xform.h revision 1.14.2.1
1 1.14.2.1 pgoyette /* $NetBSD: xform.h,v 1.14.2.1 2018/04/22 07:20:28 pgoyette Exp $ */ 2 1.14.2.1 pgoyette /* $FreeBSD: xform.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */ 3 1.1 jonathan /* $OpenBSD: ip_ipsp.h,v 1.119 2002/03/14 01:27:11 millert Exp $ */ 4 1.1 jonathan /* 5 1.1 jonathan * The authors of this code are John Ioannidis (ji (at) tla.org), 6 1.1 jonathan * Angelos D. Keromytis (kermit (at) csd.uch.gr), 7 1.1 jonathan * Niels Provos (provos (at) physnet.uni-hamburg.de) and 8 1.1 jonathan * Niklas Hallqvist (niklas (at) appli.se). 9 1.1 jonathan * 10 1.1 jonathan * The original version of this code was written by John Ioannidis 11 1.1 jonathan * for BSD/OS in Athens, Greece, in November 1995. 12 1.1 jonathan * 13 1.1 jonathan * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, 14 1.1 jonathan * by Angelos D. Keromytis. 15 1.1 jonathan * 16 1.1 jonathan * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis 17 1.1 jonathan * and Niels Provos. 18 1.1 jonathan * 19 1.1 jonathan * Additional features in 1999 by Angelos D. Keromytis and Niklas Hallqvist. 20 1.1 jonathan * 21 1.1 jonathan * Copyright (c) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, 22 1.1 jonathan * Angelos D. Keromytis and Niels Provos. 23 1.1 jonathan * Copyright (c) 1999 Niklas Hallqvist. 24 1.1 jonathan * Copyright (c) 2001, Angelos D. Keromytis. 25 1.1 jonathan * 26 1.1 jonathan * Permission to use, copy, and modify this software with or without fee 27 1.1 jonathan * is hereby granted, provided that this entire notice is included in 28 1.1 jonathan * all copies of any software which is or includes a copy or 29 1.1 jonathan * modification of this software. 30 1.1 jonathan * You may use this code under the GNU public license if you so wish. Please 31 1.1 jonathan * contribute changes back to the authors under this freer than GPL license 32 1.1 jonathan * so that we may further the use of strong encryption without limitations to 33 1.1 jonathan * all. 34 1.1 jonathan * 35 1.1 jonathan * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 36 1.1 jonathan * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 37 1.1 jonathan * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 38 1.1 jonathan * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 39 1.1 jonathan * PURPOSE. 40 1.1 jonathan */ 41 1.1 jonathan 42 1.1 jonathan #ifndef _NETIPSEC_XFORM_H_ 43 1.1 jonathan #define _NETIPSEC_XFORM_H_ 44 1.1 jonathan 45 1.1 jonathan #include <sys/types.h> 46 1.1 jonathan #include <netinet/in.h> 47 1.1 jonathan #include <opencrypto/xform.h> 48 1.1 jonathan 49 1.1 jonathan #define AH_HMAC_INITIAL_RPL 1 /* replay counter initial value */ 50 1.1 jonathan 51 1.1 jonathan /* 52 1.1 jonathan * Packet tag assigned on completion of IPsec processing; used 53 1.1 jonathan * to speedup processing when/if the packet comes back for more 54 1.1 jonathan * processing. 55 1.1 jonathan */ 56 1.1 jonathan struct tdb_ident { 57 1.1 jonathan u_int32_t spi; 58 1.1 jonathan union sockaddr_union dst; 59 1.1 jonathan u_int8_t proto; 60 1.1 jonathan }; 61 1.1 jonathan 62 1.1 jonathan /* 63 1.1 jonathan * Opaque data structure hung off a crypto operation descriptor. 64 1.1 jonathan */ 65 1.10 ozaki struct secasvar; 66 1.1 jonathan struct tdb_crypto { 67 1.12 ozaki const struct ipsecrequest *tc_isr; /* ipsec request state */ 68 1.1 jonathan u_int32_t tc_spi; /* associated SPI */ 69 1.1 jonathan union sockaddr_union tc_dst; /* dst addr of packet */ 70 1.1 jonathan u_int8_t tc_proto; /* current protocol, e.g. AH */ 71 1.1 jonathan u_int8_t tc_nxt; /* next protocol, e.g. IPV4 */ 72 1.1 jonathan int tc_protoff; /* current protocol offset */ 73 1.1 jonathan int tc_skip; /* data offset */ 74 1.10 ozaki struct secasvar *tc_sav; /* ipsec SA */ 75 1.1 jonathan }; 76 1.1 jonathan 77 1.1 jonathan struct ipescrequest; 78 1.1 jonathan 79 1.1 jonathan struct xformsw { 80 1.1 jonathan u_short xf_type; /* xform ID */ 81 1.1 jonathan #define XF_IP4 1 /* IP inside IP */ 82 1.1 jonathan #define XF_AH 2 /* AH */ 83 1.1 jonathan #define XF_ESP 3 /* ESP */ 84 1.1 jonathan #define XF_TCPSIGNATURE 5 /* TCP MD5 Signature option, RFC 2358 */ 85 1.1 jonathan #define XF_IPCOMP 6 /* IPCOMP */ 86 1.1 jonathan u_short xf_flags; 87 1.1 jonathan #define XFT_AUTH 0x0001 88 1.1 jonathan #define XFT_CONF 0x0100 89 1.1 jonathan #define XFT_COMP 0x1000 90 1.2 christos const char *xf_name; /* human-readable name */ 91 1.6 drochner int (*xf_init)(struct secasvar*, const struct xformsw*);/* setup */ 92 1.1 jonathan int (*xf_zeroize)(struct secasvar*); /* cleanup */ 93 1.10 ozaki int (*xf_input)(struct mbuf*, struct secasvar*, /* input */ 94 1.1 jonathan int, int); 95 1.1 jonathan int (*xf_output)(struct mbuf*, /* output */ 96 1.12 ozaki const struct ipsecrequest *, struct secasvar *, 97 1.11 ozaki struct mbuf **, int, int); 98 1.1 jonathan struct xformsw *xf_next; /* list of registered xforms */ 99 1.1 jonathan }; 100 1.1 jonathan 101 1.1 jonathan #ifdef _KERNEL 102 1.1 jonathan extern void xform_register(struct xformsw*); 103 1.1 jonathan extern int xform_init(struct secasvar *sav, int xftype); 104 1.1 jonathan 105 1.1 jonathan struct cryptoini; 106 1.1 jonathan 107 1.1 jonathan /* XF_IP4 */ 108 1.14 maxv int ip4_input6(struct mbuf **m, int *offp, int proto, void *); 109 1.14 maxv void ip4_input(struct mbuf *m, int, int, void *); 110 1.14 maxv int ipip_output(struct mbuf *, const struct ipsecrequest *, struct secasvar *, 111 1.14 maxv struct mbuf **, int, int); 112 1.1 jonathan 113 1.1 jonathan /* XF_AH */ 114 1.14 maxv int ah_init0(struct secasvar *, const struct xformsw *, struct cryptoini *); 115 1.14 maxv int ah_zeroize(struct secasvar *sav); 116 1.14 maxv const struct auth_hash *ah_algorithm_lookup(int alg); 117 1.14 maxv size_t ah_hdrsiz(const struct secasvar *); 118 1.1 jonathan 119 1.1 jonathan /* XF_ESP */ 120 1.14 maxv const struct enc_xform *esp_algorithm_lookup(int alg); 121 1.14 maxv size_t esp_hdrsiz(const struct secasvar *sav); 122 1.1 jonathan 123 1.1 jonathan /* XF_COMP */ 124 1.14 maxv const struct comp_algo *ipcomp_algorithm_lookup(int alg); 125 1.1 jonathan 126 1.1 jonathan #endif /* _KERNEL */ 127 1.3 elad #endif /* !_NETIPSEC_XFORM_H_ */ 128
Indexes created Tue Oct 14 11:09:46 GMT 2025