[apple/xnu.git] / bsd / netinet6 / esp.h

/*	$KAME: esp.h,v 1.5 2000/02/22 14:04:15 itojun Exp $	*/

/*
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the project nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

/*
 * RFC1827/2406 Encapsulated Security Payload.
 */

#ifndef _NETINET6_ESP_H_
#define _NETINET6_ESP_H_

#include <netkey/keydb.h>		/* for struct secas */

struct esp {
	u_int32_t	esp_spi;	/* ESP */
	/*variable size, 32bit bound*/	/* Initialization Vector */
	/*variable size*/		/* Payload data */
	/*variable size*/		/* padding */
	/*8bit*/			/* pad size */
	/*8bit*/			/* next header */
	/*8bit*/			/* next header */
	/*variable size, 32bit bound*/	/* Authentication data (new IPsec) */
};

struct newesp {
	u_int32_t	esp_spi;	/* ESP */
	u_int32_t	esp_seq;	/* Sequence number */
	/*variable size*/		/* (IV and) Payload data */
	/*variable size*/		/* padding */
	/*8bit*/			/* pad size */
	/*8bit*/			/* next header */
	/*8bit*/			/* next header */
	/*variable size, 32bit bound*/	/* Authentication data */
};

struct esptail {
	u_int8_t	esp_padlen;	/* pad length */
	u_int8_t	esp_nxt;	/* Next header */
	/*variable size, 32bit bound*/	/* Authentication data (new IPsec)*/
};

struct esp_algorithm_state {
	struct secasvar *sav;
	void* foo;	/*per algorithm data - maybe*/
};

/* XXX yet to be defined */
struct esp_algorithm {
	size_t padbound;	/* pad boundary, in byte */
	int (*mature) __P((struct secasvar *));
	int keymin;	/* in bits */
	int keymax;	/* in bits */
	int (*ivlen) __P((struct secasvar *));
	int (*decrypt) __P((struct mbuf *, size_t,
		struct secasvar *, struct esp_algorithm *, int));
	int (*encrypt) __P((struct mbuf *, size_t, size_t,
		struct secasvar *, struct esp_algorithm *, int));
};

#if KERNEL
extern struct esp_algorithm esp_algorithms[];

/* crypt routines */
extern int esp4_output __P((struct mbuf *, struct ipsecrequest *));
extern void esp4_input __P((struct mbuf *, int off));
extern size_t esp_hdrsiz __P((struct ipsecrequest *));

#if INET6
extern int esp6_output __P((struct mbuf *, u_char *, struct mbuf *,
	struct ipsecrequest *));
extern int esp6_input __P((struct mbuf **, int *, int));
#endif /* INET6 */
#endif /*KERNEL*/

struct secasvar;
extern int esp_auth __P((struct mbuf *, size_t, size_t,
	struct secasvar *, u_char *));

#endif /*_NETINET6_ESP_H_*/
Commit	Line	Data
1c79356b A	1	/* $KAME: esp.h,v 1.5 2000/02/22 14:04:15 itojun Exp $ */
	2
	3	/*
	4	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	* 3. Neither the name of the project nor the names of its contributors
	16	* may be used to endorse or promote products derived from this software
	17	* without specific prior written permission.
	18	*
	19	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
	20	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	21	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	22	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
	23	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	24	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	25	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	26	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	27	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	28	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	29	* SUCH DAMAGE.
	30	*/
	31
	32	/*
	33	* RFC1827/2406 Encapsulated Security Payload.
	34	*/
	35
	36	#ifndef _NETINET6_ESP_H_
	37	#define _NETINET6_ESP_H_
	38
	39	#include <netkey/keydb.h> /* for struct secas */
	40
	41	struct esp {
	42	u_int32_t esp_spi; /* ESP */
	43	/variable size, 32bit bound/ /* Initialization Vector */
	44	/variable size/ /* Payload data */
	45	/variable size/ /* padding */
	46	/8bit/ /* pad size */
	47	/8bit/ /* next header */
	48	/8bit/ /* next header */
	49	/variable size, 32bit bound/ /* Authentication data (new IPsec) */
	50	};
	51
	52	struct newesp {
	53	u_int32_t esp_spi; /* ESP */
	54	u_int32_t esp_seq; /* Sequence number */
	55	/variable size/ /* (IV and) Payload data */
	56	/variable size/ /* padding */
	57	/8bit/ /* pad size */
	58	/8bit/ /* next header */
	59	/8bit/ /* next header */
	60	/variable size, 32bit bound/ /* Authentication data */
	61	};
	62
	63	struct esptail {
	64	u_int8_t esp_padlen; /* pad length */
65	u_int8_t esp_nxt; /* Next header */
66	/variable size, 32bit bound/ /* Authentication data (new IPsec)*/
67	};
68
69	struct esp_algorithm_state {
70	struct secasvar *sav;
71	void* foo; /per algorithm data - maybe/
72	};
73
74	/* XXX yet to be defined */
75	struct esp_algorithm {
76	size_t padbound; /* pad boundary, in byte */
77	int (mature) __P((struct secasvar ));
78	int keymin; /* in bits */
79	int keymax; /* in bits */
80	int (ivlen) __P((struct secasvar ));
81	int (decrypt) __P((struct mbuf , size_t,
82	struct secasvar , struct esp_algorithm , int));
83	int (encrypt) __P((struct mbuf , size_t, size_t,
84	struct secasvar , struct esp_algorithm , int));
85	};
86
87	#if KERNEL
88	extern struct esp_algorithm esp_algorithms[];
89
90	/* crypt routines */
91	extern int esp4_output __P((struct mbuf , struct ipsecrequest ));
92	extern void esp4_input __P((struct mbuf *, int off));
93	extern size_t esp_hdrsiz __P((struct ipsecrequest *));
94
95	#if INET6
96	extern int esp6_output __P((struct mbuf , u_char , struct mbuf *,
97	struct ipsecrequest *));
98	extern int esp6_input __P((struct mbuf *, int , int));
99	#endif /* INET6 */
100	#endif /KERNEL/
101
102	struct secasvar;
103	extern int esp_auth __P((struct mbuf *, size_t, size_t,
104	struct secasvar , u_char ));
105
106	#endif /_NETINET6_ESP_H_/