blob: 1df8673560211f40acb8c23dc81f6e22493a144c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
/**
* @file auth_payload.h
*
* @brief Interface of auth_payload_t.
*
*/
/*
* Copyright (C) 2005 Jan Hutter, Martin Willi
* Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
#ifndef _AUTH_PAYLOAD_H_
#define _AUTH_PAYLOAD_H_
#include <types.h>
#include <encoding/payloads/payload.h>
/**
* Length of a auth payload without the auth data in bytes.
*
* @ingroup payloads
*/
#define AUTH_PAYLOAD_HEADER_LENGTH 8
typedef enum auth_method_t auth_method_t;
/**
* AUTH Method of a AUTH payload.
*
* @ingroup payloads
*/
enum auth_method_t {
/**
* Computed as specified in section 2.15 of RFC using
* an RSA private key over a PKCS#1 padded hash.
*/
RSA_DIGITAL_SIGNATURE = 1,
/* Computed as specified in
* section 2.15 of RFC using the shared key associated with the identity
* in the ID payload and the negotiated prf function
*/
SHARED_KEY_MESSAGE_INTEGRITY_CODE = 2,
/* Computed as specified in section
* 2.15 of RFC using a DSS private key over a SHA-1 hash.
*/
DSS_DIGITAL_SIGNATURE = 3,
};
/**
* string mappings for auth method.
*
* @ingroup payloads
*/
extern mapping_t auth_method_m[];
typedef struct auth_payload_t auth_payload_t;
/**
* @brief Class representing an IKEv2 AUTH payload.
*
* The AUTH payload format is described in RFC section 3.8.
*
* @b Constructors:
* - auth_payload_create()
*
* @ingroup payloads
*/
struct auth_payload_t {
/**
* The payload_t interface.
*/
payload_t payload_interface;
/**
* @brief Set the AUTH method.
*
* @param this calling auth_payload_t object
* @param method auth_method_t to use
*/
void (*set_auth_method) (auth_payload_t *this, auth_method_t method);
/**
* @brief Get the AUTH method.
*
* @param this calling auth_payload_t object
* @return auth_method_t used
*/
auth_method_t (*get_auth_method) (auth_payload_t *this);
/**
* @brief Set the AUTH data.
*
* Data are getting cloned.
*
* @param this calling auth_payload_t object
* @param data AUTH data as chunk_t
*/
void (*set_data) (auth_payload_t *this, chunk_t data);
/**
* @brief Get the AUTH data.
*
* Returned data are a copy of the internal one.
*
* @param this calling auth_payload_t object
* @return AUTH data as chunk_t
*/
chunk_t (*get_data_clone) (auth_payload_t *this);
/**
* @brief Get the AUTH data.
*
* Returned data are NOT copied
*
* @param this calling auth_payload_t object
* @return AUTH data as chunk_t
*/
chunk_t (*get_data) (auth_payload_t *this);
/**
* @brief Destroys an auth_payload_t object.
*
* @param this auth_payload_t object to destroy
*/
void (*destroy) (auth_payload_t *this);
};
/**
* @brief Creates an empty auth_payload_t object.
*
* @return auth_payload_t object
*
* @ingroup payloads
*/
auth_payload_t *auth_payload_create();
#endif //_AUTH_PAYLOAD_H_
|
