aboutsummaryrefslogtreecommitdiffstats
path: root/src/libsimaka/simaka_message.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libsimaka/simaka_message.c')
-rw-r--r--src/libsimaka/simaka_message.c71
1 files changed, 49 insertions, 22 deletions
diff --git a/src/libsimaka/simaka_message.c b/src/libsimaka/simaka_message.c
index 3a8f4beaf..adef5a9a0 100644
--- a/src/libsimaka/simaka_message.c
+++ b/src/libsimaka/simaka_message.c
@@ -15,6 +15,11 @@
#include "simaka_message.h"
+#include "simaka_manager.h"
+
+#include <debug.h>
+#include <utils/linked_list.h>
+
typedef struct private_simaka_message_t private_simaka_message_t;
typedef struct hdr_t hdr_t;
typedef struct attr_hdr_t attr_hdr_t;
@@ -136,7 +141,7 @@ bool simaka_attribute_skippable(simaka_attribute_t attribute)
{
bool skippable = !(attribute >= 0 && attribute <= 127);
- DBG1(DBG_IKE, "%sskippable EAP-SIM/AKA attribute %N",
+ DBG1(DBG_LIB, "%sskippable EAP-SIM/AKA attribute %N",
skippable ? "ignoring " : "found non-",
simaka_attribute_names, attribute);
return skippable;
@@ -269,7 +274,7 @@ static void add_attribute(private_simaka_message_t *this,
*/
static bool not_encrypted(simaka_attribute_t type)
{
- DBG1(DBG_IKE, "received unencrypted %N", simaka_attribute_names, type);
+ DBG1(DBG_LIB, "received unencrypted %N", simaka_attribute_names, type);
return FALSE;
}
@@ -278,11 +283,33 @@ static bool not_encrypted(simaka_attribute_t type)
*/
static bool invalid_length(simaka_attribute_t type)
{
- DBG1(DBG_IKE, "invalid length of %N", simaka_attribute_names, type);
+ DBG1(DBG_LIB, "invalid length of %N", simaka_attribute_names, type);
return FALSE;
}
/**
+ * Call SIM/AKA message hooks
+ */
+static void call_hook(private_simaka_message_t *this,
+ bool inbound, bool decrypted)
+{
+ simaka_manager_t *mgr;
+
+ switch (this->hdr->type)
+ {
+ case EAP_SIM:
+ mgr = lib->get(lib, "sim-manager");
+ break;
+ case EAP_AKA:
+ mgr = lib->get(lib, "aka-manager");
+ break;
+ default:
+ return;
+ }
+ mgr->message_hook(mgr, &this->public, inbound, decrypted);
+}
+
+/**
* Parse attributes from a chunk of data
*/
static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
@@ -294,7 +321,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
if (in.len < sizeof(attr_hdr_t))
{
- DBG1(DBG_IKE, "found short %N attribute header",
+ DBG1(DBG_LIB, "found short %N attribute header",
eap_type_names, this->hdr->type);
return FALSE;
}
@@ -450,7 +477,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
}
else if (!this->encrypted)
{
- DBG1(DBG_IKE, "found P-bit 0 notify in unencrypted message");
+ DBG1(DBG_LIB, "found P-bit 0 notify in unencrypted message");
return FALSE;
}
/* FALL */
@@ -460,7 +487,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in)
}
}
- charon->sim->message_hook(charon->sim, &this->public, TRUE, this->encrypted);
+ call_hook(this, TRUE, this->encrypted);
return TRUE;
}
@@ -481,7 +508,7 @@ static bool decrypt(private_simaka_message_t *this)
}
if (this->encr.len % crypter->get_block_size(crypter))
{
- DBG1(DBG_IKE, "%N ENCR_DATA not a multiple of block size",
+ DBG1(DBG_LIB, "%N ENCR_DATA not a multiple of block size",
eap_type_names, this->hdr->type);
return FALSE;
}
@@ -543,7 +570,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
{
if (!this->mac.ptr || !signer)
{ /* require MAC, but not found */
- DBG1(DBG_IKE, "%N message requires a MAC, but none found",
+ DBG1(DBG_LIB, "%N message requires a MAC, but none found",
simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -558,7 +585,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
if (!this->mac.ptr || !signer)
{
- DBG1(DBG_IKE, "%N message has a phase 0 notify, but "
+ DBG1(DBG_LIB, "%N message has a phase 0 notify, but "
"no MAC found", simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -566,7 +593,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
default:
/* unknown message? */
- DBG1(DBG_IKE, "signature rule for %N messages missing",
+ DBG1(DBG_LIB, "signature rule for %N messages missing",
simaka_subtype_names, this->hdr->subtype);
return FALSE;
}
@@ -582,7 +609,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
}
if (!signer->verify_signature(signer, data, backup))
{
- DBG1(DBG_IKE, "%N MAC verification failed",
+ DBG1(DBG_LIB, "%N MAC verification failed",
eap_type_names, this->hdr->type);
return FALSE;
}
@@ -592,7 +619,7 @@ static bool verify(private_simaka_message_t *this, chunk_t sigdata)
/**
* Implementation of simaka_message_t.generate
*/
-static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
+static chunk_t generate(private_simaka_message_t *this, chunk_t sigdata)
{
/* buffers large enough for messages we generate */
char out_buf[1024], encr_buf[512];
@@ -603,7 +630,7 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
u_int16_t len;
signer_t *signer;
- charon->sim->message_hook(charon->sim, &this->public, FALSE, TRUE);
+ call_hook(this, FALSE, TRUE);
out = chunk_create(out_buf, sizeof(out_buf));
encr = chunk_create(encr_buf, sizeof(encr_buf));
@@ -723,7 +750,7 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
}
default:
{
- DBG1(DBG_IKE, "no rule to encode %N, skipped",
+ DBG1(DBG_LIB, "no rule to encode %N, skipped",
simaka_attribute_names, type);
break;
}
@@ -817,9 +844,9 @@ static eap_payload_t* generate(private_simaka_message_t *this, chunk_t sigdata)
signer->get_signature(signer, data, mac.ptr);
}
- charon->sim->message_hook(charon->sim, &this->public, FALSE, FALSE);
+ call_hook(this, FALSE, FALSE);
- return eap_payload_create_data(out);
+ return chunk_clone(out);
}
/**
@@ -843,18 +870,18 @@ static simaka_message_t *simaka_message_create_data(chunk_t data,
if (data.len < sizeof(hdr_t) || hdr->length != htons(data.len))
{
- DBG1(DBG_IKE, "EAP-SIM/AKA header has invalid length");
+ DBG1(DBG_LIB, "EAP-SIM/AKA header has invalid length");
return NULL;
}
if (hdr->code != EAP_REQUEST && hdr->code != EAP_RESPONSE)
{
- DBG1(DBG_IKE, "invalid EAP code in EAP-SIM/AKA message",
+ DBG1(DBG_LIB, "invalid EAP code in EAP-SIM/AKA message",
eap_type_names, hdr->type);
return NULL;
}
if (hdr->type != EAP_SIM && hdr->type != EAP_AKA)
{
- DBG1(DBG_IKE, "invalid EAP type in EAP-SIM/AKA message",
+ DBG1(DBG_LIB, "invalid EAP type in EAP-SIM/AKA message",
eap_type_names, hdr->type);
return NULL;
}
@@ -869,7 +896,7 @@ static simaka_message_t *simaka_message_create_data(chunk_t data,
this->public.add_attribute = (void(*)(simaka_message_t*, simaka_attribute_t type, chunk_t data))add_attribute;
this->public.parse = (bool(*)(simaka_message_t*))parse;
this->public.verify = (bool(*)(simaka_message_t*, chunk_t sigdata))verify;
- this->public.generate = (eap_payload_t*(*)(simaka_message_t*, chunk_t sigdata))generate;
+ this->public.generate = (chunk_t(*)(simaka_message_t*, chunk_t sigdata))generate;
this->public.destroy = (void(*)(simaka_message_t*))destroy;
this->attributes = linked_list_create();
@@ -888,10 +915,10 @@ static simaka_message_t *simaka_message_create_data(chunk_t data,
/**
* See header.
*/
-simaka_message_t *simaka_message_create_from_payload(eap_payload_t *payload,
+simaka_message_t *simaka_message_create_from_payload(chunk_t data,
simaka_crypto_t *crypto)
{
- return simaka_message_create_data(payload->get_data(payload), crypto);
+ return simaka_message_create_data(data, crypto);
}
/**
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 10:14:20 +0000