1 /*

     2 * Copyright (c) 2003-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:  IKEv2 IPsec sa data

    15 *

    16 */

    17 

    18 #include "ikev2ipsecsadata.h"

    19 #include "ikedebug.h"

    20 #include "ikev2ipsecsarekeydata.h"

    21 #include "ikecrypto.h"

    22 #include "ikev2const.h"

    23 

    24 TIkeV2IpsecSAData::TIkeV2IpsecSAData(MIkeDebug& aDebug)

    25 :iSPI_In(0), iSPI_Out(0),

    26  iEncrAlg(0), iIntegAlg(0),

    27  iSaType(0), iESN(0),

    28  iCipherKeyLth(0), iIntegKeyLth(0),

    29  iTransport(EFalse), iSrcSpecific(EFalse),

    30  iRekeyData(NULL), iKeyMaterial(NULL),

    31  iNext(NULL), iDebug(aDebug)

    32     {

    33     }

    34 

    35 

    36 void TIkeV2IpsecSAData::Copy(const TIkeV2IpsecSAData& aSrc)

    37     {

    38     Mem::Copy((TUint8*)&iSPI_In, (TUint8*)&aSrc.iSPI_In, sizeof(TIkeV2IpsecSAData));

    39     iNext = NULL;           

    40     }

    41 

    42 /*

    43 void TIkeV2IpsecSAData::StoreKeyMaterial(HBufC8* aKeyMaterial)

    44     {

    45     PurgeKeyMaterial();

    46     iKeyMaterial = aKeyMaterial;

    47     }

    48 */

    49 

    50 void TIkeV2IpsecSAData::PurgeKeyMaterial()

    51     {

    52     if ( iKeyMaterial )

    53         {   

    54         iKeyMaterial->Des().FillZ(); // Wipe out key material data from buffer           

    55         delete iKeyMaterial;

    56         iKeyMaterial = NULL;

    57         }   

    58     }

    59 

    60 

    61 void TIkeV2IpsecSAData::DeleteRekeyData()

    62     {

    63     if ( iRekeyData )

    64         {               

    65         delete iRekeyData;

    66         iRekeyData = NULL;

    67         }   

    68     }

    69 

    70 void TIkeV2IpsecSAData::GenerateIpsecKeysL(const TDesC8& aSKd, 

    71                                            const TDesC8& aGPowIr, 

    72                                            const TDesC8& aNonceI, 

    73                                            const TDesC8& aNonceR,

    74                                            TUint16 aPrfAlg)

    75 {

    76     //

    77     //  Generate Ipsec keying material.

    78     //  Keying material is created as follows:  KEYMAT = prf+(SK_d, Ni | Nr)

    79     //  If PFS used Keying material is: KEYMAT = prf+(SK_d, g^ir (new) | Ni | Nr )

    80     //

    81     HBufC8* s = HBufC8::NewLC(aGPowIr.Length() + aNonceI.Length() + aNonceR.Length());

    82     TPtr8 sPtr = s->Des();

    83     //

    84     //  Append Nonce data into keymaterial work buffer S

    85     //   

    86     sPtr = aGPowIr;

    87     sPtr.Append(aNonceI);

    88     sPtr.Append(aNonceR);

    89     

    90     TInt KeyMatLth = 0;

    91     if ( iEncrAlg )

    92     {   if ( iCipherKeyLth == 0) 

    93            iCipherKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_ENCR, iEncrAlg, NULL);

    94         KeyMatLth = 2*iCipherKeyLth; 

    95     }   

    96     if ( iIntegAlg )

    97     {   

    98         iIntegKeyLth = IkeCrypto::AlgorithmInfo(IKEV2_INTEG, iIntegAlg, NULL);    

    99         KeyMatLth += 2*iIntegKeyLth;

   100     }   

   101     

   102     PurgeKeyMaterial();    

   103     iKeyMaterial = IkeCrypto::GenerateKeyingMaterialL(aSKd, *s, KeyMatLth, aPrfAlg);    

   104     CleanupStack::PopAndDestroy(s);

   105 }

   106 

   107