summaryrefslogtreecommitdiffstats
path: root/tinyIPSec/src/tipsec_common.h
diff options
context:
space:
mode:
Diffstat (limited to 'tinyIPSec/src/tipsec_common.h')
-rw-r--r--tinyIPSec/src/tipsec_common.h280
1 files changed, 280 insertions, 0 deletions
diff --git a/tinyIPSec/src/tipsec_common.h b/tinyIPSec/src/tipsec_common.h
new file mode 100644
index 0000000..49e03e1
--- /dev/null
+++ b/tinyIPSec/src/tipsec_common.h
@@ -0,0 +1,280 @@
+/*
+* Copyright (C) 2009-2010 Mamadou Diop.
+*
+* Contact: Mamadou Diop <diopmamadou(at)doubango.org>
+*
+* This file is part of Open Source Doubango Framework.
+*
+* DOUBANGO is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* DOUBANGO is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with DOUBANGO.
+*
+*/
+
+/**@file tipsec_common.h
+ * @brief IPSec common functions.
+ *
+ * @author Mamadou Diop <diopmamadou(at)doubango.org>
+ *
+ * @date Created: Sat Nov 8 16:54:58 2009 mdiop
+ */
+#ifndef TINYIPSEC_IPSEC_COMMON_H
+#define TINYIPSEC_IPSEC_COMMON_H
+
+#include "tinyipsec_config.h"
+
+#include "tsk_string.h"
+
+TIPSEC_BEGIN_DECLS
+
+/**@ingroup tipsec_common_group
+* Converts any IPSec context (XP, Vista, racoon ...) to the common IPSec context.
+* @param ctx The context to convert. MUST be declared using @ref TINYIPSEC_DECLARE_CONTEXT.
+* @retval A pointer to @ref tipsec_context_t.
+*/
+#define TIPSEC_CONTEXT(ctx) ((tipsec_context_t*)(ctx))
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_IPPROTO_FROM_STR
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_IPPROTO_TO_STR
+*/
+#define TIPSEC_IPPROTO_FROM_STR(ipproto) (tsk_strequals(ipproto, "tcp") ? ipproto_tcp : (tsk_strequals(ipproto, "icmp") ? ipproto_icmp : ipproto_udp))
+#define TIPSEC_IPPROTO_TO_STR(ipproto) (ipproto == ipproto_tcp ? "tcp" : (ipproto == ipproto_icmp ? "icmp" : "udp"))
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_MODE_FROM_STR
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_MODE_TO_STR
+*/
+#define TIPSEC_MODE_FROM_STR(mode) (tsk_strequals(mode, "tun") ? mode_tun : mode_trans)
+#define TIPSEC_MODE_TO_STR(mode) (mode == mode_tun ? "tun" : "trans")
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_EALG_FROM_STR
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_EALG_TO_STR
+*/
+#define TIPSEC_EALG_FROM_STR(ealg) (tsk_strequals(ealg, "des-ede3-cbc") ? ealg_des_ede3_cbc : (tsk_strequals(ealg, "aes") ? ealg_aes : ealg_null))
+#define TIPSEC_EALG_TO_STR(ealg) (ealg == ealg_des_ede3_cbc ? "des-ede3-cbc" : (ealg == ealg_aes ? "aes" : "null"))
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_ALG_FROM_STR
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_ALG_TO_STR
+*/
+#define TIPSEC_ALG_FROM_STR(alg) (tsk_strequals(alg, "hmac-sha-1-96") ? algo_hmac_sha_1_96 : algo_hmac_md5_96)
+#define TIPSEC_ALG_TO_STR(alg) (alg == algo_hmac_sha_1_96 ? "hmac-sha-1-96" : "hmac-md5-96")
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_PROTOCOL_FROM_STR
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_PROTOCOL_TO_STR
+*/
+#define TIPSEC_PROTOCOL_FROM_STR(protocol) (tsk_strequals(protocol, "ah") ? proto_ah : ((tsk_strequals(protocol, "ah/esp")) ? proto_both : proto_esp))
+#define TIPSEC_PROTOCOL_TO_STR(protocol) (protocol == proto_ah ? "ah" : (protocol == proto_both ? "ah/esp" : "esp"))
+
+/**@ingroup tipsec_common_group
+* @def TIPSEC_KEY_LEN
+ * Size of IK (Integrity Key) and CK (Confidentiality Key).
+**/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_IK_LEN
+*/
+/**@ingroup tipsec_common_group
+* @def TIPSEC_CK_LEN
+*/
+#define TIPSEC_KEY_LEN 16
+#define TIPSEC_IK_LEN 20
+#define TIPSEC_CK_LEN 24
+
+/**@ingroup tipsec_common_group
+* @def tipsec_lifetime_t
+*/
+/**@ingroup tipsec_common_group
+* @def tipsec_spi_t
+*/
+/**@ingroup tipsec_common_group
+* @def tipsec_port_t
+*/
+/**@ingroup tipsec_common_group
+* @def tipsec_key_t
+*/
+typedef uint64_t tipsec_lifetime_t;
+typedef uint32_t tipsec_spi_t;
+typedef uint16_t tipsec_port_t;
+typedef void tipsec_key_t;
+
+/**@ingroup tipsec_common_group
+ * List of IPSec modes.
+**/
+typedef enum tipsec_mode_e
+{
+ //! IPSec transport mode.
+ mode_trans,
+ //! IPSec tunneling mode.
+ mode_tun
+}
+tipsec_mode_t;
+
+/**@ingroup tipsec_common_group
+ * List of IPSec protocols.
+**/
+typedef enum tipsec_protocol_e
+{
+ //! AH protocol.
+ proto_ah,
+ //! ESP protocol.
+ proto_esp,
+ //! Both AH and ESP protocols.
+ proto_both
+}
+tipsec_protocol_t;
+
+/**@ingroup tipsec_common_group
+ * List of Internet protocols.
+**/
+typedef enum tipsec_ipproto_e
+{
+ //! UDP.
+ ipproto_udp,
+ //! TCP.
+ ipproto_tcp,
+ //! ICMP.
+ ipproto_icmp
+}
+tipsec_ipproto_t;
+
+/**@ingroup tipsec_common_group
+ * List of IPSec algorithms.
+**/
+typedef enum tipsec_algorithm_e
+{
+ //! hmac-md5-96 algorithm.
+ algo_hmac_md5_96,
+ //! hmac-sha-1-96 algorithm.
+ algo_hmac_sha_1_96
+}
+tipsec_algorithm_t;
+
+/**@ingroup tipsec_common_group
+ * List of IPSec encrypt-algorithms.
+**/
+typedef enum tipsec_ealgorithm_e
+{
+ //! des-ede3-cbc encrypt-algorithm.
+ ealg_des_ede3_cbc,
+ //! aes encrypt-algorithm.
+ ealg_aes,
+ //! null encrypt-algorithm.
+ ealg_null
+}
+tipsec_ealgorithm_t;
+
+/**@ingroup tipsec_common_group
+ * List of IPSec states.
+**/
+typedef enum tipsec_state_e
+{
+ //! The default state. At this state no SA is created. It's the first and default state.
+ state_initial,
+ //! Partial state. At this state only inbound SAs (with their SPIs) have been created.
+ state_inbound,
+ //! Full state. At this state both inbound and outbound SAs have been create. It's the final state.
+ state_full,
+ //! All SAs are in active mode.
+ state_active
+}
+tipsec_state_t;
+
+/**@ingroup tipsec_common_group
+* IPSec context. Common fields.
+*/
+typedef struct tipsec_context_s
+{
+ TSK_DECLARE_OBJECT;
+
+ //! Indicates whether the context have been initialized or not.
+ unsigned initialized;
+ //! Indicates whether the context have been started or not.
+ unsigned started:1;
+
+ //! The current state of the IPSec context.
+ tipsec_state_t state;
+
+ //! Indicates whether to use IPv6 addresses or not.
+ unsigned use_ipv6:1;
+ //! The network protocol.
+ tipsec_ipproto_t ipproto;
+
+ //! IPSec mode.
+ tipsec_mode_t mode;
+ //! Encrypt algorithm ().
+ tipsec_ealgorithm_t ealg;
+ //! Algorithm.
+ tipsec_algorithm_t alg;
+ //! IPSec protocol.
+ tipsec_protocol_t protocol;
+
+ //! Remote address (Proxy-CSCF).
+ void* addr_remote;
+ //! Proxy-CSCF client SPI.
+ tipsec_spi_t spi_pc;
+ //! Proxy-CSCF server SPI.
+ tipsec_spi_t spi_ps;
+ //! Proxy-CSCF client port.
+ tipsec_port_t port_pc;
+ //! Proxy-CSCF server port.
+ tipsec_port_t port_ps;
+
+ //! Local address (UE).
+ void* addr_local;
+ //! UE client SPI.
+ tipsec_spi_t spi_uc;
+ //! UE server SPI.
+ tipsec_spi_t spi_us;
+ //! UE client port.
+ tipsec_port_t port_uc;
+ //! UE server port.
+ tipsec_port_t port_us;
+
+ //! The confidentiality key.
+ tipsec_key_t *ck;
+ //! The integrity key.
+ tipsec_key_t *ik;
+
+ //! reg-await-auth timer value.
+ tipsec_lifetime_t lifetime;
+}
+tipsec_context_t;
+
+/**@ingroup tipsec_common_group
+*/
+#define TINYIPSEC_DECLARE_CONTEXT tipsec_context_t context
+
+TINYIPSEC_GEXTERN const void *tipsec_context_def_t;
+
+TINYIPSEC_API tipsec_context_t* tipsec_context_create(tipsec_ipproto_t ipproto, tsk_bool_t use_ipv6, tipsec_mode_t mode, tipsec_ealgorithm_t ealg, tipsec_algorithm_t alg, tipsec_protocol_t protocol);
+TINYIPSEC_API int tipsec_start(tipsec_context_t* ctx);
+TINYIPSEC_API int tipsec_set_local(tipsec_context_t* ctx, const char* addr_local, const char* addr_remote, tipsec_port_t port_uc, tipsec_port_t port_us);
+TINYIPSEC_API int tipsec_set_keys(tipsec_context_t* ctx, const tipsec_key_t* ik, const tipsec_key_t* ck);
+TINYIPSEC_API int tipsec_set_remote(tipsec_context_t* ctx, tipsec_spi_t spi_pc, tipsec_spi_t spi_ps, tipsec_port_t port_pc, tipsec_port_t port_ps, tipsec_lifetime_t lifetime);
+TINYIPSEC_API int tipsec_stop(tipsec_context_t* ctx);
+
+TIPSEC_END_DECLS
+
+#endif /* TINYIPSEC_IPSEC_COMMON_H */
OpenPOWER on IntegriCloud