1 /* $KAME: esp.h,v 1.5 2000/02/22 14:04:15 itojun Exp $ */
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * RFC1827/2406 Encapsulated Security Payload.
36 #ifndef _NETINET6_ESP_H_
37 #define _NETINET6_ESP_H_
39 #include <netkey/keydb.h> /* for struct secas */
42 u_int32_t esp_spi
; /* ESP */
43 /*variable size, 32bit bound*/ /* Initialization Vector */
44 /*variable size*/ /* Payload data */
45 /*variable size*/ /* padding */
46 /*8bit*/ /* pad size */
47 /*8bit*/ /* next header */
48 /*8bit*/ /* next header */
49 /*variable size, 32bit bound*/ /* Authentication data (new IPsec) */
53 u_int32_t esp_spi
; /* ESP */
54 u_int32_t esp_seq
; /* Sequence number */
55 /*variable size*/ /* (IV and) Payload data */
56 /*variable size*/ /* padding */
57 /*8bit*/ /* pad size */
58 /*8bit*/ /* next header */
59 /*8bit*/ /* next header */
60 /*variable size, 32bit bound*/ /* Authentication data */
64 u_int8_t esp_padlen
; /* pad length */
65 u_int8_t esp_nxt
; /* Next header */
66 /*variable size, 32bit bound*/ /* Authentication data (new IPsec)*/
69 struct esp_algorithm_state
{
71 void* foo
; /*per algorithm data - maybe*/
74 /* XXX yet to be defined */
75 struct esp_algorithm
{
76 size_t padbound
; /* pad boundary, in byte */
77 int (*mature
) __P((struct secasvar
*));
78 int keymin
; /* in bits */
79 int keymax
; /* in bits */
80 int (*ivlen
) __P((struct secasvar
*));
81 int (*decrypt
) __P((struct mbuf
*, size_t,
82 struct secasvar
*, struct esp_algorithm
*, int));
83 int (*encrypt
) __P((struct mbuf
*, size_t, size_t,
84 struct secasvar
*, struct esp_algorithm
*, int));
88 extern struct esp_algorithm esp_algorithms
[];
91 extern int esp4_output
__P((struct mbuf
*, struct ipsecrequest
*));
92 extern void esp4_input
__P((struct mbuf
*, int off
));
93 extern size_t esp_hdrsiz
__P((struct ipsecrequest
*));
96 extern int esp6_output
__P((struct mbuf
*, u_char
*, struct mbuf
*,
97 struct ipsecrequest
*));
98 extern int esp6_input
__P((struct mbuf
**, int *, int));
103 extern int esp_auth
__P((struct mbuf
*, size_t, size_t,
104 struct secasvar
*, u_char
*));
106 #endif /*_NETINET6_ESP_H_*/
projects / apple / xnu.git / blob