Annotation of embedaddon/strongswan/src/libipsec/esp_packet.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2012 Tobias Brunner
! 3: * Copyright (C) 2012 Giuliano Grassi
! 4: * Copyright (C) 2012 Ralf Sager
! 5: * HSR Hochschule fuer Technik Rapperswil
! 6: *
! 7: * This program is free software; you can redistribute it and/or modify it
! 8: * under the terms of the GNU General Public License as published by the
! 9: * Free Software Foundation; either version 2 of the License, or (at your
! 10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 11: *
! 12: * This program is distributed in the hope that it will be useful, but
! 13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 15: * for more details.
! 16: */
! 17:
! 18: /**
! 19: * @defgroup esp_packet esp_packet
! 20: * @{ @ingroup libipsec
! 21: */
! 22:
! 23: #ifndef ESP_PACKET_H_
! 24: #define ESP_PACKET_H_
! 25:
! 26: #include "ip_packet.h"
! 27: #include "esp_context.h"
! 28:
! 29: #include <library.h>
! 30: #include <networking/host.h>
! 31: #include <networking/packet.h>
! 32:
! 33: typedef struct esp_packet_t esp_packet_t;
! 34:
! 35: /**
! 36: * ESP packet
! 37: */
! 38: struct esp_packet_t {
! 39:
! 40: /**
! 41: * Implements packet_t interface to access the raw ESP packet
! 42: */
! 43: packet_t packet;
! 44:
! 45: /**
! 46: * Get the source address of this packet
! 47: *
! 48: * @return source host
! 49: */
! 50: host_t *(*get_source)(esp_packet_t *this);
! 51:
! 52: /**
! 53: * Get the destination address of this packet
! 54: *
! 55: * @return destination host
! 56: */
! 57: host_t *(*get_destination)(esp_packet_t *this);
! 58:
! 59: /**
! 60: * Parse the packet header before decryption. Tries to read the SPI
! 61: * from the packet to find a corresponding SA.
! 62: *
! 63: * @param spi parsed SPI, in network byte order
! 64: * @return TRUE when successful, FALSE otherwise (e.g. when the
! 65: * length of the packet is invalid)
! 66: */
! 67: bool (*parse_header)(esp_packet_t *this, uint32_t *spi);
! 68:
! 69: /**
! 70: * Authenticate and decrypt the packet. Also verifies the sequence number
! 71: * using the supplied ESP context and updates the anti-replay window.
! 72: *
! 73: * @param esp_context ESP context of corresponding inbound IPsec SA
! 74: * @return - SUCCESS if successfully authenticated,
! 75: * decrypted and parsed
! 76: * - PARSE_ERROR if the length of the packet or the
! 77: * padding is invalid
! 78: * - VERIFY_ERROR if the sequence number
! 79: * verification failed
! 80: * - FAILED if the ICV (MAC) check or the actual
! 81: * decryption failed
! 82: */
! 83: status_t (*decrypt)(esp_packet_t *this, esp_context_t *esp_context);
! 84:
! 85: /**
! 86: * Encapsulate and encrypt the packet. The sequence number will be generated
! 87: * using the supplied ESP context.
! 88: *
! 89: * @param esp_context ESP context of corresponding outbound IPsec SA
! 90: * @param spi SPI value to use, in network byte order
! 91: * @return - SUCCESS if encrypted
! 92: * - FAILED if sequence number cycled or any of the
! 93: * cryptographic functions failed
! 94: * - NOT_FOUND if no suitable IV generator provided
! 95: */
! 96: status_t (*encrypt)(esp_packet_t *this, esp_context_t *esp_context,
! 97: uint32_t spi);
! 98:
! 99: /**
! 100: * Get the next header field of a packet.
! 101: *
! 102: * @note Packet has to be in the decrypted state.
! 103: *
! 104: * @return next header field
! 105: */
! 106: uint8_t (*get_next_header)(esp_packet_t *this);
! 107:
! 108: /**
! 109: * Get the plaintext payload of this packet.
! 110: *
! 111: * @return plaintext payload (internal data),
! 112: * NULL if not decrypted
! 113: */
! 114: ip_packet_t *(*get_payload)(esp_packet_t *this);
! 115:
! 116: /**
! 117: * Extract the plaintext payload from this packet.
! 118: *
! 119: * @return plaintext payload (has to be destroyed),
! 120: * NULL if not decrypted
! 121: */
! 122: ip_packet_t *(*extract_payload)(esp_packet_t *this);
! 123:
! 124: /**
! 125: * Destroy an esp_packet_t
! 126: */
! 127: void (*destroy)(esp_packet_t *this);
! 128:
! 129: };
! 130:
! 131: /**
! 132: * Create an ESP packet out of data from the wire.
! 133: *
! 134: * @param packet the packet data as received, gets owned
! 135: * @return esp_packet_t instance
! 136: */
! 137: esp_packet_t *esp_packet_create_from_packet(packet_t *packet);
! 138:
! 139: /**
! 140: * Create an ESP packet from a plaintext payload
! 141: *
! 142: * @param src source address
! 143: * @param dst destination address
! 144: * @param payload plaintext payload, gets owned
! 145: * @return esp_packet_t instance
! 146: */
! 147: esp_packet_t *esp_packet_create_from_payload(host_t *src, host_t *dst,
! 148: ip_packet_t *payload);
! 149:
! 150: #endif /** ESP_PACKET_H_ @}*/
! 151:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to esp_packet.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libipsec