File: sad_private.h

package info (click to toggle)
linuxptp 4.4-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,664 kB
  • sloc: ansic: 28,366; sh: 178; makefile: 104
file content (87 lines) | stat: -rw-r--r-- 2,193 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
/**
 * @file sad_private.h
 * @brief Security Association Database
 * @note Copyright (C) 2024 IBM Corporation, Clay Kaiser <Clay.Kaiser@ibm.com>
 * @note SPDX-License-Identifier: GPL-2.0+
 */
#ifndef HAVE_SAD_PRIVATE_H
#define HAVE_SAD_PRIVATE_H

#define MAX_DIGEST_LENGTH 32

#include <sys/queue.h>

#include "pdt.h"

typedef enum {
	MAC_INVALID = 0,
	HMAC_SHA256_128,
	HMAC_SHA256,
	CMAC_AES128,
	CMAC_AES256,
} integrity_alg_type;

struct integrity_alg_info {
	const char         *label;
	integrity_alg_type type; /* algorithm type - minimum HMAC-SHA256-128 */
	size_t             key_len;    /* length of key */
	size_t             digest_len; /* length of icv */
};

struct mac_data;
struct security_association_key {
	STAILQ_ENTRY(security_association_key) list;
	struct integrity_alg_info *icv;
	struct mac_data *data;    /* data for mac function */
	UInteger32 key_id;        /* symmetric key ID */
};

#if defined (HAVE_NETTLE) || defined (HAVE_GNUTLS) || \
    defined (HAVE_GNUPG) || defined (HAVE_OPENSSL)
struct mac_data *sad_init_mac(integrity_alg_type algorithm,
			      const unsigned char *key, size_t key_len);

void sad_deinit_mac(struct mac_data *parms);

int sad_hash(struct mac_data *parms,
	     const void *data, size_t data_len,
	     unsigned char *mac, size_t mac_len);

int sad_verify(struct mac_data *mac_data,
	       const void *data, size_t data_len,
	       unsigned char *mac, size_t mac_len);

#else
static inline struct mac_data *sad_init_mac(integrity_alg_type algorithm,
					    const unsigned char *key,
					    size_t key_len)
{
	pr_err("security configured but not supported");
	return NULL;
}

static inline void sad_deinit_mac(struct mac_data *mac_data)
{
	pr_err("security configured but not supported");
	return;
}

static inline int sad_hash(struct mac_data *mac_data,
			   const void *data, size_t data_len,
			   unsigned char *mac, size_t mac_len)
{
	pr_err("security configured but not supported");
	return 0;
}

static inline int sad_verify(struct mac_data *mac_data,
			     const void *data, size_t data_len,
			     unsigned char *mac, size_t mac_len)
{
	pr_err("security configured but not supported");
	return -1;
}

#endif

#endif