Source/charon/encoding/payloads/transform_substructure.h

   1 /**
   2  * @file transform_substructure.h
   3  *
   4  * @brief Declaration of the class transform_substructure_t.
   5  *
   6  * An object of this type represents an IKEv2 TRANSFORM Substructure and contains Attributes.
   7  *
   8  */
   9
  10 /*
  11  * Copyright (C) 2005 Jan Hutter, Martin Willi
  12  * Hochschule fuer Technik Rapperswil
  13  *
  14  * This program is free software; you can redistribute it and/or modify it
  15  * under the terms of the GNU General Public License as published by the
  16  * Free Software Foundation; either version 2 of the License, or (at your
  17  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  18  *
  19  * This program is distributed in the hope that it will be useful, but
  20  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  21  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  22  * for more details.
  23  */
  24
  25 #ifndef TRANSFORM_SUBSTRUCTURE_H_
  26 #define TRANSFORM_SUBSTRUCTURE_H_
  27
  28 #include <types.h>
  29 #include <definitions.h>
  30 #include <encoding/payloads/payload.h>
  31 #include <encoding/payloads/transform_attribute.h>
  32 #include <utils/linked_list.h>
  33
  34
  35 /**
  36  * IKEv1 Value for a transform payload
  37  */
  38 #define TRANSFORM_TYPE_VALUE 3
  39
  40 /**
  41  * Length of the transform substructure header in bytes
  42  */
  43 #define TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH 8
  44
  45
  46 /**
  47  * Type of a transform, as in IKEv2 draft 3.3.2
  48  */
  49 typedef enum transform_type_e transform_type_t;
  50
  51 enum transform_type_e {
  52         UNDEFINED_TRANSFORM_TYPE = 241,
  53         ENCRYPTION_ALGORITHM = 1,
  54         PSEUDO_RANDOM_FUNCTION = 2,
  55         INTEGRITIY_ALGORITHM = 3,
  56         DIFFIE_HELLMAN_GROUP = 4,
  57         EXTENDED_SEQUENCE_NUNBERS = 5
  58 };
  59
  60 /**
  61  * string mappings for transform_type_t
  62  */
  63 extern mapping_t transform_type_m[];
  64
  65 /**
  66  * Encryption algorithm, as in IKEv2 draft 3.3.2
  67  */
  68 typedef enum encryption_algorithm_e encryption_algorithm_t;
  69
  70 enum encryption_algorithm_e {
  71         ENCR_UNDEFINED = 1024,
  72         ENCR_DES_IV64 = 1,
  73         ENCR_DES = 2,
  74         ENCR_3DES = 3,
  75         ENCR_RC5 = 4,
  76         ENCR_IDEA = 5,
  77         ENCR_CAST = 6,
  78         ENCR_BLOWFISH = 7,
  79         ENCR_3IDEA = 8,
  80         ENCR_DES_IV32 = 9,
  81         RESERVED = 10,
  82         ENCR_NULL = 11,
  83         ENCR_AES_CBC = 12,
  84         ENCR_AES_CTR = 13
  85 };
  86
  87 /**
  88  * string mappings for encryption_algorithm_t
  89  */
  90 extern mapping_t encryption_algorithm_m[];
  91
  92 /**
  93  * Pseudo random function, as in IKEv2 draft 3.3.2
  94  */
  95 typedef enum pseudo_random_function_e pseudo_random_function_t;
  96
  97 enum pseudo_random_function_e {
  98         PRF_UNDEFINED = 1024,
  99         PRF_HMAC_MD5 = 1,
 100         PRF_HMAC_SHA1 = 2,
 101         PRF_HMAC_TIGER = 3,
 102         PRF_AES128_CBC = 4
 103 };
 104
 105 /**
 106  * string mappings for encryption_algorithm_t
 107  */
 108 extern mapping_t pseudo_random_function_m[];
 109
 110 /**
 111  * Integrity algorithm, as in IKEv2 draft 3.3.2
 112  */
 113 typedef enum integrity_algorithm_e integrity_algorithm_t;
 114
 115 enum integrity_algorithm_e {
 116         AUTH_UNDEFINED = 1024,
 117         AUTH_HMAC_MD5_96 = 1,
 118         AUTH_HMAC_SHA1_96 = 2,
 119         AUTH_DES_MAC = 3,
 120         AUTH_KPDK_MD5 = 4,
 121         AUTH_AES_XCBC_96 = 5
 122 };
 123
 124 /**
 125  * string mappings for integrity_algorithm_t
 126  */
 127 extern mapping_t integrity_algorithm_m[];
 128
 129
 130 /**
 131  * Diffie-Hellman group, as in IKEv2 draft 3.3.2 and RFC 3526
 132  */
 133 typedef enum diffie_hellman_group_e diffie_hellman_group_t;
 134
 135 enum diffie_hellman_group_e {
 136         MODP_UNDEFINED = 1024,
 137         MODP_768_BIT = 1,
 138         MODP_1024_BIT = 2,
 139         MODP_1536_BIT = 5,
 140         MODP_2048_BIT = 14,
 141         MODP_3072_BIT = 15,
 142         MODP_4096_BIT = 16,
 143         MODP_6144_BIT = 17,
 144         MODP_8192_BIT = 18
 145 };
 146
 147 /**
 148  * string mappings for diffie_hellman_group_t
 149  */
 150 extern mapping_t diffie_hellman_group_m[];
 151
 152 /**
 153  * Extended sequence numbers, as in IKEv2 draft 3.3.2
 154  */
 155 typedef enum extended_sequence_numbers_e extended_sequence_numbers_t;
 156
 157 enum extended_sequence_numbers_e {
 158         NO_EXT_SEQ_NUMBERS = 0,
 159         EXT_SEQ_NUMBERS = 1
 160 };
 161
 162 /**
 163  * string mappings for extended_sequence_numbers_t
 164  */
 165 extern mapping_t extended_sequence_numbers_m[];
 166
 167 /**
 168  * Object representing an IKEv2- TRANSFORM SUBSTRUCTURE
 169  *
 170  * The TRANSFORM SUBSTRUCTURE format is described in RFC section 3.3.2.
 171  *
 172  */
 173 typedef struct transform_substructure_s transform_substructure_t;
 174
 175 struct transform_substructure_s {
 176         /**
 177          * implements payload_t interface
 178          */
 179         payload_t payload_interface;
 180
 181         /**
 182          * @brief Creates an iterator of stored transform_attribute_t objects.
 183          *
 184          * @warning The created iterator has to get destroyed by the caller!
 185          *
 186          * @warning When deleting an transform attribute using this iterator,
 187          *                      the length of this transform substructure has to be refreshed
 188          *                      by calling get_length()!
 189          *
 190          * @param this                  calling transform_substructure_t object
 191          * @param iterator              the created iterator is stored at the pointed pointer
 192          * @param[in] forward   iterator direction (TRUE: front to end)
 193          * @return
 194          *                                              - SUCCESS or
 195          *                                              - OUT_OF_RES if iterator could not be created
 196          */
 197         status_t (*create_transform_attribute_iterator) (transform_substructure_t *this,linked_list_iterator_t **iterator, bool forward);
 198
 199         /**
 200          * @brief Adds a transform_attribute_t object to this object.
 201          *
 202          * @warning The added proposal_substructure_t object  is
 203          *                      getting destroyed in destroy function of transform_substructure_t.
 204          *
 205          * @param this          calling transform_substructure_t object
 206          * @param proposal  transform_attribute_t object to add
 207          * @return                      - SUCCESS if succeeded
 208          *                                      - FAILED otherwise
 209          */
 210         status_t (*add_transform_attribute) (transform_substructure_t *this,transform_attribute_t *attribute);
 211
 212         /**
 213          * @brief Sets the next_payload field of this substructure
 214          *
 215          * If this is the last transform, next payload field is set to 0,
 216          * otherwise to 3 (payload type of transform in IKEv1)
 217          *
 218          * @param this          calling transform_substructure_t object
 219          * @param is_last       When TRUE, next payload field is set to 0, otherwise to 3
 220          * @return                      - SUCCESS
 221          */
 222         status_t (*set_is_last_transform) (transform_substructure_t *this, bool is_last);
 223
 224         /**
 225          * @brief Checks if this is the last transform.
 226          *
 227          * @param this          calling transform_substructure_t object
 228          * @return                      TRUE if this is the last Transform, FALSE otherwise
 229          */
 230         bool (*get_is_last_transform) (transform_substructure_t *this);
 231
 232         /**
 233          * @brief Sets transform type of the current transform substructure.
 234          *
 235          * @param this          calling transform_substructure_t object
 236          * @param type          type value to set
 237          * @return                      - SUCCESS
 238          */
 239         status_t (*set_transform_type) (transform_substructure_t *this,u_int8_t type);
 240
 241         /**
 242          * @brief get transform type of the current transform.
 243          *
 244          * @param this          calling transform_substructure_t object
 245          * @return                      Transform type of current transform substructure.
 246          */
 247         u_int8_t (*get_transform_type) (transform_substructure_t *this);
 248
 249         /**
 250          * @brief Sets transform id of the current transform substructure.
 251          *
 252          * @param this          calling transform_substructure_t object
 253          * @param id                    transform id to set
 254          * @return                      - SUCCESS
 255          */
 256         status_t (*set_transform_id) (transform_substructure_t *this,u_int16_t id);
 257
 258         /**
 259          * @brief get transform id of the current transform.
 260          *
 261          * @param this          calling transform_substructure_t object
 262          * @return                      Transform id of current transform substructure.
 263          */
 264         u_int16_t (*get_transform_id) (transform_substructure_t *this);
 265
 266         /**
 267          * @brief Clones an transform_substructure_t object.
 268          *
 269          * @param this  transform_substructure_t object to clone
 270          * @param clone pointer to a transform_substructure_t object pointer
 271          *                              where the new object is stored to.
 272          * @return
 273          *                              - OUT_OF_RES
 274          *                              - SUCCESS in any case
 275          */
 276         status_t (*clone) (transform_substructure_t *this,transform_substructure_t **clone);
 277
 278         /**
 279          * @brief Destroys an transform_substructure_t object.
 280          *
 281          * @param this  transform_substructure_t object to destroy
 282          * @return
 283          *                              SUCCESS in any case
 284          */
 285         status_t (*destroy) (transform_substructure_t *this);
 286 };
 287
 288 /**
 289  * @brief Creates an empty transform_substructure_t object
 290  *
 291  * @return
 292  *                                      - created transform_substructure_t object, or
 293  *                                      - NULL if failed
 294  */
 295
 296 transform_substructure_t *transform_substructure_create();
 297
 298 #endif /*TRANSFORM_SUBSTRUCTURE_H_*/