Added not-yet used sa_payload parameters used in IKEv1
[strongswan.git] / src / libcharon / encoding / payloads / sa_payload.h
1 /*
2 * Copyright (C) 2005-2006 Martin Willi
3 * Copyright (C) 2005 Jan Hutter
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup sa_payload sa_payload
19 * @{ @ingroup payloads
20 */
21
22 #ifndef SA_PAYLOAD_H_
23 #define SA_PAYLOAD_H_
24
25 typedef struct sa_payload_t sa_payload_t;
26
27 #include <library.h>
28 #include <encoding/payloads/payload.h>
29 #include <encoding/payloads/proposal_substructure.h>
30 #include <utils/linked_list.h>
31 #include <kernel/kernel_ipsec.h>
32 #include <sa/authenticators/authenticator.h>
33
34 /**
35 * Class representing an IKEv1 or IKEv2 SA Payload.
36 *
37 * The SA Payload format is described in RFC section 3.3.
38 */
39 struct sa_payload_t {
40
41 /**
42 * The payload_t interface.
43 */
44 payload_t payload_interface;
45
46 /**
47 * Gets the proposals in this payload as a list.
48 *
49 * @return a list containing proposal_t s
50 */
51 linked_list_t *(*get_proposals) (sa_payload_t *this);
52
53 /**
54 * Get the (shortest) lifetime of a proposal (IKEv1 only).
55 *
56 * @return lifetime, in seconds
57 */
58 u_int32_t (*get_lifetime)(sa_payload_t *this);
59
60 /**
61 * Get the (shortest) life duration of a proposal (IKEv1 only).
62 *
63 * @return life duration, in bytes
64 */
65 u_int64_t (*get_lifebytes)(sa_payload_t *this);
66
67 /**
68 * Get the first authentication method from the proposal (IKEv1 only).
69 *
70 * @return auth method, or AUTH_NONE
71 */
72 auth_method_t (*get_auth_method)(sa_payload_t *this);
73
74 /**
75 * Get the (first) encapsulation mode from a proposal (IKEv1 only).
76 *
77 * @param udp set to TRUE if UDP encapsulation used
78 * @return ipsec encapsulation mode
79 */
80 ipsec_mode_t (*get_encap_mode)(sa_payload_t *this, bool *udp);
81
82 /**
83 * Create an enumerator over all proposal substructures.
84 *
85 * @return enumerator over proposal_substructure_t
86 */
87 enumerator_t* (*create_substructure_enumerator)(sa_payload_t *this);
88
89 /**
90 * Destroys an sa_payload_t object.
91 */
92 void (*destroy) (sa_payload_t *this);
93 };
94
95 /**
96 * Creates an empty sa_payload_t object
97 *
98 * @param type SECURITY_ASSOCIATION or SECURITY_ASSOCIATION_V1
99 * @return created sa_payload_t object
100 */
101 sa_payload_t *sa_payload_create(payload_type_t type);
102
103 /**
104 * Creates an IKEv2 sa_payload_t object from a list of proposals.
105 *
106 * @param proposals list of proposals to build the payload from
107 * @return sa_payload_t object
108 */
109 sa_payload_t *sa_payload_create_from_proposals_v2(linked_list_t *proposals);
110
111 /**
112 * Creates an IKEv2 sa_payload_t object from a single proposal.
113 *
114 * @param proposal proposal from which the payload should be built.
115 * @return sa_payload_t object
116 */
117 sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal);
118
119 /**
120 * Creates an IKEv1 sa_payload_t object from a list of proposals.
121 *
122 * @param proposals list of proposals to build the payload from
123 * @param lifetime lifetime in seconds
124 * @param lifebytes lifebytes, in bytes
125 * @param auth authentication method to use, or AUTH_NONE
126 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
127 * @param udp TRUE to use UDP encapsulation
128 * @return sa_payload_t object
129 */
130 sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
131 u_int32_t lifetime, u_int64_t lifebytes,
132 auth_method_t auth, ipsec_mode_t mode, bool udp);
133
134 /**
135 * Creates an IKEv1 sa_payload_t object from a single proposal.
136 *
137 * @param proposal proposal from which the payload should be built.
138 * @param lifetime lifetime in seconds
139 * @param lifebytes lifebytes, in bytes
140 * @param auth authentication method to use, or AUTH_NONE
141 * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
142 * @param udp TRUE to use UDP encapsulation
143 * @return sa_payload_t object
144 */
145 sa_payload_t *sa_payload_create_from_proposal_v1(proposal_t *proposal,
146 u_int32_t lifetime, u_int64_t lifebytes,
147 auth_method_t auth, ipsec_mode_t mode, bool udp);
148
149 #endif /** SA_PAYLOAD_H_ @}*/