ikev1: Get and set the lifetimes of the selected proposal/transform
[strongswan.git] / src / libcharon / encoding / payloads / sa_payload.h
1 /*
2 * Copyright (C) 2012-2020 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * HSR Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 /**
19 * @defgroup sa_payload sa_payload
20 * @{ @ingroup payloads
21 */
22
23 #ifndef SA_PAYLOAD_H_
24 #define SA_PAYLOAD_H_
25
26 typedef struct sa_payload_t sa_payload_t;
27
28 #include <library.h>
29 #include <encoding/payloads/payload.h>
30 #include <encoding/payloads/proposal_substructure.h>
31 #include <collections/linked_list.h>
32 #include <kernel/kernel_ipsec.h>
33 #include <sa/authenticator.h>
34
35 /**
36 * Class representing an IKEv1 or IKEv2 SA Payload.
37 *
38 * The SA Payload format is described in RFC section 3.3.
39 */
40 struct sa_payload_t {
41
42 /**
43 * The payload_t interface.
44 */
45 payload_t payload_interface;
46
47 /**
48 * Gets the proposals in this payload as a list.
49 *
50 * @return a list containing proposal_ts
51 */
52 linked_list_t *(*get_proposals) (sa_payload_t *this);
53
54 /**
55 * Gets the proposals from the first proposal in this payload with IPComp
56 * enabled (IKEv1 only).
57 *
58 * @param cpi the CPI of the first IPComp (sub)proposal
59 * @return a list containing proposal_ts
60 */
61 linked_list_t *(*get_ipcomp_proposals) (sa_payload_t *this, uint16_t *cpi);
62
63 /**
64 * Get the lifetime of a proposal/transform (IKEv1 only).
65 *
66 * @param proposal proposal for which to get lifetime
67 * @return lifetime, in seconds
68 */
69 uint32_t (*get_lifetime)(sa_payload_t *this, proposal_t *proposal);
70
71 /**
72 * Get the life duration of a proposal/transform (IKEv1 only).
73 *
74 * @param proposal proposal for which to get life duration
75 * @return life duration, in bytes
76 */
77 uint64_t (*get_lifebytes)(sa_payload_t *this, proposal_t *proposal);
78
79 /**
80 * Get the first authentication method from the proposal (IKEv1 only).
81 *
82 * @return auth method, or AUTH_NONE
83 */
84 auth_method_t (*get_auth_method)(sa_payload_t *this);
85
86 /**
87 * Get the (first) encapsulation mode from a proposal (IKEv1 only).
88 *
89 * @param udp set to TRUE if UDP encapsulation used
90 * @return ipsec encapsulation mode
91 */
92 ipsec_mode_t (*get_encap_mode)(sa_payload_t *this, bool *udp);
93
94 /**
95 * Create an enumerator over all proposal substructures.
96 *
97 * @return enumerator over proposal_substructure_t
98 */
99 enumerator_t* (*create_substructure_enumerator)(sa_payload_t *this);
100
101 /**
102 * Destroys an sa_payload_t object.
103 */
104 void (*destroy) (sa_payload_t *this);
105 };
106
107 /**
108 * Creates an empty sa_payload_t object
109 *
110 * @param type PLV2_SECURITY_ASSOCIATION or PLV1_SECURITY_ASSOCIATION
111 * @return created sa_payload_t object
112 */
113 sa_payload_t *sa_payload_create(payload_type_t type);
114
115 /**
116 * Creates an IKEv2 sa_payload_t object from a list of proposals.
117 *
118 * @param proposals list of proposals to build the payload from
119 * @return sa_payload_t object
120 */
121 sa_payload_t *sa_payload_create_from_proposals_v2(linked_list_t *proposals);
122
123 /**
124 * Creates an IKEv2 sa_payload_t object from a single proposal.
125 *
126 * @param proposal proposal from which the payload should be built.
127 * @return sa_payload_t object
128 */
129 sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal);
130
131 /**
132 * Creates an IKEv1 sa_payload_t object from a list of proposals.
133 *
134 * @param proposals list of proposals to build the payload from
135 * @param lifetime lifetime in seconds
136 * @param lifebytes lifebytes, in bytes
137 * @param auth authentication method to use, or AUTH_NONE
138 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
139 * @param udp ENCAP_UDP to use UDP encapsulation
140 * @param cpi CPI in case IPComp should be used
141 * @return sa_payload_t object
142 */
143 sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
144 uint32_t lifetime, uint64_t lifebytes,
145 auth_method_t auth, ipsec_mode_t mode, encap_t udp,
146 uint16_t cpi);
147
148 /**
149 * Creates an IKEv1 sa_payload_t object from a single proposal.
150 *
151 * @param proposal proposal from which the payload should be built.
152 * @param lifetime lifetime in seconds
153 * @param lifebytes lifebytes, in bytes
154 * @param auth authentication method to use, or AUTH_NONE
155 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
156 * @param udp ENCAP_UDP to use UDP encapsulation
157 * @param cpi CPI in case IPComp should be used
158 * @return sa_payload_t object
159 */
160 sa_payload_t *sa_payload_create_from_proposal_v1(proposal_t *proposal,
161 uint32_t lifetime, uint64_t lifebytes,
162 auth_method_t auth, ipsec_mode_t mode, encap_t udp,
163 uint16_t cpi);
164
165 #endif /** SA_PAYLOAD_H_ @}*/