|
1 /* |
|
2 * Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #ifndef CNATFWUNSAFMESSAGEINTEGRITYATTRIBUTE_H |
|
22 #define CNATFWUNSAFMESSAGEINTEGRITYATTRIBUTE_H |
|
23 |
|
24 // INCLUDES |
|
25 #include <in_sock.h> |
|
26 #include <hash.h> |
|
27 #include "natfwunsafattribute.h" |
|
28 #include "natfwinternaldefs.h" //UNIT_TEST |
|
29 |
|
30 // FORWARD DECLARATIONS |
|
31 |
|
32 // CLASS DECLARATION |
|
33 /** |
|
34 * Class for NATFWUNSAF MESSAGE-INTEGRITY attribute. |
|
35 */ |
|
36 class CNATFWUNSAFMessageIntegrityAttribute : public CNATFWUNSAFAttribute |
|
37 { |
|
38 public: |
|
39 |
|
40 //STUN RFC: size is 20 bytes |
|
41 typedef TBuf8<SHA1_HASH> TSHA1_Hash; |
|
42 |
|
43 public: // Constructors and destructor |
|
44 |
|
45 /** |
|
46 * Constructs a CNATFWUNSAFMessageIntegrityAttribute from |
|
47 * its value part's binary representation |
|
48 * @param aValue a value part of a MESSAGE-INTEGRITY-attribute |
|
49 * @return A new instance of CNATFWUNSAFMessageIntegrityAttribute, |
|
50 * ownership is transferred. |
|
51 */ |
|
52 static CNATFWUNSAFMessageIntegrityAttribute* DecodeL( |
|
53 const TDesC8& aValue); |
|
54 |
|
55 /** |
|
56 * Decodes a UNSAF attribute from a byte stream. |
|
57 * This version is for lookup table. |
|
58 * @param aByteStream Byte stream, containing attribute type, length and |
|
59 * value. |
|
60 * @return Decoded UNSAF attribute, ownership is transferred. |
|
61 */ |
|
62 static CNATFWUNSAFAttribute* DecodeAttributeL( |
|
63 const TDesC8& aByteStream); |
|
64 |
|
65 /** |
|
66 * Creates a new instance of CNATFWUNSAFMessageIntegrityAttribute |
|
67 * @param aSharedSecret Key for computing HMAC |
|
68 * @param aNATFWUNSAFMessage Message to be hashed |
|
69 * @param aLongTerm Flag for using long term shared secret |
|
70 * @return A new instance of CNATFWUNSAFMessageIntegrityAttribute, |
|
71 * ownership is transferred. |
|
72 */ |
|
73 IMPORT_C static CNATFWUNSAFMessageIntegrityAttribute* |
|
74 NewL(const TDesC8& aSharedSecret, |
|
75 CBufBase& aNATFWUNSAFMessage, |
|
76 TBool aLongTerm=EFalse); |
|
77 |
|
78 /** |
|
79 * Creates a new instance of CNATFWUNSAFMessageIntegrityAttribute and |
|
80 * pushes it to the CleanupStack. |
|
81 * @param aSharedSecret Key for computing HMAC |
|
82 * @param aNATFWUNSAFMessage Message to be hashed |
|
83 * @param aLongTerm Flag for using long term shared secret |
|
84 * @return A new instance of CNATFWUNSAFMessageIntegrityAttribute, |
|
85 * ownership is transferred. |
|
86 */ |
|
87 IMPORT_C static CNATFWUNSAFMessageIntegrityAttribute* |
|
88 NewLC(const TDesC8& aSharedSecret, |
|
89 CBufBase& aNATFWUNSAFMessage, |
|
90 TBool aLongTerm=EFalse); |
|
91 |
|
92 /** |
|
93 * Destructor, deletes the resources of |
|
94 * CNATFWUNSAFMessageIntegrityAttribute. |
|
95 */ |
|
96 ~CNATFWUNSAFMessageIntegrityAttribute(); |
|
97 |
|
98 public: // From CNATFWUNSAFAttribute |
|
99 |
|
100 CNATFWUNSAFAttribute::TType Type() const; |
|
101 |
|
102 HBufC8* EncodeValueL() const; |
|
103 |
|
104 public: // New functions |
|
105 |
|
106 /** |
|
107 * Computes a HMAC for aNATFWUNSAFMessage using aSharedSecret as a key, |
|
108 * and compares the result with the value of this |
|
109 * CNATFWUNSAFMessageIntegrityAttribute instance. |
|
110 * @param aNATFWUNSAFMessage UNSAF message as byte stream |
|
111 * @param aSharedSecret Key for computing the HMAC |
|
112 * @return ETrue Message integrity check passes |
|
113 * EFalse Otherwise, HMAC differs |
|
114 */ |
|
115 IMPORT_C TBool CheckMessageIntegrityL(const TDesC8& aNATFWUNSAFMessage, |
|
116 const TDesC8& aSharedSecret) const; |
|
117 |
|
118 /** |
|
119 * Sets either long or short term credentials to use. This has an impact |
|
120 * on how the key for HMAC is calculated. The users of this object |
|
121 * should set this flag on whenever they receive a message containing a |
|
122 * REALM attribute. |
|
123 * @param aLongTerm ETrue if long term credentials are to be used |
|
124 * EFalse if short term credentials are to be used |
|
125 */ |
|
126 IMPORT_C void UseLongTermCredentials(TBool aLongTerm); |
|
127 |
|
128 protected: // New functions |
|
129 |
|
130 /** |
|
131 * Decodes the value part of the attribute and updates iHash |
|
132 * accordingly. |
|
133 * @param aValue value to be decoded |
|
134 */ |
|
135 void DecodeValueL(const TDesC8& aValue); |
|
136 |
|
137 /** |
|
138 * Check the attribute's length field has a valid value. |
|
139 * @param aByteStream Stream containing attribute in binary format, |
|
140 * starting from the type-field. |
|
141 * @leave KErrCorrupt If the length field in aByteStream is invalid |
|
142 */ |
|
143 static void CheckLengthL(const TDesC8& aByteStream); |
|
144 |
|
145 private: // Enumerations |
|
146 |
|
147 enum THashBlock |
|
148 { |
|
149 // The size of the data to be hashed, is a multiple of 64 bytes |
|
150 EInputBlockSize = 64 |
|
151 }; |
|
152 |
|
153 private: // Constructors |
|
154 |
|
155 CNATFWUNSAFMessageIntegrityAttribute(); |
|
156 |
|
157 /** |
|
158 * Second phase constructor. |
|
159 * @param aSharedSecret Key for computing HMAC |
|
160 * @param aNATFWUNSAFMessage Message to be hashed |
|
161 * @param aLongTerm Flag for using long term shared secret |
|
162 */ |
|
163 void ConstructL(const TDesC8& aSharedSecret, |
|
164 CBufBase& aNATFWUNSAFMessage, |
|
165 TBool aLongTerm); |
|
166 |
|
167 private: // New functions, for internal use |
|
168 |
|
169 /** |
|
170 * Compute a SHA1-HMAC hash over aNATFWUNSAFMessage, |
|
171 * using aSharedSecret as a key. |
|
172 * Write the result into aHash. |
|
173 * @param aSharedSecret Key for computing HMAC |
|
174 * @param aNATFWUNSAFMessage Message to be hashed |
|
175 * @param aHash Resulting hash is written here |
|
176 */ |
|
177 void ComputeShortTermHMACL(const TDesC8& aSharedSecret, |
|
178 CBufBase& aNATFWUNSAFMessage, |
|
179 TSHA1_Hash& aHash) const; |
|
180 |
|
181 /** |
|
182 * Compute a SHA1-HMAC hash over aNATFWUNSAFMessage, |
|
183 * using the MD-5 hashed aSharedSecret as a key. |
|
184 * Write the result into aHash. |
|
185 * @param aSharedSecret Key for computing HMAC |
|
186 * @param aNATFWUNSAFMessage Message to be hashed |
|
187 * @param aHash Resulting hash is written here |
|
188 */ |
|
189 void ComputeLongTermHMACL(const TDesC8& aSharedSecret, |
|
190 CBufBase& aNATFWUNSAFMessage, |
|
191 TSHA1_Hash& aHash) const; |
|
192 |
|
193 void DoComputeSHA1L(TSHA1_Hash& aHash, |
|
194 CHMAC* aHmac, |
|
195 CBufBase& aNATFWUNSAFMessage) const; |
|
196 |
|
197 private: // Data |
|
198 |
|
199 TSHA1_Hash iHash; |
|
200 |
|
201 TBool iLongTerm; |
|
202 |
|
203 private: // For testing purposes |
|
204 |
|
205 UNIT_TEST(UT_CNATFWUNSAFMessageIntegrityAttribute) |
|
206 }; |
|
207 |
|
208 #endif // CNATFWUNSAFMESSAGEINTEGRITYATTRIBUTE_H |
|
209 |
|
210 |