MCL/sf/os/security: contentmgmt/cafstreamingsupport/source/ipsec/ipseckeystreamsink.cpp@2f10d260163b (annotated)

43 2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	1	// Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	2	// All rights reserved.
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	3	// This component and the accompanying materials are made available
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	4	// under the terms of the License "Eclipse Public License v1.0"
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	5	// which accompanies this distribution, and is available
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	6	// at the URL "http://www.eclipse.org/legal/epl-v10.html".
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	7	//
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	8	// Initial Contributors:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	9	// Nokia Corporation - initial contribution.
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	10	//
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	11	// Contributors:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	12	//
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	13	// Description:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	14	//
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	15
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	16	#include "ipseckeystreamsink.h"
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	17	#include <caf/streaming/keyassociation.h>
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	18	#include <networking/pfkeyv2.h>
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	19	#include <s32mem.h>
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	20	#include "scaflog.h"
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	21
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	22	using namespace StreamAccess;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	23
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	24	// The last two rules: (inbound = {}, outbound = {}) are catch-all rules - without them, all packets
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	25	// which do not match the policy will get rejected
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	26	_LIT8( KPolicyFormat,
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	27	"SECURITY_FILE_VERSION: 3\r\n[INFO]\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	28	Test CAF IpSec Integration Policy\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	29	[POLICY]\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	30	sa caf_sas = {\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	31	esp\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	32	encrypt_alg %d\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	33	auth_alg %d\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	34	src_specific\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	35	local_port_specific\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	36	remote_port_specific\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	37	}\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	38	inbound local %S 255.255.255.255 local_port %d remote_port %d = { caf_sas() }\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	39	inbound = {}\r\n\
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	40	outbound = {}\r\n" );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	41
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	42	// The number is taken as the maximal recommendation from OMA DRM BCAST standard (section 9.1, IPSec management)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	43	const TUint KDefaultMaxSpiNumber = 3;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	44
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	45	CIpSecKeyStreamSink* CIpSecKeyStreamSink::NewLC(const TInetAddr& aSrcAddr, const TInetAddr& aDstAddr)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	46	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	47	CIpSecKeyStreamSink* self = new (ELeave) CIpSecKeyStreamSink(aSrcAddr, aDstAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	48	CleanupStack::PushL(self);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	49	self->ConstructL();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	50	return self;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	51	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	52
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	53	CIpSecKeyStreamSink::CIpSecKeyStreamSink(const TInetAddr& aSrcAddr, const TInetAddr& aDstAddr) :
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	54	iSourceAddr(aSrcAddr),
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	55	iDestinationAddr(aDstAddr),
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	56	iPolicySet(EFalse),
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	57	iMaxSpiNumber(KDefaultMaxSpiNumber)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	58	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	59	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	60
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	61	CIpSecKeyStreamSink::~CIpSecKeyStreamSink()
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	62	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	63	// Remove all SA-s
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	64	TInt submittedSaCount = iSubmittedSpiList.Count();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	65	for (TInt i = 0; i < submittedSaCount; ++i)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	66	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	67	TRAP_IGNORE(RemoveSaL(iSubmittedSpiList[i]));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	68	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	69
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	70	if (iPolicySet)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	71	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	72	TRequestStatus status;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	73	iPolicyServer.UnloadPolicy( iPolicyHandle(), status );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	74	User::WaitForRequest(status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	75	// Impossible to handle the error well in destructor - ignore the status code
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	76	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	77
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	78	iSADB.Close();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	79	iSocketServ.Close();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	80
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	81	iPolicyServer.Close();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	82	iSubmittedSpiList.Close();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	83	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	84
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	85	void CIpSecKeyStreamSink::ConstructL()
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	86	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	87	DEBUG_PRINTF(_L("Constructing an IPSec key stream sink."));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	88	User::LeaveIfError(iSocketServ.Connect());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	89	User::LeaveIfError(iSADB.Open(iSocketServ));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	90	User::LeaveIfError(iPolicyServer.Connect());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	91	DEBUG_PRINTF(_L("Constructed an IPSec key stream sink."));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	92	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	93
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	94	CKeyStreamSink* CIpSecKeyStreamSink::CloneLC() const
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	95	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	96	CIpSecKeyStreamSink *ret = CIpSecKeyStreamSink::NewLC(iSourceAddr, iDestinationAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	97	ret->iEncAlg = this->iEncAlg;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	98	ret->iAuthAlg = this->iAuthAlg;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	99	return ret;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	100	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	101
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	102	static TUint32 ConvertToNetworkOrder(TUint32 aNum)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	103	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	104	const TInt KMaxTUint32CStringLen = 11;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	105	TUint8 temp[ KMaxTUint32CStringLen ];
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	106	LittleEndian::Put32( temp, aNum );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	107	return BigEndian::Get32( temp );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	108	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	109
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	110	TBool CIpSecKeyStreamSink::CompareReceivedMessageExtensionsL(TPfkeyRecvMsg &aReceivedReply, TUint32 aSpi) const
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	111	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	112	TBool spiVerified(EFalse), destAddrVerified(EFalse);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	113
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	114	TPfkeyAnyExt ext;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	115
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	116	// We verify that both the SPI matches and the destination address matches - this should exclude
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	117	// replies to unrelated messages
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	118	while ( !spiVerified \|\| !destAddrVerified )
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	119	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	120	// Both extensions should be found in the reply
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	121	User::LeaveIfError(aReceivedReply.NextExtension(ext));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	122	TInt extType = ext.ExtType();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	123	if ( extType == SADB_EXT_ADDRESS_DST )
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	124	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	125	const TInetAddr* addr = reinterpret_cast<const TInetAddr *>(ext.Ptr() + sizeof(struct sadb_address));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	126	if (*addr == iDestinationAddr)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	127	destAddrVerified = ETrue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	128	else
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	129	return EFalse;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	130	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	131	else if (extType == SADB_EXT_SA)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	132	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	133	const sadb_sa* saExt = reinterpret_cast<const sadb_sa *>(ext.Ptr());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	134	if (saExt->sadb_sa_spi == aSpi)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	135	spiVerified = ETrue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	136	else
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	137	return EFalse;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	138	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	139	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	140	return ETrue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	141	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	142
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	143	void CIpSecKeyStreamSink::SynchronousSendAndVerifyMessageL(TPfkeySendMsg& aMessage, TInt aMessageType, TUint32 aSpi)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	144	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	145	// Wait for the message to be sent
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	146	TRequestStatus status;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	147	iSADB.FinalizeAndSend(aMessage, status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	148	User::WaitForRequest(status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	149	User::LeaveIfError(status.Int());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	150
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	151	// Receive a reply - since SADB sends replies to _all_ sockets, we need to filter out replies
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	152	// which do not correspond to our own request
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	153	for(;;)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	154	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	155	TPfkeyRecvMsg receivedReply;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	156	iSADB.ReadRequest(receivedReply, status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	157	User::WaitForRequest(status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	158	User::LeaveIfError(status.Int());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	159
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	160	// Verify that the message is a reply to the one sent by us
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	161	sadb_msg &msgHeader = receivedReply.MsgHdr();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	162	if (msgHeader.sadb_msg_pid != RProcess().Id())
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	163	continue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	164	if (msgHeader.sadb_msg_seq != iSequenceNumber)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	165	continue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	166	// Do additional validation by checking whether the destination address and the SPI are the same as ours
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	167	TBool isResponseToRequest(ETrue);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	168	switch (aMessageType)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	169	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	170	case SADB_ADD:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	171	case SADB_DELETE:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	172	isResponseToRequest = CompareReceivedMessageExtensionsL(receivedReply, aSpi);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	173	break;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	174	default:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	175	ASSERT(0); // Unexpected state
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	176	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	177	if (!isResponseToRequest)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	178	continue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	179	// If the message types does not match, then the problem is internal in IPSec - it should not answer with a different message type
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	180	if (msgHeader.sadb_msg_type != aMessageType)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	181	User::Leave(KErrArgument);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	182	if (msgHeader.sadb_msg_errno != 0)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	183	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	184	// Mimic the logic in IPSec error handling (see the Update function in key_msg.cpp)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	185	TUint16 reservedField = (TUint16)msgHeader.sadb_msg_reserved << 8;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	186	TUint16 errnoField = msgHeader.sadb_msg_errno;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	187	User::Leave(-(reservedField + errnoField));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	188	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	189	break;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	190	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	191	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	192
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	193	void CIpSecKeyStreamSink::AddAssociationL(TPfkeySendMsg& aMessage, TUint32 aSpi)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	194	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	195	SynchronousSendAndVerifyMessageL(aMessage, SADB_ADD, aSpi);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	196
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	197	// Take care to delete old SA-s, if needed
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	198	iSubmittedSpiList.AppendL(aSpi);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	199	if (iSubmittedSpiList.Count() > iMaxSpiNumber)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	200	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	201	RemoveSaL(iSubmittedSpiList[0]);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	202	iSubmittedSpiList.Remove(0);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	203	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	204	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	205
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	206	void CIpSecKeyStreamSink::ProcessNewKeyAssociationL(const CKeyAssociation& aKeyAssociation)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	207	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	208	if (!iPolicySet)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	209	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	210	SetPolicyL();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	211	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	212	// No official RTTI support, using static_cast - no validation that it is indeed an IPSec association
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	213	const CIpSecKeyAssociation* ipsecKeyAssociation = static_cast<const CIpSecKeyAssociation *>(&aKeyAssociation);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	214
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	215	DEBUG_PRINTF2(_L("IPSec key stream sink - processing new association with SPI %d."), ipsecKeyAssociation->GetSpiL());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	216
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	217	// We use ESP, since there is very low probability that AH will be used - it does not provide confidentiality
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	218	TPfkeySendMsg sendMessage(SADB_ADD, SADB_SATYPE_ESP, ++iSequenceNumber, RProcess().Id());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	219	TUint32 bigEndianSpi(ConvertToNetworkOrder(ipsecKeyAssociation->GetSpiL()));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	220	sendMessage.Add( Int2Type<SADB_EXT_SA>(), bigEndianSpi, iAuthAlg, iEncAlg);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	221	const HBufC8 *encryptionKey(ipsecKeyAssociation->GetEncryptionKeyL());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	222	if(!encryptionKey)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	223	User::Leave(KErrArgument);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	224
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	225	sendMessage.Add( Int2Type<SADB_EXT_KEY_ENCRYPT>(), encryptionKey, encryptionKey->Length() 8);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	226	if (iAuthAlg) // Authentication is optional - use it only if algorithm has been set
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	227	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	228	const HBufC8 *authenticationKey(ipsecKeyAssociation->GetAuthenticationKeyL());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	229	if (!authenticationKey)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	230	User::Leave(KErrArgument);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	231	sendMessage.Add( Int2Type<SADB_EXT_KEY_AUTH>(), authenticationKey, authenticationKey->Length() 8);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	232	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	233	sendMessage.Add( Int2Type<SADB_EXT_ADDRESS_SRC>(), iSourceAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	234	sendMessage.Add( Int2Type<SADB_EXT_ADDRESS_DST>(), iDestinationAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	235
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	236	TRAPD(err, AddAssociationL(sendMessage, bigEndianSpi));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	237	// If something went wrong, try to remove the SA, to keep the SADB in consistent state.
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	238	// We only do our best effort, since the error might be global to the device, or it may have occured before we've added the SA
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	239	if (err != KErrNone)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	240	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	241	TRAP_IGNORE(RemoveSaL(bigEndianSpi));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	242	TInt submittedSpiCount = iSubmittedSpiList.Count();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	243	if (submittedSpiCount > 0 && iSubmittedSpiList[submittedSpiCount - 1] == bigEndianSpi)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	244	iSubmittedSpiList.Remove(submittedSpiCount - 1);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	245
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	246	User::Leave(err);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	247	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	248	DEBUG_PRINTF2(_L("IPSec key stream sink - processed new association with SPI %d."), ipsecKeyAssociation->GetSpiL());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	249	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	250
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	251	void CIpSecKeyStreamSink::RemoveSaL(TUint32 aSpi)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	252	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	253	TPfkeySendMsg sendMessage(SADB_DELETE, SADB_SATYPE_ESP, ++iSequenceNumber, RProcess().Id());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	254	sendMessage.Add( Int2Type<SADB_EXT_SA>(), aSpi, iAuthAlg, iEncAlg);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	255	sendMessage.Add( Int2Type<SADB_EXT_ADDRESS_DST>(), iDestinationAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	256	SynchronousSendAndVerifyMessageL(sendMessage, SADB_DELETE, aSpi);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	257	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	258
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	259	void CIpSecKeyStreamSink::VerifyAssociationsNotSentL() const
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	260	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	261	if (iSubmittedSpiList.Count())
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	262	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	263	User::Leave(KErrNotSupported); // It is forbidden to change the algorithm once associations have been processed
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	264	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	265	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	266
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	267	const TUint32 SADB_AALG_AESCBC = 12; // temporarily here until IPSec supports AES constants
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	268
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	269	void CIpSecKeyStreamSink::SetEncryptionAlgorithmL(const TEncryptionAlgorithm& aEncryptionAlgorithm)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	270	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	271	VerifyAssociationsNotSentL();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	272	switch (aEncryptionAlgorithm)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	273	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	274	case EAES_128_CBC: iEncAlg = SADB_AALG_AESCBC; break;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	275	case ENoEncryption:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	276	case EAES_128_CTR:
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	277	default: User::Leave(KErrNotSupported);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	278	};
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	279	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	280
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	281	void CIpSecKeyStreamSink::SetAuthenticationAlgorithmL(const TAuthenticationAlgorithm& aAuthenticationAlgorithm)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	282	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	283	VerifyAssociationsNotSentL();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	284	switch (aAuthenticationAlgorithm)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	285	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	286	case EHMAC_SHA1: iAuthAlg = SADB_AALG_SHA1HMAC; break;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	287	case ENoAuthentication: iAuthAlg = 0; break;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	288	default: User::Leave(KErrNotSupported);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	289	};
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	290	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	291
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	292	const TUint KInet6AddrMaxBufferSize = 40;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	293
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	294	void CIpSecKeyStreamSink::SetPolicyL()
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	295	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	296	DEBUG_PRINTF(_L("IPSec key stream sink - setting policy."));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	297	ASSERT(!iPolicySet);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	298
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	299	TBuf<KInet6AddrMaxBufferSize> destAddrStr;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	300	iDestinationAddr.Output(destAddrStr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	301
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	302	// Convert 16-bit to 8-bit. For some strange reason, the string for IP address is returned in 16-bit.
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	303	TBuf8<KInet6AddrMaxBufferSize> destAddrStr8bit;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	304	destAddrStr8bit.Copy(destAddrStr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	305
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	306	HBufC8 *policyData = HBufC8::NewLC( KPolicyFormat().Length() + 256); // Allow size for port and IP spec.
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	307	TPtr8 policyDataPtr(policyData->Des());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	308	policyDataPtr.AppendFormat(KPolicyFormat, iEncAlg, iAuthAlg, &destAddrStr8bit, iDestinationAddr.Port(),
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	309	iSourceAddr.Port());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	310
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	311	// Load the server-side policy to protect all packets to a specific port
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	312	TRequestStatus status;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	313	iPolicyServer.LoadPolicy( *policyData, iPolicyHandle, status );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	314	User::WaitForRequest(status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	315	User::LeaveIfError(status.Int());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	316
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	317	iPolicyServer.ActivatePolicy( iPolicyHandle(), status );
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	318	User::WaitForRequest(status);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	319	User::LeaveIfError(status.Int());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	320
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	321	CleanupStack::PopAndDestroy(policyData);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	322	iPolicySet = ETrue;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	323	DEBUG_PRINTF(_L("IPSec key stream sink - policy set."));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	324	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	325
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	326	static void ReadIpAddrFromStreamL(RReadStream& aStream, TInetAddr& addr)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	327	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	328	TBuf<KInet6AddrMaxBufferSize> addrStr;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	329	TUint8 addrStrLen = aStream.ReadUint8L();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	330	aStream.ReadL(addrStr, addrStrLen);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	331	User::LeaveIfError(addr.Input(addrStr));
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	332	TInt port = aStream.ReadInt32L();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	333	addr.SetPort(port);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	334	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	335
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	336	static void WriteIpAddrToStreamL(RWriteStream& aStream, const TInetAddr& addr)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	337	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	338	TBuf<KInet6AddrMaxBufferSize> addrStr;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	339	addr.Output(addrStr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	340	aStream.WriteUint8L(addrStr.Length());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	341	aStream.WriteL(addrStr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	342	aStream.WriteInt32L(addr.Port());
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	343	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	344
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	345	void CIpSecKeyStreamSink::DoExternalizeL(RWriteStream& aStream) const
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	346	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	347	aStream.WriteUint16L(CKeyStreamSink::EIpSecSinkId);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	348	WriteIpAddrToStreamL(aStream, iDestinationAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	349	WriteIpAddrToStreamL(aStream, iSourceAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	350	aStream.WriteUint16L(iEncAlg);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	351	aStream.WriteUint16L(iAuthAlg);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	352	}
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	353
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	354	CIpSecKeyStreamSink* CIpSecKeyStreamSink::NewLC(RReadStream& aReadStream)
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	355	{
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	356	TInetAddr destAddr;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	357	ReadIpAddrFromStreamL(aReadStream, destAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	358	TInetAddr srcAddr;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	359	ReadIpAddrFromStreamL(aReadStream, srcAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	360	CIpSecKeyStreamSink* self = new (ELeave) CIpSecKeyStreamSink(srcAddr, destAddr);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	361	CleanupStack::PushL(self);
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	362	self->ConstructL();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	363	self->iEncAlg = aReadStream.ReadUint16L();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	364	self->iAuthAlg = aReadStream.ReadUint16L();
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	365	return self;
2f10d260163b Revision: 201010 Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com> parents: diff changeset	366	}

author	Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
	Mon, 15 Mar 2010 12:46:43 +0200
branch	RCL_3
changeset 43	2f10d260163b
permissions	-rw-r--r--