|
1 /* |
|
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Key management daemon extra module. |
|
15 * |
|
16 */ |
|
17 |
|
18 #ifndef IKEV1EXTRA_H |
|
19 #define IKEV1EXTRA_H |
|
20 |
|
21 // |
|
22 // Structures to manage proposal and attribute lists |
|
23 // |
|
24 |
|
25 #include <in_sock.h> |
|
26 #include <e32base.h> |
|
27 #include "ikev1isakmpct.h" |
|
28 |
|
29 //Maximum size of the SPI. 16 is ISAKMP SPI, others SPI are defined by its DOI |
|
30 //but the supported ones have a smaller size (AH=? , ESP=? ) |
|
31 #define MAX_SPI_SIZE ISAKMP_SPI_SIZE |
|
32 #define ISAKMP_SPI_SIZE 16 |
|
33 |
|
34 #define MAX_LIFE_DURATION 16 //up to 2^16 secs. or KBytes |
|
35 #define MAX_PRIME_SIZE 256 //the biggest is Oakley group 2 prime is 256 hex digits |
|
36 #define MAX_GEN_SIZE 2 //the biggest is Oakley group 3 generator is 2 hex digits. (Could be fix size) |
|
37 #define MAX_CURVE_SIZE 6 //the biggest is Oakley group 3 curve B is 6 hex digits. |
|
38 #define MAX_ORDER_SIZE 48 //the biggest is Oakley group 4 order is 48 hex digits. |
|
39 // |
|
40 // Start numbers for Proposal-and Transform payload numbering |
|
41 // |
|
42 #define FIRST_ISAKMP_PROPOSAL 0 |
|
43 #define FIRST_IPSEC_PROPOSAL 0 |
|
44 #define FIRST_ISAKMP_TRANSFORM 0 |
|
45 #define FIRST_IPSEC_TRANSFORM 0 |
|
46 |
|
47 |
|
48 // Attribute comparison errors |
|
49 // Leave -1 free to use KErrNotFound for empty lists |
|
50 const TInt KErrTransformID = -2; //different transform IDs |
|
51 const TInt KErrEncrAlg = -3; //different encr algs. |
|
52 const TInt KErrHashAlg = -4; //different hash algs. |
|
53 const TInt KErrAuthMethod = -5; //different auth. methods. |
|
54 const TInt KErrGroupDesc = -6; |
|
55 const TInt KErrGroupType = -7; |
|
56 const TInt KErrGroupPrime = -8; |
|
57 const TInt KErrGroupGen1 = -9; |
|
58 const TInt KErrGroupGen2 = -10; |
|
59 const TInt KErrGroupCurveA = -11; |
|
60 const TInt KErrGroupCurveB = -12; |
|
61 const TInt KErrPRF = -13; |
|
62 const TInt KErrKeyLength = -14; |
|
63 const TInt KErrFieldSize = -15; |
|
64 const TInt KErrGroupOrder = -16; |
|
65 const TInt KErrLifeTime = -17; |
|
66 const TInt KErrLifeSize = -18; |
|
67 //const TInt KErrTransfNum = -19; |
|
68 const TInt KErrEncMode = -20; |
|
69 const TInt KErrAuthAlg = -21; |
|
70 const TInt KErrKeyRounds = -22; |
|
71 const TInt KErrComprDicSize = -23; |
|
72 const TInt KErrComprPrivAlg = -24; |
|
73 const TInt KErrTransformNum = -25; |
|
74 const TInt KErrPropProtocol = -26; //Proposals have different protocol. |
|
75 const TInt KErrNoTransforms = -27; //Proposal has no transforms |
|
76 const TInt KErrNoRemoteProposals= -28; //Remote Proposals list is empty |
|
77 const TInt KErrNoLocalProposals = -29; //Local Proposals list is empty |
|
78 const TInt KErrPropNumberMismatch= -30; //The proposals lists have fiferent number of AND'd proposals |
|
79 |
|
80 |
|
81 //Global functions |
|
82 TInt Desc8ToTInt64(const TDesC8 &aLifetime, TInt64 &aTime); //Puts the data in the descriptor into a TInt64 |
|
83 TInt PrefixLen(TInetAddr& anAddr); //returns the prefix length of a mask |
|
84 void PrefixMask(TInetAddr &anAddr, TInt aPrefixLen, TInt aFamily); //Creates a addr. mask of aPrefixLen length |
|
85 |
|
86 enum TLifeType {LIFETIME, LIFESIZE, NOLIFE}; |
|
87 //Mantains SA attrib info for Phase I negotiation. Defined by IKE RFC 2409 |
|
88 class TAttrib |
|
89 { |
|
90 public: |
|
91 TAttrib() |
|
92 { |
|
93 iTransformNum=0; |
|
94 iTransformID=0; |
|
95 iEncrAlg=0; |
|
96 iHashAlg=0; |
|
97 iAuthMethod=0; |
|
98 iGroupDesc=0; |
|
99 iGroupType=0; |
|
100 iPRF=0; |
|
101 iKeyLength=0; |
|
102 iFieldSize=0; |
|
103 iXauthUsed=EFalse; |
|
104 iRole=0; |
|
105 |
|
106 iNext=NULL; |
|
107 }; |
|
108 TInt Compare(TAttrib& aAttr, TBool aIsRelaxed); |
|
109 |
|
110 public: |
|
111 TUint8 iTransformNum; //Transform number |
|
112 TUint8 iTransformID; //Transform ID |
|
113 TUint16 iEncrAlg; //OAKLEY encryption function (part of EHAO/EHAS) |
|
114 TUint16 iHashAlg; //OAKLEY hash function (part of EHAO/EHAS) |
|
115 TUint16 iAuthMethod; //OAKLEY authentication function(part of EHAO/EHAS) |
|
116 TUint16 iGroupDesc; //OAKLEY GROUP |
|
117 TUint16 iGroupType; |
|
118 TBuf8<MAX_PRIME_SIZE> iGroupPrime; |
|
119 TBuf8<MAX_GEN_SIZE> iGroupGen1; |
|
120 TBuf8<MAX_GEN_SIZE> iGroupGen2; |
|
121 TBuf8<MAX_CURVE_SIZE> iGroupCurveA; |
|
122 TBuf8<MAX_CURVE_SIZE> iGroupCurveB; |
|
123 //TUint16 iLifeType; //Not needed |
|
124 TBuf8<MAX_LIFE_DURATION> iLifeDurationSecs; |
|
125 TBuf8<MAX_LIFE_DURATION> iLifeDurationKBytes; |
|
126 TUint16 iPRF; |
|
127 TUint16 iKeyLength; |
|
128 TUint16 iFieldSize; |
|
129 TBuf8<MAX_ORDER_SIZE> iGroupOrder; |
|
130 |
|
131 TBool iXauthUsed; // Used for iAuthMethod value modification |
|
132 TInt iRole; // Used for iAuthMethod value modification |
|
133 |
|
134 TAttrib *iNext; |
|
135 |
|
136 }; |
|
137 |
|
138 class TProposal |
|
139 { |
|
140 public: //To ensure correct initialization |
|
141 TProposal() |
|
142 { |
|
143 iProposalNum=0; |
|
144 iProtocol=0; |
|
145 iNumTransforms=0; |
|
146 iAttrList=NULL; |
|
147 } |
|
148 public: |
|
149 TUint8 iProposalNum; |
|
150 TUint8 iProtocol; // Protocol ID in use |
|
151 TBuf8<MAX_SPI_SIZE> iSPI; // SPI in the current exchange. SPI is in network order |
|
152 TUint8 iNumTransforms; |
|
153 |
|
154 TAttrib *iAttrList; //Contains the list of transforms and attribs |
|
155 //Only ONE proposal in Phase I |
|
156 //TProposal *iNext; |
|
157 }; |
|
158 |
|
159 class TTransModifier |
|
160 { |
|
161 public: |
|
162 TTransModifier() : iReducedLifeSecs(NULL,0), iReducedLifeKBytes(NULL,0) {} ; |
|
163 public: |
|
164 TInt iPropNum; //Local proposal number selected |
|
165 TInt iTransNum; //Remote transform number selected |
|
166 TPtrC8 iReducedLifeSecs; //Own lifetime (in case is smaller then received) |
|
167 TPtrC8 iReducedLifeKBytes; //Own lifesize (in case is smaller then received) |
|
168 TUint8 iReplayWindowLength; |
|
169 }; |
|
170 |
|
171 NONSHARABLE_CLASS(CTransModifierList) : public CArrayPtrFlat<TTransModifier> |
|
172 { |
|
173 public: |
|
174 CTransModifierList(TInt aGranularity); |
|
175 ~CTransModifierList(); |
|
176 }; |
|
177 |
|
178 //#define MAX_ALG_DATA 1024 //4 + ?? vendor data |
|
179 #define MAX_ALG_DATA 16 //Feature not supported, size reduced |
|
180 //Mantains SA attrib info for Phase II negotiation. Defined by IPSEC DOI (RFC 2407) |
|
181 class TAttrib_II |
|
182 { |
|
183 public: |
|
184 TAttrib_II(); |
|
185 TInt Compare(TAttrib_II& aAttr, TBool aRelaxed); |
|
186 void Copy(TAttrib_II &aAttr); |
|
187 public: |
|
188 TUint8 iTransformNum; //Transform number |
|
189 TUint8 iTransformID; //Transform ID |
|
190 TBuf8<MAX_LIFE_DURATION> iLifeDurationSecs; |
|
191 //TBool iLifetimeReduced; |
|
192 TBuf8<MAX_LIFE_DURATION> iLifeDurationKBytes; |
|
193 //TBool iLifesizeReduced; |
|
194 TUint16 iGroupDesc; //OAKLEY GROUP |
|
195 TUint16 iEncMode; //Encapsulation Mode |
|
196 TUint16 iAuthAlg; //HMAC |
|
197 TUint16 iKeyLength; |
|
198 TUint16 iKeyRounds; |
|
199 TUint16 iComprDicSize; //Compress Dictionary size |
|
200 TBuf8<MAX_ALG_DATA> iComprPrivAlg; |
|
201 |
|
202 //TAttrib_II *iNext; //to make a list |
|
203 }; |
|
204 |
|
205 class TChosenAttrib_II : public TAttrib_II |
|
206 { |
|
207 public: |
|
208 TChosenAttrib_II() : TAttrib_II(), iReducedLifeSecs(NULL,0), iReducedLifeKBytes(NULL,0) {} ; |
|
209 public: |
|
210 TPtrC8 iReducedLifeSecs; |
|
211 TPtrC8 iReducedLifeKBytes; |
|
212 }; |
|
213 |
|
214 NONSHARABLE_CLASS(CAttrib_IIList) : public CArrayPtrFlat<TAttrib_II> |
|
215 { |
|
216 public: |
|
217 CAttrib_IIList(TInt aGranularity); |
|
218 ~CAttrib_IIList(); |
|
219 }; |
|
220 |
|
221 NONSHARABLE_CLASS(CProposal_II) : public CBase |
|
222 { |
|
223 public: //To ensure correct initialization |
|
224 |
|
225 void ConstructL(TInt aGranularity = 1); |
|
226 ~CProposal_II(); |
|
227 // TInt Match(CProposal_II *aRemoteProp, TBool aRelaxed); |
|
228 TInt Match(CProposal_II *aRemoteProp, TBool aRelaxed, TInt* aLocalNbr); |
|
229 |
|
230 public: |
|
231 TUint8 iProposalNum; |
|
232 TUint8 iProtocol; // Protocol ID in use |
|
233 TUint8 iReplayWindowLength; // replay window size in bits |
|
234 TBuf8<MAX_SPI_SIZE> iSPI; // SPI in the current exchange. SPI is in network order |
|
235 TUint8 iNumTransforms; |
|
236 |
|
237 //TAttrib_II *iAttrList; //Contains the list of transforms and attribs |
|
238 CAttrib_IIList *iAttrList; //Contains the list of transforms and attribs |
|
239 //CProposal_II *iNext; |
|
240 }; |
|
241 |
|
242 |
|
243 NONSHARABLE_CLASS(CProposal_IIList) : public CArrayPtrFlat<CProposal_II> |
|
244 { |
|
245 public: |
|
246 CProposal_IIList(TInt aGranularity); |
|
247 TInt MultiMatchL(CProposal_IIList *aRemoteProp, TBool aRelaxed, CTransModifierList *aTransArray); |
|
248 ~CProposal_IIList(); |
|
249 }; |
|
250 #endif |