ikev1: Get and set the lifetimes of the selected proposal/transform
[strongswan.git] / src / libcharon / encoding / payloads / proposal_substructure.h
1 /*
2 * Copyright (C) 2012-2020 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * HSR Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup proposal_substructure proposal_substructure
20 * @{ @ingroup payloads
21 */
22
23 #ifndef PROPOSAL_SUBSTRUCTURE_H_
24 #define PROPOSAL_SUBSTRUCTURE_H_
25
26 typedef enum encap_t encap_t;
27 typedef struct proposal_substructure_t proposal_substructure_t;
28
29 #include <library.h>
30 #include <encoding/payloads/payload.h>
31 #include <encoding/payloads/transform_substructure.h>
32 #include <crypto/proposal/proposal.h>
33 #include <collections/linked_list.h>
34 #include <kernel/kernel_ipsec.h>
35 #include <sa/authenticator.h>
36
37 /**
38 * Encap type for proposal substructure
39 */
40 enum encap_t {
41 ENCAP_NONE = 0,
42 ENCAP_UDP,
43 ENCAP_UDP_DRAFT_00_03,
44 };
45
46 /**
47 * Class representing an IKEv1/IKEv2 proposal substructure.
48 */
49 struct proposal_substructure_t {
50
51 /**
52 * The payload_t interface.
53 */
54 payload_t payload_interface;
55
56 /**
57 * Sets the proposal number of current proposal.
58 *
59 * @param id proposal number to set
60 */
61 void (*set_proposal_number) (proposal_substructure_t *this,
62 uint8_t proposal_number);
63 /**
64 * get proposal number of current proposal.
65 *
66 * @return proposal number of current proposal substructure.
67 */
68 uint8_t (*get_proposal_number) (proposal_substructure_t *this);
69
70 /**
71 * Sets the protocol id of current proposal.
72 *
73 * @param id protocol id to set
74 */
75 void (*set_protocol_id) (proposal_substructure_t *this,
76 uint8_t protocol_id);
77
78 /**
79 * get protocol id of current proposal.
80 *
81 * @return protocol id of current proposal substructure.
82 */
83 uint8_t (*get_protocol_id) (proposal_substructure_t *this);
84
85 /**
86 * Sets the next_payload field of this substructure
87 *
88 * If this is the last proposal, next payload field is set to 0,
89 * otherwise to 2
90 *
91 * @param is_last When TRUE, next payload field is set to 0, otherwise to 2
92 */
93 void (*set_is_last_proposal) (proposal_substructure_t *this, bool is_last);
94
95 /**
96 * Returns the currently set SPI of this proposal.
97 *
98 * @return chunk_t pointing to the value
99 */
100 chunk_t (*get_spi) (proposal_substructure_t *this);
101
102 /**
103 * Sets the SPI of the current proposal.
104 *
105 * @warning SPI is getting copied
106 *
107 * @param spi chunk_t pointing to the value to set
108 */
109 void (*set_spi) (proposal_substructure_t *this, chunk_t spi);
110
111 /**
112 * Gets the CPI of the current proposal (IKEv1 only).
113 *
114 * @param cpi the CPI if a supported algorithm is proposed
115 * @return TRUE if a supported algorithm is proposed
116 */
117 bool (*get_cpi) (proposal_substructure_t *this, uint16_t *cpi);
118
119 /**
120 * Get proposals contained in a proposal_substructure_t.
121 *
122 * @param list list to add created proposals to
123 */
124 void (*get_proposals) (proposal_substructure_t *this, linked_list_t *list);
125
126 /**
127 * Create an enumerator over transform substructures.
128 *
129 * @return enumerator over transform_substructure_t
130 */
131 enumerator_t* (*create_substructure_enumerator)(proposal_substructure_t *this);
132
133 /**
134 * Get the lifetime of a transform (IKEv1 only).
135 *
136 * @param transform transform number
137 * @return lifetime, in seconds
138 */
139 uint32_t (*get_lifetime)(proposal_substructure_t *this, uint8_t transform);
140
141 /**
142 * Get the life duration of a transform (IKEv1 only).
143 *
144 * @param transform transform number
145 * @return life duration, in bytes
146 */
147 uint64_t (*get_lifebytes)(proposal_substructure_t *this, uint8_t transform);
148
149 /**
150 * Get the first authentication method from the proposal (IKEv1 only).
151 *
152 * @return auth method, or AUTH_NONE
153 */
154 auth_method_t (*get_auth_method)(proposal_substructure_t *this);
155
156 /**
157 * Get the (first) encapsulation mode from a proposal (IKEv1 only).
158 *
159 * @param udp set to TRUE if UDP encapsulation used
160 * @return ipsec encapsulation mode
161 */
162 ipsec_mode_t (*get_encap_mode)(proposal_substructure_t *this, bool *udp);
163
164 /**
165 * Destroys an proposal_substructure_t object.
166 */
167 void (*destroy) (proposal_substructure_t *this);
168 };
169
170 /**
171 * Creates an empty proposal_substructure_t object
172 *
173 * @param type PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
174 * @return proposal_substructure_t object
175 */
176 proposal_substructure_t *proposal_substructure_create(payload_type_t type);
177
178 /**
179 * Creates an IKEv2 proposal_substructure_t from a proposal_t.
180 *
181 * @param proposal proposal to build a substruct out of it
182 * @return proposal_substructure_t PLV2_PROPOSAL_SUBSTRUCTURE
183 */
184 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
185 proposal_t *proposal);
186
187 /**
188 * Creates an IKEv1 proposal_substructure_t from a list of proposal_t.
189 *
190 * @param proposals list of proposal_t to encode in a substructure
191 * @param lifetime lifetime in seconds
192 * @param lifebytes lifebytes, in bytes
193 * @param auth authentication method to use, or AUTH_NONE
194 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
195 * @param udp ENCAP_UDP to use UDP encapsulation
196 * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
197 */
198 proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
199 linked_list_t *proposals, uint32_t lifetime, uint64_t lifebytes,
200 auth_method_t auth, ipsec_mode_t mode, encap_t udp);
201
202 /**
203 * Creates an IKEv1 proposal_substructure_t for IPComp with the given
204 * proposal_number (e.g. of a ESP proposal to bundle them).
205 *
206 * @param lifetime lifetime in seconds
207 * @param lifebytes lifebytes, in bytes
208 * @param cpi the CPI to be used
209 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
210 * @param udp ENCAP_UDP to use UDP encapsulation
211 * @param proposal_number the proposal number of the proposal to be linked
212 * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
213 */
214 proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
215 uint32_t lifetime, uint64_t lifebytes, uint16_t cpi,
216 ipsec_mode_t mode, encap_t udp, uint8_t proposal_number);
217
218 #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/