[mirror_edk2.git] / NetworkPkg / IpSecDxe / Ikev2 / Payload.h

/** @file\r
  The Definitions related to IKEv2 payload.\r
\r
  Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
  This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php.\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
#ifndef _IKE_V2_PAYLOAD_H_\r
#define _IKE_V2_PAYLOAD_H_\r
\r
//\r
// Payload Type for IKEv2\r
//\r
#define IKEV2_PAYLOAD_TYPE_NONE     0\r
#define IKEV2_PAYLOAD_TYPE_SA       33\r
#define IKEV2_PAYLOAD_TYPE_KE       34\r
#define IKEV2_PAYLOAD_TYPE_ID_INIT  35\r
#define IKEV2_PAYLOAD_TYPE_ID_RSP   36\r
#define IKEV2_PAYLOAD_TYPE_CERT     37\r
#define IKEV2_PAYLOAD_TYPE_CERTREQ  38\r
#define IKEV2_PAYLOAD_TYPE_AUTH     39\r
#define IKEV2_PAYLOAD_TYPE_NONCE    40\r
#define IKEV2_PAYLOAD_TYPE_NOTIFY   41\r
#define IKEV2_PAYLOAD_TYPE_DELETE   42\r
#define IKEV2_PAYLOAD_TYPE_VENDOR   43\r
#define IKEV2_PAYLOAD_TYPE_TS_INIT  44\r
#define IKEV2_PAYLOAD_TYPE_TS_RSP   45\r
#define IKEV2_PAYLOAD_TYPE_ENCRYPT  46\r
#define IKEV2_PAYLOAD_TYPE_CP       47\r
#define IKEV2_PAYLOAD_TYPE_EAP      48\r
\r
//\r
// IKE header Flag (1 octet) for IKEv2, defined in RFC 4306 section 3.1\r
//\r
// I(nitiator) (bit 3 of Flags, 0x08) - This bit MUST be set in messages sent by the\r
//                                      original initiator of the IKE_SA\r
//\r
// R(esponse) (bit 5 of Flags, 0x20)  - This bit indicates that this message is a response to\r
//                                      a message containing the same message ID.\r
//\r
#define IKE_HEADER_FLAGS_INIT       0x08\r
#define IKE_HEADER_FLAGS_RESPOND    0x20\r
\r
//\r
// IKE Header Exchange Type for IKEv2\r
//\r
#define IKEV2_EXCHANGE_TYPE_INIT         34\r
#define IKEV2_EXCHANGE_TYPE_AUTH         35\r
#define IKEV2_EXCHANGE_TYPE_CREATE_CHILD 36\r
#define IKEV2_EXCHANGE_TYPE_INFO         37\r
\r
#pragma pack(1)\r
typedef struct {\r
  UINT8   NextPayload;\r
  UINT8   Reserved;\r
  UINT16  PayloadLength;\r
} IKEV2_COMMON_PAYLOAD_HEADER;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // Proposals\r
  //\r
} IKEV2_SA;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProposalIndex;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT8                       NumTransforms;\r
} IKEV2_PROPOSAL;\r
#pragma pack()\r
\r
//\r
// IKEv2 Transform Type Values presented within Transform Payload\r
//\r
#define IKEV2_TRANSFORM_TYPE_ENCR      1  // Encryption Algorithm\r
#define IKEV2_TRANSFORM_TYPE_PRF       2  // Pseduo-Random Func\r
#define IKEV2_TRANSFORM_TYPE_INTEG     3  // Integrity Algorithm\r
#define IKEV2_TRANSFORM_TYPE_DH        4  // DH Group\r
#define IKEV2_TRANSFORM_TYPE_ESN       5  // Extended Sequence Number\r
\r
//\r
// IKEv2 Transform ID for Encrypt Algorithm (ENCR)\r
//\r
#define IKEV2_TRANSFORM_ID_ENCR_DES_IV64 1\r
#define IKEV2_TRANSFORM_ID_ENCR_DES      2\r
#define IKEV2_TRANSFORM_ID_ENCR_3DES     3\r
#define IKEV2_TRANSFORM_ID_ENCR_RC5      4\r
#define IKEV2_TRANSFORM_ID_ENCR_IDEA     5\r
#define IKEV2_TRANSFORM_ID_ENCR_CAST     6\r
#define IKEV2_TRANSFORM_ID_ENCR_BLOWFISH 7\r
#define IKEV2_TRANSFORM_ID_ENCR_3IDEA    8\r
#define IKEV2_TRANSFORM_ID_ENCR_DES_IV32 9\r
#define IKEV2_TRANSFORM_ID_ENCR_NULL     11\r
#define IKEV2_TRANSFORM_ID_ENCR_AES_CBC  12\r
#define IKEV2_TRANSFORM_ID_ENCR_AES_CTR  13\r
\r
//\r
// IKEv2 Transform ID for Pseudo-Random Function (PRF)\r
//\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_MD5     1\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_SHA1    2\r
#define IKEV2_TRANSFORM_ID_PRF_HMAC_TIGER   3\r
#define IKEV2_TRANSFORM_ID_PRF_AES128_XCBC  4\r
\r
//\r
// IKEv2 Transform ID for Integrity Algorithm (INTEG)\r
//\r
#define IKEV2_TRANSFORM_ID_AUTH_NONE              0\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_MD5_96       1\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_SHA1_96      2\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_DES_MAC      3\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_KPDK_MD5     4\r
#define IKEV2_TRANSFORM_ID_AUTH_HMAC_AES_XCBC_96  5\r
\r
//\r
// IKEv2 Transform ID for Diffie-Hellman Group (DH)\r
//\r
#define IKEV2_TRANSFORM_ID_DH_768MODP             1\r
#define IKEV2_TRANSFORM_ID_DH_1024MODP            2\r
#define IKEV2_TRANSFORM_ID_DH_2048MODP            14\r
\r
//\r
// IKEv2 Attribute Type Values\r
//\r
#define IKEV2_ATTRIBUTE_TYPE_KEYLEN               14\r
\r
//\r
// Transform Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       TransformType;\r
  UINT8                       Reserved;\r
  UINT16                      TransformId;\r
  //\r
  // SA Attributes\r
  //\r
} IKEV2_TRANSFORM;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT16                      DhGroup;\r
  UINT16                      Reserved;\r
  //\r
  // Remaining part contains the key exchanged\r
  //\r
} IKEV2_KEY_EXCHANGE;\r
#pragma pack()\r
\r
//\r
// Identification Type Values presented within Ikev2 ID payload\r
//\r
#define IKEV2_ID_TYPE_IPV4_ADDR        1\r
#define IKEV2_ID_TYPE_FQDN             2\r
#define IKEV2_ID_TYPE_RFC822_ADDR      3\r
#define IKEV2_ID_TYPE_IPV6_ADDR        5\r
#define IKEV2_ID_TYPE_DER_ASN1_DN      9\r
#define IKEV2_ID_TYPE_DER_ASN1_GN      10\r
#define IKEV2_ID_TYPE_KEY_ID           11\r
\r
//\r
// Identification Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       IdType;\r
  UINT8                       Reserver1;\r
  UINT16                      Reserver2;\r
  //\r
  // Identification Data\r
  //\r
} IKEV2_ID;\r
#pragma pack()\r
\r
//\r
// Encoding Type presented in IKEV2 Cert Payload\r
//\r
#define IKEV2_CERT_ENCODEING_RESERVED                  0\r
#define IKEV2_CERT_ENCODEING_X509_CERT_WRAP            1\r
#define IKEV2_CERT_ENCODEING_PGP_CERT                  2\r
#define IKEV2_CERT_ENCODEING_DNS_SIGN_KEY              3\r
#define IKEV2_CERT_ENCODEING_X509_CERT_SIGN            4\r
#define IKEV2_CERT_ENCODEING_KERBEROS_TOKEN            6\r
#define IKEV2_CERT_ENCODEING_REVOCATION_LIST_CERT      7\r
#define IKEV2_CERT_ENCODEING_AUTH_REVOCATION_LIST      8\r
#define IKEV2_CERT_ENCODEING_SPKI_CERT                 9\r
#define IKEV2_CERT_ENCODEING_X509_CERT_ATTRIBUTE       10\r
#define IKEV2_CERT_ENCODEING_RAW_RSA_KEY               11\r
#define IKEV2_CERT_ENCODEING_HASH_AND_URL_OF_X509_CERT 12\r
\r
//\r
// IKEV2 Certificate Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CertEncoding;\r
  //\r
  // Cert Data\r
  //\r
} IKEV2_CERT;\r
#pragma pack()\r
\r
//\r
// IKEV2 Certificate Request Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CertEncoding;\r
  //\r
  // Cert Authority\r
  //\r
} IKEV2_CERT_REQ;\r
#pragma pack()\r
\r
//\r
// Authentication Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       AuthMethod;\r
  UINT8                       Reserved1;\r
  UINT16                      Reserved2;\r
  //\r
  // Auth Data\r
  //\r
} IKEV2_AUTH;\r
#pragma pack()\r
\r
//\r
// Authmethod in Authentication Payload\r
//\r
#define IKEV2_AUTH_METHOD_RSA        1; // RSA Digital Signature\r
#define IKEV2_AUTH_METHOD_SKMI       2; // Shared Key Message Integrity\r
#define IKEV2_AUTH_METHOD_DSS        3; // DSS Digital Signature\r
\r
//\r
// IKEv2 Nonce Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // Nonce Data\r
  //\r
} IKEV2_NONCE;\r
#pragma pack()\r
\r
//\r
// Notification Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT16                      MessageType;\r
  //\r
  // SPI and Notification Data\r
  //\r
} IKEV2_NOTIFY;\r
#pragma pack()\r
\r
//\r
//  Notify Message Types presented within IKEv2 Notify Payload\r
//\r
#define IKEV2_NOTIFICATION_UNSUPPORT_CRITICAL_PAYLOAD       1\r
#define IKEV2_NOTIFICATION_INVALID_IKE_SPI                  4\r
#define IKEV2_NOTIFICATION_INVALID_MAJOR_VERSION            5\r
#define IKEV2_NOTIFICATION_INVALID_SYNTAX                   7\r
#define IKEV2_NOTIFICATION_INVALID_MESSAGE_ID               9\r
#define IKEV2_NOTIFICATION_INVALID_SPI                     11\r
#define IKEV2_NOTIFICATION_NO_PROPOSAL_CHOSEN              14\r
#define IKEV2_NOTIFICATION_INVALID_KEY_PAYLOAD             17\r
#define IKEV2_NOTIFICATION_AUTHENTICATION_FAILED           24\r
#define IKEV2_NOTIFICATION_SINGLE_PAIR_REQUIRED            34\r
#define IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS               35\r
#define IKEV2_NOTIFICATION_INTERNAL_ADDRESS_FAILURE        36\r
#define IKEV2_NOTIFICATION_FAILED_CP_REQUIRED              37\r
#define IKEV2_NOTIFICATION_TS_UNCCEPTABLE                  38\r
#define IKEV2_NOTIFICATION_INVALID_SELECTORS               39\r
#define IKEV2_NOTIFICATION_COOKIE                          16390\r
#define IKEV2_NOTIFICATION_USE_TRANSPORT_MODE              16391\r
#define IKEV2_NOTIFICATION_REKEY_SA                        16393\r
\r
//\r
// IKEv2 Protocol ID\r
//\r
//\r
// IKEv2 Delete Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       ProtocolId;\r
  UINT8                       SpiSize;\r
  UINT16                      NumSpis;\r
  //\r
  // SPIs\r
  //\r
} IKEV2_DELETE;\r
#pragma pack()\r
\r
//\r
// Traffic Selector Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       TSNumbers;\r
  UINT8                       Reserved1;\r
  UINT16                      Reserved2;\r
  //\r
  // Traffic Selector\r
  //\r
} IKEV2_TS;\r
#pragma pack()\r
\r
//\r
// Traffic Selector\r
//\r
#pragma pack(1)\r
typedef struct {\r
  UINT8                       TSType;\r
  UINT8                       IpProtocolId;\r
  UINT16                      SelecorLen;\r
  UINT16                      StartPort;\r
  UINT16                      EndPort;\r
  //\r
  // Starting Address && Ending Address\r
  //\r
} TRAFFIC_SELECTOR;\r
#pragma pack()\r
\r
//\r
// Ts Type in Traffic Selector\r
//\r
#define IKEV2_TS_TYPE_IPV4_ADDR_RANGE     7\r
#define IKEV2_TS_TYPS_IPV6_ADDR_RANGE     8\r
\r
//\r
// Vendor Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // Vendor ID\r
  //\r
} IKEV2_VENDOR;\r
#pragma pack()\r
\r
//\r
// Encrypted Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  //\r
  // IV, Encrypted IKE Payloads, Padding, PAD length, Integrity CheckSum\r
  //\r
} IKEV2_ENCRYPTED;\r
#pragma pack()\r
\r
#pragma pack(1)\r
typedef struct {\r
  UINT8 PadLength;\r
} IKEV2_PAD_LEN;\r
#pragma pack()\r
\r
//\r
// Configuration Payload\r
//\r
#pragma pack(1)\r
typedef struct {\r
  IKEV2_COMMON_PAYLOAD_HEADER Header;\r
  UINT8                       CfgType;\r
  UINT8                       Reserve1;\r
  UINT16                      Reserve2;\r
  //\r
  // Configuration Attributes\r
  //\r
} IKEV2_CFG;\r
#pragma pack()\r
\r
//\r
// Configuration Payload CPG type\r
//\r
#define IKEV2_CFG_TYPE_REQUEST    1\r
#define IKEV2_CFG_TYPE_REPLY      2\r
#define IKEV2_CFG_TYPE_SET        3\r
#define IKEV2_CFG_TYPE_ACK        4\r
\r
//\r
// Configuration Attributes\r
//\r
#pragma pack(1)\r
typedef struct {\r
  UINT16    AttritType;\r
  UINT16    ValueLength;\r
} IKEV2_CFG_ATTRIBUTES;\r
#pragma pack()\r
\r
//\r
// Configuration Attributes\r
//\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_ADDRESS      1\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBTMASK      2\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_DNS          3\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBNS         4\r
#define IKEV2_CFG_ATTR_INTERNA_ADDRESS_BXPIRY    5\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_DHCP         6\r
#define IKEV2_CFG_ATTR_APPLICATION_VERSION       7\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_ADDRESS      8\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_DNS          10\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_NBNS         11\r
#define IKEV2_CFG_ATTR_INTERNAL_IP6_DHCP         12\r
#define IKEV2_CFG_ATTR_INTERNAL_IP4_SUBNET       13\r
#define IKEV2_CFG_ATTR_SUPPORTED_ATTRIBUTES      14\r
#define IKEV2_CFG_ATTR_IP6_SUBNET                15\r
\r
#endif\r
\r
Commit	Line	Data
9166f840	1	/** @file\r
	2	The Definitions related to IKEv2 payload.\r
	3	\r
f75a7f56	4	Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
9166f840	5	\r
	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php.\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	#ifndef _IKE_V2_PAYLOAD_H_\r
	16	#define _IKE_V2_PAYLOAD_H_\r
	17	\r
	18	//\r
	19	// Payload Type for IKEv2\r
	20	//\r
	21	#define IKEV2_PAYLOAD_TYPE_NONE 0\r
	22	#define IKEV2_PAYLOAD_TYPE_SA 33\r
	23	#define IKEV2_PAYLOAD_TYPE_KE 34\r
	24	#define IKEV2_PAYLOAD_TYPE_ID_INIT 35\r
	25	#define IKEV2_PAYLOAD_TYPE_ID_RSP 36\r
	26	#define IKEV2_PAYLOAD_TYPE_CERT 37\r
	27	#define IKEV2_PAYLOAD_TYPE_CERTREQ 38\r
	28	#define IKEV2_PAYLOAD_TYPE_AUTH 39\r
	29	#define IKEV2_PAYLOAD_TYPE_NONCE 40\r
	30	#define IKEV2_PAYLOAD_TYPE_NOTIFY 41\r
	31	#define IKEV2_PAYLOAD_TYPE_DELETE 42\r
	32	#define IKEV2_PAYLOAD_TYPE_VENDOR 43\r
	33	#define IKEV2_PAYLOAD_TYPE_TS_INIT 44\r
	34	#define IKEV2_PAYLOAD_TYPE_TS_RSP 45\r
	35	#define IKEV2_PAYLOAD_TYPE_ENCRYPT 46\r
	36	#define IKEV2_PAYLOAD_TYPE_CP 47\r
	37	#define IKEV2_PAYLOAD_TYPE_EAP 48\r
	38	\r
	39	//\r
f75a7f56	40	// IKE header Flag (1 octet) for IKEv2, defined in RFC 4306 section 3.1\r
7822a1d9	41	//\r
f75a7f56	42	// I(nitiator) (bit 3 of Flags, 0x08) - This bit MUST be set in messages sent by the\r
7822a1d9 JW	43	// original initiator of the IKE_SA\r
7822a1d9 JW	44	//\r
f75a7f56	45	// R(esponse) (bit 5 of Flags, 0x20) - This bit indicates that this message is a response to\r
7822a1d9	46	// a message containing the same message ID.\r
9166f840	47	//\r
	48	#define IKE_HEADER_FLAGS_INIT 0x08\r
	49	#define IKE_HEADER_FLAGS_RESPOND 0x20\r
9166f840	50	\r
	51	//\r
	52	// IKE Header Exchange Type for IKEv2\r
	53	//\r
	54	#define IKEV2_EXCHANGE_TYPE_INIT 34\r
	55	#define IKEV2_EXCHANGE_TYPE_AUTH 35\r
	56	#define IKEV2_EXCHANGE_TYPE_CREATE_CHILD 36\r
	57	#define IKEV2_EXCHANGE_TYPE_INFO 37\r
	58	\r
	59	#pragma pack(1)\r
	60	typedef struct {\r
	61	UINT8 NextPayload;\r
	62	UINT8 Reserved;\r
	63	UINT16 PayloadLength;\r
	64	} IKEV2_COMMON_PAYLOAD_HEADER;\r
	65	#pragma pack()\r
	66	\r
	67	#pragma pack(1)\r
	68	typedef struct {\r
	69	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
f75a7f56	70	//\r
9166f840	71	// Proposals\r
	72	//\r
	73	} IKEV2_SA;\r
	74	#pragma pack()\r
	75	\r
	76	#pragma pack(1)\r
	77	typedef struct {\r
	78	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
	79	UINT8 ProposalIndex;\r
	80	UINT8 ProtocolId;\r
	81	UINT8 SpiSize;\r
	82	UINT8 NumTransforms;\r
	83	} IKEV2_PROPOSAL;\r
	84	#pragma pack()\r
	85	\r
	86	//\r
	87	// IKEv2 Transform Type Values presented within Transform Payload\r
	88	//\r
	89	#define IKEV2_TRANSFORM_TYPE_ENCR 1 // Encryption Algorithm\r
	90	#define IKEV2_TRANSFORM_TYPE_PRF 2 // Pseduo-Random Func\r
	91	#define IKEV2_TRANSFORM_TYPE_INTEG 3 // Integrity Algorithm\r
	92	#define IKEV2_TRANSFORM_TYPE_DH 4 // DH Group\r
	93	#define IKEV2_TRANSFORM_TYPE_ESN 5 // Extended Sequence Number\r
	94	\r
	95	//\r
	96	// IKEv2 Transform ID for Encrypt Algorithm (ENCR)\r
f75a7f56	97	//\r
9166f840	98	#define IKEV2_TRANSFORM_ID_ENCR_DES_IV64 1\r
	99	#define IKEV2_TRANSFORM_ID_ENCR_DES 2\r
	100	#define IKEV2_TRANSFORM_ID_ENCR_3DES 3\r
	101	#define IKEV2_TRANSFORM_ID_ENCR_RC5 4\r
	102	#define IKEV2_TRANSFORM_ID_ENCR_IDEA 5\r
	103	#define IKEV2_TRANSFORM_ID_ENCR_CAST 6\r
	104	#define IKEV2_TRANSFORM_ID_ENCR_BLOWFISH 7\r
	105	#define IKEV2_TRANSFORM_ID_ENCR_3IDEA 8\r
	106	#define IKEV2_TRANSFORM_ID_ENCR_DES_IV32 9\r
	107	#define IKEV2_TRANSFORM_ID_ENCR_NULL 11\r
	108	#define IKEV2_TRANSFORM_ID_ENCR_AES_CBC 12\r
	109	#define IKEV2_TRANSFORM_ID_ENCR_AES_CTR 13\r
	110	\r
	111	//\r
	112	// IKEv2 Transform ID for Pseudo-Random Function (PRF)\r
	113	//\r
	114	#define IKEV2_TRANSFORM_ID_PRF_HMAC_MD5 1\r
	115	#define IKEV2_TRANSFORM_ID_PRF_HMAC_SHA1 2\r
	116	#define IKEV2_TRANSFORM_ID_PRF_HMAC_TIGER 3\r
	117	#define IKEV2_TRANSFORM_ID_PRF_AES128_XCBC 4\r
	118	\r
	119	//\r
	120	// IKEv2 Transform ID for Integrity Algorithm (INTEG)\r
	121	//\r
	122	#define IKEV2_TRANSFORM_ID_AUTH_NONE 0\r
	123	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_MD5_96 1\r
	124	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_SHA1_96 2\r
	125	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_DES_MAC 3\r
	126	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_KPDK_MD5 4\r
	127	#define IKEV2_TRANSFORM_ID_AUTH_HMAC_AES_XCBC_96 5\r
	128	\r
	129	//\r
	130	// IKEv2 Transform ID for Diffie-Hellman Group (DH)\r
	131	//\r
	132	#define IKEV2_TRANSFORM_ID_DH_768MODP 1\r
	133	#define IKEV2_TRANSFORM_ID_DH_1024MODP 2\r
	134	#define IKEV2_TRANSFORM_ID_DH_2048MODP 14\r
	135	\r
	136	//\r
	137	// IKEv2 Attribute Type Values\r
	138	//\r
	139	#define IKEV2_ATTRIBUTE_TYPE_KEYLEN 14\r
	140	\r
	141	//\r
	142	// Transform Payload\r
	143	//\r
	144	#pragma pack(1)\r
	145	typedef struct {\r
	146	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
	147	UINT8 TransformType;\r
	148	UINT8 Reserved;\r
	149	UINT16 TransformId;\r
	150	//\r
	151	// SA Attributes\r
	152	//\r
	153	} IKEV2_TRANSFORM;\r
	154	#pragma pack()\r
	155	\r
	156	#pragma pack(1)\r
	157	typedef struct {\r
	158	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
	159	UINT16 DhGroup;\r
	160	UINT16 Reserved;\r
	161	//\r
162	// Remaining part contains the key exchanged\r
163	//\r
164	} IKEV2_KEY_EXCHANGE;\r
165	#pragma pack()\r
166	\r
167	//\r
168	// Identification Type Values presented within Ikev2 ID payload\r
169	//\r
170	#define IKEV2_ID_TYPE_IPV4_ADDR 1\r
171	#define IKEV2_ID_TYPE_FQDN 2\r
172	#define IKEV2_ID_TYPE_RFC822_ADDR 3\r
173	#define IKEV2_ID_TYPE_IPV6_ADDR 5\r
174	#define IKEV2_ID_TYPE_DER_ASN1_DN 9\r
175	#define IKEV2_ID_TYPE_DER_ASN1_GN 10\r
176	#define IKEV2_ID_TYPE_KEY_ID 11\r
177	\r
178	//\r
179	// Identification Payload\r
180	//\r
181	#pragma pack(1)\r
182	typedef struct {\r
183	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
184	UINT8 IdType;\r
185	UINT8 Reserver1;\r
186	UINT16 Reserver2;\r
187	//\r
188	// Identification Data\r
189	//\r
190	} IKEV2_ID;\r
191	#pragma pack()\r
192	\r
193	//\r
194	// Encoding Type presented in IKEV2 Cert Payload\r
195	//\r
196	#define IKEV2_CERT_ENCODEING_RESERVED 0\r
197	#define IKEV2_CERT_ENCODEING_X509_CERT_WRAP 1\r
198	#define IKEV2_CERT_ENCODEING_PGP_CERT 2\r
199	#define IKEV2_CERT_ENCODEING_DNS_SIGN_KEY 3\r
200	#define IKEV2_CERT_ENCODEING_X509_CERT_SIGN 4\r
201	#define IKEV2_CERT_ENCODEING_KERBEROS_TOKEN 6\r
202	#define IKEV2_CERT_ENCODEING_REVOCATION_LIST_CERT 7\r
203	#define IKEV2_CERT_ENCODEING_AUTH_REVOCATION_LIST 8\r
204	#define IKEV2_CERT_ENCODEING_SPKI_CERT 9\r
205	#define IKEV2_CERT_ENCODEING_X509_CERT_ATTRIBUTE 10\r
206	#define IKEV2_CERT_ENCODEING_RAW_RSA_KEY 11\r
207	#define IKEV2_CERT_ENCODEING_HASH_AND_URL_OF_X509_CERT 12\r
208	\r
209	//\r
210	// IKEV2 Certificate Payload\r
211	//\r
212	#pragma pack(1)\r
213	typedef struct {\r
214	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
215	UINT8 CertEncoding;\r
216	//\r
217	// Cert Data\r
218	//\r
219	} IKEV2_CERT;\r
220	#pragma pack()\r
221	\r
222	//\r
223	// IKEV2 Certificate Request Payload\r
224	//\r
225	#pragma pack(1)\r
226	typedef struct {\r
227	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
228	UINT8 CertEncoding;\r
229	//\r
230	// Cert Authority\r
231	//\r
232	} IKEV2_CERT_REQ;\r
233	#pragma pack()\r
234	\r
235	//\r
236	// Authentication Payload\r
237	//\r
238	#pragma pack(1)\r
239	typedef struct {\r
240	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
241	UINT8 AuthMethod;\r
242	UINT8 Reserved1;\r
243	UINT16 Reserved2;\r
244	//\r
245	// Auth Data\r
246	//\r
247	} IKEV2_AUTH;\r
248	#pragma pack()\r
249	\r
250	//\r
251	// Authmethod in Authentication Payload\r
252	//\r
253	#define IKEV2_AUTH_METHOD_RSA 1; // RSA Digital Signature\r
254	#define IKEV2_AUTH_METHOD_SKMI 2; // Shared Key Message Integrity\r
255	#define IKEV2_AUTH_METHOD_DSS 3; // DSS Digital Signature\r
256	\r
257	//\r
258	// IKEv2 Nonce Payload\r
259	//\r
260	#pragma pack(1)\r
261	typedef struct {\r
262	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
263	//\r
264	// Nonce Data\r
265	//\r
266	} IKEV2_NONCE;\r
267	#pragma pack()\r
268	\r
269	//\r
270	// Notification Payload\r
271	//\r
272	#pragma pack(1)\r
273	typedef struct {\r
274	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
275	UINT8 ProtocolId;\r
276	UINT8 SpiSize;\r
277	UINT16 MessageType;\r
278	//\r
279	// SPI and Notification Data\r
280	//\r
281	} IKEV2_NOTIFY;\r
282	#pragma pack()\r
283	\r
284	//\r
285	// Notify Message Types presented within IKEv2 Notify Payload\r
286	//\r
287	#define IKEV2_NOTIFICATION_UNSUPPORT_CRITICAL_PAYLOAD 1\r
288	#define IKEV2_NOTIFICATION_INVALID_IKE_SPI 4\r
289	#define IKEV2_NOTIFICATION_INVALID_MAJOR_VERSION 5\r
290	#define IKEV2_NOTIFICATION_INVALID_SYNTAX 7\r
291	#define IKEV2_NOTIFICATION_INVALID_MESSAGE_ID 9\r
292	#define IKEV2_NOTIFICATION_INVALID_SPI 11\r
293	#define IKEV2_NOTIFICATION_NO_PROPOSAL_CHOSEN 14\r
294	#define IKEV2_NOTIFICATION_INVALID_KEY_PAYLOAD 17\r
295	#define IKEV2_NOTIFICATION_AUTHENTICATION_FAILED 24\r
296	#define IKEV2_NOTIFICATION_SINGLE_PAIR_REQUIRED 34\r
297	#define IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS 35\r
298	#define IKEV2_NOTIFICATION_INTERNAL_ADDRESS_FAILURE 36\r
299	#define IKEV2_NOTIFICATION_FAILED_CP_REQUIRED 37\r
300	#define IKEV2_NOTIFICATION_TS_UNCCEPTABLE 38\r
301	#define IKEV2_NOTIFICATION_INVALID_SELECTORS 39\r
302	#define IKEV2_NOTIFICATION_COOKIE 16390\r
303	#define IKEV2_NOTIFICATION_USE_TRANSPORT_MODE 16391\r
304	#define IKEV2_NOTIFICATION_REKEY_SA 16393\r
305	\r
306	//\r
307	// IKEv2 Protocol ID\r
308	//\r
309	//\r
310	// IKEv2 Delete Payload\r
311	//\r
312	#pragma pack(1)\r
313	typedef struct {\r
314	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
315	UINT8 ProtocolId;\r
316	UINT8 SpiSize;\r
317	UINT16 NumSpis;\r
318	//\r
319	// SPIs\r
320	//\r
321	} IKEV2_DELETE;\r
322	#pragma pack()\r
323	\r
324	//\r
325	// Traffic Selector Payload\r
326	//\r
327	#pragma pack(1)\r
328	typedef struct {\r
329	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
330	UINT8 TSNumbers;\r
331	UINT8 Reserved1;\r
332	UINT16 Reserved2;\r
333	//\r
334	// Traffic Selector\r
335	//\r
336	} IKEV2_TS;\r
337	#pragma pack()\r
338	\r
339	//\r
340	// Traffic Selector\r
341	//\r
342	#pragma pack(1)\r
343	typedef struct {\r
344	UINT8 TSType;\r
345	UINT8 IpProtocolId;\r
346	UINT16 SelecorLen;\r
347	UINT16 StartPort;\r
348	UINT16 EndPort;\r
349	//\r
350	// Starting Address && Ending Address\r
351	//\r
352	} TRAFFIC_SELECTOR;\r
353	#pragma pack()\r
354	\r
355	//\r
356	// Ts Type in Traffic Selector\r
357	//\r
358	#define IKEV2_TS_TYPE_IPV4_ADDR_RANGE 7\r
359	#define IKEV2_TS_TYPS_IPV6_ADDR_RANGE 8\r
360	\r
361	//\r
362	// Vendor Payload\r
363	//\r
364	#pragma pack(1)\r
365	typedef struct {\r
366	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
367	//\r
368	// Vendor ID\r
369	//\r
370	} IKEV2_VENDOR;\r
371	#pragma pack()\r
372	\r
373	//\r
374	// Encrypted Payload\r
375	//\r
376	#pragma pack(1)\r
377	typedef struct {\r
378	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
379	//\r
380	// IV, Encrypted IKE Payloads, Padding, PAD length, Integrity CheckSum\r
381	//\r
382	} IKEV2_ENCRYPTED;\r
383	#pragma pack()\r
384	\r
385	#pragma pack(1)\r
386	typedef struct {\r
387	UINT8 PadLength;\r
388	} IKEV2_PAD_LEN;\r
389	#pragma pack()\r
390	\r
391	//\r
392	// Configuration Payload\r
393	//\r
394	#pragma pack(1)\r
395	typedef struct {\r
396	IKEV2_COMMON_PAYLOAD_HEADER Header;\r
397	UINT8 CfgType;\r
398	UINT8 Reserve1;\r
399	UINT16 Reserve2;\r
400	//\r
401	// Configuration Attributes\r
402	//\r
403	} IKEV2_CFG;\r
404	#pragma pack()\r
405	\r
406	//\r
407	// Configuration Payload CPG type\r
408	//\r
409	#define IKEV2_CFG_TYPE_REQUEST 1\r
410	#define IKEV2_CFG_TYPE_REPLY 2\r
411	#define IKEV2_CFG_TYPE_SET 3\r
412	#define IKEV2_CFG_TYPE_ACK 4\r
413	\r
414	//\r
415	// Configuration Attributes\r
416	//\r
417	#pragma pack(1)\r
418	typedef struct {\r
419	UINT16 AttritType;\r
420	UINT16 ValueLength;\r
421	} IKEV2_CFG_ATTRIBUTES;\r
422	#pragma pack()\r
423	\r
424	//\r
425	// Configuration Attributes\r
426	//\r
427	#define IKEV2_CFG_ATTR_INTERNAL_IP4_ADDRESS 1\r
428	#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBTMASK 2\r
429	#define IKEV2_CFG_ATTR_INTERNAL_IP4_DNS 3\r
430	#define IKEV2_CFG_ATTR_INTERNAL_IP4_NBNS 4\r
431	#define IKEV2_CFG_ATTR_INTERNA_ADDRESS_BXPIRY 5\r
432	#define IKEV2_CFG_ATTR_INTERNAL_IP4_DHCP 6\r
433	#define IKEV2_CFG_ATTR_APPLICATION_VERSION 7\r
434	#define IKEV2_CFG_ATTR_INTERNAL_IP6_ADDRESS 8\r
435	#define IKEV2_CFG_ATTR_INTERNAL_IP6_DNS 10\r
436	#define IKEV2_CFG_ATTR_INTERNAL_IP6_NBNS 11\r
437	#define IKEV2_CFG_ATTR_INTERNAL_IP6_DHCP 12\r
438	#define IKEV2_CFG_ATTR_INTERNAL_IP4_SUBNET 13\r
439	#define IKEV2_CFG_ATTR_SUPPORTED_ATTRIBUTES 14\r
440	#define IKEV2_CFG_ATTR_IP6_SUBNET 15\r
441	\r
442	#endif\r
443	\r