fxr.watson.org: FREEBSD-3-STABLE sys/netkey/key.h

FreeBSD/Linux Kernel Cross Reference
sys/netkey/key.h

Version: - FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10

1 /*---------------------------------------------------------------------- 2 * key.h : Declarations and Definitions for Key Engine for BSD. 3 * 4 * Copyright 1995 by Bao Phan, Randall Atkinson, & Dan McDonald, 5 * All Rights Reserved. All rights have been assigned to the US 6 * Naval Research Laboratory (NRL). The NRL Copyright Notice and 7 * License Agreement governs distribution and use of this software. 8 * 9 * Patents are pending on this technology. NRL grants a license 10 * to use this technology at no cost under the terms below with 11 * the additional requirement that software, hardware, and 12 * documentation relating to use of this technology must include 13 * the note that: 14 * This product includes technology developed at and 15 * licensed from the Information Technology Division, 16 * US Naval Research Laboratory. 17 * 18 ----------------------------------------------------------------------*/ 19 /*---------------------------------------------------------------------- 20 # @(#)COPYRIGHT 1.1a (NRL) 17 August 1995 21 22 COPYRIGHT NOTICE 23 24 All of the documentation and software included in this software 25 distribution from the US Naval Research Laboratory (NRL) are 26 copyrighted by their respective developers. 27 28 This software and documentation were developed at NRL by various 29 people. Those developers have each copyrighted the portions that they 30 developed at NRL and have assigned All Rights for those portions to 31 NRL. Outside the USA, NRL also has copyright on the software 32 developed at NRL. The affected files all contain specific copyright 33 notices and those notices must be retained in any derived work. 34 35 NRL LICENSE 36 37 NRL grants permission for redistribution and use in source and binary 38 forms, with or without modification, of the software and documentation 39 created at NRL provided that the following conditions are met: 40 41 1. Redistributions of source code must retain the above copyright 42 notice, this list of conditions and the following disclaimer. 43 2. Redistributions in binary form must reproduce the above copyright 44 notice, this list of conditions and the following disclaimer in the 45 documentation and/or other materials provided with the distribution. 46 3. All advertising materials mentioning features or use of this software 47 must display the following acknowledgement: 48 49 This product includes software developed at the Information 50 Technology Division, US Naval Research Laboratory. 51 52 4. Neither the name of the NRL nor the names of its contributors 53 may be used to endorse or promote products derived from this software 54 without specific prior written permission. 55 56 THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 57 IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 58 TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 59 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 60 CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 61 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 62 PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 63 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 64 LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 65 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 66 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 67 68 The views and conclusions contained in the software and documentation 69 are those of the authors and should not be interpreted as representing 70 official policies, either expressed or implied, of the US Naval 71 Research Laboratory (NRL). 72 73 ----------------------------------------------------------------------*/ 74 75 #ifndef _netkey_key_h 76 #define _netkey_key_h 1 77 78 /* 79 * PF_KEY messages 80 */ 81 82 #define KEY_ADD 1 83 #define KEY_DELETE 2 84 #define KEY_UPDATE 3 85 #define KEY_GET 4 86 #define KEY_ACQUIRE 5 87 #define KEY_GETSPI 6 88 #define KEY_REGISTER 7 89 #define KEY_EXPIRE 8 90 #define KEY_DUMP 9 91 #define KEY_FLUSH 10 92 93 #define KEY_VERSION 1 94 #define POLICY_VERSION 1 95 96 #define SECURITY_TYPE_NONE 0 97 98 #define KEY_TYPE_AH 1 99 #define KEY_TYPE_ESP 2 100 #define KEY_TYPE_RSVP 3 101 #define KEY_TYPE_OSPF 4 102 #define KEY_TYPE_RIPV2 5 103 #define KEY_TYPE_MIPV4 6 104 #define KEY_TYPE_MIPV6 7 105 #define KEY_TYPE_MAX 7 106 107 /* 108 * Security association state 109 */ 110 111 #define K_USED 0x1 /* Key used/not used */ 112 #define K_UNIQUE 0x2 /* Key unique/reusable */ 113 #define K_LARVAL 0x4 /* SPI assigned, but sa incomplete */ 114 #define K_ZOMBIE 0x8 /* sa expired but still useable */ 115 #define K_DEAD 0x10 /* sa marked for deletion, ready for reaping */ 116 #define K_INBOUND 0x20 /* sa for inbound packets, ie. dst=myhost */ 117 #define K_OUTBOUND 0x40 /* sa for outbound packets, ie. src=myhost */ 118 119 120 #ifndef MAX_SOCKADDR_SZ 121 #ifdef INET6 122 #define MAX_SOCKADDR_SZ (sizeof(struct sockaddr_in6)) 123 #else /* INET6 */ 124 #define MAX_SOCKADDR_SZ (sizeof(struct sockaddr_in)) 125 #endif /* INET6 */ 126 #endif /* MAX_SOCKADDR_SZ */ 127 128 #ifndef MAX_KEY_SZ 129 #define MAX_KEY_SZ 16 130 #endif /* MAX_KEY_SZ */ 131 132 #ifndef MAX_IV_SZ 133 #define MAX_IV_SZ 16 134 #endif /* MAX_IV_SZ */ 135 136 /* Security association data for IP Security */ 137 struct key_secassoc { 138 u_int8_t len; /* Length of the data (for radix) */ 139 u_int8_t type; /* Type of association */ 140 u_int8_t vers; /* Version of association (AH/ESP) */ 141 u_int8_t state; /* State of the association */ 142 u_int8_t label; /* Sensitivity label (unused) */ 143 u_int32_t spi; /* SPI */ 144 u_int8_t keylen; /* Key length */ 145 u_int8_t ekeylen; /* Extra key length */ 146 u_int8_t ivlen; /* Initialization vector length */ 147 u_int8_t algorithm; /* Algorithm switch index */ 148 u_int8_t lifetype; /* Type of lifetime */ 149 caddr_t iv; /* Initialization vector */ 150 caddr_t key; /* Key */ 151 caddr_t ekey; /* Extra key */ 152 u_int32_t lifetime1; /* Lifetime value 1 */ 153 u_int32_t lifetime2; /* Lifetime value 2 */ 154 struct sockaddr *src; /* Source host address */ 155 struct sockaddr *dst; /* Destination host address */ 156 struct sockaddr *from; /* Originator of association */ 157 158 int antireplay; /*anti replay flag*/ 159 u_int32_t sequence; /*send: sequence number*/ 160 u_int32_t replayright; /*receive: replay window, right*/ 161 u_int64_t replaywindow; /*receive: replay window*/ 162 }; 163 164 /* 165 * Structure for key message header. PF_KEY message consists of key_msghdr 166 * followed by src struct sockaddr, dest struct sockaddr, from struct 167 * sockaddr, key, and iv. Assumes size of key message header less than MHLEN. 168 */ 169 170 struct key_msghdr { 171 u_short key_msglen; /* length of message including 172 * src/dst/from/key/iv */ 173 u_char key_msgvers; /* key version number */ 174 u_char key_msgtype; /* key message type, eg. KEY_ADD */ 175 pid_t key_pid; /* process id of message sender */ 176 int key_seq; /* message sequence number */ 177 int key_errno; /* error code */ 178 u_int8_t type; /* type of security association */ 179 u_int8_t vers; /* version of sassoc (AH/ESP) */ 180 u_int8_t state; /* state of security association */ 181 u_int8_t label; /* sensitivity level */ 182 u_int8_t pad; /* padding for allignment */ 183 u_int32_t spi; /* spi value */ 184 u_int8_t keylen; /* key length */ 185 u_int8_t ekeylen; /* extra key length */ 186 u_int8_t ivlen; /* iv length */ 187 u_int8_t algorithm; /* algorithm identifier */ 188 u_int8_t lifetype; /* type of lifetime */ 189 u_int32_t lifetime1; /* lifetime value 1 */ 190 u_int32_t lifetime2; /* lifetime value 2 */ 191 192 int antireplay; /* anti replay flag */ 193 }; 194 195 struct key_msgdata { 196 struct sockaddr *src; /* source host address */ 197 struct sockaddr *dst; /* destination host address */ 198 struct sockaddr *from; /* originator of security association */ 199 caddr_t iv; /* initialization vector */ 200 caddr_t key; /* key */ 201 caddr_t ekey; /* extra key */ 202 int ivlen; /* key length */ 203 int keylen; /* iv length */ 204 int ekeylen; /* extra key length */ 205 }; 206 207 struct policy_msghdr { 208 u_short policy_msglen; /* message length */ 209 u_char policy_msgvers; /* message version */ 210 u_char policy_msgtype; /* message type */ 211 int policy_seq; /* message sequence number */ 212 int policy_errno; /* error code */ 213 }; 214 215 /* 216 * Key engine table structures 217 */ 218 219 struct socketlist { 220 struct socket *socket; /* pointer to socket */ 221 struct socketlist *next; /* next */ 222 }; 223 224 struct key_tblnode { 225 int alloc_count; /* number of sockets allocated to 226 * secassoc */ 227 int ref_count; /* number of sockets referencing 228 * secassoc */ 229 struct socketlist *solist; /* list of sockets allocated to 230 * secassoc */ 231 struct key_secassoc *secassoc; /* security association */ 232 struct key_tblnode *next; /* next node */ 233 }; 234 235 struct key_allocnode { 236 struct key_tblnode *keynode; 237 struct key_allocnode *next; 238 }; 239 240 struct key_so2spinode { 241 struct socket *socket; /* socket pointer */ 242 struct key_tblnode *keynode; /* pointer to tblnode containing 243 * secassoc */ 244 /* info for socket */ 245 struct key_so2spinode *next; 246 }; 247 248 struct key_registry { 249 u_int8_t type; /* secassoc type that key mgnt. daemon can 250 * acquire */ 251 struct socket *socket; /* key management daemon socket pointer */ 252 struct key_registry *next; 253 }; 254 255 struct key_acquirelist { 256 u_int8_t type; /* secassoc type to acquire */ 257 struct sockaddr *target; /* destination address of secassoc */ 258 u_int32_t count; /* number of acquire messages sent */ 259 u_long expiretime; /* expiration time for acquire message */ 260 struct key_acquirelist *next; 261 }; 262 263 struct keyso_cb { 264 int ip4_count; 265 #ifdef INET6 266 int ip6_count; 267 #endif /*INET6*/ 268 int any_count; /* Sum of above counters */ 269 }; 270 271 #ifdef KERNEL 272 extern int key_secassoc2msghdr __P((struct key_secassoc *, struct key_msghdr *, 273 struct key_msgdata *)); 274 extern int key_msghdr2secassoc __P((struct key_secassoc *, struct key_msghdr *, 275 struct key_msgdata *)); 276 extern int key_inittables __P((void)); 277 extern void key_sodelete __P((struct socket *, int)); 278 extern int key_add __P((struct key_secassoc *)); 279 extern int key_delete __P((struct key_secassoc *)); 280 extern int key_get __P((u_int, struct sockaddr *, struct sockaddr *, 281 u_int32_t, struct key_secassoc **)); 282 extern void key_flush __P((void)); 283 extern int key_dump __P((struct socket *)); 284 extern int key_getspi __P((u_int, u_int, struct sockaddr *, struct sockaddr *, 285 u_int32_t, u_int32_t, u_int32_t *)); 286 extern int key_update __P((struct key_secassoc *)); 287 extern int key_register __P((struct socket *, u_int)); 288 extern void key_unregister __P((struct socket *, u_int, int)); 289 extern int key_acquire __P((u_int, struct sockaddr *, struct sockaddr *)); 290 extern int getassocbyspi __P((u_int, struct sockaddr *, struct sockaddr *, 291 u_int32_t, struct key_tblnode **)); 292 extern int getassocbysocket __P((u_int, struct sockaddr *, struct sockaddr *, 293 struct socket *, u_int, struct key_tblnode **)); 294 extern void key_free __P((struct key_tblnode *)); 295 extern int key_parse __P((struct key_msghdr ** km, struct socket * so, 296 int *)); 297 #endif /* KERNEL */ 298 299 #endif /* _netkey_key_h */

Cache object: f9e5d5aa45e1c7ea6e47773db63fb417

FreeBSD/Linux Kernel Cross Reference sys/netkey/key.h

FreeBSD/Linux Kernel Cross Reference
sys/netkey/key.h