Return to oakley.h CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon

ipsec-tools

    1: /*	$NetBSD: oakley.h,v 1.7 2009/03/12 10:57:26 tteras Exp $	*/
    2: 
    3: /* Id: oakley.h,v 1.13 2005/05/30 20:12:43 fredsen Exp */
    4: 
    5: /*
    6:  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
    7:  * All rights reserved.
    8:  * 
    9:  * Redistribution and use in source and binary forms, with or without
   10:  * modification, are permitted provided that the following conditions
   11:  * are met:
   12:  * 1. Redistributions of source code must retain the above copyright
   13:  *    notice, this list of conditions and the following disclaimer.
   14:  * 2. Redistributions in binary form must reproduce the above copyright
   15:  *    notice, this list of conditions and the following disclaimer in the
   16:  *    documentation and/or other materials provided with the distribution.
   17:  * 3. Neither the name of the project nor the names of its contributors
   18:  *    may be used to endorse or promote products derived from this software
   19:  *    without specific prior written permission.
   20:  * 
   21:  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
   22:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   23:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   24:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
   25:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   26:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   27:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   28:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   29:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   30:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   31:  * SUCH DAMAGE.
   32:  */
   33: 
   34: #ifndef _OAKLEY_H
   35: #define _OAKLEY_H
   36: 
   37: #include "vmbuf.h"
   38: 
   39: /* refer to RFC 2409 */
   40: 
   41: /* Attribute Classes */
   42: #define OAKLEY_ATTR_ENC_ALG		1 /* B */
   43: #define   OAKLEY_ATTR_ENC_ALG_DES		1
   44: #define   OAKLEY_ATTR_ENC_ALG_IDEA		2
   45: #define   OAKLEY_ATTR_ENC_ALG_BLOWFISH		3
   46: #define   OAKLEY_ATTR_ENC_ALG_RC5		4
   47: #define   OAKLEY_ATTR_ENC_ALG_3DES		5
   48: #define   OAKLEY_ATTR_ENC_ALG_CAST		6
   49: #define   OAKLEY_ATTR_ENC_ALG_AES		7
   50: #define   OAKLEY_ATTR_ENC_ALG_CAMELLIA		8	
   51: 					/*	65001 - 65535 Private Use */
   52: #define OAKLEY_ATTR_HASH_ALG		2 /* B */
   53: #define   OAKLEY_ATTR_HASH_ALG_MD5		1
   54: #define   OAKLEY_ATTR_HASH_ALG_SHA		2
   55: #define   OAKLEY_ATTR_HASH_ALG_TIGER		3
   56: #if defined(WITH_SHA2)
   57: #define   OAKLEY_ATTR_HASH_ALG_SHA2_256		4
   58: #define   OAKLEY_ATTR_HASH_ALG_SHA2_384		5
   59: #define   OAKLEY_ATTR_HASH_ALG_SHA2_512		6
   60: #endif
   61: 					/*	65001 - 65535 Private Use */
   62: #define OAKLEY_ATTR_AUTH_METHOD		3 /* B */
   63: #define   OAKLEY_ATTR_AUTH_METHOD_PSKEY		1
   64: #define   OAKLEY_ATTR_AUTH_METHOD_DSSSIG	2
   65: #define   OAKLEY_ATTR_AUTH_METHOD_RSASIG	3
   66: #define   OAKLEY_ATTR_AUTH_METHOD_RSAENC	4
   67: #define   OAKLEY_ATTR_AUTH_METHOD_RSAREV	5
   68: #define   OAKLEY_ATTR_AUTH_METHOD_EGENC		6
   69: #define   OAKLEY_ATTR_AUTH_METHOD_EGREV		7
   70: 	/* Hybrid Auth */
   71: #ifdef ENABLE_HYBRID    
   72: #define   OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_I	64221
   73: #define	  OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_R	64222
   74: #define   OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_I	64223
   75: #define   OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_R	64224
   76: 
   77: 					/*	65001 - 65535 Private Use */
   78: 
   79:         /* Plain Xauth */
   80: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_I	65001
   81: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_R	65002
   82: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_DSSSIG_I	65003
   83: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_DSSSIG_R	65004
   84: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_I	65005
   85: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_R	65006
   86: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAENC_I	65007
   87: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAENC_R	65008
   88: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAREV_I	65009
   89: #define OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSAREV_R	65010
   90: #endif
   91: 
   92: /*
   93:  * The following are valid when the Vendor ID is one of
   94:  * the following:
   95:  *
   96:  *	MD5("A GSS-API Authentication Method for IKE")
   97:  *	MD5("GSSAPI") (recognized by Windows 2000)
   98:  *	MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000)
   99:  */
  100: 
  101: #define OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB	(65001 + 0x10000)
  102: #define OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB_REAL	65001
  103: 
  104: #define OAKLEY_ATTR_GRP_DESC		4 /* B */
  105: #define   OAKLEY_ATTR_GRP_DESC_MODP768		1
  106: #define   OAKLEY_ATTR_GRP_DESC_MODP1024		2
  107: #define   OAKLEY_ATTR_GRP_DESC_EC2N155		3
  108: #define   OAKLEY_ATTR_GRP_DESC_EC2N185		4
  109: #define   OAKLEY_ATTR_GRP_DESC_MODP1536		5
  110: #define   OAKLEY_ATTR_GRP_DESC_MODP2048		14
  111: #define   OAKLEY_ATTR_GRP_DESC_MODP3072		15
  112: #define   OAKLEY_ATTR_GRP_DESC_MODP4096		16
  113: #define   OAKLEY_ATTR_GRP_DESC_MODP6144		17
  114: #define   OAKLEY_ATTR_GRP_DESC_MODP8192		18
  115: 					/*	32768 - 65535 Private Use */
  116: #define OAKLEY_ATTR_GRP_TYPE		5 /* B */
  117: #define   OAKLEY_ATTR_GRP_TYPE_MODP		1
  118: #define   OAKLEY_ATTR_GRP_TYPE_ECP		2
  119: #define   OAKLEY_ATTR_GRP_TYPE_EC2N		3
  120: 					/*	65001 - 65535 Private Use */
  121: #define OAKLEY_ATTR_GRP_PI		6 /* V */
  122: #define OAKLEY_ATTR_GRP_GEN_ONE		7 /* V */
  123: #define OAKLEY_ATTR_GRP_GEN_TWO		8 /* V */
  124: #define OAKLEY_ATTR_GRP_CURVE_A		9 /* V */
  125: #define OAKLEY_ATTR_GRP_CURVE_B		10 /* V */
  126: #define OAKLEY_ATTR_SA_LD_TYPE		11 /* B */
  127: #define   OAKLEY_ATTR_SA_LD_TYPE_DEFAULT	1
  128: #define   OAKLEY_ATTR_SA_LD_TYPE_SEC		1
  129: #define   OAKLEY_ATTR_SA_LD_TYPE_KB		2
  130: #define   OAKLEY_ATTR_SA_LD_TYPE_MAX		3
  131: 					/*	65001 - 65535 Private Use */
  132: #define OAKLEY_ATTR_SA_LD		12 /* V */
  133: #define   OAKLEY_ATTR_SA_LD_SEC_DEFAULT		28800 /* 8 hours */
  134: #define OAKLEY_ATTR_PRF			13 /* B */
  135: #define OAKLEY_ATTR_KEY_LEN		14 /* B */
  136: #define OAKLEY_ATTR_FIELD_SIZE		15 /* B */
  137: #define OAKLEY_ATTR_GRP_ORDER		16 /* V */
  138: #define OAKLEY_ATTR_BLOCK_SIZE		17 /* B */
  139: 				/*	16384 - 32767 Private Use */
  140: 
  141: 	/*
  142: 	 * The following are valid when the Vendor ID is one of
  143: 	 * the following:
  144: 	 *
  145: 	 *	MD5("A GSS-API Authentication Method for IKE")
  146: 	 *	MD5("GSSAPI") (recognized by Windows 2000)
  147: 	 *	MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000)
  148: 	 */
  149: #define OAKLEY_ATTR_GSS_ID		16384
  150: 
  151: #define MAXPADLWORD	20
  152: 
  153: struct dhgroup {
  154: 	int type;
  155: 	vchar_t *prime;
  156: 	int gen1;
  157: 	int gen2;
  158: 	vchar_t *curve_a;
  159: 	vchar_t *curve_b;
  160: 	vchar_t *order;
  161: };
  162: 
  163: struct ph1handle;
  164: struct ph2handle;
  165: struct isakmp_ivm;
  166: 
  167: extern int oakley_get_defaultlifetime __P((void));
  168: 
  169: extern int oakley_dhinit __P((void));
  170: extern void oakley_dhgrp_free __P((struct dhgroup *));
  171: extern int oakley_dh_compute __P((const struct dhgroup *,
  172: 	vchar_t *, vchar_t *, vchar_t *, vchar_t **));
  173: extern int oakley_dh_generate __P((const struct dhgroup *,
  174: 	vchar_t **, vchar_t **));
  175: extern int oakley_setdhgroup __P((int, struct dhgroup **));
  176: 
  177: extern vchar_t *oakley_prf __P((vchar_t *, vchar_t *, struct ph1handle *));
  178: extern vchar_t *oakley_hash __P((vchar_t *, struct ph1handle *));
  179: 
  180: extern int oakley_compute_keymat __P((struct ph2handle *, int));
  181: 
  182: #if notyet
  183: extern vchar_t *oakley_compute_hashx __P((void));
  184: #endif
  185: extern vchar_t *oakley_compute_hash3 __P((struct ph1handle *,
  186: 	u_int32_t, vchar_t *));
  187: extern vchar_t *oakley_compute_hash1 __P((struct ph1handle *,
  188: 	u_int32_t, vchar_t *));
  189: extern vchar_t *oakley_ph1hash_common __P((struct ph1handle *, int));
  190: extern vchar_t *oakley_ph1hash_base_i __P((struct ph1handle *, int));
  191: extern vchar_t *oakley_ph1hash_base_r __P((struct ph1handle *, int));
  192: 
  193: extern int oakley_get_certtype __P((vchar_t *));
  194: extern int oakley_validate_auth __P((struct ph1handle *));
  195: extern int oakley_getmycert __P((struct ph1handle *));
  196: extern int oakley_getsign __P((struct ph1handle *));
  197: extern vchar_t *oakley_getcr __P((struct ph1handle *));
  198: extern struct payload_list *oakley_append_cr __P((struct payload_list *,
  199: 						  struct ph1handle *));
  200: extern int oakley_checkcr __P((struct ph1handle *));
  201: extern int oakley_needcr __P((int));
  202: struct isakmp_gen;
  203: extern int oakley_savecert __P((struct ph1handle *, struct isakmp_gen *));
  204: extern int oakley_savecr __P((struct ph1handle *, struct isakmp_gen *));
  205: 
  206: extern int oakley_skeyid __P((struct ph1handle *));
  207: extern int oakley_skeyid_dae __P((struct ph1handle *));
  208: 
  209: extern int oakley_compute_enckey __P((struct ph1handle *));
  210: extern int oakley_newiv __P((struct ph1handle *));
  211: extern struct isakmp_ivm *oakley_newiv2 __P((struct ph1handle *, u_int32_t));
  212: extern void oakley_delivm __P((struct isakmp_ivm *));
  213: extern vchar_t *oakley_do_decrypt __P((struct ph1handle *,
  214: 	vchar_t *, vchar_t *, vchar_t *));
  215: extern vchar_t *oakley_do_encrypt __P((struct ph1handle *,
  216: 	vchar_t *, vchar_t *, vchar_t *));
  217: 
  218: #endif /* _OAKLEY_H */