From 1bf2971ff2d63f1f1c4d59d1091b8a1b11b0ef62 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Wed, 16 Nov 2011 13:46:54 +0100
Subject: Implemented limited payload parsing for IKEv1 SA payloads

---
 .../encoding/payloads/transform_attribute.h        | 61 ++++++++++++++++++----
 1 file changed, 51 insertions(+), 10 deletions(-)

(limited to 'src/libcharon/encoding/payloads/transform_attribute.h')

diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index a5fe0154b..21bde46b8 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -28,26 +28,66 @@ typedef struct transform_attribute_t transform_attribute_t;
 #include <library.h>
 #include <encoding/payloads/payload.h>
 
-
 /**
- * Type of the attribute, as in IKEv2 RFC 3.3.5.
+ * Type of the attribute.
  */
 enum transform_attribute_type_t {
-	ATTRIBUTE_UNDEFINED = 16384,
-	KEY_LENGTH = 14
+	/** IKEv1 Phase 1 attributes */
+	TATTR_PH1_ENCRYPTION_ALGORITHM = 1,
+	TATTR_PH1_HASH_ALGORITHM = 2,
+	TATTR_PH1_AUTH_METHOD = 3,
+	TATTR_PH1_GROUP = 4,
+	TATTR_PH1_GROUP_TYPE = 5,
+	TATTR_PH1_GROUP_PRIME = 6,
+	TATTR_PH1_GROUP_GENONE = 7,
+	TATTR_PH1_GROUP_GENTWO = 8,
+	TATTR_PH1_GROUP_CURVE_A = 9,
+	TATTR_PH1_GROUP_CURVE_B = 10,
+	TATTR_PH1_LIFE_TYPE = 11,
+	TATTR_PH1_LIFE_DURATION = 12,
+	TATTR_PH1_PRF = 13,
+	TATTR_PH1_KEY_LENGTH = 14,
+	TATTR_PH1_FIELD_SIZE = 15,
+	TATTR_PH1_GROUP_ORDER = 16,
+	/** IKEv1 Phase 2 attributes */
+	TATTR_PH2_SA_LIFE_TYPE = 1,
+	TATTR_PH2_SA_LIFE_DURATION = 2,
+	TATTR_PH2_GROUP = 3,
+	TATTR_PH2_ENCAP_MODE = 4,
+	TATTR_PH2_AUTH_ALGORITHM = 5,
+	TATTR_PH2_KEY_LENGTH = 6,
+	TATTR_PH2_KEY_ROUNDS = 7,
+	TATTR_PH2_COMP_DICT_SIZE = 8,
+	TATTR_PH2_COMP_PRIV_ALGORITHM = 9,
+	TATTR_PH2_ECN_TUNNEL = 10,
+	TATTR_PH2_EXT_SEQ_NUMBER = 11,
+	/* IKEv2 key length attribute */
+	TATTR_IKEV2_KEY_LENGTH = 14,
+	/* undefined, private use attribute */
+	TATTR_UNDEFINED = 16384,
 };
 
 /**
- * enum name for transform_attribute_type_t.
+ * Enum names for IKEv1 Phase 1 transform_attribute_type_t.
  */
-extern enum_name_t *transform_attribute_type_names;
+extern enum_name_t *tattr_ph1_names;
 
 /**
- * Class representing an IKEv2- TRANSFORM Attribute.
- *
- * The TRANSFORM ATTRIBUTE format is described in RFC section 3.3.5.
+ * Enum names for IKEv1 Phase 2 transform_attribute_type_t.
+ */
+extern enum_name_t *tattr_ph2_names;
+
+/**
+ * Enum names for IKEv2 transform_attribute_type_t.
+ */
+extern enum_name_t *tattr_ikev2_names;
+
+
+/**
+ * Class representing an IKEv1/IKEv2 TRANSFORM Attribute.
  */
 struct transform_attribute_t {
+
 	/**
 	 * The payload_t interface.
 	 */
@@ -117,9 +157,10 @@ struct transform_attribute_t {
 /**
  * Creates an empty transform_attribute_t object.
  *
+ * @param type			TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
  * @return				transform_attribute_t object
  */
-transform_attribute_t *transform_attribute_create(void);
+transform_attribute_t *transform_attribute_create(payload_type_t type);
 
 /**
  * Creates an transform_attribute_t of type KEY_LENGTH.
-- 
cgit v1.2.3


From 3a470f303542dfb127eb8b17553da06a92892ebb Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Wed, 16 Nov 2011 18:24:14 +0100
Subject: Added limiting encoding of IKEv1 SA payloads

---
 src/libcharon/encoding/payloads/transform_attribute.h | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src/libcharon/encoding/payloads/transform_attribute.h')

diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index 21bde46b8..eedb3be21 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -163,11 +163,14 @@ struct transform_attribute_t {
 transform_attribute_t *transform_attribute_create(payload_type_t type);
 
 /**
- * Creates an transform_attribute_t of type KEY_LENGTH.
+ * Creates a two byte value attribute for a given attribute kind.
  *
- * @param key_length	key length in bytes
+ * @param type			TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * @param kind			attribute kind
+ * @param value			fixed two byte value
  * @return				transform_attribute_t object
  */
-transform_attribute_t *transform_attribute_create_key_length(u_int16_t key_length);
+transform_attribute_t *transform_attribute_create_value(payload_type_t type,
+							transform_attribute_type_t kind, u_int16_t value);
 
 #endif /** TRANSFORM_ATTRIBUTE_H_ @}*/
-- 
cgit v1.2.3


From fbebc2a068942d16c20f8439b140027395ba25a0 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Nov 2011 12:52:11 +0100
Subject: Implemented encoding of additional IKEv1 proposal attributes

---
 src/libcharon/encoding/payloads/transform_attribute.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/libcharon/encoding/payloads/transform_attribute.h')

diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index eedb3be21..52e5d8412 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -163,7 +163,7 @@ struct transform_attribute_t {
 transform_attribute_t *transform_attribute_create(payload_type_t type);
 
 /**
- * Creates a two byte value attribute for a given attribute kind.
+ * Creates a two byte value or a larger attribute for a given attribute kind.
  *
  * @param type			TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
  * @param kind			attribute kind
@@ -171,6 +171,6 @@ transform_attribute_t *transform_attribute_create(payload_type_t type);
  * @return				transform_attribute_t object
  */
 transform_attribute_t *transform_attribute_create_value(payload_type_t type,
-							transform_attribute_type_t kind, u_int16_t value);
+							transform_attribute_type_t kind, u_int64_t value);
 
 #endif /** TRANSFORM_ATTRIBUTE_H_ @}*/
-- 
cgit v1.2.3


From 914ec2dbf29ea70a397418860fb304196131d845 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Nov 2011 15:25:22 +0100
Subject: Implemented IKEv1 attribute encoding in SA payload

---
 src/libcharon/encoding/payloads/transform_attribute.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libcharon/encoding/payloads/transform_attribute.h')

diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index 52e5d8412..7eed40b3e 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -109,7 +109,7 @@ struct transform_attribute_t {
 	 *
 	 * @return 		value
 	 */
-	u_int16_t (*get_value) (transform_attribute_t *this);
+	u_int64_t (*get_value) (transform_attribute_t *this);
 
 	/**
 	 * Sets the value of the attribute.
-- 
cgit v1.2.3


From eeca2af81c22e04532585d0dd2a5284bd83d8f5c Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Thu, 24 Nov 2011 15:32:13 +0100
Subject: Removed obsolete transform attribute setters

---
 .../encoding/payloads/transform_attribute.h        | 32 +---------------------
 1 file changed, 1 insertion(+), 31 deletions(-)

(limited to 'src/libcharon/encoding/payloads/transform_attribute.h')

diff --git a/src/libcharon/encoding/payloads/transform_attribute.h b/src/libcharon/encoding/payloads/transform_attribute.h
index 7eed40b3e..23897a50a 100644
--- a/src/libcharon/encoding/payloads/transform_attribute.h
+++ b/src/libcharon/encoding/payloads/transform_attribute.h
@@ -98,7 +98,7 @@ struct transform_attribute_t {
 	 *
 	 * Returned data are not copied.
 	 *
-	 * @return 		chunk_t pointing to the value
+	 * @return 		chunk_t pointing to internal value
 	 */
 	chunk_t (*get_value_chunk) (transform_attribute_t *this);
 
@@ -111,29 +111,6 @@ struct transform_attribute_t {
 	 */
 	u_int64_t (*get_value) (transform_attribute_t *this);
 
-	/**
-	 * Sets the value of the attribute.
-	 *
-	 * Value is getting copied.
-	 *
-	 * @param value chunk_t pointing to the value to set
-	 */
-	void (*set_value_chunk) (transform_attribute_t *this, chunk_t value);
-
-	/**
-	 * Sets the value of the attribute.
-	 *
-	 * @param value value to set
-	 */
-	void (*set_value) (transform_attribute_t *this, u_int16_t value);
-
-	/**
-	 * Sets the type of the attribute.
-	 *
-	 * @param type	type to set (most significant bit is set to zero)
-	 */
-	void (*set_attribute_type) (transform_attribute_t *this, u_int16_t type);
-
 	/**
 	 * get the type of the attribute.
 	 *
@@ -141,13 +118,6 @@ struct transform_attribute_t {
 	 */
 	u_int16_t (*get_attribute_type) (transform_attribute_t *this);
 
-	/**
-	 * Clones an transform_attribute_t object.
-	 *
-	 * @return		cloned transform_attribute_t object
-	 */
-	transform_attribute_t * (*clone) (transform_attribute_t *this);
-
 	/**
 	 * Destroys an transform_attribute_t object.
 	 */
-- 
cgit v1.2.3