2 * Copyright (C) 2011 Tobias Brunner
3 * Hochschule fuer Technik Rapperswil
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * @defgroup keymat_v1 keymat_v1
24 #include <sa/keymat.h>
26 typedef struct keymat_v1_t keymat_v1_t
;
29 * Derivation and management of sensitive keying material, IKEv1 variant.
34 * Implements keymat_t.
39 * Derive keys for the IKE_SA.
41 * These keys are not handed out, but are used by the associated signers,
42 * crypters and authentication functions.
44 * @param proposal selected algorithms
45 * @param dh diffie hellman key allocated by create_dh()
46 * @param dh_other public DH value from other peer
47 * @param nonce_i initiators nonce value
48 * @param nonce_r responders nonce value
49 * @param id IKE_SA identifier
50 * @param auth authentication method
51 * @param shared_key PSK in case of AUTH_CLASS_PSK, NULL otherwise
52 * @return TRUE on success
54 bool (*derive_ike_keys
)(keymat_v1_t
*this, proposal_t
*proposal
,
55 diffie_hellman_t
*dh
, chunk_t dh_other
,
56 chunk_t nonce_i
, chunk_t nonce_r
, ike_sa_id_t
*id
,
57 auth_class_t auth
, shared_key_t
*shared_key
);
60 * Derive keys for the CHILD_SA.
62 * @param proposal selected algorithms
63 * @param dh diffie hellman key, NULL if none used
64 * @param nonce_i quick mode initiator nonce
65 * @param nonce_r quick mode responder nonce
66 * @param encr_i allocated initiators encryption key
67 * @param integ_i allocated initiators integrity key
68 * @param encr_r allocated responders encryption key
69 * @param integ_r allocated responders integrity key
71 bool (*derive_child_keys
)(keymat_v1_t
*this, proposal_t
*proposal
,
72 diffie_hellman_t
*dh
, chunk_t nonce_i
, chunk_t nonce_r
,
73 chunk_t
*encr_i
, chunk_t
*integ_i
,
74 chunk_t
*encr_r
, chunk_t
*integ_r
);
77 * Get HASH data for authentication.
79 * @param initiatior TRUE to create HASH_I, FALSE for HASH_R
80 * @param dh public DH value of peer to create HASH for
81 * @param dh_other others public DH value
82 * @param ike_sa_id IKE_SA identifier
83 * @param sa_i encoded SA payload of initiator
84 * @param id ID of peer to create hash for
85 * @return allocated HASH data
87 chunk_t (*get_hash
)(keymat_v1_t
*this, bool initiator
,
88 chunk_t dh
, chunk_t dh_other
, ike_sa_id_t
*ike_sa_id
,
89 chunk_t sa_i
, identification_t
*id
);
92 * Returns the IV for a message with the given message ID.
94 * @param mid message ID
95 * @return IV (needs to be freed)
97 chunk_t (*get_iv
)(keymat_v1_t
*this, u_int32_t mid
);
100 * Updates the IV for the next message with the given message ID.
102 * A call of confirm_iv() is required in order to actually make the IV
103 * available. This is needed for the inbound case where we store the last
104 * block of the encrypted message but want to update the IV only after
105 * verification of the decrypted message.
107 * @param mid message ID
108 * @param last_block last block of encrypted message (gets cloned)
110 void (*update_iv
)(keymat_v1_t
*this, u_int32_t mid
, chunk_t last_block
);
113 * Confirms the updated IV for the given message ID.
115 * To actually make the new IV available via get_iv this method has to
116 * be called after update_iv.
118 * @param mid message ID
120 void (*confirm_iv
)(keymat_v1_t
*this, u_int32_t mid
);
125 * Create a keymat instance.
127 * @param initiator TRUE if we are the initiator
128 * @return keymat instance
130 keymat_v1_t
*keymat_v1_create(bool initiator
);
132 #endif /** KEYMAT_V1_H_ @}*/
projects / strongswan.git / blob