FD.io VPP  v20.05-21-gb1500e9ff
Vector Packet Processing
ikev2_priv.h File Reference
+ Include dependency graph for ikev2_priv.h:
+ This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  ikev2_auth_t
 
struct  ikev2_sa_transform_t
 
struct  ikev2_sa_proposal_t
 
struct  ikev2_ts_t
 
struct  ikev2_responder_t
 
struct  ikev2_transforms_set
 
struct  ikev2_id_t
 
struct  ikev2_child_sa_t
 
struct  ikev2_delete_t
 
struct  ikev2_rekey_t
 
struct  ikev2_notify_t
 
struct  ikev2_profile_t
 
struct  ikev2_sa_t
 
struct  ikev2_main_per_thread_data_t
 
struct  ikev2_main_t
 
struct  ikev2_payload_chain_t
 

Macros

#define foreach_ikev2_log_level
 
#define ikev2_elog_sa_state(_format, _ispi)
 
#define ikev2_elog_exchange(_format, _ispi, _rspi, _addr)
 
#define ikev2_elog_uint(_level, _format, _val)
 
#define ikev2_elog_uint_peers(_level, _format, _val, _ip1, _ip2)
 
#define ikev2_elog_peers(_level, _format, _ip1, _ip2)
 
#define ikev2_elog_error(_msg)   _ikev2_elog(IKEV2_LOG_ERROR, "[error] " _msg)
 
#define ikev2_elog_warning(_msg)   _ikev2_elog(IKEV2_LOG_WARNING, "[warning] " _msg)
 
#define ikev2_elog_debug(_msg)   _ikev2_elog(IKEV2_LOG_DEBUG, "[debug] " _msg)
 
#define ikev2_elog_detail(_msg)   _ikev2_elog(IKEV2_LOG_DETAIL, "[detail] " _msg)
 
#define ikev2_log_error(...)   vlib_log(VLIB_LOG_LEVEL_ERR, ikev2_main.log_class, __VA_ARGS__)
 
#define ikev2_log_warning(...)   vlib_log(VLIB_LOG_LEVEL_WARNING, ikev2_main.log_class, __VA_ARGS__)
 
#define ikev2_log_debug(...)   vlib_log(VLIB_LOG_LEVEL_DEBUG, ikev2_main.log_class, __VA_ARGS__)
 
#define ikev2_payload_new_chain(V)   vec_validate (V, 0)
 
#define ikev2_payload_destroy_chain(V)
 

Typedefs

typedef enum ikev2_log_level_t_ ikev2_log_level_t
 

Enumerations

enum  ikev2_log_level_t_ { IKEV2_LOG_MAX }
 
enum  ikev2_state_t {
  IKEV2_STATE_UNKNOWN, IKEV2_STATE_SA_INIT, IKEV2_STATE_DELETED, IKEV2_STATE_AUTH_FAILED,
  IKEV2_STATE_AUTHENTICATED, IKEV2_STATE_NOTIFY_AND_DELETE, IKEV2_STATE_TS_UNACCEPTABLE, IKEV2_STATE_NO_PROPOSAL_CHOSEN
}
 
enum  ikev2_dh_group_t { IKEV2_DH_GROUP_MODP = 0, IKEV2_DH_GROUP_ECP = 1 }
 

Functions

void ikev2_sa_free_proposal_vector (ikev2_sa_proposal_t **v)
 
ikev2_sa_transform_tikev2_sa_get_td_for_type (ikev2_sa_proposal_t *p, ikev2_transform_type_t type)
 
v8ikev2_calc_prf (ikev2_sa_transform_t *tr, v8 *key, v8 *data)
 
u8ikev2_calc_prfplus (ikev2_sa_transform_t *tr, u8 *key, u8 *seed, int len)
 
v8ikev2_calc_integr (ikev2_sa_transform_t *tr, v8 *key, u8 *data, int len)
 
v8ikev2_decrypt_data (ikev2_sa_t *sa, u8 *data, int len)
 
int ikev2_encrypt_data (ikev2_sa_t *sa, v8 *src, u8 *dst)
 
void ikev2_generate_dh (ikev2_sa_t *sa, ikev2_sa_transform_t *t)
 
void ikev2_complete_dh (ikev2_sa_t *sa, ikev2_sa_transform_t *t)
 
int ikev2_verify_sign (EVP_PKEY *pkey, u8 *sigbuf, u8 *data)
 
u8ikev2_calc_sign (EVP_PKEY *pkey, u8 *data)
 
EVP_PKEY * ikev2_load_cert_file (u8 *file)
 
EVP_PKEY * ikev2_load_key_file (u8 *file)
 
void ikev2_crypto_init (ikev2_main_t *km)
 
void ikev2_payload_add_notify (ikev2_payload_chain_t *c, u16 msg_type, u8 *data)
 
void ikev2_payload_add_notify_2 (ikev2_payload_chain_t *c, u16 msg_type, u8 *data, ikev2_notify_t *notify)
 
void ikev2_payload_add_sa (ikev2_payload_chain_t *c, ikev2_sa_proposal_t *proposals)
 
void ikev2_payload_add_ke (ikev2_payload_chain_t *c, u16 dh_group, u8 *dh_data)
 
void ikev2_payload_add_nonce (ikev2_payload_chain_t *c, u8 *nonce)
 
void ikev2_payload_add_id (ikev2_payload_chain_t *c, ikev2_id_t *id, u8 type)
 
void ikev2_payload_add_auth (ikev2_payload_chain_t *c, ikev2_auth_t *auth)
 
void ikev2_payload_add_ts (ikev2_payload_chain_t *c, ikev2_ts_t *ts, u8 type)
 
void ikev2_payload_add_delete (ikev2_payload_chain_t *c, ikev2_delete_t *d)
 
void ikev2_payload_chain_add_padding (ikev2_payload_chain_t *c, int bs)
 
void ikev2_parse_vendor_payload (ike_payload_header_t *ikep)
 
ikev2_sa_proposal_tikev2_parse_sa_payload (ike_payload_header_t *ikep)
 
ikev2_ts_tikev2_parse_ts_payload (ike_payload_header_t *ikep)
 
ikev2_delete_tikev2_parse_delete_payload (ike_payload_header_t *ikep)
 
ikev2_notify_tikev2_parse_notify_payload (ike_payload_header_t *ikep)
 
int ikev2_set_log_level (ikev2_log_level_t log_level)
 

Variables

ikev2_main_t ikev2_main
 

Macro Definition Documentation

◆ foreach_ikev2_log_level

#define foreach_ikev2_log_level
Value:
_(0x00, LOG_NONE) \
_(0x01, LOG_ERROR) \
_(0x02, LOG_WARNING) \
_(0x03, LOG_INFO) \
_(0x04, LOG_DEBUG) \
_(0x05, LOG_DETAIL) \

Definition at line 33 of file ikev2_priv.h.

◆ ikev2_elog_debug

#define ikev2_elog_debug (   _msg)    _ikev2_elog(IKEV2_LOG_DEBUG, "[debug] " _msg)

Definition at line 188 of file ikev2_priv.h.

◆ ikev2_elog_detail

#define ikev2_elog_detail (   _msg)    _ikev2_elog(IKEV2_LOG_DETAIL, "[detail] " _msg)

Definition at line 190 of file ikev2_priv.h.

◆ ikev2_elog_error

#define ikev2_elog_error (   _msg)    _ikev2_elog(IKEV2_LOG_ERROR, "[error] " _msg)

Definition at line 184 of file ikev2_priv.h.

◆ ikev2_elog_exchange

#define ikev2_elog_exchange (   _format,
  _ispi,
  _rspi,
  _addr 
)
Value:
do { \
ikev2_main_t *km = &ikev2_main; \
if (PREDICT_FALSE (km->log_level >= IKEV2_LOG_DEBUG)) \
{ \
ELOG_TYPE_DECLARE (e) = \
{ \
.format = "ikev2: " _format, \
.format_args = "i8i8i1i1i1i1", \
}; \
CLIB_PACKED(struct \
{ \
u64 ispi; \
u64 rspi; \
u8 oct1; \
u8 oct2; \
u8 oct3; \
u8 oct4; \
}) *ed; \
ed->ispi = _ispi; \
ed->rspi = _rspi; \
ed->oct4 = (_addr) >> 24; \
ed->oct3 = (_addr) >> 16; \
ed->oct2 = (_addr) >> 8; \
ed->oct1 = (_addr); \
} \
} while (0) \
vlib_main_t vlib_global_main
Definition: main.c:1999
ikev2_main_t ikev2_main
Definition: ikev2.c:35
#define ELOG_DATA(em, f)
Definition: elog.h:484
#define PREDICT_FALSE(x)
Definition: clib.h:118
elog_main_t elog_main
Definition: main.h:193

Definition at line 84 of file ikev2_priv.h.

◆ ikev2_elog_peers

#define ikev2_elog_peers (   _level,
  _format,
  _ip1,
  _ip2 
)
Value:
do { \
ikev2_main_t *km = &ikev2_main; \
if (PREDICT_FALSE (km->log_level >= _level)) \
{ \
ELOG_TYPE_DECLARE (e) = \
{ \
.format = "ikev2: " _format, \
.format_args = "i1i1i1i1i1i1i1i1", \
}; \
CLIB_PACKED(struct { \
u8 i11; u8 i12; u8 i13; u8 i14; \
u8 i21; u8 i22; u8 i23; u8 i24; }) *ed; \
ed->i14 = (_ip1) >> 24; \
ed->i13 = (_ip1) >> 16; \
ed->i12 = (_ip1) >> 8; \
ed->i11 = (_ip1); \
ed->i24 = (_ip2) >> 24; \
ed->i23 = (_ip2) >> 16; \
ed->i22 = (_ip2) >> 8; \
ed->i21 = (_ip2); \
} \
} while (0)
vlib_main_t vlib_global_main
Definition: main.c:1999
ikev2_main_t ikev2_main
Definition: ikev2.c:35
unsigned char u8
Definition: types.h:56
#define ELOG_DATA(em, f)
Definition: elog.h:484
#define PREDICT_FALSE(x)
Definition: clib.h:118
elog_main_t elog_main
Definition: main.h:193

Definition at line 159 of file ikev2_priv.h.

◆ ikev2_elog_sa_state

#define ikev2_elog_sa_state (   _format,
  _ispi 
)
Value:
do { \
ikev2_main_t *km = &ikev2_main; \
if (PREDICT_FALSE (km->log_level >= IKEV2_LOG_DEBUG)) \
{ \
ELOG_TYPE_DECLARE (e) = \
{ \
.format = "ikev2: " _format, \
.format_args = "i8", \
}; \
CLIB_PACKED(struct \
{ \
u64 ispi; \
}) *ed; \
ed->ispi = _ispi; \
} \
} while (0) \
vlib_main_t vlib_global_main
Definition: main.c:1999
ikev2_main_t ikev2_main
Definition: ikev2.c:35
#define ELOG_DATA(em, f)
Definition: elog.h:484
#define PREDICT_FALSE(x)
Definition: clib.h:118
elog_main_t elog_main
Definition: main.h:193

Definition at line 65 of file ikev2_priv.h.

◆ ikev2_elog_uint

#define ikev2_elog_uint (   _level,
  _format,
  _val 
)
Value:
do { \
ikev2_main_t *km = &ikev2_main; \
if (PREDICT_FALSE (km->log_level >= _level)) \
{ \
ELOG_TYPE_DECLARE (e) = \
{ \
.format = "ikev2: " _format, \
.format_args = "i8", \
}; \
CLIB_PACKED(struct \
{ \
u64 val; \
}) *ed; \
ed->val = _val; \
} \
} while (0)
vlib_main_t vlib_global_main
Definition: main.c:1999
ikev2_main_t ikev2_main
Definition: ikev2.c:35
#define ELOG_DATA(em, f)
Definition: elog.h:484
#define PREDICT_FALSE(x)
Definition: clib.h:118
elog_main_t elog_main
Definition: main.h:193

Definition at line 113 of file ikev2_priv.h.

◆ ikev2_elog_uint_peers

#define ikev2_elog_uint_peers (   _level,
  _format,
  _val,
  _ip1,
  _ip2 
)
Value:
do { \
ikev2_main_t *km = &ikev2_main; \
if (PREDICT_FALSE (km->log_level >= _level)) \
{ \
ELOG_TYPE_DECLARE (e) = \
{ \
.format = "ikev2: " _format, \
.format_args = "i8i1i1i1i1i1i1i1i1", \
}; \
CLIB_PACKED(struct { \
u64 val; \
u8 i11; u8 i12; u8 i13; u8 i14; \
u8 i21; u8 i22; u8 i23; u8 i24; }) *ed; \
ed->val = _val; \
ed->i14 = (_ip1) >> 24; \
ed->i13 = (_ip1) >> 16; \
ed->i12 = (_ip1) >> 8; \
ed->i11 = (_ip1); \
ed->i24 = (_ip2) >> 24; \
ed->i23 = (_ip2) >> 16; \
ed->i22 = (_ip2) >> 8; \
ed->i21 = (_ip2); \
} \
} while (0)
vlib_main_t vlib_global_main
Definition: main.c:1999
ikev2_main_t ikev2_main
Definition: ikev2.c:35
unsigned char u8
Definition: types.h:56
#define ELOG_DATA(em, f)
Definition: elog.h:484
#define PREDICT_FALSE(x)
Definition: clib.h:118
elog_main_t elog_main
Definition: main.h:193

Definition at line 132 of file ikev2_priv.h.

◆ ikev2_elog_warning

#define ikev2_elog_warning (   _msg)    _ikev2_elog(IKEV2_LOG_WARNING, "[warning] " _msg)

Definition at line 186 of file ikev2_priv.h.

◆ ikev2_log_debug

#define ikev2_log_debug (   ...)    vlib_log(VLIB_LOG_LEVEL_DEBUG, ikev2_main.log_class, __VA_ARGS__)

Definition at line 198 of file ikev2_priv.h.

◆ ikev2_log_error

#define ikev2_log_error (   ...)    vlib_log(VLIB_LOG_LEVEL_ERR, ikev2_main.log_class, __VA_ARGS__)

Definition at line 194 of file ikev2_priv.h.

◆ ikev2_log_warning

#define ikev2_log_warning (   ...)    vlib_log(VLIB_LOG_LEVEL_WARNING, ikev2_main.log_class, __VA_ARGS__)

Definition at line 196 of file ikev2_priv.h.

◆ ikev2_payload_destroy_chain

#define ikev2_payload_destroy_chain (   V)
Value:
do { \
vec_free((V)->data); \
vec_free(V); \
} while (0)
u8 data[128]
Definition: ipsec_types.api:89

Definition at line 532 of file ikev2_priv.h.

◆ ikev2_payload_new_chain

#define ikev2_payload_new_chain (   V)    vec_validate (V, 0)

Definition at line 531 of file ikev2_priv.h.

Typedef Documentation

◆ ikev2_log_level_t

Enumeration Type Documentation

◆ ikev2_dh_group_t

Enumerator
IKEV2_DH_GROUP_MODP 
IKEV2_DH_GROUP_ECP 

Definition at line 221 of file ikev2_priv.h.

◆ ikev2_log_level_t_

Enumerator
IKEV2_LOG_MAX 

Definition at line 42 of file ikev2_priv.h.

◆ ikev2_state_t

Enumerator
IKEV2_STATE_UNKNOWN 
IKEV2_STATE_SA_INIT 
IKEV2_STATE_DELETED 
IKEV2_STATE_AUTH_FAILED 
IKEV2_STATE_AUTHENTICATED 
IKEV2_STATE_NOTIFY_AND_DELETE 
IKEV2_STATE_TS_UNACCEPTABLE 
IKEV2_STATE_NO_PROPOSAL_CHOSEN 

Definition at line 201 of file ikev2_priv.h.

Function Documentation

◆ ikev2_calc_integr()

v8* ikev2_calc_integr ( ikev2_sa_transform_t tr,
v8 key,
u8 data,
int  len 
)

Definition at line 329 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_calc_prf()

v8* ikev2_calc_prf ( ikev2_sa_transform_t tr,
v8 key,
v8 data 
)

Definition at line 257 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_calc_prfplus()

u8* ikev2_calc_prfplus ( ikev2_sa_transform_t tr,
u8 key,
u8 seed,
int  len 
)

Definition at line 287 of file ikev2_crypto.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_calc_sign()

u8* ikev2_calc_sign ( EVP_PKEY *  pkey,
u8 data 
)

Definition at line 763 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_complete_dh()

void ikev2_complete_dh ( ikev2_sa_t sa,
ikev2_sa_transform_t t 
)

Definition at line 627 of file ikev2_crypto.c.

+ Here is the call graph for this function:

◆ ikev2_crypto_init()

void ikev2_crypto_init ( ikev2_main_t km)

Definition at line 849 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_decrypt_data()

v8* ikev2_decrypt_data ( ikev2_sa_t sa,
u8 data,
int  len 
)

Definition at line 373 of file ikev2_crypto.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_encrypt_data()

int ikev2_encrypt_data ( ikev2_sa_t sa,
v8 src,
u8 dst 
)

Definition at line 425 of file ikev2_crypto.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_generate_dh()

void ikev2_generate_dh ( ikev2_sa_t sa,
ikev2_sa_transform_t t 
)

Definition at line 479 of file ikev2_crypto.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_load_cert_file()

EVP_PKEY* ikev2_load_cert_file ( u8 file)

Definition at line 797 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_load_key_file()

EVP_PKEY* ikev2_load_key_file ( u8 file)

Definition at line 827 of file ikev2_crypto.c.

+ Here is the caller graph for this function:

◆ ikev2_parse_delete_payload()

ikev2_delete_t* ikev2_parse_delete_payload ( ike_payload_header_t *  ikep)

Definition at line 470 of file ikev2_payload.c.

+ Here is the caller graph for this function:

◆ ikev2_parse_notify_payload()

ikev2_notify_t* ikev2_parse_notify_payload ( ike_payload_header_t *  ikep)

Definition at line 428 of file ikev2_payload.c.

+ Here is the caller graph for this function:

◆ ikev2_parse_sa_payload()

ikev2_sa_proposal_t* ikev2_parse_sa_payload ( ike_payload_header_t *  ikep)

Definition at line 330 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_parse_ts_payload()

ikev2_ts_t* ikev2_parse_ts_payload ( ike_payload_header_t *  ikep)

Definition at line 401 of file ikev2_payload.c.

+ Here is the caller graph for this function:

◆ ikev2_parse_vendor_payload()

void ikev2_parse_vendor_payload ( ike_payload_header_t *  ikep)

Definition at line 463 of file ikev2_payload.c.

+ Here is the caller graph for this function:

◆ ikev2_payload_add_auth()

void ikev2_payload_add_auth ( ikev2_payload_chain_t c,
ikev2_auth_t auth 
)

Definition at line 277 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_delete()

void ikev2_payload_add_delete ( ikev2_payload_chain_t c,
ikev2_delete_t d 
)

Definition at line 246 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_id()

void ikev2_payload_add_id ( ikev2_payload_chain_t c,
ikev2_id_t id,
u8  type 
)

Definition at line 234 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_ke()

void ikev2_payload_add_ke ( ikev2_payload_chain_t c,
u16  dh_group,
u8 dh_data 
)

Definition at line 215 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_nonce()

void ikev2_payload_add_nonce ( ikev2_payload_chain_t c,
u8 nonce 
)

Definition at line 226 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_notify()

void ikev2_payload_add_notify ( ikev2_payload_chain_t c,
u16  msg_type,
u8 data 
)

Definition at line 133 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_notify_2()

void ikev2_payload_add_notify_2 ( ikev2_payload_chain_t c,
u16  msg_type,
u8 data,
ikev2_notify_t notify 
)

Definition at line 139 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_sa()

void ikev2_payload_add_sa ( ikev2_payload_chain_t c,
ikev2_sa_proposal_t proposals 
)

Definition at line 161 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_add_ts()

void ikev2_payload_add_ts ( ikev2_payload_chain_t c,
ikev2_ts_t ts,
u8  type 
)

Definition at line 290 of file ikev2_payload.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_payload_chain_add_padding()

void ikev2_payload_chain_add_padding ( ikev2_payload_chain_t c,
int  bs 
)

Definition at line 321 of file ikev2_payload.c.

+ Here is the caller graph for this function:

◆ ikev2_sa_free_proposal_vector()

void ikev2_sa_free_proposal_vector ( ikev2_sa_proposal_t **  v)

Definition at line 230 of file ikev2.c.

+ Here is the caller graph for this function:

◆ ikev2_sa_get_td_for_type()

ikev2_sa_transform_t* ikev2_sa_get_td_for_type ( ikev2_sa_proposal_t p,
ikev2_transform_type_t  type 
)

Definition at line 197 of file ikev2.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ ikev2_set_log_level()

int ikev2_set_log_level ( ikev2_log_level_t  log_level)

Definition at line 3846 of file ikev2.c.

+ Here is the caller graph for this function:

◆ ikev2_verify_sign()

int ikev2_verify_sign ( EVP_PKEY *  pkey,
u8 sigbuf,
u8 data 
)

Definition at line 734 of file ikev2_crypto.c.

Variable Documentation

◆ ikev2_main

ikev2_main_t ikev2_main

Definition at line 35 of file ikev2.c.