Annotation of embedaddon/ipsec-tools/src/racoon/oakley.h, revision 1.1
1.1 ! misho 1: /* $NetBSD: oakley.h,v 1.7 2009/03/12 10:57:26 tteras Exp $ */
! 2:
! 3: /* Id: oakley.h,v 1.13 2005/05/30 20:12:43 fredsen Exp */
! 4:
! 5: /*
! 6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
! 7: * All rights reserved.
! 8: *
! 9: * Redistribution and use in source and binary forms, with or without
! 10: * modification, are permitted provided that the following conditions
! 11: * are met:
! 12: * 1. Redistributions of source code must retain the above copyright
! 13: * notice, this list of conditions and the following disclaimer.
! 14: * 2. Redistributions in binary form must reproduce the above copyright
! 15: * notice, this list of conditions and the following disclaimer in the
! 16: * documentation and/or other materials provided with the distribution.
! 17: * 3. Neither the name of the project nor the names of its contributors
! 18: * may be used to endorse or promote products derived from this software
! 19: * without specific prior written permission.
! 20: *
! 21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
! 22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
! 25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 31: * SUCH DAMAGE.
! 32: */
! 33:
! 34: #ifndef _OAKLEY_H
! 35: #define _OAKLEY_H
! 36:
! 37: #include "vmbuf.h"
! 38:
! 39: /* refer to RFC 2409 */
! 40:
! 41: /* Attribute Classes */
! 42: #define OAKLEY_ATTR_ENC_ALG 1 /* B */
! 43: #define OAKLEY_ATTR_ENC_ALG_DES 1
! 44: #define OAKLEY_ATTR_ENC_ALG_IDEA 2
! 45: #define OAKLEY_ATTR_ENC_ALG_BLOWFISH 3
! 46: #define OAKLEY_ATTR_ENC_ALG_RC5 4
! 47: #define OAKLEY_ATTR_ENC_ALG_3DES 5
! 48: #define OAKLEY_ATTR_ENC_ALG_CAST 6
! 49: #define OAKLEY_ATTR_ENC_ALG_AES 7
! 50: #define OAKLEY_ATTR_ENC_ALG_CAMELLIA 8
! 51: /* 65001 - 65535 Private Use */
! 52: #define OAKLEY_ATTR_HASH_ALG 2 /* B */
! 53: #define OAKLEY_ATTR_HASH_ALG_MD5 1
! 54: #define OAKLEY_ATTR_HASH_ALG_SHA 2
! 55: #define OAKLEY_ATTR_HASH_ALG_TIGER 3
! 56: #if defined(WITH_SHA2)
! 57: #define OAKLEY_ATTR_HASH_ALG_SHA2_256 4
! 58: #define OAKLEY_ATTR_HASH_ALG_SHA2_384 5
! 59: #define OAKLEY_ATTR_HASH_ALG_SHA2_512 6
! 60: #endif
! 61: /* 65001 - 65535 Private Use */
! 62: #define OAKLEY_ATTR_AUTH_METHOD 3 /* B */
! 63: #define OAKLEY_ATTR_AUTH_METHOD_PSKEY 1
! 64: #define OAKLEY_ATTR_AUTH_METHOD_DSSSIG 2
! 65: #define OAKLEY_ATTR_AUTH_METHOD_RSASIG 3
! 66: #define OAKLEY_ATTR_AUTH_METHOD_RSAENC 4
! 67: #define OAKLEY_ATTR_AUTH_METHOD_RSAREV 5
! 68: #define OAKLEY_ATTR_AUTH_METHOD_EGENC 6
! 69: #define OAKLEY_ATTR_AUTH_METHOD_EGREV 7
! 70: /* Hybrid Auth */
! 71: #ifdef ENABLE_HYBRID
! 72: #define OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_I 64221
! 73: #define OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_R 64222
! 74: #define OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_I 64223
! 75: #define OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_R 64224
! 76:
! 77: /* 65001 - 65535 Private Use */
! 78:
! 79: /* Plain Xauth */
! 80: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_I 65001
! 81: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_R 65002
! 82: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_DSSSIG_I 65003
! 83: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_DSSSIG_R 65004
! 84: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_I 65005
! 85: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_R 65006
! 86: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAENC_I 65007
! 87: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAENC_R 65008
! 88: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAREV_I 65009
! 89: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAREV_R 65010
! 90: #endif
! 91:
! 92: /*
! 93: * The following are valid when the Vendor ID is one of
! 94: * the following:
! 95: *
! 96: * MD5("A GSS-API Authentication Method for IKE")
! 97: * MD5("GSSAPI") (recognized by Windows 2000)
! 98: * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000)
! 99: */
! 100:
! 101: #define OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB (65001 + 0x10000)
! 102: #define OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB_REAL 65001
! 103:
! 104: #define OAKLEY_ATTR_GRP_DESC 4 /* B */
! 105: #define OAKLEY_ATTR_GRP_DESC_MODP768 1
! 106: #define OAKLEY_ATTR_GRP_DESC_MODP1024 2
! 107: #define OAKLEY_ATTR_GRP_DESC_EC2N155 3
! 108: #define OAKLEY_ATTR_GRP_DESC_EC2N185 4
! 109: #define OAKLEY_ATTR_GRP_DESC_MODP1536 5
! 110: #define OAKLEY_ATTR_GRP_DESC_MODP2048 14
! 111: #define OAKLEY_ATTR_GRP_DESC_MODP3072 15
! 112: #define OAKLEY_ATTR_GRP_DESC_MODP4096 16
! 113: #define OAKLEY_ATTR_GRP_DESC_MODP6144 17
! 114: #define OAKLEY_ATTR_GRP_DESC_MODP8192 18
! 115: /* 32768 - 65535 Private Use */
! 116: #define OAKLEY_ATTR_GRP_TYPE 5 /* B */
! 117: #define OAKLEY_ATTR_GRP_TYPE_MODP 1
! 118: #define OAKLEY_ATTR_GRP_TYPE_ECP 2
! 119: #define OAKLEY_ATTR_GRP_TYPE_EC2N 3
! 120: /* 65001 - 65535 Private Use */
! 121: #define OAKLEY_ATTR_GRP_PI 6 /* V */
! 122: #define OAKLEY_ATTR_GRP_GEN_ONE 7 /* V */
! 123: #define OAKLEY_ATTR_GRP_GEN_TWO 8 /* V */
! 124: #define OAKLEY_ATTR_GRP_CURVE_A 9 /* V */
! 125: #define OAKLEY_ATTR_GRP_CURVE_B 10 /* V */
! 126: #define OAKLEY_ATTR_SA_LD_TYPE 11 /* B */
! 127: #define OAKLEY_ATTR_SA_LD_TYPE_DEFAULT 1
! 128: #define OAKLEY_ATTR_SA_LD_TYPE_SEC 1
! 129: #define OAKLEY_ATTR_SA_LD_TYPE_KB 2
! 130: #define OAKLEY_ATTR_SA_LD_TYPE_MAX 3
! 131: /* 65001 - 65535 Private Use */
! 132: #define OAKLEY_ATTR_SA_LD 12 /* V */
! 133: #define OAKLEY_ATTR_SA_LD_SEC_DEFAULT 28800 /* 8 hours */
! 134: #define OAKLEY_ATTR_PRF 13 /* B */
! 135: #define OAKLEY_ATTR_KEY_LEN 14 /* B */
! 136: #define OAKLEY_ATTR_FIELD_SIZE 15 /* B */
! 137: #define OAKLEY_ATTR_GRP_ORDER 16 /* V */
! 138: #define OAKLEY_ATTR_BLOCK_SIZE 17 /* B */
! 139: /* 16384 - 32767 Private Use */
! 140:
! 141: /*
! 142: * The following are valid when the Vendor ID is one of
! 143: * the following:
! 144: *
! 145: * MD5("A GSS-API Authentication Method for IKE")
! 146: * MD5("GSSAPI") (recognized by Windows 2000)
! 147: * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000)
! 148: */
! 149: #define OAKLEY_ATTR_GSS_ID 16384
! 150:
! 151: #define MAXPADLWORD 20
! 152:
! 153: struct dhgroup {
! 154: int type;
! 155: vchar_t *prime;
! 156: int gen1;
! 157: int gen2;
! 158: vchar_t *curve_a;
! 159: vchar_t *curve_b;
! 160: vchar_t *order;
! 161: };
! 162:
! 163: struct ph1handle;
! 164: struct ph2handle;
! 165: struct isakmp_ivm;
! 166:
! 167: extern int oakley_get_defaultlifetime __P((void));
! 168:
! 169: extern int oakley_dhinit __P((void));
! 170: extern void oakley_dhgrp_free __P((struct dhgroup *));
! 171: extern int oakley_dh_compute __P((const struct dhgroup *,
! 172: vchar_t *, vchar_t *, vchar_t *, vchar_t **));
! 173: extern int oakley_dh_generate __P((const struct dhgroup *,
! 174: vchar_t **, vchar_t **));
! 175: extern int oakley_setdhgroup __P((int, struct dhgroup **));
! 176:
! 177: extern vchar_t *oakley_prf __P((vchar_t *, vchar_t *, struct ph1handle *));
! 178: extern vchar_t *oakley_hash __P((vchar_t *, struct ph1handle *));
! 179:
! 180: extern int oakley_compute_keymat __P((struct ph2handle *, int));
! 181:
! 182: #if notyet
! 183: extern vchar_t *oakley_compute_hashx __P((void));
! 184: #endif
! 185: extern vchar_t *oakley_compute_hash3 __P((struct ph1handle *,
! 186: u_int32_t, vchar_t *));
! 187: extern vchar_t *oakley_compute_hash1 __P((struct ph1handle *,
! 188: u_int32_t, vchar_t *));
! 189: extern vchar_t *oakley_ph1hash_common __P((struct ph1handle *, int));
! 190: extern vchar_t *oakley_ph1hash_base_i __P((struct ph1handle *, int));
! 191: extern vchar_t *oakley_ph1hash_base_r __P((struct ph1handle *, int));
! 192:
! 193: extern int oakley_get_certtype __P((vchar_t *));
! 194: extern int oakley_validate_auth __P((struct ph1handle *));
! 195: extern int oakley_getmycert __P((struct ph1handle *));
! 196: extern int oakley_getsign __P((struct ph1handle *));
! 197: extern vchar_t *oakley_getcr __P((struct ph1handle *));
! 198: extern struct payload_list *oakley_append_cr __P((struct payload_list *,
! 199: struct ph1handle *));
! 200: extern int oakley_checkcr __P((struct ph1handle *));
! 201: extern int oakley_needcr __P((int));
! 202: struct isakmp_gen;
! 203: extern int oakley_savecert __P((struct ph1handle *, struct isakmp_gen *));
! 204: extern int oakley_savecr __P((struct ph1handle *, struct isakmp_gen *));
! 205:
! 206: extern int oakley_skeyid __P((struct ph1handle *));
! 207: extern int oakley_skeyid_dae __P((struct ph1handle *));
! 208:
! 209: extern int oakley_compute_enckey __P((struct ph1handle *));
! 210: extern int oakley_newiv __P((struct ph1handle *));
! 211: extern struct isakmp_ivm *oakley_newiv2 __P((struct ph1handle *, u_int32_t));
! 212: extern void oakley_delivm __P((struct isakmp_ivm *));
! 213: extern vchar_t *oakley_do_decrypt __P((struct ph1handle *,
! 214: vchar_t *, vchar_t *, vchar_t *));
! 215: extern vchar_t *oakley_do_encrypt __P((struct ph1handle *,
! 216: vchar_t *, vchar_t *, vchar_t *));
! 217:
! 218: #endif /* _OAKLEY_H */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>