projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
iv_gen: Provide external sequence number (IKE, ESP)
[strongswan.git] / src / libcharon / encoding / payloads / encryption_payload.h
1 /*
2 * Copyright (C) 2005-2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup encryption_payload encryption_payload
20 * @{ @ingroup payloads
21 */
22
23 #ifndef ENCRYPTION_PAYLOAD_H_
24 #define ENCRYPTION_PAYLOAD_H_
25
26 typedef struct encryption_payload_t encryption_payload_t;
27
28 #include <library.h>
29 #include <crypto/aead.h>
30 #include <encoding/payloads/payload.h>
31
32 /**
33 * The encryption payload as described in RFC section 3.14.
34 */
35 struct encryption_payload_t {
36
37 /**
38 * Implements payload_t interface.
39 */
40 payload_t payload_interface;
41
42 /**
43 * Get the payload length.
44 *
45 * @return (expected) payload length
46 */
47 size_t (*get_length)(encryption_payload_t *this);
48
49 /**
50 * Adds a payload to this encryption payload.
51 *
52 * @param payload payload_t object to add
53 */
54 void (*add_payload) (encryption_payload_t *this, payload_t *payload);
55
56 /**
57 * Remove the first payload in the list
58 *
59 * @param payload removed payload
60 * @return payload, NULL if none left
61 */
62 payload_t* (*remove_payload)(encryption_payload_t *this);
63
64 /**
65 * Set the AEAD transform to use.
66 *
67 * @param aead aead transform to use
68 */
69 void (*set_transform) (encryption_payload_t *this, aead_t *aead);
70
71 /**
72 * Generate, encrypt and sign contained payloads.
73 *
74 * @param mid message ID
75 * @param assoc associated data
76 * @return
77 * - SUCCESS if encryption successful
78 * - FAILED if encryption failed
79 * - INVALID_STATE if aead not supplied, but needed
80 */
81 status_t (*encrypt) (encryption_payload_t *this, u_int64_t mid,
82 chunk_t assoc);
83
84 /**
85 * Decrypt, verify and parse contained payloads.
86 *
87 * @param assoc associated data
88 * @return
89 * - SUCCESS if parsing successful
90 * - PARSE_ERROR if sub-payload parsing failed
91 * - VERIFY_ERROR if sub-payload verification failed
92 * - FAILED if integrity check failed
93 * - INVALID_STATE if aead not supplied, but needed
94 */
95 status_t (*decrypt) (encryption_payload_t *this, chunk_t assoc);
96
97 /**
98 * Destroys an encryption_payload_t object.
99 */
100 void (*destroy) (encryption_payload_t *this);
101 };
102
103 /**
104 * Creates an empty encryption_payload_t object.
105 *
106 * @param type ENCRYPTED or ENCRYPTED_V1
107 * @return encryption_payload_t object
108 */
109 encryption_payload_t *encryption_payload_create(payload_type_t type);
110
111 #endif /** ENCRYPTION_PAYLOAD_H_ @}*/
strongSwan - IPsec VPN