[mirror_edk2.git] / NetworkPkg / IpSecDxe / Ikev2 / Payload.h

/** @file\r
  The Definitions related to IKEv2 payload.\r
\r
  Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
\r
  This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php.\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
#ifndef _IKE_V2_PAYLOAD_H_\r
#define _IKE_V2_PAYLOAD_H_\r
\r
//\r
// Payload Type for IKEv2\r
//\r
#define IKEV2_PAYLOAD_TYPE_NONE     0\r
#define IKEV2_PAYLOAD_TYPE_SA       33\r
#define IKEV2_PAYLOAD_TYPE_KE       34\r
#define IKEV2_PAYLOAD_TYPE_ID_INIT  35\r
#define IKEV2_PAYLOAD_TYPE_ID_RSP   36\r
#define IKEV2_PAYLOAD_TYPE_CERT     37\r
#define IKEV2_PAYLOAD_TYPE_CERTREQ  38\r
#define IKEV2_PAYLOAD_TYPE_AUTH     39\r
#define IKEV2_PAYLOAD_TYPE_NONCE    40\r
#define IKEV2_PAYLOAD_TYPE_NOTIFY   41\r
#define IKEV2_PAYLOAD_TYPE_DELETE   42\r
#define IKEV2_PAYLOAD_TYPE_VENDOR   43\r
#define IKEV2_PAYLOAD_TYPE_TS_INIT  44\r
#define IKEV2_PAYLOAD_TYPE_TS_RSP   45\r
#define IKEV2_PAYLOAD_TYPE_ENCRYPT  46\r
#define IKEV2_PAYLOAD_TYPE_CP       47\r
#define IKEV2_PAYLOAD_TYPE_EAP      48\r
\r
//\r
// IKE header Flag for IKEv2\r
//\r
#define IKE_HEADER_FLAGS_INIT       0x08\r
#define IKE_HEADER_FLAGS_RESPOND    0x20\r
#define IKE_HEADER_FLAGS_CHILD_INIT 0\r
\r
//\r
// IKE Header Exchange Type for IKEv2\r
//\r
#define IKEV2_EXCHANGE_TYPE_INIT         34\r
#define IKEV2_EXCHANGE_TYPE_AUTH         35\r
#define IKEV2_EXCHANGE_TYPE_CREATE_CHILD 36\r
#define IKEV2_EXCHANGE_TYPE_INFO         37\r
\r
#pragma pack(1)\r
typedef struct {\r
  UINT8   NextPayload;\r
  UINT8   Reserved;\r
  UINT16  PayloadLength;\r
} IKEV2_COMMON_PAYLOAD_HEADER;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  // \r
  // Proposals\r
  //\r
} IKEV2_SA;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProposalIndex;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT8                       NumTransforms;\r
} IKEV2_PROPOSAL;\r
#pragma pack()\r
\r
//\r
// IKEv2 Transform Type Values presented within Transform Payload\r
//\r
#define IKEV2_TRANSFORM_TYPE_ENCR      1  // Encryption Algorithm\r
#define IKEV2_TRANSFORM_TYPE_PRF       2  // Pseduo-Random Func\r
#define IKEV2_TRANSFORM_TYPE_INTEG     3  // Integrity Algorithm\r
#define IKEV2_TRANSFORM_TYPE_DH        4  // DH Group\r
#define IKEV2_TRANSFORM_TYPE_ESN       5  // Extended Sequence Number\r
\r
//\r
// IKEv2 Transform ID for Encrypt Algorithm (ENCR)\r
// \r
#define IKEV2_TRANSFORM_ID_ENCR_DES_IV64 1\r
#define IKEV2_TRANSFORM_ID_ENCR_DES      2\r
#define IKEV2_TRANSFORM_ID_ENCR_3DES     3\r
#define IKEV2_TRANSFORM_ID_ENCR_RC5      4\r
#define IKEV2_TRANSFORM_ID_ENCR_IDEA     5\r
#define IKEV2_TRANSFORM_ID_ENCR_CAST     6\r
#define IKEV2_TRANSFORM_ID_ENCR_BLOWFISH 7\r
#define IKEV2_TRANSFORM_ID_ENCR_3IDEA    8\r
#define IKEV2_TRANSFORM_ID_ENCR_DES_IV32 9\r
#define IKEV2_TRANSFORM_ID_ENCR_NULL     11\r
#define IKEV2_TRANSFORM_ID_ENCR_AES_CBC  12\r
#define IKEV2_TRANSFORM_ID_ENCR_AES_CTR  13\r
\r
//\r
// IKEv2 Transform ID for Pseudo-Random Function (PRF)\r
//\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_MD5     1\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_SHA1    2\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_TIGER   3\r
#define IKEV2_TRANSFORM_ID_PRF_AES128_XCBC  4\r
\r
//\r
// IKEv2 Transform ID for Integrity Algorithm (INTEG)\r
//\r
#define IKEV2_TRANSFORM_ID_AUTH_NONE              0\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_MD5_96       1\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_SHA1_96      2\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_DES_MAC      3\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_KPDK_MD5     4\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_AES_XCBC_96  5\r
\r
//\r
// IKEv2 Transform ID for Diffie-Hellman Group (DH)\r
//\r
#define IKEV2_TRANSFORM_ID_DH_768MODP             1\r
#define IKEV2_TRANSFORM_ID_DH_1024MODP            2\r
#define IKEV2_TRANSFORM_ID_DH_2048MODP            14\r
\r
//\r
// IKEv2 Attribute Type Values\r
//\r
#define IKEV2_ATTRIBUTE_TYPE_KEYLEN               14\r
\r
//\r
// Transform Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       TransformType;\r
  UINT8                       Reserved;\r
  UINT16                      TransformId;\r
  //\r
  // SA Attributes\r
  //\r
} IKEV2_TRANSFORM;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT16                      DhGroup;\r
  UINT16                      Reserved;\r
  //\r
  // Remaining part contains the key exchanged\r
  //\r
} IKEV2_KEY_EXCHANGE;\r
#pragma pack()\r
\r
//\r
// Identification Type Values presented within Ikev2 ID payload\r
//\r
#define IKEV2_ID_TYPE_IPV4_ADDR        1\r
#define IKEV2_ID_TYPE_FQDN             2\r
#define IKEV2_ID_TYPE_RFC822_ADDR      3\r
#define IKEV2_ID_TYPE_IPV6_ADDR        5\r
#define IKEV2_ID_TYPE_DER_ASN1_DN      9\r
#define IKEV2_ID_TYPE_DER_ASN1_GN      10\r
#define IKEV2_ID_TYPE_KEY_ID           11\r
\r
//\r
// Identification Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       IdType;\r
  UINT8                       Reserver1;\r
  UINT16                      Reserver2;\r
  //\r
  // Identification Data\r
  //\r
} IKEV2_ID;\r
#pragma pack()\r
\r
//\r
// Encoding Type presented in IKEV2 Cert Payload\r
//\r
#define IKEV2_CERT_ENCODEING_RESERVED                  0\r
#define IKEV2_CERT_ENCODEING_X509_CERT_WRAP            1\r
#define IKEV2_CERT_ENCODEING_PGP_CERT                  2\r
#define IKEV2_CERT_ENCODEING_DNS_SIGN_KEY              3\r
#define IKEV2_CERT_ENCODEING_X509_CERT_SIGN            4\r
#define IKEV2_CERT_ENCODEING_KERBEROS_TOKEN            6\r
#define IKEV2_CERT_ENCODEING_REVOCATION_LIST_CERT      7\r
#define IKEV2_CERT_ENCODEING_AUTH_REVOCATION_LIST      8\r
#define IKEV2_CERT_ENCODEING_SPKI_CERT                 9\r
#define IKEV2_CERT_ENCODEING_X509_CERT_ATTRIBUTE       10\r
#define IKEV2_CERT_ENCODEING_RAW_RSA_KEY               11\r
#define IKEV2_CERT_ENCODEING_HASH_AND_URL_OF_X509_CERT 12\r
\r
//\r
// IKEV2 Certificate Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CertEncoding;\r
  //\r
  // Cert Data\r
  //\r
} IKEV2_CERT;\r
#pragma pack()\r
\r
//\r
// IKEV2 Certificate Request Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CertEncoding;\r
  //\r
  // Cert Authority\r
  //\r
} IKEV2_CERT_REQ;\r
#pragma pack()\r
\r
//\r
// Authentication Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       AuthMethod;\r
  UINT8                       Reserved1;\r
  UINT16                      Reserved2;\r
  //\r
  // Auth Data\r
  //\r
} IKEV2_AUTH;\r
#pragma pack()\r
\r
//\r
// Authmethod in Authentication Payload\r
//\r
#define IKEV2_AUTH_METHOD_RSA        1; // RSA Digital Signature\r
#define IKEV2_AUTH_METHOD_SKMI       2; // Shared Key Message Integrity\r
#define IKEV2_AUTH_METHOD_DSS        3; // DSS Digital Signature\r
\r
//\r
// IKEv2 Nonce Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // Nonce Data\r
  //\r
} IKEV2_NONCE;\r
#pragma pack()\r
\r
//\r
// Notification Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT16                      MessageType;\r
  //\r
  // SPI and Notification Data\r
  //\r
} IKEV2_NOTIFY;\r
#pragma pack()\r
\r
//\r
//  Notify Message Types presented within IKEv2 Notify Payload\r
//\r
#define IKEV2_NOTIFICATION_UNSUPPORT_CRITICAL_PAYLOAD       1\r
#define IKEV2_NOTIFICATION_INVALID_IKE_SPI                  4\r
#define IKEV2_NOTIFICATION_INVALID_MAJOR_VERSION            5\r
#define IKEV2_NOTIFICATION_INVALID_SYNTAX                   7\r
#define IKEV2_NOTIFICATION_INVALID_MESSAGE_ID               9\r
#define IKEV2_NOTIFICATION_INVALID_SPI                     11\r
#define IKEV2_NOTIFICATION_NO_PROPOSAL_CHOSEN              14\r
#define IKEV2_NOTIFICATION_INVALID_KEY_PAYLOAD             17\r
#define IKEV2_NOTIFICATION_AUTHENTICATION_FAILED           24\r
#define IKEV2_NOTIFICATION_SINGLE_PAIR_REQUIRED            34\r
#define IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS               35\r
#define IKEV2_NOTIFICATION_INTERNAL_ADDRESS_FAILURE        36\r
#define IKEV2_NOTIFICATION_FAILED_CP_REQUIRED              37\r
#define IKEV2_NOTIFICATION_TS_UNCCEPTABLE                  38\r
#define IKEV2_NOTIFICATION_INVALID_SELECTORS               39\r
#define IKEV2_NOTIFICATION_COOKIE                          16390\r
#define IKEV2_NOTIFICATION_USE_TRANSPORT_MODE              16391\r
#define IKEV2_NOTIFICATION_REKEY_SA                        16393\r
\r
//\r
// IKEv2 Protocol ID\r
//\r
//\r
// IKEv2 Delete Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT16                      NumSpis;\r
  //\r
  // SPIs\r
  //\r
} IKEV2_DELETE;\r
#pragma pack()\r
\r
//\r
// Traffic Selector Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       TSNumbers;\r
  UINT8                       Reserved1;\r
  UINT16                      Reserved2;\r
  //\r
  // Traffic Selector\r
  //\r
} IKEV2_TS;\r
#pragma pack()\r
\r
//\r
// Traffic Selector\r
//\r
#pragma pack(1)\r
typedef struct {\r
  UINT8                       TSType;\r
  UINT8                       IpProtocolId;\r
  UINT16                      SelecorLen;\r
  UINT16                      StartPort;\r
  UINT16                      EndPort;\r
  //\r
  // Starting Address && Ending Address\r
  //\r
} TRAFFIC_SELECTOR;\r
#pragma pack()\r
\r
//\r
// Ts Type in Traffic Selector\r
//\r
#define IKEV2_TS_TYPE_IPV4_ADDR_RANGE     7\r
#define IKEV2_TS_TYPS_IPV6_ADDR_RANGE     8\r
\r
//\r
// Vendor Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // Vendor ID\r
  //\r
} IKEV2_VENDOR;\r
#pragma pack()\r
\r
//\r
// Encrypted Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // IV, Encrypted IKE Payloads, Padding, PAD length, Integrity CheckSum\r
  //\r
} IKEV2_ENCRYPTED;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  UINT8 PadLength;\r
} IKEV2_PAD_LEN;\r
#pragma pack()\r
\r
//\r
// Configuration Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CfgType;\r
  UINT8                       Reserve1;\r
  UINT16                      Reserve2;\r
  //\r
  // Configuration Attributes\r
  //\r
} IKEV2_CFG;\r
#pragma pack()\r
\r
//\r
// Configuration Payload CPG type\r
//\r
#define IKEV2_CFG_TYPE_REQUEST    1\r
#define IKEV2_CFG_TYPE_REPLY      2\r
#define IKEV2_CFG_TYPE_SET        3\r
#define IKEV2_CFG_TYPE_ACK        4\r
\r
//\r
// Configuration Attributes\r
//\r
#pragma pack(1)\r
typedef struct {\r
  UINT16    AttritType;\r
  UINT16    ValueLength;\r
} IKEV2_CFG_ATTRIBUTES;\r
#pragma pack()\r
\r
//\r
// Configuration Attributes\r
//\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_ADDRESS      1\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBTMASK      2\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_DNS          3\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBNS         4\r
#define IKEV2_CFG_ATTR_INTERNA_ADDRESS_BXPIRY    5\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_DHCP         6\r
#define IKEV2_CFG_ATTR_APPLICATION_VERSION       7\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_ADDRESS      8\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_DNS          10\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_NBNS         11\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_DHCP         12\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_SUBNET       13\r
#define IKEV2_CFG_ATTR_SUPPORTED_ATTRIBUTES      14\r
#define IKEV2_CFG_ATTR_IP6_SUBNET                15\r
\r
#endif\r
\r
Commit	Line	Data
9166f840	1	/** @file\r
	2	The Definitions related to IKEv2 payload.\r
	3	\r
	4	Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
	5	\r
	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php.\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	#ifndef _IKE_V2_PAYLOAD_H_\r
	16	#define _IKE_V2_PAYLOAD_H_\r
	17	\r
	18	//\r
	19	// Payload Type for IKEv2\r
	20	//\r
	21	#define IKEV2_PAYLOAD_TYPE_NONE 0\r
	22	#define IKEV2_PAYLOAD_TYPE_SA 33\r
	23	#define IKEV2_PAYLOAD_TYPE_KE 34\r
	24	#define IKEV2_PAYLOAD_TYPE_ID_INIT 35\r
	25	#define IKEV2_PAYLOAD_TYPE_ID_RSP 36\r
	26	#define IKEV2_PAYLOAD_TYPE_CERT 37\r
	27	#define IKEV2_PAYLOAD_TYPE_CERTREQ 38\r
	28	#define IKEV2_PAYLOAD_TYPE_AUTH 39\r
	29	#define IKEV2_PAYLOAD_TYPE_NONCE 40\r
	30	#define IKEV2_PAYLOAD_TYPE_NOTIFY 41\r
	31	#define IKEV2_PAYLOAD_TYPE_DELETE 42\r
	32	#define IKEV2_PAYLOAD_TYPE_VENDOR 43\r
	33	#define IKEV2_PAYLOAD_TYPE_TS_INIT 44\r
	34	#define IKEV2_PAYLOAD_TYPE_TS_RSP 45\r
	35	#define IKEV2_PAYLOAD_TYPE_ENCRYPT 46\r
	36	#define IKEV2_PAYLOAD_TYPE_CP 47\r
	37	#define IKEV2_PAYLOAD_TYPE_EAP 48\r
	38	\r
	39	//\r
	40	// IKE header Flag for IKEv2\r
	41	//\r
	42	#define IKE_HEADER_FLAGS_INIT 0x08\r
	43	#define IKE_HEADER_FLAGS_RESPOND 0x20\r
	44	#define IKE_HEADER_FLAGS_CHILD_INIT 0\r
	45	\r
	46	//\r
	47	// IKE Header Exchange Type for IKEv2\r
	48	//\r
	49	#define IKEV2_EXCHANGE_TYPE_INIT 34\r
	50	#define IKEV2_EXCHANGE_TYPE_AUTH 35\r
	51	#define IKEV2_EXCHANGE_TYPE_CREATE_CHILD 36\r
	52	#define IKEV2_EXCHANGE_TYPE_INFO 37\r
	53	\r
	54	#pragma pack(1)\r
	55	typedef struct {\r
	56	UINT8 NextPayload;\r
	57	UINT8 Reserved;\r
	58	UINT16 PayloadLength;\r
	59	} IKEV2_COMMON_PAYLOAD_HEADER;\r
	60	#pragma pack()\r
	61	\r
	62	#pragma pack(1)\r
	63	typedef struct {\r
	64	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
65	// \r
66	// Proposals\r
67	//\r
68	} IKEV2_SA;\r
69	#pragma pack()\r
70	\r
71	#pragma pack(1)\r
72	typedef struct {\r
73	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
74	UINT8 ProposalIndex;\r
75	UINT8 ProtocolId;\r
76	UINT8 SpiSize;\r
77	UINT8 NumTransforms;\r
78	} IKEV2_PROPOSAL;\r
79	#pragma pack()\r
80	\r
81	//\r
82	// IKEv2 Transform Type Values presented within Transform Payload\r
83	//\r
84	#define IKEV2_TRANSFORM_TYPE_ENCR 1 // Encryption Algorithm\r
85	#define IKEV2_TRANSFORM_TYPE_PRF 2 // Pseduo-Random Func\r
86	#define IKEV2_TRANSFORM_TYPE_INTEG 3 // Integrity Algorithm\r
87	#define IKEV2_TRANSFORM_TYPE_DH 4 // DH Group\r
88	#define IKEV2_TRANSFORM_TYPE_ESN 5 // Extended Sequence Number\r
89	\r
90	//\r
91	// IKEv2 Transform ID for Encrypt Algorithm (ENCR)\r
92	// \r
93	#define IKEV2_TRANSFORM_ID_ENCR_DES_IV64 1\r
94	#define IKEV2_TRANSFORM_ID_ENCR_DES 2\r
95	#define IKEV2_TRANSFORM_ID_ENCR_3DES 3\r
96	#define IKEV2_TRANSFORM_ID_ENCR_RC5 4\r
97	#define IKEV2_TRANSFORM_ID_ENCR_IDEA 5\r
98	#define IKEV2_TRANSFORM_ID_ENCR_CAST 6\r
99	#define IKEV2_TRANSFORM_ID_ENCR_BLOWFISH 7\r
100	#define IKEV2_TRANSFORM_ID_ENCR_3IDEA 8\r
101	#define IKEV2_TRANSFORM_ID_ENCR_DES_IV32 9\r
102	#define IKEV2_TRANSFORM_ID_ENCR_NULL 11\r
103	#define IKEV2_TRANSFORM_ID_ENCR_AES_CBC 12\r
104	#define IKEV2_TRANSFORM_ID_ENCR_AES_CTR 13\r
105	\r
106	//\r
107	// IKEv2 Transform ID for Pseudo-Random Function (PRF)\r
108	//\r
109	#define IKEV2_TRANSFORM_ID_PRF_HMAC_MD5 1\r
110	#define IKEV2_TRANSFORM_ID_PRF_HMAC_SHA1 2\r
111	#define IKEV2_TRANSFORM_ID_PRF_HMAC_TIGER 3\r
112	#define IKEV2_TRANSFORM_ID_PRF_AES128_XCBC 4\r
113	\r
114	//\r
115	// IKEv2 Transform ID for Integrity Algorithm (INTEG)\r
116	//\r
117	#define IKEV2_TRANSFORM_ID_AUTH_NONE 0\r
118	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_MD5_96 1\r
119	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_SHA1_96 2\r
120	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_DES_MAC 3\r
121	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_KPDK_MD5 4\r
122	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_AES_XCBC_96 5\r
123	\r
124	//\r
125	// IKEv2 Transform ID for Diffie-Hellman Group (DH)\r
126	//\r
127	#define IKEV2_TRANSFORM_ID_DH_768MODP 1\r
128	#define IKEV2_TRANSFORM_ID_DH_1024MODP 2\r
129	#define IKEV2_TRANSFORM_ID_DH_2048MODP 14\r
130	\r
131	//\r
132	// IKEv2 Attribute Type Values\r
133	//\r
134	#define IKEV2_ATTRIBUTE_TYPE_KEYLEN 14\r
135	\r
136	//\r
137	// Transform Payload\r
138	//\r
139	#pragma pack(1)\r
140	typedef struct {\r
141	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
142	UINT8 TransformType;\r
143	UINT8 Reserved;\r
144	UINT16 TransformId;\r
145	//\r
146	// SA Attributes\r
147	//\r
148	} IKEV2_TRANSFORM;\r
149	#pragma pack()\r
150	\r
151	#pragma pack(1)\r
152	typedef struct {\r
153	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
154	UINT16 DhGroup;\r
155	UINT16 Reserved;\r
156	//\r
157	// Remaining part contains the key exchanged\r
158	//\r
159	} IKEV2_KEY_EXCHANGE;\r
160	#pragma pack()\r
161	\r
162	//\r
163	// Identification Type Values presented within Ikev2 ID payload\r
164	//\r
165	#define IKEV2_ID_TYPE_IPV4_ADDR 1\r
166	#define IKEV2_ID_TYPE_FQDN 2\r
167	#define IKEV2_ID_TYPE_RFC822_ADDR 3\r
168	#define IKEV2_ID_TYPE_IPV6_ADDR 5\r
169	#define IKEV2_ID_TYPE_DER_ASN1_DN 9\r
170	#define IKEV2_ID_TYPE_DER_ASN1_GN 10\r
171	#define IKEV2_ID_TYPE_KEY_ID 11\r
172	\r
173	//\r
174	// Identification Payload\r
175	//\r
176	#pragma pack(1)\r
177	typedef struct {\r
178	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
179	UINT8 IdType;\r
180	UINT8 Reserver1;\r
181	UINT16 Reserver2;\r
182	//\r
183	// Identification Data\r
184	//\r
185	} IKEV2_ID;\r
186	#pragma pack()\r
187	\r
188	//\r
189	// Encoding Type presented in IKEV2 Cert Payload\r
190	//\r
191	#define IKEV2_CERT_ENCODEING_RESERVED 0\r
192	#define IKEV2_CERT_ENCODEING_X509_CERT_WRAP 1\r
193	#define IKEV2_CERT_ENCODEING_PGP_CERT 2\r
194	#define IKEV2_CERT_ENCODEING_DNS_SIGN_KEY 3\r
195	#define IKEV2_CERT_ENCODEING_X509_CERT_SIGN 4\r
196	#define IKEV2_CERT_ENCODEING_KERBEROS_TOKEN 6\r
197	#define IKEV2_CERT_ENCODEING_REVOCATION_LIST_CERT 7\r
198	#define IKEV2_CERT_ENCODEING_AUTH_REVOCATION_LIST 8\r
199	#define IKEV2_CERT_ENCODEING_SPKI_CERT 9\r
200	#define IKEV2_CERT_ENCODEING_X509_CERT_ATTRIBUTE 10\r
201	#define IKEV2_CERT_ENCODEING_RAW_RSA_KEY 11\r
202	#define IKEV2_CERT_ENCODEING_HASH_AND_URL_OF_X509_CERT 12\r
203	\r
204	//\r
205	// IKEV2 Certificate Payload\r
206	//\r
207	#pragma pack(1)\r
208	typedef struct {\r
209	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
210	UINT8 CertEncoding;\r
211	//\r
212	// Cert Data\r
213	//\r
214	} IKEV2_CERT;\r
215	#pragma pack()\r
216	\r
217	//\r
218	// IKEV2 Certificate Request Payload\r
219	//\r
220	#pragma pack(1)\r
221	typedef struct {\r
222	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
223	UINT8 CertEncoding;\r
224	//\r
225	// Cert Authority\r
226	//\r
227	} IKEV2_CERT_REQ;\r
228	#pragma pack()\r
229	\r
230	//\r
231	// Authentication Payload\r
232	//\r
233	#pragma pack(1)\r
234	typedef struct {\r
235	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
236	UINT8 AuthMethod;\r
237	UINT8 Reserved1;\r
238	UINT16 Reserved2;\r
239	//\r
240	// Auth Data\r
241	//\r
242	} IKEV2_AUTH;\r
243	#pragma pack()\r
244	\r
245	//\r
246	// Authmethod in Authentication Payload\r
247	//\r
248	#define IKEV2_AUTH_METHOD_RSA 1; // RSA Digital Signature\r
249	#define IKEV2_AUTH_METHOD_SKMI 2; // Shared Key Message Integrity\r
250	#define IKEV2_AUTH_METHOD_DSS 3; // DSS Digital Signature\r
251	\r
252	//\r
253	// IKEv2 Nonce Payload\r
254	//\r
255	#pragma pack(1)\r
256	typedef struct {\r
257	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
258	//\r
259	// Nonce Data\r
260	//\r
261	} IKEV2_NONCE;\r
262	#pragma pack()\r
263	\r
264	//\r
265	// Notification Payload\r
266	//\r
267	#pragma pack(1)\r
268	typedef struct {\r
269	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
270	UINT8 ProtocolId;\r
271	UINT8 SpiSize;\r
272	UINT16 MessageType;\r
273	//\r
274	// SPI and Notification Data\r
275	//\r
276	} IKEV2_NOTIFY;\r
277	#pragma pack()\r
278	\r
279	//\r
280	// Notify Message Types presented within IKEv2 Notify Payload\r
281	//\r
282	#define IKEV2_NOTIFICATION_UNSUPPORT_CRITICAL_PAYLOAD 1\r
283	#define IKEV2_NOTIFICATION_INVALID_IKE_SPI 4\r
284	#define IKEV2_NOTIFICATION_INVALID_MAJOR_VERSION 5\r
285	#define IKEV2_NOTIFICATION_INVALID_SYNTAX 7\r
286	#define IKEV2_NOTIFICATION_INVALID_MESSAGE_ID 9\r
287	#define IKEV2_NOTIFICATION_INVALID_SPI 11\r
288	#define IKEV2_NOTIFICATION_NO_PROPOSAL_CHOSEN 14\r
289	#define IKEV2_NOTIFICATION_INVALID_KEY_PAYLOAD 17\r
290	#define IKEV2_NOTIFICATION_AUTHENTICATION_FAILED 24\r
291	#define IKEV2_NOTIFICATION_SINGLE_PAIR_REQUIRED 34\r
292	#define IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS 35\r
293	#define IKEV2_NOTIFICATION_INTERNAL_ADDRESS_FAILURE 36\r
294	#define IKEV2_NOTIFICATION_FAILED_CP_REQUIRED 37\r
295	#define IKEV2_NOTIFICATION_TS_UNCCEPTABLE 38\r
296	#define IKEV2_NOTIFICATION_INVALID_SELECTORS 39\r
297	#define IKEV2_NOTIFICATION_COOKIE 16390\r
298	#define IKEV2_NOTIFICATION_USE_TRANSPORT_MODE 16391\r
299	#define IKEV2_NOTIFICATION_REKEY_SA 16393\r
300	\r
301	//\r
302	// IKEv2 Protocol ID\r
303	//\r
304	//\r
305	// IKEv2 Delete Payload\r
306	//\r
307	#pragma pack(1)\r
308	typedef struct {\r
309	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
310	UINT8 ProtocolId;\r
311	UINT8 SpiSize;\r
312	UINT16 NumSpis;\r
313	//\r
314	// SPIs\r
315	//\r
316	} IKEV2_DELETE;\r
317	#pragma pack()\r
318	\r
319	//\r
320	// Traffic Selector Payload\r
321	//\r
322	#pragma pack(1)\r
323	typedef struct {\r
324	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
325	UINT8 TSNumbers;\r
326	UINT8 Reserved1;\r
327	UINT16 Reserved2;\r
328	//\r
329	// Traffic Selector\r
330	//\r
331	} IKEV2_TS;\r
332	#pragma pack()\r
333	\r
334	//\r
335	// Traffic Selector\r
336	//\r
337	#pragma pack(1)\r
338	typedef struct {\r
339	UINT8 TSType;\r
340	UINT8 IpProtocolId;\r
341	UINT16 SelecorLen;\r
342	UINT16 StartPort;\r
343	UINT16 EndPort;\r
344	//\r
345	// Starting Address && Ending Address\r
346	//\r
347	} TRAFFIC_SELECTOR;\r
348	#pragma pack()\r
349	\r
350	//\r
351	// Ts Type in Traffic Selector\r
352	//\r
353	#define IKEV2_TS_TYPE_IPV4_ADDR_RANGE 7\r
354	#define IKEV2_TS_TYPS_IPV6_ADDR_RANGE 8\r
355	\r
356	//\r
357	// Vendor Payload\r
358	//\r
359	#pragma pack(1)\r
360	typedef struct {\r
361	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
362	//\r
363	// Vendor ID\r
364	//\r
365	} IKEV2_VENDOR;\r
366	#pragma pack()\r
367	\r
368	//\r
369	// Encrypted Payload\r
370	//\r
371	#pragma pack(1)\r
372	typedef struct {\r
373	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
374	//\r
375	// IV, Encrypted IKE Payloads, Padding, PAD length, Integrity CheckSum\r
376	//\r
377	} IKEV2_ENCRYPTED;\r
378	#pragma pack()\r
379	\r
380	#pragma pack(1)\r
381	typedef struct {\r
382	UINT8 PadLength;\r
383	} IKEV2_PAD_LEN;\r
384	#pragma pack()\r
385	\r
386	//\r
387	// Configuration Payload\r
388	//\r
389	#pragma pack(1)\r
390	typedef struct {\r
391	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
392	UINT8 CfgType;\r
393	UINT8 Reserve1;\r
394	UINT16 Reserve2;\r
395	//\r
396	// Configuration Attributes\r
397	//\r
398	} IKEV2_CFG;\r
399	#pragma pack()\r
400	\r
401	//\r
402	// Configuration Payload CPG type\r
403	//\r
404	#define IKEV2_CFG_TYPE_REQUEST 1\r
405	#define IKEV2_CFG_TYPE_REPLY 2\r
406	#define IKEV2_CFG_TYPE_SET 3\r
407	#define IKEV2_CFG_TYPE_ACK 4\r
408	\r
409	//\r
410	// Configuration Attributes\r
411	//\r
412	#pragma pack(1)\r
413	typedef struct {\r
414	UINT16 AttritType;\r
415	UINT16 ValueLength;\r
416	} IKEV2_CFG_ATTRIBUTES;\r
417	#pragma pack()\r
418	\r
419	//\r
420	// Configuration Attributes\r
421	//\r
422	#define IKEV2_CFG_ATTR_INTERNAL_IP4_ADDRESS 1\r
423	#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBTMASK 2\r
424	#define IKEV2_CFG_ATTR_INTERNAL_IP4_DNS 3\r
425	#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBNS 4\r
426	#define IKEV2_CFG_ATTR_INTERNA_ADDRESS_BXPIRY 5\r
427	#define IKEV2_CFG_ATTR_INTERNAL_IP4_DHCP 6\r
428	#define IKEV2_CFG_ATTR_APPLICATION_VERSION 7\r
429	#define IKEV2_CFG_ATTR_INTERNAL_IP6_ADDRESS 8\r
430	#define IKEV2_CFG_ATTR_INTERNAL_IP6_DNS 10\r
431	#define IKEV2_CFG_ATTR_INTERNAL_IP6_NBNS 11\r
432	#define IKEV2_CFG_ATTR_INTERNAL_IP6_DHCP 12\r
433	#define IKEV2_CFG_ATTR_INTERNAL_IP4_SUBNET 13\r
434	#define IKEV2_CFG_ATTR_SUPPORTED_ATTRIBUTES 14\r
435	#define IKEV2_CFG_ATTR_IP6_SUBNET 15\r
436	\r
437	#endif\r
438	\r