IKE payload parsing. More...
#include "ike/ike.h"#include "ike/ike_algorithms.h"#include "ike/ike_payload_parse.h"#include "ike/ike_auth.h"#include "ike/ike_certificate.h"#include "ike/ike_key_exchange.h"#include "ike/ike_key_material.h"#include "ike/ike_sign_misc.h"#include "ike/ike_misc.h"#include "ah/ah_algorithms.h"#include "pkix/pem_import.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL IKE_TRACE_LEVEL |
Functions | |
| error_t | ikeParseSaPayload (const IkeSaPayload *saPayload) |
| Parse Security Association payload. More... | |
| error_t | ikeParseProposal (const IkeProposal *proposal, size_t length) |
| Parse Proposal substructure. More... | |
| error_t | ikeParseTransform (const IkeTransform *transform, size_t length) |
| Parse Transform substructure. More... | |
| error_t | ikeParseTransformAttr (const IkeTransformAttr *attr, size_t length, size_t *consumed) |
| Parse transform attribute. More... | |
| error_t | ikeParseKePayload (IkeSaEntry *sa, const IkeKePayload *kePayload) |
| Parse Key Exchange payload. More... | |
| error_t | ikeParseIdPayload (IkeSaEntry *sa, const IkeIdPayload *idPayload) |
| Parse Identification payload. More... | |
| error_t | ikeParseCertReqPayload (IkeSaEntry *sa, const IkeCertReqPayload *certReqPayload) |
| Parse Certificate Request payload. More... | |
| error_t | ikeParseNoncePayload (const IkeNoncePayload *noncePayload, uint8_t *nonce, size_t *nonceLen) |
| Parse Nonce payload. More... | |
| error_t | ikeParseDeletePayload (IkeSaEntry *sa, const IkeDeletePayload *deletePayload, bool_t response) |
| Parse Delete payload. More... | |
| error_t | ikeParseInvalidKeyPayloadNotification (IkeSaEntry *sa, const IkeNotifyPayload *notifyPayload) |
| Parse INVALID_KE_PAYLOAD notification. More... | |
| error_t | ikeParseCookieNotification (IkeSaEntry *sa, const IkeNotifyPayload *notifyPayload) |
| Parse COOKIE notification. More... | |
| error_t | ikeParseSignHashAlgosNotification (IkeSaEntry *sa, const IkeNotifyPayload *notifyPayload) |
| Parse SIGNATURE_HASH_ALGORITHMS notification. More... | |
| error_t | ikeParseTs (const uint8_t *p, size_t length, IkeTsParams *tsParams) |
| Parse Traffic Selector substructure. More... | |
| const IkePayloadHeader * | ikeGetPayload (const uint8_t *message, size_t length, uint8_t type, uint_t index) |
| Search an IKE message for a given payload type. More... | |
| const IkeNotifyPayload * | ikeGetErrorNotifyPayload (const uint8_t *message, size_t length) |
| Search an IKE message for an error Notify payload. More... | |
| const IkeNotifyPayload * | ikeGetStatusNotifyPayload (const uint8_t *message, size_t length, uint16_t type) |
| Search an IKE message for a given status Notify payload. More... | |
| error_t | ikeCheckCriticalPayloads (const uint8_t *message, size_t length, uint8_t *unsupportedCriticalPayload) |
| Check whether the message contains an unsupported critical payload. More... | |
Detailed Description
IKE payload parsing.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2022-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneIPSEC Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.0
Definition in file ike_payload_parse.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL IKE_TRACE_LEVEL |
Definition at line 32 of file ike_payload_parse.c.
Function Documentation
◆ ikeCheckCriticalPayloads()
| error_t ikeCheckCriticalPayloads | ( | const uint8_t * | message, |
| size_t | length, | ||
| uint8_t * | unsupportedCriticalPayload | ||
| ) |
Check whether the message contains an unsupported critical payload.
- Parameters
-
[in] message Pointer to the IKE message [in] length Length of the IKE message, in bytes [out] unsupportedCriticalPayload Type of the unsupported critical payload, if any
- Returns
- Error code
Definition at line 1035 of file ike_payload_parse.c.
◆ ikeGetErrorNotifyPayload()
| const IkeNotifyPayload* ikeGetErrorNotifyPayload | ( | const uint8_t * | message, |
| size_t | length | ||
| ) |
Search an IKE message for an error Notify payload.
- Parameters
-
[in] message Pointer to the received IKE message [in] length Length of the IKE message, in bytes
- Returns
- Pointer to the error Notify payload, if any
Definition at line 871 of file ike_payload_parse.c.
◆ ikeGetPayload()
| const IkePayloadHeader* ikeGetPayload | ( | const uint8_t * | message, |
| size_t | length, | ||
| uint8_t | type, | ||
| uint_t | index | ||
| ) |
Search an IKE message for a given payload type.
- Parameters
-
[in] message Pointer to the IKE message [in] length Length of the IKE message, in bytes [in] type Payload type [in] index Payload occurrence index
- Returns
- If the specified payload type is found, a pointer to the payload header is returned. Otherwise NULL pointer is returned
Definition at line 799 of file ike_payload_parse.c.
◆ ikeGetStatusNotifyPayload()
| const IkeNotifyPayload* ikeGetStatusNotifyPayload | ( | const uint8_t * | message, |
| size_t | length, | ||
| uint16_t | type | ||
| ) |
Search an IKE message for a given status Notify payload.
- Parameters
-
[in] message Pointer to the received IKE message [in] length Length of the IKE message, in bytes [in] type Notify message type
- Returns
- Pointer to the error Notify payload, if any
Definition at line 953 of file ike_payload_parse.c.
◆ ikeParseCertReqPayload()
| error_t ikeParseCertReqPayload | ( | IkeSaEntry * | sa, |
| const IkeCertReqPayload * | certReqPayload | ||
| ) |
Parse Certificate Request payload.
- Parameters
-
[in] sa Pointer to the IKE SA [in] certReqPayload Pointer to the Certificate Request payload
- Returns
- Error code
Definition at line 383 of file ike_payload_parse.c.
◆ ikeParseCookieNotification()
| error_t ikeParseCookieNotification | ( | IkeSaEntry * | sa, |
| const IkeNotifyPayload * | notifyPayload | ||
| ) |
Parse COOKIE notification.
- Parameters
-
[in] sa Pointer to the IKE SA [in] notifyPayload Pointer to the Notify payload
- Returns
- Error code
Definition at line 603 of file ike_payload_parse.c.
◆ ikeParseDeletePayload()
| error_t ikeParseDeletePayload | ( | IkeSaEntry * | sa, |
| const IkeDeletePayload * | deletePayload, | ||
| bool_t | response | ||
| ) |
Parse Delete payload.
- Parameters
-
[in] sa Pointer to the IKE SA [in] deletePayload Pointer to the Delete payload [in] response TRUE if the received INFORMATIONAL message is a response
- Returns
- Error code
Definition at line 454 of file ike_payload_parse.c.
◆ ikeParseIdPayload()
| error_t ikeParseIdPayload | ( | IkeSaEntry * | sa, |
| const IkeIdPayload * | idPayload | ||
| ) |
Parse Identification payload.
- Parameters
-
[in] sa Pointer to the IKE SA [in] idPayload Pointer to the Identification payload
- Returns
- Error code
Definition at line 348 of file ike_payload_parse.c.
◆ ikeParseInvalidKeyPayloadNotification()
| error_t ikeParseInvalidKeyPayloadNotification | ( | IkeSaEntry * | sa, |
| const IkeNotifyPayload * | notifyPayload | ||
| ) |
Parse INVALID_KE_PAYLOAD notification.
- Parameters
-
[in] sa Pointer to the IKE SA [in] notifyPayload Pointer to the Notify payload
- Returns
- Error code
Definition at line 562 of file ike_payload_parse.c.
◆ ikeParseKePayload()
| error_t ikeParseKePayload | ( | IkeSaEntry * | sa, |
| const IkeKePayload * | kePayload | ||
| ) |
Parse Key Exchange payload.
- Parameters
-
[in] sa Pointer to the IKE SA [in] kePayload Pointer to the Key Exchange payload
- Returns
- Error code
Definition at line 309 of file ike_payload_parse.c.
◆ ikeParseNoncePayload()
| error_t ikeParseNoncePayload | ( | const IkeNoncePayload * | noncePayload, |
| uint8_t * | nonce, | ||
| size_t * | nonceLen | ||
| ) |
Parse Nonce payload.
- Parameters
-
[in] noncePayload Pointer to the Nonce payload [out] nonce Pointer to the buffer where to store the nonce [out] nonceLen Length of the nonce, in bytes
- Returns
- Error code
Definition at line 417 of file ike_payload_parse.c.
◆ ikeParseProposal()
| error_t ikeParseProposal | ( | const IkeProposal * | proposal, |
| size_t | length | ||
| ) |
Parse Proposal substructure.
- Parameters
-
[in] proposal Pointer to the Proposal substructure [in] length Length of the Proposal substructure, in bytes
- Returns
- Error code
Definition at line 131 of file ike_payload_parse.c.
◆ ikeParseSaPayload()
| error_t ikeParseSaPayload | ( | const IkeSaPayload * | saPayload | ) |
Parse Security Association payload.
- Parameters
-
[in] saPayload Pointer to the Security Association payload
- Returns
- Error code
Definition at line 58 of file ike_payload_parse.c.
◆ ikeParseSignHashAlgosNotification()
| error_t ikeParseSignHashAlgosNotification | ( | IkeSaEntry * | sa, |
| const IkeNotifyPayload * | notifyPayload | ||
| ) |
Parse SIGNATURE_HASH_ALGORITHMS notification.
- Parameters
-
[in] sa Pointer to the IKE SA [in] notifyPayload Pointer to the Notify payload
- Returns
- Error code
Definition at line 637 of file ike_payload_parse.c.
◆ ikeParseTransform()
| error_t ikeParseTransform | ( | const IkeTransform * | transform, |
| size_t | length | ||
| ) |
Parse Transform substructure.
- Parameters
-
[in] transform Pointer to the Transform substructure [in] length Length of the Transform substructure, in bytes
- Returns
- Error code
Definition at line 205 of file ike_payload_parse.c.
◆ ikeParseTransformAttr()
| error_t ikeParseTransformAttr | ( | const IkeTransformAttr * | attr, |
| size_t | length, | ||
| size_t * | consumed | ||
| ) |
Parse transform attribute.
- Parameters
-
[in] attr Pointer to the transform attribute [in] length Number of bytes available in the input stream [out] consumed Total number of characters that have been consumed
- Returns
- Error code
Definition at line 268 of file ike_payload_parse.c.
◆ ikeParseTs()
| error_t ikeParseTs | ( | const uint8_t * | p, |
| size_t | length, | ||
| IkeTsParams * | tsParams | ||
| ) |
Parse Traffic Selector substructure.
- Parameters
-
[in] p Pointer to the input data to parse [in] length Number of bytes available in the input data [out] tsParams Traffic selector parameters
- Returns
- Error code
Definition at line 691 of file ike_payload_parse.c.