src/libcharon/encoding/payloads/proposal_substructure.h

   1 /*
   2  * Copyright (C) 2012 Tobias Brunner
   3  * Copyright (C) 2005-2006 Martin Willi
   4  * Copyright (C) 2005 Jan Hutter
   5  * HSR Hochschule fuer Technik Rapperswil
   6  *
   7  * This program is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by the
   9  * Free Software Foundation; either version 2 of the License, or (at your
  10  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  11  *
  12  * This program is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  14  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15  * for more details.
  16  */
  17
  18 /**
  19  * @defgroup proposal_substructure proposal_substructure
  20  * @{ @ingroup payloads
  21  */
  22
  23 #ifndef PROPOSAL_SUBSTRUCTURE_H_
  24 #define PROPOSAL_SUBSTRUCTURE_H_
  25
  26 typedef enum encap_t encap_t;
  27 typedef struct proposal_substructure_t proposal_substructure_t;
  28
  29 #include <library.h>
  30 #include <encoding/payloads/payload.h>
  31 #include <encoding/payloads/transform_substructure.h>
  32 #include <crypto/proposal/proposal.h>
  33 #include <collections/linked_list.h>
  34 #include <kernel/kernel_ipsec.h>
  35 #include <sa/authenticator.h>
  36
  37 /**
  38  * Encap type for proposal substructure
  39  */
  40 enum encap_t {
  41         ENCAP_NONE = 0,
  42         ENCAP_UDP,
  43         ENCAP_UDP_DRAFT_00_03,
  44 };
  45
  46 /**
  47  * Class representing an IKEv1/IKEv2 proposal substructure.
  48  */
  49 struct proposal_substructure_t {
  50
  51         /**
  52          * The payload_t interface.
  53          */
  54         payload_t payload_interface;
  55
  56         /**
  57          * Sets the proposal number of current proposal.
  58          *
  59          * @param id                    proposal number to set
  60          */
  61         void (*set_proposal_number) (proposal_substructure_t *this,
  62                                                                  uint8_t proposal_number);
  63         /**
  64          * get proposal number of current proposal.
  65          *
  66          * @return                      proposal number of current proposal substructure.
  67          */
  68         uint8_t (*get_proposal_number) (proposal_substructure_t *this);
  69
  70         /**
  71          * Sets the protocol id of current proposal.
  72          *
  73          * @param id            protocol id to set
  74          */
  75         void (*set_protocol_id) (proposal_substructure_t *this,
  76                                                          uint8_t protocol_id);
  77
  78         /**
  79          * get protocol id of current proposal.
  80          *
  81          * @return                      protocol id of current proposal substructure.
  82          */
  83         uint8_t (*get_protocol_id) (proposal_substructure_t *this);
  84
  85         /**
  86          * Sets the next_payload field of this substructure
  87          *
  88          * If this is the last proposal, next payload field is set to 0,
  89          * otherwise to 2
  90          *
  91          * @param is_last       When TRUE, next payload field is set to 0, otherwise to 2
  92          */
  93         void (*set_is_last_proposal) (proposal_substructure_t *this, bool is_last);
  94
  95         /**
  96          * Returns the currently set SPI of this proposal.
  97          *
  98          * @return                      chunk_t pointing to the value
  99          */
 100         chunk_t (*get_spi) (proposal_substructure_t *this);
 101
 102         /**
 103          * Sets the SPI of the current proposal.
 104          *
 105          * @warning SPI is getting copied
 106          *
 107          * @param spi           chunk_t pointing to the value to set
 108          */
 109         void (*set_spi) (proposal_substructure_t *this, chunk_t spi);
 110
 111         /**
 112          * Gets the CPI of the current proposal (IKEv1 only).
 113          *
 114          * @param cpi           the CPI if a supported algorithm is proposed
 115          * @return                      TRUE if a supported algorithm is proposed
 116          */
 117         bool (*get_cpi) (proposal_substructure_t *this, uint16_t *cpi);
 118
 119         /**
 120          * Get proposals contained in a proposal_substructure_t.
 121          *
 122          * @param list          list to add created proposals to
 123          */
 124         void (*get_proposals) (proposal_substructure_t *this, linked_list_t *list);
 125
 126         /**
 127          * Create an enumerator over transform substructures.
 128          *
 129          * @return                      enumerator over transform_substructure_t
 130          */
 131         enumerator_t* (*create_substructure_enumerator)(proposal_substructure_t *this);
 132
 133         /**
 134          * Get the (shortest) lifetime of a proposal (IKEv1 only).
 135          *
 136          * @return                                      lifetime, in seconds
 137          */
 138         uint32_t (*get_lifetime)(proposal_substructure_t *this);
 139
 140         /**
 141          * Get the (shortest) life duration of a proposal (IKEv1 only).
 142          *
 143          * @return                                      life duration, in bytes
 144          */
 145         uint64_t (*get_lifebytes)(proposal_substructure_t *this);
 146
 147         /**
 148          * Get the first authentication method from the proposal (IKEv1 only).
 149          *
 150          * @return                                      auth method, or AUTH_NONE
 151          */
 152         auth_method_t (*get_auth_method)(proposal_substructure_t *this);
 153
 154         /**
 155          * Get the (first) encapsulation mode from a proposal (IKEv1 only).
 156          *
 157          * @param udp                           set to TRUE if UDP encapsulation used
 158          * @return                                      ipsec encapsulation mode
 159          */
 160         ipsec_mode_t (*get_encap_mode)(proposal_substructure_t *this, bool *udp);
 161
 162         /**
 163          * Destroys an proposal_substructure_t object.
 164          */
 165         void (*destroy) (proposal_substructure_t *this);
 166 };
 167
 168 /**
 169  * Creates an empty proposal_substructure_t object
 170  *
 171  * @param type          PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
 172  * @return                      proposal_substructure_t object
 173  */
 174 proposal_substructure_t *proposal_substructure_create(payload_type_t type);
 175
 176 /**
 177  * Creates an IKEv2 proposal_substructure_t from a proposal_t.
 178  *
 179  * @param proposal      proposal to build a substruct out of it
 180  * @return                      proposal_substructure_t PLV2_PROPOSAL_SUBSTRUCTURE
 181  */
 182 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
 183                                                                                                                 proposal_t *proposal);
 184
 185 /**
 186  * Creates an IKEv1 proposal_substructure_t from a list of proposal_t.
 187  *
 188  * @param proposals     list of proposal_t to encode in a substructure
 189  * @param lifetime      lifetime in seconds
 190  * @param lifebytes     lifebytes, in bytes
 191  * @param auth          authentication method to use, or AUTH_NONE
 192  * @param mode          IPsec encapsulation mode, TRANSPORT or TUNNEL
 193  * @param udp           ENCAP_UDP to use UDP encapsulation
 194  * @return                      IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
 195  */
 196 proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
 197                         linked_list_t *proposals, uint32_t lifetime, uint64_t lifebytes,
 198                         auth_method_t auth, ipsec_mode_t mode, encap_t udp);
 199
 200 /**
 201  * Creates an IKEv1 proposal_substructure_t for IPComp with the given
 202  * proposal_number (e.g. of a ESP proposal to bundle them).
 203  *
 204  * @param lifetime                      lifetime in seconds
 205  * @param lifebytes                     lifebytes, in bytes
 206  * @param cpi                           the CPI to be used
 207  * @param mode                          IPsec encapsulation mode, TRANSPORT or TUNNEL
 208  * @param udp                           ENCAP_UDP to use UDP encapsulation
 209  * @param proposal_number       the proposal number of the proposal to be linked
 210  * @return                                      IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
 211  */
 212 proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
 213                         uint32_t lifetime, uint64_t lifebytes, uint16_t cpi,
 214                         ipsec_mode_t mode, encap_t udp, uint8_t proposal_number);
 215
 216 #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/