Send EAP-Nak with supported types if requested type is unsupported
[strongswan.git] / src / libcharon / sa / ikev2 / authenticators / psk_authenticator.h
1 /*
2 * Copyright (C) 2006-2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup psk_authenticator psk_authenticator
18 * @{ @ingroup authenticators_v2
19 */
20
21 #ifndef PSK_AUTHENTICATOR_H_
22 #define PSK_AUTHENTICATOR_H_
23
24 typedef struct psk_authenticator_t psk_authenticator_t;
25
26 #include <sa/authenticator.h>
27
28 /**
29 * Implementation of authenticator_t using pre-shared keys.
30 */
31 struct psk_authenticator_t {
32
33 /**
34 * Implemented authenticator_t interface.
35 */
36 authenticator_t authenticator;
37 };
38
39 /**
40 * Create an authenticator to build PSK signatures.
41 *
42 * @param ike_sa associated ike_sa
43 * @param received_nonce nonce received in IKE_SA_INIT
44 * @param sent_init sent IKE_SA_INIT message data
45 * @param reserved reserved bytes of ID payload
46 * @return PSK authenticator
47 */
48 psk_authenticator_t *psk_authenticator_create_builder(ike_sa_t *ike_sa,
49 chunk_t received_nonce, chunk_t sent_init,
50 char reserved[3]);
51
52 /**
53 * Create an authenticator to verify PSK signatures.
54 *
55 * @param ike_sa associated ike_sa
56 * @param sent_nonce nonce sent in IKE_SA_INIT
57 * @param received_init received IKE_SA_INIT message data
58 * @param reserved reserved bytes of ID payload
59 * @return PSK authenticator
60 */
61 psk_authenticator_t *psk_authenticator_create_verifier(ike_sa_t *ike_sa,
62 chunk_t sent_nonce, chunk_t received_init,
63 char reserved[3]);
64
65 #endif /** PSK_AUTHENTICATOR_H_ @}*/