding/payloads/encodings.h
View File

@ -1,7 +1,7 @@
/**
* @file encodings.h
*
* @brief Encoding types of fields in a IKEv2 payload.
* @brief Definition of encoding_type_t.
*
*/
@ -43,7 +43,8 @@ typedef enum encoding_type_t encoding_type_t;
*
* @ingroup payloads
*/
enum encoding_type_t{
enum encoding_type_t {
/**
* Representing a 4 Bit unsigned int value.
*
@ -57,6 +58,7 @@ enum encoding_type_t{
* The current read pointer is moved 4 bit forward afterwards.
*/
U_INT_4,
/**
* Representing a 8 Bit unsigned int value.
*
@ -70,6 +72,7 @@ enum encoding_type_t{
* The current read pointer is moved 8 bit forward afterwards.
*/
U_INT_8,
/**
* Representing a 16 Bit unsigned int value.
*
@ -83,6 +86,7 @@ enum encoding_type_t{
* The current read pointer is moved 16 bit forward afterwards.
*/
U_INT_16,
/**
* Representing a 32 Bit unsigned int value.
*
@ -94,8 +98,8 @@ enum encoding_type_t{
* The value is written to the associated data struct.
* The current read pointer is moved 32 bit forward afterwards.
*/
U_INT_32,
/**
* Representing a 64 Bit unsigned int value.
*
@ -108,6 +112,7 @@ enum encoding_type_t{
* The current read pointer is moved 64 bit forward afterwards.
*/
U_INT_64,
/**
* @brief represents a RESERVED_BIT used in FLAG-Bytes.
*
@ -121,6 +126,7 @@ enum encoding_type_t{
* The current read pointer is moved 1 bit forward afterwards.
*/
RESERVED_BIT,
/**
* @brief represents a RESERVED_BYTE.
*
@ -134,6 +140,7 @@ enum encoding_type_t{
* The current read pointer is moved 1 byte forward afterwards.
*/
RESERVED_BYTE,
/**
* Representing a 1 Bit flag.
*
@ -146,6 +153,7 @@ enum encoding_type_t{
* is moved 1 bit forward afterwards
*/
FLAG,
/**
* Representating a length field of a payload.
*
@ -158,6 +166,7 @@ enum encoding_type_t{
* The current read pointer is moved 16 bit forward afterwards.
*/
PAYLOAD_LENGTH,
/**
* Representating a length field of a header.
*
@ -170,6 +179,7 @@ enum encoding_type_t{
* The current read pointer is moved 32 bit forward afterwards.
*/
HEADER_LENGTH,
/**
* Representating a spi size field.
*
@ -182,6 +192,7 @@ enum encoding_type_t{
* The current read pointer is moved 8 bit forward afterwards.
*/
SPI_SIZE,
/**
* Representating a spi field.
*
@ -191,6 +202,7 @@ enum encoding_type_t{
* When parsing SPI_SIZE bytes are read and written into the chunk pointing to.
*/
SPI,
/**
* Representating a Key Exchange Data field.
*
@ -200,6 +212,7 @@ enum encoding_type_t{
* When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to.
*/
KEY_EXCHANGE_DATA,
/**
* Representating a Notification field.
*
@ -209,6 +222,7 @@ enum encoding_type_t{
* When parsing (Payload Length - spi size - 8) bytes are read and written into the chunk pointing to.
*/
NOTIFICATION_DATA,
/**
* Representating one or more proposal substructures.
*
@ -221,6 +235,7 @@ enum encoding_type_t{
* to be stored in the pointed linked_list.
*/
PROPOSALS,
/**
* Representating one or more transform substructures.
*
@ -233,6 +248,7 @@ enum encoding_type_t{
* to be stored in the pointed linked_list.
*/
TRANSFORMS,
/**
* Representating one or more Attributes of a transform substructure.
*
@ -464,8 +480,7 @@ enum encoding_type_t{
* When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to.
*/
UNKNOWN_DATA,
/**
* Representating an IKE_SPI field in an IKEv2 Header.
*
@ -480,14 +495,16 @@ enum encoding_type_t{
* Representing the encrypted data body of a encryption payload.
*/
ENCRYPTED_DATA,
};
/**
* mappings to map encoding_type_t's to strings
*
* @ingroup payloads
*/
extern mapping_t encoding_type_m[];
typedef struct encoding_rule_t encoding_rule_t;
/**
@ -502,6 +519,7 @@ typedef struct encoding_rule_t encoding_rule_t;
* @ingroup payloads
*/
struct encoding_rule_t {
/**
* Encoding type.
*/

20
Source/charon/encoding/payloads/encryption_payload.c
View File

@ -46,6 +46,7 @@ typedef struct private_encryption_payload_t private_encryption_payload_t;
*
*/
struct private_encryption_payload_t {
/**
* Public encryption_payload_t interface.
*/
@ -314,7 +315,7 @@ static status_t encrypt(private_encryption_payload_t *this)
allocator_free(to_crypt.ptr);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "encryption failed");
this->logger->log(this->logger, ERROR|MORE, "encryption failed");
allocator_free(iv.ptr);
return status;
}
@ -365,7 +366,7 @@ static status_t decrypt(private_encryption_payload_t *this)
*/
if (concatenated.len < iv.len)
{
this->logger->log(this->logger, ERROR, "could not decrypt, invalid input");
this->logger->log(this->logger, ERROR|MORE, "could not decrypt, invalid input");
return FAILED;
}
@ -375,7 +376,7 @@ static status_t decrypt(private_encryption_payload_t *this)
status = this->crypter->decrypt(this->crypter, concatenated, iv, &(this->decrypted));
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "could not decrypt, decryption failed");
this->logger->log(this->logger, ERROR|MORE, "could not decrypt, decryption failed");
return FAILED;
}
@ -388,7 +389,7 @@ static status_t decrypt(private_encryption_payload_t *this)
/* check size again */
if (padding_length > concatenated.len || this->decrypted.len < 0)
{
this->logger->log(this->logger, ERROR, "decryption failed, invalid padding length found. Invalid key ?");
this->logger->log(this->logger, ERROR|MORE, "decryption failed, invalid padding length found. Invalid key?");
/* decryption failed :-/ */
return FAILED;
}
@ -491,7 +492,7 @@ static void generate(private_encryption_payload_t *this)
else
{
/* no paylads? */
this->logger->log(this->logger, CONTROL|MOST, "generating contained payloads, but no available");
this->logger->log(this->logger, CONTROL|MORE, "generating contained payloads, but no available");
allocator_free(this->decrypted.ptr);
this->decrypted = CHUNK_INITIALIZER;
iterator->destroy(iterator);
@ -519,7 +520,7 @@ static void generate(private_encryption_payload_t *this)
generator->write_to_chunk(generator, &(this->decrypted));
generator->destroy(generator);
this->logger->log(this->logger, CONTROL|MOST, "successfully generated content in encrpytion payload");
this->logger->log(this->logger, CONTROL|MORE, "successfully generated content in encrpytion payload");
}
/**
@ -558,8 +559,7 @@ static status_t parse(private_encryption_payload_t *this)
status = current_payload->verify(current_payload);
if (status != SUCCESS)
{
this->logger->log(this->logger, ERROR, "%s verification failed: %s",
this->logger->log(this->logger, ERROR|MORE, "%s verification failed: %s",
mapping_find(payload_type_m,current_payload->get_type(current_payload)),
mapping_find(status_m, status));
current_payload->destroy(current_payload);
@ -573,7 +573,7 @@ static status_t parse(private_encryption_payload_t *this)
this->payloads->insert_last(this->payloads,current_payload);
}
parser->destroy(parser);
this->logger->log(this->logger, CONTROL|MOST, "succesfully parsed content of encryption payload");
this->logger->log(this->logger, CONTROL|MORE, "succesfully parsed content of encryption payload");
return SUCCESS;
}
@ -678,5 +678,3 @@ encryption_payload_t *encryption_payload_create()
return (&(this->public));
}

24
Source/charon/encoding/payloads/encryption_payload.h
View File

@ -30,6 +30,8 @@
/**
* Encrpytion payload length in bytes without IV and following data.
*
* @ingroup payloads
*/
#define ENCRYPTION_PAYLOAD_HEADER_LENGTH 4
@ -39,6 +41,19 @@ typedef struct encryption_payload_t encryption_payload_t;
/**
* @brief The encryption payload as described in RFC section 3.14.
*
* Before any crypt/decrypt/sign/verify operation can occur,
* the transforms must be set. After that, a parsed encryption payload
* can be decrypted, which also will parse the contained payloads.
* Encryption is done the same way, added payloads will get generated
* and then encrypted.
* For signature building, there is the FULL packet needed. Meaning it
* must be builded after generation of all payloads and the encryption
* of the encryption payload.
* Signature verificatin is done before decryption.
*
* @b Constructors:
* - encryption_payload_create()
*
* @ingroup payloads
*/
struct encryption_payload_t {
@ -91,7 +106,8 @@ struct encryption_payload_t {
* To decryption, encryption, signature building and verifying,
* the payload needs a crypter and a signer object.
*
* @warning Do NOT call this function twice!
* @warning Do NOT call this function again after encryption, since
* the signer must be the same while encrypting and signature building!
*
* @param this calling encryption_payload_t
* @param crypter crypter_t to use for data de-/encryption
@ -162,7 +178,7 @@ struct encryption_payload_t {
/**
* @brief Destroys an encryption_payload_t object.
*
* @param this encryption_payload_t object to destroy
* @param this encryption_payload_t object to destroy
*/
void (*destroy) (encryption_payload_t *this);
};
@ -170,11 +186,11 @@ struct encryption_payload_t {
/**
* @brief Creates an empty encryption_payload_t object.
*
* @return created encryption_payload_t object
* @returnencryption_payload_t object
*
* @ingroup payloads
*/
encryption_payload_t *encryption_payload_create();
#endif /*ENCRYPTION_PAYLOAD_H_*/

3
Source/charon/encoding/payloads/id_payload.c
View File

@ -257,7 +257,7 @@ static void set_initiator (private_id_payload_t *this,bool is_initiator)
/**
* Implementation of id_payload_t.get_identification.
*/
static identification_t * get_identification (private_id_payload_t *this)
static identification_t *get_identification (private_id_payload_t *this)
{
return identification_create_from_encoding(this->id_type,this->id_data);
}
@ -271,7 +271,6 @@ static void destroy(private_id_payload_t *this)
{
allocator_free_chunk(&(this->id_data));
}
allocator_free(this);
}

14
Source/charon/encoding/payloads/id_payload.h
View File

@ -43,8 +43,11 @@ typedef struct id_payload_t id_payload_t;
*
* The ID payload format is described in draft section 3.5.
*
* @ingroup payloads
* @b Constructors:
* - id_payload_create_from_identification()
* - id_payload_create()
*
* @ingroup payloads
*/
struct id_payload_t {
/**
@ -54,7 +57,6 @@ struct id_payload_t {
/**
* @brief Set the ID type.
*
*
* @param this calling id_payload_t object
* @param type Type of ID
@ -105,9 +107,7 @@ struct id_payload_t {
* Returned object has to get destroyed by the caller.
*
* @param this calling id_payload_t object
* @return
* - identification_t object
* - NULL if ID type not supported
* @return identification_t object
*/
identification_t *(*get_identification) (id_payload_t *this);
@ -148,7 +148,7 @@ struct id_payload_t {
* - TRUE if this payload is of type IDi
* - FALSE if this payload is of type IDr
*
* @return created id_payload_t object
* @return id_payload_t object
*
* @ingroup payloads
*/
@ -161,7 +161,7 @@ id_payload_t *id_payload_create(bool is_initiator);
* - TRUE if this payload is of type IDi
* - FALSE if this payload is of type IDr
* @param identification identification_t object
* @return created id_payload_t object
* @return id_payload_t object
*
* @ingroup payloads
*/

18
Source/charon/encoding/payloads/ike_header.h
View File

@ -66,7 +66,7 @@ typedef enum exchange_type_t exchange_type_t;
enum exchange_type_t{
/**
* EXCHANGE_TYPE_UNDEFINED, not a official message type :-).
* EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type.
*/
EXCHANGE_TYPE_UNDEFINED = 240,
@ -91,19 +91,27 @@ enum exchange_type_t{
INFORMATIONAL = 37
};
/**
* string mappings for exchange_type_t
*
* @ingroup payloads
*/
extern mapping_t exchange_type_m[];
typedef struct ike_header_t ike_header_t;
/**
* An object of this type represents an IKEv2 header and is used to
* @brief An object of this type represents an IKEv2 header and is used to
* generate and parse IKEv2 headers.
*
*
* The header format of an IKEv2-Message is compatible to the
* ISAKMP-Header format to allow implementations supporting
* both versions of the IKE-protocol.
*
* @b Constructors:
* - ike_header_create()
*
* @ingroup payloads
*/
struct ike_header_t {
@ -236,7 +244,7 @@ struct ike_header_t {
/**
* @brief Destroys a ike_header_t object.
*
* @param this ike_header_t object to destroy
* @param this ike_header_t object to destroy
*/
void (*destroy) (ike_header_t *this);
};
@ -244,7 +252,7 @@ struct ike_header_t {
/**
* @brief Create an ike_header_t object
*
* @return created ike_header_t object
* @return ike_header_t object
*
* @ingroup payloads
*/

3
Source/charon/encoding/payloads/ke_payload.c
View File

@ -56,7 +56,6 @@ struct private_ke_payload_t {
*/
u_int16_t payload_length;
/**
* DH Group Number.
*/
@ -274,7 +273,7 @@ ke_payload_t *ke_payload_create()
this->compute_length = compute_length;
/* set default values of the fields */
this->critical = KE_PAYLOAD_CRITICAL_FLAG;
this->critical = FALSE;
this->next_payload = NO_PAYLOAD;
this->payload_length = KE_PAYLOAD_HEADER_LENGTH;
this->key_exchange_data.ptr = NULL;

15
Source/charon/encoding/payloads/ke_payload.h
View File

@ -27,14 +27,6 @@
#include <encoding/payloads/payload.h>
#include <encoding/payloads/transform_substructure.h>
#include <utils/linked_list.h>
/**
* Critical flag must not be set.
*
* @ingroup payloads
*/
#define KE_PAYLOAD_CRITICAL_FLAG FALSE;
/**
* KE payload length in bytes without any key exchange data.
*
@ -46,10 +38,13 @@
typedef struct ke_payload_t ke_payload_t;
/**
* Object representing an IKEv2-KE Payload.
* @brief Class representing an IKEv2-KE Payload.
*
* The KE Payload format is described in RFC section 3.4.
*
* @b Constructors:
* - ke_payload_create()
*
* @ingroup payloads
*/
struct ke_payload_t {
@ -105,7 +100,7 @@ struct ke_payload_t {
/**
* @brief Creates an empty ke_payload_t object
*
* @return created ke_payload_t object
* @return ke_payload_t object
*
* @ingroup payloads
*/

25
Source/charon/encoding/payloads/nonce_payload.c
View File

@ -130,24 +130,21 @@ static status_t verify(private_nonce_payload_t *this)
*/
static status_t set_nonce(private_nonce_payload_t *this, chunk_t nonce)
{
if (nonce.len >= 16 && nonce.len <= 256)
{
this->nonce.ptr = allocator_clone_bytes(nonce.ptr, nonce.len);
this->nonce.len = nonce.len;
this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + nonce.len;
return SUCCESS;
}
return INVALID_ARG;
this->nonce.ptr = allocator_clone_bytes(nonce.ptr, nonce.len);
this->nonce.len = nonce.len;
this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + nonce.len;
return SUCCESS;
}
/**
* Implementation of nonce_payload_t.get_nonce.
*/
static void get_nonce(private_nonce_payload_t *this, chunk_t *nonce)
static chunk_t get_nonce(private_nonce_payload_t *this)
{
nonce->ptr = allocator_clone_bytes(this->nonce.ptr,this->nonce.len);
nonce->len = this->nonce.len;
chunk_t nonce;
nonce.ptr = allocator_clone_bytes(this->nonce.ptr,this->nonce.len);
nonce.len = this->nonce.len;
return nonce;
}
/**
@ -231,8 +228,8 @@ nonce_payload_t *nonce_payload_create()
/* public functions */
this->public.destroy = (void (*) (nonce_payload_t *)) destroy;
this->public.set_nonce = (status_t (*) (nonce_payload_t *,chunk_t)) set_nonce;
this->public.get_nonce = (void (*) (nonce_payload_t *,chunk_t*)) get_nonce;
this->public.set_nonce = (void (*) (nonce_payload_t *,chunk_t)) set_nonce;
this->public.get_nonce = (chunk_t (*) (nonce_payload_t *)) get_nonce;
/* private functions */
this->compute_length = compute_length;

17
Source/charon/encoding/payloads/nonce_payload.h
View File

@ -40,8 +40,10 @@ typedef struct nonce_payload_t nonce_payload_t;
*
* The Nonce payload format is described in draft section 3.3.
*
* @ingroup payloads
* @b Constructors:
* - nonce_payload_create()
*
* @ingroup payloads
*/
struct nonce_payload_t {
/**
@ -51,24 +53,19 @@ struct nonce_payload_t {
/**
* @brief Set the nonce value.
*
* The nonce must have length between 16 and 256 bytes.
*
* @param this calling nonce_payload_t object
* @param nonce chunk containing the nonce, will be cloned
* @return
* - SUCCESS or
* - INVALID_ARG, if nonce has an invalid size
*/
status_t (*set_nonce) (nonce_payload_t *this, chunk_t nonce);
void (*set_nonce) (nonce_payload_t *this, chunk_t nonce);
/**
* @brief Get the nonce value.
*
* @param this calling nonce_payload_t object
* @param[out] nonce chunk where nonce data is located (cloned)
* @return a chunk containing the cloned nonce
*/
void (*get_nonce) (nonce_payload_t *this, chunk_t *nonce);
chunk_t (*get_nonce) (nonce_payload_t *this);
/**
* @brief Destroys an nonce_payload_t object.
@ -81,7 +78,7 @@ struct nonce_payload_t {
/**
* @brief Creates an empty nonce_payload_t object
*
* @return created nonce_payload_t object
* @return nonce_payload_t object
*
* @ingroup payloads
*/

3
Source/charon/encoding/payloads/notify_payload.c
View File

@ -47,11 +47,8 @@ mapping_t notify_message_type_m[] = {
{FAILED_CP_REQUIRED, "FAILED_CP_REQUIRED"},
{TS_UACCEPTABLE, "TS_UACCEPTABLE"},
{INVALID_SELECTORS, "INVALID_SELECTORS"},
/* status messages */
{INITIAL_CONTACT, "INITIAL_CONTACT"},
{SET_WINDOW_SIZE, "SET_WINDOW_SIZE"},
{MAPPING_END, NULL}
};

14
Source/charon/encoding/payloads/notify_payload.h
View File

@ -49,7 +49,7 @@ typedef enum notify_message_type_t notify_message_type_t;
/**
* @brief Notify message types.
*
* Ssee IKEv2 draft 3.10.1.
* See IKEv2 draft 3.10.1.
*
* @ingroup payloads
*/
@ -76,18 +76,22 @@ enum notify_message_type_t {
/**
* String mappings for notify_message_type_t.
*
* @ingroup payloads
*/
extern mapping_t notify_message_type_m[];
typedef struct notify_payload_t notify_payload_t;
/**
* Object representing an IKEv2-Notify Payload.
* @brief Class representing an IKEv2-Notify Payload.
*
* The Notify Payload format is described in Draft section 3.10.
*
*
* @b Constructors:
* - notify_payload_create()
* - notify_payload_create_from_protocol_and_type()
*
* @ingroup payloads
*/
@ -191,7 +195,7 @@ notify_payload_t *notify_payload_create();
*
* @param protocol_id protocol id (IKE, AH or ESP)
* @param notify_message_type notify type (see notify_message_type_t)
* @return created notify_payload_t object
* @return notify_payload_t object
*
* @ingroup payloads
*/

3
Source/charon/encoding/payloads/payload.h
View File

@ -3,7 +3,6 @@
*
* @brief Interface payload_t.
*
*
*/
/*
@ -273,7 +272,7 @@ struct payload_t {
* an unknwon_paylod is created with the chunk of data in it.
*
* @param type type of the payload to create
* @return created payload
* @return payload_t object
*/
payload_t *payload_create(payload_type_t type);

6
Source/charon/encoding/payloads/proposal_substructure.c
View File

@ -31,6 +31,12 @@
#include <utils/allocator.h>
#include <utils/linked_list.h>
/**
* IKEv1 Value for a proposal payload.
*/
#define PROPOSAL_TYPE_VALUE 2
/**
* String mappings for protocol_id_t.
*/

17
Source/charon/encoding/payloads/proposal_substructure.h
View File

@ -28,16 +28,9 @@
#include <encoding/payloads/transform_substructure.h>
#include <utils/linked_list.h>
/**
* IKEv1 Value for a proposal payload.
*
* @ingroup payloads
*/
#define PROPOSAL_TYPE_VALUE 2
/**
* Length of the proposal substructure header
* (without spi).
* Length of the proposal substructure header (without spi).
*
* @ingroup payloads
*/
@ -60,6 +53,8 @@ enum protocol_id_t {
/**
* String mappings for protocol_id_t.
*
* @ingroup payloads
*/
extern mapping_t protocol_id_m[];
@ -70,6 +65,9 @@ typedef struct proposal_substructure_t proposal_substructure_t;
*
* The PROPOSAL SUBSTRUCTURE format is described in RFC section 3.3.1.
*
* @b Constructors:
* - proposal_substructure_create()
*
* @ingroup payloads
*/
struct proposal_substructure_t {
@ -214,12 +212,11 @@ struct proposal_substructure_t {
/**
* @brief Creates an empty proposal_substructure_t object
*
* @return created proposal_substructure_t object
* @return proposal_substructure_t object
*
* @ingroup payloads
*/
proposal_substructure_t *proposal_substructure_create();
#endif /*PROPOSAL_SUBSTRUCTURE_H_*/

26
Source/charon/encoding/payloads/sa_payload.h
View File

@ -47,10 +47,15 @@
typedef struct sa_payload_t sa_payload_t;
/**
* Class representing an IKEv2-SA Payload.
* @brief Class representing an IKEv2-SA Payload.
*
* The SA Payload format is described in RFC section 3.3.
*
* @b Constructors:
* - sa_payload_create()
* - sa_payload_create_from_ike_proposals()
* - sa_payload_create_from_child_proposal()
*
* @ingroup payloads
*/
struct sa_payload_t {
@ -68,9 +73,9 @@ struct sa_payload_t {
* the length of this transform substructure has to be refreshed
* by calling get_length()!
*
* @param this calling sa_payload_t object
* @param[in] forward iterator direction (TRUE: front to end)
* @return created iterator_t object
* @param this calling sa_payload_t object
* @param[in] forward iterator direction (TRUE: front to end)
* @return created iterator_t object
*/
iterator_t *(*create_proposal_substructure_iterator) (sa_payload_t *this, bool forward);
@ -80,13 +85,13 @@ struct sa_payload_t {
* @warning The added proposal_substructure_t object is
* getting destroyed in destroy function of sa_payload_t.
*
* @param this calling sa_payload_t object
* @param proposal proposal_substructure_t object to add
* @param this calling sa_payload_t object
* @param proposal proposal_substructure_t object to add
*/
void (*add_proposal_substructure) (sa_payload_t *this,proposal_substructure_t *proposal);
/**
* Creates an array of ike_proposal_t's in this SA payload.
* @brief Creates an array of ike_proposal_t's in this SA payload.
*
* An IKE proposal consist of transform of type ENCRYPTION_ALGORITHM,
* PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM and DIFFIE_HELLMAN_GROUP
@ -102,7 +107,7 @@ struct sa_payload_t {
status_t (*get_ike_proposals) (sa_payload_t *this, ike_proposal_t **proposals, size_t *proposal_count);
/**
* Creates an array of child_proposal_t's in this SA payload.
* @brief Creates an array of child_proposal_t's in this SA payload.
*
* @param proposals the pointer to the first entry of child_proposal_t's is set
* @param proposal_count the number of found proposals is written at this location
@ -124,7 +129,7 @@ struct sa_payload_t {
/**
* @brief Creates an empty sa_payload_t object
*
* @return created sa_payload_t object
* @return created sa_payload_t object
*
* @ingroup payloads
*/
@ -136,6 +141,7 @@ sa_payload_t *sa_payload_create();
* @return created sa_payload_t object
* @param proposals pointer to first proposal in array of type ike_proposal_t
* @param proposal_count number of ike_proposal_t's in array
* @return sa_payload_t object
*
* @ingroup payloads
*/
@ -150,9 +156,11 @@ sa_payload_t *sa_payload_create_from_ike_proposals(ike_proposal_t *proposals, si
* @return created sa_payload_t object
* @param proposals pointer to first proposal in array of type child_proposal_t
* @param proposal_count number of child_proposal_t's in array
* @return sa_payload_t object
*
* @ingroup payloads
*/
sa_payload_t *sa_payload_create_from_child_proposals(child_proposal_t *proposals, size_t proposal_count);
#endif /*SA_PAYLOAD_H_*/

6
Source/charon/encoding/payloads/traffic_selector_substructure.c
View File

@ -30,9 +30,9 @@
* String mappings for ts_type_t.
*/
mapping_t ts_type_m[] = {
{TS_IPV4_ADDR_RANGE, "TS_IPV4_ADDR_RANGE"},
{TS_IPV6_ADDR_RANGE, "TS_IPV6_ADDR_RANGE"},
{MAPPING_END, NULL}
{TS_IPV4_ADDR_RANGE, "TS_IPV4_ADDR_RANGE"},
{TS_IPV6_ADDR_RANGE, "TS_IPV6_ADDR_RANGE"},
{MAPPING_END, NULL}
};

11
Source/charon/encoding/payloads/traffic_selector_substructure.h
View File

@ -39,12 +39,15 @@
typedef struct traffic_selector_substructure_t traffic_selector_substructure_t;
/**
* Object representing an IKEv2 TRAFFIC SELECTOR.
* @brief Class representing an IKEv2 TRAFFIC SELECTOR.
*
* The TRAFFIC SELECTOR format is described in draft section 3.13.1.
*
* @ingroup payloads
* @b Constructors:
* - traffic_selector_substructure_create()
* - traffic_selector_substructure_create_from_traffic_selector()
*
* @ingroup payloads
*/
struct traffic_selector_substructure_t {
/**
@ -147,7 +150,7 @@ struct traffic_selector_substructure_t {
*
* TS type is set to default TS_IPV4_ADDR_RANGE!
*
* @return created traffic_selector_substructure_t object
* @return traffic_selector_substructure_t object
*
* @ingroup payloads
*/
@ -158,7 +161,7 @@ traffic_selector_substructure_t *traffic_selector_substructure_create();
* the values from a traffic_selector_t.
*
* @param traffic_selector traffic_selector_t to use for initialization
* @return created traffic_selector_substructure_t object
* @return traffic_selector_substructure_t object
*
* @ingroup payloads
*/

4
Source/charon/encoding/payloads/transform_attribute.h
View File

@ -134,7 +134,7 @@ struct transform_attribute_t {
/**
* @brief Creates an empty transform_attribute_t object.
*
* @return created transform_attribute_t object
* @return transform_attribute_t object
*
* @ingroup payloads
*/
@ -144,7 +144,7 @@ transform_attribute_t *transform_attribute_create();
* @brief Creates an transform_attribute_t of type KEY_LENGTH.
*
* @param key_length key length in bytes
* @return created transform_attribute_t object
* @return transform_attribute_t object
*
* @ingroup payloads
*/

2
Source/charon/encoding/payloads/transform_substructure.h
View File

@ -228,10 +228,10 @@ transform_substructure_t *transform_substructure_create();
* PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all
* other transport types the key_length parameter is not used
*
* @return created transform_substructure_t object
* @param transform_type type of transform to create
* @param transform_id transform id specifying the specific algorithm of a transform type
* @param key_length Key length for key lenght attribute
* @return transform_substructure_t object
*
* @ingroup payloads
*/

15
Source/charon/encoding/payloads/ts_payload.h
View File

@ -41,12 +41,15 @@
typedef struct ts_payload_t ts_payload_t;
/**
* Object representing an IKEv2 TS payload.
* @brief Class representing an IKEv2 TS payload.
*
* The TS payload format is described in draft section 3.13.
*
* @ingroup payloads
* @b Constructors:
* - ts_payload_create()
* - ts_payload_create_from_traffic_selectors()
*
* @ingroup payloads
*/
struct ts_payload_t {
/**
@ -61,7 +64,6 @@ struct ts_payload_t {
* @return
* - TRUE if this payload is of type TSi
* - FALSE if this payload is of type TSr
*
*/
bool (*get_initiator) (ts_payload_t *this);
@ -72,7 +74,6 @@ struct ts_payload_t {
* @param is_initiator
* - TRUE if this payload is of type TSi
* - FALSE if this payload is of type TSr
*
*/
void (*set_initiator) (ts_payload_t *this,bool is_initiator);
@ -129,8 +130,7 @@ struct ts_payload_t {
* @param is_initiator
* - TRUE if this payload is of type TSi
* - FALSE if this payload is of type TSr
*
* @return created ts_payload_t object
* @return ts_payload_t object
*
* @ingroup payloads
*/
@ -143,8 +143,7 @@ ts_payload_t *ts_payload_create(bool is_initiator);
* @param is_initiator
* - TRUE if this payload is of type TSi
* - FALSE if this payload is of type TSr
*
* @return created ts_payload_t object
* @return ts_payload_t object
*
* @ingroup payloads
*/

1
Source/charon/encoding/payloads/unknown_payload.c
View File

@ -101,6 +101,7 @@ encoding_rule_t unknown_payload_encodings[] = {
*/
static status_t verify(private_unknown_payload_t *this)
{
/* can't do any checks, so we assume its good */
return SUCCESS;
}

2
Source/charon/encoding/payloads/unknown_payload.h
View File

@ -85,7 +85,7 @@ struct unknown_payload_t {
/**
* @brief Creates an empty unknown_payload_t object.
*
* @return created unknown_payload_t object
* @return unknown_payload_t object
*
* @ingroup payloads
*/

3
Source/charon/encoding/payloads/vendor_id_payload.c
View File

@ -198,7 +198,6 @@ static void destroy(private_vendor_id_payload_t *this)
{
allocator_free_chunk(&(this->vendor_id_data));
}
allocator_free(this);
}
@ -227,7 +226,7 @@ vendor_id_payload_t *vendor_id_payload_create()
/* private variables */
this->critical = FALSE;
this->next_payload = NO_PAYLOAD;
this->payload_length =VENDOR_ID_PAYLOAD_HEADER_LENGTH;
this->payload_length = VENDOR_ID_PAYLOAD_HEADER_LENGTH;
this->vendor_id_data = CHUNK_INITIALIZER;
return (&(this->public));

8
Source/charon/encoding/payloads/vendor_id_payload.h
View File

@ -37,12 +37,14 @@
typedef struct vendor_id_payload_t vendor_id_payload_t;
/**
* Object representing an IKEv2 VENDOR ID payload.
* @brief Class representing an IKEv2 VENDOR ID payload.
*
* The VENDOR ID payload format is described in draft section 3.12.
*
* @ingroup payloads
* @b Constructors:
* - vendor_id_payload_create()
*
* @ingroup payloads
*/
struct vendor_id_payload_t {
/**
@ -91,7 +93,7 @@ struct vendor_id_payload_t {
/**
* @brief Creates an empty vendor_id_payload_t object.
*
* @return created vendor_id_payload_t object
* @return vendor_id_payload_t object
*
* @ingroup payloads
*/

2
Source/charon/sa/states/ike_sa_init_requested.c
View File

@ -465,7 +465,7 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t
status_t process_nonce_payload (private_ike_sa_init_requested_t *this, nonce_payload_t *nonce_payload)
{
allocator_free(this->received_nonce.ptr);
nonce_payload->get_nonce(nonce_payload, &(this->received_nonce));
this->received_nonce = nonce_payload->get_nonce(nonce_payload);
return SUCCESS;
}

2
Source/charon/sa/states/responder_init.c
View File

@ -455,7 +455,7 @@ static status_t build_nonce_payload(private_responder_init_t *this,nonce_payload
this->received_nonce = CHUNK_INITIALIZER;
this->logger->log(this->logger, CONTROL | MOST, "Get NONCE value and store it");
nonce_request->get_nonce(nonce_request, &(this->received_nonce));
this->received_nonce = nonce_request->get_nonce(nonce_request);
this->logger->log(this->logger, CONTROL | MOST, "Create new NONCE value.");

2
Source/charon/testcases/encryption_payload_test.c
View File

@ -118,7 +118,7 @@ void test_encryption_payload(tester_t *tester)
while (iterator->has_next(iterator))
{
iterator->current(iterator, (void**)&nonce_payload);
nonce_payload->get_nonce(nonce_payload, &got_nonce);
got_nonce = nonce_payload->get_nonce(nonce_payload);
}
iterator->destroy(iterator);

2
Source/charon/testcases/parser_test.c
View File

@ -439,7 +439,7 @@ void test_parser_with_nonce_payload(tester_t *tester)
{
return;
}
nonce_payload->get_nonce(nonce_payload, &result);
result = nonce_payload->get_nonce(nonce_payload);
tester->assert_true(tester,(result.len == 16), "parsed nonce lenght");
tester->assert_false(tester,(memcmp(nonce_bytes + 4, result.ptr, result.len)), "parsed nonce data");
nonce_payload->destroy(nonce_payload);