Annotation of embedaddon/strongswan/src/libcharon/plugins/ipseckey/ipseckey.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2012 Reto Guadagnini
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup ipseckey_i ipseckey
18: * @{ @ingroup ipseckey
19: */
20:
21: #ifndef IPSECKEY_H_
22: #define IPSECKEY_H_
23:
24: typedef struct ipseckey_t ipseckey_t;
25: typedef enum ipseckey_algorithm_t ipseckey_algorithm_t;
26: typedef enum ipseckey_gw_type_t ipseckey_gw_type_t;
27:
28: #include <library.h>
29:
30: /**
31: * IPSECKEY gateway types as defined in RFC 4025.
32: */
33: enum ipseckey_gw_type_t {
34: /** No gateway is present */
35: IPSECKEY_GW_TP_NOT_PRESENT = 0,
36: /** A 4-byte IPv4 address is present */
37: IPSECKEY_GW_TP_IPV4 = 1,
38: /** A 16-byte IPv6 address is present */
39: IPSECKEY_GW_TP_IPV6 = 2,
40: /** A wire-encoded domain name is present */
41: IPSECKEY_GW_TP_WR_ENC_DNAME = 3,
42: };
43:
44: /**
45: * IPSECKEY algorithms as defined in RFC 4025.
46: */
47: enum ipseckey_algorithm_t {
48: /** No key present */
49: IPSECKEY_ALGORITHM_NONE = 0,
50: /** DSA key */
51: IPSECKEY_ALGORITHM_DSA = 1,
52: /** RSA key */
53: IPSECKEY_ALGORITHM_RSA = 2,
54: };
55:
56: /**
57: * An IPSECKEY.
58: *
59: * Represents an IPSECKEY as defined in RFC 4025:
60: *
61: * 0 1 2 3
62: * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
63: * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
64: * | precedence | gateway type | algorithm | gateway |
65: * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-------------+ +
66: * ~ gateway ~
67: * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
68: * | /
69: * / public key /
70: * / /
71: * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
72: *
73: *
74: * Note: RFC 4025 defines that the algorithm field has a length of 7 bits.
75: * We use 8 bits instead, because the use of 7 bits is very uncommon
76: * in internet protocols and might be an error in RFC 4025
77: * (also the BIND DNS server uses 8 bits for the algorithm field of the
78: * IPSECKEY resource records).
79: *
80: */
81: struct ipseckey_t {
82:
83: /**
84: * Get the precedence of the IPSECKEY.
85: *
86: * @return precedence
87: */
88: uint8_t (*get_precedence)(ipseckey_t *this);
89:
90: /**
91: * Get the type of the gateway.
92: *
93: * The "gateway type" determines the format of the gateway field
94: * of the IPSECKEY.
95: *
96: * @return gateway type
97: */
98: ipseckey_gw_type_t (*get_gateway_type)(ipseckey_t *this);
99:
100: /**
101: * Get the algorithm.
102: *
103: * The "algorithm" determines the format of the public key field
104: * of the IPSECKEY.
105: *
106: * @return algorithm
107: */
108: ipseckey_algorithm_t (*get_algorithm)(ipseckey_t *this);
109:
110: /**
111: * Get the content of the gateway field as chunk.
112: *
113: * The content is in network byte order and its format depends on the
114: * gateway type.
115: *
116: * The data pointed by the chunk is still owned by the IPSECKEY.
117: * Clone it if necessary.
118: *
119: * @return gateway field as chunk
120: */
121: chunk_t (*get_gateway)(ipseckey_t *this);
122:
123: /**
124: * Get the content of the public key field as chunk.
125: *
126: * The format of the public key depends on the algorithm type.
127: *
128: * The data pointed by the chunk is still owned by the IPSECKEY.
129: * Clone it if necessary.
130: *
131: * @return public key field as chunk
132: */
133: chunk_t (*get_public_key)(ipseckey_t *this);
134:
135: /**
136: * Destroy the IPSECKEY.
137: */
138: void (*destroy) (ipseckey_t *this);
139: };
140:
141: /**
142: * Create an ipseckey instance out of a resource record.
143: *
144: * @param rr resource record which contains an IPSECKEY
145: * @return ipseckey, NULL on failure
146: */
147: ipseckey_t *ipseckey_create_frm_rr(rr_t *rr);
148:
149: #endif /** IPSECKEY_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>