1 /* $NetBSD: algorithm.h,v 1.8 2025/03/08 16:39:08 christos Exp $ */ 2 3 /* Id: algorithm.h,v 1.10 2005/04/09 16:25:23 manubsd Exp */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef _ALGORITHM_H 35 #define _ALGORITHM_H 36 37 #include <gnuc.h> 38 39 /* algorithm class */ 40 enum { 41 algclass_ipsec_enc, 42 algclass_ipsec_auth, 43 algclass_ipsec_comp, 44 algclass_isakmp_enc, 45 algclass_isakmp_hash, 46 algclass_isakmp_dh, 47 algclass_isakmp_ameth, /* authentication method. */ 48 #define MAXALGCLASS 7 49 }; 50 51 #define ALG_DEFAULT_KEYLEN 64 52 53 #define ALGTYPE_NOTHING 0 54 55 /* algorithm type */ 56 enum algtype { 57 algtype_nothing = 0, 58 59 /* enc */ 60 algtype_des_iv64, 61 algtype_des, 62 algtype_3des, 63 algtype_rc5, 64 algtype_idea, 65 algtype_cast128, 66 algtype_blowfish, 67 algtype_3idea, 68 algtype_des_iv32, 69 algtype_rc4, 70 algtype_null_enc, 71 algtype_aes, 72 algtype_aesgcm16, 73 algtype_twofish, 74 algtype_camellia, 75 76 /* ipsec auth */ 77 algtype_hmac_md5, 78 algtype_hmac_sha1, 79 algtype_des_mac, 80 algtype_kpdk, 81 algtype_non_auth, 82 algtype_hmac_sha2_256, 83 algtype_hmac_sha2_384, 84 algtype_hmac_sha2_512, 85 86 /* ipcomp */ 87 algtype_oui, 88 algtype_deflate, 89 algtype_lzs, 90 91 /* hash */ 92 algtype_md5, 93 algtype_sha1, 94 algtype_tiger, 95 algtype_sha2_256, 96 algtype_sha2_384, 97 algtype_sha2_512, 98 99 /* dh_group */ 100 algtype_modp768, 101 algtype_modp1024, 102 algtype_ec2n155, 103 algtype_ec2n185, 104 algtype_modp1536, 105 algtype_modp2048, 106 algtype_modp3072, 107 algtype_modp4096, 108 algtype_modp6144, 109 algtype_modp8192, 110 111 /* authentication method. */ 112 algtype_psk, 113 algtype_dsssig, 114 algtype_rsasig, 115 algtype_rsaenc, 116 algtype_rsarev, 117 algtype_gssapikrb, 118 #ifdef ENABLE_HYBRID 119 algtype_hybrid_rsa_s, 120 algtype_hybrid_dss_s, 121 algtype_hybrid_rsa_c, 122 algtype_hybrid_dss_c, 123 algtype_xauth_psk_s, 124 algtype_xauth_psk_c, 125 algtype_xauth_rsa_s, 126 algtype_xauth_rsa_c, 127 #endif 128 }; 129 130 struct hmac_algorithm { 131 const char *name; 132 int type; 133 int doi; 134 caddr_t (*init)(vchar_t *); 135 void (*update)(caddr_t, vchar_t *); 136 vchar_t *(*final)(caddr_t); 137 int (*hashlen)(void); 138 vchar_t *(*one)(vchar_t *, vchar_t *); 139 }; 140 141 struct hash_algorithm { 142 const char *name; 143 int type; 144 int doi; 145 caddr_t (*init)(void); 146 void (*update)(caddr_t, vchar_t *); 147 vchar_t *(*final)(caddr_t); 148 int (*hashlen)(void); 149 vchar_t *(*one)(vchar_t *); 150 }; 151 152 struct enc_algorithm { 153 const char *name; 154 int type; 155 int doi; 156 int blocklen; 157 vchar_t *(*encrypt)(vchar_t *, vchar_t *, vchar_t *); 158 vchar_t *(*decrypt)(vchar_t *, vchar_t *, vchar_t *); 159 int (*weakkey)(vchar_t *); 160 int (*keylen)(int); 161 }; 162 163 /* dh group */ 164 struct dh_algorithm { 165 const char *name; 166 int type; 167 int doi; 168 struct dhgroup *dhgroup; 169 }; 170 171 /* ipcomp, auth meth, dh group */ 172 struct misc_algorithm { 173 const char *name; 174 int type; 175 int doi; 176 }; 177 178 extern int alg_oakley_hashdef_ok(int); 179 extern int alg_oakley_hashdef_doi(int); 180 extern int alg_oakley_hashdef_hashlen(int); 181 extern vchar_t *alg_oakley_hashdef_one(int, vchar_t *); 182 183 extern int alg_oakley_hmacdef_doi(int); 184 extern vchar_t *alg_oakley_hmacdef_one(int, vchar_t *, vchar_t *); 185 186 extern int alg_oakley_encdef_ok(int); 187 extern int alg_oakley_encdef_doi(int); 188 extern int alg_oakley_encdef_keylen(int, int); 189 extern int alg_oakley_encdef_blocklen(int); 190 extern vchar_t *alg_oakley_encdef_decrypt(int, vchar_t *, vchar_t *, vchar_t *); 191 extern vchar_t *alg_oakley_encdef_encrypt(int, vchar_t *, vchar_t *, vchar_t *); 192 193 extern int alg_ipsec_encdef_doi(int); 194 extern int alg_ipsec_encdef_keylen(int, int); 195 196 extern int alg_ipsec_hmacdef_doi(int); 197 extern int alg_ipsec_hmacdef_hashlen(int); 198 199 extern int alg_ipsec_compdef_doi(int); 200 201 extern int alg_oakley_dhdef_doi(int); 202 extern int alg_oakley_dhdef_ok(int); 203 extern struct dhgroup *alg_oakley_dhdef_group(int); 204 205 extern int alg_oakley_authdef_doi(int); 206 207 extern int default_keylen(int, int); 208 extern int check_keylen(int, int, int); 209 extern int algtype2doi(int, int); 210 extern int algclass2doi(int); 211 212 extern const char *alg_oakley_encdef_name(int); 213 extern const char *alg_oakley_hashdef_name(int); 214 extern const char *alg_oakley_dhdef_name(int); 215 extern const char *alg_oakley_authdef_name(int); 216 217 #endif /* _ALGORITHM_H */ 218