Annotation of embedaddon/strongswan/src/libcharon/sa/ikev1/iv_manager.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2011-2016 Tobias Brunner
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup iv_manager iv_manager
! 18: * @{ @ingroup ikev1
! 19: */
! 20:
! 21: #ifndef IV_MANAGER_H_
! 22: #define IV_MANAGER_H_
! 23:
! 24: #include <utils/chunk.h>
! 25: #include <crypto/hashers/hasher.h>
! 26:
! 27: typedef struct iv_manager_t iv_manager_t;
! 28:
! 29: /**
! 30: * IV and QM managing instance for IKEv1. Keeps track of phase 2 exchanges
! 31: * and IV, as well as the phase 1 IV.
! 32: */
! 33: struct iv_manager_t {
! 34:
! 35: /**
! 36: * Set the value of the first phase1 IV.
! 37: *
! 38: * @param data input to calc initial IV from (g^xi | g^xr)
! 39: * @param hasher hasher to be used for IV calculation
! 40: * (shared with keymat, must not be destroyed here)
! 41: * @param block_size cipher block size of aead
! 42: * @return TRUE for success, FALSE otherwise
! 43: */
! 44: bool (*init_iv_chain)(iv_manager_t *this, chunk_t data, hasher_t *hasher,
! 45: size_t block_size);
! 46:
! 47: /**
! 48: * Returns the IV for a message with the given message ID.
! 49: *
! 50: * The return chunk contains internal data and is valid until the next
! 51: * get_iv/udpate_iv/confirm_iv() call.
! 52: *
! 53: * @param mid message ID
! 54: * @param iv chunk receiving IV, internal data
! 55: * @return TRUE if IV allocated successfully
! 56: */
! 57: bool (*get_iv)(iv_manager_t *this, uint32_t mid, chunk_t *iv);
! 58:
! 59: /**
! 60: * Updates the IV for the next message with the given message ID.
! 61: *
! 62: * A call of confirm_iv() is required in order to actually make the IV
! 63: * available. This is needed for the inbound case where we store the last
! 64: * block of the encrypted message but want to update the IV only after
! 65: * verification of the decrypted message.
! 66: *
! 67: * @param mid message ID
! 68: * @param last_block last block of encrypted message (gets cloned)
! 69: * @return TRUE if IV updated successfully
! 70: */
! 71: bool (*update_iv)(iv_manager_t *this, uint32_t mid, chunk_t last_block);
! 72:
! 73: /**
! 74: * Confirms the updated IV for the given message ID.
! 75: *
! 76: * To actually make the new IV available via get_iv() this method has to
! 77: * be called after update_iv().
! 78: *
! 79: * @param mid message ID
! 80: * @return TRUE if IV confirmed successfully
! 81: */
! 82: bool (*confirm_iv)(iv_manager_t *this, uint32_t mid);
! 83:
! 84: /**
! 85: * Try to find a QM for the given message ID, if not found, generate it.
! 86: * The nonces shall be assigned by the caller if they are not set yet.
! 87: *
! 88: * @param mid message ID
! 89: * @param n_i chunk pointer to contain Ni_b (Nonce from first
! 90: * message)
! 91: * @param n_r chunk pointer to contain Nr_b (Nonce from second
! 92: * message)
! 93: */
! 94: void (*lookup_quick_mode)(iv_manager_t *this, uint32_t mid, chunk_t **n_i,
! 95: chunk_t **n_r);
! 96:
! 97: /**
! 98: * Remove the QM for the given message ID.
! 99: *
! 100: * @param mid message ID
! 101: */
! 102: void (*remove_quick_mode)(iv_manager_t *this, uint32_t mid);
! 103:
! 104: /*
! 105: * Destroy a iv_manager_t.
! 106: */
! 107: void (*destroy)(iv_manager_t *this);
! 108: };
! 109:
! 110: /**
! 111: * Create an IV and QM manager which is able to store up to max_exchanges
! 112: * initialization vectors and quick modes.
! 113: *
! 114: * @param max_exchanges maximum number of IVs and QMs to be stored, set
! 115: * to 0 to use default (3, or as configured)
! 116: * @return IV and QM manager instance
! 117: */
! 118: iv_manager_t *iv_manager_create(int max_exchanges);
! 119:
! 120: #endif /** IV_MANAGER_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>