OpenCores
URL https://opencores.org/ocsvn/or1k/or1k/trunk

Subversion Repositories or1k

[/] [or1k/] [trunk/] [ecos-2.0/] [packages/] [net/] [bsd_tcpip/] [v2_0/] [include/] [netkey/] [keydb.h] - Blame information for rev 1765

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 1254 phoenix
//==========================================================================
2
//
3
//      include/netkey/keydb.h
4
//
5
//==========================================================================
6
//####BSDCOPYRIGHTBEGIN####
7
//
8
// -------------------------------------------
9
//
10
// Portions of this software may have been derived from OpenBSD, 
11
// FreeBSD or other sources, and are covered by the appropriate
12
// copyright disclaimers included herein.
13
//
14
// Portions created by Red Hat are
15
// Copyright (C) 2002 Red Hat, Inc. All Rights Reserved.
16
//
17
// -------------------------------------------
18
//
19
//####BSDCOPYRIGHTEND####
20
//==========================================================================
21
 
22
/*      $KAME: keydb.h,v 1.14 2000/08/02 17:58:26 sakane Exp $  */
23
 
24
/*
25
 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
26
 * All rights reserved.
27
 *
28
 * Redistribution and use in source and binary forms, with or without
29
 * modification, are permitted provided that the following conditions
30
 * are met:
31
 * 1. Redistributions of source code must retain the above copyright
32
 *    notice, this list of conditions and the following disclaimer.
33
 * 2. Redistributions in binary form must reproduce the above copyright
34
 *    notice, this list of conditions and the following disclaimer in the
35
 *    documentation and/or other materials provided with the distribution.
36
 * 3. Neither the name of the project nor the names of its contributors
37
 *    may be used to endorse or promote products derived from this software
38
 *    without specific prior written permission.
39
 *
40
 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
41
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
44
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50
 * SUCH DAMAGE.
51
 */
52
 
53
#ifndef _NETKEY_KEYDB_H_
54
#define _NETKEY_KEYDB_H_
55
 
56
#ifdef _KERNEL
57
 
58
#include <netkey/key_var.h>
59
 
60
/* Security Assocciation Index */
61
/* NOTE: Ensure to be same address family */
62
struct secasindex {
63
        struct sockaddr_storage src;    /* srouce address for SA */
64
        struct sockaddr_storage dst;    /* destination address for SA */
65
        u_int16_t proto;                /* IPPROTO_ESP or IPPROTO_AH */
66
        u_int8_t mode;                  /* mode of protocol, see ipsec.h */
67
        u_int32_t reqid;                /* reqid id who owned this SA */
68
                                        /* see IPSEC_MANUAL_REQID_MAX. */
69
};
70
 
71
/* Security Association Data Base */
72
struct secashead {
73
        LIST_ENTRY(secashead) chain;
74
 
75
        struct secasindex saidx;
76
 
77
        struct sadb_ident *idents;      /* source identity */
78
        struct sadb_ident *identd;      /* destination identity */
79
                                        /* XXX I don't know how to use them. */
80
 
81
        u_int8_t state;                 /* MATURE or DEAD. */
82
        LIST_HEAD(_satree, secasvar) savtree[SADB_SASTATE_MAX+1];
83
                                        /* SA chain */
84
                                        /* The first of this list is newer SA */
85
 
86
        struct route sa_route;          /* route cache */
87
};
88
 
89
/* Security Association */
90
struct secasvar {
91
        LIST_ENTRY(secasvar) chain;
92
 
93
        int refcnt;                     /* reference count */
94
        u_int8_t state;                 /* Status of this Association */
95
 
96
        u_int8_t alg_auth;              /* Authentication Algorithm Identifier*/
97
        u_int8_t alg_enc;               /* Cipher Algorithm Identifier */
98
        u_int32_t spi;                  /* SPI Value, network byte order */
99
        u_int32_t flags;                /* holder for SADB_KEY_FLAGS */
100
 
101
        struct sadb_key *key_auth;      /* Key for Authentication */
102
        struct sadb_key *key_enc;       /* Key for Encryption */
103
        caddr_t iv;                     /* Initilization Vector */
104
        u_int ivlen;                    /* length of IV */
105
        void *sched;                    /* intermediate encryption key */
106
        size_t schedlen;
107
 
108
        struct secreplay *replay;       /* replay prevention */
109
        long created;                   /* for lifetime */
110
 
111
        struct sadb_lifetime *lft_c;    /* CURRENT lifetime, it's constant. */
112
        struct sadb_lifetime *lft_h;    /* HARD lifetime */
113
        struct sadb_lifetime *lft_s;    /* SOFT lifetime */
114
 
115
        u_int32_t seq;                  /* sequence number */
116
        pid_t pid;                      /* message's pid */
117
 
118
        struct secashead *sah;          /* back pointer to the secashead */
119
};
120
 
121
/* replay prevention */
122
struct secreplay {
123
        u_int32_t count;
124
        u_int wsize;            /* window size, i.g. 4 bytes */
125
        u_int32_t seq;          /* used by sender */
126
        u_int32_t lastseq;      /* used by receiver */
127
        caddr_t bitmap;         /* used by receiver */
128
        int overflow;           /* overflow flag */
129
};
130
 
131
/* socket table due to send PF_KEY messages. */
132
struct secreg {
133
        LIST_ENTRY(secreg) chain;
134
 
135
        struct socket *so;
136
};
137
 
138
#ifndef IPSEC_NONBLOCK_ACQUIRE
139
/* acquiring list table. */
140
struct secacq {
141
        LIST_ENTRY(secacq) chain;
142
 
143
        struct secasindex saidx;
144
 
145
        u_int32_t seq;          /* sequence number */
146
        long created;           /* for lifetime */
147
        int count;              /* for lifetime */
148
};
149
#endif
150
 
151
/* Sensitivity Level Specification */
152
/* nothing */
153
 
154
#define SADB_KILL_INTERVAL      600     /* six seconds */
155
 
156
struct key_cb {
157
        int key_count;
158
        int any_count;
159
};
160
 
161
/* secpolicy */
162
extern struct secpolicy *keydb_newsecpolicy __P((void));
163
extern void keydb_delsecpolicy __P((struct secpolicy *));
164
/* secashead */
165
extern struct secashead *keydb_newsecashead __P((void));
166
extern void keydb_delsecashead __P((struct secashead *));
167
/* secasvar */
168
extern struct secasvar *keydb_newsecasvar __P((void));
169
extern void keydb_refsecasvar __P((struct secasvar *));
170
extern void keydb_freesecasvar __P((struct secasvar *));
171
/* secreplay */
172
extern struct secreplay *keydb_newsecreplay __P((size_t));
173
extern void keydb_delsecreplay __P((struct secreplay *));
174
/* secreg */
175
extern struct secreg *keydb_newsecreg __P((void));
176
extern void keydb_delsecreg __P((struct secreg *));
177
 
178
#endif /* _KERNEL */
179
 
180
#endif /* _NETKEY_KEYDB_H_ */

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.