source
code documentation
esp.h File Reference
Detailed Description
Header for the Encapsulating Security Payload module.
- Author:
- Niklaus Schild <n.schild@gmx.ch>
This document is part of embedded IPsec
Copyright (c) 2003 Niklaus Schild and Christian Scheurer, HTI Biel/Bienne
All rights reserved.
This file contains code from the OpenSSL Project
portions Copyright (c) 1998-2003 OpenSSL (www.openssl.org)
Definition in file esp.h.
#include "ipsec/sa.h"
Go to the source code of this file.
Define Documentation
#define IPSEC_ESP_HDR_SIZE (IPSEC_ESP_SPI_SIZE+IPSEC_ESP_SEQ_SIZE)
|
|
|
Defines the size (in bytes) of the ESP header. Actually it defines just the size of the header which is located in
Definition at line 51 of file esp.h. |
#define IPSEC_ESP_IV_SIZE (8)
|
|
|
Defines the size (in bytes) of the Initialization Vector used by DES and 3DES
Definition at line 48 of file esp.h. |
#define IPSEC_ESP_SEQ_SIZE (4)
|
|
|
Defines the size (in bytes) of the Sequence Number of an ESP packet
Definition at line 50 of file esp.h. |
#define IPSEC_ESP_SPI_SIZE (4)
|
|
|
Defines the size (in bytes) of the SPI of an ESP packet
Definition at line 49 of file esp.h. |
Typedef Documentation
Function Documentation
|
Decapsulates an IP packet containing an ESP header.
- Parameters:
-
packet | pointer to the ESP header |
offset | pointer to the offset which is passed back |
len | pointer to the length of the decapsulated packet |
sa | pointer to the SA |
- Returns:
- IPSEC_STATUS_SUCCESS if the packet could be decapsulated properly
IPSEC_STATUS_FAILURE if the SA's authentication algorithm was invalid or if ICV comparison failed
IPSEC_STATUS_BAD_PACKET if the decryption gave back a strange packet
Definition at line 111 of file esp.c. |
|
Encapsulates an IP packet into an ESP packet which will again be added to an IP packet.
- Parameters:
-
packet | pointer to the IP packet |
offset | pointer to the offset which will point to the new encapsulated packet |
len | pointer to the length of the new encapsulated packet |
sa | pointer to the SA |
src_addr | source IP address of the outer IP header |
dest_addr | destination IP address of the outer IP header |
- Returns:
- IPSEC_STATUS_SUCCESS if the packet was properly encapsulated
IPSEC_STATUS_TTL_EXPIRED if the TTL expired
IPSEC_STATUS_FAILURE if the SA contained a bad authentication algorithm
- Todo:
- fix TTL update and checksum calculation
id must be generated properly and incremented
1st packet needs to be sent out with squ = 1
Definition at line 230 of file esp.c. |
Variable Documentation
|
save session state to detect replays - must be 32 bits. Note: must be initialized with zero (0x00000000) when a new SA is established!
Definition at line 69 of file esp.h. |
|
save session state to detect replays Note: must be initialized with zero (0x00000000) when a new SA is established!
Definition at line 70 of file esp.h. |
|