diff --git a/Source/charon/encoding/generator.c b/Source/charon/encoding/generator.c index 65244a725..56719c995 100644 --- a/Source/charon/encoding/generator.c +++ b/Source/charon/encoding/generator.c @@ -62,10 +62,7 @@ struct private_generator_t { * Public part of a generator_t object. */ generator_t public; - - /* private functions and fields */ - - + /** * Generates a U_INT-Field type and writes it to buffer. * @@ -73,9 +70,9 @@ struct private_generator_t { * @param int_type type of U_INT field (U_INT_4, U_INT_8, etc.) * ATTRIBUTE_TYPE is also generated in this function * @param offset offset of value in data struct - * @param generator_contexts generator_contexts_t object where the context is written or read from + * @param generator_contexts generator_contexts_t object where the context is written or read from * @return - * - SUCCESS + * - SUCCESS * - FAILED if allignment is wrong */ void (*generate_u_int_type) (private_generator_t *this,encoding_type_t int_type,u_int32_t offset); @@ -117,7 +114,7 @@ struct private_generator_t { * it to the buffer. * * @param this private_generator_t object - * @param generator_contexts generator_contexts_t object where the context is written or read from + * @param generator_contexts generator_contexts_t object where the context is written or read from * @param bits number of bits to generate */ void (*generate_reserved_field) (private_generator_t *this,int bits); @@ -126,8 +123,8 @@ struct private_generator_t { * Generates a FLAG field. * * @param this private_generator_t object - * @param generator_contexts generator_contexts_t object where the context is written or read from - * @param offset offset of flag value in data struct + * @param generator_contexts generator_contexts_t object where the context is written or read from + * @param offset offset of flag value in data struct */ void (*generate_flag) (private_generator_t *this,u_int32_t offset); @@ -144,8 +141,8 @@ struct private_generator_t { /** * Generates a bytestream from a chunk_t. * - * @param this private_generator_t object - * @param offset offset of chunk_t value in data struct + * @param this private_generator_t object + * @param offset offset of chunk_t value in data struct */ void (*generate_from_chunk) (private_generator_t *this,u_int32_t offset); @@ -167,7 +164,7 @@ struct private_generator_t { * is increased. * * @param this calling private_generator_t object - * @param bytes pointer to bytes to write + * @param bytes pointer to bytes to write * @param number_of_bytes number of bytes to write into buffer */ void (*write_bytes_to_buffer) (private_generator_t *this,void * bytes,size_t number_of_bytes); @@ -179,9 +176,9 @@ struct private_generator_t { * @warning buffer size is not check to hold the data if offset is to large. * * @param this calling private_generator_t object - * @param bytes pointer to bytes to write + * @param bytes pointer to bytes to write * @param number_of_bytes number of bytes to write into buffer - * @param offset offset to write the data into + * @param offset offset to write the data into */ void (*write_bytes_to_buffer_at_offset) (private_generator_t *this,void * bytes,size_t number_of_bytes,u_int32_t offset); @@ -557,7 +554,6 @@ static void make_space_available (private_generator_t *this, size_t bits) while (((this->get_current_buffer_space(this) * 8) - this->current_bit) < bits) { /* must increase buffer */ - u_int8_t *new_buffer; size_t old_buffer_size = this->get_current_buffer_size(this); size_t new_buffer_size = old_buffer_size + GENERATOR_DATA_BUFFER_INCREASE_VALUE; size_t out_position_offset = ((this->out_position) - (this->buffer)); @@ -566,13 +562,7 @@ static void make_space_available (private_generator_t *this, size_t bits) old_buffer_size, new_buffer_size); /* Reallocate space for new buffer */ - new_buffer = allocator_realloc(this->buffer,new_buffer_size); - if (new_buffer == NULL) - { - this->logger->log(this->logger, ERROR, "reallocation of gen buffer failed!!!"); - } - - this->buffer = new_buffer; + this->buffer = allocator_realloc(this->buffer,new_buffer_size); this->out_position = (this->buffer + out_position_offset); this->roof_position = (this->buffer + new_buffer_size); @@ -620,7 +610,6 @@ static void write_bytes_to_buffer_at_offset (private_generator_t *this,void * by read_position++; write_position++; } - } /** @@ -968,7 +957,6 @@ static void generate_payload (private_generator_t *this,payload_t *payload) else { this->generate_u_int_type(this,U_INT_16,rules[i].offset); -// status = this->write_bytes_to_buffer(this,(this->data_struct + rules[i].offset),2); } break; } @@ -1031,7 +1019,6 @@ static void generate_payload (private_generator_t *this,payload_t *payload) } this->logger->log_bytes(this->logger, RAW|MORE, "generated data for this payload", payload_start, this->out_position-payload_start); - } /** @@ -1048,7 +1035,7 @@ static status_t destroy(private_generator_t *this) /* * Described in header */ -generator_t * generator_create() +generator_t *generator_create() { private_generator_t *this; diff --git a/Source/charon/encoding/generator.h b/Source/charon/encoding/generator.h index b3163e671..717d32b73 100644 --- a/Source/charon/encoding/generator.h +++ b/Source/charon/encoding/generator.h @@ -30,18 +30,34 @@ /** * Generating is done in a data buffer. * This is thehe start size of this buffer in bytes. + * + * @ingroup enconding */ #define GENERATOR_DATA_BUFFER_SIZE 500 /** * Number of bytes to increase the buffer, if it is to small. + * + * @ingroup enconding */ #define GENERATOR_DATA_BUFFER_INCREASE_VALUE 500 + typedef struct generator_t generator_t; /** - * A generator_t class used to generate IKEv2 payloads. + * @brief A generator_t class used to generate IKEv2 payloads. + * + * After creation, multiple payloads can be generated with the generate_payload + * method. The generated bytes are appended. After all payloads are added, + * the write_to_chunk method writes out all generated data since + * the creation of the generator. After that, the generator must be destroyed. + * The generater uses a set of encoding rules, which it can get from + * the supplied payload. With this rules, the generater can generate + * the payload and all substructures automatically. + * + * @b Constructor: + * - generator_create() * * @ingroup encoding */ @@ -58,28 +74,28 @@ struct generator_t { void (*generate_payload) (generator_t *this,payload_t *payload); /** - * Writes all generated data of current generator context to a chunk. + * @brief Writes all generated data of the generator to a chunk. * * @param this generator_t object - * @param[out] data chunk to write the data to + * @param[out] data chunk to write the data to */ void (*write_to_chunk) (generator_t *this,chunk_t *data); /** * @brief Destroys a generator_t object. * - * @param this generator_t object + * @param this generator_t object */ void (*destroy) (generator_t *this); }; /** - * Constructor to create a generator. + * @brief Constructor to create a generator. * - * Returns a new generator_t object. + * @return generator_t object. * * @ingroup encoding */ -generator_t * generator_create(); +generator_t *generator_create(); #endif /*GENERATOR_H_*/ diff --git a/Source/charon/encoding/message.c b/Source/charon/encoding/message.c index 8e4f3dd7f..3c6386a3c 100644 --- a/Source/charon/encoding/message.c +++ b/Source/charon/encoding/message.c @@ -747,7 +747,8 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) ¤t_payload); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "Payload type %s could not be parsed",mapping_find(payload_type_m,current_payload_type)); + this->logger->log(this->logger, ERROR, "Payload type %s could not be parsed", + mapping_find(payload_type_m,current_payload_type)); return status; } @@ -758,7 +759,8 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t status = current_payload->verify(current_payload); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "Payload type %s could not be verified",mapping_find(payload_type_m,current_payload_type)); + this->logger->log(this->logger, ERROR, "Payload type %s verification failed", + mapping_find(payload_type_m,current_payload_type)); current_payload->destroy(current_payload); status = VERIFY_ERROR; return status; @@ -771,7 +773,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t /* an encryption payload is the last one, so STOP here. decryption is done later */ if (current_payload_type == ENCRYPTED) { - this->logger->log(this->logger, CONTROL|MOST, "Payload of type encrypted found. Stop parsing.", + this->logger->log(this->logger, CONTROL|MOST, "Payload of type encrypted found. Stop parsing", mapping_find(payload_type_m, current_payload_type)); break; } @@ -779,13 +781,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t /* get next payload type */ current_payload_type = current_payload->get_next_type(current_payload); } - - this->logger->log(this->logger, CONTROL, "Message a %s %s contains %d payloads", - mapping_find(exchange_type_m, this->exchange_type), - this->is_request ? "request" : "response", - this->payloads->get_count(this->payloads)); - /* */ if (current_payload_type == ENCRYPTED) status = this->decrypt_payloads(this,crypter,signer); if (status != SUCCESS) @@ -799,6 +795,12 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t { this->logger->log(this->logger, ERROR, "Verification of message failed"); } + + this->logger->log(this->logger, CONTROL, "Message a %s %s contains %d payloads", + mapping_find(exchange_type_m, this->exchange_type), + this->is_request ? "request" : "response", + this->payloads->get_count(this->payloads)); + return status; } @@ -836,7 +838,7 @@ static status_t verify(private_message_t *this) unknown_payload_t *unknown_payload = (unknown_payload_t*)current_payload; if (unknown_payload->is_critical(unknown_payload)) { - this->logger->log(this->logger, ERROR, "%s (%d) is not supported, but its critical!", + this->logger->log(this->logger, ERROR|MORE, "%s (%d) is not supported, but its critical!", mapping_find(payload_type_m, current_payload_type), current_payload_type); iterator->destroy(iterator); return NOT_SUPPORTED; @@ -846,13 +848,13 @@ static status_t verify(private_message_t *this) { found_payloads++; total_found_payloads++; - this->logger->log(this->logger, CONTROL | MOST, "Found payload of type %s", + this->logger->log(this->logger, CONTROL|MOST, "Found payload of type %s", mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type)); /* as soon as ohe payload occures more then specified, the verification fails */ if (found_payloads > this->message_rule->payload_rules[i].max_occurence) { - this->logger->log(this->logger, ERROR, "Payload of type %s more than %d times (%d) occured in current message", + this->logger->log(this->logger, ERROR|MORE, "Payload of type %s more than %d times (%d) occured in current message", mapping_find(payload_type_m, current_payload_type), this->message_rule->payload_rules[i].max_occurence, found_payloads); iterator->destroy(iterator); @@ -863,7 +865,7 @@ static status_t verify(private_message_t *this) if (found_payloads < this->message_rule->payload_rules[i].min_occurence) { - this->logger->log(this->logger, ERROR, "Payload of type %s not occured %d times (%d)", + this->logger->log(this->logger, ERROR|MORE, "Payload of type %s not occured %d times (%d)", mapping_find(payload_type_m, this->message_rule->payload_rules[i].payload_type), this->message_rule->payload_rules[i].min_occurence, found_payloads); iterator->destroy(iterator); @@ -906,7 +908,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig /* needed to check */ current_payload_type = current_payload->get_type(current_payload); - this->logger->log(this->logger, CONTROL | MOST, "Process payload of type %s",mapping_find(payload_type_m,current_payload_type)); + this->logger->log(this->logger, CONTROL|MOST, "Process payload of type %s", + mapping_find(payload_type_m,current_payload_type)); if (current_payload_type == ENCRYPTED) { @@ -915,7 +918,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig encryption_payload = (encryption_payload_t*)current_payload; - this->logger->log(this->logger, CONTROL | MORE, "Found an encryption payload"); + this->logger->log(this->logger, CONTROL | MOST, "Found an encryption payload"); if (payload_number != this->payloads->get_count(this->payloads)) { @@ -934,7 +937,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig iterator->destroy(iterator); return status; } - this->logger->log(this->logger, CONTROL | MORE, "Decrypt content of encryption payload"); + this->logger->log(this->logger, CONTROL | MOST, "Decrypt content of encryption payload"); status = encryption_payload->decrypt(encryption_payload); if (status != SUCCESS) { @@ -950,7 +953,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig /* check if there are payloads contained in the encryption payload */ if (encryption_payload->get_payload_count(encryption_payload) == 0) { - this->logger->log(this->logger, CONTROL | MOST, "Encrypted payload is empty"); + this->logger->log(this->logger, CONTROL|MOST, "Encrypted payload is empty"); /* remove the encryption payload, is not needed anymore */ iterator->remove(iterator); /* encrypted payload contains no other payload */ @@ -958,7 +961,6 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig } else { - this->logger->log(this->logger, CONTROL | MOST, "Encrypted payload is not empty"); /* encryption_payload is replaced with first payload contained in encryption_payload */ encryption_payload->remove_first_payload(encryption_payload, ¤t_encrypted_payload); iterator->replace(iterator,NULL,(void *) current_encrypted_payload); @@ -981,7 +983,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig while (encryption_payload->get_payload_count(encryption_payload) > 0) { encryption_payload->remove_first_payload(encryption_payload, ¤t_encrypted_payload); - this->logger->log(this->logger, CONTROL | MORE, "Insert unencrypted payload of type %s at end of list.",mapping_find(payload_type_m,current_encrypted_payload->get_type(current_encrypted_payload))); + this->logger->log(this->logger, CONTROL | MORE, "Insert unencrypted payload of type %s at end of list.", + mapping_find(payload_type_m,current_encrypted_payload->get_type(current_encrypted_payload))); this->payloads->insert_last(this->payloads,current_encrypted_payload); } @@ -1008,7 +1011,7 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig /* payload was not encrypted, but should have been. or vice-versa */ this->logger->log(this->logger, ERROR | MORE, "Payload type %s should be %s!", mapping_find(payload_type_m,current_payload_type), - (payload_rule->encrypted) ? "encrypted": "not encrypted"); + (payload_rule->encrypted) ? "encrypted" : "not encrypted"); iterator->destroy(iterator); return FAILED; } @@ -1057,7 +1060,8 @@ static status_t encrypt_payloads (private_message_t *this,crypter_t *crypter, si bool to_encrypt = FALSE; all_payloads->remove_first(all_payloads,(void **)¤t_payload); - this->logger->log(this->logger, CONTROL | MOST, "Get rule for payload %s", mapping_find(payload_type_m,current_payload->get_type(current_payload))); + this->logger->log(this->logger, CONTROL | ALL, "Get rule for payload %s", + mapping_find(payload_type_m,current_payload->get_type(current_payload))); status = this->get_payload_rule(this,current_payload->get_type(current_payload),&payload_rule); /* for payload types which are not found in supported payload list, it is presumed diff --git a/Source/charon/encoding/message.h b/Source/charon/encoding/message.h index a10f10aea..ef4491c80 100644 --- a/Source/charon/encoding/message.h +++ b/Source/charon/encoding/message.h @@ -335,7 +335,7 @@ struct message_t { * Call message_t.parse_header afterwards. * * @param packet packet_t object which is assigned to message - * @return created message_t object + * @return message_t object * * @ingroup encoding */ @@ -349,7 +349,7 @@ message_t * message_create_from_packet(packet_t *packet); * - original_initiator is set to TRUE * - is_request is set to TRUE * - * @return created message_t object + * @return message_t object * * @ingroup encoding */ @@ -358,7 +358,7 @@ message_t * message_create(); /** * @brief Creates an message_t object of type reply containing a notify payload. * - * @return created message_t object + * @return message_t object * * @ingroup encoding */ diff --git a/Source/charon/encoding/parser.c b/Source/charon/encoding/parser.c index a6aefa968..06a7cade7 100644 --- a/Source/charon/encoding/parser.c +++ b/Source/charon/encoding/parser.c @@ -1044,7 +1044,6 @@ parser_t *parser_create(chunk_t data) this->public.get_remaining_byte_count = (int (*) (parser_t *))get_remaining_byte_count; this->public.destroy = (void(*)(parser_t*)) destroy; - this->parse_uint4 = parse_uint4; this->parse_uint8 = parse_uint8; this->parse_uint15 = parse_uint15; diff --git a/Source/charon/encoding/parser.h b/Source/charon/encoding/parser.h index 8a902e912..216fac9b7 100644 --- a/Source/charon/encoding/parser.h +++ b/Source/charon/encoding/parser.h @@ -31,12 +31,15 @@ typedef struct parser_t parser_t; /** - * A parser_t class to parse IKEv2 payloads. + * @brief A parser_t class to parse IKEv2 payloads. * * A parser is used for parsing one chunk of data. Multiple * payloads can be parsed out of the chunk using parse_payload. * The parser remains the state until destroyed. * + * @b Constructors: + * - parser_create() + * * @ingroup encoding */ struct parser_t { @@ -53,7 +56,6 @@ struct parser_t { * @param[out] payload pointer where parsed payload was allocated * @return * - SUCCESSFUL if succeeded, - * - NOT_SUPPORTED if payload_type is not supported * - PARSE_ERROR if corrupted/invalid data found */ status_t (*parse_payload) (parser_t *this, payload_type_t payload_type, payload_t **payload); @@ -84,7 +86,7 @@ struct parser_t { * @brief Constructor to create a parser_t object. * * @param data chunk of data to parse with this parser_t object - * @return the parser_t object + * @return parser_t object * * @ingroup encoding */ diff --git a/Source/charon/encoding/payloads/auth_payload.c b/Source/charon/encoding/payloads/auth_payload.c index e9dad81b4..23fad75f9 100644 --- a/Source/charon/encoding/payloads/auth_payload.c +++ b/Source/charon/encoding/payloads/auth_payload.c @@ -29,10 +29,10 @@ * String mappings for auth_method_t. */ mapping_t auth_method_m[] = { -{RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"}, -{SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"}, -{DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"}, -{MAPPING_END, NULL} + {RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"}, + {SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"}, + {DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"}, + {MAPPING_END, NULL} }; @@ -43,6 +43,7 @@ typedef struct private_auth_payload_t private_auth_payload_t; * */ struct private_auth_payload_t { + /** * Public auth_payload_t interface. */ diff --git a/Source/charon/encoding/payloads/auth_payload.h b/Source/charon/encoding/payloads/auth_payload.h index 2613288fe..3c02b2845 100644 --- a/Source/charon/encoding/payloads/auth_payload.h +++ b/Source/charon/encoding/payloads/auth_payload.h @@ -61,20 +61,28 @@ enum auth_method_t { DSS_DIGITAL_SIGNATURE = 3, }; +/** + * string mappings for auth method. + * + * @ingroup payloads + */ extern mapping_t auth_method_m[]; typedef struct auth_payload_t auth_payload_t; /** - * Object representing an IKEv2 AUTH payload. + * @brief Object representing an IKEv2 AUTH payload. * * The AUTH payload format is described in draft section 3.8. * - * @ingroup payloads + * @b Constructors: + * - auth_payload_create() * + * @ingroup payloads */ struct auth_payload_t { + /** * The payload_t interface. */ @@ -82,10 +90,9 @@ struct auth_payload_t { /** * @brief Set the AUTH method. - * * * @param this calling auth_payload_t object - * @param method Method of AUTH + * @param method auth_method_t to use */ void (*set_auth_method) (auth_payload_t *this, auth_method_t method); @@ -93,7 +100,7 @@ struct auth_payload_t { * @brief Get the AUTH method. * * @param this calling auth_payload_t object - * @return Method of the AUTH + * @return auth_method_t used */ auth_method_t (*get_auth_method) (auth_payload_t *this); @@ -110,7 +117,7 @@ struct auth_payload_t { /** * @brief Get the AUTH data. * - * Returned data are a copy of the internal one + * Returned data are a copy of the internal one. * * @param this calling auth_payload_t object * @return AUTH data as chunk_t @@ -130,7 +137,7 @@ struct auth_payload_t { /** * @brief Destroys an auth_payload_t object. * - * @param this auth_payload_t object to destroy + * @param this auth_payload_t object to destroy */ void (*destroy) (auth_payload_t *this); }; @@ -138,7 +145,7 @@ struct auth_payload_t { /** * @brief Creates an empty auth_payload_t object. * - * @return created auth_payload_t object + * @return auth_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/cert_payload.c b/Source/charon/encoding/payloads/cert_payload.c index c3053959f..10256cf8e 100644 --- a/Source/charon/encoding/payloads/cert_payload.c +++ b/Source/charon/encoding/payloads/cert_payload.c @@ -29,19 +29,19 @@ * String mappings for cert_encoding_t. */ mapping_t cert_encoding_m[] = { -{PKCS7_WRAPPED_X509_CERTIFICATE, "PKCS7_WRAPPED_X509_CERTIFICATE"}, -{PGP_CERTIFICATE, "PGP_CERTIFICATE"}, -{DNS_SIGNED_KEY, "DNS_SIGNED_KEY"}, -{X509_CERTIFICATE_SIGNATURE, "X509_CERTIFICATE_SIGNATURE"}, -{KERBEROS_TOKEN, "KERBEROS_TOKEN"}, -{CERTIFICATE_REVOCATION_LIST, "CERTIFICATE_REVOCATION_LIST"}, -{AUTHORITY_REVOCATION_LIST, "AUTHORITY_REVOCATION_LIST"}, -{SPKI_CERTIFICATE, "SPKI_CERTIFICATE"}, -{X509_CERTIFICATE_ATTRIBUTE, "X509_CERTIFICATE_ATTRIBUTE"}, -{RAW_SA_KEY, "RAW_SA_KEY"}, -{HASH_AND_URL_X509_CERTIFICATE, "HASH_AND_URL_X509_CERTIFICATE"}, -{HASH_AND_URL_X509_BUNDLE, "HASH_AND_URL_X509_BUNDLE"}, -{MAPPING_END, NULL} + {PKCS7_WRAPPED_X509_CERTIFICATE, "PKCS7_WRAPPED_X509_CERTIFICATE"}, + {PGP_CERTIFICATE, "PGP_CERTIFICATE"}, + {DNS_SIGNED_KEY, "DNS_SIGNED_KEY"}, + {X509_CERTIFICATE_SIGNATURE, "X509_CERTIFICATE_SIGNATURE"}, + {KERBEROS_TOKEN, "KERBEROS_TOKEN"}, + {CERTIFICATE_REVOCATION_LIST, "CERTIFICATE_REVOCATION_LIST"}, + {AUTHORITY_REVOCATION_LIST, "AUTHORITY_REVOCATION_LIST"}, + {SPKI_CERTIFICATE, "SPKI_CERTIFICATE"}, + {X509_CERTIFICATE_ATTRIBUTE, "X509_CERTIFICATE_ATTRIBUTE"}, + {RAW_SA_KEY, "RAW_SA_KEY"}, + {HASH_AND_URL_X509_CERTIFICATE, "HASH_AND_URL_X509_CERTIFICATE"}, + {HASH_AND_URL_X509_BUNDLE, "HASH_AND_URL_X509_BUNDLE"}, + {MAPPING_END, NULL} }; diff --git a/Source/charon/encoding/payloads/cert_payload.h b/Source/charon/encoding/payloads/cert_payload.h index b3191e307..8cbdf469c 100644 --- a/Source/charon/encoding/payloads/cert_payload.h +++ b/Source/charon/encoding/payloads/cert_payload.h @@ -37,7 +37,7 @@ typedef enum cert_encoding_t cert_encoding_t; /** - * Cert Encoding. + * @brief Certificate encoding, as described in IKEv2 draft section 3.6 * * @ingroup payloads */ @@ -56,6 +56,11 @@ enum cert_encoding_t { HASH_AND_URL_X509_BUNDLE = 13 }; +/** + * string mappings for cert_encoding_t. + * + * @ingroup payloads + */ extern mapping_t cert_encoding_m[]; @@ -65,11 +70,17 @@ typedef struct cert_payload_t cert_payload_t; * Object representing an IKEv2 CERT payload. * * The CERT payload format is described in draft section 3.6. + * This is just a dummy implementation to fullfill the standards + * requirements. A full implementation would offer setters/getters + * for the different encoding types. + * + * @b Constructors: + * - cert_payload_create() * * @ingroup payloads - * */ struct cert_payload_t { + /** * The payload_t interface. */ @@ -77,7 +88,6 @@ struct cert_payload_t { /** * @brief Set the CERT encoding. - * * * @param this calling cert_payload_t object * @param encoding CERT encoding @@ -125,7 +135,7 @@ struct cert_payload_t { /** * @brief Destroys an cert_payload_t object. * - * @param this cert_payload_t object to destroy + * @param this cert_payload_t object to destroy */ void (*destroy) (cert_payload_t *this); }; @@ -133,7 +143,7 @@ struct cert_payload_t { /** * @brief Creates an empty cert_payload_t object. * - * @return created cert_payload_t object + * @return cert_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/certreq_payload.h b/Source/charon/encoding/payloads/certreq_payload.h index 4fbf80305..4be395922 100644 --- a/Source/charon/encoding/payloads/certreq_payload.h +++ b/Source/charon/encoding/payloads/certreq_payload.h @@ -38,12 +38,17 @@ typedef struct certreq_payload_t certreq_payload_t; /** - * Object representing an IKEv2 CERTREQ payload. + * @brief Class representing an IKEv2 CERTREQ payload. * * The CERTREQ payload format is described in draft section 3.7. + * This is just a dummy implementation to fullfill the standards + * requirements. A full implementation would offer setters/getters + * for the different encoding types. + * + * @b Constructors: + * - certreq_payload_create() * * @ingroup payloads - * */ struct certreq_payload_t { /** @@ -53,7 +58,6 @@ struct certreq_payload_t { /** * @brief Set the CERT encoding. - * * * @param this calling certreq_payload_t object * @param encoding CERT encoding @@ -109,7 +113,7 @@ struct certreq_payload_t { /** * @brief Creates an empty certreq_payload_t object. * - * @return created certreq_payload_t object + * @return certreq_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/configuration_attribute.h b/Source/charon/encoding/payloads/configuration_attribute.h index 9d503c95f..ad7d39a61 100644 --- a/Source/charon/encoding/payloads/configuration_attribute.h +++ b/Source/charon/encoding/payloads/configuration_attribute.h @@ -70,10 +70,13 @@ extern mapping_t configuration_attribute_type_m[]; typedef struct configuration_attribute_t configuration_attribute_t; /** - * Object representing an IKEv2- CONFIGURATION Attribute. + * @brief Class representing an IKEv2-CONFIGURATION Attribute. * * The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1. * + * @b Constructors: + * - configuration_attribute_create() + * * @ingroup payloads */ struct configuration_attribute_t { diff --git a/Source/charon/encoding/payloads/cp_payload.c b/Source/charon/encoding/payloads/cp_payload.c index 1bd6764a1..cca06d1b1 100644 --- a/Source/charon/encoding/payloads/cp_payload.c +++ b/Source/charon/encoding/payloads/cp_payload.c @@ -34,11 +34,11 @@ * String mappings for config_type_t. */ mapping_t config_type_m[] = { -{CFG_REQUEST, "CFG_REQUEST"}, -{CFG_REPLY, "CFG_REPLY"}, -{CFG_SET, "CFG_SET"}, -{CFG_ACK, "CFG_ACK"}, -{MAPPING_END, NULL} + {CFG_REQUEST, "CFG_REQUEST"}, + {CFG_REPLY, "CFG_REPLY"}, + {CFG_SET, "CFG_SET"}, + {CFG_ACK, "CFG_ACK"}, + {MAPPING_END, NULL} }; diff --git a/Source/charon/encoding/payloads/cp_payload.h b/Source/charon/encoding/payloads/cp_payload.h index da7476840..be5f52408 100644 --- a/Source/charon/encoding/payloads/cp_payload.h +++ b/Source/charon/encoding/payloads/cp_payload.h @@ -51,16 +51,24 @@ enum config_type_t { CFG_ACK = 4, }; +/** + * string mappings for config_type_t. + * + * @ingroup payloads + */ extern mapping_t config_type_m[]; typedef struct cp_payload_t cp_payload_t; /** - * Class representing an IKEv2-CP Payload. + * @brief Class representing an IKEv2-CP Payload. * * The CP Payload format is described in RFC section 3.15. * + * @b Constructors: + * - cp_payload_create() + * * @ingroup payloads */ struct cp_payload_t { @@ -90,19 +98,31 @@ struct cp_payload_t { * @warning The added configuration_attribute_t object is * getting destroyed in destroy function of cp_payload_t. * - * @param this calling cp_payload_t object - * @param attribute configuration_attribute_t object to add + * @param this calling cp_payload_t object + * @param attribute configuration_attribute_t object to add */ void (*add_configuration_attribute) (cp_payload_t *this, configuration_attribute_t *attribute); + /** + * @brief Set the config type. + * + * @param this calling cp_payload_t object + * @param config_type config_type_t to set + */ void (*set_config_type) (cp_payload_t *this,config_type_t config_type); + /** + * @brief Get the config type. + * + * @param this calling cp_payload_t object + * @return config_type_t + */ config_type_t (*get_config_type) (cp_payload_t *this); /** * @brief Destroys an cp_payload_t object. * - * @param this cp_payload_t object to destroy + * @param this cp_payload_t object to destroy */ void (*destroy) (cp_payload_t *this); }; @@ -110,7 +130,7 @@ struct cp_payload_t { /** * @brief Creates an empty cp_payload_t object * - * @return created cp_payload_t object + * @return cp_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/delete_payload.h b/Source/charon/encoding/payloads/delete_payload.h index dae90aac3..801c10444 100644 --- a/Source/charon/encoding/payloads/delete_payload.h +++ b/Source/charon/encoding/payloads/delete_payload.h @@ -39,12 +39,14 @@ typedef struct delete_payload_t delete_payload_t; /** - * Object representing an IKEv2 DELETE payload. + * @brief Class representing an IKEv2 DELETE payload. * * The DELETE payload format is described in draft section 3.11. * - * @ingroup payloads + * @b Constructors: + * - delete_payload_create() * + * @ingroup payloads */ struct delete_payload_t { /** @@ -54,7 +56,6 @@ struct delete_payload_t { /** * @brief Set the protocol ID. - * * * @param this calling delete_payload_t object * @param protocol_id protocol ID @@ -82,13 +83,12 @@ struct delete_payload_t { * @brief Get the SPI size. * * @param this calling delete_payload_t object - * @return SPI size + * @return SPI size */ u_int8_t (*get_spi_size) (delete_payload_t *this); /** * @brief Set the SPI count. - * * * @param this calling delete_payload_t object * @param spi_count SPI count @@ -144,7 +144,7 @@ struct delete_payload_t { /** * @brief Creates an empty delete_payload_t object. * - * @return created delete_payload_t object + * @return delete_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/eap_payload.h b/Source/charon/encoding/payloads/eap_payload.h index b7b466769..e0e54b125 100644 --- a/Source/charon/encoding/payloads/eap_payload.h +++ b/Source/charon/encoding/payloads/eap_payload.h @@ -37,12 +37,14 @@ typedef struct eap_payload_t eap_payload_t; /** - * Object representing an IKEv2 EAP payload. + * @brief Class representing an IKEv2 EAP payload. * * The EAP payload format is described in draft section 3.16. * - * @ingroup payloads + * @b Constructors: + * - eap_payload_create() * + * @ingroup payloads */ struct eap_payload_t { /** @@ -91,7 +93,7 @@ struct eap_payload_t { /** * @brief Creates an empty eap_payload_t object. * - * @return created eap_payload_t object + * @return eap_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/encodings.c b/Source/charon/encoding/payloads/encodings.c index 45332456e..da39467a9 100644 --- a/Source/charon/encoding/payloads/encodings.c +++ b/Source/charon/encoding/payloads/encodings.c @@ -1,7 +1,7 @@ /** * @file encodings.c * - * @brief Encoding types of fields in a IKEv2 payload. + * @brief String mappings of encoding_type_t. * */ diff --git a/Source/charon/encoding/payloads/encodings.h b/Source/charon/encoding/payloads/encodings.h index 4f36799c7..e30e1c215 100644 --- a/Source/charon/encoding/payloads/encodings.h +++ b/Source/charon/encoding/payloads/encodings.h @@ -1,7 +1,7 @@ /** * @file encodings.h * - * @brief Encoding types of fields in a IKEv2 payload. + * @brief Definition of encoding_type_t. * */ @@ -43,7 +43,8 @@ typedef enum encoding_type_t encoding_type_t; * * @ingroup payloads */ -enum encoding_type_t{ +enum encoding_type_t { + /** * Representing a 4 Bit unsigned int value. * @@ -57,6 +58,7 @@ enum encoding_type_t{ * The current read pointer is moved 4 bit forward afterwards. */ U_INT_4, + /** * Representing a 8 Bit unsigned int value. * @@ -70,6 +72,7 @@ enum encoding_type_t{ * The current read pointer is moved 8 bit forward afterwards. */ U_INT_8, + /** * Representing a 16 Bit unsigned int value. * @@ -83,6 +86,7 @@ enum encoding_type_t{ * The current read pointer is moved 16 bit forward afterwards. */ U_INT_16, + /** * Representing a 32 Bit unsigned int value. * @@ -94,8 +98,8 @@ enum encoding_type_t{ * The value is written to the associated data struct. * The current read pointer is moved 32 bit forward afterwards. */ - U_INT_32, + /** * Representing a 64 Bit unsigned int value. * @@ -108,6 +112,7 @@ enum encoding_type_t{ * The current read pointer is moved 64 bit forward afterwards. */ U_INT_64, + /** * @brief represents a RESERVED_BIT used in FLAG-Bytes. * @@ -121,6 +126,7 @@ enum encoding_type_t{ * The current read pointer is moved 1 bit forward afterwards. */ RESERVED_BIT, + /** * @brief represents a RESERVED_BYTE. * @@ -134,6 +140,7 @@ enum encoding_type_t{ * The current read pointer is moved 1 byte forward afterwards. */ RESERVED_BYTE, + /** * Representing a 1 Bit flag. * @@ -146,6 +153,7 @@ enum encoding_type_t{ * is moved 1 bit forward afterwards */ FLAG, + /** * Representating a length field of a payload. * @@ -158,6 +166,7 @@ enum encoding_type_t{ * The current read pointer is moved 16 bit forward afterwards. */ PAYLOAD_LENGTH, + /** * Representating a length field of a header. * @@ -170,6 +179,7 @@ enum encoding_type_t{ * The current read pointer is moved 32 bit forward afterwards. */ HEADER_LENGTH, + /** * Representating a spi size field. * @@ -182,6 +192,7 @@ enum encoding_type_t{ * The current read pointer is moved 8 bit forward afterwards. */ SPI_SIZE, + /** * Representating a spi field. * @@ -191,6 +202,7 @@ enum encoding_type_t{ * When parsing SPI_SIZE bytes are read and written into the chunk pointing to. */ SPI, + /** * Representating a Key Exchange Data field. * @@ -200,6 +212,7 @@ enum encoding_type_t{ * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ KEY_EXCHANGE_DATA, + /** * Representating a Notification field. * @@ -209,6 +222,7 @@ enum encoding_type_t{ * When parsing (Payload Length - spi size - 8) bytes are read and written into the chunk pointing to. */ NOTIFICATION_DATA, + /** * Representating one or more proposal substructures. * @@ -221,6 +235,7 @@ enum encoding_type_t{ * to be stored in the pointed linked_list. */ PROPOSALS, + /** * Representating one or more transform substructures. * @@ -233,6 +248,7 @@ enum encoding_type_t{ * to be stored in the pointed linked_list. */ TRANSFORMS, + /** * Representating one or more Attributes of a transform substructure. * @@ -464,8 +480,7 @@ enum encoding_type_t{ * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ UNKNOWN_DATA, - - + /** * Representating an IKE_SPI field in an IKEv2 Header. * @@ -480,14 +495,16 @@ enum encoding_type_t{ * Representing the encrypted data body of a encryption payload. */ ENCRYPTED_DATA, - }; /** * mappings to map encoding_type_t's to strings + * + * @ingroup payloads */ extern mapping_t encoding_type_m[]; + typedef struct encoding_rule_t encoding_rule_t; /** @@ -502,6 +519,7 @@ typedef struct encoding_rule_t encoding_rule_t; * @ingroup payloads */ struct encoding_rule_t { + /** * Encoding type. */ diff --git a/Source/charon/encoding/payloads/encryption_payload.c b/Source/charon/encoding/payloads/encryption_payload.c index 9f16a66d0..7e5fb18ba 100644 --- a/Source/charon/encoding/payloads/encryption_payload.c +++ b/Source/charon/encoding/payloads/encryption_payload.c @@ -46,6 +46,7 @@ typedef struct private_encryption_payload_t private_encryption_payload_t; * */ struct private_encryption_payload_t { + /** * Public encryption_payload_t interface. */ @@ -314,7 +315,7 @@ static status_t encrypt(private_encryption_payload_t *this) allocator_free(to_crypt.ptr); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "encryption failed"); + this->logger->log(this->logger, ERROR|MORE, "encryption failed"); allocator_free(iv.ptr); return status; } @@ -365,7 +366,7 @@ static status_t decrypt(private_encryption_payload_t *this) */ if (concatenated.len < iv.len) { - this->logger->log(this->logger, ERROR, "could not decrypt, invalid input"); + this->logger->log(this->logger, ERROR|MORE, "could not decrypt, invalid input"); return FAILED; } @@ -375,7 +376,7 @@ static status_t decrypt(private_encryption_payload_t *this) status = this->crypter->decrypt(this->crypter, concatenated, iv, &(this->decrypted)); if (status != SUCCESS) { - this->logger->log(this->logger, ERROR, "could not decrypt, decryption failed"); + this->logger->log(this->logger, ERROR|MORE, "could not decrypt, decryption failed"); return FAILED; } @@ -388,7 +389,7 @@ static status_t decrypt(private_encryption_payload_t *this) /* check size again */ if (padding_length > concatenated.len || this->decrypted.len < 0) { - this->logger->log(this->logger, ERROR, "decryption failed, invalid padding length found. Invalid key ?"); + this->logger->log(this->logger, ERROR|MORE, "decryption failed, invalid padding length found. Invalid key?"); /* decryption failed :-/ */ return FAILED; } @@ -491,7 +492,7 @@ static void generate(private_encryption_payload_t *this) else { /* no paylads? */ - this->logger->log(this->logger, CONTROL|MOST, "generating contained payloads, but no available"); + this->logger->log(this->logger, CONTROL|MORE, "generating contained payloads, but no available"); allocator_free(this->decrypted.ptr); this->decrypted = CHUNK_INITIALIZER; iterator->destroy(iterator); @@ -519,7 +520,7 @@ static void generate(private_encryption_payload_t *this) generator->write_to_chunk(generator, &(this->decrypted)); generator->destroy(generator); - this->logger->log(this->logger, CONTROL|MOST, "successfully generated content in encrpytion payload"); + this->logger->log(this->logger, CONTROL|MORE, "successfully generated content in encrpytion payload"); } /** @@ -558,8 +559,7 @@ static status_t parse(private_encryption_payload_t *this) status = current_payload->verify(current_payload); if (status != SUCCESS) { - - this->logger->log(this->logger, ERROR, "%s verification failed: %s", + this->logger->log(this->logger, ERROR|MORE, "%s verification failed: %s", mapping_find(payload_type_m,current_payload->get_type(current_payload)), mapping_find(status_m, status)); current_payload->destroy(current_payload); @@ -573,7 +573,7 @@ static status_t parse(private_encryption_payload_t *this) this->payloads->insert_last(this->payloads,current_payload); } parser->destroy(parser); - this->logger->log(this->logger, CONTROL|MOST, "succesfully parsed content of encryption payload"); + this->logger->log(this->logger, CONTROL|MORE, "succesfully parsed content of encryption payload"); return SUCCESS; } @@ -678,5 +678,3 @@ encryption_payload_t *encryption_payload_create() return (&(this->public)); } - - diff --git a/Source/charon/encoding/payloads/encryption_payload.h b/Source/charon/encoding/payloads/encryption_payload.h index ce278cfee..a54663417 100644 --- a/Source/charon/encoding/payloads/encryption_payload.h +++ b/Source/charon/encoding/payloads/encryption_payload.h @@ -30,6 +30,8 @@ /** * Encrpytion payload length in bytes without IV and following data. + * + * @ingroup payloads */ #define ENCRYPTION_PAYLOAD_HEADER_LENGTH 4 @@ -39,6 +41,19 @@ typedef struct encryption_payload_t encryption_payload_t; /** * @brief The encryption payload as described in RFC section 3.14. * + * Before any crypt/decrypt/sign/verify operation can occur, + * the transforms must be set. After that, a parsed encryption payload + * can be decrypted, which also will parse the contained payloads. + * Encryption is done the same way, added payloads will get generated + * and then encrypted. + * For signature building, there is the FULL packet needed. Meaning it + * must be builded after generation of all payloads and the encryption + * of the encryption payload. + * Signature verificatin is done before decryption. + * + * @b Constructors: + * - encryption_payload_create() + * * @ingroup payloads */ struct encryption_payload_t { @@ -91,7 +106,8 @@ struct encryption_payload_t { * To decryption, encryption, signature building and verifying, * the payload needs a crypter and a signer object. * - * @warning Do NOT call this function twice! + * @warning Do NOT call this function again after encryption, since + * the signer must be the same while encrypting and signature building! * * @param this calling encryption_payload_t * @param crypter crypter_t to use for data de-/encryption @@ -162,7 +178,7 @@ struct encryption_payload_t { /** * @brief Destroys an encryption_payload_t object. * - * @param this encryption_payload_t object to destroy + * @param this encryption_payload_t object to destroy */ void (*destroy) (encryption_payload_t *this); }; @@ -170,11 +186,11 @@ struct encryption_payload_t { /** * @brief Creates an empty encryption_payload_t object. * - * @return created encryption_payload_t object + * @returnencryption_payload_t object * * @ingroup payloads */ - encryption_payload_t *encryption_payload_create(); + #endif /*ENCRYPTION_PAYLOAD_H_*/ diff --git a/Source/charon/encoding/payloads/id_payload.c b/Source/charon/encoding/payloads/id_payload.c index 9560d4f87..c720c7119 100644 --- a/Source/charon/encoding/payloads/id_payload.c +++ b/Source/charon/encoding/payloads/id_payload.c @@ -257,7 +257,7 @@ static void set_initiator (private_id_payload_t *this,bool is_initiator) /** * Implementation of id_payload_t.get_identification. */ -static identification_t * get_identification (private_id_payload_t *this) +static identification_t *get_identification (private_id_payload_t *this) { return identification_create_from_encoding(this->id_type,this->id_data); } @@ -271,7 +271,6 @@ static void destroy(private_id_payload_t *this) { allocator_free_chunk(&(this->id_data)); } - allocator_free(this); } diff --git a/Source/charon/encoding/payloads/id_payload.h b/Source/charon/encoding/payloads/id_payload.h index c3951135b..137f0ea33 100644 --- a/Source/charon/encoding/payloads/id_payload.h +++ b/Source/charon/encoding/payloads/id_payload.h @@ -43,8 +43,11 @@ typedef struct id_payload_t id_payload_t; * * The ID payload format is described in draft section 3.5. * - * @ingroup payloads + * @b Constructors: + * - id_payload_create_from_identification() + * - id_payload_create() * + * @ingroup payloads */ struct id_payload_t { /** @@ -54,7 +57,6 @@ struct id_payload_t { /** * @brief Set the ID type. - * * * @param this calling id_payload_t object * @param type Type of ID @@ -105,9 +107,7 @@ struct id_payload_t { * Returned object has to get destroyed by the caller. * * @param this calling id_payload_t object - * @return - * - identification_t object - * - NULL if ID type not supported + * @return identification_t object */ identification_t *(*get_identification) (id_payload_t *this); @@ -148,7 +148,7 @@ struct id_payload_t { * - TRUE if this payload is of type IDi * - FALSE if this payload is of type IDr * - * @return created id_payload_t object + * @return id_payload_t object * * @ingroup payloads */ @@ -161,7 +161,7 @@ id_payload_t *id_payload_create(bool is_initiator); * - TRUE if this payload is of type IDi * - FALSE if this payload is of type IDr * @param identification identification_t object - * @return created id_payload_t object + * @return id_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/ike_header.h b/Source/charon/encoding/payloads/ike_header.h index c7f388092..ec55f0e18 100644 --- a/Source/charon/encoding/payloads/ike_header.h +++ b/Source/charon/encoding/payloads/ike_header.h @@ -66,7 +66,7 @@ typedef enum exchange_type_t exchange_type_t; enum exchange_type_t{ /** - * EXCHANGE_TYPE_UNDEFINED, not a official message type :-). + * EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type. */ EXCHANGE_TYPE_UNDEFINED = 240, @@ -91,19 +91,27 @@ enum exchange_type_t{ INFORMATIONAL = 37 }; +/** + * string mappings for exchange_type_t + * + * @ingroup payloads + */ extern mapping_t exchange_type_m[]; + typedef struct ike_header_t ike_header_t; /** - * An object of this type represents an IKEv2 header and is used to + * @brief An object of this type represents an IKEv2 header and is used to * generate and parse IKEv2 headers. * - * * The header format of an IKEv2-Message is compatible to the * ISAKMP-Header format to allow implementations supporting * both versions of the IKE-protocol. * + * @b Constructors: + * - ike_header_create() + * * @ingroup payloads */ struct ike_header_t { @@ -236,7 +244,7 @@ struct ike_header_t { /** * @brief Destroys a ike_header_t object. * - * @param this ike_header_t object to destroy + * @param this ike_header_t object to destroy */ void (*destroy) (ike_header_t *this); }; @@ -244,7 +252,7 @@ struct ike_header_t { /** * @brief Create an ike_header_t object * - * @return created ike_header_t object + * @return ike_header_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/ke_payload.c b/Source/charon/encoding/payloads/ke_payload.c index da1b28f11..f1ba922ca 100644 --- a/Source/charon/encoding/payloads/ke_payload.c +++ b/Source/charon/encoding/payloads/ke_payload.c @@ -56,7 +56,6 @@ struct private_ke_payload_t { */ u_int16_t payload_length; - /** * DH Group Number. */ @@ -274,7 +273,7 @@ ke_payload_t *ke_payload_create() this->compute_length = compute_length; /* set default values of the fields */ - this->critical = KE_PAYLOAD_CRITICAL_FLAG; + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = KE_PAYLOAD_HEADER_LENGTH; this->key_exchange_data.ptr = NULL; diff --git a/Source/charon/encoding/payloads/ke_payload.h b/Source/charon/encoding/payloads/ke_payload.h index ae153048c..982d29754 100644 --- a/Source/charon/encoding/payloads/ke_payload.h +++ b/Source/charon/encoding/payloads/ke_payload.h @@ -27,14 +27,6 @@ #include #include #include - -/** - * Critical flag must not be set. - * - * @ingroup payloads - */ -#define KE_PAYLOAD_CRITICAL_FLAG FALSE; - /** * KE payload length in bytes without any key exchange data. * @@ -46,10 +38,13 @@ typedef struct ke_payload_t ke_payload_t; /** - * Object representing an IKEv2-KE Payload. + * @brief Class representing an IKEv2-KE Payload. * * The KE Payload format is described in RFC section 3.4. * + * @b Constructors: + * - ke_payload_create() + * * @ingroup payloads */ struct ke_payload_t { @@ -105,7 +100,7 @@ struct ke_payload_t { /** * @brief Creates an empty ke_payload_t object * - * @return created ke_payload_t object + * @return ke_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/nonce_payload.c b/Source/charon/encoding/payloads/nonce_payload.c index 5070e1987..63f1adddd 100644 --- a/Source/charon/encoding/payloads/nonce_payload.c +++ b/Source/charon/encoding/payloads/nonce_payload.c @@ -130,24 +130,21 @@ static status_t verify(private_nonce_payload_t *this) */ static status_t set_nonce(private_nonce_payload_t *this, chunk_t nonce) { - if (nonce.len >= 16 && nonce.len <= 256) - { - - this->nonce.ptr = allocator_clone_bytes(nonce.ptr, nonce.len); - this->nonce.len = nonce.len; - this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + nonce.len; - return SUCCESS; - } - return INVALID_ARG; + this->nonce.ptr = allocator_clone_bytes(nonce.ptr, nonce.len); + this->nonce.len = nonce.len; + this->payload_length = NONCE_PAYLOAD_HEADER_LENGTH + nonce.len; + return SUCCESS; } /** * Implementation of nonce_payload_t.get_nonce. */ -static void get_nonce(private_nonce_payload_t *this, chunk_t *nonce) +static chunk_t get_nonce(private_nonce_payload_t *this) { - nonce->ptr = allocator_clone_bytes(this->nonce.ptr,this->nonce.len); - nonce->len = this->nonce.len; + chunk_t nonce; + nonce.ptr = allocator_clone_bytes(this->nonce.ptr,this->nonce.len); + nonce.len = this->nonce.len; + return nonce; } /** @@ -231,8 +228,8 @@ nonce_payload_t *nonce_payload_create() /* public functions */ this->public.destroy = (void (*) (nonce_payload_t *)) destroy; - this->public.set_nonce = (status_t (*) (nonce_payload_t *,chunk_t)) set_nonce; - this->public.get_nonce = (void (*) (nonce_payload_t *,chunk_t*)) get_nonce; + this->public.set_nonce = (void (*) (nonce_payload_t *,chunk_t)) set_nonce; + this->public.get_nonce = (chunk_t (*) (nonce_payload_t *)) get_nonce; /* private functions */ this->compute_length = compute_length; diff --git a/Source/charon/encoding/payloads/nonce_payload.h b/Source/charon/encoding/payloads/nonce_payload.h index 95c78cfd0..0ddc14186 100644 --- a/Source/charon/encoding/payloads/nonce_payload.h +++ b/Source/charon/encoding/payloads/nonce_payload.h @@ -40,8 +40,10 @@ typedef struct nonce_payload_t nonce_payload_t; * * The Nonce payload format is described in draft section 3.3. * - * @ingroup payloads + * @b Constructors: + * - nonce_payload_create() * + * @ingroup payloads */ struct nonce_payload_t { /** @@ -51,24 +53,19 @@ struct nonce_payload_t { /** * @brief Set the nonce value. - * - * The nonce must have length between 16 and 256 bytes. * * @param this calling nonce_payload_t object * @param nonce chunk containing the nonce, will be cloned - * @return - * - SUCCESS or - * - INVALID_ARG, if nonce has an invalid size */ - status_t (*set_nonce) (nonce_payload_t *this, chunk_t nonce); + void (*set_nonce) (nonce_payload_t *this, chunk_t nonce); /** * @brief Get the nonce value. * * @param this calling nonce_payload_t object - * @param[out] nonce chunk where nonce data is located (cloned) + * @return a chunk containing the cloned nonce */ - void (*get_nonce) (nonce_payload_t *this, chunk_t *nonce); + chunk_t (*get_nonce) (nonce_payload_t *this); /** * @brief Destroys an nonce_payload_t object. @@ -81,7 +78,7 @@ struct nonce_payload_t { /** * @brief Creates an empty nonce_payload_t object * - * @return created nonce_payload_t object + * @return nonce_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/notify_payload.c b/Source/charon/encoding/payloads/notify_payload.c index e085703b0..36a9930dc 100644 --- a/Source/charon/encoding/payloads/notify_payload.c +++ b/Source/charon/encoding/payloads/notify_payload.c @@ -47,11 +47,8 @@ mapping_t notify_message_type_m[] = { {FAILED_CP_REQUIRED, "FAILED_CP_REQUIRED"}, {TS_UACCEPTABLE, "TS_UACCEPTABLE"}, {INVALID_SELECTORS, "INVALID_SELECTORS"}, - - /* status messages */ {INITIAL_CONTACT, "INITIAL_CONTACT"}, {SET_WINDOW_SIZE, "SET_WINDOW_SIZE"}, - {MAPPING_END, NULL} }; diff --git a/Source/charon/encoding/payloads/notify_payload.h b/Source/charon/encoding/payloads/notify_payload.h index ada346af8..9ece46151 100644 --- a/Source/charon/encoding/payloads/notify_payload.h +++ b/Source/charon/encoding/payloads/notify_payload.h @@ -49,7 +49,7 @@ typedef enum notify_message_type_t notify_message_type_t; /** * @brief Notify message types. * - * Ssee IKEv2 draft 3.10.1. + * See IKEv2 draft 3.10.1. * * @ingroup payloads */ @@ -76,18 +76,22 @@ enum notify_message_type_t { /** * String mappings for notify_message_type_t. + * + * @ingroup payloads */ extern mapping_t notify_message_type_m[]; - typedef struct notify_payload_t notify_payload_t; /** - * Object representing an IKEv2-Notify Payload. + * @brief Class representing an IKEv2-Notify Payload. * * The Notify Payload format is described in Draft section 3.10. - * + * + * @b Constructors: + * - notify_payload_create() + * - notify_payload_create_from_protocol_and_type() * * @ingroup payloads */ @@ -191,7 +195,7 @@ notify_payload_t *notify_payload_create(); * * @param protocol_id protocol id (IKE, AH or ESP) * @param notify_message_type notify type (see notify_message_type_t) - * @return created notify_payload_t object + * @return notify_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/payload.h b/Source/charon/encoding/payloads/payload.h index a3300656b..fc3457832 100644 --- a/Source/charon/encoding/payloads/payload.h +++ b/Source/charon/encoding/payloads/payload.h @@ -3,7 +3,6 @@ * * @brief Interface payload_t. * - * */ /* @@ -273,7 +272,7 @@ struct payload_t { * an unknwon_paylod is created with the chunk of data in it. * * @param type type of the payload to create - * @return created payload + * @return payload_t object */ payload_t *payload_create(payload_type_t type); diff --git a/Source/charon/encoding/payloads/proposal_substructure.c b/Source/charon/encoding/payloads/proposal_substructure.c index 43ebb433e..7ca81e3ef 100644 --- a/Source/charon/encoding/payloads/proposal_substructure.c +++ b/Source/charon/encoding/payloads/proposal_substructure.c @@ -31,6 +31,12 @@ #include #include + +/** + * IKEv1 Value for a proposal payload. + */ +#define PROPOSAL_TYPE_VALUE 2 + /** * String mappings for protocol_id_t. */ diff --git a/Source/charon/encoding/payloads/proposal_substructure.h b/Source/charon/encoding/payloads/proposal_substructure.h index 736987fc8..d7b9c7bd4 100644 --- a/Source/charon/encoding/payloads/proposal_substructure.h +++ b/Source/charon/encoding/payloads/proposal_substructure.h @@ -28,16 +28,9 @@ #include #include -/** - * IKEv1 Value for a proposal payload. - * - * @ingroup payloads - */ -#define PROPOSAL_TYPE_VALUE 2 /** - * Length of the proposal substructure header - * (without spi). + * Length of the proposal substructure header (without spi). * * @ingroup payloads */ @@ -60,6 +53,8 @@ enum protocol_id_t { /** * String mappings for protocol_id_t. + * + * @ingroup payloads */ extern mapping_t protocol_id_m[]; @@ -70,6 +65,9 @@ typedef struct proposal_substructure_t proposal_substructure_t; * * The PROPOSAL SUBSTRUCTURE format is described in RFC section 3.3.1. * + * @b Constructors: + * - proposal_substructure_create() + * * @ingroup payloads */ struct proposal_substructure_t { @@ -214,12 +212,11 @@ struct proposal_substructure_t { /** * @brief Creates an empty proposal_substructure_t object * - * @return created proposal_substructure_t object + * @return proposal_substructure_t object * * @ingroup payloads */ proposal_substructure_t *proposal_substructure_create(); - #endif /*PROPOSAL_SUBSTRUCTURE_H_*/ diff --git a/Source/charon/encoding/payloads/sa_payload.h b/Source/charon/encoding/payloads/sa_payload.h index fff214255..1dbb5a83a 100644 --- a/Source/charon/encoding/payloads/sa_payload.h +++ b/Source/charon/encoding/payloads/sa_payload.h @@ -47,10 +47,15 @@ typedef struct sa_payload_t sa_payload_t; /** - * Class representing an IKEv2-SA Payload. + * @brief Class representing an IKEv2-SA Payload. * * The SA Payload format is described in RFC section 3.3. * + * @b Constructors: + * - sa_payload_create() + * - sa_payload_create_from_ike_proposals() + * - sa_payload_create_from_child_proposal() + * * @ingroup payloads */ struct sa_payload_t { @@ -68,9 +73,9 @@ struct sa_payload_t { * the length of this transform substructure has to be refreshed * by calling get_length()! * - * @param this calling sa_payload_t object - * @param[in] forward iterator direction (TRUE: front to end) - * @return created iterator_t object + * @param this calling sa_payload_t object + * @param[in] forward iterator direction (TRUE: front to end) + * @return created iterator_t object */ iterator_t *(*create_proposal_substructure_iterator) (sa_payload_t *this, bool forward); @@ -80,13 +85,13 @@ struct sa_payload_t { * @warning The added proposal_substructure_t object is * getting destroyed in destroy function of sa_payload_t. * - * @param this calling sa_payload_t object - * @param proposal proposal_substructure_t object to add + * @param this calling sa_payload_t object + * @param proposal proposal_substructure_t object to add */ void (*add_proposal_substructure) (sa_payload_t *this,proposal_substructure_t *proposal); /** - * Creates an array of ike_proposal_t's in this SA payload. + * @brief Creates an array of ike_proposal_t's in this SA payload. * * An IKE proposal consist of transform of type ENCRYPTION_ALGORITHM, * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM and DIFFIE_HELLMAN_GROUP @@ -102,7 +107,7 @@ struct sa_payload_t { status_t (*get_ike_proposals) (sa_payload_t *this, ike_proposal_t **proposals, size_t *proposal_count); /** - * Creates an array of child_proposal_t's in this SA payload. + * @brief Creates an array of child_proposal_t's in this SA payload. * * @param proposals the pointer to the first entry of child_proposal_t's is set * @param proposal_count the number of found proposals is written at this location @@ -124,7 +129,7 @@ struct sa_payload_t { /** * @brief Creates an empty sa_payload_t object * - * @return created sa_payload_t object + * @return created sa_payload_t object * * @ingroup payloads */ @@ -136,6 +141,7 @@ sa_payload_t *sa_payload_create(); * @return created sa_payload_t object * @param proposals pointer to first proposal in array of type ike_proposal_t * @param proposal_count number of ike_proposal_t's in array + * @return sa_payload_t object * * @ingroup payloads */ @@ -150,9 +156,11 @@ sa_payload_t *sa_payload_create_from_ike_proposals(ike_proposal_t *proposals, si * @return created sa_payload_t object * @param proposals pointer to first proposal in array of type child_proposal_t * @param proposal_count number of child_proposal_t's in array + * @return sa_payload_t object * * @ingroup payloads */ sa_payload_t *sa_payload_create_from_child_proposals(child_proposal_t *proposals, size_t proposal_count); + #endif /*SA_PAYLOAD_H_*/ diff --git a/Source/charon/encoding/payloads/traffic_selector_substructure.c b/Source/charon/encoding/payloads/traffic_selector_substructure.c index e012b8f3c..874b87e43 100644 --- a/Source/charon/encoding/payloads/traffic_selector_substructure.c +++ b/Source/charon/encoding/payloads/traffic_selector_substructure.c @@ -30,9 +30,9 @@ * String mappings for ts_type_t. */ mapping_t ts_type_m[] = { -{TS_IPV4_ADDR_RANGE, "TS_IPV4_ADDR_RANGE"}, -{TS_IPV6_ADDR_RANGE, "TS_IPV6_ADDR_RANGE"}, -{MAPPING_END, NULL} + {TS_IPV4_ADDR_RANGE, "TS_IPV4_ADDR_RANGE"}, + {TS_IPV6_ADDR_RANGE, "TS_IPV6_ADDR_RANGE"}, + {MAPPING_END, NULL} }; diff --git a/Source/charon/encoding/payloads/traffic_selector_substructure.h b/Source/charon/encoding/payloads/traffic_selector_substructure.h index 0c95cb95b..35ef0181a 100644 --- a/Source/charon/encoding/payloads/traffic_selector_substructure.h +++ b/Source/charon/encoding/payloads/traffic_selector_substructure.h @@ -39,12 +39,15 @@ typedef struct traffic_selector_substructure_t traffic_selector_substructure_t; /** - * Object representing an IKEv2 TRAFFIC SELECTOR. + * @brief Class representing an IKEv2 TRAFFIC SELECTOR. * * The TRAFFIC SELECTOR format is described in draft section 3.13.1. * - * @ingroup payloads + * @b Constructors: + * - traffic_selector_substructure_create() + * - traffic_selector_substructure_create_from_traffic_selector() * + * @ingroup payloads */ struct traffic_selector_substructure_t { /** @@ -147,7 +150,7 @@ struct traffic_selector_substructure_t { * * TS type is set to default TS_IPV4_ADDR_RANGE! * - * @return created traffic_selector_substructure_t object + * @return traffic_selector_substructure_t object * * @ingroup payloads */ @@ -158,7 +161,7 @@ traffic_selector_substructure_t *traffic_selector_substructure_create(); * the values from a traffic_selector_t. * * @param traffic_selector traffic_selector_t to use for initialization - * @return created traffic_selector_substructure_t object + * @return traffic_selector_substructure_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/transform_attribute.h b/Source/charon/encoding/payloads/transform_attribute.h index 5820932e2..1bcc02db2 100644 --- a/Source/charon/encoding/payloads/transform_attribute.h +++ b/Source/charon/encoding/payloads/transform_attribute.h @@ -134,7 +134,7 @@ struct transform_attribute_t { /** * @brief Creates an empty transform_attribute_t object. * - * @return created transform_attribute_t object + * @return transform_attribute_t object * * @ingroup payloads */ @@ -144,7 +144,7 @@ transform_attribute_t *transform_attribute_create(); * @brief Creates an transform_attribute_t of type KEY_LENGTH. * * @param key_length key length in bytes - * @return created transform_attribute_t object + * @return transform_attribute_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/transform_substructure.h b/Source/charon/encoding/payloads/transform_substructure.h index b108f6312..4efb42f3f 100644 --- a/Source/charon/encoding/payloads/transform_substructure.h +++ b/Source/charon/encoding/payloads/transform_substructure.h @@ -228,10 +228,10 @@ transform_substructure_t *transform_substructure_create(); * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all * other transport types the key_length parameter is not used * - * @return created transform_substructure_t object * @param transform_type type of transform to create * @param transform_id transform id specifying the specific algorithm of a transform type * @param key_length Key length for key lenght attribute + * @return transform_substructure_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/ts_payload.h b/Source/charon/encoding/payloads/ts_payload.h index 158196a6c..1b18d3646 100644 --- a/Source/charon/encoding/payloads/ts_payload.h +++ b/Source/charon/encoding/payloads/ts_payload.h @@ -41,12 +41,15 @@ typedef struct ts_payload_t ts_payload_t; /** - * Object representing an IKEv2 TS payload. + * @brief Class representing an IKEv2 TS payload. * * The TS payload format is described in draft section 3.13. * - * @ingroup payloads + * @b Constructors: + * - ts_payload_create() + * - ts_payload_create_from_traffic_selectors() * + * @ingroup payloads */ struct ts_payload_t { /** @@ -61,7 +64,6 @@ struct ts_payload_t { * @return * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr - * */ bool (*get_initiator) (ts_payload_t *this); @@ -72,7 +74,6 @@ struct ts_payload_t { * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr - * */ void (*set_initiator) (ts_payload_t *this,bool is_initiator); @@ -129,8 +130,7 @@ struct ts_payload_t { * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr - * - * @return created ts_payload_t object + * @return ts_payload_t object * * @ingroup payloads */ @@ -143,8 +143,7 @@ ts_payload_t *ts_payload_create(bool is_initiator); * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr - * - * @return created ts_payload_t object + * @return ts_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/unknown_payload.c b/Source/charon/encoding/payloads/unknown_payload.c index c162edc30..5d6d2cbdb 100644 --- a/Source/charon/encoding/payloads/unknown_payload.c +++ b/Source/charon/encoding/payloads/unknown_payload.c @@ -101,6 +101,7 @@ encoding_rule_t unknown_payload_encodings[] = { */ static status_t verify(private_unknown_payload_t *this) { + /* can't do any checks, so we assume its good */ return SUCCESS; } diff --git a/Source/charon/encoding/payloads/unknown_payload.h b/Source/charon/encoding/payloads/unknown_payload.h index 2558ce719..d2faf8ac5 100644 --- a/Source/charon/encoding/payloads/unknown_payload.h +++ b/Source/charon/encoding/payloads/unknown_payload.h @@ -85,7 +85,7 @@ struct unknown_payload_t { /** * @brief Creates an empty unknown_payload_t object. * - * @return created unknown_payload_t object + * @return unknown_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/encoding/payloads/vendor_id_payload.c b/Source/charon/encoding/payloads/vendor_id_payload.c index df1ba7ed1..b598f604b 100644 --- a/Source/charon/encoding/payloads/vendor_id_payload.c +++ b/Source/charon/encoding/payloads/vendor_id_payload.c @@ -198,7 +198,6 @@ static void destroy(private_vendor_id_payload_t *this) { allocator_free_chunk(&(this->vendor_id_data)); } - allocator_free(this); } @@ -227,7 +226,7 @@ vendor_id_payload_t *vendor_id_payload_create() /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; - this->payload_length =VENDOR_ID_PAYLOAD_HEADER_LENGTH; + this->payload_length = VENDOR_ID_PAYLOAD_HEADER_LENGTH; this->vendor_id_data = CHUNK_INITIALIZER; return (&(this->public)); diff --git a/Source/charon/encoding/payloads/vendor_id_payload.h b/Source/charon/encoding/payloads/vendor_id_payload.h index b17092864..4b047ac14 100644 --- a/Source/charon/encoding/payloads/vendor_id_payload.h +++ b/Source/charon/encoding/payloads/vendor_id_payload.h @@ -37,12 +37,14 @@ typedef struct vendor_id_payload_t vendor_id_payload_t; /** - * Object representing an IKEv2 VENDOR ID payload. + * @brief Class representing an IKEv2 VENDOR ID payload. * * The VENDOR ID payload format is described in draft section 3.12. * - * @ingroup payloads + * @b Constructors: + * - vendor_id_payload_create() * + * @ingroup payloads */ struct vendor_id_payload_t { /** @@ -91,7 +93,7 @@ struct vendor_id_payload_t { /** * @brief Creates an empty vendor_id_payload_t object. * - * @return created vendor_id_payload_t object + * @return vendor_id_payload_t object * * @ingroup payloads */ diff --git a/Source/charon/sa/states/ike_sa_init_requested.c b/Source/charon/sa/states/ike_sa_init_requested.c index 9652dbb6e..b4b0ce530 100644 --- a/Source/charon/sa/states/ike_sa_init_requested.c +++ b/Source/charon/sa/states/ike_sa_init_requested.c @@ -465,7 +465,7 @@ static status_t process_message(private_ike_sa_init_requested_t *this, message_t status_t process_nonce_payload (private_ike_sa_init_requested_t *this, nonce_payload_t *nonce_payload) { allocator_free(this->received_nonce.ptr); - nonce_payload->get_nonce(nonce_payload, &(this->received_nonce)); + this->received_nonce = nonce_payload->get_nonce(nonce_payload); return SUCCESS; } diff --git a/Source/charon/sa/states/responder_init.c b/Source/charon/sa/states/responder_init.c index 5832d69fd..e4792d6b5 100644 --- a/Source/charon/sa/states/responder_init.c +++ b/Source/charon/sa/states/responder_init.c @@ -455,7 +455,7 @@ static status_t build_nonce_payload(private_responder_init_t *this,nonce_payload this->received_nonce = CHUNK_INITIALIZER; this->logger->log(this->logger, CONTROL | MOST, "Get NONCE value and store it"); - nonce_request->get_nonce(nonce_request, &(this->received_nonce)); + this->received_nonce = nonce_request->get_nonce(nonce_request); this->logger->log(this->logger, CONTROL | MOST, "Create new NONCE value."); diff --git a/Source/charon/testcases/encryption_payload_test.c b/Source/charon/testcases/encryption_payload_test.c index c824fe446..2150161d3 100644 --- a/Source/charon/testcases/encryption_payload_test.c +++ b/Source/charon/testcases/encryption_payload_test.c @@ -118,7 +118,7 @@ void test_encryption_payload(tester_t *tester) while (iterator->has_next(iterator)) { iterator->current(iterator, (void**)&nonce_payload); - nonce_payload->get_nonce(nonce_payload, &got_nonce); + got_nonce = nonce_payload->get_nonce(nonce_payload); } iterator->destroy(iterator); diff --git a/Source/charon/testcases/parser_test.c b/Source/charon/testcases/parser_test.c index e122a5d43..791c6f9ec 100644 --- a/Source/charon/testcases/parser_test.c +++ b/Source/charon/testcases/parser_test.c @@ -439,7 +439,7 @@ void test_parser_with_nonce_payload(tester_t *tester) { return; } - nonce_payload->get_nonce(nonce_payload, &result); + result = nonce_payload->get_nonce(nonce_payload); tester->assert_true(tester,(result.len == 16), "parsed nonce lenght"); tester->assert_false(tester,(memcmp(nonce_bytes + 4, result.ptr, result.len)), "parsed nonce data"); nonce_payload->destroy(nonce_payload);