2 * Copyright (C) 2012-2020 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * HSR Hochschule fuer Technik Rapperswil
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
19 * @defgroup proposal_substructure proposal_substructure
20 * @{ @ingroup payloads
23 #ifndef PROPOSAL_SUBSTRUCTURE_H_
24 #define PROPOSAL_SUBSTRUCTURE_H_
26 typedef enum encap_t encap_t
;
27 typedef struct proposal_substructure_t proposal_substructure_t
;
30 #include <encoding/payloads/payload.h>
31 #include <encoding/payloads/transform_substructure.h>
32 #include <crypto/proposal/proposal.h>
33 #include <collections/linked_list.h>
34 #include <kernel/kernel_ipsec.h>
35 #include <sa/authenticator.h>
38 * Encap type for proposal substructure
43 ENCAP_UDP_DRAFT_00_03
,
47 * Class representing an IKEv1/IKEv2 proposal substructure.
49 struct proposal_substructure_t
{
52 * The payload_t interface.
54 payload_t payload_interface
;
57 * Sets the proposal number of current proposal.
59 * @param id proposal number to set
61 void (*set_proposal_number
) (proposal_substructure_t
*this,
62 uint8_t proposal_number
);
64 * get proposal number of current proposal.
66 * @return proposal number of current proposal substructure.
68 uint8_t (*get_proposal_number
) (proposal_substructure_t
*this);
71 * Sets the protocol id of current proposal.
73 * @param id protocol id to set
75 void (*set_protocol_id
) (proposal_substructure_t
*this,
79 * get protocol id of current proposal.
81 * @return protocol id of current proposal substructure.
83 uint8_t (*get_protocol_id
) (proposal_substructure_t
*this);
86 * Sets the next_payload field of this substructure
88 * If this is the last proposal, next payload field is set to 0,
91 * @param is_last When TRUE, next payload field is set to 0, otherwise to 2
93 void (*set_is_last_proposal
) (proposal_substructure_t
*this, bool is_last
);
96 * Returns the currently set SPI of this proposal.
98 * @return chunk_t pointing to the value
100 chunk_t (*get_spi
) (proposal_substructure_t
*this);
103 * Sets the SPI of the current proposal.
105 * @warning SPI is getting copied
107 * @param spi chunk_t pointing to the value to set
109 void (*set_spi
) (proposal_substructure_t
*this, chunk_t spi
);
112 * Gets the CPI of the current proposal (IKEv1 only).
114 * @param cpi the CPI if a supported algorithm is proposed
115 * @return TRUE if a supported algorithm is proposed
117 bool (*get_cpi
) (proposal_substructure_t
*this, uint16_t *cpi
);
120 * Get proposals contained in a proposal_substructure_t.
122 * @param list list to add created proposals to
124 void (*get_proposals
) (proposal_substructure_t
*this, linked_list_t
*list
);
127 * Create an enumerator over transform substructures.
129 * @return enumerator over transform_substructure_t
131 enumerator_t
* (*create_substructure_enumerator
)(proposal_substructure_t
*this);
134 * Get the lifetime of a transform (IKEv1 only).
136 * @param transform transform number
137 * @return lifetime, in seconds
139 uint32_t (*get_lifetime
)(proposal_substructure_t
*this, uint8_t transform
);
142 * Get the life duration of a transform (IKEv1 only).
144 * @param transform transform number
145 * @return life duration, in bytes
147 uint64_t (*get_lifebytes
)(proposal_substructure_t
*this, uint8_t transform
);
150 * Get the first authentication method from the proposal (IKEv1 only).
152 * @return auth method, or AUTH_NONE
154 auth_method_t (*get_auth_method
)(proposal_substructure_t
*this);
157 * Get the (first) encapsulation mode from a proposal (IKEv1 only).
159 * @param udp set to TRUE if UDP encapsulation used
160 * @return ipsec encapsulation mode
162 ipsec_mode_t (*get_encap_mode
)(proposal_substructure_t
*this, bool *udp
);
165 * Destroys an proposal_substructure_t object.
167 void (*destroy
) (proposal_substructure_t
*this);
171 * Creates an empty proposal_substructure_t object
173 * @param type PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
174 * @return proposal_substructure_t object
176 proposal_substructure_t
*proposal_substructure_create(payload_type_t type
);
179 * Creates an IKEv2 proposal_substructure_t from a proposal_t.
181 * @param proposal proposal to build a substruct out of it
182 * @return proposal_substructure_t PLV2_PROPOSAL_SUBSTRUCTURE
184 proposal_substructure_t
*proposal_substructure_create_from_proposal_v2(
185 proposal_t
*proposal
);
188 * Creates an IKEv1 proposal_substructure_t from a list of proposal_t.
190 * @param proposals list of proposal_t to encode in a substructure
191 * @param lifetime lifetime in seconds
192 * @param lifebytes lifebytes, in bytes
193 * @param auth authentication method to use, or AUTH_NONE
194 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
195 * @param udp ENCAP_UDP to use UDP encapsulation
196 * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
198 proposal_substructure_t
*proposal_substructure_create_from_proposals_v1(
199 linked_list_t
*proposals
, uint32_t lifetime
, uint64_t lifebytes
,
200 auth_method_t auth
, ipsec_mode_t mode
, encap_t udp
);
203 * Creates an IKEv1 proposal_substructure_t for IPComp with the given
204 * proposal_number (e.g. of a ESP proposal to bundle them).
206 * @param lifetime lifetime in seconds
207 * @param lifebytes lifebytes, in bytes
208 * @param cpi the CPI to be used
209 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
210 * @param udp ENCAP_UDP to use UDP encapsulation
211 * @param proposal_number the proposal number of the proposal to be linked
212 * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
214 proposal_substructure_t
*proposal_substructure_create_for_ipcomp_v1(
215 uint32_t lifetime
, uint64_t lifebytes
, uint16_t cpi
,
216 ipsec_mode_t mode
, encap_t udp
, uint8_t proposal_number
);
218 #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/