Annotation of embedaddon/strongswan/src/libtls/tls_protection.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2010 Martin Willi
! 3: * Copyright (C) 2010 revosec AG
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup tls_protection tls_protection
! 18: * @{ @ingroup libtls
! 19: */
! 20:
! 21: #ifndef TLS_PROTECTION_H_
! 22: #define TLS_PROTECTION_H_
! 23:
! 24: #include <library.h>
! 25:
! 26: typedef struct tls_protection_t tls_protection_t;
! 27:
! 28: #include "tls.h"
! 29: #include "tls_aead.h"
! 30: #include "tls_alert.h"
! 31: #include "tls_compression.h"
! 32:
! 33: /**
! 34: * TLS record protocol protection layer.
! 35: */
! 36: struct tls_protection_t {
! 37:
! 38: /**
! 39: * Process a protected TLS record, pass it to upper layers.
! 40: *
! 41: * @param type type of the TLS record to process
! 42: * @param data associated TLS record data
! 43: * @return
! 44: * - SUCCESS if TLS negotiation complete
! 45: * - FAILED if TLS handshake failed
! 46: * - NEED_MORE if more invocations to process/build needed
! 47: */
! 48: status_t (*process)(tls_protection_t *this,
! 49: tls_content_type_t type, chunk_t data);
! 50:
! 51: /**
! 52: * Query upper layer for TLS record, build protected record.
! 53: *
! 54: * @param type type of the built TLS record
! 55: * @param data allocated data of the built TLS record
! 56: * @return
! 57: * - SUCCESS if TLS negotiation complete
! 58: * - FAILED if TLS handshake failed
! 59: * - NEED_MORE if upper layers have more records to send
! 60: * - INVALID_STATE if more input records required
! 61: */
! 62: status_t (*build)(tls_protection_t *this,
! 63: tls_content_type_t *type, chunk_t *data);
! 64:
! 65: /**
! 66: * Set a new transforms to use at protection layer
! 67: *
! 68: * @param inbound TRUE to use cipher for inbound data, FALSE for outbound
! 69: * @param aead new AEAD transform
! 70: */
! 71: void (*set_cipher)(tls_protection_t *this, bool inbound, tls_aead_t *aead);
! 72:
! 73: /**
! 74: * Set the TLS version negotiated, used for MAC calculation.
! 75: *
! 76: * @param version TLS version negotiated
! 77: */
! 78: void (*set_version)(tls_protection_t *this, tls_version_t version);
! 79:
! 80: /**
! 81: * Destroy a tls_protection_t.
! 82: */
! 83: void (*destroy)(tls_protection_t *this);
! 84: };
! 85:
! 86: /**
! 87: * Create a tls_protection instance.
! 88: *
! 89: * @param compression compression layer of TLS stack
! 90: * @param alert TLS alert handler
! 91: * @return TLS protection layer.
! 92: */
! 93: tls_protection_t *tls_protection_create(tls_compression_t *compression,
! 94: tls_alert_t *alert);
! 95:
! 96: #endif /** TLS_PROTECTION_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to tls_protection.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libtls