ike: Rename encryption_payload to encrypted_payload
This commit is contained in:
parent
7fb363c8f7
commit
147fe503af
|
@ -19,7 +19,7 @@
|
|||
#include <netinet/udp.h>
|
||||
|
||||
#include <encoding/payloads/cert_payload.h>
|
||||
#include <encoding/payloads/encryption_payload.h>
|
||||
#include <encoding/payloads/encrypted_payload.h>
|
||||
|
||||
typedef struct private_ike_auth_fill_t private_ike_auth_fill_t;
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \
|
|||
encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \
|
||||
encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \
|
||||
encoding/payloads/encodings.c encoding/payloads/encodings.h \
|
||||
encoding/payloads/encryption_payload.c encoding/payloads/encryption_payload.h \
|
||||
encoding/payloads/encrypted_payload.c encoding/payloads/encrypted_payload.h \
|
||||
encoding/payloads/id_payload.c encoding/payloads/id_payload.h \
|
||||
encoding/payloads/ike_header.c encoding/payloads/ike_header.h \
|
||||
encoding/payloads/ke_payload.c encoding/payloads/ke_payload.h \
|
||||
|
|
|
@ -23,7 +23,7 @@ encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \
|
|||
encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \
|
||||
encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \
|
||||
encoding/payloads/encodings.c encoding/payloads/encodings.h \
|
||||
encoding/payloads/encryption_payload.c encoding/payloads/encryption_payload.h \
|
||||
encoding/payloads/encrypted_payload.c encoding/payloads/encrypted_payload.h \
|
||||
encoding/payloads/id_payload.c encoding/payloads/id_payload.h \
|
||||
encoding/payloads/ike_header.c encoding/payloads/ike_header.h \
|
||||
encoding/payloads/ke_payload.c encoding/payloads/ke_payload.h \
|
||||
|
|
|
@ -30,7 +30,7 @@
|
|||
#include <encoding/payloads/encodings.h>
|
||||
#include <encoding/payloads/payload.h>
|
||||
#include <encoding/payloads/hash_payload.h>
|
||||
#include <encoding/payloads/encryption_payload.h>
|
||||
#include <encoding/payloads/encrypted_payload.h>
|
||||
#include <encoding/payloads/unknown_payload.h>
|
||||
#include <encoding/payloads/cp_payload.h>
|
||||
|
||||
|
@ -1392,11 +1392,11 @@ static void order_payloads(private_message_t *this)
|
|||
}
|
||||
|
||||
/**
|
||||
* Wrap payloads in an encryption payload
|
||||
* Wrap payloads in an encrypted payload
|
||||
*/
|
||||
static encryption_payload_t* wrap_payloads(private_message_t *this)
|
||||
static encrypted_payload_t* wrap_payloads(private_message_t *this)
|
||||
{
|
||||
encryption_payload_t *encryption;
|
||||
encrypted_payload_t *encryption;
|
||||
linked_list_t *payloads;
|
||||
payload_t *current;
|
||||
|
||||
|
@ -1410,11 +1410,11 @@ static encryption_payload_t* wrap_payloads(private_message_t *this)
|
|||
|
||||
if (this->is_encrypted)
|
||||
{
|
||||
encryption = encryption_payload_create(PLV1_ENCRYPTED);
|
||||
encryption = encrypted_payload_create(PLV1_ENCRYPTED);
|
||||
}
|
||||
else
|
||||
{
|
||||
encryption = encryption_payload_create(PLV2_ENCRYPTED);
|
||||
encryption = encrypted_payload_create(PLV2_ENCRYPTED);
|
||||
}
|
||||
while (payloads->remove_first(payloads, (void**)¤t) == SUCCESS)
|
||||
{
|
||||
|
@ -1459,7 +1459,7 @@ METHOD(message_t, generate, status_t,
|
|||
generator_t *generator;
|
||||
ike_header_t *ike_header;
|
||||
payload_t *payload, *next;
|
||||
encryption_payload_t *encryption = NULL;
|
||||
encrypted_payload_t *encryption = NULL;
|
||||
payload_type_t next_type;
|
||||
enumerator_t *enumerator;
|
||||
aead_t *aead = NULL;
|
||||
|
@ -1780,9 +1780,9 @@ static status_t parse_payloads(private_message_t *this)
|
|||
status_t status;
|
||||
|
||||
if (this->is_encrypted)
|
||||
{ /* wrap the whole encrypted IKEv1 message in a special encryption
|
||||
{ /* wrap the whole encrypted IKEv1 message in a special encrypted
|
||||
* payload which is then handled just like a regular payload */
|
||||
encryption_payload_t *encryption;
|
||||
encrypted_payload_t *encryption;
|
||||
|
||||
status = this->parser->parse_payload(this->parser, PLV1_ENCRYPTED,
|
||||
(payload_t**)&encryption);
|
||||
|
@ -1841,7 +1841,7 @@ static status_t parse_payloads(private_message_t *this)
|
|||
* Decrypt an encrypted payload and extract all contained payloads.
|
||||
*/
|
||||
static status_t decrypt_and_extract(private_message_t *this, keymat_t *keymat,
|
||||
payload_t *previous, encryption_payload_t *encryption)
|
||||
payload_t *previous, encrypted_payload_t *encryption)
|
||||
{
|
||||
payload_t *encrypted;
|
||||
payload_type_t type;
|
||||
|
@ -1941,7 +1941,7 @@ static bool accept_unencrypted_mm(private_message_t *this, payload_type_t type)
|
|||
}
|
||||
|
||||
/**
|
||||
* Decrypt payload from the encryption payload
|
||||
* Decrypt payload from the encrypted payload
|
||||
*/
|
||||
static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
|
||||
{
|
||||
|
@ -1961,7 +1961,7 @@ static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
|
|||
|
||||
if (type == PLV2_ENCRYPTED || type == PLV1_ENCRYPTED)
|
||||
{
|
||||
encryption_payload_t *encryption;
|
||||
encrypted_payload_t *encryption;
|
||||
|
||||
if (was_encrypted)
|
||||
{
|
||||
|
@ -1972,7 +1972,7 @@ static status_t decrypt_payloads(private_message_t *this, keymat_t *keymat)
|
|||
}
|
||||
|
||||
DBG2(DBG_ENC, "found an encrypted payload");
|
||||
encryption = (encryption_payload_t*)payload;
|
||||
encryption = (encrypted_payload_t*)payload;
|
||||
this->payloads->remove_at(this->payloads, enumerator);
|
||||
|
||||
if (enumerator->enumerate(enumerator, NULL))
|
||||
|
|
|
@ -39,7 +39,7 @@ typedef struct message_t message_t;
|
|||
*
|
||||
* The message handles parsing and generation of payloads
|
||||
* via parser_t/generator_t. Encryption is done transparently
|
||||
* via the encryption_payload_t. A set of rules for messages
|
||||
* via the encrypted_payload_t. A set of rules for messages
|
||||
* and payloads does check parsed messages.
|
||||
*/
|
||||
struct message_t {
|
||||
|
|
|
@ -32,7 +32,7 @@
|
|||
#include <encoding/payloads/nonce_payload.h>
|
||||
#include <encoding/payloads/id_payload.h>
|
||||
#include <encoding/payloads/notify_payload.h>
|
||||
#include <encoding/payloads/encryption_payload.h>
|
||||
#include <encoding/payloads/encrypted_payload.h>
|
||||
#include <encoding/payloads/auth_payload.h>
|
||||
#include <encoding/payloads/cert_payload.h>
|
||||
#include <encoding/payloads/certreq_payload.h>
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
#include <stddef.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "encryption_payload.h"
|
||||
#include "encrypted_payload.h"
|
||||
|
||||
#include <daemon.h>
|
||||
#include <encoding/payloads/encodings.h>
|
||||
|
@ -27,22 +27,18 @@
|
|||
#include <encoding/generator.h>
|
||||
#include <encoding/parser.h>
|
||||
|
||||
typedef struct private_encryption_payload_t private_encryption_payload_t;
|
||||
typedef struct private_encrypted_payload_t private_encrypted_payload_t;
|
||||
|
||||
/**
|
||||
* Private data of an encryption_payload_t' Object.
|
||||
*
|
||||
*/
|
||||
struct private_encryption_payload_t {
|
||||
struct private_encrypted_payload_t {
|
||||
|
||||
/**
|
||||
* Public encryption_payload_t interface.
|
||||
* Public encrypted_payload_t interface.
|
||||
*/
|
||||
encryption_payload_t public;
|
||||
encrypted_payload_t public;
|
||||
|
||||
/**
|
||||
* There is no next payload for an encryption payload,
|
||||
* since encryption payload MUST be the last one.
|
||||
* There is no next payload for an encrypted payload,
|
||||
* since encrypted payload MUST be the last one.
|
||||
* next_payload means here the first payload of the
|
||||
* contained, encrypted payload.
|
||||
*/
|
||||
|
@ -80,20 +76,20 @@ struct private_encryption_payload_t {
|
|||
};
|
||||
|
||||
/**
|
||||
* Encoding rules to parse or generate a IKEv2-Encryption Payload.
|
||||
* Encoding rules to parse or generate a IKEv2-Encrypted Payload.
|
||||
*
|
||||
* The defined offsets are the positions in a object of type
|
||||
* private_encryption_payload_t.
|
||||
* private_encrypted_payload_t.
|
||||
*/
|
||||
static encoding_rule_t encodings_v2[] = {
|
||||
/* 1 Byte next payload type, stored in the field next_payload */
|
||||
{ U_INT_8, offsetof(private_encryption_payload_t, next_payload) },
|
||||
{ U_INT_8, offsetof(private_encrypted_payload_t, next_payload) },
|
||||
/* Critical and 7 reserved bits, all stored for reconstruction */
|
||||
{ U_INT_8, offsetof(private_encryption_payload_t, flags) },
|
||||
/* Length of the whole encryption payload*/
|
||||
{ PAYLOAD_LENGTH, offsetof(private_encryption_payload_t, payload_length) },
|
||||
{ U_INT_8, offsetof(private_encrypted_payload_t, flags) },
|
||||
/* Length of the whole encrypted payload*/
|
||||
{ PAYLOAD_LENGTH, offsetof(private_encrypted_payload_t, payload_length) },
|
||||
/* encrypted data, stored in a chunk. contains iv, data, padding */
|
||||
{ CHUNK_DATA, offsetof(private_encryption_payload_t, encrypted) },
|
||||
{ CHUNK_DATA, offsetof(private_encrypted_payload_t, encrypted) },
|
||||
};
|
||||
|
||||
/*
|
||||
|
@ -119,11 +115,11 @@ static encoding_rule_t encodings_v2[] = {
|
|||
* Encoding rules to parse or generate a complete encrypted IKEv1 message.
|
||||
*
|
||||
* The defined offsets are the positions in a object of type
|
||||
* private_encryption_payload_t.
|
||||
* private_encrypted_payload_t.
|
||||
*/
|
||||
static encoding_rule_t encodings_v1[] = {
|
||||
/* encrypted data, stored in a chunk */
|
||||
{ ENCRYPTED_DATA, offsetof(private_encryption_payload_t, encrypted) },
|
||||
{ ENCRYPTED_DATA, offsetof(private_encrypted_payload_t, encrypted) },
|
||||
};
|
||||
|
||||
/*
|
||||
|
@ -137,13 +133,13 @@ static encoding_rule_t encodings_v1[] = {
|
|||
*/
|
||||
|
||||
METHOD(payload_t, verify, status_t,
|
||||
private_encryption_payload_t *this)
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
METHOD(payload_t, get_encoding_rules, int,
|
||||
private_encryption_payload_t *this, encoding_rule_t **rules)
|
||||
private_encrypted_payload_t *this, encoding_rule_t **rules)
|
||||
{
|
||||
if (this->type == PLV2_ENCRYPTED)
|
||||
{
|
||||
|
@ -155,7 +151,7 @@ METHOD(payload_t, get_encoding_rules, int,
|
|||
}
|
||||
|
||||
METHOD(payload_t, get_header_length, int,
|
||||
private_encryption_payload_t *this)
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
if (this->type == PLV2_ENCRYPTED)
|
||||
{
|
||||
|
@ -165,19 +161,19 @@ METHOD(payload_t, get_header_length, int,
|
|||
}
|
||||
|
||||
METHOD(payload_t, get_type, payload_type_t,
|
||||
private_encryption_payload_t *this)
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
return this->type;
|
||||
}
|
||||
|
||||
METHOD(payload_t, get_next_type, payload_type_t,
|
||||
private_encryption_payload_t *this)
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
return this->next_payload;
|
||||
}
|
||||
|
||||
METHOD(payload_t, set_next_type, void,
|
||||
private_encryption_payload_t *this, payload_type_t type)
|
||||
private_encrypted_payload_t *this, payload_type_t type)
|
||||
{
|
||||
/* the next payload is set during add, still allow this for IKEv1 */
|
||||
this->next_payload = type;
|
||||
|
@ -186,7 +182,7 @@ METHOD(payload_t, set_next_type, void,
|
|||
/**
|
||||
* Compute the length of the whole payload
|
||||
*/
|
||||
static void compute_length(private_encryption_payload_t *this)
|
||||
static void compute_length(private_encrypted_payload_t *this)
|
||||
{
|
||||
enumerator_t *enumerator;
|
||||
payload_t *payload;
|
||||
|
@ -220,15 +216,15 @@ static void compute_length(private_encryption_payload_t *this)
|
|||
this->payload_length = length;
|
||||
}
|
||||
|
||||
METHOD2(payload_t, encryption_payload_t, get_length, size_t,
|
||||
private_encryption_payload_t *this)
|
||||
METHOD2(payload_t, encrypted_payload_t, get_length, size_t,
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
compute_length(this);
|
||||
return this->payload_length;
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, add_payload, void,
|
||||
private_encryption_payload_t *this, payload_t *payload)
|
||||
METHOD(encrypted_payload_t, add_payload, void,
|
||||
private_encrypted_payload_t *this, payload_t *payload)
|
||||
{
|
||||
payload_t *last_payload;
|
||||
|
||||
|
@ -246,8 +242,8 @@ METHOD(encryption_payload_t, add_payload, void,
|
|||
compute_length(this);
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, remove_payload, payload_t *,
|
||||
private_encryption_payload_t *this)
|
||||
METHOD(encrypted_payload_t, remove_payload, payload_t *,
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
payload_t *payload;
|
||||
|
||||
|
@ -262,7 +258,7 @@ METHOD(encryption_payload_t, remove_payload, payload_t *,
|
|||
/**
|
||||
* Generate payload before encryption
|
||||
*/
|
||||
static chunk_t generate(private_encryption_payload_t *this,
|
||||
static chunk_t generate(private_encrypted_payload_t *this,
|
||||
generator_t *generator)
|
||||
{
|
||||
payload_t *current, *next;
|
||||
|
@ -285,16 +281,16 @@ static chunk_t generate(private_encryption_payload_t *this,
|
|||
generator->generate_payload(generator, current);
|
||||
|
||||
chunk = generator->get_chunk(generator, &lenpos);
|
||||
DBG2(DBG_ENC, "generated content in encryption payload");
|
||||
DBG2(DBG_ENC, "generated content in encrypted payload");
|
||||
}
|
||||
enumerator->destroy(enumerator);
|
||||
return chunk;
|
||||
}
|
||||
|
||||
/**
|
||||
* Append the encryption payload header to the associated data
|
||||
* Append the encrypted payload header to the associated data
|
||||
*/
|
||||
static chunk_t append_header(private_encryption_payload_t *this, chunk_t assoc)
|
||||
static chunk_t append_header(private_encrypted_payload_t *this, chunk_t assoc)
|
||||
{
|
||||
struct {
|
||||
u_int8_t next_payload;
|
||||
|
@ -308,8 +304,8 @@ static chunk_t append_header(private_encryption_payload_t *this, chunk_t assoc)
|
|||
return chunk_cat("cc", assoc, chunk_from_thing(header));
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, encrypt, status_t,
|
||||
private_encryption_payload_t *this, u_int64_t mid, chunk_t assoc)
|
||||
METHOD(encrypted_payload_t, encrypt, status_t,
|
||||
private_encrypted_payload_t *this, u_int64_t mid, chunk_t assoc)
|
||||
{
|
||||
chunk_t iv, plain, padding, icv, crypt;
|
||||
generator_t *generator;
|
||||
|
@ -319,21 +315,21 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
|
||||
if (this->aead == NULL)
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, transform missing");
|
||||
DBG1(DBG_ENC, "encrypting encrypted payload failed, transform missing");
|
||||
return INVALID_STATE;
|
||||
}
|
||||
|
||||
rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK);
|
||||
if (!rng)
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, no RNG found");
|
||||
DBG1(DBG_ENC, "encrypting encrypted payload failed, no RNG found");
|
||||
return NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
iv_gen = this->aead->get_iv_gen(this->aead);
|
||||
if (!iv_gen)
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, no IV generator");
|
||||
DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV generator");
|
||||
return NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
|
@ -367,7 +363,7 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
if (!iv_gen->get_iv(iv_gen, mid, iv.len, iv.ptr) ||
|
||||
!rng->get_bytes(rng, padding.len - 1, padding.ptr))
|
||||
{
|
||||
DBG1(DBG_ENC, "encrypting encryption payload failed, no IV or padding");
|
||||
DBG1(DBG_ENC, "encrypting encrypted payload failed, no IV or padding");
|
||||
rng->destroy(rng);
|
||||
free(assoc.ptr);
|
||||
return FAILED;
|
||||
|
@ -375,7 +371,7 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
padding.ptr[padding.len - 1] = padding.len - 1;
|
||||
rng->destroy(rng);
|
||||
|
||||
DBG3(DBG_ENC, "encryption payload encryption:");
|
||||
DBG3(DBG_ENC, "encrypted payload encryption:");
|
||||
DBG3(DBG_ENC, "IV %B", &iv);
|
||||
DBG3(DBG_ENC, "plain %B", &plain);
|
||||
DBG3(DBG_ENC, "padding %B", &padding);
|
||||
|
@ -395,8 +391,8 @@ METHOD(encryption_payload_t, encrypt, status_t,
|
|||
return SUCCESS;
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, encrypt_v1, status_t,
|
||||
private_encryption_payload_t *this, u_int64_t mid, chunk_t iv)
|
||||
METHOD(encrypted_payload_t, encrypt_v1, status_t,
|
||||
private_encrypted_payload_t *this, u_int64_t mid, chunk_t iv)
|
||||
{
|
||||
generator_t *generator;
|
||||
chunk_t plain, padding;
|
||||
|
@ -441,7 +437,7 @@ METHOD(encryption_payload_t, encrypt_v1, status_t,
|
|||
/**
|
||||
* Parse the payloads after decryption.
|
||||
*/
|
||||
static status_t parse(private_encryption_payload_t *this, chunk_t plain)
|
||||
static status_t parse(private_encrypted_payload_t *this, chunk_t plain)
|
||||
{
|
||||
parser_t *parser;
|
||||
payload_type_t type;
|
||||
|
@ -476,19 +472,19 @@ static status_t parse(private_encryption_payload_t *this, chunk_t plain)
|
|||
this->payloads->insert_last(this->payloads, payload);
|
||||
}
|
||||
parser->destroy(parser);
|
||||
DBG2(DBG_ENC, "parsed content of encryption payload");
|
||||
DBG2(DBG_ENC, "parsed content of encrypted payload");
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, decrypt, status_t,
|
||||
private_encryption_payload_t *this, chunk_t assoc)
|
||||
METHOD(encrypted_payload_t, decrypt, status_t,
|
||||
private_encrypted_payload_t *this, chunk_t assoc)
|
||||
{
|
||||
chunk_t iv, plain, padding, icv, crypt;
|
||||
size_t bs;
|
||||
|
||||
if (this->aead == NULL)
|
||||
{
|
||||
DBG1(DBG_ENC, "decrypting encryption payload failed, transform missing");
|
||||
DBG1(DBG_ENC, "decrypting encrypted payload failed, transform missing");
|
||||
return INVALID_STATE;
|
||||
}
|
||||
|
||||
|
@ -511,13 +507,13 @@ METHOD(encryption_payload_t, decrypt, status_t,
|
|||
if (iv.len + icv.len > this->encrypted.len ||
|
||||
(crypt.len - icv.len) % bs)
|
||||
{
|
||||
DBG1(DBG_ENC, "decrypting encryption payload failed, invalid length");
|
||||
DBG1(DBG_ENC, "decrypting encrypted payload failed, invalid length");
|
||||
return FAILED;
|
||||
}
|
||||
|
||||
assoc = append_header(this, assoc);
|
||||
|
||||
DBG3(DBG_ENC, "encryption payload decryption:");
|
||||
DBG3(DBG_ENC, "encrypted payload decryption:");
|
||||
DBG3(DBG_ENC, "IV %B", &iv);
|
||||
DBG3(DBG_ENC, "encrypted %B", &crypt);
|
||||
DBG3(DBG_ENC, "ICV %B", &icv);
|
||||
|
@ -525,7 +521,7 @@ METHOD(encryption_payload_t, decrypt, status_t,
|
|||
|
||||
if (!this->aead->decrypt(this->aead, crypt, assoc, iv, NULL))
|
||||
{
|
||||
DBG1(DBG_ENC, "verifying encryption payload integrity failed");
|
||||
DBG1(DBG_ENC, "verifying encrypted payload integrity failed");
|
||||
free(assoc.ptr);
|
||||
return FAILED;
|
||||
}
|
||||
|
@ -535,7 +531,7 @@ METHOD(encryption_payload_t, decrypt, status_t,
|
|||
padding.len = plain.ptr[plain.len - 1] + 1;
|
||||
if (padding.len > plain.len)
|
||||
{
|
||||
DBG1(DBG_ENC, "decrypting encryption payload failed, "
|
||||
DBG1(DBG_ENC, "decrypting encrypted payload failed, "
|
||||
"padding invalid %B", &crypt);
|
||||
return PARSE_ERROR;
|
||||
}
|
||||
|
@ -548,8 +544,8 @@ METHOD(encryption_payload_t, decrypt, status_t,
|
|||
return parse(this, plain);
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, decrypt_v1, status_t,
|
||||
private_encryption_payload_t *this, chunk_t iv)
|
||||
METHOD(encrypted_payload_t, decrypt_v1, status_t,
|
||||
private_encrypted_payload_t *this, chunk_t iv)
|
||||
{
|
||||
if (this->aead == NULL)
|
||||
{
|
||||
|
@ -578,14 +574,14 @@ METHOD(encryption_payload_t, decrypt_v1, status_t,
|
|||
return parse(this, this->encrypted);
|
||||
}
|
||||
|
||||
METHOD(encryption_payload_t, set_transform, void,
|
||||
private_encryption_payload_t *this, aead_t* aead)
|
||||
METHOD(encrypted_payload_t, set_transform, void,
|
||||
private_encrypted_payload_t *this, aead_t* aead)
|
||||
{
|
||||
this->aead = aead;
|
||||
}
|
||||
|
||||
METHOD2(payload_t, encryption_payload_t, destroy, void,
|
||||
private_encryption_payload_t *this)
|
||||
METHOD2(payload_t, encrypted_payload_t, destroy, void,
|
||||
private_encrypted_payload_t *this)
|
||||
{
|
||||
this->payloads->destroy_offset(this->payloads, offsetof(payload_t, destroy));
|
||||
free(this->encrypted.ptr);
|
||||
|
@ -595,9 +591,9 @@ METHOD2(payload_t, encryption_payload_t, destroy, void,
|
|||
/*
|
||||
* Described in header
|
||||
*/
|
||||
encryption_payload_t *encryption_payload_create(payload_type_t type)
|
||||
encrypted_payload_t *encrypted_payload_create(payload_type_t type)
|
||||
{
|
||||
private_encryption_payload_t *this;
|
||||
private_encrypted_payload_t *this;
|
||||
|
||||
INIT(this,
|
||||
.public = {
|
|
@ -16,23 +16,23 @@
|
|||
*/
|
||||
|
||||
/**
|
||||
* @defgroup encryption_payload encryption_payload
|
||||
* @defgroup encrypted_payload encrypted_payload
|
||||
* @{ @ingroup payloads
|
||||
*/
|
||||
|
||||
#ifndef ENCRYPTION_PAYLOAD_H_
|
||||
#define ENCRYPTION_PAYLOAD_H_
|
||||
#ifndef ENCRYPTED_PAYLOAD_H_
|
||||
#define ENCRYPTED_PAYLOAD_H_
|
||||
|
||||
typedef struct encryption_payload_t encryption_payload_t;
|
||||
typedef struct encrypted_payload_t encrypted_payload_t;
|
||||
|
||||
#include <library.h>
|
||||
#include <crypto/aead.h>
|
||||
#include <encoding/payloads/payload.h>
|
||||
|
||||
/**
|
||||
* The encryption payload as described in RFC section 3.14.
|
||||
* The encrypted payload as described in RFC section 3.14.
|
||||
*/
|
||||
struct encryption_payload_t {
|
||||
struct encrypted_payload_t {
|
||||
|
||||
/**
|
||||
* Implements payload_t interface.
|
||||
|
@ -44,14 +44,14 @@ struct encryption_payload_t {
|
|||
*
|
||||
* @return (expected) payload length
|
||||
*/
|
||||
size_t (*get_length)(encryption_payload_t *this);
|
||||
size_t (*get_length)(encrypted_payload_t *this);
|
||||
|
||||
/**
|
||||
* Adds a payload to this encryption payload.
|
||||
*
|
||||
* @param payload payload_t object to add
|
||||
*/
|
||||
void (*add_payload) (encryption_payload_t *this, payload_t *payload);
|
||||
void (*add_payload) (encrypted_payload_t *this, payload_t *payload);
|
||||
|
||||
/**
|
||||
* Remove the first payload in the list
|
||||
|
@ -59,14 +59,14 @@ struct encryption_payload_t {
|
|||
* @param payload removed payload
|
||||
* @return payload, NULL if none left
|
||||
*/
|
||||
payload_t* (*remove_payload)(encryption_payload_t *this);
|
||||
payload_t* (*remove_payload)(encrypted_payload_t *this);
|
||||
|
||||
/**
|
||||
* Set the AEAD transform to use.
|
||||
*
|
||||
* @param aead aead transform to use
|
||||
*/
|
||||
void (*set_transform) (encryption_payload_t *this, aead_t *aead);
|
||||
void (*set_transform) (encrypted_payload_t *this, aead_t *aead);
|
||||
|
||||
/**
|
||||
* Generate, encrypt and sign contained payloads.
|
||||
|
@ -78,7 +78,7 @@ struct encryption_payload_t {
|
|||
* - FAILED if encryption failed
|
||||
* - INVALID_STATE if aead not supplied, but needed
|
||||
*/
|
||||
status_t (*encrypt) (encryption_payload_t *this, u_int64_t mid,
|
||||
status_t (*encrypt) (encrypted_payload_t *this, u_int64_t mid,
|
||||
chunk_t assoc);
|
||||
|
||||
/**
|
||||
|
@ -92,20 +92,20 @@ struct encryption_payload_t {
|
|||
* - FAILED if integrity check failed
|
||||
* - INVALID_STATE if aead not supplied, but needed
|
||||
*/
|
||||
status_t (*decrypt) (encryption_payload_t *this, chunk_t assoc);
|
||||
status_t (*decrypt) (encrypted_payload_t *this, chunk_t assoc);
|
||||
|
||||
/**
|
||||
* Destroys an encryption_payload_t object.
|
||||
* Destroys an encrypted_payload_t object.
|
||||
*/
|
||||
void (*destroy) (encryption_payload_t *this);
|
||||
void (*destroy) (encrypted_payload_t *this);
|
||||
};
|
||||
|
||||
/**
|
||||
* Creates an empty encryption_payload_t object.
|
||||
* Creates an empty encrypted_payload_t object.
|
||||
*
|
||||
* @param type PLV2_ENCRYPTED or PLV1_ENCRYPTED
|
||||
* @return encryption_payload_t object
|
||||
* @return encrypted_payload_t object
|
||||
*/
|
||||
encryption_payload_t *encryption_payload_create(payload_type_t type);
|
||||
encrypted_payload_t *encrypted_payload_create(payload_type_t type);
|
||||
|
||||
#endif /** ENCRYPTION_PAYLOAD_H_ @}*/
|
||||
#endif /** ENCRYPTED_PAYLOAD_H_ @}*/
|
|
@ -28,7 +28,7 @@
|
|||
#include <encoding/payloads/auth_payload.h>
|
||||
#include <encoding/payloads/cert_payload.h>
|
||||
#include <encoding/payloads/certreq_payload.h>
|
||||
#include <encoding/payloads/encryption_payload.h>
|
||||
#include <encoding/payloads/encrypted_payload.h>
|
||||
#include <encoding/payloads/ts_payload.h>
|
||||
#include <encoding/payloads/delete_payload.h>
|
||||
#include <encoding/payloads/vendor_id_payload.h>
|
||||
|
@ -244,7 +244,7 @@ payload_t *payload_create(payload_type_t type)
|
|||
return (payload_t*)eap_payload_create();
|
||||
case PLV2_ENCRYPTED:
|
||||
case PLV1_ENCRYPTED:
|
||||
return (payload_t*)encryption_payload_create(type);
|
||||
return (payload_t*)encrypted_payload_create(type);
|
||||
case PLV1_FRAGMENT:
|
||||
return (payload_t*)fragment_payload_create();
|
||||
default:
|
||||
|
|
|
@ -193,7 +193,7 @@ enum payload_type_t {
|
|||
PLV2_TS_RESPONDER = 45,
|
||||
|
||||
/**
|
||||
* Encryption payload, contains other payloads (E).
|
||||
* Encrypted payload, contains other payloads (E).
|
||||
*/
|
||||
PLV2_ENCRYPTED = 46,
|
||||
|
||||
|
|
Loading…
Reference in New Issue