13 * |
13 * |
14 * Description: IKEv1/IPSEC SA negotiation |
14 * Description: IKEv1/IPSEC SA negotiation |
15 * |
15 * |
16 */ |
16 */ |
17 |
17 |
|
18 #include <e32uid.h> |
18 #include <x509cert.h> |
19 #include <x509cert.h> |
19 #include <x500dn.h> |
20 #include <x500dn.h> |
20 #include <random.h> |
21 #include <random.h> |
21 #include <vpnlogmessages.rsg> |
22 #include <vpnlogmessages.rsg> |
|
23 #include <softtokenpluginif.h> |
22 |
24 |
23 #include "ikev1negotiation.h" |
25 #include "ikev1negotiation.h" |
24 #include "ikedebug.h" |
26 #include "ikedebug.h" |
25 #include "ikev1isakmpstream.h" |
27 #include "ikev1isakmpstream.h" |
26 #include "ikev1timeout.h" |
28 #include "ikev1timeout.h" |
185 delete iICA1; |
187 delete iICA1; |
186 delete iICA2; |
188 delete iICA2; |
187 |
189 |
188 delete iPkiService; // Trusted CA certificate list |
190 delete iPkiService; // Trusted CA certificate list |
189 |
191 |
190 delete iSAPayload; |
192 delete[] iSAPayload; |
191 delete iPeerIdentPayload; |
193 delete[] iPeerIdentPayload; |
192 delete iOwnIdentPayload; |
194 delete iOwnIdentPayload; |
193 |
195 |
194 //Keys |
196 //Keys |
195 delete iOwnKeys; //structure containing the public and private keys |
197 delete iOwnKeys; //structure containing the public and private keys |
196 delete iOwnPublicKey; //Public Key |
198 delete iOwnPublicKey; //Public Key |
1099 status = ProcessUserResponseL(aUserInfo);; |
1101 status = ProcessUserResponseL(aUserInfo);; |
1100 |
1102 |
1101 } |
1103 } |
1102 } |
1104 } |
1103 |
1105 |
|
1106 // |
|
1107 // CIkev1Negotiation::ErrDialogCompletedL |
|
1108 // Error dialog is completed. End negotiation. |
|
1109 // |
|
1110 void CIkev1Negotiation::ErrDialogCompletedL( ) |
|
1111 { |
|
1112 SendDeleteL(PROTO_ISAKMP); |
|
1113 SetErrorStatus(KKmdIkeAuthFailedErr); |
|
1114 } |
1104 |
1115 |
1105 // |
1116 // |
1106 // CIkev1Negotiation::StartCRACKAuthL |
1117 // CIkev1Negotiation::StartCRACKAuthL |
1107 // Start CRACK authentication phase of IKE phase I negotiation |
1118 // Start CRACK authentication phase of IKE phase I negotiation |
1108 // - Create CIKECRACKNegotiation object and call it`s ConstructL |
1119 // - Create CIKECRACKNegotiation object and call it`s ConstructL |
1271 |
1282 |
1272 |
1283 |
1273 //Sends the initial IKE packets to start the negotiation. PHASE I |
1284 //Sends the initial IKE packets to start the negotiation. PHASE I |
1274 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1285 void CIkev1Negotiation::InitNegotiationL() //Equiv. to stage 1 |
1275 { |
1286 { |
1276 |
|
1277 if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && |
1287 if (iProposal_I.iAttrList->iAuthMethod == IKE_A_CRACK && |
1278 !iHostData->iCRACKLAMUserName && |
1288 !iHostData->iCRACKLAMUserName && |
1279 !iHostData->iCRACKLAMPassword && |
1289 !iHostData->iCRACKLAMPassword && |
1280 !iCRACKLAMUserName && |
1290 !iCRACKLAMUserName && |
1281 !iCRACKLAMPassword) |
1291 !iCRACKLAMPassword) |
1282 { |
1292 { |
1283 |
1293 if ( (iHostData->iSoftToken) && (iPluginSession->SoftToken() != NULL) ) |
|
1294 { |
|
1295 if (iPluginSession->SoftToken()->DefaultFoundL()) |
|
1296 { |
|
1297 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
1298 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
|
1299 iDialog->GetAsyncSecureidPinDialogL(iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
1300 return; |
|
1301 } |
|
1302 else |
|
1303 { |
|
1304 DEBUG_LOG(_L("Failed to find token!")); |
|
1305 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
1306 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, ERROR_DIALOG_ID, SAId(), 0); |
|
1307 iDialog->ShowErrorDialogL(TVpnNoteDialog::EKmdTokenNotFound, iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
1308 return; |
|
1309 } |
|
1310 } |
|
1311 else |
|
1312 { |
1284 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
1313 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
1285 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
1314 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, DIALOG_INFO_ID, SAId(), 0); |
1286 iDialog->GetAsyncUNPWDialogL(iDialogInfo, (MIkeDialogComplete*)this); |
1315 iDialog->GetAsyncUNPWDialogL(iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
1287 return; |
1316 return; |
|
1317 } |
1288 } |
1318 } |
1289 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1319 TIkev1IsakmpStream* msg = SaveIkeMsgBfr( new (ELeave) TIkev1IsakmpStream(iDebug) ); |
1290 |
1320 |
1291 TInt vendor_id_type; |
1321 TInt vendor_id_type; |
1292 |
1322 |
8395 |
8425 |
8396 TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo ) |
8426 TInt CIkev1Negotiation::ProcessUserResponseL(CAuthDialogInfo *aDialogInfo ) |
8397 { |
8427 { |
8398 delete iDialog; /* delete dialog object */ |
8428 delete iDialog; /* delete dialog object */ |
8399 iDialog = NULL; |
8429 iDialog = NULL; |
|
8430 |
|
8431 if (iHostData->iSoftToken && (iPluginSession->SoftToken() != NULL)) |
|
8432 { |
|
8433 HBufC8* password = NULL; |
|
8434 TInt status; |
|
8435 status = iPluginSession->SoftToken()->CodeL(*aDialogInfo->iSecret, password); |
|
8436 |
|
8437 if (KErrNone != status) |
|
8438 { |
|
8439 if (KErrNoSecureTime == status) |
|
8440 { |
|
8441 DEBUG_LOG(_L("Token expired!")); |
|
8442 iDialog = CIkev1Dialog::NewL( iPluginSession, iPluginSession->DialogAnchor(), iDebug ); |
|
8443 iDialogInfo = new(ELeave) CAuthDialogInfo(iPluginSession, ERROR_DIALOG_ID, SAId(), 0); |
|
8444 iDialog->ShowErrorDialogL(TVpnNoteDialog::EKmdTokenExpired, iDialogInfo, static_cast<MIkeDialogComplete*>(this)); |
|
8445 return status; |
|
8446 } |
|
8447 DEBUG_LOG(_L("Failed to get OTP from SoftToken!")); |
|
8448 SetFinished(); |
|
8449 return KErrNotFound; |
|
8450 } |
|
8451 else |
|
8452 { |
|
8453 aDialogInfo->SetSecret(password); |
|
8454 } |
|
8455 } |
8400 |
8456 |
8401 iCRACKLAMUserName = aDialogInfo->iUsername->AllocL(); |
8457 iCRACKLAMUserName = aDialogInfo->iUsername->AllocL(); |
8402 iCRACKLAMPassword = aDialogInfo->iSecret->AllocL(); |
8458 iCRACKLAMPassword = aDialogInfo->iSecret->AllocL(); |
8403 |
8459 |
8404 delete aDialogInfo; /* release dialog info object */ |
8460 delete aDialogInfo; /* release dialog info object */ |
8423 * object is created. When the dialog is completed this callback function |
8479 * object is created. When the dialog is completed this callback function |
8424 * is called |
8480 * is called |
8425 * |
8481 * |
8426 *-------------------------------------------------------------------------*/ |
8482 *-------------------------------------------------------------------------*/ |
8427 TUint32 obj_id = 1; |
8483 TUint32 obj_id = 1; |
8428 CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo; |
8484 CAuthDialogInfo* info = (CAuthDialogInfo*)aUserInfo; |
8429 DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo); |
8485 DEBUG_LOG1(_L("CIkev1Negotiation::DialogCompleteL(), aUserInfo = %x"), aUserInfo); |
8430 |
8486 |
8431 if ( info ) |
8487 if ( info ) |
8432 { |
8488 { |
8433 obj_id = info->GetObjId(); |
8489 obj_id = info->GetObjId(); |
|
8490 info->iNegotiation = this; |
8434 DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id); |
8491 DEBUG_LOG1(_L("Preparing to call AuthDialogCompletedL(), ObjId = %x"), obj_id); |
8435 if ( obj_id == DIALOG_INFO_ID ) |
8492 if ( obj_id == DIALOG_INFO_ID ) |
8436 { |
8493 { |
8437 info->SetUserName(aUsername); |
8494 info->SetUserName(aUsername); |
8438 info->SetSecret(aSecret); |
8495 info->SetSecret(aSecret); |
8439 obj_id = info->PluginSession()->AuthDialogCompletedL(info); |
8496 obj_id = info->PluginSession()->AuthDialogCompletedL(info); |
8440 } |
8497 } |
8441 } |
8498 if ( obj_id == ERROR_DIALOG_ID ) |
8442 |
8499 { |
8443 return obj_id; |
8500 obj_id = info->PluginSession()->ErrDialogCompletedL(info); |
8444 } |
8501 } |
|
8502 } |
|
8503 |
|
8504 return obj_id; |
|
8505 |
|
8506 } |
|
8507 |
|
8508 |