Annotation of embedaddon/strongswan/src/libsimaka/simaka_crypto.h, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (C) 2009 Martin Willi
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: /**
17: * @defgroup simaka_crypto simaka_crypto
18: * @{ @ingroup libsimaka
19: */
20:
21: #ifndef SIMAKA_CRYPTO_H_
22: #define SIMAKA_CRYPTO_H_
23:
24: #include <library.h>
25:
26: typedef struct simaka_crypto_t simaka_crypto_t;
27:
28: /**
29: * EAP-SIM/AKA crypto helper and key derivation class.
30: */
31: struct simaka_crypto_t {
32:
33: /**
34: * Get the signer to use for AT_MAC calculation/verification.
35: *
36: * @return signer reference, NULL if no keys have been derived
37: */
38: signer_t* (*get_signer)(simaka_crypto_t *this);
39:
40: /**
41: * Get the signer to use for AT_ENCR_DATA encryption/decryption.
42: *
43: * @return crypter reference, NULL if no keys have been derived
44: */
45: crypter_t* (*get_crypter)(simaka_crypto_t *this);
46:
47: /**
48: * Get the random number generator.
49: *
50: * @return rng reference
51: */
52: rng_t* (*get_rng)(simaka_crypto_t *this);
53:
54: /**
55: * Derive keys after full authentication.
56: *
57: * This methods derives the k_encr/k_auth keys and loads them into the
58: * internal crypter/signer instances. The passed data is method specific:
59: * For EAP-SIM, it is "n*Kc|NONCE_MT|Version List|Selected Version", for
60: * EAP-AKA it is "IK|CK".
61: *
62: * @param id peer identity
63: * @param data method specific data
64: * @param mk chunk receiving allocated master key MK
65: * @param msk chunk receiving allocated MSK
66: * @return TRUE if keys allocated and derived successfully
67: */
68: bool (*derive_keys_full)(simaka_crypto_t *this, identification_t *id,
69: chunk_t data, chunk_t *mk, chunk_t *msk);
70:
71: /**
72: * Derive k_encr/k_auth keys from MK using fast reauthentication.
73: *
74: * This methods derives the k_encr/k_auth keys and loads them into the
75: * internal crypter/signer instances.
76: *
77: * @param mk master key
78: * @return TRUE if keys derived successfully
79: */
80: bool (*derive_keys_reauth)(simaka_crypto_t *this, chunk_t mk);
81:
82: /**
83: * Derive MSK using fast reauthentication.
84: *
85: * @param id fast reauthentication identity
86: * @param counter fast reauthentication counter value, network order
87: * @param nonce_s server generated NONCE_S value
88: * @param mk master key of last full authentication
89: * @param msk chunk receiving allocated MSK
90: * @return TRUE if MSK allocated and derived successfully
91: */
92: bool (*derive_keys_reauth_msk)(simaka_crypto_t *this,
93: identification_t *id, chunk_t counter,
94: chunk_t nonce_s, chunk_t mk, chunk_t *msk);
95:
96: /**
97: * Clear keys (partially) derived.
98: */
99: void (*clear_keys)(simaka_crypto_t *this);
100:
101: /**
102: * Destroy a simaka_crypto_t.
103: */
104: void (*destroy)(simaka_crypto_t *this);
105: };
106:
107: /**
108: * Create a simaka_crypto instance.
109: *
110: * @return EAP-SIM/AKA crypto instance, NULL if algorithms missing
111: */
112: simaka_crypto_t *simaka_crypto_create();
113:
114: #endif /** SIMAKA_CRYPTO_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to simaka_crypto.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libsimaka