|
1 /* |
|
2 * Copyright (c) 2006-2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #include "natfwunsafmessageintegrityattribute.h" |
|
22 #include "natfwunsafmessage.h" |
|
23 #include "natfwunsaflog.h" |
|
24 |
|
25 // ----------------------------------------------------------------------------- |
|
26 // CNATFWUNSAFMessageIntegrityAttribute::DecodeL |
|
27 // ----------------------------------------------------------------------------- |
|
28 // |
|
29 CNATFWUNSAFMessageIntegrityAttribute* |
|
30 CNATFWUNSAFMessageIntegrityAttribute::DecodeL(const TDesC8& aValue) |
|
31 { |
|
32 CNATFWUNSAFMessageIntegrityAttribute* self = |
|
33 new (ELeave) CNATFWUNSAFMessageIntegrityAttribute(); |
|
34 CleanupStack::PushL(self); |
|
35 self->DecodeValueL(aValue); |
|
36 CleanupStack::Pop(self); |
|
37 return self; |
|
38 } |
|
39 |
|
40 // ----------------------------------------------------------------------------- |
|
41 // CNATFWUNSAFMessageIntegrityAttribute::NewL |
|
42 // ----------------------------------------------------------------------------- |
|
43 // |
|
44 EXPORT_C CNATFWUNSAFMessageIntegrityAttribute* |
|
45 CNATFWUNSAFMessageIntegrityAttribute::NewL(const TDesC8& aSharedSecret, |
|
46 CBufBase& aNATFWUNSAFMessage, |
|
47 TBool aLongTerm) |
|
48 { |
|
49 CNATFWUNSAFMessageIntegrityAttribute* self = |
|
50 CNATFWUNSAFMessageIntegrityAttribute::NewLC(aSharedSecret, |
|
51 aNATFWUNSAFMessage, aLongTerm); |
|
52 CleanupStack::Pop(self); |
|
53 return self; |
|
54 } |
|
55 |
|
56 // ----------------------------------------------------------------------------- |
|
57 // CNATFWUNSAFMessageIntegrityAttribute::NewLC |
|
58 // ----------------------------------------------------------------------------- |
|
59 // |
|
60 EXPORT_C CNATFWUNSAFMessageIntegrityAttribute* |
|
61 CNATFWUNSAFMessageIntegrityAttribute::NewLC(const TDesC8& aSharedSecret, |
|
62 CBufBase& aNATFWUNSAFMessage, |
|
63 TBool aLongTerm) |
|
64 { |
|
65 CNATFWUNSAFMessageIntegrityAttribute* self = |
|
66 new (ELeave) CNATFWUNSAFMessageIntegrityAttribute(); |
|
67 CleanupStack::PushL(self); |
|
68 self->ConstructL(aSharedSecret,aNATFWUNSAFMessage,aLongTerm); |
|
69 return self; |
|
70 } |
|
71 |
|
72 // ----------------------------------------------------------------------------- |
|
73 // CNATFWUNSAFMessageIntegrityAttribute::DecodeAttributeL |
|
74 // ----------------------------------------------------------------------------- |
|
75 // |
|
76 CNATFWUNSAFAttribute* |
|
77 CNATFWUNSAFMessageIntegrityAttribute::DecodeAttributeL( |
|
78 const TDesC8& aByteStream) |
|
79 { |
|
80 CheckLengthL(aByteStream); |
|
81 |
|
82 return DecodeL(aByteStream.Mid(EValueOffset)); |
|
83 } |
|
84 |
|
85 // ----------------------------------------------------------------------------- |
|
86 // CNATFWUNSAFMessageIntegrityAttribute::CNATFWUNSAFMessageIntegrityAttribute |
|
87 // ----------------------------------------------------------------------------- |
|
88 // |
|
89 CNATFWUNSAFMessageIntegrityAttribute::CNATFWUNSAFMessageIntegrityAttribute() |
|
90 { |
|
91 } |
|
92 |
|
93 // ----------------------------------------------------------------------------- |
|
94 // CNATFWUNSAFMessageIntegrityAttribute::ConstructL |
|
95 // Update message header's length field to include the MESSAGE-INTEGRITY before |
|
96 // computing the HMAC. |
|
97 // ----------------------------------------------------------------------------- |
|
98 // |
|
99 void CNATFWUNSAFMessageIntegrityAttribute::ConstructL( |
|
100 const TDesC8& aSharedSecret, CBufBase& aNATFWUNSAFMessage, TBool aLongTerm) |
|
101 { |
|
102 iLongTerm = aLongTerm; |
|
103 TInt length = CNATFWUNSAFMessage::MessageLength(aNATFWUNSAFMessage.Ptr(0)); |
|
104 CNATFWUNSAFMessage::SetMessageLength(aNATFWUNSAFMessage, |
|
105 length + EValueOffset + SHA1_HASH); |
|
106 iLongTerm ? ComputeLongTermHMACL(aSharedSecret, aNATFWUNSAFMessage, iHash) |
|
107 : ComputeShortTermHMACL(aSharedSecret, aNATFWUNSAFMessage, iHash); |
|
108 |
|
109 } |
|
110 |
|
111 // ----------------------------------------------------------------------------- |
|
112 // CNATFWUNSAFMessageIntegrityAttribute::~CNATFWUNSAFMessageIntegrityAttribute |
|
113 // ----------------------------------------------------------------------------- |
|
114 // |
|
115 CNATFWUNSAFMessageIntegrityAttribute::~CNATFWUNSAFMessageIntegrityAttribute() |
|
116 { |
|
117 } |
|
118 |
|
119 // ----------------------------------------------------------------------------- |
|
120 // CNATFWUNSAFMessageIntegrityAttribute::Type |
|
121 // ----------------------------------------------------------------------------- |
|
122 // |
|
123 CNATFWUNSAFAttribute::TType CNATFWUNSAFMessageIntegrityAttribute::Type() const |
|
124 { |
|
125 return EMessageIntegrity; |
|
126 } |
|
127 |
|
128 // ----------------------------------------------------------------------------- |
|
129 // CNATFWUNSAFMessageIntegrityAttribute::EncodeValueL |
|
130 // ----------------------------------------------------------------------------- |
|
131 // |
|
132 HBufC8* CNATFWUNSAFMessageIntegrityAttribute::EncodeValueL() const |
|
133 { |
|
134 HBufC8* encodedValue = HBufC8::NewL(SHA1_HASH); |
|
135 *encodedValue = iHash; |
|
136 return encodedValue; |
|
137 } |
|
138 |
|
139 // ----------------------------------------------------------------------------- |
|
140 // CNATFWUNSAFMessageIntegrityAttribute::CheckMessageIntegrityL |
|
141 // Exclude MESSAGE-INTEGRITY attribute from HMAC computing. It is located at the |
|
142 // end of the message. |
|
143 // If computed hash doesn't match, retry by excluding a possible FINGERPRINT |
|
144 // attribute. |
|
145 // If computed hash still doesn't match, retry so that the message header's |
|
146 // length field doesn't include the MESSAGE-INTEGRITY. |
|
147 // ----------------------------------------------------------------------------- |
|
148 // |
|
149 EXPORT_C TBool CNATFWUNSAFMessageIntegrityAttribute::CheckMessageIntegrityL( |
|
150 const TDesC8& aNATFWUNSAFMessage, |
|
151 const TDesC8& aSharedSecret) const |
|
152 { |
|
153 const TInt KMessageIntegritySize = EValueOffset + SHA1_HASH; |
|
154 //Check there is enough data |
|
155 __ASSERT_ALWAYS(aNATFWUNSAFMessage.Length() >= KMessageIntegritySize, |
|
156 User::Leave(KErrArgument)); |
|
157 |
|
158 CBufBase* message = CBufFlat::NewL(EInputBlockSize); |
|
159 CleanupStack::PushL(message); |
|
160 |
|
161 message->InsertL(0, |
|
162 aNATFWUNSAFMessage, |
|
163 aNATFWUNSAFMessage.Length() - KMessageIntegritySize); |
|
164 |
|
165 //This buffer is for possible FINGERPRINT removal |
|
166 CBufBase* message2 = CBufFlat::NewL(EInputBlockSize); |
|
167 CleanupStack::PushL(message2); |
|
168 const TInt KFingerprintSize = EValueOffset + 4; |
|
169 message2->InsertL(0, |
|
170 aNATFWUNSAFMessage, |
|
171 aNATFWUNSAFMessage.Length() - KMessageIntegritySize - |
|
172 KFingerprintSize); |
|
173 |
|
174 TSHA1_Hash hash; |
|
175 iLongTerm ? ComputeLongTermHMACL(aSharedSecret, *message, hash) |
|
176 : ComputeShortTermHMACL(aSharedSecret, *message, hash); |
|
177 |
|
178 TBool match = (hash == iHash); |
|
179 NATFWUNSAF_INTLOG("Checking MSG-INT, match", match) |
|
180 |
|
181 if (!match) |
|
182 { |
|
183 // Try excluding a possible FINGERPRINT attribute |
|
184 NATFWUNSAF_LOG("MSG-INT didn't match, try removing FINGERPRINT") |
|
185 |
|
186 //Message length changed since calculating the HMAC, decrease it |
|
187 TInt newLength = aNATFWUNSAFMessage.Length() - |
|
188 CNATFWUNSAFMessage::EHeaderSize - KFingerprintSize; |
|
189 |
|
190 CNATFWUNSAFMessage::SetMessageLength(*message2, newLength); |
|
191 |
|
192 iLongTerm ? ComputeLongTermHMACL(aSharedSecret, *message2, hash) |
|
193 : ComputeShortTermHMACL(aSharedSecret, *message2, hash); |
|
194 |
|
195 match = (hash == iHash); |
|
196 |
|
197 NATFWUNSAF_INTLOG("Checking MSG-INT 2nd try, match", match) |
|
198 } |
|
199 |
|
200 if (!match) |
|
201 { |
|
202 TInt newLength = aNATFWUNSAFMessage.Length() - |
|
203 (KMessageIntegritySize + CNATFWUNSAFMessage::EHeaderSize); |
|
204 NATFWUNSAF_INTLOG("MSG-INT didn't match, try with header length", |
|
205 newLength) |
|
206 CNATFWUNSAFMessage::SetMessageLength(*message, newLength); |
|
207 |
|
208 iLongTerm ? ComputeLongTermHMACL(aSharedSecret, *message, hash) |
|
209 : ComputeShortTermHMACL(aSharedSecret, *message, hash); |
|
210 |
|
211 match = (hash == iHash); |
|
212 NATFWUNSAF_INTLOG("Checking MSG-INT 3rd try, match", match) |
|
213 } |
|
214 CleanupStack::PopAndDestroy(message2); |
|
215 CleanupStack::PopAndDestroy(message); |
|
216 return hash == iHash; |
|
217 } |
|
218 |
|
219 // ----------------------------------------------------------------------------- |
|
220 // CNATFWUNSAFMessageIntegrityAttribute::UseLongTermCredentials |
|
221 // Sets credential lifetime. |
|
222 // ----------------------------------------------------------------------------- |
|
223 // |
|
224 EXPORT_C void CNATFWUNSAFMessageIntegrityAttribute::UseLongTermCredentials( |
|
225 TBool aLongTerm) |
|
226 { |
|
227 iLongTerm = aLongTerm; |
|
228 } |
|
229 |
|
230 // ----------------------------------------------------------------------------- |
|
231 // CNATFWUNSAFMessageIntegrityAttribute::CheckLengthL |
|
232 // This attribute has a fixed length |
|
233 // ----------------------------------------------------------------------------- |
|
234 // |
|
235 void CNATFWUNSAFMessageIntegrityAttribute::CheckLengthL( |
|
236 const TDesC8& aByteStream) |
|
237 { |
|
238 __ASSERT_ALWAYS(ParseLengthL(aByteStream) == SHA1_HASH, |
|
239 User::Leave(KErrCorrupt)); |
|
240 } |
|
241 |
|
242 // ----------------------------------------------------------------------------- |
|
243 // CNATFWUNSAFMessageIntegrityAttribute::DecodeValueL |
|
244 // ----------------------------------------------------------------------------- |
|
245 // |
|
246 void CNATFWUNSAFMessageIntegrityAttribute::DecodeValueL(const TDesC8& aValue) |
|
247 { |
|
248 __ASSERT_ALWAYS(aValue.Length() >= static_cast<TInt>(SHA1_HASH), |
|
249 User::Leave(KErrArgument)); |
|
250 |
|
251 TPtrC8 ptrToHash = aValue.Left(SHA1_HASH); |
|
252 iHash = ptrToHash; |
|
253 } |
|
254 |
|
255 // ----------------------------------------------------------------------------- |
|
256 // CNATFWUNSAFMessageIntegrityAttribute::ComputeShortTermHMACL |
|
257 // Pad the aNATFWUNSAFMessage with zeroes to make its length a multiple of |
|
258 // EInputBlockSize bytes. |
|
259 // ----------------------------------------------------------------------------- |
|
260 // |
|
261 void CNATFWUNSAFMessageIntegrityAttribute::ComputeShortTermHMACL( |
|
262 const TDesC8& aSharedSecret, |
|
263 CBufBase& aNATFWUNSAFMessage, |
|
264 TSHA1_Hash& aHash) const |
|
265 { |
|
266 CSHA1* sha1 = CSHA1::NewL(); |
|
267 CleanupStack::PushL(sha1); |
|
268 CHMAC* hmac = CHMAC::NewL(aSharedSecret, sha1); |
|
269 CleanupStack::Pop(sha1); |
|
270 CleanupStack::PushL(hmac); |
|
271 |
|
272 DoComputeSHA1L(aHash, hmac, aNATFWUNSAFMessage); |
|
273 |
|
274 CleanupStack::PopAndDestroy(hmac); |
|
275 } |
|
276 |
|
277 // ----------------------------------------------------------------------------- |
|
278 // CNATFWUNSAFMessageIntegrityAttribute::ComputeLongTermHMACL |
|
279 // Pad the aNATFWUNSAFMessage with zeroes to make its length a multiple of |
|
280 // EInputBlockSize bytes. |
|
281 // ----------------------------------------------------------------------------- |
|
282 // |
|
283 void CNATFWUNSAFMessageIntegrityAttribute::ComputeLongTermHMACL( |
|
284 const TDesC8& aSharedSecret, |
|
285 CBufBase& aNATFWUNSAFMessage, |
|
286 TSHA1_Hash& aHash) const |
|
287 { |
|
288 CMD5* md5 = CMD5::NewL(); |
|
289 CleanupStack::PushL(md5); |
|
290 CSHA1* sha1 = CSHA1::NewL(); |
|
291 CleanupStack::PushL(sha1); |
|
292 |
|
293 // Pass the 16 byte MD5-hash as key for HMAC |
|
294 CHMAC* hmac = CHMAC::NewL(md5->Hash(aSharedSecret), sha1); |
|
295 CleanupStack::Pop(sha1); |
|
296 CleanupStack::PopAndDestroy(md5); |
|
297 CleanupStack::PushL(hmac); |
|
298 |
|
299 DoComputeSHA1L(aHash, hmac, aNATFWUNSAFMessage); |
|
300 |
|
301 CleanupStack::PopAndDestroy(hmac); |
|
302 } |
|
303 |
|
304 // ----------------------------------------------------------------------------- |
|
305 // CNATFWUNSAFMessageIntegrityAttribute::DoComputeSHA1L |
|
306 // ----------------------------------------------------------------------------- |
|
307 // |
|
308 void CNATFWUNSAFMessageIntegrityAttribute::DoComputeSHA1L(TSHA1_Hash& aHash, |
|
309 CHMAC* aHmac, CBufBase& aNATFWUNSAFMessage) const |
|
310 { |
|
311 __ASSERT_ALWAYS( aHmac, User::Leave( KErrArgument ) ); |
|
312 |
|
313 // Pad msg with zeroes |
|
314 TInt bytesInLastBlock = aNATFWUNSAFMessage.Size() % EInputBlockSize; |
|
315 TInt bytesToAppend = 0; |
|
316 |
|
317 if (bytesInLastBlock > 0) |
|
318 { |
|
319 bytesToAppend = EInputBlockSize - bytesInLastBlock; |
|
320 const TUint8 KZero = 0; |
|
321 for (TInt i = 0; i < bytesToAppend; ++i) |
|
322 { |
|
323 aNATFWUNSAFMessage.InsertL(aNATFWUNSAFMessage.Size(), &KZero, 1); |
|
324 } |
|
325 } |
|
326 |
|
327 TPtrC8 hash = aHmac->Hash(aNATFWUNSAFMessage.Ptr(0)); |
|
328 |
|
329 //Remove appended zeros |
|
330 aNATFWUNSAFMessage.Delete(aNATFWUNSAFMessage.Size() - bytesToAppend, |
|
331 bytesToAppend); |
|
332 |
|
333 //SHA-1 hash is a fixed length |
|
334 __ASSERT_ALWAYS(aHmac->HashSize() == SHA1_HASH, User::Leave(KErrGeneral)); |
|
335 |
|
336 aHash = hash; |
|
337 } |