|
1 /* |
|
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Negotiation of NAT-Traversal in the IKE |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #ifndef C_IKEV1NATDISCOVERY_H |
|
20 #define C_IKEV1NATDISCOVERY_H |
|
21 |
|
22 #include <e32base.h> |
|
23 |
|
24 class TIkev1IsakmpStream; |
|
25 class CProposal_IIList; |
|
26 class TVendorISAKMP; |
|
27 class TNATDISAKMP; |
|
28 class TNATOaISAKMP; |
|
29 class TInetAddr; |
|
30 |
|
31 // Class CIkev1NatDiscovery implents negotiation of NAT-Traversal. |
|
32 // The current implementation follows IETF <draft-ietf-ipsec-nat-t-ike-03.txt>. |
|
33 class CIkev1NatDiscovery : public CBase |
|
34 { |
|
35 public: |
|
36 CIkev1NatDiscovery(){}; |
|
37 static CIkev1NatDiscovery* NewL(TUint32 aNatFlags); |
|
38 ~CIkev1NatDiscovery() {}; |
|
39 void BuildNatVendorId(TIkev1IsakmpStream &aMsg); |
|
40 void BuildRfcNatVendorId(TIkev1IsakmpStream &aMsg); |
|
41 TBool CheckNatVendorId(const TVendorISAKMP *aVendorPayload); |
|
42 TBool CheckRfcNatVendorId(const TVendorISAKMP *aVendorPayload); |
|
43 void BuildDiscoveryPayloadsL(TIkev1IsakmpStream &aMsg, TUint16 aHashType, |
|
44 TUint8 *aICOOKIE, TUint8 *aRCOOKIE, |
|
45 TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr); |
|
46 TUint32 CheckDiscoveryPayloadsL(const CArrayFixFlat<const TNATDISAKMP *> *aNatDPayloadArray, |
|
47 TUint16 aHashType, TUint8 *aICOOKIE, TUint8 *aRCOOKIE, |
|
48 TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr); |
|
49 |
|
50 void BuildNatOaPayload(TIkev1IsakmpStream &aMsg, TInetAddr &aLocalAddr, CProposal_IIList *aProposalList); |
|
51 TBool GetPeerOriginalAddress(const TNATOaISAKMP *aNatOaPayload, TInetAddr& aRemoteOrigAddr, CProposal_IIList *aProposalList); |
|
52 |
|
53 private: |
|
54 void CalculateAddrPortHashL(TUint16 aHashType, |
|
55 TUint8 *aICOOKIE, TUint8 *aRCOOKIE, |
|
56 TInetAddr &aLocalAddr, TInetAddr &aRemoteAddr); |
|
57 TBool CompareHashData(TUint8 *aHashData, TUint32 aHashLth, TDesC8 &aReferenceHash); |
|
58 |
|
59 |
|
60 TBool iSupport; // ETrue = Both ends supports current draft |
|
61 TBool iRfcSupport; //ETrue = Both ends support current RFC |
|
62 TBuf8<16> iIetfNattVidHash; // NAT-T vendor id string (= md5("draft-ietf-ipsec-nat-t-ike-05") |
|
63 TBuf8<16> iIetfRfcNattVidHash; // NAT-T vendor id string (= md5("RFC 3947") |
|
64 TBool iHashExists; // ETrue = Hash data below has been calculated |
|
65 TBuf8<32> iLocalAddrPortHash; // value of the HASH(CKY-I | CKY-R | Local_IP | Port) |
|
66 TBuf8<32> iRemoteAddrPortHash; // value of the HASH(CKY-I | CKY-R | Remote_IP | Port) |
|
67 |
|
68 }; |
|
69 |
|
70 |
|
71 #endif // C_IKEV1NATDISCOVERY_H |