esp.h
Go to the documentation of this file.
1 /**
2  * @file esp.h
3  * @brief ESP (IP Encapsulating Security Payload)
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2022-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneIPSEC Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 #ifndef _ESP_H
32 #define _ESP_H
33 
34 //Dependencies
35 #include "ipsec/ipsec.h"
36 
37 //ESP support
38 #ifndef ESP_SUPPORT
39  #define ESP_SUPPORT ENABLED
40 #elif (ESP_SUPPORT != ENABLED && ESP_SUPPORT != DISABLED)
41  #error ESP_SUPPORT parameter is not valid
42 #endif
43 
44 //Extended Sequence Numbers support
45 #ifndef ESP_ESN_SUPPORT
46  #define ESP_ESN_SUPPORT ENABLED
47 #elif (ESP_ESN_SUPPORT != ENABLED && ESP_ESN_SUPPORT != DISABLED)
48  #error ESP_ESN_SUPPORT parameter is not valid
49 #endif
50 
51 //CBC cipher mode support
52 #ifndef ESP_CBC_SUPPORT
53  #define ESP_CBC_SUPPORT ENABLED
54 #elif (ESP_CBC_SUPPORT != ENABLED && ESP_CBC_SUPPORT != DISABLED)
55  #error ESP_CBC_SUPPORT parameter is not valid
56 #endif
57 
58 //CTR cipher mode support
59 #ifndef ESP_CTR_SUPPORT
60  #define ESP_CTR_SUPPORT DISABLED
61 #elif (ESP_CTR_SUPPORT != ENABLED && ESP_CTR_SUPPORT != DISABLED)
62  #error ESP_CTR_SUPPORT parameter is not valid
63 #endif
64 
65 //CCM_8 AEAD support
66 #ifndef ESP_CCM_8_SUPPORT
67  #define ESP_CCM_8_SUPPORT DISABLED
68 #elif (ESP_CCM_8_SUPPORT != ENABLED && ESP_CCM_8_SUPPORT != DISABLED)
69  #error ESP_CCM_8_SUPPORT parameter is not valid
70 #endif
71 
72 //CCM_12 AEAD support
73 #ifndef ESP_CCM_12_SUPPORT
74  #define ESP_CCM_12_SUPPORT DISABLED
75 #elif (ESP_CCM_12_SUPPORT != ENABLED && ESP_CCM_12_SUPPORT != DISABLED)
76  #error ESP_CCM_12_SUPPORT parameter is not valid
77 #endif
78 
79 //CCM_16 AEAD support
80 #ifndef ESP_CCM_16_SUPPORT
81  #define ESP_CCM_16_SUPPORT DISABLED
82 #elif (ESP_CCM_16_SUPPORT != ENABLED && ESP_CCM_16_SUPPORT != DISABLED)
83  #error ESP_CCM_16_SUPPORT parameter is not valid
84 #endif
85 
86 //GCM_8 AEAD support
87 #ifndef ESP_GCM_8_SUPPORT
88  #define ESP_GCM_8_SUPPORT DISABLED
89 #elif (ESP_GCM_8_SUPPORT != ENABLED && ESP_GCM_8_SUPPORT != DISABLED)
90  #error ESP_GCM_8_SUPPORT parameter is not valid
91 #endif
92 
93 //GCM_12 AEAD support
94 #ifndef ESP_GCM_12_SUPPORT
95  #define ESP_GCM_12_SUPPORT DISABLED
96 #elif (ESP_GCM_12_SUPPORT != ENABLED && ESP_GCM_12_SUPPORT != DISABLED)
97  #error ESP_GCM_12_SUPPORT parameter is not valid
98 #endif
99 
100 //GCM_16 AEAD support
101 #ifndef ESP_GCM_16_SUPPORT
102  #define ESP_GCM_16_SUPPORT ENABLED
103 #elif (ESP_GCM_16_SUPPORT != ENABLED && ESP_GCM_16_SUPPORT != DISABLED)
104  #error ESP_GCM_16_SUPPORT parameter is not valid
105 #endif
106 
107 //ChaCha20Poly1305 AEAD support
108 #ifndef ESP_CHACHA20_POLY1305_SUPPORT
109  #define ESP_CHACHA20_POLY1305_SUPPORT ENABLED
110 #elif (ESP_CHACHA20_POLY1305_SUPPORT != ENABLED && ESP_CHACHA20_POLY1305_SUPPORT != DISABLED)
111  #error ESP_CHACHA20_POLY1305_SUPPORT parameter is not valid
112 #endif
113 
114 //CMAC integrity support
115 #ifndef ESP_CMAC_SUPPORT
116  #define ESP_CMAC_SUPPORT DISABLED
117 #elif (ESP_CMAC_SUPPORT != ENABLED && ESP_CMAC_SUPPORT != DISABLED)
118  #error ESP_CMAC_SUPPORT parameter is not valid
119 #endif
120 
121 //HMAC integrity support
122 #ifndef ESP_HMAC_SUPPORT
123  #define ESP_HMAC_SUPPORT ENABLED
124 #elif (ESP_HMAC_SUPPORT != ENABLED && ESP_HMAC_SUPPORT != DISABLED)
125  #error ESP_HMAC_SUPPORT parameter is not valid
126 #endif
127 
128 //IDEA cipher support (insecure)
129 #ifndef ESP_IDEA_SUPPORT
130  #define ESP_IDEA_SUPPORT DISABLED
131 #elif (ESP_IDEA_SUPPORT != ENABLED && ESP_IDEA_SUPPORT != DISABLED)
132  #error ESP_IDEA_SUPPORT parameter is not valid
133 #endif
134 
135 //DES cipher support (insecure)
136 #ifndef ESP_DES_SUPPORT
137  #define ESP_DES_SUPPORT DISABLED
138 #elif (ESP_DES_SUPPORT != ENABLED && ESP_DES_SUPPORT != DISABLED)
139  #error ESP_DES_SUPPORT parameter is not valid
140 #endif
141 
142 //Triple DES cipher support (weak)
143 #ifndef ESP_3DES_SUPPORT
144  #define ESP_3DES_SUPPORT DISABLED
145 #elif (ESP_3DES_SUPPORT != ENABLED && ESP_3DES_SUPPORT != DISABLED)
146  #error ESP_3DES_SUPPORT parameter is not valid
147 #endif
148 
149 //AES 128-bit cipher support
150 #ifndef ESP_AES_128_SUPPORT
151  #define ESP_AES_128_SUPPORT ENABLED
152 #elif (ESP_AES_128_SUPPORT != ENABLED && ESP_AES_128_SUPPORT != DISABLED)
153  #error ESP_AES_128_SUPPORT parameter is not valid
154 #endif
155 
156 //AES 192-bit cipher support
157 #ifndef ESP_AES_192_SUPPORT
158  #define ESP_AES_192_SUPPORT ENABLED
159 #elif (ESP_AES_192_SUPPORT != ENABLED && ESP_AES_192_SUPPORT != DISABLED)
160  #error ESP_AES_192_SUPPORT parameter is not valid
161 #endif
162 
163 //AES 256-bit cipher support
164 #ifndef ESP_AES_256_SUPPORT
165  #define ESP_AES_256_SUPPORT ENABLED
166 #elif (ESP_AES_256_SUPPORT != ENABLED && ESP_AES_256_SUPPORT != DISABLED)
167  #error ESP_AES_256_SUPPORT parameter is not valid
168 #endif
169 
170 //Camellia 128-bit cipher support
171 #ifndef ESP_CAMELLIA_128_SUPPORT
172  #define ESP_CAMELLIA_128_SUPPORT DISABLED
173 #elif (ESP_CAMELLIA_128_SUPPORT != ENABLED && ESP_CAMELLIA_128_SUPPORT != DISABLED)
174  #error ESP_CAMELLIA_128_SUPPORT parameter is not valid
175 #endif
176 
177 //Camellia 192-bit cipher support
178 #ifndef ESP_CAMELLIA_192_SUPPORT
179  #define ESP_CAMELLIA_192_SUPPORT DISABLED
180 #elif (ESP_CAMELLIA_192_SUPPORT != ENABLED && ESP_CAMELLIA_192_SUPPORT != DISABLED)
181  #error ESP_CAMELLIA_192_SUPPORT parameter is not valid
182 #endif
183 
184 //Camellia 256-bit cipher support
185 #ifndef ESP_CAMELLIA_256_SUPPORT
186  #define ESP_CAMELLIA_256_SUPPORT DISABLED
187 #elif (ESP_CAMELLIA_256_SUPPORT != ENABLED && ESP_CAMELLIA_256_SUPPORT != DISABLED)
188  #error ESP_CAMELLIA_256_SUPPORT parameter is not valid
189 #endif
190 
191 //MD5 hash support (insecure)
192 #ifndef ESP_MD5_SUPPORT
193  #define ESP_MD5_SUPPORT DISABLED
194 #elif (ESP_MD5_SUPPORT != ENABLED && ESP_MD5_SUPPORT != DISABLED)
195  #error ESP_MD5_SUPPORT parameter is not valid
196 #endif
197 
198 //SHA-1 hash support (weak)
199 #ifndef ESP_SHA1_SUPPORT
200  #define ESP_SHA1_SUPPORT ENABLED
201 #elif (ESP_SHA1_SUPPORT != ENABLED && ESP_SHA1_SUPPORT != DISABLED)
202  #error ESP_SHA1_SUPPORT parameter is not valid
203 #endif
204 
205 //SHA-256 hash support
206 #ifndef ESP_SHA256_SUPPORT
207  #define ESP_SHA256_SUPPORT ENABLED
208 #elif (ESP_SHA256_SUPPORT != ENABLED && ESP_SHA256_SUPPORT != DISABLED)
209  #error ESP_SHA256_SUPPORT parameter is not valid
210 #endif
211 
212 //SHA-384 hash support
213 #ifndef ESP_SHA384_SUPPORT
214  #define ESP_SHA384_SUPPORT ENABLED
215 #elif (ESP_SHA384_SUPPORT != ENABLED && ESP_SHA384_SUPPORT != DISABLED)
216  #error ESP_SHA384_SUPPORT parameter is not valid
217 #endif
218 
219 //SHA-512 hash support
220 #ifndef ESP_SHA512_SUPPORT
221  #define ESP_SHA512_SUPPORT ENABLED
222 #elif (ESP_SHA512_SUPPORT != ENABLED && ESP_SHA512_SUPPORT != DISABLED)
223  #error ESP_SHA512_SUPPORT parameter is not valid
224 #endif
225 
226 //Size of the buffer for input/output operations
227 #ifndef ESP_BUFFER_SIZE
228  #define ESP_BUFFER_SIZE 2048
229 #elif (ESP_BUFFER_SIZE < 256)
230  #error ESP_BUFFER_SIZE parameter is not valid
231 #endif
232 
233 //C++ guard
234 #ifdef __cplusplus
235 extern "C" {
236 #endif
237 
238 //CC-RX, CodeWarrior or Win32 compiler?
239 #if defined(__CCRX__)
240  #pragma pack
241 #elif defined(__CWCC__) || defined(_WIN32)
242  #pragma pack(push, 1)
243 #endif
244 
245 
246 /**
247  * @brief ESP header
248  **/
249 
250 typedef __packed_struct
251 {
252  uint32_t spi; //0-3
253  uint32_t seqNum; //4-7
254  uint8_t payloadData[]; //8
255 } EspHeader;
256 
257 
258 /**
259  * @brief ESP trailer
260  **/
261 
262 typedef __packed_struct
263 {
264  uint8_t padLength; //0
265  uint8_t nextHeader; //1
266  uint8_t icv[]; //2
267 } EspTrailer;
268 
269 
270 //CC-RX, CodeWarrior or Win32 compiler?
271 #if defined(__CCRX__)
272  #pragma unpack
273 #elif defined(__CWCC__) || defined(_WIN32)
274  #pragma pack(pop)
275 #endif
276 
277 //ESP related functions
278 error_t ipv4ProcessEspHeader(NetInterface *interface,
279  const Ipv4Header *ipv4Header, const NetBuffer *buffer, size_t offset,
280  NetRxAncillary *ancillary);
281 
282 void espDumpHeader(const EspHeader *espHeader);
283 
284 //C++ guard
285 #ifdef __cplusplus
286 }
287 #endif
288 
289 #endif
seqNum
uint32_t seqNum
Definition: esp.h:253
Ipv4Header
#define Ipv4Header
Definition: ipv4.h:36
spi
uint32_t spi
Definition: ah.h:143
NetBuffer
Structure describing a buffer that spans multiple chunks.
Definition: net_mem.h:89
espDumpHeader
void espDumpHeader(const EspHeader *espHeader)
Dump ESP header for debugging purpose.
Definition: esp.c:301
__packed_struct
typedef __packed_struct
ESP header.
Definition: esp.h:251
icv
uint8_t icv[]
Definition: esp.h:266
error_t
error_t
Error codes.
Definition: error.h:43
nextHeader
uint8_t nextHeader
Definition: esp.h:265
NetRxAncillary
#define NetRxAncillary
Definition: net_misc.h:40
NetInterface
#define NetInterface
Definition: net.h:36
EspTrailer
EspTrailer
Definition: esp.h:267
payloadData
uint8_t payloadData[]
Definition: esp.h:254
EspHeader
EspHeader
Definition: esp.h:255
ipsec.h
IPsec (IP security)
ipv4ProcessEspHeader
error_t ipv4ProcessEspHeader(NetInterface *interface, const Ipv4Header *ipv4Header, const NetBuffer *buffer, size_t offset, NetRxAncillary *ancillary)
Process ESP protected packet.
Definition: esp.c:61