|
1 /* |
|
2 * Copyright (c) 1999-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: IKE policy parser main module |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 #include <e32std.h> |
|
21 #include <coeutils.h> |
|
22 #include "ikepolparser.h" |
|
23 |
|
24 // |
|
25 // EXPORTed functions |
|
26 // |
|
27 |
|
28 //--------------------------------------------------------------------------- |
|
29 // |
|
30 // IKE Policy Parsing |
|
31 // |
|
32 //--------------------------------------------------------------------------- |
|
33 |
|
34 // |
|
35 //CIkeData -> contains the ike data |
|
36 // |
|
37 CIkeData::CIkeData() : iIkeVersion(1) |
|
38 { |
|
39 } |
|
40 |
|
41 EXPORT_C CIkeData* CIkeData::NewL() |
|
42 { |
|
43 return new (ELeave) CIkeData(); |
|
44 } |
|
45 |
|
46 EXPORT_C CIkeData* CIkeData::NewL(const CIkeData *aData) |
|
47 { |
|
48 CIkeData* self = new (ELeave) CIkeData(); |
|
49 CleanupStack::PushL(self); |
|
50 self->ConstructL(aData); |
|
51 CleanupStack::Pop(self); |
|
52 return self; |
|
53 } |
|
54 |
|
55 EXPORT_C void CIkeData::ConstructL(const CIkeData *aData) |
|
56 { |
|
57 CopyL(aData); |
|
58 } |
|
59 |
|
60 EXPORT_C CIkeData::~CIkeData() |
|
61 { |
|
62 delete iRemoteIdentity; |
|
63 delete iEAPRealmPrefix; |
|
64 delete iEAPManualRealm; |
|
65 delete iEAPManualUserName; |
|
66 delete iCRACKLAMUserName; |
|
67 delete iCRACKLAMPassword; |
|
68 delete iClientCertType; |
|
69 delete iFQDNAddr; |
|
70 Empty(); |
|
71 } |
|
72 |
|
73 EXPORT_C void CIkeData::CopyL(const CIkeData* aData) |
|
74 { |
|
75 if ( aData == NULL ) |
|
76 { |
|
77 User::Leave( KErrNoMemory ); |
|
78 } |
|
79 |
|
80 Empty(); //Free the previous info |
|
81 iAddr = aData->iAddr; //Peer host address |
|
82 iMask = aData->iMask; //Peer host mask |
|
83 if (aData->iFQDNAddr) |
|
84 iFQDNAddr=TStringData::NewL(aData->iFQDNAddr->GetData()); |
|
85 iMode = aData->iMode; |
|
86 iNotify = aData->iNotify; |
|
87 iFQDN.Copy(aData->iFQDN); |
|
88 iIdType = aData->iIdType; |
|
89 iGroupDesc_II = aData->iGroupDesc_II; |
|
90 iAcceptPartialRemoteId = aData->iAcceptPartialRemoteId; |
|
91 iIkeVersion = aData->iIkeVersion; |
|
92 iCommit = aData->iCommit; |
|
93 iIpsecExpires = aData->iIpsecExpires; |
|
94 iAlwaysSendCert = aData->iAlwaysSendCert; |
|
95 iInitialContact = aData->iInitialContact; //INITIAL-CONTACT sending |
|
96 iResponderLifetime = aData->iResponderLifetime; //RESPONDER_LIFETIME sending |
|
97 iReplayStatus = aData->iReplayStatus; //RESPONDER_LIFETIME sending |
|
98 iCRACKLAMType = aData->iCRACKLAMType; //CRACK LAM type |
|
99 if (aData->iCRACKLAMUserName) |
|
100 iCRACKLAMUserName=TStringData::NewL(aData->iCRACKLAMUserName->GetData()); |
|
101 if (aData->iCRACKLAMPassword) |
|
102 iCRACKLAMPassword=TStringData::NewL(aData->iCRACKLAMPassword->GetData()); |
|
103 iUseInternalAddr = aData->iUseInternalAddr; |
|
104 iUseNatProbing = aData->iUseNatProbing; |
|
105 iEspUdpPort = aData->iEspUdpPort; |
|
106 iNatKeepAlive = aData->iNatKeepAlive; |
|
107 iDscp = aData->iDscp; |
|
108 iDPDHeartBeat = aData->iDPDHeartBeat; |
|
109 iRekeyingThreshold = aData->iRekeyingThreshold; |
|
110 iUseXauth = aData->iUseXauth; |
|
111 iUseCfgMode = aData->iUseCfgMode; |
|
112 iUseMobIke = aData->iUseMobIke; |
|
113 |
|
114 iRemoteIdType = aData->iRemoteIdType; |
|
115 iSkipRemoteIdCheck = aData->iSkipRemoteIdCheck; |
|
116 if ( aData->iRemoteIdentity ) |
|
117 iRemoteIdentity = TStringData::NewL(aData->iRemoteIdentity->GetData()); |
|
118 iEAPProtocol = aData->iEAPProtocol; |
|
119 iEAPHideIdentity = aData->iEAPHideIdentity; |
|
120 if ( aData->iEAPRealmPrefix ) |
|
121 iEAPRealmPrefix = TStringData::NewL( |
|
122 aData->iEAPRealmPrefix->GetData()); |
|
123 if ( aData->iEAPManualRealm ) |
|
124 iEAPManualRealm = TStringData::NewL( |
|
125 aData->iEAPManualRealm->GetData()); |
|
126 if ( aData->iEAPManualUserName ) |
|
127 iEAPManualUserName = TStringData::NewL( |
|
128 aData->iEAPManualUserName->GetData()); |
|
129 if (aData->iClientCertType) |
|
130 iClientCertType = TStringData::NewL(aData->iClientCertType->GetData()); |
|
131 |
|
132 iNumProp = aData->iNumProp; |
|
133 TProposalData* prop = NULL; |
|
134 TProposalData* prev = NULL; |
|
135 TProposalData* tmp_prop = aData->iPropList; |
|
136 for (TInt i=0; i < iNumProp; i++) |
|
137 { |
|
138 prop = new (ELeave) TProposalData; |
|
139 *prop = *tmp_prop; |
|
140 if (prev) |
|
141 prev->iNext = prop; |
|
142 else //first |
|
143 iPropList = prop; |
|
144 |
|
145 prop->iPrev = prev; |
|
146 prev = prop; |
|
147 tmp_prop = tmp_prop->iNext; |
|
148 } |
|
149 if (prop) |
|
150 prop->iNext = NULL; |
|
151 |
|
152 iPresharedKey = aData->iPresharedKey; |
|
153 iCA = aData->iCA; |
|
154 iOwnCert = aData->iOwnCert; |
|
155 iPrivKey = aData->iPrivKey; |
|
156 iPeerCert = aData->iPeerCert; |
|
157 |
|
158 if ( aData->iCAList ) |
|
159 { |
|
160 TInt count( aData->iCAList->Count() ); |
|
161 iCAList = new (ELeave) CArrayFixFlat<TCertInfo*>(count); |
|
162 |
|
163 for ( TInt x(0); x < count; x++ ) |
|
164 { |
|
165 TCertInfo* ca_copy = new (ELeave) TCertInfo; |
|
166 CleanupStack::PushL(ca_copy); |
|
167 *ca_copy = *(aData->iCAList->At(x)); |
|
168 iCAList->AppendL(ca_copy); |
|
169 CleanupStack::Pop(ca_copy); |
|
170 } |
|
171 } |
|
172 } |
|
173 |
|
174 void CIkeData::Empty() |
|
175 { |
|
176 TProposalData* prop = iPropList; |
|
177 TProposalData* next_prop; |
|
178 while (prop) |
|
179 { |
|
180 next_prop = prop->iNext; |
|
181 delete prop; |
|
182 prop = next_prop; |
|
183 } |
|
184 if ( iCAList ) |
|
185 { |
|
186 for (TInt i(0); i<iCAList->Count(); ++i) |
|
187 { |
|
188 delete iCAList->At(i); |
|
189 iCAList->At(i) = NULL; |
|
190 } |
|
191 iCAList->Reset(); |
|
192 delete iCAList; |
|
193 iCAList = NULL; |
|
194 } |
|
195 } |
|
196 |
|
197 |
|
198 // |
|
199 // CIkeDataArray |
|
200 // |
|
201 CIkeDataArray::CIkeDataArray(TInt aGranularity) |
|
202 :CArrayFixFlat<CIkeData*>(aGranularity) |
|
203 { |
|
204 } |
|
205 |
|
206 EXPORT_C CIkeDataArray* CIkeDataArray::NewL(TInt aGranularity) |
|
207 { |
|
208 ASSERT(aGranularity); |
|
209 return new (ELeave) CIkeDataArray(aGranularity); |
|
210 } |
|
211 |
|
212 CIkeDataArray::CIkeDataArray(CIkeDataArray* aData) |
|
213 :CArrayFixFlat<CIkeData*>(aData ? aData->Count() : 0) |
|
214 { |
|
215 } |
|
216 |
|
217 EXPORT_C CIkeDataArray* CIkeDataArray::NewL(CIkeDataArray* aData) |
|
218 { |
|
219 User::LeaveIfNull(aData); |
|
220 ASSERT(aData->Count()); |
|
221 CIkeDataArray* self = new (ELeave) CIkeDataArray(aData); |
|
222 CleanupStack::PushL(self); |
|
223 self->ConstructL(aData); |
|
224 CleanupStack::Pop(self); |
|
225 return self; |
|
226 } |
|
227 |
|
228 EXPORT_C void CIkeDataArray::ConstructL(CIkeDataArray *aData) |
|
229 { |
|
230 CopyL(aData); |
|
231 } |
|
232 |
|
233 EXPORT_C CIkeDataArray::~CIkeDataArray() |
|
234 { |
|
235 Empty(); |
|
236 } |
|
237 |
|
238 //Constructs this from the data in aData |
|
239 EXPORT_C void CIkeDataArray::CopyL(CIkeDataArray* aData) |
|
240 { |
|
241 User::LeaveIfNull(aData); |
|
242 CIkeData* ike_data(NULL); |
|
243 for (TInt i(0); i < aData->Count(); i++) |
|
244 { |
|
245 ike_data = CIkeData::NewL(aData->At(i)); |
|
246 AppendL(ike_data); |
|
247 } |
|
248 iMaxLifetimeKB = aData->iMaxLifetimeKB; |
|
249 iMaxLifetimeSec = aData->iMaxLifetimeSec; |
|
250 iMaxRetrans = aData->iMaxRetrans; |
|
251 iMaxTraceFileSize = aData->iMaxTraceFileSize; |
|
252 } |
|
253 |
|
254 EXPORT_C void CIkeDataArray::Empty() |
|
255 { |
|
256 for (TInt i(0); i < Count(); i++) |
|
257 { |
|
258 delete At(i); |
|
259 } |
|
260 Reset(); |
|
261 } |
|
262 |
|
263 |
|
264 |
|
265 // |
|
266 //TIKEParser -> parses the ike data from a descriptor or writes it to a file |
|
267 // |
|
268 // Symbian change - start |
|
269 #ifdef __VC32__ |
|
270 #pragma warning(disable : 4097) // typedef-name used as synonym for class-name |
|
271 #endif |
|
272 // Symbian change - end |
|
273 EXPORT_C TIkeParser::TIkeParser() : TLex(), iVersion(0) |
|
274 { |
|
275 |
|
276 } |
|
277 |
|
278 EXPORT_C TIkeParser::TIkeParser(const TDesC &aStr, TInt aVersion) : TLex(aStr), iVersion(aVersion) |
|
279 { |
|
280 |
|
281 } |
|
282 |
|
283 //Parses the Main ike file |
|
284 EXPORT_C void TIkeParser::MainParseL(CIkeDataArray *aIkeList) |
|
285 { |
|
286 TPtrC ikeHostSeparator = IKE_HOST_SEPARATOR; |
|
287 DoMainParseL(aIkeList, ikeHostSeparator); |
|
288 } |
|
289 |
|
290 EXPORT_C void TIkeParser::ParseIKESectionsL(CIkeDataArray *aIkeList) |
|
291 { |
|
292 TPtrC ikeSeparator = IKE_SEPARATOR; |
|
293 DoMainParseL(aIkeList, ikeSeparator); |
|
294 } |
|
295 |
|
296 void TIkeParser::DoMainParseL(CIkeDataArray* aIkeList, TPtrC& aSectionName) |
|
297 { |
|
298 ASSERT( aIkeList ); |
|
299 |
|
300 TPtrC token(NULL,0); |
|
301 |
|
302 while (!Eos()) |
|
303 { |
|
304 token.Set(NextToken()); |
|
305 if (token.Compare(aSectionName)==0) |
|
306 { |
|
307 CIkeData* ike_piece = CIkeData::NewL(); |
|
308 CleanupStack::PushL(ike_piece); |
|
309 ParseIkePieceL(ike_piece, SEC_PARSER_VERSION, //Always the latest because is generated by the program itself |
|
310 aSectionName); |
|
311 aIkeList->AppendL(ike_piece); |
|
312 CleanupStack::Pop(ike_piece); |
|
313 } |
|
314 else if (token.Compare(IKE_GENERAL_SEPARATOR)==0) |
|
315 { |
|
316 //Always the latest because is generated by the program itself |
|
317 User::LeaveIfError(ParseGeneralData(aIkeList)); |
|
318 } |
|
319 } |
|
320 } |
|
321 |
|
322 |
|
323 //Only 2 sections of general data (max lifetimes) |
|
324 TInt TIkeParser::ParseGeneralData(CIkeDataArray* aIkeList) |
|
325 { |
|
326 ASSERT(aIkeList); |
|
327 |
|
328 TLex sub_num; //Used for number conversion |
|
329 TInt err = KErrNone; |
|
330 TPtrC token(NULL,0); |
|
331 while (!Eos() && err==KErrNone) |
|
332 { |
|
333 Mark(); |
|
334 token.Set(NextToken()); |
|
335 if (token.CompareF(_L("ISAKMP_SA_MAX_LIFETIME_SEC:")) == 0) //CompareF ignores case |
|
336 { |
|
337 sub_num = NextToken(); |
|
338 if (sub_num.Val(aIkeList->iMaxLifetimeSec,EDecimal)!=KErrNone) |
|
339 err = KSecParserErrMaxLifetimeSec; |
|
340 } |
|
341 else if (token.CompareF(_L("ISAKMP_SA_MAX_LIFETIME_KB:"))==0) //CompareF ignores case |
|
342 { |
|
343 sub_num = NextToken(); |
|
344 if (sub_num.Val(aIkeList->iMaxLifetimeKB,EDecimal)!=KErrNone) |
|
345 err = KSecParserErrMaxLifetimeKB; |
|
346 } |
|
347 else if (token.CompareF(_L("ISAKMP_MAX_RETRANS:"))==0) //CompareF ignores case |
|
348 { |
|
349 sub_num = NextToken(); |
|
350 if (sub_num.Val(aIkeList->iMaxRetrans)!=KErrNone) |
|
351 err = KSecParserErrMaxRetrans; |
|
352 } |
|
353 else if (token.CompareF(_L("TRACE_FILE_SIZE:"))==0) //CompareF ignores case |
|
354 { |
|
355 sub_num = NextToken(); |
|
356 if (sub_num.Val(aIkeList->iMaxTraceFileSize)!=KErrNone) |
|
357 err = KSecParserErrMaxRetrans; |
|
358 } |
|
359 |
|
360 else if (token.Compare(IKE_HOST_SEPARATOR)==0) //END of general section |
|
361 { |
|
362 UnGetToMark(); //Ungets the token |
|
363 return KErrNone; |
|
364 } |
|
365 else if (token.Compare(IKE_GENERAL_SEPARATOR)==0)//END of general section |
|
366 { |
|
367 UnGetToMark(); //Ungets the token |
|
368 return KErrNone; |
|
369 } |
|
370 else if (token.Compare(IKE_SEPARATOR)==0)//END of general section |
|
371 { |
|
372 UnGetToMark(); //Ungets the token |
|
373 return KErrNone; |
|
374 } |
|
375 //others ignored |
|
376 } |
|
377 |
|
378 return err; |
|
379 } |
|
380 |
|
381 void TIkeParser::ParseIkePieceL(CIkeData* aIkeData, TInt aVersion, TPtrC& aSectionName) |
|
382 { |
|
383 TInt pos = Remainder().Find(aSectionName); |
|
384 if (pos != KErrNotFound) |
|
385 { |
|
386 TPtr ike_ptr((TUint16*)Remainder().Ptr(),pos, pos); //Until the next section |
|
387 |
|
388 TIkeParser parser(ike_ptr, aVersion); |
|
389 parser.ParseL(aIkeData); |
|
390 Assign(Remainder().Mid(pos)); //rest of the text to parse |
|
391 } |
|
392 else //No more tags |
|
393 { |
|
394 TIkeParser parser(Remainder(), aVersion); |
|
395 parser.ParseL(aIkeData); |
|
396 Assign(Remainder().Mid(Remainder().Length())); |
|
397 } |
|
398 } |
|
399 |
|
400 EXPORT_C void TIkeParser::ParseL(CIkeData* aConf) |
|
401 { |
|
402 ASSERT(aConf); |
|
403 |
|
404 TInt err = KErrNone; |
|
405 TInt errCA= KErrNone; |
|
406 TPtrC token(NULL,0); |
|
407 TLex sub_num; //Used for number conversion |
|
408 |
|
409 while (!Eos() && err==KErrNone) |
|
410 { |
|
411 //General Data |
|
412 token.Set(NextToken()); |
|
413 if (token.CompareF(_L("ADDR:"))==0) //CompareF ignores case |
|
414 { |
|
415 token.Set(NextToken()); |
|
416 |
|
417 err = aConf->iAddr.Input(token); |
|
418 if (err != KErrNone) |
|
419 { |
|
420 err = KSecParserErrPeerAddr; |
|
421 aConf->iFQDNAddr = TStringData::NewL(token); |
|
422 } |
|
423 if (iVersion >= 2) //Incorporated in version 2 |
|
424 { |
|
425 token.Set(NextToken()); |
|
426 err = aConf->iMask.Input(token); |
|
427 if (err != KErrNone) |
|
428 err = KSecParserErrPeerMask; |
|
429 } |
|
430 } |
|
431 else if (token.CompareF(_L("DNS_SERVER:"))==0) |
|
432 { |
|
433 token.Set(NextToken()); |
|
434 |
|
435 err = aConf->iDnsServer.Input(token); |
|
436 if (err != KErrNone) |
|
437 { |
|
438 err = KSecParserErrUnknown; |
|
439 } |
|
440 } |
|
441 else if (token.CompareF(_L("MODE:"))==0) //CompareF ignores case |
|
442 { |
|
443 token.Set(NextToken()); |
|
444 if (token.CompareF(_L("Main"))==0) |
|
445 aConf->iMode = IKE_PARSER_MAIN; |
|
446 else if (token.CompareF(_L("Aggressive"))==0) |
|
447 aConf->iMode = IKE_PARSER_AGGRESSIVE; |
|
448 else |
|
449 err = KSecParserErrMode; |
|
450 } |
|
451 else if (token.CompareF(_L("IKE_VERSION:"))==0) //CompareF ignores case |
|
452 { |
|
453 sub_num = NextToken(); |
|
454 sub_num.Val(aConf->iIkeVersion, EDecimal); |
|
455 if ( aConf->iIkeVersion != 2 ) |
|
456 aConf->iIkeVersion = 1; // IKE version 1 is currently the default |
|
457 } |
|
458 else if (token.CompareF(_L("SEND_NOTIFICATION:"))==0) //CompareF ignores case |
|
459 { |
|
460 token.Set(NextToken()); |
|
461 if (token.CompareF(_L("True"))==0) |
|
462 aConf->iNotify = ETrue; |
|
463 else if (token.CompareF(_L("False"))==0) |
|
464 aConf->iNotify = EFalse; |
|
465 else |
|
466 err = KSecParserErrNotify; |
|
467 } |
|
468 else if (token.CompareF(_L("FQDN:"))==0) //CompareF ignores case |
|
469 { |
|
470 token.Set(GetRestOfLine()); |
|
471 aConf->iFQDN.Copy(token); |
|
472 } |
|
473 else if (token.CompareF(_L("ID_TYPE:"))==0) //CompareF ignores case |
|
474 { |
|
475 // Specifies IKE Phase 1 Identity type. Integer value specified in rfc2407 |
|
476 sub_num = NextToken(); |
|
477 if ( sub_num.Val(aConf->iIdType, EDecimal)!= KErrNone ) |
|
478 aConf->iIdType = 0; // In error situation, set id value to reserved (= Not defined) |
|
479 } |
|
480 else if (token.CompareF(_L("REMOTE_ID_TYPE:"))==0) //CompareF ignores case |
|
481 { |
|
482 sub_num = NextToken(); |
|
483 if ( sub_num.Val(aConf->iRemoteIdType, EDecimal)!= KErrNone ) |
|
484 aConf->iRemoteIdType = 0; // In error situation, set id value to reserved (= Not defined) |
|
485 } |
|
486 else if (token.CompareF(_L("REMOTE_IDENTITY:"))==0) //CompareF ignores case |
|
487 { |
|
488 token.Set(GetRestOfLine()); |
|
489 aConf->iRemoteIdentity = TStringData::NewL(token); |
|
490 } |
|
491 else if (token.CompareF(_L("ACCEPT_PARTIAL_REMOTE_ID:"))==0) //CompareF ignores case |
|
492 { |
|
493 aConf->iAcceptPartialRemoteId = EFalse; |
|
494 token.Set(NextToken()); |
|
495 if (token.CompareF(_L("True"))==0) |
|
496 aConf->iAcceptPartialRemoteId = ETrue; |
|
497 } |
|
498 else if (token.CompareF(_L("SKIP_REMOTE_ID_CHECK:"))==0) //CompareF ignores case |
|
499 { |
|
500 aConf->iSkipRemoteIdCheck = EFalse; |
|
501 token.Set(NextToken()); |
|
502 if (token.CompareF(_L("True"))==0) |
|
503 aConf->iSkipRemoteIdCheck = ETrue; |
|
504 } |
|
505 else if (token.CompareF(_L("GROUP_DESCRIPTION_II:"))==0) //CompareF ignores case |
|
506 { |
|
507 token.Set(NextToken()); |
|
508 if (token.CompareF(_L("MODP_768"))==0) |
|
509 aConf->iGroupDesc_II = IKE_PARSER_MODP_768; |
|
510 else if (token.CompareF(_L("MODP_1024"))==0) |
|
511 aConf->iGroupDesc_II = IKE_PARSER_MODP_1024; |
|
512 else if (token.CompareF(_L("MODP_1536"))==0) |
|
513 aConf->iGroupDesc_II = IKE_PARSER_MODP_1536; |
|
514 else if (token.CompareF(_L("MODP_2048"))==0) |
|
515 aConf->iGroupDesc_II = IKE_PARSER_MODP_2048; |
|
516 else |
|
517 { |
|
518 err = KSecParserErrGroupDesc_II; |
|
519 } |
|
520 } |
|
521 else if (token.CompareF(_L("USE_COMMIT:"))==0) //CompareF ignores case |
|
522 { |
|
523 token.Set(NextToken()); |
|
524 if (token.CompareF(_L("True"))==0) |
|
525 aConf->iCommit = ETrue; |
|
526 else if (token.CompareF(_L("False"))==0) |
|
527 aConf->iCommit = EFalse; |
|
528 else |
|
529 err = KSecParserErrCommit; |
|
530 } |
|
531 else if (token.CompareF(_L("IPSEC_EXPIRE:"))==0) //CompareF ignores case |
|
532 { |
|
533 token.Set(NextToken()); |
|
534 if (token.CompareF(_L("True"))==0) |
|
535 aConf->iIpsecExpires = ETrue; |
|
536 else if (token.CompareF(_L("False"))==0) |
|
537 aConf->iIpsecExpires = EFalse; |
|
538 else |
|
539 err = KSecParserErrIpsecExpire; |
|
540 } |
|
541 else if (token.CompareF(_L("SEND_CERT:"))==0) //CompareF ignores case |
|
542 { |
|
543 token.Set(NextToken()); |
|
544 if (token.CompareF(_L("True"))==0) |
|
545 aConf->iAlwaysSendCert = ETrue; |
|
546 else if (token.CompareF(_L("False"))==0) |
|
547 aConf->iAlwaysSendCert = EFalse; |
|
548 else |
|
549 err = KSecParserErrSendCert; |
|
550 } |
|
551 else if (token.CompareF(_L("INITIAL_CONTACT:"))==0) //CompareF ignores case |
|
552 { |
|
553 token.Set(NextToken()); |
|
554 if (token.CompareF(_L("True"))==0) |
|
555 aConf->iInitialContact = ETrue; |
|
556 else if (token.CompareF(_L("False"))==0) |
|
557 aConf->iInitialContact = EFalse; |
|
558 else |
|
559 err = KSecParserErrInitialContact; |
|
560 } |
|
561 else if (token.CompareF(_L("RESPONDER_LIFETIME:"))==0) //CompareF ignores case |
|
562 { |
|
563 token.Set(NextToken()); |
|
564 if (token.CompareF(_L("True"))==0) |
|
565 aConf->iResponderLifetime = ETrue; |
|
566 else if (token.CompareF(_L("False"))==0) |
|
567 aConf->iResponderLifetime = EFalse; |
|
568 else |
|
569 err = KSecParserErrResponderLifetime; |
|
570 } |
|
571 else if (token.CompareF(_L("REPLAY_STATUS:"))==0) //CompareF ignores case |
|
572 { |
|
573 token.Set(NextToken()); |
|
574 if (token.CompareF(_L("True"))==0) |
|
575 aConf->iReplayStatus = ETrue; |
|
576 else if (token.CompareF(_L("False"))==0) |
|
577 aConf->iReplayStatus = EFalse; |
|
578 else |
|
579 err = KSecParserErrReplayStatus; |
|
580 } |
|
581 else if (token.CompareF(_L("CRACK_LAM_TYPE:"))==0) //CompareF ignores case |
|
582 { |
|
583 token.Set(NextToken()); |
|
584 |
|
585 //There is no difference between SECUREID nowadays. So both values are |
|
586 //mapped to IKE_PARSER_CRACK_PASSWORD |
|
587 if (token.CompareF(_L("PASSWORD"))==0 || token.CompareF(_L("SECURID"))==0) |
|
588 aConf->iCRACKLAMType = IKE_PARSER_CRACK_PASSWORD; |
|
589 else |
|
590 { |
|
591 err = KSecParserErrCRACKLAMType; |
|
592 } |
|
593 } |
|
594 else if (token.CompareF(_L("CRACK_LAM_USERNAME:"))==0) //CompareF ignores case |
|
595 { |
|
596 token.Set(GetRestOfLine()); |
|
597 aConf->iCRACKLAMUserName = TStringData::NewL(token); |
|
598 } |
|
599 else if (token.CompareF(_L("CRACK_LAM_PASSWORD:"))==0) //CompareF ignores case |
|
600 { |
|
601 token.Set(GetRestOfLine()); |
|
602 aConf->iCRACKLAMPassword = TStringData::NewL(token); |
|
603 } |
|
604 else if (token.CompareF(_L("OWN_CERT_TYPE:"))==0) //CompareF ignores case |
|
605 { |
|
606 token.Set(GetRestOfLine()); |
|
607 aConf->iClientCertType = TStringData::NewL(token); |
|
608 } |
|
609 else if (token.CompareF(_L("USE_INTERNAL_ADDR:"))==0) //CompareF ignores case |
|
610 { |
|
611 token.Set(NextToken()); |
|
612 if (token.CompareF(_L("True"))==0) |
|
613 aConf->iUseInternalAddr = ETrue; |
|
614 else if (token.CompareF(_L("False"))==0) |
|
615 aConf->iUseInternalAddr = EFalse; |
|
616 else |
|
617 err = KSecParserErrUseIntAddr; |
|
618 } |
|
619 else if (token.CompareF(_L("USE_NAT_PROBE:"))==0) //CompareF ignores case |
|
620 { |
|
621 token.Set(NextToken()); |
|
622 if (token.CompareF(_L("True"))==0) |
|
623 aConf->iUseNatProbing = ETrue; |
|
624 else if (token.CompareF(_L("False"))==0) |
|
625 aConf->iUseNatProbing = EFalse; |
|
626 else |
|
627 err = KSecParserErrUseNATProbe; |
|
628 } |
|
629 else if (token.CompareF(_L("ESP_UDP_PORT:"))==0) //CompareF ignores case |
|
630 { |
|
631 // Specifies port value for IPSEC ESP encapsulation |
|
632 sub_num = NextToken(); |
|
633 if ( sub_num.Val(aConf->iEspUdpPort) != KErrNone ) |
|
634 aConf->iEspUdpPort = 0; // In error situation, set id value to reserved (= Not defined) |
|
635 } |
|
636 else if (token.CompareF(_L("NAT_KEEPALIVE:"))==0) //CompareF ignores case |
|
637 { |
|
638 sub_num = NextToken(); |
|
639 if ( sub_num.Val(aConf->iNatKeepAlive) != KErrNone ) |
|
640 aConf->iNatKeepAlive = 0; // In error situation, set id value to reserved (= Not defined) |
|
641 } |
|
642 else if (token.CompareF(_L("DSCP_VALUE:"))==0) //CompareF ignores case |
|
643 { |
|
644 sub_num = NextToken(); |
|
645 if ( sub_num.Val(aConf->iDscp, EDecimal) != KErrNone ) |
|
646 aConf->iDscp = 0; // In error situation, set id value to reserved (= Not defined) |
|
647 aConf->iDscp <<= 2; |
|
648 } |
|
649 else if (token.CompareF(_L("DPD_HEARTBEAT:"))==0) //CompareF ignores case |
|
650 { |
|
651 sub_num = NextToken(); |
|
652 if ( sub_num.Val(aConf->iDPDHeartBeat) != KErrNone ) |
|
653 aConf->iDPDHeartBeat = 0; // In error situation, set id value to reserved (= Not defined) |
|
654 } |
|
655 else if (token.CompareF(_L("REKEYING_THRESHOLD:"))==0) //CompareF ignores case |
|
656 { |
|
657 sub_num = NextToken(); |
|
658 if ( sub_num.Val(aConf->iRekeyingThreshold) != KErrNone ) |
|
659 aConf->iRekeyingThreshold = 0; // In error situation, set id value to reserved (= Not defined) |
|
660 } |
|
661 else if (token.CompareF(_L("USE_XAUTH:"))==0) //CompareF ignores case |
|
662 { |
|
663 aConf->iUseXauth = EFalse; |
|
664 token.Set(NextToken()); |
|
665 if (token.CompareF(_L("True"))==0) |
|
666 aConf->iUseXauth = ETrue; |
|
667 } |
|
668 else if (token.CompareF(_L("USE_MODE_CFG:"))==0) //CompareF ignores case |
|
669 { |
|
670 aConf->iUseCfgMode = EFalse; |
|
671 token.Set(NextToken()); |
|
672 if (token.CompareF(_L("True"))==0) |
|
673 aConf->iUseCfgMode = ETrue; |
|
674 } |
|
675 else if (token.CompareF(_L("USE_MOBIKE:"))==0) //CompareF ignores case |
|
676 { |
|
677 aConf->iUseMobIke = EFalse; |
|
678 token.Set(NextToken()); |
|
679 if (token.CompareF(_L("True"))==0) |
|
680 aConf->iUseMobIke = ETrue; |
|
681 } |
|
682 else if (token.CompareF(_L("EAP_PROTOCOL:"))==0) //CompareF ignores case |
|
683 { |
|
684 sub_num = NextToken(); |
|
685 if ( sub_num.Val(aConf->iEAPProtocol, EDecimal)!= KErrNone ) |
|
686 aConf->iEAPProtocol = 0; // In error situation, set id value to reserved (= Not defined) |
|
687 } |
|
688 else if (token.CompareF(_L("EAP_REALM_PREFIX:"))==0) //CompareF ignores case |
|
689 { |
|
690 token.Set(GetRestOfLine()); |
|
691 aConf->iEAPRealmPrefix = TStringData::NewL(token); |
|
692 } |
|
693 else if (token.CompareF(_L("EAP_MANUAL_REALM:"))==0) //CompareF ignores case |
|
694 { |
|
695 token.Set(GetRestOfLine()); |
|
696 aConf->iEAPManualRealm = TStringData::NewL(token); |
|
697 } |
|
698 else if (token.CompareF(_L("EAP_MANUAL_USERNAME:"))==0) //CompareF ignores case |
|
699 { |
|
700 token.Set(GetRestOfLine()); |
|
701 aConf->iEAPManualUserName = TStringData::NewL(token); |
|
702 } |
|
703 else if (token.CompareF(_L("EAP_HIDE_IDENTITY:"))==0) //CompareF ignores case |
|
704 { |
|
705 token.Set(NextToken()); |
|
706 if (token.CompareF(_L("True"))==0) |
|
707 aConf->iEAPHideIdentity = ETrue; |
|
708 else aConf->iEAPHideIdentity = EFalse; |
|
709 } |
|
710 |
|
711 else if (token.CompareF(_L("PROPOSALS:"))==0) //CompareF ignores case |
|
712 err = ParseProposals(aConf); |
|
713 //Preshared Keys List |
|
714 else if (token.CompareF(_L("PRESHARED_KEYS:"))==0) //CompareF ignores case |
|
715 err = ParsePresharedKeys(aConf); |
|
716 //CAs Data |
|
717 else if (token.CompareF(_L("CAs:"))==0) //CompareF ignores case |
|
718 { |
|
719 err = ParseCAs(aConf); |
|
720 if (!err) |
|
721 aConf->iCAFound=ETrue; |
|
722 } //Own Certs List |
|
723 else if (token.CompareF(_L("OWN_CERTS:"))==0) //CompareF ignores case |
|
724 err = ParseOwnCerts(aConf); |
|
725 //PeerCerts List |
|
726 else if (token.CompareF(_L("PEER_CERTS:"))==0) //CompareF ignores case |
|
727 err = ParsePeerCerts(aConf); |
|
728 } |
|
729 if ( err == KErrNone ) |
|
730 errCA=CheckPolicy(aConf); |
|
731 if (errCA) |
|
732 err=errCA; |
|
733 User::LeaveIfError(err); |
|
734 } |
|
735 |
|
736 TInt TIkeParser::CheckPolicy(CIkeData* aConf) |
|
737 { |
|
738 TInt errno=KErrNone; |
|
739 if (aConf->iCARequired && !aConf->iCAFound) |
|
740 errno=KSecParserErrCA; |
|
741 return errno; |
|
742 } |
|
743 |
|
744 EXPORT_C TInt TIkeParser::BufferAppend(HBufC8*& aPolBfr, const TDesC8& aText) |
|
745 { |
|
746 TInt err = KErrNone; |
|
747 // Make sure that we have enough space for the new text |
|
748 |
|
749 TInt spaceLeft = aPolBfr->Des().MaxLength() - aPolBfr->Des().Length(); |
|
750 if (aText.Length() > spaceLeft) |
|
751 { |
|
752 // Allocate enough space for the new text + some additional |
|
753 // free space so that allocations are not too frequent |
|
754 |
|
755 TInt newMaxLength = aPolBfr->Des().MaxLength() |
|
756 + aText.Length() + KIkePolicyBufferSizeIncrement; |
|
757 HBufC8* tempBfr = aPolBfr->ReAlloc(newMaxLength); |
|
758 if (tempBfr) |
|
759 { |
|
760 aPolBfr = tempBfr; |
|
761 } |
|
762 else |
|
763 { |
|
764 return KErrNoMemory; |
|
765 } |
|
766 } |
|
767 aPolBfr->Des().Append(aText); |
|
768 return err; |
|
769 } |
|
770 |
|
771 |
|
772 //Writes one Host Info. |
|
773 EXPORT_C TInt TIkeParser::MainWrite(CIkeData *aConf, HBufC8*& aPolBfr) |
|
774 { |
|
775 |
|
776 TBuf8<IKE_HOST_SEPARATOR_LEN> buf; |
|
777 buf.Copy(IKE_HOST_SEPARATOR); |
|
778 TInt err = BufferAppend(aPolBfr, buf); |
|
779 |
|
780 if (err != KErrNone) |
|
781 return err; |
|
782 err = BufferAppend(aPolBfr, (_L8("\n"))); |
|
783 if (err != KErrNone) |
|
784 return err; |
|
785 return Write(aConf, aPolBfr); |
|
786 } |
|
787 |
|
788 //Writes some IKE General Data. ("Old Version" no trace file size) |
|
789 EXPORT_C TInt TIkeParser::GeneralInfoWrite(TUint32 aMaxLifetimeSec, |
|
790 TUint32 aMaxLifetimeKB, TInt aMaxRetrans, HBufC8*& aPolBfr) |
|
791 { |
|
792 return GeneralInfoWrite(aMaxLifetimeSec, aMaxLifetimeKB, |
|
793 aMaxRetrans, 0, aPolBfr); |
|
794 } |
|
795 |
|
796 //Writes some IKE General Data. ("New Version") |
|
797 EXPORT_C TInt TIkeParser::GeneralInfoWrite(TUint32 aMaxLifetimeSec, |
|
798 TUint32 aMaxLifetimeKB, TInt aMaxRetrans, |
|
799 TInt aMaxTraceFileSize, HBufC8*& aPolBfr) |
|
800 { |
|
801 TBuf8<40> line; |
|
802 |
|
803 TBuf8<IKE_GENERAL_SEPARATOR_LEN> buf; |
|
804 buf.Copy(IKE_GENERAL_SEPARATOR); |
|
805 TInt err = BufferAppend(aPolBfr, buf); |
|
806 |
|
807 if (err != KErrNone) |
|
808 return err; |
|
809 err = BufferAppend(aPolBfr, (_L8("\n"))); |
|
810 if (err != KErrNone) |
|
811 return err; |
|
812 |
|
813 line.Format(_L8("ISAKMP_SA_MAX_LIFETIME_SEC: %u\n"),aMaxLifetimeSec); |
|
814 err = BufferAppend(aPolBfr, line); |
|
815 if (err != KErrNone) |
|
816 return err; |
|
817 |
|
818 line.Format(_L8("ISAKMP_SA_MAX_LIFETIME_KB: %u\n"),aMaxLifetimeKB); |
|
819 err = BufferAppend(aPolBfr, line); |
|
820 |
|
821 line.Format(_L8("ISAKMP_MAX_RETRANS: %u\n"),aMaxRetrans); |
|
822 err = BufferAppend(aPolBfr, line); |
|
823 |
|
824 line.Format(_L8("TRACE_FILE_SIZE: %u\n"), aMaxTraceFileSize); |
|
825 err = BufferAppend(aPolBfr, line); |
|
826 |
|
827 return err; |
|
828 |
|
829 } |
|
830 |
|
831 |
|
832 EXPORT_C TInt TIkeParser::Write(CIkeData* aConf, HBufC8*& aPolBfr) |
|
833 { |
|
834 ASSERT(aConf); |
|
835 |
|
836 TBuf8<1024> line; |
|
837 TInt err = KErrNone; |
|
838 TBuf<39> addr_buf; |
|
839 TBuf<39> mask_buf; |
|
840 |
|
841 TBuf8<39> addr8; |
|
842 TBuf8<39> mask8; |
|
843 |
|
844 line.Append(_L8("ADDR: ")); |
|
845 if (!aConf->iAddr.IsUnspecified()) |
|
846 aConf->iAddr.OutputWithScope(addr_buf); |
|
847 else |
|
848 addr_buf.Copy(_L("0.0.0.0")); |
|
849 if (!aConf->iMask.IsUnspecified()) |
|
850 aConf->iMask.OutputWithScope(mask_buf); |
|
851 else //only happens with version 1 (no mask) |
|
852 mask_buf.Copy(_L("255.255.255.255")); |
|
853 |
|
854 addr8.Copy(addr_buf); |
|
855 line.Append(addr8); |
|
856 line.Append(_L(" ")); |
|
857 mask8.Copy(mask_buf); |
|
858 line.Append(mask8); |
|
859 line.Append(_L8("\n")); |
|
860 err = BufferAppend(aPolBfr, line); |
|
861 if (err != KErrNone) |
|
862 return err; |
|
863 |
|
864 |
|
865 |
|
866 if (!aConf->iDnsServer.IsUnspecified()) |
|
867 { |
|
868 aConf->iDnsServer.OutputWithScope(addr_buf); |
|
869 line = _L8("DNS_SERVER: "); |
|
870 addr8.Copy(addr_buf); |
|
871 line.Append(addr8); |
|
872 line.Append(_L8("\n")); |
|
873 err = BufferAppend(aPolBfr, line); |
|
874 if (err != KErrNone) |
|
875 return err; |
|
876 |
|
877 |
|
878 } |
|
879 |
|
880 |
|
881 |
|
882 |
|
883 if ( (aConf->iMode == IKE_PARSER_MAIN) || (aConf->iMode == IKE_PARSER_AGGRESSIVE) ) |
|
884 { |
|
885 line.Copy(_L8("MODE: ")); |
|
886 line.Append(TextMode(aConf->iMode)); |
|
887 line.Append(_L8("\n")); |
|
888 err = BufferAppend(aPolBfr, line); |
|
889 if (err != KErrNone) |
|
890 return err; |
|
891 } |
|
892 |
|
893 if ( aConf->iIkeVersion != 0 ) |
|
894 { |
|
895 line.Format(_L8("IKE_VERSION: %d\n"), aConf->iIkeVersion); |
|
896 err = BufferAppend(aPolBfr, line); |
|
897 if (err != KErrNone) |
|
898 return err; |
|
899 } |
|
900 |
|
901 line.Copy(_L8("SEND_NOTIFICATION: ")); |
|
902 if (aConf->iNotify) |
|
903 line.Append(_L("TRUE\n")); |
|
904 else |
|
905 line.Append(_L("FALSE\n")); |
|
906 err = BufferAppend(aPolBfr, line); |
|
907 if (err != KErrNone) |
|
908 return err; |
|
909 |
|
910 if (aConf->iFQDN.Length() > 0) |
|
911 { |
|
912 line.Copy(_L8("FQDN: ")); |
|
913 line.Append(aConf->iFQDN); |
|
914 line.Append(_L8("\n")); |
|
915 err = BufferAppend(aPolBfr, line); |
|
916 if (err != KErrNone) |
|
917 return err; |
|
918 } |
|
919 if (aConf->iIdType != 0) |
|
920 { |
|
921 line.Format(_L8("ID_TYPE: %d\n"), aConf->iIdType); |
|
922 err = BufferAppend(aPolBfr, line); |
|
923 if (err != KErrNone) |
|
924 return err; |
|
925 } |
|
926 |
|
927 if ( aConf->iRemoteIdentity ) |
|
928 { |
|
929 line.Copy(_L8("REMOTE_IDENTITY: ")); |
|
930 line.Append(aConf->iRemoteIdentity->GetData()); |
|
931 line.Append(_L8("\n")); |
|
932 err = BufferAppend(aPolBfr, line); |
|
933 if (err != KErrNone) |
|
934 return err; |
|
935 } |
|
936 if (aConf->iRemoteIdType != 0) |
|
937 { |
|
938 line.Format(_L8("REMOTE_ID_TYPE: %d\n"), aConf->iRemoteIdType); |
|
939 err = BufferAppend(aPolBfr, line); |
|
940 if (err != KErrNone) |
|
941 return err; |
|
942 } |
|
943 |
|
944 line.Copy(_L8("ACCEPT_PARTIAL_REMOTE_ID: ")); |
|
945 if (aConf->iAcceptPartialRemoteId) |
|
946 line.Append(_L("TRUE\n")); |
|
947 else |
|
948 line.Append(_L("FALSE\n")); |
|
949 err = BufferAppend(aPolBfr, line); |
|
950 if (err != KErrNone) |
|
951 return err; |
|
952 |
|
953 line.Copy(_L8("SKIP_REMOTE_ID_CHECK: ")); |
|
954 if (aConf->iSkipRemoteIdCheck) |
|
955 line.Append(_L("TRUE\n")); |
|
956 else |
|
957 line.Append(_L("FALSE\n")); |
|
958 err = BufferAppend(aPolBfr, line); |
|
959 if (err != KErrNone) |
|
960 return err; |
|
961 if (aConf->iGroupDesc_II != 0) |
|
962 { |
|
963 line.Copy(_L8("GROUP_DESCRIPTION_II: ")); |
|
964 line.Append(TextGroupDesc(aConf->iGroupDesc_II)); |
|
965 line.Append(_L("\n")); |
|
966 err = BufferAppend(aPolBfr, line); |
|
967 if (err != KErrNone) |
|
968 return err; |
|
969 } |
|
970 |
|
971 line.Copy(_L8("USE_COMMIT: ")); |
|
972 if (aConf->iCommit) |
|
973 line.Append(_L("TRUE\n")); |
|
974 else |
|
975 line.Append(_L("FALSE\n")); |
|
976 err = BufferAppend(aPolBfr, line); |
|
977 if (err != KErrNone) |
|
978 return err; |
|
979 |
|
980 line.Copy(_L8("IPSEC_EXPIRE: ")); |
|
981 if (aConf->iIpsecExpires) |
|
982 line.Append(_L("TRUE\n")); |
|
983 else |
|
984 line.Append(_L("FALSE\n")); |
|
985 err = BufferAppend(aPolBfr, line); |
|
986 if (err != KErrNone) |
|
987 return err; |
|
988 |
|
989 line.Copy(_L8("SEND_CERT: ")); |
|
990 if (aConf->iAlwaysSendCert) |
|
991 line.Append(_L("TRUE\n")); |
|
992 else |
|
993 line.Append(_L("FALSE\n")); |
|
994 err = BufferAppend(aPolBfr, line); |
|
995 if (err != KErrNone) |
|
996 return err; |
|
997 |
|
998 line.Copy(_L8("INITIAL_CONTACT: ")); |
|
999 if (aConf->iInitialContact) |
|
1000 line.Append(_L("TRUE\n")); |
|
1001 else |
|
1002 line.Append(_L("FALSE\n")); |
|
1003 err = BufferAppend(aPolBfr, line); |
|
1004 if (err != KErrNone) |
|
1005 return err; |
|
1006 |
|
1007 line.Copy(_L8("RESPONDER_LIFETIME: ")); |
|
1008 if (aConf->iResponderLifetime) |
|
1009 line.Append(_L("TRUE\n")); |
|
1010 else |
|
1011 line.Append(_L("FALSE\n")); |
|
1012 err = BufferAppend(aPolBfr, line); |
|
1013 if (err != KErrNone) |
|
1014 return err; |
|
1015 |
|
1016 line.Copy(_L8("REPLAY_STATUS: ")); |
|
1017 if (aConf->iReplayStatus) |
|
1018 line.Append(_L("TRUE\n")); |
|
1019 else |
|
1020 line.Append(_L("FALSE\n")); |
|
1021 err = BufferAppend(aPolBfr, line); |
|
1022 if (err != KErrNone) |
|
1023 return err; |
|
1024 |
|
1025 if ( aConf->iCRACKLAMType == IKE_PARSER_CRACK_PASSWORD ) |
|
1026 { |
|
1027 line.Copy(_L8("CRACK_LAM_TYPE: ")); |
|
1028 line.Append(TextLAMType(aConf->iCRACKLAMType)); |
|
1029 line.Append(_L("\n")); |
|
1030 err = BufferAppend(aPolBfr, line); |
|
1031 if (err != KErrNone) |
|
1032 return err; |
|
1033 } |
|
1034 |
|
1035 //IKE Private (Nokia VPN specific) extensions |
|
1036 line.Copy(_L8("USE_INTERNAL_ADDR: ")); |
|
1037 if (aConf->iUseInternalAddr) |
|
1038 line.Append(_L("TRUE\n")); |
|
1039 else |
|
1040 line.Append(_L("FALSE\n")); |
|
1041 err = BufferAppend(aPolBfr, line); |
|
1042 if (err != KErrNone) |
|
1043 return err; |
|
1044 |
|
1045 line.Copy(_L8("USE_NAT_PROBE: ")); |
|
1046 if (aConf->iUseNatProbing) |
|
1047 line.Append(_L("TRUE\n")); |
|
1048 else |
|
1049 line.Append(_L("FALSE\n")); |
|
1050 err = BufferAppend(aPolBfr, line); |
|
1051 if (err != KErrNone) |
|
1052 return err; |
|
1053 |
|
1054 if (aConf->iEspUdpPort != 0) |
|
1055 { |
|
1056 line.Format(_L8("ESP_UDP_PORT: %d\n"), aConf->iEspUdpPort); |
|
1057 err = BufferAppend(aPolBfr, line); |
|
1058 if (err != KErrNone) |
|
1059 return err; |
|
1060 } |
|
1061 |
|
1062 line.Format(_L8("NAT_KEEPALIVE: %d\n"), aConf->iNatKeepAlive); |
|
1063 err = BufferAppend(aPolBfr, line); |
|
1064 if (err != KErrNone) |
|
1065 return err; |
|
1066 |
|
1067 line.Format(_L8("DSCP_VALUE: %d\n"), aConf->iDscp >> 2); |
|
1068 err = BufferAppend(aPolBfr, line); |
|
1069 if (err != KErrNone) |
|
1070 return err; |
|
1071 |
|
1072 line.Format(_L8("DPD_HEARTBEAT: %d\n"), aConf->iDPDHeartBeat); |
|
1073 err = BufferAppend(aPolBfr, line); |
|
1074 if (err != KErrNone) |
|
1075 return err; |
|
1076 |
|
1077 line.Format(_L8("REKEYING_THRESHOLD: %d\n"), aConf->iRekeyingThreshold); |
|
1078 err = BufferAppend(aPolBfr, line); |
|
1079 if (err != KErrNone) |
|
1080 return err; |
|
1081 |
|
1082 line.Copy(_L8("USE_XAUTH: ")); |
|
1083 if (aConf->iUseXauth) |
|
1084 line.Append(_L("TRUE\n")); |
|
1085 else |
|
1086 line.Append(_L("FALSE\n")); |
|
1087 err = BufferAppend(aPolBfr, line); |
|
1088 if (err != KErrNone) |
|
1089 return err; |
|
1090 |
|
1091 line.Copy(_L8("USE_MODE_CFG: ")); |
|
1092 if (aConf->iUseCfgMode) |
|
1093 line.Append(_L("TRUE\n")); |
|
1094 else |
|
1095 line.Append(_L("FALSE\n")); |
|
1096 err = BufferAppend(aPolBfr, line); |
|
1097 if (err != KErrNone) |
|
1098 return err; |
|
1099 |
|
1100 line.Copy(_L8("USE_MOBIKE: ")); |
|
1101 if (aConf->iUseMobIke) |
|
1102 line.Append(_L("TRUE\n")); |
|
1103 else |
|
1104 line.Append(_L("FALSE\n")); |
|
1105 err = BufferAppend(aPolBfr, line); |
|
1106 if (err != KErrNone) |
|
1107 return err; |
|
1108 if ( aConf->iCRACKLAMUserName ) |
|
1109 { |
|
1110 line.Copy(_L8("CRACK_LAM_USERNAME: ")); |
|
1111 line.Append(aConf->iCRACKLAMUserName->GetData()); |
|
1112 line.Append(_L8("\n")); |
|
1113 err = BufferAppend(aPolBfr, line); |
|
1114 if (err != KErrNone) |
|
1115 return err; |
|
1116 } |
|
1117 if ( aConf->iCRACKLAMPassword ) |
|
1118 { |
|
1119 line.Copy(_L8("CRACK_LAM_PASSWORD: ")); |
|
1120 line.Append(aConf->iCRACKLAMPassword->GetData()); |
|
1121 line.Append(_L8("\n")); |
|
1122 err = BufferAppend(aPolBfr, line); |
|
1123 if (err != KErrNone) |
|
1124 return err; |
|
1125 } |
|
1126 if ( aConf->iClientCertType ) |
|
1127 { |
|
1128 line.Copy(_L8("OWN_CERT_TYPE: ")); |
|
1129 line.Append(aConf->iClientCertType->GetData()); |
|
1130 line.Append(_L8("\n")); |
|
1131 err = BufferAppend(aPolBfr, line); |
|
1132 if (err != KErrNone) |
|
1133 return err; |
|
1134 } |
|
1135 |
|
1136 if ( aConf->iEAPProtocol != 0 ) |
|
1137 { |
|
1138 line.Format(_L8("EAP_PROTOCOL: %d\n"), aConf->iEAPProtocol); |
|
1139 err = BufferAppend(aPolBfr, line); |
|
1140 if (err != KErrNone) |
|
1141 return err; |
|
1142 line.Copy(_L8("EAP_HIDE_IDENTITY: ")); |
|
1143 if (aConf->iEAPHideIdentity) |
|
1144 line.Append(_L("TRUE\n")); |
|
1145 else |
|
1146 line.Append(_L("FALSE\n")); |
|
1147 err = BufferAppend(aPolBfr, line); |
|
1148 if (err != KErrNone) |
|
1149 return err; |
|
1150 } |
|
1151 if ( aConf->iEAPRealmPrefix ) |
|
1152 { |
|
1153 line.Copy(_L8("EAP_REALM_PREFIX: ")); |
|
1154 line.Append(aConf->iEAPRealmPrefix->GetData()); |
|
1155 line.Append(_L8("\n")); |
|
1156 err = BufferAppend(aPolBfr, line); |
|
1157 if (err != KErrNone) |
|
1158 return err; |
|
1159 } |
|
1160 if ( aConf->iEAPManualRealm ) |
|
1161 { |
|
1162 line.Copy(_L8("EAP_MANUAL_REALM: ")); |
|
1163 line.Append(aConf->iEAPManualRealm->GetData()); |
|
1164 line.Append(_L8("\n")); |
|
1165 err = BufferAppend(aPolBfr, line); |
|
1166 if (err != KErrNone) |
|
1167 return err; |
|
1168 } |
|
1169 if ( aConf->iEAPManualUserName ) |
|
1170 { |
|
1171 line.Copy(_L8("EAP_MANUAL_USERNAME: ")); |
|
1172 line.Append(aConf->iEAPManualUserName->GetData()); |
|
1173 line.Append(_L8("\n")); |
|
1174 err = BufferAppend(aPolBfr, line); |
|
1175 if (err != KErrNone) |
|
1176 return err; |
|
1177 } |
|
1178 |
|
1179 //Proposals |
|
1180 line.Format(_L8("PROPOSALS: %d\n"), aConf->iNumProp); |
|
1181 err = BufferAppend(aPolBfr, line); |
|
1182 if (err != KErrNone) |
|
1183 return err; |
|
1184 |
|
1185 TProposalData* prop = aConf->iPropList; |
|
1186 for (TInt i=0; i<aConf->iNumProp; i++) |
|
1187 { |
|
1188 line.Copy(_L8("ENC_ALG: ")); |
|
1189 line.Append(TextEncrAlg(prop->iEncrAlg, prop->iEncrKeyLth)); |
|
1190 line.Append(_L8("\nAUTH_METHOD: ")); |
|
1191 line.Append(TextAuthMethod(prop->iAuthMeth)); |
|
1192 line.Append(_L8("\nHASH_ALG: ")); |
|
1193 line.Append(TextHashAlg(prop->iHashAlg)); |
|
1194 line.Append(_L8("\nGROUP_DESCRIPTION: ")); |
|
1195 line.Append(TextGroupDesc(prop->iGroupDesc)); |
|
1196 line.Append(_L8("\nGROUP_TYPE: ")); |
|
1197 line.Append(TextGroupType(prop->iGroupType)); |
|
1198 line.AppendFormat(_L8("\nLIFETIME_KBYTES: %d"),prop->iLifetimeKb); |
|
1199 line.AppendFormat(_L8("\nLIFETIME_SECONDS: %d"),prop->iLifetimeSec); |
|
1200 line.Append(_L8("\nPRF: ")); |
|
1201 line.Append(TextPRF(prop->iPRF)); |
|
1202 line.Append(_L8("\n")); |
|
1203 err = BufferAppend(aPolBfr, line); |
|
1204 if (err != KErrNone) |
|
1205 return err; |
|
1206 prop = prop->iNext; |
|
1207 } |
|
1208 |
|
1209 if (aConf->iPresharedKey.iKey.Length() > 0) |
|
1210 { |
|
1211 line.Copy(_L8("PRESHARED_KEYS:\n")); |
|
1212 err = BufferAppend(aPolBfr, line); |
|
1213 if (err != KErrNone) |
|
1214 return err; |
|
1215 line.Copy(_L("FORMAT: ")); |
|
1216 line.Append(TextFormat(aConf->iPresharedKey.iFormat)); |
|
1217 line.AppendFormat(_L8("\nKEY: %d "),aConf->iPresharedKey.iKey.Length()); |
|
1218 line.Append(aConf->iPresharedKey.iKey); |
|
1219 line.Append(_L8("\n")); |
|
1220 err = BufferAppend(aPolBfr, line); |
|
1221 if (err != KErrNone) |
|
1222 return err; |
|
1223 } |
|
1224 // |
|
1225 //CAS |
|
1226 //Support for multiple CAs |
|
1227 // |
|
1228 if ( aConf->iCAList ) |
|
1229 { |
|
1230 TInt ca_count = aConf->iCAList->Count(); |
|
1231 line.Copy(_L("CAs: ")); |
|
1232 line.AppendNum(ca_count); |
|
1233 line.Append(_L8("\n")); |
|
1234 err = BufferAppend(aPolBfr, line); |
|
1235 if (err != KErrNone) |
|
1236 return err; |
|
1237 |
|
1238 for (TInt i=0; i < ca_count; i++) |
|
1239 { |
|
1240 line.Copy(_L(" FORMAT: ")); |
|
1241 line.Append(CertFormat(aConf->iCAList->At(i)->iFormat)); |
|
1242 line.Append(_L("\n DATA: ")); |
|
1243 line.Append(aConf->iCAList->At(i)->iData); |
|
1244 line.Append(_L8("\n")); |
|
1245 err = BufferAppend(aPolBfr, line); |
|
1246 if (err != KErrNone) |
|
1247 return err; |
|
1248 } |
|
1249 } |
|
1250 |
|
1251 //Own Certs |
|
1252 if (aConf->iOwnCert.iOwnCertExists) |
|
1253 { |
|
1254 line.Copy(_L8("OWN_CERTS:\n")); |
|
1255 if (aConf->iOwnCert.iData.Length() > 0) |
|
1256 { |
|
1257 line.Append(_L8(" FORMAT: ")); |
|
1258 line.Append(CertFormat(aConf->iOwnCert.iFormat)); |
|
1259 line.Append(_L8("\n DATA: ")); |
|
1260 line.Append(aConf->iOwnCert.iData); |
|
1261 line.Append(_L8("\n PRIVATE_KEY_FORMAT: ")); |
|
1262 line.Append(CertFormat(aConf->iPrivKey.iFormat)); |
|
1263 line.Append(_L8("\n PRIVATE_KEY_DATA: ")); |
|
1264 line.Append(aConf->iPrivKey.iData); |
|
1265 line.Append(_L8("\n")); |
|
1266 line.AppendFormat(_L8("\n PRIVATE_KEY_LENGTH: %d"), aConf->iOwnCert.iPrivateKeyLength); |
|
1267 } |
|
1268 |
|
1269 // Always included |
|
1270 line.Append(_L8("\n SUBJECT_DN_SUFFIX: ")); |
|
1271 line.Append(aConf->iOwnCert.iSubjectDnSuffix); |
|
1272 TInt identityType; |
|
1273 if (aConf->iOwnCert.iIdentityAsRfc822Name == EIdentityAsRfc822NameUndefined) |
|
1274 { |
|
1275 identityType = 2; |
|
1276 } |
|
1277 else if (aConf->iOwnCert.iIdentityAsRfc822Name == EIdentityAsRfc822NameNo) |
|
1278 { |
|
1279 identityType = 0; |
|
1280 } |
|
1281 else |
|
1282 { |
|
1283 identityType = 1; |
|
1284 } |
|
1285 line.AppendFormat(_L8("\n IDENTITY_AS_RFC822NAME: %d"), identityType); |
|
1286 |
|
1287 line.Append(_L8("\n RFC822NAME_FQDN: ")); |
|
1288 line.Append(aConf->iOwnCert.iRfc822NameFqdn); |
|
1289 line.Append(_L8("\n")); |
|
1290 err = BufferAppend(aPolBfr, line); |
|
1291 if (err != KErrNone) |
|
1292 return err; |
|
1293 } |
|
1294 |
|
1295 //Peer Certs |
|
1296 if (aConf->iPeerCert.iData.Length() > 0) |
|
1297 { |
|
1298 line.Format(_L8("PEER_CERTS:")); |
|
1299 line.Append(_L8(" FORMAT: ")); |
|
1300 line.Append(CertFormat(aConf->iPeerCert.iFormat)); |
|
1301 line.Append(_L8("\n DATA: ")); |
|
1302 line.Append(aConf->iPeerCert.iData); |
|
1303 line.Append(_L8("\n")); |
|
1304 err = BufferAppend(aPolBfr, line); |
|
1305 if (err != KErrNone) |
|
1306 return err; |
|
1307 } |
|
1308 |
|
1309 return KErrNone; |
|
1310 } |
|
1311 |
|
1312 TInt TIkeParser::ParseProposals(CIkeData* aConf) |
|
1313 { |
|
1314 ASSERT(aConf); |
|
1315 |
|
1316 TLex sub_num = NextToken(); //Used for number conversion |
|
1317 if (sub_num.Val(aConf->iNumProp) != KErrNone) |
|
1318 return KSecParserErrProposal; |
|
1319 |
|
1320 if (aConf->iNumProp == 0) |
|
1321 { |
|
1322 aConf->iPropList = NULL; |
|
1323 return KErrNone; |
|
1324 } |
|
1325 |
|
1326 TPtrC token(NULL,0); |
|
1327 TProposalData* prev_prop = NULL; |
|
1328 TInt err = KErrNone; |
|
1329 TInt authMethodFound=0; |
|
1330 //At least one proposal! |
|
1331 for (TInt i=0; i<aConf->iNumProp; i++) //All the proposals |
|
1332 { |
|
1333 TProposalData* prop = NULL; |
|
1334 prop = new TProposalData; |
|
1335 if (!prop) |
|
1336 return KErrNoMemory; |
|
1337 |
|
1338 prop->iNext = NULL; |
|
1339 if (i==0) //First proposal |
|
1340 aConf->iPropList = prop; |
|
1341 else |
|
1342 prev_prop->iNext = prop; |
|
1343 |
|
1344 prop->iPrev = prev_prop; |
|
1345 authMethodFound=0; |
|
1346 token.Set(NextToken()); |
|
1347 |
|
1348 if (token.CompareF(_L("ENC_ALG:"))==0) //CompareF ignores case |
|
1349 { |
|
1350 prop->iEncrKeyLth = 0; // = Use Default key length |
|
1351 token.Set(NextToken()); |
|
1352 if (token.CompareF(_L("DES-CBC"))==0) |
|
1353 prop->iEncrAlg = IKE_PARSER_DES_CBC; |
|
1354 else if (token.CompareF(_L("3DES-CBC"))==0) |
|
1355 prop->iEncrAlg = IKE_PARSER_DES3_CBC; |
|
1356 else if (token.CompareF(_L("AES128-CBC"))==0) |
|
1357 { |
|
1358 prop->iEncrKeyLth = 128; |
|
1359 prop->iEncrAlg = IKE_PARSER_AES_CBC; |
|
1360 } |
|
1361 else if (token.CompareF(_L("AES192-CBC"))==0) |
|
1362 { |
|
1363 prop->iEncrKeyLth = 192; |
|
1364 prop->iEncrAlg = IKE_PARSER_AES_CBC; |
|
1365 } |
|
1366 else if (token.CompareF(_L("AES256-CBC"))==0) |
|
1367 { |
|
1368 prop->iEncrKeyLth = 256; |
|
1369 prop->iEncrAlg = IKE_PARSER_AES_CBC; |
|
1370 } |
|
1371 else |
|
1372 { |
|
1373 err = KSecParserErrEncrAlg; |
|
1374 break; |
|
1375 } |
|
1376 } |
|
1377 else |
|
1378 { |
|
1379 err = KSecParserErrEncrAlg; |
|
1380 break; |
|
1381 } |
|
1382 |
|
1383 token.Set(NextToken()); |
|
1384 if (token.CompareF(_L("AUTH_METHOD:"))==0) //CompareF ignores case |
|
1385 { |
|
1386 authMethodFound=1; |
|
1387 token.Set(NextToken()); |
|
1388 if (token.CompareF(_L("RSA_SIGNATURES"))==0) |
|
1389 { |
|
1390 prop->iAuthMeth = IKE_PARSER_RSA_SIG; |
|
1391 aConf->iCARequired=ETrue; |
|
1392 } |
|
1393 else if (token.CompareF(_L("DSS_SIGNATURES"))==0) |
|
1394 { |
|
1395 prop->iAuthMeth = IKE_PARSER_DSS_SIG; |
|
1396 aConf->iCARequired=ETrue; |
|
1397 } |
|
1398 else if (token.CompareF(_L("RSA_ENCRYPT"))==0) |
|
1399 { |
|
1400 prop->iAuthMeth = IKE_PARSER_RSA_ENCR; |
|
1401 aConf->iCARequired=ETrue; |
|
1402 } |
|
1403 else if (token.CompareF(_L("RSA_REV_ENCRYPT"))==0) |
|
1404 { |
|
1405 prop->iAuthMeth = IKE_PARSER_RSA_REV_ENCR; |
|
1406 aConf->iCARequired=ETrue; |
|
1407 } |
|
1408 else if (token.CompareF(_L("PRE-SHARED"))==0) |
|
1409 prop->iAuthMeth = IKE_PARSER_PRE_SHARED; |
|
1410 else if (token.CompareF(_L("IKE-CRACK"))==0) |
|
1411 { |
|
1412 prop->iAuthMeth = IKE_PARSER_CRACK; |
|
1413 aConf->iCARequired=ETrue; |
|
1414 } |
|
1415 else |
|
1416 { |
|
1417 err = KSecParserErrAuthMethod; |
|
1418 break; |
|
1419 //ErrorL(R_PARSE_ERROR_AUTH_METHOD); |
|
1420 } |
|
1421 } |
|
1422 else |
|
1423 { |
|
1424 if (aConf->iEAPProtocol<1) |
|
1425 { |
|
1426 err = KSecParserErrAuthMethod; |
|
1427 break; |
|
1428 } |
|
1429 } |
|
1430 if (aConf->iEAPProtocol>0) |
|
1431 prop->iAuthMeth=IKE_PARSER_PRE_SHARED; |
|
1432 if (authMethodFound==1) |
|
1433 token.Set(NextToken()); |
|
1434 if (token.CompareF(_L("HASH_ALG:"))==0) //CompareF ignores case |
|
1435 { |
|
1436 token.Set(NextToken()); |
|
1437 if (token.CompareF(_L("MD5"))==0) |
|
1438 prop->iHashAlg = IKE_PARSER_MD5; |
|
1439 else if (token.CompareF(_L("SHA1"))==0) |
|
1440 prop->iHashAlg = IKE_PARSER_SHA1; |
|
1441 else |
|
1442 { |
|
1443 err = KSecParserErrHashAlg; |
|
1444 break; |
|
1445 } |
|
1446 } |
|
1447 else |
|
1448 { |
|
1449 err = KSecParserErrHashAlg; |
|
1450 break; |
|
1451 } |
|
1452 token.Set(NextToken()); |
|
1453 if (token.CompareF(_L("GROUP_DESCRIPTION:"))==0) //CompareF ignores case |
|
1454 { |
|
1455 token.Set(NextToken()); |
|
1456 if (token.CompareF(_L("MODP_768"))==0) |
|
1457 prop->iGroupDesc = IKE_PARSER_MODP_768; |
|
1458 else if (token.CompareF(_L("MODP_1024"))==0) |
|
1459 prop->iGroupDesc = IKE_PARSER_MODP_1024; |
|
1460 else if (token.CompareF(_L("MODP_1536"))==0) |
|
1461 prop->iGroupDesc = IKE_PARSER_MODP_1536; |
|
1462 else if (token.CompareF(_L("MODP_2048"))==0) |
|
1463 prop->iGroupDesc = IKE_PARSER_MODP_2048; |
|
1464 else |
|
1465 { |
|
1466 err = KSecParserErrGroupDesc; |
|
1467 break; |
|
1468 } |
|
1469 } |
|
1470 else |
|
1471 { |
|
1472 err = KSecParserErrGroupDesc; |
|
1473 break; |
|
1474 } |
|
1475 |
|
1476 token.Set(NextToken()); |
|
1477 if (token.CompareF(_L("GROUP_TYPE:"))==0) //CompareF ignores case |
|
1478 { |
|
1479 token.Set(NextToken()); |
|
1480 if (token.CompareF(_L("MODP"))==0) |
|
1481 prop->iGroupType = IKE_PARSER_MODP; |
|
1482 else if(token.CompareF(_L("DEFAULT"))==0) |
|
1483 prop->iGroupType = IKE_PARSER_DEFAULT; |
|
1484 else |
|
1485 { |
|
1486 err = KSecParserErrGroupType; |
|
1487 break; |
|
1488 } |
|
1489 } |
|
1490 else |
|
1491 { |
|
1492 err = KSecParserErrGroupType; |
|
1493 break; |
|
1494 } |
|
1495 |
|
1496 token.Set(NextToken()); |
|
1497 if (token.CompareF(_L("LIFETIME_KBYTES:"))==0) //CompareF ignores case |
|
1498 { |
|
1499 sub_num = NextToken(); |
|
1500 if (sub_num.Val(prop->iLifetimeKb,EDecimal)!=KErrNone) |
|
1501 { |
|
1502 err = KSecParserErrLifeBytes; |
|
1503 break; |
|
1504 } |
|
1505 token.Set(NextToken()); |
|
1506 } |
|
1507 else |
|
1508 { |
|
1509 prop->iLifetimeKb=0; |
|
1510 } |
|
1511 if (token.CompareF(_L("LIFETIME_SECONDS:"))==0) //CompareF ignores case |
|
1512 { |
|
1513 sub_num = NextToken(); |
|
1514 if (sub_num.Val(prop->iLifetimeSec,EDecimal)!=KErrNone) |
|
1515 { |
|
1516 err = KSecParserErrLifeSecs; |
|
1517 break; |
|
1518 } |
|
1519 } |
|
1520 else |
|
1521 { |
|
1522 err = KSecParserErrLifeSecs; |
|
1523 break; |
|
1524 } |
|
1525 |
|
1526 Mark(); |
|
1527 |
|
1528 token.Set(NextToken()); |
|
1529 |
|
1530 // PRF is an optional parameter, so if it doesn't exist, just use |
|
1531 // the default value and unget to mark (so that the rest of the parsing |
|
1532 // won't fail). |
|
1533 if (token.CompareF(_L("PRF:"))==0) //CompareF ignores case |
|
1534 { |
|
1535 token.Set(NextToken()); |
|
1536 if (token.CompareF(_L("3DES-CBC-MAC"))==0) |
|
1537 prop->iPRF = IKE_PARSER_DES3_CBC_MAC; |
|
1538 else if (token.CompareF(_L("NONE"))==0) |
|
1539 prop->iPRF = IKE_PARSER_NONE; |
|
1540 else |
|
1541 { |
|
1542 err = KSecParserErrPRF; |
|
1543 break; |
|
1544 } |
|
1545 } |
|
1546 else |
|
1547 { |
|
1548 prop->iPRF = IKE_PARSER_NONE; |
|
1549 UnGetToMark(); |
|
1550 } |
|
1551 |
|
1552 prev_prop = prop; //Save as previous proposal |
|
1553 } //Proposals loop |
|
1554 |
|
1555 return err; |
|
1556 } |
|
1557 |
|
1558 |
|
1559 TInt TIkeParser::ParsePresharedKeys(CIkeData* aConf) |
|
1560 { |
|
1561 ASSERT(aConf); |
|
1562 |
|
1563 TPtrC token(NULL, 0); |
|
1564 TLex sub_num; //Used for number conversion |
|
1565 TInt j = 0; |
|
1566 TInt num=0; |
|
1567 |
|
1568 TPresharedKeyData *key = &aConf->iPresharedKey; |
|
1569 token.Set(NextToken()); |
|
1570 |
|
1571 if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case |
|
1572 { |
|
1573 token.Set(NextToken()); |
|
1574 if (token.CompareF(_L("HEX_FORMAT"))==0) |
|
1575 key->iFormat = HEX_KEY; |
|
1576 else if (token.CompareF(_L("STRING_FORMAT"))==0) |
|
1577 key->iFormat = STRING_KEY; |
|
1578 else |
|
1579 return KSecParserErrPreFormat; |
|
1580 } |
|
1581 else |
|
1582 return KSecParserErrPreKey; |
|
1583 |
|
1584 token.Set(NextToken()); |
|
1585 if (token.CompareF(_L("KEY:"))==0) //CompareF ignores case |
|
1586 { |
|
1587 sub_num = NextToken(); |
|
1588 if (sub_num.Val(num)!=KErrNone) |
|
1589 return KSecParserErrPreKey; |
|
1590 |
|
1591 if (num > KMaxPresharedKeyLength) |
|
1592 { |
|
1593 //Key is too long for our buffer. |
|
1594 return KSecParserErrPreKey; |
|
1595 } |
|
1596 |
|
1597 if (key->iFormat == HEX_KEY && (num % 2) != 0) |
|
1598 { |
|
1599 //HEX encoded keys must contains even number of characters. |
|
1600 //(Because each byte is expressed by two characters.) |
|
1601 return KSecParserErrPreKey; |
|
1602 } |
|
1603 } |
|
1604 else |
|
1605 return KSecParserErrPreKey; |
|
1606 |
|
1607 SkipSpaceAndMark(); |
|
1608 |
|
1609 if (key->iFormat == STRING_KEY) |
|
1610 { |
|
1611 for (j = 0; j < num && (!Eos()) ; j++) //Parse the key char to char because it contains blanks |
|
1612 key->iKey.Append(Get()); |
|
1613 } |
|
1614 else if (key->iFormat == HEX_KEY) |
|
1615 { |
|
1616 //Make sure that key contains a valid hex decim number. |
|
1617 for (j = 0; j < num && (!Eos()) ; j++) |
|
1618 { |
|
1619 TChar c = Get(); |
|
1620 if (c >= TChar('0') && c <= TChar('9') || |
|
1621 c >= TChar('a') && c <= TChar('f') || |
|
1622 c >= TChar('A') && c <= TChar('F')) |
|
1623 { |
|
1624 key->iKey.Append(c); |
|
1625 } |
|
1626 else |
|
1627 { |
|
1628 return KSecParserErrPreKey; |
|
1629 } |
|
1630 |
|
1631 } |
|
1632 } |
|
1633 |
|
1634 if (j<num) |
|
1635 return KSecParserErrPreKey; |
|
1636 |
|
1637 return KErrNone; |
|
1638 } |
|
1639 |
|
1640 |
|
1641 TInt TIkeParser::ParseCAItem(CIkeData* /*aConf*/, TCertInfo* aCA, TPtrC& aToken) |
|
1642 { |
|
1643 ASSERT(aCA); |
|
1644 |
|
1645 if (aToken.CompareF(_L("FORMAT:")) == 0 ) //CompareF ignores case |
|
1646 { |
|
1647 aToken.Set(NextToken()); |
|
1648 if (aToken.CompareF(_L("PEM"))==0) |
|
1649 aCA->iFormat = PEM_CERT; |
|
1650 else if (aToken.CompareF(_L("BIN"))==0) |
|
1651 aCA->iFormat = BIN_CERT; |
|
1652 else if (aToken.CompareF(_L("NAME"))==0) |
|
1653 aCA->iFormat = CA_NAME; |
|
1654 else if (aToken.CompareF(_L("KEYID"))==0) |
|
1655 aCA->iFormat = KEY_ID; |
|
1656 else if (aToken.CompareF(_L("APPLUID"))==0) |
|
1657 aCA->iFormat = APPL_UID; |
|
1658 else |
|
1659 return KSecParserErrCA; |
|
1660 } |
|
1661 else |
|
1662 { |
|
1663 return KSecParserErrCA; |
|
1664 } |
|
1665 |
|
1666 aToken.Set(NextToken()); |
|
1667 if ( aToken.CompareF(_L("DATA:")) == 0) //CompareF ignores case |
|
1668 { |
|
1669 switch(aCA->iFormat) |
|
1670 { |
|
1671 case CA_NAME: //falls through |
|
1672 case APPL_UID: |
|
1673 { |
|
1674 aCA->iData = GetRestOfLine(); //ASCII format CA name or Appl uid list |
|
1675 // Check if data contains empty attributes |
|
1676 if( KErrNotFound != aCA->iData.FindF(_L("=,")) || KErrNotFound != aCA->iData.FindF(_L("=\"\""))) |
|
1677 { |
|
1678 return KSecParserErrCA; |
|
1679 } |
|
1680 } |
|
1681 break; |
|
1682 case BIN_CERT: |
|
1683 return ParseFileName(aCA->iData); |
|
1684 //No break needed |
|
1685 default: |
|
1686 aCA->iData = NextToken(); //PEM cert or Key identifier |
|
1687 break; |
|
1688 } |
|
1689 |
|
1690 return KErrNone; |
|
1691 } |
|
1692 else |
|
1693 { |
|
1694 return KSecParserErrCA; |
|
1695 } |
|
1696 } |
|
1697 |
|
1698 void TIkeParser::ParseCAListL(CIkeData* aConf, TInt aCACount, TPtrC& aToken) |
|
1699 { |
|
1700 ASSERT(aConf); |
|
1701 |
|
1702 aConf->iCAList = new (ELeave) CArrayFixFlat<TCertInfo*>(aCACount); |
|
1703 |
|
1704 while ( aCACount ) |
|
1705 { |
|
1706 TCertInfo* ca_name = new (ELeave) TCertInfo; |
|
1707 CleanupStack::PushL(ca_name); |
|
1708 User::LeaveIfError(ParseCAItem(aConf, ca_name, aToken)); |
|
1709 aConf->iCAList->AppendL(ca_name); |
|
1710 CleanupStack::Pop(ca_name); |
|
1711 |
|
1712 aCACount--; |
|
1713 if ( aCACount ) |
|
1714 aToken.Set(NextToken()); // Enter to next "FORMAT" tag |
|
1715 } |
|
1716 } |
|
1717 |
|
1718 /**--------------------------------------------------------------- |
|
1719 * |
|
1720 * Parse CAs section in host (=IKE) configuration. |
|
1721 * There is two possibilities: |
|
1722 * CAs: |
|
1723 * FORMAT: BIN |
|
1724 * DATA: jps-SecurID-1_0-ca.cer |
|
1725 * This supports only one CA (This format may be removed later) |
|
1726 * CAs: 2 |
|
1727 * FORMAT: BIN |
|
1728 * DATA: jps-SecurID-1_0-ca.cer |
|
1729 * FORMAT: BIN |
|
1730 * DATA: jps-SecurID-1_1-ca.cer |
|
1731 * This supports several CA:s. Exact CA count is in line CAs: x |
|
1732 * |
|
1733 *----------------------------------------------------------------*/ |
|
1734 TInt TIkeParser::ParseCAs(CIkeData* aConf) |
|
1735 { |
|
1736 TInt ca_count = 0; |
|
1737 TPtrC token(NULL, 0); |
|
1738 token.Set(NextToken()); |
|
1739 |
|
1740 if ( token.CompareF(_L("FORMAT:")) == 0 ) //CompareF ignores case |
|
1741 { |
|
1742 ca_count = 1; |
|
1743 } |
|
1744 else |
|
1745 { |
|
1746 TLex sub_num = token; |
|
1747 if ( (sub_num.Val(ca_count) != KErrNone) || (ca_count == 0) ) |
|
1748 { |
|
1749 return KSecParserErrCA; |
|
1750 } |
|
1751 token.Set(NextToken()); // Enter to the first "FORMAT" tag |
|
1752 } |
|
1753 |
|
1754 TInt err = KErrNone; |
|
1755 TRAP(err, ParseCAListL(aConf, ca_count, token);) |
|
1756 return err; |
|
1757 } |
|
1758 |
|
1759 TInt TIkeParser::ParseOwnCerts(CIkeData* aConf) |
|
1760 { |
|
1761 ASSERT(aConf); |
|
1762 |
|
1763 TPtrC token(NULL,0); |
|
1764 |
|
1765 TInt nMandatoryFields=0; |
|
1766 TInt err=KErrNone; |
|
1767 TBool endOfSection=EFalse; |
|
1768 TOwnCertInfo *own_cert = &aConf->iOwnCert; |
|
1769 own_cert->iOwnCertExists = 0; |
|
1770 TCertInfo *priv_key = &aConf->iPrivKey; |
|
1771 |
|
1772 while (!endOfSection && err==KErrNone) |
|
1773 { |
|
1774 Mark(); |
|
1775 token.Set(NextToken()); |
|
1776 |
|
1777 if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case |
|
1778 { |
|
1779 nMandatoryFields++; |
|
1780 token.Set(NextToken()); |
|
1781 if (token.CompareF(_L("BIN"))==0) |
|
1782 own_cert->iFormat = BIN_CERT; |
|
1783 else if (token.CompareF(_L("NAME"))==0) |
|
1784 own_cert->iFormat = CA_NAME; |
|
1785 else |
|
1786 err=KSecParserErrOwnCerts; |
|
1787 } |
|
1788 |
|
1789 else if (token.CompareF(_L("DATA:"))==0) //CompareF ignores case |
|
1790 { |
|
1791 nMandatoryFields++; |
|
1792 err = ParseFileName(own_cert->iData); |
|
1793 } |
|
1794 |
|
1795 //Private key part |
|
1796 else if (token.CompareF(_L("PRIVATE_KEY_FORMAT:"))==0) //CompareF ignores case |
|
1797 { |
|
1798 nMandatoryFields++; |
|
1799 token.Set(NextToken()); |
|
1800 if (token.CompareF(_L("PEM"))==0) |
|
1801 priv_key->iFormat = PEM_CERT; |
|
1802 else if (token.CompareF(_L("BIN"))==0) |
|
1803 priv_key->iFormat = BIN_CERT; |
|
1804 else |
|
1805 err=KSecParserErrOwnCerts; |
|
1806 } |
|
1807 |
|
1808 else if (token.CompareF(_L("PRIVATE_KEY_DATA:"))==0) //CompareF ignores case |
|
1809 { |
|
1810 nMandatoryFields++; |
|
1811 err = ParseFileName(priv_key->iData); |
|
1812 } |
|
1813 // new stuff // error codes? |
|
1814 else if (token.CompareF(_L("SUBJECT_DN_SUFFIX:"))==0) //CompareF ignores case |
|
1815 { |
|
1816 nMandatoryFields++; |
|
1817 own_cert->iSubjectDnSuffix = GetRestOfLine(); |
|
1818 // Check if data contains empty attributes |
|
1819 if( KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=,")) || |
|
1820 KErrNotFound != own_cert->iSubjectDnSuffix.FindF(_L("=\"\""))) |
|
1821 { |
|
1822 return KSecParserErrOwnCerts; |
|
1823 } |
|
1824 } |
|
1825 |
|
1826 else if (token.CompareF(_L("IDENTITY_AS_RFC822NAME:"))==0) //CompareF ignores case |
|
1827 { |
|
1828 nMandatoryFields++; |
|
1829 token.Set(NextToken()); |
|
1830 if (token.CompareF(_L("1"))==0) |
|
1831 own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameYes; |
|
1832 else if (token.CompareF(_L("0"))==0) |
|
1833 own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameNo; |
|
1834 else |
|
1835 own_cert->iIdentityAsRfc822Name=EIdentityAsRfc822NameUndefined; |
|
1836 } |
|
1837 else if (token.CompareF(_L("RFC822NAME_FQDN:"))==0) //CompareF ignores case |
|
1838 { |
|
1839 nMandatoryFields++; |
|
1840 own_cert->iRfc822NameFqdn = NextToken(); |
|
1841 } |
|
1842 |
|
1843 else if (token.CompareF(_L("PRIVATE_KEY_LENGTH:"))==0) //CompareF ignores case |
|
1844 { |
|
1845 nMandatoryFields++; |
|
1846 TLex sub_num = NextToken(); |
|
1847 if (sub_num.Val(own_cert->iPrivateKeyLength)!=KErrNone) |
|
1848 err= KSecParserErrOwnCerts; |
|
1849 } |
|
1850 else |
|
1851 { |
|
1852 UnGetToMark(); // current token didn't belong to this section |
|
1853 endOfSection=ETrue; |
|
1854 } |
|
1855 } |
|
1856 if (nMandatoryFields<1) // Some mandatory fields are missing |
|
1857 { |
|
1858 err= KSecParserErrOwnCerts; |
|
1859 } |
|
1860 else |
|
1861 { |
|
1862 own_cert->iOwnCertExists = 1; // Write Own Certs |
|
1863 } |
|
1864 return err; |
|
1865 } |
|
1866 |
|
1867 |
|
1868 TInt TIkeParser::ParsePeerCerts(CIkeData* aConf) |
|
1869 { |
|
1870 ASSERT(aConf); |
|
1871 |
|
1872 TPtrC token(NULL, 0); |
|
1873 |
|
1874 TCertInfo *peer_cert = &aConf->iPeerCert; |
|
1875 token.Set(NextToken()); |
|
1876 if (token.CompareF(_L("FORMAT:"))==0) //CompareF ignores case |
|
1877 { |
|
1878 token.Set(NextToken()); |
|
1879 if (token.CompareF(_L("PEM"))==0) |
|
1880 peer_cert->iFormat = PEM_CERT; |
|
1881 else if (token.CompareF(_L("BIN"))==0) |
|
1882 peer_cert->iFormat = BIN_CERT; |
|
1883 else |
|
1884 return KSecParserErrPreFormat; |
|
1885 } |
|
1886 else |
|
1887 return KSecParserErrPreKey; |
|
1888 |
|
1889 token.Set(NextToken()); |
|
1890 if (token.CompareF(_L("DATA:"))==0) //CompareF ignores case |
|
1891 peer_cert->iData = NextToken(); //Filename or PEM cert |
|
1892 else |
|
1893 return KSecParserErrPreKey; |
|
1894 |
|
1895 return KErrNone; |
|
1896 } |
|
1897 |
|
1898 TBufC<16> TIkeParser::TextMode(const TInt aMode) |
|
1899 { |
|
1900 TBufC<16> ret; |
|
1901 |
|
1902 switch (aMode) |
|
1903 { |
|
1904 case IKE_PARSER_MAIN: |
|
1905 ret=_L("Main"); |
|
1906 break; |
|
1907 case IKE_PARSER_AGGRESSIVE: |
|
1908 ret=_L("Aggressive"); |
|
1909 break; |
|
1910 default: |
|
1911 break; |
|
1912 } |
|
1913 |
|
1914 return ret; |
|
1915 } |
|
1916 |
|
1917 TBufC<16> TIkeParser::TextEncrAlg(const TInt aAlg, const TInt aKeyLth) |
|
1918 { |
|
1919 TBufC<16> ret; |
|
1920 |
|
1921 switch (aAlg) |
|
1922 { |
|
1923 case IKE_PARSER_DES_CBC: |
|
1924 ret=_L("DES-CBC"); |
|
1925 break; |
|
1926 case IKE_PARSER_DES3_CBC: |
|
1927 ret=_L("3DES-CBC"); |
|
1928 break; |
|
1929 case IKE_PARSER_AES_CBC: |
|
1930 if ( aKeyLth == 256 ) |
|
1931 ret=_L("AES256-CBC"); |
|
1932 else if ( aKeyLth == 192 ) |
|
1933 ret=_L("AES192-CBC"); |
|
1934 else ret=_L("AES128-CBC"); |
|
1935 break; |
|
1936 default: |
|
1937 break; |
|
1938 } |
|
1939 |
|
1940 return ret; |
|
1941 } |
|
1942 |
|
1943 TBufC<16> TIkeParser::TextAuthMethod(const TInt aMethod) |
|
1944 { |
|
1945 TBufC<16> ret; |
|
1946 |
|
1947 switch (aMethod) |
|
1948 { |
|
1949 case IKE_PARSER_RSA_SIG: |
|
1950 ret=_L("RSA_SIGNATURES"); |
|
1951 break; |
|
1952 case IKE_PARSER_DSS_SIG: |
|
1953 ret=_L("DSS_SIGNATURES"); |
|
1954 break; |
|
1955 case IKE_PARSER_RSA_ENCR: |
|
1956 ret=_L("RSA_ENCRYPT"); |
|
1957 break; |
|
1958 case IKE_PARSER_RSA_REV_ENCR: |
|
1959 ret=_L("RSA_REV_ENCRYPT"); |
|
1960 break; |
|
1961 case IKE_PARSER_PRE_SHARED: |
|
1962 ret=_L("PRE-SHARED"); |
|
1963 break; |
|
1964 case IKE_PARSER_CRACK: |
|
1965 ret=_L("IKE-CRACK"); |
|
1966 break; |
|
1967 default: |
|
1968 break; |
|
1969 } |
|
1970 |
|
1971 return ret; |
|
1972 } |
|
1973 |
|
1974 TBufC<16> TIkeParser::TextHashAlg(const TInt aAlg) |
|
1975 { |
|
1976 TBufC<16> ret; |
|
1977 |
|
1978 switch (aAlg) |
|
1979 { |
|
1980 case IKE_PARSER_MD5: |
|
1981 ret=_L("MD5"); |
|
1982 break; |
|
1983 case IKE_PARSER_SHA1: |
|
1984 ret=_L("SHA1"); |
|
1985 break; |
|
1986 default: |
|
1987 break; |
|
1988 } |
|
1989 |
|
1990 return ret; |
|
1991 } |
|
1992 |
|
1993 TBufC<16> TIkeParser::TextGroupDesc(const TInt aDesc) |
|
1994 { |
|
1995 TBufC<16> ret; |
|
1996 |
|
1997 switch (aDesc) |
|
1998 { |
|
1999 case IKE_PARSER_MODP_768: |
|
2000 ret=_L("MODP_768"); |
|
2001 break; |
|
2002 case IKE_PARSER_MODP_1024: |
|
2003 ret=_L("MODP_1024"); |
|
2004 break; |
|
2005 case IKE_PARSER_MODP_1536: |
|
2006 ret=_L("MODP_1536"); |
|
2007 break; |
|
2008 case IKE_PARSER_MODP_2048: |
|
2009 ret=_L("MODP_2048"); |
|
2010 break; |
|
2011 default: |
|
2012 break; |
|
2013 } |
|
2014 return ret; |
|
2015 } |
|
2016 |
|
2017 TBufC<16> TIkeParser::TextGroupType(const TInt aType) |
|
2018 { |
|
2019 TBufC<16> ret; |
|
2020 |
|
2021 switch (aType) |
|
2022 { |
|
2023 case IKE_PARSER_DEFAULT: |
|
2024 ret=_L("DEFAULT"); |
|
2025 break; |
|
2026 case IKE_PARSER_MODP: |
|
2027 ret=_L("MODP"); |
|
2028 break; |
|
2029 default: |
|
2030 break; |
|
2031 } |
|
2032 return ret; |
|
2033 } |
|
2034 |
|
2035 TBufC<16> TIkeParser::TextPRF(const TInt aPRF) |
|
2036 { |
|
2037 TBufC<16> ret; |
|
2038 |
|
2039 switch (aPRF) |
|
2040 { |
|
2041 case IKE_PARSER_NONE: |
|
2042 ret=_L("NONE"); |
|
2043 break; |
|
2044 case IKE_PARSER_DES3_CBC_MAC: |
|
2045 ret=_L("3DES-CBC-MAC"); |
|
2046 break; |
|
2047 default: |
|
2048 break; |
|
2049 } |
|
2050 return ret; |
|
2051 } |
|
2052 |
|
2053 TBufC<16> TIkeParser::TextFormat(const TKeyFormat aFormat) |
|
2054 { |
|
2055 TBufC<16> ret; |
|
2056 |
|
2057 switch (aFormat) |
|
2058 { |
|
2059 case HEX_KEY: |
|
2060 ret=_L("HEX_FORMAT"); |
|
2061 break; |
|
2062 case STRING_KEY: |
|
2063 default: |
|
2064 ret=_L("STRING_FORMAT"); |
|
2065 break; |
|
2066 } |
|
2067 return ret; |
|
2068 } |
|
2069 |
|
2070 TBufC<16> TIkeParser::CertFormat(TCertFormat aFormat) |
|
2071 { |
|
2072 TBufC<16> ret; |
|
2073 |
|
2074 switch (aFormat) |
|
2075 { |
|
2076 case PEM_CERT: |
|
2077 ret=_L("PEM"); |
|
2078 break; |
|
2079 case BIN_CERT: |
|
2080 ret=_L("BIN"); |
|
2081 break; |
|
2082 case CA_NAME: |
|
2083 ret=_L("NAME"); |
|
2084 break; |
|
2085 case KEY_ID: |
|
2086 ret=_L("KEYID"); |
|
2087 break; |
|
2088 case APPL_UID: |
|
2089 ret=_L("APPLUID"); |
|
2090 break; |
|
2091 default: |
|
2092 break; |
|
2093 } |
|
2094 |
|
2095 return ret; |
|
2096 } |
|
2097 |
|
2098 TBufC<16> TIkeParser::TextLAMType(const TUint8 aLAMType) |
|
2099 { |
|
2100 TBufC<16> ret; |
|
2101 |
|
2102 switch (aLAMType) |
|
2103 { |
|
2104 case IKE_PARSER_CRACK_PASSWORD: |
|
2105 ret=_L("PASSWORD"); |
|
2106 break; |
|
2107 default: |
|
2108 break; |
|
2109 } |
|
2110 |
|
2111 return ret; |
|
2112 } |
|
2113 |
|
2114 |
|
2115 TPtrC TIkeParser::GetRestOfLine() |
|
2116 { |
|
2117 TChar chr=Get(); |
|
2118 while(chr.IsSpace() && chr!='\n' && chr!='\r') |
|
2119 chr=Get(); |
|
2120 UnGet(); |
|
2121 Mark(); |
|
2122 chr=Get(); // Fix for empty rest of line |
|
2123 while(!Eos() && chr!='\n' && chr!='\r') |
|
2124 chr=Get(); |
|
2125 if (!Eos()) |
|
2126 UnGet(); |
|
2127 return MarkedToken(); |
|
2128 } |
|
2129 |
|
2130 |
|
2131 TInt TIkeParser::ParseFileName(TDes& aFileName) |
|
2132 { |
|
2133 //Get the rest of the line |
|
2134 //Trim trailing white spaces from the file name |
|
2135 TPtrC fileName = GetRestOfLine(); |
|
2136 HBufC* fileNameCopy = fileName.Alloc(); |
|
2137 if (fileNameCopy == NULL) |
|
2138 { |
|
2139 return KErrNoMemory; |
|
2140 } |
|
2141 fileNameCopy->Des().TrimRight(); |
|
2142 fileName.Set(fileName.Left(fileNameCopy->Length())); |
|
2143 delete fileNameCopy; |
|
2144 |
|
2145 aFileName = fileName; |
|
2146 |
|
2147 return KErrNone; |
|
2148 } |
|
2149 |
|
2150 |
|
2151 TBool TSecParser::CheckVersion() |
|
2152 { |
|
2153 TPtrC token(NULL, 0); |
|
2154 TLex version_num; |
|
2155 |
|
2156 token.Set(NextToken()); |
|
2157 if (token.Compare(_L("SECURITY_FILE_VERSION:"))==0) |
|
2158 { |
|
2159 version_num = NextToken(); |
|
2160 if (version_num.Val(iVersion)!=KErrNone) |
|
2161 return EFalse; |
|
2162 if ((iVersion < FIRST_SEC_PARSER_VERSION) || (iVersion > SEC_PARSER_VERSION)) |
|
2163 return EFalse; |
|
2164 } |
|
2165 else |
|
2166 return EFalse; |
|
2167 |
|
2168 return ETrue; |
|
2169 } |
|
2170 |
|
2171 void TSecParser::ParseInfoL(CSecurityPiece* aPiece_data) |
|
2172 { |
|
2173 ASSERT(aPiece_data); |
|
2174 |
|
2175 HBufC* buf = HBufC::NewLC(MAX_INFO_SIZE); |
|
2176 TPtr ptr = buf->Des(); |
|
2177 TChar ch = Get(); |
|
2178 TInt i=0; |
|
2179 |
|
2180 ch = Get(); |
|
2181 while (((ch==' ') || (ch=='\n')) && (!Eos())) |
|
2182 ch = Get(); |
|
2183 while ((ch!='[') && (!Eos()) && i < MAX_INFO_SIZE) |
|
2184 { |
|
2185 ptr.Append(ch); |
|
2186 i++; |
|
2187 ch = Get(); |
|
2188 } |
|
2189 |
|
2190 if (i == MAX_INFO_SIZE) //The rest is ignored |
|
2191 { |
|
2192 ch = Get(); |
|
2193 while ( (ch != '[') && (!Eos()) ) |
|
2194 ch = Get(); |
|
2195 } |
|
2196 |
|
2197 if (ch =='[') |
|
2198 { |
|
2199 UnGet(); // the '[' |
|
2200 if (ptr.Length() > 0) //If empty no \n |
|
2201 ptr.SetLength(ptr.Length() - 1); //eliminates the \n at the end |
|
2202 } |
|
2203 aPiece_data->SetInfoL(ptr); |
|
2204 CleanupStack::PopAndDestroy(buf); |
|
2205 } |
|
2206 |
|
2207 TInt TSecParser::ParseGeneral(CGeneralData *aGeneralData) |
|
2208 { |
|
2209 TInt err; |
|
2210 TInt pos = Remainder().Find(_L("[")); //The segment is until the next tag or Eos() |
|
2211 if (pos!=KErrNotFound) |
|
2212 { |
|
2213 |
|
2214 TPtr gen_ptr((TUint16 *)Remainder().Ptr(),pos, pos); //Until the next section |
|
2215 |
|
2216 TGeneralParser parser(gen_ptr); |
|
2217 err = parser.Parse(aGeneralData); |
|
2218 Assign(Remainder().Mid(pos)); //rest of the text to parse |
|
2219 } |
|
2220 else //No more tags |
|
2221 { |
|
2222 TGeneralParser parser(Remainder()); |
|
2223 err = parser.Parse(aGeneralData); |
|
2224 } |
|
2225 |
|
2226 return (err); |
|
2227 } |
|
2228 |
|
2229 |
|
2230 void TSecParser::NextTag() |
|
2231 { |
|
2232 while (!Eos()) |
|
2233 if (Get() == '[' ) |
|
2234 { |
|
2235 UnGet(); //Next tag found |
|
2236 return; |
|
2237 } |
|
2238 |
|
2239 } |
|
2240 |
|
2241 //Puts the security file data into string format to be saved to disk. |
|
2242 EXPORT_C TInt TSecParser::Write(CSecurityPiece *aPiece_data, HBufC8*& aPolBfr) |
|
2243 { |
|
2244 TInt err; |
|
2245 |
|
2246 err = WriteVersion(aPolBfr); |
|
2247 if (err != KErrNone) |
|
2248 return err; |
|
2249 |
|
2250 err = WriteInfo(aPiece_data, aPolBfr); |
|
2251 if (err != KErrNone) |
|
2252 return err; |
|
2253 |
|
2254 return err = WriteIke(aPiece_data, aPolBfr); |
|
2255 } |
|
2256 |
|
2257 TInt TSecParser::WriteVersion(HBufC8*& aPolBfr) |
|
2258 { |
|
2259 TBuf8<32> buf; |
|
2260 buf.Format(_L8("SECURITY_FILE_VERSION: %d\n"), SEC_PARSER_VERSION); |
|
2261 return TIkeParser::BufferAppend(aPolBfr, buf); |
|
2262 } |
|
2263 |
|
2264 TInt TSecParser::WriteInfo(CSecurityPiece* aPiece_data, HBufC8*& aPolBfr) |
|
2265 { |
|
2266 ASSERT(aPiece_data); |
|
2267 |
|
2268 TInt err; |
|
2269 |
|
2270 TBuf8<MAX_INFO_SIZE> buf = _L8("[INFO]\n"); |
|
2271 err = TIkeParser::BufferAppend(aPolBfr, buf); |
|
2272 if (err != KErrNone) |
|
2273 return err; |
|
2274 |
|
2275 buf.Copy(aPiece_data->Info()->Des()); |
|
2276 err = TIkeParser::BufferAppend(aPolBfr, buf); |
|
2277 if (err != KErrNone) |
|
2278 return err; |
|
2279 return TIkeParser::BufferAppend(aPolBfr, (_L8("\n"))); |
|
2280 } |
|
2281 |
|
2282 TInt TSecParser::WriteIke(CSecurityPiece* aPiece_data, HBufC8*& aPolBfr) |
|
2283 { |
|
2284 ASSERT(aPiece_data); |
|
2285 |
|
2286 TBuf8<6> buf = _L8("[IKE]\n"); |
|
2287 TInt err = TIkeParser::BufferAppend(aPolBfr, buf); |
|
2288 if (err != KErrNone) |
|
2289 return err; |
|
2290 return TIkeParser::Write(aPiece_data->IkeData(), aPolBfr); |
|
2291 } |
|
2292 |
|
2293 |
|
2294 // |
|
2295 //CSecurityPiece |
|
2296 // |
|
2297 |
|
2298 EXPORT_C void CSecurityPiece::ConstructL(TInt aSize) |
|
2299 { |
|
2300 iInfo = HBufC::NewL(aSize); |
|
2301 iIkeData = CIkeData::NewL(); |
|
2302 iGeneralData = new (ELeave) CGeneralData(); |
|
2303 } |
|
2304 |
|
2305 EXPORT_C void CSecurityPiece::SetInfoL(const TDesC &aDes) |
|
2306 { |
|
2307 if (aDes.Length() > iInfo->Des().MaxLength()) |
|
2308 iInfo = iInfo->ReAllocL(aDes.Length()); //ReAllocs if needed |
|
2309 |
|
2310 iInfo->Des().Copy(aDes); |
|
2311 } |
|
2312 |
|
2313 EXPORT_C CSecurityPiece::~CSecurityPiece() |
|
2314 { |
|
2315 delete iInfo; |
|
2316 delete iIkeData; |
|
2317 delete iGeneralData; |
|
2318 } |
|
2319 |
|
2320 |
|
2321 |
|
2322 |
|
2323 EXPORT_C CGeneralData::CGeneralData() |
|
2324 { |
|
2325 } |
|
2326 |
|
2327 EXPORT_C CGeneralData::CGeneralData(CGeneralData* aData) |
|
2328 { |
|
2329 ASSERT(aData); |
|
2330 iDeactivationTimeout = aData->iDeactivationTimeout; |
|
2331 } |
|
2332 |
|
2333 EXPORT_C TGeneralParser::TGeneralParser(const TDesC &aStr) : TLex(aStr) |
|
2334 { |
|
2335 } |
|
2336 |
|
2337 EXPORT_C TInt TGeneralParser::Parse(CGeneralData* aData) |
|
2338 { |
|
2339 ASSERT(aData); |
|
2340 |
|
2341 TLex sub_num; //Used for number conversion |
|
2342 TInt err = KErrNone; |
|
2343 TPtrC token(NULL,0); |
|
2344 while (!Eos() && err==KErrNone) |
|
2345 { |
|
2346 Mark(); |
|
2347 token.Set(NextToken()); |
|
2348 if (token.CompareF(_L("POLICY_AUTO_DEACTIVATION_TIMEOUT:")) == 0) //CompareF ignores case |
|
2349 { |
|
2350 sub_num = NextToken(); |
|
2351 if (sub_num.Val(aData->iDeactivationTimeout)!=KErrNone) |
|
2352 err = KErrGeneral; //change ?? |
|
2353 } |
|
2354 } |
|
2355 return err; |
|
2356 } |
|
2357 |
|
2358 |
|
2359 EXPORT_C TInt TSecParser::ParseGeneralData(CGeneralData* aData) |
|
2360 { |
|
2361 TPtrC token(NULL, 0); |
|
2362 TInt ret; |
|
2363 |
|
2364 if (!CheckVersion()) |
|
2365 return KErrNotSupported; //Invalid file or version |
|
2366 while (!Eos()) |
|
2367 { |
|
2368 token.Set(NextToken()); |
|
2369 if (token.Compare(_L("[GENERAL]"))==0) |
|
2370 { |
|
2371 ret = ParseGeneral(aData); |
|
2372 if (ret !=KErrNone) |
|
2373 return ret; |
|
2374 } |
|
2375 else //Unknown Tag Ignored |
|
2376 NextTag(); |
|
2377 |
|
2378 } |
|
2379 |
|
2380 return KErrNone; |
|
2381 } |
|
2382 |
|
2383 // |
|
2384 // IkeParser |
|
2385 // |
|
2386 EXPORT_C RArray<TUid>* IkeParser::GetApplUidListL( |
|
2387 const TDesC16& aApplUidString) |
|
2388 { |
|
2389 // |
|
2390 // Build application UID array from Application Uid text string |
|
2391 // |
|
2392 RArray<TUid>* applUidList = new (ELeave) RArray<TUid>(1); |
|
2393 CleanupStack::PushL( applUidList ); |
|
2394 TLex ApplUids(aApplUidString); |
|
2395 TUint32 Uid; |
|
2396 TUid ApplUid; |
|
2397 IkeParser::NextHexaDigit(ApplUids); |
|
2398 |
|
2399 while ( !ApplUids.Eos() ) |
|
2400 { |
|
2401 if ( ApplUids.Val(Uid, EHex) != KErrNone ) |
|
2402 { |
|
2403 break; // Error |
|
2404 } |
|
2405 ApplUid.iUid = Uid; |
|
2406 User::LeaveIfError( applUidList->Append(ApplUid) ); |
|
2407 IkeParser::NextHexaDigit(ApplUids); |
|
2408 } |
|
2409 CleanupStack::Pop( applUidList ); |
|
2410 return applUidList; |
|
2411 } |
|
2412 |
|
2413 EXPORT_C HBufC8* IkeParser::TextToHexOctetsL(const TDesC16& aTextString) |
|
2414 { |
|
2415 TInt Lth = (aTextString.Length() + 1)/2; |
|
2416 HBufC8* HexOctets = HBufC8::NewL((Lth | 3) + 1); |
|
2417 if ( DeHex(aTextString.Ptr(), aTextString.Length(), (TUint8*)HexOctets->Ptr()) ) |
|
2418 HexOctets->Des().SetLength(Lth); |
|
2419 |
|
2420 return HexOctets; |
|
2421 } |
|
2422 |
|
2423 EXPORT_C TBool IkeParser::TextToHexOctets(const TDesC16& aTextString, TDes8& aHexOctets) |
|
2424 { |
|
2425 TBool Status; |
|
2426 TInt Lth = ((aTextString.Length() + 1)/2); |
|
2427 if ( aHexOctets.MaxLength() >= Lth ) |
|
2428 { |
|
2429 Status = DeHex(aTextString.Ptr(), aTextString.Length(), (TUint8*)aHexOctets.Ptr()); |
|
2430 if ( !Status ) |
|
2431 Lth = 0; |
|
2432 } |
|
2433 else |
|
2434 { |
|
2435 Status = EFalse; |
|
2436 Lth = 0; |
|
2437 } |
|
2438 aHexOctets.SetLength(Lth); |
|
2439 |
|
2440 return Status; |
|
2441 } |
|
2442 |
|
2443 TBool IkeParser::DeHex(const TUint16* aUcStr, TInt aStrLen, TUint8* aDstBfr) |
|
2444 { |
|
2445 TBool Status = ETrue; |
|
2446 TUint8 d1, d2; |
|
2447 |
|
2448 while ( (aStrLen > 0) && Status ) |
|
2449 { |
|
2450 d1 = (TUint8)(*aUcStr & 0xff); |
|
2451 Status &= HexVal(d1); |
|
2452 aUcStr ++; |
|
2453 if ( aStrLen > 1 ) |
|
2454 { |
|
2455 d2 = (TUint8)(*aUcStr & 0xff); |
|
2456 Status &= HexVal(d2); |
|
2457 } |
|
2458 else d2 = 0; |
|
2459 aUcStr ++; |
|
2460 aStrLen -= 2; |
|
2461 *aDstBfr++ = (TUint8)(d1 * 16 + d2); |
|
2462 } |
|
2463 return Status; |
|
2464 } |
|
2465 |
|
2466 TBool IkeParser::HexVal(TUint8& c) |
|
2467 { |
|
2468 TBool Status = ( c >= 'a' && c <= 'f'); |
|
2469 if ( Status ) |
|
2470 c = (TUint8)(c - 'a' + 10); |
|
2471 else |
|
2472 { |
|
2473 Status = (c >= 'A' && c <= 'F'); |
|
2474 if ( Status ) |
|
2475 c = (TUint8)(c - 'A' + 10); |
|
2476 else |
|
2477 { |
|
2478 Status = (c >= '0' && c <= '9'); |
|
2479 if ( Status ) |
|
2480 c = (TUint8)(c - '0'); |
|
2481 } |
|
2482 } |
|
2483 return Status; |
|
2484 } |
|
2485 |
|
2486 void IkeParser::NextHexaDigit(TLex& aUidString) |
|
2487 { |
|
2488 TChar ch; |
|
2489 |
|
2490 while ( !aUidString.Eos() ) |
|
2491 { |
|
2492 ch = aUidString.Peek(); |
|
2493 if ( ch.IsHexDigit() ) |
|
2494 { |
|
2495 break; |
|
2496 } |
|
2497 aUidString.Inc(); |
|
2498 } |
|
2499 } |