1 /* |
1 /* |
2 * Copyright (c) 2005-2009 Nokia Corporation and/or its subsidiary(-ies). |
2 * Copyright (c) 2005-2010 Nokia Corporation and/or its subsidiary(-ies). |
3 * All rights reserved. |
3 * All rights reserved. |
4 * This component and the accompanying materials are made available |
4 * This component and the accompanying materials are made available |
5 * under the terms of "Eclipse Public License v1.0" |
5 * under the terms of "Eclipse Public License v1.0" |
6 * which accompanies this distribution, and is available |
6 * which accompanies this distribution, and is available |
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
831 } |
831 } |
832 iDefaultRemoteID = ETrue; //Must be sent but won't be used when updating the SAD |
832 iDefaultRemoteID = ETrue; //Must be sent but won't be used when updating the SAD |
833 } |
833 } |
834 } |
834 } |
835 |
835 |
836 //Only Hard Lifetimes taken into account |
836 SetPhase2LifeDurations( aReq.iProposal.iComb->sadb_comb_soft_addtime, |
837 TInt64 lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_addtime; |
837 aReq.iProposal.iComb->sadb_comb_hard_addtime, |
838 iHardLifetime = aReq.iProposal.iComb->sadb_comb_hard_addtime; |
838 aReq.iProposal.iComb->sadb_comb_soft_bytes, |
839 |
839 aReq.iProposal.iComb->sadb_comb_hard_bytes, |
840 if ( lifetime64 == 0 ) |
840 *attr_II, |
841 { |
841 EFalse ); |
842 lifetime64 = iHardLifetime; |
|
843 } |
|
844 |
|
845 TUint high = 0; |
|
846 TUint low = 0; |
|
847 if (lifetime64!=0) |
|
848 { |
|
849 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
850 if (high > 0) |
|
851 attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high)); |
|
852 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
853 attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low)); |
|
854 } |
|
855 |
|
856 //Bytes lifetime |
|
857 lifetime64 = aReq.iProposal.iComb->sadb_comb_soft_bytes; |
|
858 lifetime64 = (lifetime64/1024); //Bytes to KB |
|
859 if (lifetime64 != 0) |
|
860 { |
|
861 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
862 if (high > 0) |
|
863 attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high)); |
|
864 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
865 attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low)); |
|
866 } |
|
867 |
842 |
868 //Save some pf_key data to use later in PFKEY_UPDATE msg |
843 //Save some pf_key data to use later in PFKEY_UPDATE msg |
869 iAcquireSeq = aReq.iBase.iMsg->sadb_msg_seq; //msg Seq. number |
844 iAcquireSeq = aReq.iBase.iMsg->sadb_msg_seq; //msg Seq. number |
870 iPfkeyAcquirePID = aReq.iBase.iMsg->sadb_msg_pid; //msg PID. |
845 iPfkeyAcquirePID = aReq.iBase.iMsg->sadb_msg_pid; //msg PID. |
871 iAcquirePending = ETrue; |
846 iAcquirePending = ETrue; |
1733 DEBUG_LOG(_L("Remote Identity mismatch with IPsec Policy")); |
1708 DEBUG_LOG(_L("Remote Identity mismatch with IPsec Policy")); |
1734 err = KKmdIkeNoProposalErr; |
1709 err = KKmdIkeNoProposalErr; |
1735 break; |
1710 break; |
1736 } |
1711 } |
1737 |
1712 |
1738 //Only Hard Lifetimes taken into account |
1713 SetPhase2LifeDurations( spec->iSoft.iAddTime, |
1739 TInt64 lifetime64 = spec->iHard.iAddTime; |
1714 spec->iHard.iAddTime, |
1740 TUint high = 0; |
1715 spec->iSoft.iBytes, |
1741 TUint low = 0; |
1716 spec->iHard.iBytes, |
1742 if (lifetime64!=0) |
1717 *attr_II, |
1743 { |
1718 ETrue ); |
1744 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
1719 |
1745 if (high > 0) |
1720 if (iPFS) |
1746 attr_II->iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high)); |
|
1747 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
1748 attr_II->iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low)); |
|
1749 } |
|
1750 |
|
1751 //Bytes lifetime |
|
1752 lifetime64 = spec->iHard.iBytes; |
|
1753 lifetime64 = (lifetime64/1024); //Bytes to KB |
|
1754 if (lifetime64 != 0) |
|
1755 { |
|
1756 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
1757 if (high > 0) |
|
1758 attr_II->iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high)); |
|
1759 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
1760 attr_II->iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low)); |
|
1761 } |
|
1762 if (iPFS) |
|
1763 { |
1721 { |
1764 switch (iHostData->iGroupDesc_II) |
1722 switch (iHostData->iGroupDesc_II) |
1765 { |
1723 { |
1766 case IKE_PARSER_MODP_768: |
1724 case IKE_PARSER_MODP_768: |
1767 attr_II->iGroupDesc = MODP_768; |
1725 attr_II->iGroupDesc = MODP_768; |
4009 break; |
3966 break; |
4010 i ++; |
3967 i ++; |
4011 } |
3968 } |
4012 |
3969 |
4013 TTransModifier *tmodif; |
3970 TTransModifier *tmodif; |
4014 TInt64 own_time, own_bytes, peer_time, peer_bytes; |
3971 TInt64 own_time, own_bytes, peer_time, peer_bytes, responderLifetime_time, responderLifetime_bytes; |
4015 delete iChosenProp_IIList; //Must be erased because can contain data from previous retransmissions |
3972 delete iChosenProp_IIList; //Must be erased because can contain data from previous retransmissions |
4016 iChosenProp_IIList = NULL; |
3973 iChosenProp_IIList = NULL; |
4017 iChosenProp_IIList = new (ELeave) CProposal_IIList(1); |
3974 iChosenProp_IIList = new (ELeave) CProposal_IIList(1); |
4018 while ( i < count ) |
3975 while ( i < count ) |
4019 { |
3976 { |
4035 new_propII->iReplayWindowLength = tmodif->iReplayWindowLength; |
3992 new_propII->iReplayWindowLength = tmodif->iReplayWindowLength; |
4036 |
3993 |
4037 attr_II = prop->iAttrList->At(tmodif->iTransNum); //look for the chosen transform in the prop |
3994 attr_II = prop->iAttrList->At(tmodif->iTransNum); //look for the chosen transform in the prop |
4038 ComputeLifetimes_II(tmodif->iReducedLifeSecs, tmodif->iReducedLifeKBytes, own_time, own_bytes); |
3995 ComputeLifetimes_II(tmodif->iReducedLifeSecs, tmodif->iReducedLifeKBytes, own_time, own_bytes); |
4039 ComputeLifetimes_II(attr_II->iLifeDurationSecs, attr_II->iLifeDurationKBytes, peer_time, peer_bytes); |
3996 ComputeLifetimes_II(attr_II->iLifeDurationSecs, attr_II->iLifeDurationKBytes, peer_time, peer_bytes); |
|
3997 ComputeLifetimes_II(tmodif->iResponderLifetimeSecs, tmodif->iResponderLifetimeKBytes, responderLifetime_time, responderLifetime_bytes); |
4040 |
3998 |
4041 //Only copy the chosen transform |
3999 //Only copy the chosen transform |
4042 new_attr_II = new (ELeave) TChosenAttrib_II(); |
4000 new_attr_II = new (ELeave) TChosenAttrib_II(); |
4043 CleanupStack::PushL(new_attr_II); |
4001 CleanupStack::PushL(new_attr_II); |
4044 new_attr_II->Copy(*attr_II); |
4002 new_attr_II->Copy(*attr_II); |
4055 new_attr_II->iReducedLifeKBytes.Set(tmodif->iReducedLifeKBytes); |
4013 new_attr_II->iReducedLifeKBytes.Set(tmodif->iReducedLifeKBytes); |
4056 DEBUG_LOG1(_L("Lifesize bigger than the one set. Reducing to %d"), own_bytes); |
4014 DEBUG_LOG1(_L("Lifesize bigger than the one set. Reducing to %d"), own_bytes); |
4057 } |
4015 } |
4058 else |
4016 else |
4059 new_attr_II->iReducedLifeKBytes.Set(NULL, 0); |
4017 new_attr_II->iReducedLifeKBytes.Set(NULL, 0); |
4060 |
4018 |
|
4019 if (responderLifetime_time) |
|
4020 { |
|
4021 new_attr_II->iResponderLifetimeSecs = tmodif->iResponderLifetimeSecs; |
|
4022 DEBUG_LOG1(_L("Responder lifetime set to %d"), responderLifetime_time); |
|
4023 } |
|
4024 |
|
4025 if (responderLifetime_bytes) |
|
4026 { |
|
4027 new_attr_II->iResponderLifetimeKBytes = tmodif->iResponderLifetimeKBytes; |
|
4028 DEBUG_LOG1(_L("Responder lifetime in bytes set to %d"), responderLifetime_bytes); |
|
4029 } |
|
4030 |
4061 new_propII->iAttrList->AppendL(new_attr_II); |
4031 new_propII->iAttrList->AppendL(new_attr_II); |
4062 CleanupStack::Pop(); //new_attrII safe |
4032 CleanupStack::Pop(); //new_attrII safe |
4063 |
4033 |
4064 j++; // Next transform modifer |
4034 j++; // Next transform modifer |
4065 i++; // Next proposal |
4035 i++; // Next proposal |
7345 //SKEYID=prf(pre_shared key, Ni_b | Nr_b); |
7315 //SKEYID=prf(pre_shared key, Ni_b | Nr_b); |
7346 //data |
7316 //data |
7347 prf_data->Des().Copy(iNONCE_I.Ptr(),iNONCE_I.Length()); |
7317 prf_data->Des().Copy(iNONCE_I.Ptr(),iNONCE_I.Length()); |
7348 prf_data->Des().Append(iNONCE_R.Ptr(),iNONCE_R.Length()); |
7318 prf_data->Des().Append(iNONCE_R.Ptr(),iNONCE_R.Length()); |
7349 DEBUG_LOG(_L("Pre-shared Key")); |
7319 DEBUG_LOG(_L("Pre-shared Key")); |
7350 #ifdef _UNICODE |
7320 |
7351 HBufC8 *preshared_key_buf = HBufC8::NewLC(iHostData->iPresharedKey.iKey.Length()); |
7321 HBufC8 *preshared_key_buf = GetPskFromPolicyL(); |
7352 preshared_key_buf->Des().Copy(iHostData->iPresharedKey.iKey); |
7322 CleanupStack::PushL(preshared_key_buf); |
7353 TPtrC8 preshared_key_ptr(preshared_key_buf->Des()); |
7323 TPtrC8 preshared_key_ptr(preshared_key_buf->Des()); |
7354 #else |
|
7355 TPtrC8 preshared_key_ptr(iHostData->iPresharedKey.iKey); |
|
7356 #endif |
|
7357 ComputePRFL(iSKEYID, preshared_key_ptr, prf_data->Des()); |
7324 ComputePRFL(iSKEYID, preshared_key_ptr, prf_data->Des()); |
7358 #ifdef _UNICODE |
7325 CleanupStack::PopAndDestroy(preshared_key_buf); |
7359 CleanupStack::PopAndDestroy(); //presharedkey_buf |
|
7360 #endif |
|
7361 } |
7326 } |
7362 break; |
7327 break; |
7363 default://method not implemented |
7328 default://method not implemented |
7364 DEBUG_LOG1(_L("ATTRIBUTES_NOT_SUPPORTED:Auth Method %d not supported "),iChosenProposal_I.iAttrList->iAuthMethod); |
7329 DEBUG_LOG1(_L("ATTRIBUTES_NOT_SUPPORTED:Auth Method %d not supported "),iChosenProposal_I.iAttrList->iAuthMethod); |
7365 SetErrorStatus( KKmdIkeNegotFailed ); |
7330 SetErrorStatus( KKmdIkeNegotFailed ); |
8089 prop = iChosenProp_IIList->At(j); |
8054 prop = iChosenProp_IIList->At(j); |
8090 inboundspi_node = iInboundSPIList->At(j); |
8055 inboundspi_node = iInboundSPIList->At(j); |
8091 attr_II = (TChosenAttrib_II *)prop->iAttrList->At(0); //only 1 transform is chosen no matter how many there are |
8056 attr_II = (TChosenAttrib_II *)prop->iAttrList->At(0); //only 1 transform is chosen no matter how many there are |
8092 |
8057 |
8093 if ((attr_II->iReducedLifeSecs.Length() != 0) || (attr_II->iReducedLifeKBytes.Length() != 0)) //Any lifetime to update |
8058 if ((attr_II->iReducedLifeSecs.Length() != 0) || (attr_II->iReducedLifeKBytes.Length() != 0)) //Any lifetime to update |
8094 aMsg.IsakmpResponderLifetime(prop->iProtocol, inboundspi_node.iSPI, attr_II->iReducedLifeSecs, attr_II->iReducedLifeKBytes); |
8059 aMsg.IsakmpResponderLifetime(prop->iProtocol, |
|
8060 inboundspi_node.iSPI, |
|
8061 attr_II->iResponderLifetimeSecs, |
|
8062 attr_II->iResponderLifetimeKBytes); |
8095 |
8063 |
8096 } |
8064 } |
8097 } |
8065 } |
8098 |
8066 |
8099 |
8067 |
8300 ikev1SAData->iLastMsg = iLastMsg->AllocL(); |
8268 ikev1SAData->iLastMsg = iLastMsg->AllocL(); |
8301 } |
8269 } |
8302 } |
8270 } |
8303 } |
8271 } |
8304 |
8272 |
8305 |
8273 HBufC8* CIkev1Negotiation::GetPskFromPolicyL() |
8306 |
8274 { |
|
8275 ASSERT(iHostData); |
|
8276 // |
|
8277 // Get Preshared Key from IKE policy and return in to caller in |
|
8278 // HBufc8. |
|
8279 // |
|
8280 HBufC8* psk = NULL; |
|
8281 if ( iHostData->iPresharedKey.iFormat == STRING_KEY ) |
|
8282 { |
|
8283 psk = HBufC8::NewL(iHostData->iPresharedKey.iKey.Length()); |
|
8284 psk->Des().Copy(iHostData->iPresharedKey.iKey); |
|
8285 } |
|
8286 else if ( iHostData->iPresharedKey.iFormat == HEX_KEY ) |
|
8287 { |
|
8288 psk = HBufC8::NewL(iHostData->iPresharedKey.iKey.Length() / 2); |
|
8289 |
|
8290 for(TInt i = 0; i < iHostData->iPresharedKey.iKey.Length(); i += 2) |
|
8291 { |
|
8292 TPtrC hexByte(iHostData->iPresharedKey.iKey.Mid(i, 2)); |
|
8293 TLex lex(hexByte); |
|
8294 TUint8 value; |
|
8295 User::LeaveIfError(lex.Val(value, EHex)); |
|
8296 |
|
8297 psk->Des().Append(&value, 1); |
|
8298 } |
|
8299 |
|
8300 } |
|
8301 |
|
8302 return psk; |
|
8303 } |
|
8304 |
|
8305 void CIkev1Negotiation::SetPhase2LifeDurations( const TInt64 aSoftAddTime, |
|
8306 const TInt64 aHardAddTime, |
|
8307 const TInt64 aSoftBytes, |
|
8308 const TInt64 aHardBytes, |
|
8309 TAttrib_II& aAttr_II, |
|
8310 TBool aResponder ) |
|
8311 { |
|
8312 TInt64 lifetime64 = aSoftAddTime; |
|
8313 iHardLifetime = aHardAddTime; |
|
8314 |
|
8315 if ( lifetime64 == 0 || |
|
8316 aResponder ) |
|
8317 { |
|
8318 lifetime64 = iHardLifetime; |
|
8319 } |
|
8320 |
|
8321 TUint high = 0; |
|
8322 TUint low = 0; |
|
8323 if ( lifetime64 != 0 ) |
|
8324 { |
|
8325 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
8326 if (high > 0) |
|
8327 { |
|
8328 aAttr_II.iLifeDurationSecs.Copy((TUint8 *)&high, sizeof(high)); |
|
8329 } |
|
8330 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
8331 aAttr_II.iLifeDurationSecs.Append((TUint8 *)&low, sizeof(low)); |
|
8332 } |
|
8333 |
|
8334 if ( aResponder ) |
|
8335 { |
|
8336 // Set responder lifetime. |
|
8337 lifetime64 = aSoftAddTime; |
|
8338 if ( lifetime64 == 0 ) |
|
8339 { |
|
8340 lifetime64 = iHardLifetime; |
|
8341 } |
|
8342 |
|
8343 if ( lifetime64 != 0 ) |
|
8344 { |
|
8345 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
8346 if (high > 0) |
|
8347 { |
|
8348 aAttr_II.iResponderLifetimeSecs.Copy((TUint8 *)&high, sizeof(high)); |
|
8349 } |
|
8350 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
8351 aAttr_II.iResponderLifetimeSecs.Append((TUint8 *)&low, sizeof(low)); |
|
8352 } |
|
8353 } |
|
8354 |
|
8355 //Bytes lifetime |
|
8356 lifetime64 = aSoftBytes; |
|
8357 |
|
8358 if ( lifetime64 == 0 || |
|
8359 aResponder ) |
|
8360 { |
|
8361 lifetime64 = aHardBytes; |
|
8362 } |
|
8363 |
|
8364 lifetime64 = (lifetime64/1024); //Bytes to KB |
|
8365 if ( lifetime64 != 0 ) |
|
8366 { |
|
8367 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
8368 if (high > 0) |
|
8369 aAttr_II.iLifeDurationKBytes.Copy((TUint8 *)&high, sizeof(high)); |
|
8370 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
8371 aAttr_II.iLifeDurationKBytes.Append((TUint8 *)&low, sizeof(low)); |
|
8372 } |
|
8373 |
|
8374 if ( aResponder ) |
|
8375 { |
|
8376 // Set responder lifetime. |
|
8377 if ( lifetime64 == 0 ) |
|
8378 { |
|
8379 lifetime64 = iHardLifetime; |
|
8380 } |
|
8381 lifetime64 = (lifetime64/1024); //Bytes to KB |
|
8382 |
|
8383 if ( lifetime64 != 0 ) |
|
8384 { |
|
8385 high = ByteOrder::Swap32(I64HIGH(lifetime64)); |
|
8386 if (high > 0) |
|
8387 { |
|
8388 aAttr_II.iResponderLifetimeKBytes.Copy((TUint8 *)&high, sizeof(high)); |
|
8389 } |
|
8390 low = ByteOrder::Swap32(I64LOW(lifetime64)); |
|
8391 aAttr_II.iResponderLifetimeKBytes.Append((TUint8 *)&low, sizeof(low)); |
|
8392 } |
|
8393 } |
|
8394 } |
|
8395 |
|
8396 |