Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn 0 → 100644 +22 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module specifies IKEv2 messages interchanges (= operations) * for an Ipv6 test component. * Functions do not set a test component verdict but instead * use the function return value instead to notify the function * caller about the success of the operation. * */ module LibIpv6_Rfc4306Ikev2_Functions { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; import from LibCommon_VerdictControl { type FncRetCode }; import from LibCommon_Time all; //LibIpv6 //AtsIpv6 } // end module LibIpv6_Rfc4306Ikev2_Functions ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn 0 → 100644 +16 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module specifies common template definitions * to specify IPv6 packets for IKEv2 * */ module LibIpv6_Rfc4306Ikev2_Templates { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; //LibIpv6 } // end module LibIpv6_Rfc4306Ikev2_Templates ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn 0 → 100644 +770 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module defines the structure for IKEv2 messages and using types from * the Common library. Also it provides some useful constant * definitions. * */ module LibIpv6_Rfc4306Ikev2_TypesAndValues { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; //LibIpv6 import from LibIpv6_Rfc2460Root_TypesAndValues all; import from LibIpv6_MultiRfcs_TypesAndValues all ; group IkeRfc4306CommonConstants { group IkeRfc4306ProtocolsIds { const UInt8 c_protocolIke := 1; const UInt8 c_protocolAh := 2; const UInt8 c_protocolEsp := 3; } // end group IkeRfc4306ProtocolsIds group IkeRfc4306EncrAlgorithms { const UInt8 c_encrAlgoDesIv64 := 1; const UInt8 c_encrAlgoDes := 2; const UInt8 c_encrAlgo3Des := 3; const UInt8 c_encrAlgoRc5 := 4; const UInt8 c_encrAlgoIdea := 5; const UInt8 c_encrAlgoCast := 6; const UInt8 c_encrAlgoBlowfish := 7; const UInt8 c_encrAlgo3Idea := 8; const UInt8 c_encrAlgoDesIv32 := 9; const UInt8 c_encrAlgoNull := 11; const UInt8 c_encrAlgoAesCbc := 12; const UInt8 c_encrAlgoAesCtr := 13; } // end group IkeRfc4306EncrAlgorithms group IkeRfc4306PseudoRandomFunctions { const UInt8 c_prfHmacMd5 := 1; const UInt8 c_prfHmacSha1 := 2; const UInt8 c_prfHmacTiger := 3; const UInt8 c_prfAes128Xcbc := 4; } // end group IkeRfc4306PseudoRandomFunctions group IkeRfc4306IntegAlgorithms { const UInt8 c_integAlgoHmacMd596 := 1; const UInt8 c_integAlgoHmacSha196 := 2; const UInt8 c_integAlgoDesMac := 3; const UInt8 c_integAlgoKpdkMd5 := 4; const UInt8 c_integAlgoAesXcbc96 := 5; } // end group IkeRfc4306IntegAlgorithms group IkeRfc4306CertEncodings { const UInt8 c_certEncodingPkcs7wrappedX509Certificate := 1; const UInt8 c_certEncodingPgpCertificate := 2; const UInt8 c_certEncodingDnsSignedKey := 3; const UInt8 c_certEncodingX509CertificateSignature := 4; const UInt8 c_certEncodingKerberosToken := 6; const UInt8 c_certEncodingCertificateRevocationList := 7; const UInt8 c_certEncodingAuthorityRevocationList := 8; const UInt8 c_certEncodingSpkiCertificate := 9; const UInt8 c_certEncodingX509CertificateAttribute := 10; const UInt8 c_certEncodingRawRsaKey := 11; const UInt8 c_certEncodingHashAndUrlOfX509Certificate := 12; const UInt8 c_certEncodingHashAndUrlOfX509Bundle := 13; } // end group IkeRfc4306CertEncodings } // end group IkeRfc4306CommonConstants group ikeRfc4306Packets { /* * @desc TODO */ type record IkePacket { Ipv6Header ipv6Hdr, ExtensionHeaderList extHdrList optional, Oct2 sourcePort, // TODO: UDP Header Oct2 destPort, UInt16 msgLength, Oct2 checksum, // IKEv2 Header Oct4 padding optional, Oct8 initiatorSpi, Oct8 responderSpi, UInt8 nextPayload, UInt4 majorVersion, UInt4 minorVersion, UInt8 exchangeType, UInt8 flags, Oct4 messageID, Oct4 messageLength, IkePayloadList payloadList } with { encode "TODO"; } group IkeRfc4306ExchangeTypes { const UInt8 c_ikeSaInit := 34; const UInt8 c_ikeAuth := 35; const UInt8 c_createChildSa := 36; const UInt8 c_informational := 37; } // end group IkeRfc4306ExchangeTypes } //end group ikePackets group ikeRfc4306Payloads { group IkeRfc4306PayloadIds { const UInt8 c_securityAssociation := 33; const UInt8 c_keyExchange := 34; const UInt8 c_idInitiator := 35; const UInt8 c_idResponder := 36; const UInt8 c_certificate := 37; const UInt8 c_certificateRequest := 38; const UInt8 c_authentication := 39; const UInt8 c_nonce := 40; const UInt8 c_notify := 41; const UInt8 c_delete := 42; const UInt8 c_vendorId := 43; const UInt8 c_tsInitiator := 44; const UInt8 c_tsResponder := 45; const UInt8 c_encrypted := 46; const UInt8 c_configuration := 47; const UInt8 c_extensibleAuth := 48; } // end group IkeRfc4306PayloadIDs /* * @desc TODO */ type union IkePayload { SecurityAssociationPayload securityAssociation, KeyExchangePayload keyExchange, IdentificationPayload idInitiator, IdentificationPayload idResponder, CertificatePayload certificate, CertificateRequestPayload certificateRequest, AuthenticationPayload authentication, NoncePayload nonce, NotifyPayload notify, DeletePayload delete, VendorIdPayload vendorId, TrafficSelectorPayload tsInitiator, TrafficSelectorPayload tsResponder, EncryptedPayload encrypted, ConfigurationPayload configuration, ExtensibleAuthPayload extensibleAuth } with { encode "TODO"; } const UInt8 c_maxIkePaylods := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkePaylods) of IkePayload IkePayloadList with { encode "TODO"; } group IkeRfc4306SecurityAssociationPayload { /* * @desc Derived from RFC 4306 Section 3.3 */ type record SecurityAssociationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, SaProposalList saProposalList } with { encode "TODO"; } group IkeRfc4306SaProposal { /* * @desc Derived from RFC 4306 Section 3.3.1 */ type record SaProposal { UInt8 lastProposal, UInt8 reserved, UInt16 proposalLength, UInt8 proposalNumber, UInt8 protocolId, UInt8 spiSize, UInt8 numberOfTransforms, octetstring spi, SaTransformList saTransformList } with { encode "TODO"; } const UInt8 c_maxIkeSaProposals := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaProposals) of SaProposal SaProposalList with { encode "TODO"; } group IkeRfc4306SaTransform { group IkeRfc4306SaTransformTypes { const UInt8 c_transformEncr := 1; const UInt8 c_transformPrf := 2; const UInt8 c_transformInteg := 3; const UInt8 c_transformDh := 4; const UInt8 c_transformEsn := 5; } // end group IkeRfc4306SaTransformTypes /* * @desc Derived from RFC 4306 Section 3.3.2 */ type record SaTransform { UInt8 lastTransform, UInt8 reserved1, UInt16 transformLength, UInt8 transformType, UInt8 reserved2, UInt8 transformId, SaTransformAttributeList saTransformAttributeList } with { encode "TODO"; } group IkeRfc4306ExtentedSequenceNumbers { const UInt8 c_extentedSequenceNumbersNo := 0; const UInt8 c_extentedSequenceNumbersYes := 1; } // end group IkeRfc4306ExtentedSequenceNumbers const UInt8 c_maxIkeSaTransforms := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaTransforms) of SaTransform SaTransformList with { encode "TODO"; } group IkeRfc4306SaTransformAttributes { group IkeRfc4306TransformAttributeTypes { const UInt8 c_saTransformAttributeKeyLength := 14; } // end group IkeRfc4306TransformAttributeTypes /* * @desc TODO */ type union SaTransformAttribute { SaTransformAttributeKeyLength keyLength } with { encode "TODO"; } const UInt8 c_maxIkeSaTransformAttributes := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaTransformAttributes) of SaTransformAttribute SaTransformAttributeList with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.3.5 */ type record SaTransformAttributeKeyLength { UInt1 attributeFormat(c_attributeFormatTv), UInt15 attributeType(c_saTransformAttributeKeyLength), UInt16 attributeValue } with { encode "TODO"; } group IkeRfc4306TransformAttributeFormats { const UInt1 c_attributeFormatTlv := 0; const UInt1 c_attributeFormatTv := 1; } // end group IkeRfc4306TransformAttributeFormats } //end group IkeRfc4306SaTransformAttributes } // end group IkeRfc4306SaTransform } // end group IkeRfc4306SaProposal } // end group IkeRfc4306SecurityAssociationPayload group IkeRfc4306KeyExchangePayload { /* * @desc Derived from RFC 4306 Section 3.4 */ type record KeyExchangePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt16 dhGroup, UInt16 reserved2, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306KeyExchangePayload group IkeRfc4306IdentificationPayload { /* * @desc Derived from RFC 4306 Section 3.5 */ type record IdentificationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 idType, UInt24 reserved2, octetstring data } with { encode "TODO"; } group IkeRfc4306IdentificationTypes { const UInt8 c_identificationIpv4Addr := 1; const UInt8 c_identificationFqdn := 2; const UInt8 c_identificationRfc822Addr := 3; const UInt8 c_identificationIpv6Addr := 5; const UInt8 c_identificationDerAsn1Dn := 9; const UInt8 c_identificationDerAsn1Gn := 10; const UInt8 c_identificationKeyId := 11; } // end group IkeRfc4306IdentificationTypes } // end group IkeRfc4306IdentificationPayload group IkeRfc4306CertificatePayload { /* * @desc Derived from RFC 4306 Section 3.6 */ type record CertificatePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 certEncoding, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306CertificatePayload group IkeRfc4306CertificateRequestPayload { /* * @desc Derived from RFC 4306 Section 3.7 */ type record CertificateRequestPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 certEncoding, octetstring certificationAuthority } with { encode "TODO"; } } // end group IkeRfc4306CertificateRequestPayload group IkeRfc4306AuthenticationPayload { /* * @desc Derived from RFC 4306 Section 3.8 */ type record AuthenticationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 authMethod, UInt24 reserved2, octetstring data } with { encode "TODO"; } group IkeRfc4306AuthenticationMethod { const UInt8 c_authenticationRsaDigitalSignature := 1; const UInt8 c_authenticationSharedKeyMsgIntegrityCode := 2; const UInt8 c_authenticationDssDigitalSignature := 3; } // end group IkeRfc4306AuthenticationMethod } // end group IkeRfc4306AuthenticationPayload group IkeRfc4306NoncePayload { /* * @desc Derived from RFC 4306 Section 3.9 */ type record NoncePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306NoncePayload group IkeRfc4306NotifyPayload { group IkeRfc4306NotifyTypes { const UInt16 c_notifyUnsupportedCriticalPayload := 1; const UInt16 c_notifyInvalidIkeSpi := 4; const UInt16 c_notifyInvalidMajorVersion := 5; const UInt16 c_notifyInvalidSyntax := 7; const UInt16 c_notifyInvalidMessageId := 9; const UInt16 c_notifyInvalidSpi := 11; const UInt16 c_notifyNoProposalChosen := 14; const UInt16 c_notifyInvalidKePayload := 17; const UInt16 c_notifyAuthenticationFailed := 24; const UInt16 c_notifySnglePairRequired := 34; const UInt16 c_notifyNoAdditionalSas := 35; const UInt16 c_notifyInternalAddressFailure := 36; const UInt16 c_notifyFailedCpRequired := 37; const UInt16 c_notifyTsUnacceptable := 38; const UInt16 c_notifyInvalidSelectors := 39; const UInt16 c_notifyInitialContact := 16384; const UInt16 c_notifySetWindowSize := 16385; const UInt16 c_notifyAdditionalTsPossible := 16386; const UInt16 c_notifyIpcompSupported := 16387; const UInt16 c_notifyNatDetectionSourceIp := 16388; const UInt16 c_notifyNatDetectionDestinationIp := 16389; const UInt16 c_notifyCookie := 16390; const UInt16 c_notifyUseTransportMode := 16391; const UInt16 c_notifyHttpCertLookupSupported := 16392; const UInt16 c_notifyRekeySa := 16393; const UInt16 c_notifyEspTfcPaddingNotSupported := 16394; const UInt16 c_notifyNonFirstFragmentsAlso := 16395; } // end group IkeRfc4306NotifyTypes /* * @desc Derived from RFC 4306 Section 3.10 */ type record NotifyPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 protocolId, UInt8 spiSize, UInt16 notifyMessageType, octetstring spi, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306NotifyPayload group IkeRfc4306DeletePayload { /* * @desc Derived from RFC 4306 Section 3.11 */ type record DeletePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt8 protocolId, UInt8 spiSize, UInt16 numberOfSpi, octetstring spis } with { encode "TODO"; } } // end group IkeRfc4306DeletePayload group IkeRfc4306VendorIdPayload { /* * @desc Derived from RFC 4306 Section 3.12 */ type record VendorIdPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring vendorId } with { encode "TODO"; } } // end group IkeRfc4306VendorIdPayload group IkeRfc4306TrafficSelectorPayload { /* * @desc Derived from RFC 4306 Section 3.13 */ type record TrafficSelectorPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 numberOfTs, UInt24 reserved2, TrafficSelectorList trafficSelectorList } with { encode "TODO"; } group IkeRfc4306TrafficSelector { group IkeRfc4306TrafficSelectorTypes { const UInt8 c_tsIpv4AddrRange := 7; const UInt8 c_tsIpv6AddrRange := 8; } // end group IkeRfc4306TrafficSelectorTypes /* * @desc TODO */ type union TsTrafficSelector { TsIpv4TrafficSelector tsIpv4TrafficSelector, TsIpv6TrafficSelector tsIpv6TrafficSelector } with { encode "TODO"; } const UInt8 c_maxTrafficSelectors := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxTrafficSelectors) of TsTrafficSelector TrafficSelectorList with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.13.1 */ type record TsIpv4TrafficSelector { UInt8 tsType(c_tsIpv4AddrRange), UInt8 IpProtocolId, UInt16 tsLength, UInt16 startPort, UInt16 endPort, Oct4 startAddress, Oct4 endAddress } with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.13.1 */ type record TsIpv6TrafficSelector { UInt8 tsType(c_tsIpv6AddrRange), UInt8 IpProtocolId, UInt16 tsLength, UInt16 startPort, UInt16 endPort, Ipv6Address startAddress, Ipv6Address endAddress } with { encode "TODO"; } } // end group IkeRfc4306TrafficSelector } // end group IkeRfc4306TrafficSelectorPayload group IkeRfc4306EncryptedPayload { /* * @desc Derived from RFC 4306 Section 3.14 */ type record EncryptedPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring iv optional, IkePayloadList payloadList, octetstring padding optional, UInt8 padLength, octetstring integrityChecksumData optional } with { encode "TODO"; } } // end group IkeRfc4306EncryptedPayload group IkeRfc4306ConfigurationPayload { group IkeRfc4306ConfigurationTypes { const UInt8 c_configRequest := 1; const UInt8 c_configReply := 2; const UInt8 c_configSet := 3; const UInt8 c_configAck := 4; } // end group IkeRfc4306ConfigurationTypes /* * @desc Derived from RFC 4306 Section 3.15 */ type record ConfigurationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 configType, UInt24 reserved2, ConfigAttributeList configAttributeList } with { encode "TODO"; } group IkeRfc4306ConfigAttribute { group IkeRfc4306AttributeTypes { const UInt15 c_configInternalIpv4Address := 1; const UInt15 c_configInternalIpv4Netmask := 2; const UInt15 c_configInternalIpv4Dns := 3; const UInt15 c_configInternalIpv4Nbns := 4; const UInt15 c_configInternalAddressExpiry := 5; const UInt15 c_configInternalIpv4Dhcp := 6; const UInt15 c_configApplicationVersion := 7; const UInt15 c_configInternalIpv6Address := 8; const UInt15 c_configInternalIpv6Dns := 10; const UInt15 c_configInternalIpv6Nbns := 11; const UInt15 c_configInternalIpv6Dhcp := 12; const UInt15 c_configInternalIpv4Subnet := 13; const UInt15 c_configSupportedAttributes := 14; const UInt15 c_configInternalIpv6Subnet := 15; } // end group IkeRfc4306AttributeTypes /* * @desc Derived from RFC 4306 Section 3.15.1 */ type record ConfigAttribute { UInt1 reserved, UInt15 attributeType, UInt16 attributeLength, octetstring attributeValue } with { encode "TODO"; } const UInt8 c_maxConfigAttributes := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxConfigAttributes) of ConfigAttribute ConfigAttributeList with { encode "TODO"; } } // end group IkeRfc4306ConfigAttribute } // end group IkeRfc4306ConfigurationPayload group IkeRfc4306ExtensibleAuthPayload { /* * @desc Derived from RFC 4306 Section 3.16 */ type record ExtensibleAuthPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, EapMessage eapMessage } with { encode "TODO"; } group IkeRfc4306EapMessage { /* * @desc Derived from RFC 4306 Section 3.16 */ type record EapMessage { UInt8 code, UInt8 identifier, UInt16 messageLength, UInt8 messageType optional, octetstring data optional } with { encode "TODO"; } group IkeRfc4306EapCode { const UInt8 c_eapRequest := 1; const UInt8 c_eapResponse := 2; const UInt8 c_eapSuccess := 3; const UInt8 c_eapFailure := 4; } // end group IkeRfc4306EapCode group IkeRfc4306EapType { const UInt8 c_eapIdentity := 1; const UInt8 c_eapNotification := 2; const UInt8 c_eapNak := 3; const UInt8 c_eapMd5Challenge := 4; const UInt8 c_eapOneTimePassword := 5; const UInt8 c_eapGenericTokencard := 6; } // end group IkeRfc4306EapType } // end group IkeRfc4306EapMessage } // end group IkeRfc4306ExtensibleAuthPayload } //end group ikeRfc4306Payloads } // end module LibIpv6_Rfc4306Ikev2_TypesAndValues Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn 0 → 100644 +22 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module specifies IKEv2 messages interchanges (= operations) * for an Ipv6 test component. * Functions do not set a test component verdict but instead * use the function return value instead to notify the function * caller about the success of the operation. * */ module LibIpv6_Rfc4306Ikev2_Functions { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; import from LibCommon_VerdictControl { type FncRetCode }; import from LibCommon_Time all; //LibIpv6 //AtsIpv6 } // end module LibIpv6_Rfc4306Ikev2_Functions
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn 0 → 100644 +16 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module specifies common template definitions * to specify IPv6 packets for IKEv2 * */ module LibIpv6_Rfc4306Ikev2_Templates { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; //LibIpv6 } // end module LibIpv6_Rfc4306Ikev2_Templates
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn 0 → 100644 +770 −0 Original line number Diff line number Diff line /* * @author STF 276 * @version $Id$ * @desc This module defines the structure for IKEv2 messages and using types from * the Common library. Also it provides some useful constant * definitions. * */ module LibIpv6_Rfc4306Ikev2_TypesAndValues { //LibCommon import from LibCommon_BasicTypesAndValues all; import from LibCommon_DataStrings all; //LibIpv6 import from LibIpv6_Rfc2460Root_TypesAndValues all; import from LibIpv6_MultiRfcs_TypesAndValues all ; group IkeRfc4306CommonConstants { group IkeRfc4306ProtocolsIds { const UInt8 c_protocolIke := 1; const UInt8 c_protocolAh := 2; const UInt8 c_protocolEsp := 3; } // end group IkeRfc4306ProtocolsIds group IkeRfc4306EncrAlgorithms { const UInt8 c_encrAlgoDesIv64 := 1; const UInt8 c_encrAlgoDes := 2; const UInt8 c_encrAlgo3Des := 3; const UInt8 c_encrAlgoRc5 := 4; const UInt8 c_encrAlgoIdea := 5; const UInt8 c_encrAlgoCast := 6; const UInt8 c_encrAlgoBlowfish := 7; const UInt8 c_encrAlgo3Idea := 8; const UInt8 c_encrAlgoDesIv32 := 9; const UInt8 c_encrAlgoNull := 11; const UInt8 c_encrAlgoAesCbc := 12; const UInt8 c_encrAlgoAesCtr := 13; } // end group IkeRfc4306EncrAlgorithms group IkeRfc4306PseudoRandomFunctions { const UInt8 c_prfHmacMd5 := 1; const UInt8 c_prfHmacSha1 := 2; const UInt8 c_prfHmacTiger := 3; const UInt8 c_prfAes128Xcbc := 4; } // end group IkeRfc4306PseudoRandomFunctions group IkeRfc4306IntegAlgorithms { const UInt8 c_integAlgoHmacMd596 := 1; const UInt8 c_integAlgoHmacSha196 := 2; const UInt8 c_integAlgoDesMac := 3; const UInt8 c_integAlgoKpdkMd5 := 4; const UInt8 c_integAlgoAesXcbc96 := 5; } // end group IkeRfc4306IntegAlgorithms group IkeRfc4306CertEncodings { const UInt8 c_certEncodingPkcs7wrappedX509Certificate := 1; const UInt8 c_certEncodingPgpCertificate := 2; const UInt8 c_certEncodingDnsSignedKey := 3; const UInt8 c_certEncodingX509CertificateSignature := 4; const UInt8 c_certEncodingKerberosToken := 6; const UInt8 c_certEncodingCertificateRevocationList := 7; const UInt8 c_certEncodingAuthorityRevocationList := 8; const UInt8 c_certEncodingSpkiCertificate := 9; const UInt8 c_certEncodingX509CertificateAttribute := 10; const UInt8 c_certEncodingRawRsaKey := 11; const UInt8 c_certEncodingHashAndUrlOfX509Certificate := 12; const UInt8 c_certEncodingHashAndUrlOfX509Bundle := 13; } // end group IkeRfc4306CertEncodings } // end group IkeRfc4306CommonConstants group ikeRfc4306Packets { /* * @desc TODO */ type record IkePacket { Ipv6Header ipv6Hdr, ExtensionHeaderList extHdrList optional, Oct2 sourcePort, // TODO: UDP Header Oct2 destPort, UInt16 msgLength, Oct2 checksum, // IKEv2 Header Oct4 padding optional, Oct8 initiatorSpi, Oct8 responderSpi, UInt8 nextPayload, UInt4 majorVersion, UInt4 minorVersion, UInt8 exchangeType, UInt8 flags, Oct4 messageID, Oct4 messageLength, IkePayloadList payloadList } with { encode "TODO"; } group IkeRfc4306ExchangeTypes { const UInt8 c_ikeSaInit := 34; const UInt8 c_ikeAuth := 35; const UInt8 c_createChildSa := 36; const UInt8 c_informational := 37; } // end group IkeRfc4306ExchangeTypes } //end group ikePackets group ikeRfc4306Payloads { group IkeRfc4306PayloadIds { const UInt8 c_securityAssociation := 33; const UInt8 c_keyExchange := 34; const UInt8 c_idInitiator := 35; const UInt8 c_idResponder := 36; const UInt8 c_certificate := 37; const UInt8 c_certificateRequest := 38; const UInt8 c_authentication := 39; const UInt8 c_nonce := 40; const UInt8 c_notify := 41; const UInt8 c_delete := 42; const UInt8 c_vendorId := 43; const UInt8 c_tsInitiator := 44; const UInt8 c_tsResponder := 45; const UInt8 c_encrypted := 46; const UInt8 c_configuration := 47; const UInt8 c_extensibleAuth := 48; } // end group IkeRfc4306PayloadIDs /* * @desc TODO */ type union IkePayload { SecurityAssociationPayload securityAssociation, KeyExchangePayload keyExchange, IdentificationPayload idInitiator, IdentificationPayload idResponder, CertificatePayload certificate, CertificateRequestPayload certificateRequest, AuthenticationPayload authentication, NoncePayload nonce, NotifyPayload notify, DeletePayload delete, VendorIdPayload vendorId, TrafficSelectorPayload tsInitiator, TrafficSelectorPayload tsResponder, EncryptedPayload encrypted, ConfigurationPayload configuration, ExtensibleAuthPayload extensibleAuth } with { encode "TODO"; } const UInt8 c_maxIkePaylods := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkePaylods) of IkePayload IkePayloadList with { encode "TODO"; } group IkeRfc4306SecurityAssociationPayload { /* * @desc Derived from RFC 4306 Section 3.3 */ type record SecurityAssociationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, SaProposalList saProposalList } with { encode "TODO"; } group IkeRfc4306SaProposal { /* * @desc Derived from RFC 4306 Section 3.3.1 */ type record SaProposal { UInt8 lastProposal, UInt8 reserved, UInt16 proposalLength, UInt8 proposalNumber, UInt8 protocolId, UInt8 spiSize, UInt8 numberOfTransforms, octetstring spi, SaTransformList saTransformList } with { encode "TODO"; } const UInt8 c_maxIkeSaProposals := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaProposals) of SaProposal SaProposalList with { encode "TODO"; } group IkeRfc4306SaTransform { group IkeRfc4306SaTransformTypes { const UInt8 c_transformEncr := 1; const UInt8 c_transformPrf := 2; const UInt8 c_transformInteg := 3; const UInt8 c_transformDh := 4; const UInt8 c_transformEsn := 5; } // end group IkeRfc4306SaTransformTypes /* * @desc Derived from RFC 4306 Section 3.3.2 */ type record SaTransform { UInt8 lastTransform, UInt8 reserved1, UInt16 transformLength, UInt8 transformType, UInt8 reserved2, UInt8 transformId, SaTransformAttributeList saTransformAttributeList } with { encode "TODO"; } group IkeRfc4306ExtentedSequenceNumbers { const UInt8 c_extentedSequenceNumbersNo := 0; const UInt8 c_extentedSequenceNumbersYes := 1; } // end group IkeRfc4306ExtentedSequenceNumbers const UInt8 c_maxIkeSaTransforms := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaTransforms) of SaTransform SaTransformList with { encode "TODO"; } group IkeRfc4306SaTransformAttributes { group IkeRfc4306TransformAttributeTypes { const UInt8 c_saTransformAttributeKeyLength := 14; } // end group IkeRfc4306TransformAttributeTypes /* * @desc TODO */ type union SaTransformAttribute { SaTransformAttributeKeyLength keyLength } with { encode "TODO"; } const UInt8 c_maxIkeSaTransformAttributes := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxIkeSaTransformAttributes) of SaTransformAttribute SaTransformAttributeList with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.3.5 */ type record SaTransformAttributeKeyLength { UInt1 attributeFormat(c_attributeFormatTv), UInt15 attributeType(c_saTransformAttributeKeyLength), UInt16 attributeValue } with { encode "TODO"; } group IkeRfc4306TransformAttributeFormats { const UInt1 c_attributeFormatTlv := 0; const UInt1 c_attributeFormatTv := 1; } // end group IkeRfc4306TransformAttributeFormats } //end group IkeRfc4306SaTransformAttributes } // end group IkeRfc4306SaTransform } // end group IkeRfc4306SaProposal } // end group IkeRfc4306SecurityAssociationPayload group IkeRfc4306KeyExchangePayload { /* * @desc Derived from RFC 4306 Section 3.4 */ type record KeyExchangePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt16 dhGroup, UInt16 reserved2, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306KeyExchangePayload group IkeRfc4306IdentificationPayload { /* * @desc Derived from RFC 4306 Section 3.5 */ type record IdentificationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 idType, UInt24 reserved2, octetstring data } with { encode "TODO"; } group IkeRfc4306IdentificationTypes { const UInt8 c_identificationIpv4Addr := 1; const UInt8 c_identificationFqdn := 2; const UInt8 c_identificationRfc822Addr := 3; const UInt8 c_identificationIpv6Addr := 5; const UInt8 c_identificationDerAsn1Dn := 9; const UInt8 c_identificationDerAsn1Gn := 10; const UInt8 c_identificationKeyId := 11; } // end group IkeRfc4306IdentificationTypes } // end group IkeRfc4306IdentificationPayload group IkeRfc4306CertificatePayload { /* * @desc Derived from RFC 4306 Section 3.6 */ type record CertificatePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 certEncoding, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306CertificatePayload group IkeRfc4306CertificateRequestPayload { /* * @desc Derived from RFC 4306 Section 3.7 */ type record CertificateRequestPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 certEncoding, octetstring certificationAuthority } with { encode "TODO"; } } // end group IkeRfc4306CertificateRequestPayload group IkeRfc4306AuthenticationPayload { /* * @desc Derived from RFC 4306 Section 3.8 */ type record AuthenticationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 authMethod, UInt24 reserved2, octetstring data } with { encode "TODO"; } group IkeRfc4306AuthenticationMethod { const UInt8 c_authenticationRsaDigitalSignature := 1; const UInt8 c_authenticationSharedKeyMsgIntegrityCode := 2; const UInt8 c_authenticationDssDigitalSignature := 3; } // end group IkeRfc4306AuthenticationMethod } // end group IkeRfc4306AuthenticationPayload group IkeRfc4306NoncePayload { /* * @desc Derived from RFC 4306 Section 3.9 */ type record NoncePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306NoncePayload group IkeRfc4306NotifyPayload { group IkeRfc4306NotifyTypes { const UInt16 c_notifyUnsupportedCriticalPayload := 1; const UInt16 c_notifyInvalidIkeSpi := 4; const UInt16 c_notifyInvalidMajorVersion := 5; const UInt16 c_notifyInvalidSyntax := 7; const UInt16 c_notifyInvalidMessageId := 9; const UInt16 c_notifyInvalidSpi := 11; const UInt16 c_notifyNoProposalChosen := 14; const UInt16 c_notifyInvalidKePayload := 17; const UInt16 c_notifyAuthenticationFailed := 24; const UInt16 c_notifySnglePairRequired := 34; const UInt16 c_notifyNoAdditionalSas := 35; const UInt16 c_notifyInternalAddressFailure := 36; const UInt16 c_notifyFailedCpRequired := 37; const UInt16 c_notifyTsUnacceptable := 38; const UInt16 c_notifyInvalidSelectors := 39; const UInt16 c_notifyInitialContact := 16384; const UInt16 c_notifySetWindowSize := 16385; const UInt16 c_notifyAdditionalTsPossible := 16386; const UInt16 c_notifyIpcompSupported := 16387; const UInt16 c_notifyNatDetectionSourceIp := 16388; const UInt16 c_notifyNatDetectionDestinationIp := 16389; const UInt16 c_notifyCookie := 16390; const UInt16 c_notifyUseTransportMode := 16391; const UInt16 c_notifyHttpCertLookupSupported := 16392; const UInt16 c_notifyRekeySa := 16393; const UInt16 c_notifyEspTfcPaddingNotSupported := 16394; const UInt16 c_notifyNonFirstFragmentsAlso := 16395; } // end group IkeRfc4306NotifyTypes /* * @desc Derived from RFC 4306 Section 3.10 */ type record NotifyPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, UInt8 protocolId, UInt8 spiSize, UInt16 notifyMessageType, octetstring spi, octetstring data } with { encode "TODO"; } } // end group IkeRfc4306NotifyPayload group IkeRfc4306DeletePayload { /* * @desc Derived from RFC 4306 Section 3.11 */ type record DeletePayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt8 protocolId, UInt8 spiSize, UInt16 numberOfSpi, octetstring spis } with { encode "TODO"; } } // end group IkeRfc4306DeletePayload group IkeRfc4306VendorIdPayload { /* * @desc Derived from RFC 4306 Section 3.12 */ type record VendorIdPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring vendorId } with { encode "TODO"; } } // end group IkeRfc4306VendorIdPayload group IkeRfc4306TrafficSelectorPayload { /* * @desc Derived from RFC 4306 Section 3.13 */ type record TrafficSelectorPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 numberOfTs, UInt24 reserved2, TrafficSelectorList trafficSelectorList } with { encode "TODO"; } group IkeRfc4306TrafficSelector { group IkeRfc4306TrafficSelectorTypes { const UInt8 c_tsIpv4AddrRange := 7; const UInt8 c_tsIpv6AddrRange := 8; } // end group IkeRfc4306TrafficSelectorTypes /* * @desc TODO */ type union TsTrafficSelector { TsIpv4TrafficSelector tsIpv4TrafficSelector, TsIpv6TrafficSelector tsIpv6TrafficSelector } with { encode "TODO"; } const UInt8 c_maxTrafficSelectors := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxTrafficSelectors) of TsTrafficSelector TrafficSelectorList with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.13.1 */ type record TsIpv4TrafficSelector { UInt8 tsType(c_tsIpv4AddrRange), UInt8 IpProtocolId, UInt16 tsLength, UInt16 startPort, UInt16 endPort, Oct4 startAddress, Oct4 endAddress } with { encode "TODO"; } /* * @desc Derived from RFC 4306 Section 3.13.1 */ type record TsIpv6TrafficSelector { UInt8 tsType(c_tsIpv6AddrRange), UInt8 IpProtocolId, UInt16 tsLength, UInt16 startPort, UInt16 endPort, Ipv6Address startAddress, Ipv6Address endAddress } with { encode "TODO"; } } // end group IkeRfc4306TrafficSelector } // end group IkeRfc4306TrafficSelectorPayload group IkeRfc4306EncryptedPayload { /* * @desc Derived from RFC 4306 Section 3.14 */ type record EncryptedPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, octetstring iv optional, IkePayloadList payloadList, octetstring padding optional, UInt8 padLength, octetstring integrityChecksumData optional } with { encode "TODO"; } } // end group IkeRfc4306EncryptedPayload group IkeRfc4306ConfigurationPayload { group IkeRfc4306ConfigurationTypes { const UInt8 c_configRequest := 1; const UInt8 c_configReply := 2; const UInt8 c_configSet := 3; const UInt8 c_configAck := 4; } // end group IkeRfc4306ConfigurationTypes /* * @desc Derived from RFC 4306 Section 3.15 */ type record ConfigurationPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved1, UInt16 payloadLength, UInt8 configType, UInt24 reserved2, ConfigAttributeList configAttributeList } with { encode "TODO"; } group IkeRfc4306ConfigAttribute { group IkeRfc4306AttributeTypes { const UInt15 c_configInternalIpv4Address := 1; const UInt15 c_configInternalIpv4Netmask := 2; const UInt15 c_configInternalIpv4Dns := 3; const UInt15 c_configInternalIpv4Nbns := 4; const UInt15 c_configInternalAddressExpiry := 5; const UInt15 c_configInternalIpv4Dhcp := 6; const UInt15 c_configApplicationVersion := 7; const UInt15 c_configInternalIpv6Address := 8; const UInt15 c_configInternalIpv6Dns := 10; const UInt15 c_configInternalIpv6Nbns := 11; const UInt15 c_configInternalIpv6Dhcp := 12; const UInt15 c_configInternalIpv4Subnet := 13; const UInt15 c_configSupportedAttributes := 14; const UInt15 c_configInternalIpv6Subnet := 15; } // end group IkeRfc4306AttributeTypes /* * @desc Derived from RFC 4306 Section 3.15.1 */ type record ConfigAttribute { UInt1 reserved, UInt15 attributeType, UInt16 attributeLength, octetstring attributeValue } with { encode "TODO"; } const UInt8 c_maxConfigAttributes := 10; //FIXME /* * @desc TODO */ type set length(1 .. c_maxConfigAttributes) of ConfigAttribute ConfigAttributeList with { encode "TODO"; } } // end group IkeRfc4306ConfigAttribute } // end group IkeRfc4306ConfigurationPayload group IkeRfc4306ExtensibleAuthPayload { /* * @desc Derived from RFC 4306 Section 3.16 */ type record ExtensibleAuthPayload { UInt8 nextPayload, UInt1 criticalFlag, UInt7 reserved, UInt16 payloadLength, EapMessage eapMessage } with { encode "TODO"; } group IkeRfc4306EapMessage { /* * @desc Derived from RFC 4306 Section 3.16 */ type record EapMessage { UInt8 code, UInt8 identifier, UInt16 messageLength, UInt8 messageType optional, octetstring data optional } with { encode "TODO"; } group IkeRfc4306EapCode { const UInt8 c_eapRequest := 1; const UInt8 c_eapResponse := 2; const UInt8 c_eapSuccess := 3; const UInt8 c_eapFailure := 4; } // end group IkeRfc4306EapCode group IkeRfc4306EapType { const UInt8 c_eapIdentity := 1; const UInt8 c_eapNotification := 2; const UInt8 c_eapNak := 3; const UInt8 c_eapMd5Challenge := 4; const UInt8 c_eapOneTimePassword := 5; const UInt8 c_eapGenericTokencard := 6; } // end group IkeRfc4306EapType } // end group IkeRfc4306EapMessage } // end group IkeRfc4306ExtensibleAuthPayload } //end group ikeRfc4306Payloads } // end module LibIpv6_Rfc4306Ikev2_TypesAndValues
