Porting HIP to Symbian Status as of December 03, 2007 Andrey Khurri
Where we go? Ported Linux-based PDA HIP protocol Here we are Linux Desktop Symbian S60 3rd Edition
HIIT Progress and Status • Till 03.12.2007 • Compilation done with the Emulator for all the following HIPL components: • libhiptool • libipsec • libopphip • libinet6 • hipd • Libraries are compiled as static libraries (.lib) and HIP daemon (hipd.exe) is linked against them • Previously we have had linking problems with libinet6 and hipd when the type of libraries was dll. These problems are gone if we use static type library rather than dll • HIP daemon is present now as hipd.exe and I am debugging it on the Emulator. There are many issues because not all of APIs are supported in Open C plugin on Symbian (POSIX libraries).
HIIT Progress and Status (2) • Currently some pieces of functionality is commented out and some functions and calls are modified. • Major concerns here are sockets, communication with kernel, cryptography • select() seems to work with a simple application even though it’s been reported as a limitation • fork() might be a problem, it is used in a few places in the code • some workarounds to fork() exist (posix_spawn (), popen (), mkfifo ()) • Our target for December – January is at least to get HIP Base Exchange working (exchange of four HIP control messages between Initiator and Responder) • We can do more by collaborating with Nokia where IPsec BEET mode is being implemented for Symbian. The hardest part is to integrate our pieces since all of Nokia code is NOT open
Interfaces with Symbian IPsec • PF_KEY as an interface between HIP daemon and IPsec SA database • SADB stores, updates, deletes SA • SA are created by HIP (key management) daemon after the base exchange with a remoute daemon • In HIPL there is pfkeyapi.c which implements interfaces used to set IPsec SA/SP through PF_KEY API’s • PF_KEY API’s are implemented in pfkey.c in libipsec HIPL library
Interfaces (2) Our preliminary architecture PFKEY draft* libinet6 libhiptool libipsec +---------------+ |Key Mgmt Daemon| +---------------+ | | | | Applications ==========[PF_KEY]====[PF_INET]================= | | OS Kernel +------------+ +-----------------+ | Key Engine | | TCP/IP, | | or SADB | ------- | including IPsec | +------------+ +-----------------+ | +-----------+ | Network | | Interface | +-----------+ HIP daemon Userspace PF_KEY PF_INET (?) Kernel SADB TCP/IP with IPsec Network Interface * http://www.arkko.com/publications/draft-arkko-pfkey-reference-00.txt
HIIT plans and milestones • December – January 2007 – 08 • Further debug HIP daemon and (re)implement needed functions • The goal is to get HIP handshake working between two Symbian emulators • Collaborate with Nokia Research Center to find a way of integration with Symbian kernel / IPsec BEET • February – March 2008 (project ends by the end of March) • Finilize work by reaching a logical point in HIP implementation on Symbian • Report results, define future work
Action points • Check how PF_KEY messaging is implemented in HIPL (register, update, aquire, add, getspi) • Activate and load policies (with Policy Manager in Symbian) • Application start-up, how it’s done in Symbian?