![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to payload.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / encoding / payloads|
Return to payload.h CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / encoding / payloads |
1.1 misho 1: /*
2: * Copyright (C) 2007-2015 Tobias Brunner
3: * Copyright (C) 2005-2006 Martin Willi
4: * Copyright (C) 2005 Jan Hutter
5: * HSR Hochschule fuer Technik Rapperswil
6: *
7: * This program is free software; you can redistribute it and/or modify it
8: * under the terms of the GNU General Public License as published by the
9: * Free Software Foundation; either version 2 of the License, or (at your
10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11: *
12: * This program is distributed in the hope that it will be useful, but
13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15: * for more details.
16: */
17:
18: /**
19: * @defgroup payload payload
20: * @{ @ingroup payloads
21: */
22:
23: #ifndef PAYLOAD_H_
24: #define PAYLOAD_H_
25:
26: typedef enum payload_type_t payload_type_t;
27: typedef struct payload_t payload_t;
28:
29: #include <library.h>
30: #include <encoding/payloads/encodings.h>
31:
32: /**
33: * Domain of interpretation used by IPsec/IKEv1
34: */
35: #define IKEV1_DOI_IPSEC 1
36:
37: /**
38: * Payload-Types of an IKE message.
39: *
40: * Header and substructures are also defined as
41: * payload types with values from PRIVATE USE space.
42: */
43: enum payload_type_t {
44:
45: /**
46: * End of payload list in next_payload
47: */
48: PL_NONE = 0,
49:
50: /**
51: * The security association (SA) payload containing proposals.
52: */
53: PLV1_SECURITY_ASSOCIATION = 1,
54:
55: /**
56: * The proposal payload, containing transforms.
57: */
58: PLV1_PROPOSAL = 2,
59:
60: /**
61: * The transform payload.
62: */
63: PLV1_TRANSFORM = 3,
64:
65: /**
66: * The key exchange (KE) payload containing diffie-hellman values.
67: */
68: PLV1_KEY_EXCHANGE = 4,
69:
70: /**
71: * ID payload.
72: */
73: PLV1_ID = 5,
74:
75: /**
76: * Certificate payload with certificates (CERT).
77: */
78: PLV1_CERTIFICATE = 6,
79:
80: /**
81: * Certificate request payload.
82: */
83: PLV1_CERTREQ = 7,
84:
85: /**
86: * Hash payload.
87: */
88: PLV1_HASH = 8,
89:
90: /**
91: * Signature payload
92: */
93: PLV1_SIGNATURE = 9,
94:
95: /**
96: * Nonce payload.
97: */
98: PLV1_NONCE = 10,
99:
100: /**
101: * Notification payload.
102: */
103: PLV1_NOTIFY = 11,
104:
105: /**
106: * Delete payload.
107: */
108: PLV1_DELETE = 12,
109:
110: /**
111: * Vendor id payload.
112: */
113: PLV1_VENDOR_ID = 13,
114:
115: /**
116: * Attribute payload (ISAKMP Mode Config, aka configuration payload.
117: */
118: PLV1_CONFIGURATION = 14,
119:
120: /**
121: * NAT discovery payload (NAT-D).
122: */
123: PLV1_NAT_D = 20,
124:
125: /**
126: * NAT original address payload (NAT-OA).
127: */
128: PLV1_NAT_OA = 21,
129:
130: /**
131: * The security association (SA) payload containing proposals.
132: */
133: PLV2_SECURITY_ASSOCIATION = 33,
134:
135: /**
136: * The key exchange (KE) payload containing diffie-hellman values.
137: */
138: PLV2_KEY_EXCHANGE = 34,
139:
140: /**
141: * Identification for the original initiator (IDi).
142: */
143: PLV2_ID_INITIATOR = 35,
144:
145: /**
146: * Identification for the original responder (IDr).
147: */
148: PLV2_ID_RESPONDER = 36,
149:
150: /**
151: * Certificate payload with certificates (CERT).
152: */
153: PLV2_CERTIFICATE = 37,
154:
155: /**
156: * Certificate request payload (CERTREQ).
157: */
158: PLV2_CERTREQ = 38,
159:
160: /**
161: * Authentication payload contains auth data (AUTH).
162: */
163: PLV2_AUTH = 39,
164:
165: /**
166: * Nonces, for initiator and responder (Ni, Nr, N)
167: */
168: PLV2_NONCE = 40,
169:
170: /**
171: * Notify payload (N).
172: */
173: PLV2_NOTIFY = 41,
174:
175: /**
176: * Delete payload (D)
177: */
178: PLV2_DELETE = 42,
179:
180: /**
181: * Vendor id payload (V).
182: */
183: PLV2_VENDOR_ID = 43,
184:
185: /**
186: * Traffic selector for the original initiator (TSi).
187: */
188: PLV2_TS_INITIATOR = 44,
189:
190: /**
191: * Traffic selector for the original responder (TSr).
192: */
193: PLV2_TS_RESPONDER = 45,
194:
195: /**
196: * Encrypted payload, contains other payloads (E).
197: */
198: PLV2_ENCRYPTED = 46,
199:
200: /**
201: * Configuration payload (CP).
202: */
203: PLV2_CONFIGURATION = 47,
204:
205: /**
206: * Extensible authentication payload (EAP).
207: */
208: PLV2_EAP = 48,
209:
210: /**
211: * Generic Secure Password Method (GSPM).
212: */
213: PLV2_GSPM = 49,
214:
215: /**
216: * Group Identification (draft-yeung-g-ikev2)
217: */
218: PLV2_IDG = 50,
219:
220: /**
221: * Group Security Association (draft-yeung-g-ikev2)
222: */
223: PLV2_GSA = 51,
224:
225: /**
226: * Key Download (draft-yeung-g-ikev2)
227: */
228: PLV2_KD = 52,
229:
230: /**
231: * Encrypted fragment payload (SKF), RFC 7383
232: */
233: PLV2_FRAGMENT = 53,
234:
235: #ifdef ME
236: /**
237: * Identification payload for peers has a value from
238: * the PRIVATE USE space.
239: */
240: PLV2_ID_PEER = 128,
241: #endif /* ME */
242:
243: /**
244: * NAT discovery payload (NAT-D) (drafts).
245: */
246: PLV1_NAT_D_DRAFT_00_03 = 130,
247:
248: /**
249: * NAT original address payload (NAT-OA) (drafts).
250: */
251: PLV1_NAT_OA_DRAFT_00_03 = 131,
252:
253: /**
254: * IKEv1 fragment (proprietary IKEv1 extension)
255: */
256: PLV1_FRAGMENT = 132,
257:
258: /**
259: * Header has a value of PRIVATE USE space.
260: *
261: * This type and all the following are never sent over wire and are
262: * used internally only.
263: */
264: PL_HEADER = 256,
265:
266: /**
267: * Used to handle unknown or invalid payload types.
268: */
269: PL_UNKNOWN,
270:
271: /**
272: * PLV2_PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
273: */
274: PLV2_PROPOSAL_SUBSTRUCTURE,
275:
276: /**
277: * PLV1_PROPOSAL_SUBSTRUCTURE, IKEv1 proposals in a SA payload.
278: */
279: PLV1_PROPOSAL_SUBSTRUCTURE,
280:
281: /**
282: * PLV2_TRANSFORM_SUBSTRUCTURE, IKEv2 transforms in a proposal substructure.
283: */
284: PLV2_TRANSFORM_SUBSTRUCTURE,
285:
286: /**
287: * PLV1_TRANSFORM_SUBSTRUCTURE, IKEv1 transforms in a proposal substructure.
288: */
289: PLV1_TRANSFORM_SUBSTRUCTURE,
290:
291: /**
292: * PLV2_TRANSFORM_ATTRIBUTE, IKEv2 attribute in a transform.
293: */
294: PLV2_TRANSFORM_ATTRIBUTE,
295:
296: /**
297: * PLV1_TRANSFORM_ATTRIBUTE, IKEv1 attribute in a transform.
298: */
299: PLV1_TRANSFORM_ATTRIBUTE,
300:
301: /**
302: * PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic selector in a TS payload.
303: */
304: PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE,
305:
306: /**
307: * PLV2_CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
308: */
309: PLV2_CONFIGURATION_ATTRIBUTE,
310:
311: /**
312: * PLV1_CONFIGURATION_ATTRIBUTE, IKEv1 attribute in a configuration payload.
313: */
314: PLV1_CONFIGURATION_ATTRIBUTE,
315:
316: /**
317: * This is not really a payload, but rather the complete IKEv1 message.
318: */
319: PLV1_ENCRYPTED,
320: };
321:
322: /**
323: * enum names for payload_type_t.
324: */
325: extern enum_name_t *payload_type_names;
326:
327: /**
328: * enum names for payload_type_t in a short form.
329: */
330: extern enum_name_t *payload_type_short_names;
331:
332: /**
333: * Generic interface for all payload types (incl.header and substructures).
334: *
335: * To handle all kinds of payloads on a generic way, this interface must
336: * be implemented by every payload. This allows parser_t/generator_t a simple
337: * handling of all payloads.
338: */
339: struct payload_t {
340:
341: /**
342: * Get encoding rules for this payload.
343: *
344: * @param rules location to store pointer to rules
345: * @return number of rules
346: */
347: int (*get_encoding_rules) (payload_t *this, encoding_rule_t **rules);
348:
349: /**
350: * Get non-variable header length for a variable length payload.
351: *
352: * @return fixed length of the payload
353: */
354: int (*get_header_length)(payload_t *this);
355:
356: /**
357: * Get type of payload.
358: *
359: * @return type of this payload
360: */
361: payload_type_t (*get_type) (payload_t *this);
362:
363: /**
364: * Get type of next payload or PL_NONE (0) if this is the last one.
365: *
366: * @return type of next payload
367: */
368: payload_type_t (*get_next_type) (payload_t *this);
369:
370: /**
371: * Set type of next payload.
372: *
373: * @param type type of next payload
374: */
375: void (*set_next_type) (payload_t *this,payload_type_t type);
376:
377: /**
378: * Get length of payload.
379: *
380: * @return length of this payload
381: */
382: size_t (*get_length) (payload_t *this);
383:
384: /**
385: * Verifies payload structure and makes consistency check.
386: *
387: * @return SUCCESS, FAILED if consistency not given
388: */
389: status_t (*verify) (payload_t *this);
390:
391: /**
392: * Destroys a payload and all included substructures.
393: */
394: void (*destroy) (payload_t *this);
395: };
396:
397: /**
398: * Create an empty payload.
399: *
400: * Useful for the parser, who wants a generic constructor for all payloads.
401: * It supports all payload_t methods. If a payload type is not known,
402: * an unknown_payload is created with the chunk of data in it.
403: *
404: * @param type type of the payload to create
405: * @return payload_t object
406: */
407: payload_t *payload_create(payload_type_t type);
408:
409: /**
410: * Check if a specific payload is implemented, or handled as unknown payload.
411: *
412: * @param type type of the payload to check
413: * @param maj_ver major IKE version (use 0 to skip version check)
414: * @return FALSE if payload type handled as unknown payload
415: */
416: bool payload_is_known(payload_type_t type, uint8_t maj_ver);
417:
418: /**
419: * Get the value field in a payload using encoding rules.
420: *
421: * @param payload payload to look up a field
422: * @param type encoding rule type to look up
423: * @param skip number rules of type to skip, 0 to get first
424: * @return type specific value pointer, NULL if not found
425: */
426: void* payload_get_field(payload_t *payload, encoding_type_t type, u_int skip);
427:
428: #endif /** PAYLOAD_H_ @}*/