1/* 2 * Copyright (c) 2012 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29#ifndef _NET_IF_UTUN_CRYPTO_DTLS_H_ 30#define _NET_IF_UTUN_CRYPTO_DTLS_H_ 31 32#define UTUN_CRYPTO_DTLS_HANDLE_INVALID -1 33 34#ifdef KERNEL_PRIVATE 35 36#include <sys/systm.h> 37#include <sys/socket.h> 38#include <net/if.h> 39#include <net/if_types.h> 40#include <sys/mbuf.h> 41#include <netinet/in.h> 42#include <netinet6/in6_var.h> 43#include <netinet6/in6_var.h> 44#include <netinet/ip.h> 45#include <netinet/ip6.h> 46#include <netinet/ip_var.h> 47#include <net/if_utun.h> 48#include <net/if_utun_crypto.h> 49#include <sys/kernel_types.h> 50#include <net/kpi_interface.h> 51 52#define utun_cleanup_all_crypto_dtls(pcb) utun_ctl_disable_crypto_dtls(pcb) 53 54/* 55 * Summary: initializes global vars needed for any utun crypto based on dtls 56 */ 57void 58utun_ctl_init_crypto_dtls(void); 59 60errno_t 61utun_ctl_register_dtls (utun_crypto_kpi_reg_t *reg); 62 63/* 64 * Summary: disables all crypto DTLS in one shot 65 */ 66void 67utun_cleanup_all_crypto_dtls (struct utun_pcb *pcb); 68 69/* 70 * Summary: enables dtls crypto info for the specified utun. dtls ref is passed into args. 71 */ 72void 73utun_ctl_enable_crypto_dtls(struct utun_pcb *pcb, utun_crypto_args_t *args); 74 75/* 76 * Summary: disables ipsec crypto info for the specified utun. 77 */ 78void 79utun_ctl_disable_crypto_dtls(struct utun_pcb *pcb); 80 81int 82utun_ctl_config_crypto_dtls_framer(utun_crypto_ctx_t *crypto_ctx, utun_crypto_framer_args_t *args); 83 84int 85utun_ctl_unconfig_crypto_dtls_framer(utun_crypto_ctx_t *crypto_ctx, utun_crypto_framer_args_t *args); 86 87/* 88 * Summary: enables handling of data traffic 89 */ 90void 91utun_ctl_start_datatraffic_crypto_dtls(struct utun_pcb *pcb); 92 93/* 94 * Summary: disables handling of data traffic 95 */ 96void 97utun_ctl_stop_datatraffic_crypto_dtls(struct utun_pcb *pcb); 98 99int 100utun_pkt_dtls_output(struct utun_pcb *pcb, mbuf_t *pkt); 101 102int 103utun_pkt_dtls_input(struct utun_pcb *pcb, mbuf_t *pkt, protocol_family_t family); 104 105static inline protocol_family_t 106utun_crypto_framer_inner_type_to_protocol_family (utun_crypto_framer_inner_type_t type) 107{ 108 if (type == UTUN_CRYPTO_INNER_TYPE_IPv4) { 109 return PF_INET; 110 } else { 111 return PF_INET6; 112 } 113} 114 115static inline utun_crypto_framer_inner_type_t 116utun_crypto_framer_protocol_family_to_inner_type (protocol_family_t family) 117{ 118 if (family == PF_INET) { 119 return UTUN_CRYPTO_INNER_TYPE_IPv4; 120 } else { 121 return UTUN_CRYPTO_INNER_TYPE_IPv6; 122 } 123} 124 125#endif // KERNEL_PRIVATE 126 127#endif // _NET_IF_UTUN_CRYPTO_DTLS_H_ 128