tls: Separate TLS protection to abstracted AEAD modes
[strongswan.git] / src / libtls / tls_protection.h
index 05cf3df..3280fb5 100644 (file)
@@ -26,6 +26,7 @@
 typedef struct tls_protection_t tls_protection_t;
 
 #include "tls.h"
+#include "tls_aead.h"
 #include "tls_alert.h"
 #include "tls_compression.h"
 
@@ -62,15 +63,12 @@ struct tls_protection_t {
                                          tls_content_type_t *type, chunk_t *data);
 
        /**
-        * Set a new cipher, including encryption and integrity algorithms.
+        * Set a new transforms to use at protection layer
         *
         * @param inbound       TRUE to use cipher for inbound data, FALSE for outbound
-        * @param signer        new signer to use, gets owned by protection layer
-        * @param crypter       new crypter to use, gets owned by protection layer
-        * @param iv            initial IV for crypter, gets owned by protection layer
+        * @param aead          new AEAD transform
         */
-       void (*set_cipher)(tls_protection_t *this, bool inbound, signer_t *signer,
-                                          crypter_t *crypter, chunk_t iv);
+       void (*set_cipher)(tls_protection_t *this, bool inbound, tls_aead_t *aead);
 
        /**
         * Set the TLS version negotiated, used for MAC calculation.