1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
/*
* Copyright (C) 2011-2016 Tobias Brunner
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup iv_manager iv_manager
* @{ @ingroup ikev1
*/
#ifndef IV_MANAGER_H_
#define IV_MANAGER_H_
#include <utils/chunk.h>
#include <crypto/hashers/hasher.h>
typedef struct iv_manager_t iv_manager_t;
/**
* IV and QM managing instance for IKEv1. Keeps track of phase 2 exchanges
* and IV, as well as the phase 1 IV.
*/
struct iv_manager_t {
/**
* Set the value of the first phase1 IV.
*
* @param data input to calc initial IV from (g^xi | g^xr)
* @param hasher hasher to be used for IV calculation
* (shared with keymat, must not be destroyed here)
* @param block_size cipher block size of aead
* @return TRUE for success, FALSE otherwise
*/
bool (*init_iv_chain)(iv_manager_t *this, chunk_t data, hasher_t *hasher,
size_t block_size);
/**
* Returns the IV for a message with the given message ID.
*
* The return chunk contains internal data and is valid until the next
* get_iv/udpate_iv/confirm_iv() call.
*
* @param mid message ID
* @param iv chunk receiving IV, internal data
* @return TRUE if IV allocated successfully
*/
bool (*get_iv)(iv_manager_t *this, uint32_t mid, chunk_t *iv);
/**
* Updates the IV for the next message with the given message ID.
*
* A call of confirm_iv() is required in order to actually make the IV
* available. This is needed for the inbound case where we store the last
* block of the encrypted message but want to update the IV only after
* verification of the decrypted message.
*
* @param mid message ID
* @param last_block last block of encrypted message (gets cloned)
* @return TRUE if IV updated successfully
*/
bool (*update_iv)(iv_manager_t *this, uint32_t mid, chunk_t last_block);
/**
* Confirms the updated IV for the given message ID.
*
* To actually make the new IV available via get_iv() this method has to
* be called after update_iv().
*
* @param mid message ID
* @return TRUE if IV confirmed successfully
*/
bool (*confirm_iv)(iv_manager_t *this, uint32_t mid);
/**
* Try to find a QM for the given message ID, if not found, generate it.
* The nonces shall be assigned by the caller if they are not set yet.
*
* @param mid message ID
* @param n_i chunk pointer to contain Ni_b (Nonce from first
* message)
* @param n_r chunk pointer to contain Nr_b (Nonce from second
* message)
*/
void (*lookup_quick_mode)(iv_manager_t *this, uint32_t mid, chunk_t **n_i,
chunk_t **n_r);
/**
* Remove the QM for the given message ID.
*
* @param mid message ID
*/
void (*remove_quick_mode)(iv_manager_t *this, uint32_t mid);
/*
* Destroy a iv_manager_t.
*/
void (*destroy)(iv_manager_t *this);
};
/**
* Create an IV and QM manager which is able to store up to max_exchanges
* initialization vectors and quick modes.
*
* @param max_exchanges maximum number of IVs and QMs to be stored, set
* to 0 to use default (3, or as configured)
* @return IV and QM manager instance
*/
iv_manager_t *iv_manager_create(int max_exchanges);
#endif /** IV_MANAGER_H_ @}*/
|