#include <stddef.h>
#include <string.h>
-#include "encryption_payload.h"
+#include "encrypted_payload.h"
#include <daemon.h>
#include <encoding/payloads/encodings.h>
#include <encoding/generator.h>
#include <encoding/parser.h>
-typedef struct private_encryption_payload_t private_encryption_payload_t;
+typedef struct private_encrypted_payload_t private_encrypted_payload_t;
-/**
- * Private data of an encryption_payload_t' Object.
- *
- */
-struct private_encryption_payload_t {
+struct private_encrypted_payload_t {
/**
- * Public encryption_payload_t interface.
+ * Public encrypted_payload_t interface.
*/
- encryption_payload_t public;
+ encrypted_payload_t public;
/**
- * There is no next payload for an encryption payload,
- * since encryption payload MUST be the last one.
+ * There is no next payload for an encrypted payload,
+ * since encrypted payload MUST be the last one.
* next_payload means here the first payload of the
* contained, encrypted payload.
*/
};
/**
- * Encoding rules to parse or generate a IKEv2-Encryption Payload.
+ * Encoding rules to parse or generate a IKEv2-Encrypted Payload.
*
* The defined offsets are the positions in a object of type
- * private_encryption_payload_t.
+ * private_encrypted_payload_t.
*/
static encoding_rule_t encodings_v2[] = {
/* 1 Byte next payload type, stored in the field next_payload */
- { U_INT_8, offsetof(private_encryption_payload_t, next_payload) },
+ { U_INT_8, offsetof(private_encrypted_payload_t, next_payload) },
/* Critical and 7 reserved bits, all stored for reconstruction */
- { U_INT_8, offsetof(private_encryption_payload_t, flags) },
- /* Length of the whole encryption payload*/
- { PAYLOAD_LENGTH, offsetof(private_encryption_payload_t, payload_length) },
+ { U_INT_8, offsetof(private_encrypted_payload_t, flags) },
+ /* Length of the whole encrypted payload*/
+ { PAYLOAD_LENGTH, offsetof(private_encrypted_payload_t, payload_length) },
/* encrypted data, stored in a chunk. contains iv, data, padding */
- { CHUNK_DATA, offsetof(private_encryption_payload_t, encrypted) },
+ { CHUNK_DATA, offsetof(private_encrypted_payload_t, encrypted) },
};
/*
* Encoding rules to parse or generate a complete encrypted IKEv1 message.
*
* The defined offsets are the positions in a object of type
- * private_encryption_payload_t.
+ * private_encrypted_payload_t.
*/
static encoding_rule_t encodings_v1[] = {
/* encrypted data, stored in a chunk */
- { ENCRYPTED_DATA, offsetof(private_encryption_payload_t, encrypted) },
+ { ENCRYPTED_DATA, offsetof(private_encrypted_payload_t, encrypted) },
};
/*
*/
METHOD(payload_t, verify, status_t,
- private_encryption_payload_t *this)
+ private_encrypted_payload_t *this)
{
return SUCCESS;
}
METHOD(payload_t, get_encoding_rules, int,
- private_encryption_payload_t *this, encoding_rule_t **rules)
+ private_encrypted_payload_t *this, encoding_rule_t **rules)
{
if (this->type == PLV2_ENCRYPTED)
{
}
METHOD(payload_t, get_header_length, int,
- private_encryption_payload_t *this)
+ private_encrypted_payload_t *this)
{
if (this->type == PLV2_ENCRYPTED)
{
}
METHOD(payload_t, get_type, payload_type_t,
- private_encryption_payload_t *this)
+ private_encrypted_payload_t *this)
{
return this->type;
}
METHOD(payload_t, get_next_type, payload_type_t,
- private_encryption_payload_t *this)
+ private_encrypted_payload_t *this)
{
return this->next_payload;
}
METHOD(payload_t, set_next_type, void,
- private_encryption_payload_t *this, payload_type_t type)
+ private_encrypted_payload_t *this, payload_type_t type)
{
/* the next payload is set during add, still allow this for IKEv1 */
this->next_payload = type;
/**
* Compute the length of the whole payload
*/
-static void compute_length(private_encryption_payload_t *this)
+static void compute_length(private_encrypted_payload_t *this)
{
enumerator_t *enumerator;
payload_t *payload;
this->payload_length = length;
}
-METHOD2(payload_t, encryption_payload_t, get_length, size_t,
- private_encryption_payload_t *this)
+METHOD2(payload_t, encrypted_payload_t, get_length, size_t,
+ private_encrypted_payload_t *this)
{
compute_length(this);
return this->payload_length;
}
-METHOD(encryption_payload_t, add_payload, void,
- private_encryption_payload_t *this, payload_t *payload)
+METHOD(encrypted_payload_t, add_payload, void,
+ private_encrypted_payload_t *this, payload_t *payload)
{
payload_t *last_payload;
compute_length(this);
}
-METHOD(encryption_payload_t, remove_payload, payload_t *,
- private_encryption_payload_t *this)
+METHOD(encrypted_payload_t, remove_payload, payload_t *,
+ private_encrypted_payload_t *this)
{
payload_t *payload;
/**
* Generate payload before encryption
*/
-static chunk_t generate(private_encryption_payload_t *this,
+static chunk_t generate(private_encrypted_payload_t *this,
generator_t *generator)
{
payload_t *current, *next;
generator->generate_payload(generator, current);
chunk = generator->get_chunk(generator, &lenpos);
- DBG2(DBG_ENC, "generated content in encryption payload");
+ DBG2(DBG_ENC, "generated content in encrypted payload");
}
enumerator->destroy(enumerator);
return chunk;
}
/**
- * Append the encryption payload header to the associated data
+ * Append the encrypted payload header to the associated data
*/
-static chunk_t append_header(private_encryption_payload_t *this, chunk_t assoc)
+static chunk_t append_header(private_encrypted_payload_t *this, chunk_t assoc)
{
struct {
u_int8_t next_payload;
return chunk_cat("cc", assoc, chunk_from_thing(header));
}
-METHOD(encryption_payload_t, encrypt, status_t,
- private_encryption_payload_t *this, u_int64_t mid, chunk_t assoc)
+METHOD(encrypted_payload_t, encrypt, status_t,
+ private_encrypted_payload_t *this, u_int64_t mid, chunk_t assoc)
{
chunk_t iv, plain, padding, icv, crypt;
generator_t *generator;
if (this->aead == NULL)
{
- DBG1(DBG_ENC, "encrypting encryption payload failed, transform missing");
+ DBG1(DBG_ENC, "encrypting encrypted payload failed, transform missing");
return INVALID_STATE;
}
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
if (!rng)
{
- DBG1(DBG_ENC, "encrypting encryption payload failed, no RNG found");
+ DBG1(DBG_ENC, "encrypting encrypted payload failed, no RNG found");
return NOT_SUPPORTED;
}
iv_gen = this->aead->get_iv_gen(this->aead);
if (!iv_gen)
{
- DBG1(DBG_ENC, "encrypting encryption payload failed, no IV generator");
+ DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV generator");
return NOT_SUPPORTED;
}
if (!iv_gen->get_iv(iv_gen, mid, iv.len, iv.ptr) ||
!rng->get_bytes(rng, padding.len - 1, padding.ptr))
{
- DBG1(DBG_ENC, "encrypting encryption payload failed, no IV or padding");
+ DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV or padding");
rng->destroy(rng);
free(assoc.ptr);
return FAILED;
padding.ptr[padding.len - 1] = padding.len - 1;
rng->destroy(rng);
- DBG3(DBG_ENC, "encryption payload encryption:");
+ DBG3(DBG_ENC, "encrypted payload encryption:");
DBG3(DBG_ENC, "IV %B", &iv);
DBG3(DBG_ENC, "plain %B", &plain);
DBG3(DBG_ENC, "padding %B", &padding);
return SUCCESS;
}
-METHOD(encryption_payload_t, encrypt_v1, status_t,
- private_encryption_payload_t *this, u_int64_t mid, chunk_t iv)
+METHOD(encrypted_payload_t, encrypt_v1, status_t,
+ private_encrypted_payload_t *this, u_int64_t mid, chunk_t iv)
{
generator_t *generator;
chunk_t plain, padding;
/**
* Parse the payloads after decryption.
*/
-static status_t parse(private_encryption_payload_t *this, chunk_t plain)
+static status_t parse(private_encrypted_payload_t *this, chunk_t plain)
{
parser_t *parser;
payload_type_t type;
this->payloads->insert_last(this->payloads, payload);
}
parser->destroy(parser);
- DBG2(DBG_ENC, "parsed content of encryption payload");
+ DBG2(DBG_ENC, "parsed content of encrypted payload");
return SUCCESS;
}
-METHOD(encryption_payload_t, decrypt, status_t,
- private_encryption_payload_t *this, chunk_t assoc)
+METHOD(encrypted_payload_t, decrypt, status_t,
+ private_encrypted_payload_t *this, chunk_t assoc)
{
chunk_t iv, plain, padding, icv, crypt;
size_t bs;
if (this->aead == NULL)
{
- DBG1(DBG_ENC, "decrypting encryption payload failed, transform missing");
+ DBG1(DBG_ENC, "decrypting encrypted payload failed, transform missing");
return INVALID_STATE;
}
if (iv.len + icv.len > this->encrypted.len ||
(crypt.len - icv.len) % bs)
{
- DBG1(DBG_ENC, "decrypting encryption payload failed, invalid length");
+ DBG1(DBG_ENC, "decrypting encrypted payload failed, invalid length");
return FAILED;
}
assoc = append_header(this, assoc);
- DBG3(DBG_ENC, "encryption payload decryption:");
+ DBG3(DBG_ENC, "encrypted payload decryption:");
DBG3(DBG_ENC, "IV %B", &iv);
DBG3(DBG_ENC, "encrypted %B", &crypt);
DBG3(DBG_ENC, "ICV %B", &icv);
if (!this->aead->decrypt(this->aead, crypt, assoc, iv, NULL))
{
- DBG1(DBG_ENC, "verifying encryption payload integrity failed");
+ DBG1(DBG_ENC, "verifying encrypted payload integrity failed");
free(assoc.ptr);
return FAILED;
}
padding.len = plain.ptr[plain.len - 1] + 1;
if (padding.len > plain.len)
{
- DBG1(DBG_ENC, "decrypting encryption payload failed, "
+ DBG1(DBG_ENC, "decrypting encrypted payload failed, "
"padding invalid %B", &crypt);
return PARSE_ERROR;
}
return parse(this, plain);
}
-METHOD(encryption_payload_t, decrypt_v1, status_t,
- private_encryption_payload_t *this, chunk_t iv)
+METHOD(encrypted_payload_t, decrypt_v1, status_t,
+ private_encrypted_payload_t *this, chunk_t iv)
{
if (this->aead == NULL)
{
return parse(this, this->encrypted);
}
-METHOD(encryption_payload_t, set_transform, void,
- private_encryption_payload_t *this, aead_t* aead)
+METHOD(encrypted_payload_t, set_transform, void,
+ private_encrypted_payload_t *this, aead_t* aead)
{
this->aead = aead;
}
-METHOD2(payload_t, encryption_payload_t, destroy, void,
- private_encryption_payload_t *this)
+METHOD2(payload_t, encrypted_payload_t, destroy, void,
+ private_encrypted_payload_t *this)
{
this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
free(this->encrypted.ptr);
/*
* Described in header
*/
-encryption_payload_t *encryption_payload_create(payload_type_t type)
+encrypted_payload_t *encrypted_payload_create(payload_type_t type)
{
- private_encryption_payload_t *this;
+ private_encrypted_payload_t *this;
INIT(this,
.public = {
*/
/**
- * @defgroup encryption_payload encryption_payload
+ * @defgroup encrypted_payload encrypted_payload
* @{ @ingroup payloads
*/
-#ifndef ENCRYPTION_PAYLOAD_H_
-#define ENCRYPTION_PAYLOAD_H_
+#ifndef ENCRYPTED_PAYLOAD_H_
+#define ENCRYPTED_PAYLOAD_H_
-typedef struct encryption_payload_t encryption_payload_t;
+typedef struct encrypted_payload_t encrypted_payload_t;
#include <library.h>
#include <crypto/aead.h>
#include <encoding/payloads/payload.h>
/**
- * The encryption payload as described in RFC section 3.14.
+ * The encrypted payload as described in RFC section 3.14.
*/
-struct encryption_payload_t {
+struct encrypted_payload_t {
/**
* Implements payload_t interface.
*
* @return (expected) payload length
*/
- size_t (*get_length)(encryption_payload_t *this);
+ size_t (*get_length)(encrypted_payload_t *this);
/**
* Adds a payload to this encryption payload.
*
* @param payload payload_t object to add
*/
- void (*add_payload) (encryption_payload_t *this, payload_t *payload);
+ void (*add_payload) (encrypted_payload_t *this, payload_t *payload);
/**
* Remove the first payload in the list
* @param payload removed payload
* @return payload, NULL if none left
*/
- payload_t* (*remove_payload)(encryption_payload_t *this);
+ payload_t* (*remove_payload)(encrypted_payload_t *this);
/**
* Set the AEAD transform to use.
*
* @param aead aead transform to use
*/
- void (*set_transform) (encryption_payload_t *this, aead_t *aead);
+ void (*set_transform) (encrypted_payload_t *this, aead_t *aead);
/**
* Generate, encrypt and sign contained payloads.
* - FAILED if encryption failed
* - INVALID_STATE if aead not supplied, but needed
*/
- status_t (*encrypt) (encryption_payload_t *this, u_int64_t mid,
+ status_t (*encrypt) (encrypted_payload_t *this, u_int64_t mid,
chunk_t assoc);
/**
* - FAILED if integrity check failed
* - INVALID_STATE if aead not supplied, but needed
*/
- status_t (*decrypt) (encryption_payload_t *this, chunk_t assoc);
+ status_t (*decrypt) (encrypted_payload_t *this, chunk_t assoc);
/**
- * Destroys an encryption_payload_t object.
+ * Destroys an encrypted_payload_t object.
*/
- void (*destroy) (encryption_payload_t *this);
+ void (*destroy) (encrypted_payload_t *this);
};
/**
- * Creates an empty encryption_payload_t object.
+ * Creates an empty encrypted_payload_t object.
*
* @param type PLV2_ENCRYPTED or PLV1_ENCRYPTED
- * @return encryption_payload_t object
+ * @return encrypted_payload_t object
*/
-encryption_payload_t *encryption_payload_create(payload_type_t type);
+encrypted_payload_t *encrypted_payload_create(payload_type_t type);
-#endif /** ENCRYPTION_PAYLOAD_H_ @}*/
+#endif /** ENCRYPTED_PAYLOAD_H_ @}*/
projects / thirdparty / strongswan.git / commitdiff
