1 /**

     2 * Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:

    15 * IPSec policy parser main module 

    16 *

    17 */

    18 

    19 

    20 

    21 /**

    22  @file ipsecpolparser.h

    23  @released

    24  @internalTechnology

    25 */

    26 

    27 #ifndef __IPSECPOLPARSER_H

    28 #define __IPSECPOLPARSER_H

    29 

    30 //////////////////////////////////////////////////////////////////////////////

    31 // INCLUDE FILES

    32 //////////////////////////////////////////////////////////////////////////////

    33 

    34 #include <f32file.h>

    35 #include <in_sock.h>

    36 

    37 #include "spdb.h"

    38 

    39 //////////////////////////////////////////////////////////////////////////////

    40 // CONSTANTS

    41 //////////////////////////////////////////////////////////////////////////////

    42 

    43 #define FIRST_SEC_PARSER_VERSION    1

    44 #ifdef SYMBIAN_IPSEC_VOIP_SUPPORT

    45 #define SEC_PARSER_VERSION          4

    46 #else

    47 #define SEC_PARSER_VERSION          3

    48 #endif

    49 

    50 #define MAX_EALG_VALUE              255

    51 #define MAX_INFO_SIZE               1024

    52 #define PIECE_AVG_LENGTH            2048

    53 

    54 #define PFKEY_INI_OUTBOUND          8

    55 #define PFKEY_INI_INBOUND           4

    56 #define KErrKeyParser               50

    57 

    58 const TInt KPolicyBufferSizeIncrement = 6000;

    59 

    60 //////////////////////////////////////////////////////////////////////////////

    61 // ENUMERATIONS

    62 //////////////////////////////////////////////////////////////////////////////

    63 

    64 typedef enum

    65 {

    66     token_string,

    67     token_equal,

    68     token_comma,

    69     token_brace_left,

    70     token_brace_right,

    71     token_par_left,

    72     token_par_right,

    73     token_error,

    74     token_eof

    75 }

    76 token_type;

    77 

    78 //////////////////////////////////////////////////////////////////////////////

    79 // FORWARD DECLARATIONS

    80 //////////////////////////////////////////////////////////////////////////////

    81 

    82 class CIpSecurityPiece;

    83 

    84 //////////////////////////////////////////////////////////////////////////////

    85 // CLASS DECLARATIONS

    86 //////////////////////////////////////////////////////////////////////////////

    87 

    88 //////////////////////////////////////////////////////////////////////////////

    89 // class TPolicyParser

    90 //  This parser is utilized by IPsec Policy Manager to convert a given policy

    91 //  from string format into binary object format and vice versa.

    92 //////////////////////////////////////////////////////////////////////////////

    93 //

    94 class TPolicyParser : public TLex

    95     {

    96 public:

    97     IMPORT_C TPolicyParser(const TDesC& aPolicy);

    98 

    99     IMPORT_C TInt ParseL(CIpSecurityPiece* aPieceData);

   100 

   101     IMPORT_C static TInt Write(CSecurityPolicy* aSp,

   102                                HBufC8*& aPolBfr,

   103                                TBool aSortingOrder = EFalse);

   104 

   105     IMPORT_C static TInt BufferAppend(HBufC8*& aPolBfr,

   106                                       const TDesC8& aText);

   107 

   108 private:

   109     static TInt WriteSAs(CSAList* aSAList,

   110                          HBufC8*& aPolBfr);

   111 

   112     static void TextSA(CPolicySpec* aSA, TDes8& aBuf);

   113 

   114     static TInt WriteSelectors(CSelectorList* aSelList,

   115                                HBufC8*& aPolBfr,

   116                                TBool aSortingOrder = EFalse);

   117 

   118     static TInt WriteSelectorsInSortingOrder(CSelectorList* aSelList,

   119             HBufC8*& aPolBfr,

   120             TBool aSortingOrder = ETrue);

   121 

   122     static void TextSel(CPolicySelector* aSel,

   123                         TDes8& aBuf,

   124                         TBool aSortingOrder = EFalse);

   125 

   126     TInt parse_ip_addr_and_maskL(TInetAddr& addr,

   127                                  TInetAddr& mask,

   128                                  HBufC8*& aSelEpName,

   129                                  HBufC8*& aMaskEpName,

   130                                  CSecurityPolicy* aSecPol = NULL);

   131 

   132     TInt parse_sa_spec_listL(TSecpolBundle& aBundle,

   133                              CSecurityPolicy* aSp);

   134 

   135     TInt parse_sa_spec_paramsL(CPolicySpec& aSpec);

   136 

   137     TInt parse_conn2saL(CSecurityPolicy* aSp);

   138 

   139     TInt parse_sa_specL(CSecurityPolicy* aSp);

   140 

   141     TInt parse_ep_specL(CSecurityPolicy* aSp);

   142 

   143     TInt parse_ep_spec_paramsL(CPolicySpec& aSpec);

   144 

   145     token_type NextToken();

   146 

   147     void SkipSpaceAndMark();

   148 

   149     void Error(TRefByValue <const TDesC> aFmt, ...);

   150 

   151 #ifdef  SYMBIAN_IPSEC_VOIP_SUPPORT    

   152     TInt validateProposals(CPropList& aPropList);

   153     CSecurityProposalSpec* CreateProposalL(CPropList& aPropList);

   154 #endif    

   155     

   156 public:

   157 

   158     int iLine;

   159 

   160     TBuf<200> iMsg;

   161 

   162     TPtrC iToken;

   163     };

   164 

   165 //////////////////////////////////////////////////////////////////////////////

   166 // class CKeysData

   167 //  This object contains IPsec key information.

   168 //////////////////////////////////////////////////////////////////////////////

   169 //

   170 class CKeysData : public CBase

   171     {

   172 public:

   173     IMPORT_C CKeysData();

   174     IMPORT_C CKeysData(CKeysData* aKey);

   175 

   176 public:

   177     TUint8 sa_type;

   178     TInt spi;

   179     TUint8 encr_alg;

   180     TUint8 auth_alg;

   181     TInt direction;

   182     TInt lifetime_bytes;

   183     TInt lifetime_sec;

   184     TInetAddr src_addr;

   185     TInetAddr dst_addr;

   186     TUint8 protocol;

   187     TBuf8<256> auth_key;

   188     TBuf8<256> encr_key;

   189     };

   190 

   191 //////////////////////////////////////////////////////////////////////////////

   192 // class CKeysDataArray

   193 //  Container for storing IPsec keys.

   194 //////////////////////////////////////////////////////////////////////////////

   195 //

   196 class CKeysDataArray : public CArrayFixFlat<CKeysData *>

   197     {

   198 public:

   199     IMPORT_C static CKeysDataArray* NewL(TInt aGranularity);

   200     IMPORT_C static CKeysDataArray* NewL(CKeysDataArray* aData);

   201 

   202     IMPORT_C void Construct(TInt aGranularity);

   203 

   204     IMPORT_C void ConstructL(CKeysDataArray* aData);

   205 

   206     IMPORT_C ~CKeysDataArray();

   207 

   208     IMPORT_C void CopyL(CKeysDataArray* aData);

   209 

   210     IMPORT_C void Empty();

   211 

   212 private:

   213 

   214     CKeysDataArray(TInt aGranularity);

   215 

   216     CKeysDataArray(CKeysDataArray* aData);

   217     };

   218 

   219 //////////////////////////////////////////////////////////////////////////////

   220 // class TKeyParser

   221 //  Parses IPsec key information from string format into binary format

   222 //  and vice versa.

   223 //////////////////////////////////////////////////////////////////////////////

   224 //

   225 class TKeyParser : public TLex

   226     {

   227 public:

   228     IMPORT_C TKeyParser(const TDesC& aStr);

   229 

   230     IMPORT_C TInt ParseL(CKeysDataArray* aKeys);

   231 

   232     IMPORT_C static TInt Write(CKeysDataArray* aKeys, RFile& aFile);

   233 

   234 private:

   235     static void TextPFKey(CKeysData* aKey, TDes8& aElem);

   236 

   237     void NextToken();

   238 

   239     TPtrC8 DeHex(const TDesC& aStr);

   240 

   241     int SkipSpaceAndMark();

   242 

   243     static TUint8 HexVal(TUint8 aChar);

   244 

   245     TPtrC iToken;

   246 

   247     // Non-zero, if next token is first in line

   248     TInt iFirst;

   249 

   250     TBuf8<256> iHex;

   251     };

   252 

   253 //////////////////////////////////////////////////////////////////////////////

   254 // class CIpSecurityPiece

   255 //  Contains all IPsec policy information.

   256 //////////////////////////////////////////////////////////////////////////////

   257 //

   258 class CIpSecurityPiece : public CBase

   259     {

   260 public:

   261 

   262     // Factory methods for object creation

   263     IMPORT_C void ConstructL(TInt aSize = 64);

   264     IMPORT_C ~CIpSecurityPiece();

   265 

   266     //

   267     IMPORT_C void SetInfoL(const TDesC& aDes);

   268 

   269     inline HBufC* Info() { return iInfo;}

   270 

   271     inline CSecurityPolicy* Policies() { return iPolicies;}

   272 

   273     inline void SetPolicies(CSecurityPolicy* aPolicy) {iPolicies = aPolicy;}

   274 

   275     inline CKeysDataArray* Keys() { return iKeys;}

   276 

   277     // Buffer for last error text

   278     TBuf<200> iErrorInfo;

   279 

   280 private:

   281 

   282     // Buffer for IPsec policy information text

   283     HBufC* iInfo;

   284 

   285     // IPsec Policy data

   286     CSecurityPolicy* iPolicies;

   287 

   288     // IPsec keys data

   289     CKeysDataArray* iKeys;

   290     };

   291 

   292 //////////////////////////////////////////////////////////////////////////////

   293 // class TIpSecParser

   294 //  Parser for IPsec policies.

   295 //////////////////////////////////////////////////////////////////////////////

   296 //

   297 class TIpSecParser : public TLex

   298     {

   299 public:

   300     IMPORT_C TIpSecParser(const TDesC& aDes);

   301 

   302     IMPORT_C TInt ParseL(CIpSecurityPiece* aPiece_data);

   303 

   304     IMPORT_C static TInt Write(CIpSecurityPiece* aPiece_data,

   305                                HBufC8*& aPolBfr);

   306 

   307     IMPORT_C TInt ParseAndIgnoreIKEL(CIpSecurityPiece* aPiece_data);

   308 

   309 private:

   310     TBool CheckVersion();

   311 

   312     void ParseInfoL(CIpSecurityPiece* aPiece_data);

   313 

   314     TInt ParsePoliciesL(CIpSecurityPiece* aPieceData);

   315 

   316     TInt ParseKeysL(CKeysDataArray* aKeys);

   317 

   318     void NextTag();

   319 

   320     TInt DoParseL(CIpSecurityPiece* aPiece_data, TBool aIncludeIKE);

   321 

   322     static TInt WriteVersion(HBufC8*& aPolBfr);

   323 

   324     static TInt WriteInfo(CIpSecurityPiece* aPiece_data,

   325                           HBufC8*& aPolBfr);

   326 

   327     static TInt WritePolicies(CIpSecurityPiece* aPiece_data,

   328                               HBufC8*& aPolBfr);

   329 

   330     static TInt WriteKeys(CIpSecurityPiece* aPiece_data,

   331                           RFile& aFile);

   332 

   333 private:

   334 

   335     // IPsec policy version info

   336     TInt iVersion;

   337     };

   338 

   339 #endif