2 * Copyright (C) 2012 Reto Buerki
3 * Copyright (C) 2012 Adrian-Ken Rueegsegger
4 * Hochschule fuer Technik Rapperswil
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 #include <tkm/types.h>
21 #include <utils/chunk.h>
23 typedef struct esa_info_t esa_info_t
;
26 * ESP SA info data structure.
28 * This type is used to transfer ESA information from the keymat
29 * derive_child_keys to the kernel IPsec interface add_sa operation. This is
30 * necessary because the CHILD SA key derivation and installation is handled
31 * by a single exchange with the TKM (esa_create*) in add_sa.
32 * For this purpose the out parameters encr_i and encr_r of the
33 * derive_child_keys function are (ab)used and the data is stored in these
34 * data chunks. This is possible since the child SA keys are treated as opaque
35 * values and handed to the add_sa procedure of the kernel interface as-is
36 * without any processing.
46 * Responder SPI of child SA.
61 * Flag specifying if this esa info struct is contained in encr_r.
62 * It is set to TRUE for encr_r and FALSE for encr_i.
67 * Diffie-Hellman context id.
73 typedef struct isa_info_t isa_info_t
;
76 * IKE SA info data structure.
78 * This type is used to transfer ISA information from the keymat of the parent
79 * SA to the keymat of the new IKE SA. For this purpose the skd data chunk is
80 * (ab)used. This is possible since the sk_d chunk is treated as an opaque value
81 * and handed to the derive_ike_keys procedure of the new keymat as-is without
87 * Parent isa context id.
89 isa_id_type parent_isa_id
;
92 * Authenticated endpoint context id.
98 typedef struct sign_info_t sign_info_t
;
101 * AUTH signature info data structure.
103 * This type is used to transfer an ISA context id and the initial message
104 * from the keymat to the TKM private key sign operation. For this purpose the
105 * auth octets chunk is (ab)used and the data is stored in this chunk.
106 * This is possible since the auth octets are treated as opaque value and handed
107 * to the private key sign function as-is without any processing.
119 chunk_t init_message
;
123 #endif /** TKM_TYPES_H_ */