4 * uAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
5 * featured implementation uAnytun has no support for multiple connections
6 * or synchronisation. It is a small single threaded implementation intended
7 * to act as a client on small platforms.
8 * The secure anycast tunneling protocol (satp) defines a protocol used
9 * for communication between any combination of unicast and anycast
10 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
11 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
12 * ethernet, ip, arp ...). satp directly includes cryptography and
13 * message authentication based on the methods used by SRTP. It is
14 * intended to deliver a generic, scaleable and secure solution for
15 * tunneling and relaying of packets of any protocol.
18 * Copyright (C) 2007-2014 Christian Pointner <equinox@anytun.org>
20 * This file is part of uAnytun.
22 * uAnytun is free software: you can redistribute it and/or modify
23 * it under the terms of the GNU General Public License as published by
24 * the Free Software Foundation, either version 3 of the License, or
27 * uAnytun is distributed in the hope that it will be useful,
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 * GNU General Public License for more details.
32 * You should have received a copy of the GNU General Public License
33 * along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
35 * In addition, as a special exception, the copyright holders give
36 * permission to link the code of portions of this program with the
37 * OpenSSL library under certain conditions as described in each
38 * individual source file, and distribute linked combinations
40 * You must obey the GNU General Public License in all respects
41 * for all of the code used other than OpenSSL. If you modify
42 * file(s) with this exception, you may extend this exception to your
43 * version of the file(s), but you are not obligated to do so. If you
44 * do not wish to do so, delete this exception statement from your
45 * version. If you delete this exception statement from all source
46 * files in the program, then also delete it here.
49 #ifndef UANYTUN_auth_algo_h_INCLUDED
50 #define UANYTUN_auth_algo_h_INCLUDED
52 #if defined(USE_SSL_CRYPTO)
53 #include <openssl/hmac.h>
54 #elif defined(USE_NETTLE)
55 #include <nettle/hmac.h>
56 #else // USE_GCRYPT is the default
59 #include "key_derivation.h"
60 #include "encrypted_packet.h"
62 enum auth_algo_type_enum { aa_unknown, aa_null, aa_sha1 };
63 typedef enum auth_algo_type_enum auth_algo_type_t;
65 struct auth_algo_struct {
66 auth_algo_type_t type_;
70 typedef struct auth_algo_struct auth_algo_t;
72 auth_algo_type_t auth_algo_get_type(const char* type);
73 u_int32_t auth_algo_get_max_length(const char* type);
74 int auth_algo_init(auth_algo_t* aa, const char* type);
75 void auth_algo_close(auth_algo_t* aa);
77 void auth_algo_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivation_dir_t dir, encrypted_packet_t* packet);
78 int auth_algo_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivation_dir_t dir, encrypted_packet_t* packet);
81 #define SHA1_LENGTH 20
83 struct auth_algo_sha1_param_struct {
84 #if defined(USE_SSL_CRYPTO)
86 #elif defined(USE_NETTLE)
87 struct hmac_sha1_ctx ctx_;
88 #else // USE_GCRYPT is the default
92 typedef struct auth_algo_sha1_param_struct auth_algo_sha1_param_t;
94 int auth_algo_sha1_init(auth_algo_t* aa);
95 void auth_algo_sha1_close(auth_algo_t* aa);
96 void auth_algo_sha1_generate(auth_algo_t* aa, key_derivation_t* kd, key_derivation_dir_t dir, encrypted_packet_t* packet);
97 int auth_algo_sha1_check_tag(auth_algo_t* aa, key_derivation_t* kd, key_derivation_dir_t dir, encrypted_packet_t* packet);