00001 /* 00002 * IKEv2 responder (RFC 4306) for EAP-IKEV2 00003 * Copyright (c) 2007, Jouni Malinen <j@w1.fi> 00004 * 00005 * This program is free software; you can redistribute it and/or modify 00006 * it under the terms of the GNU General Public License version 2 as 00007 * published by the Free Software Foundation. 00008 * 00009 * Alternatively, this software may be distributed under the terms of BSD 00010 * license. 00011 * 00012 * See README and COPYING for more details. 00013 */ 00014 00015 #ifndef IKEV2_H 00016 #define IKEV2_H 00017 00018 #include "eap_common/ikev2_common.h" 00019 00020 struct ikev2_proposal_data { 00021 u8 proposal_num; 00022 int integ; 00023 int prf; 00024 int encr; 00025 int dh; 00026 }; 00027 00028 00029 struct ikev2_responder_data { 00030 enum { SA_INIT, SA_AUTH, CHILD_SA, NOTIFY, IKEV2_DONE, IKEV2_FAILED } 00031 state; 00032 u8 i_spi[IKEV2_SPI_LEN]; 00033 u8 r_spi[IKEV2_SPI_LEN]; 00034 u8 i_nonce[IKEV2_NONCE_MAX_LEN]; 00035 size_t i_nonce_len; 00036 u8 r_nonce[IKEV2_NONCE_MAX_LEN]; 00037 size_t r_nonce_len; 00038 struct wpabuf *i_dh_public; 00039 struct wpabuf *r_dh_private; 00040 struct ikev2_proposal_data proposal; 00041 const struct dh_group *dh; 00042 struct ikev2_keys keys; 00043 u8 *IDi; 00044 size_t IDi_len; 00045 u8 IDi_type; 00046 u8 *IDr; 00047 size_t IDr_len; 00048 struct wpabuf *r_sign_msg; 00049 struct wpabuf *i_sign_msg; 00050 u8 *shared_secret; 00051 size_t shared_secret_len; 00052 enum { PEER_AUTH_CERT, PEER_AUTH_SECRET } peer_auth; 00053 u8 *key_pad; 00054 size_t key_pad_len; 00055 u16 error_type; 00056 enum { LAST_MSG_SA_INIT, LAST_MSG_SA_AUTH } last_msg; 00057 }; 00058 00059 00060 void ikev2_responder_deinit(struct ikev2_responder_data *data); 00061 int ikev2_responder_process(struct ikev2_responder_data *data, 00062 const struct wpabuf *buf); 00063 struct wpabuf * ikev2_responder_build(struct ikev2_responder_data *data); 00064 00065 #endif /* IKEV2_H */