ESP algorithm negotiation. More...
#include "ipsec/ipsec.h"#include "ipsec/ipsec_misc.h"#include "esp/esp.h"#include "esp/esp_algorithms.h"#include "ike/ike_algorithms.h"#include "hash/hash_algorithms.h"#include "debug.h"Go to the source code of this file.
Macros | |
| #define | TRACE_LEVEL ESP_TRACE_LEVEL |
Functions | |
| error_t | espSelectEncAlgo (IkeChildSaEntry *childSa, uint16_t encAlgoId, size_t encKeyLen) |
| Select the relevant encryption algorithm. More... | |
| error_t | espSelectAuthAlgo (IkeChildSaEntry *childSa, uint16_t authAlgoId) |
| Select the relevant MAC algorithm. More... | |
| error_t | espAddSupportedTransforms (IkeContext *context, IkeProposal *proposal, uint8_t **lastSubstruc) |
| Add the supported ESP transforms to the proposal. More... | |
| error_t | espAddSupportedEncTransforms (IkeContext *context, IkeProposal *proposal, uint8_t **lastSubstruc) |
| Add the supported encryption transforms to the proposal. More... | |
| error_t | espAddSupportedAuthTransforms (IkeContext *context, IkeProposal *proposal, uint8_t **lastSubstruc) |
| Add the supported integrity transforms to the proposal. More... | |
| error_t | espAddSupportedEsnTransforms (IkeContext *context, IkeProposal *proposal, uint8_t **lastSubstruc) |
| Add the supported ESN transforms to the proposal. More... | |
| const IkeEncAlgo * | espSelectEncTransform (IkeContext *context, const IkeProposal *proposal, size_t proposalLen) |
| Encryption transform negotiation. More... | |
| uint16_t | espSelectAuthTransform (IkeContext *context, const IkeProposal *proposal, size_t proposalLen) |
| Integrity transform negotiation. More... | |
| uint16_t | espSelectEsnTransform (IkeContext *context, const IkeProposal *proposal, size_t proposalLen) |
| ESN transform negotiation. More... | |
| error_t | espSelectSaProposal (IkeChildSaEntry *childSa, const IkeSaPayload *payload) |
| Select a single proposal. More... | |
| error_t | espCheckSaProposal (IkeChildSaEntry *childSa, const IkeSaPayload *payload) |
| Check whether the selected proposal is acceptable. More... | |
Detailed Description
ESP algorithm negotiation.
License
SPDX-License-Identifier: GPL-2.0-or-later
Copyright (C) 2022-2024 Oryx Embedded SARL. All rights reserved.
This file is part of CycloneIPSEC Open.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- Version
- 2.4.0
Definition in file esp_algorithms.c.
Macro Definition Documentation
◆ TRACE_LEVEL
| #define TRACE_LEVEL ESP_TRACE_LEVEL |
Definition at line 32 of file esp_algorithms.c.
Function Documentation
◆ espAddSupportedAuthTransforms()
| error_t espAddSupportedAuthTransforms | ( | IkeContext * | context, |
| IkeProposal * | proposal, | ||
| uint8_t ** | lastSubstruc | ||
| ) |
Add the supported integrity transforms to the proposal.
- Parameters
-
[in] context Pointer to the IKE context [in,out] proposal Pointer to the Proposal substructure [in,out] lastSubstruc Pointer to the Last Substruc field
- Returns
- Error code
Definition at line 983 of file esp_algorithms.c.
◆ espAddSupportedEncTransforms()
| error_t espAddSupportedEncTransforms | ( | IkeContext * | context, |
| IkeProposal * | proposal, | ||
| uint8_t ** | lastSubstruc | ||
| ) |
Add the supported encryption transforms to the proposal.
- Parameters
-
[in] context Pointer to the IKE context [in,out] proposal Pointer to the Proposal substructure [in,out] lastSubstruc Pointer to the Last Substruc field
- Returns
- Error code
Definition at line 952 of file esp_algorithms.c.
◆ espAddSupportedEsnTransforms()
| error_t espAddSupportedEsnTransforms | ( | IkeContext * | context, |
| IkeProposal * | proposal, | ||
| uint8_t ** | lastSubstruc | ||
| ) |
Add the supported ESN transforms to the proposal.
- Parameters
-
[in] context Pointer to the IKE context [in,out] proposal Pointer to the Proposal substructure [in,out] lastSubstruc Pointer to the Last Substruc field
- Returns
- Error code
Definition at line 1013 of file esp_algorithms.c.
◆ espAddSupportedTransforms()
| error_t espAddSupportedTransforms | ( | IkeContext * | context, |
| IkeProposal * | proposal, | ||
| uint8_t ** | lastSubstruc | ||
| ) |
Add the supported ESP transforms to the proposal.
- Parameters
-
[in] context Pointer to the IKE context [in,out] proposal Pointer to the Proposal substructure [in,out] lastSubstruc Pointer to the Last Substruc field
- Returns
- Error code
Definition at line 915 of file esp_algorithms.c.
◆ espCheckSaProposal()
| error_t espCheckSaProposal | ( | IkeChildSaEntry * | childSa, |
| const IkeSaPayload * | payload | ||
| ) |
Check whether the selected proposal is acceptable.
- Parameters
-
[in] childSa Pointer to the Child SA [in] payload Pointer to the Security Association payload
- Returns
- Error code
Definition at line 1321 of file esp_algorithms.c.
◆ espSelectAuthAlgo()
| error_t espSelectAuthAlgo | ( | IkeChildSaEntry * | childSa, |
| uint16_t | authAlgoId | ||
| ) |
Select the relevant MAC algorithm.
- Parameters
-
[in] childSa Pointer to the Child SA [in] authAlgoId Authentication algorithm identifier
- Returns
- Error code
Definition at line 823 of file esp_algorithms.c.
◆ espSelectAuthTransform()
| uint16_t espSelectAuthTransform | ( | IkeContext * | context, |
| const IkeProposal * | proposal, | ||
| size_t | proposalLen | ||
| ) |
Integrity transform negotiation.
- Parameters
-
[in] context Pointer to the IKE context [in] proposal Pointer to the Proposal substructure [in] proposalLen Length of the Proposal substructure, in bytes
- Returns
- Selected integrity transform, if any
Definition at line 1159 of file esp_algorithms.c.
◆ espSelectEncAlgo()
| error_t espSelectEncAlgo | ( | IkeChildSaEntry * | childSa, |
| uint16_t | encAlgoId, | ||
| size_t | encKeyLen | ||
| ) |
Select the relevant encryption algorithm.
- Parameters
-
[in] childSa Pointer to the Child SA [in] encAlgoId Encryption algorithm identifier [in] encKeyLen Length of the encryption key, in bytes
- Returns
- Error code
Definition at line 234 of file esp_algorithms.c.
◆ espSelectEncTransform()
| const IkeEncAlgo* espSelectEncTransform | ( | IkeContext * | context, |
| const IkeProposal * | proposal, | ||
| size_t | proposalLen | ||
| ) |
Encryption transform negotiation.
- Parameters
-
[in] context Pointer to the IKE context [in] proposal Pointer to the Proposal substructure [in] proposalLen Length of the Proposal substructure, in bytes
- Returns
- Selected encryption transform, if any
Definition at line 1043 of file esp_algorithms.c.
◆ espSelectEsnTransform()
| uint16_t espSelectEsnTransform | ( | IkeContext * | context, |
| const IkeProposal * | proposal, | ||
| size_t | proposalLen | ||
| ) |
ESN transform negotiation.
- Parameters
-
[in] context Pointer to the IKE context [in] proposal Pointer to the Proposal substructure [in] proposalLen Length of the Proposal substructure, in bytes
- Returns
- Selected ESN transform, if any
Definition at line 1176 of file esp_algorithms.c.
◆ espSelectSaProposal()
| error_t espSelectSaProposal | ( | IkeChildSaEntry * | childSa, |
| const IkeSaPayload * | payload | ||
| ) |
Select a single proposal.
- Parameters
-
[in] childSa Pointer to the Child SA [in] payload Pointer to the Security Association payload
- Returns
- Error code
Definition at line 1192 of file esp_algorithms.c.