FD.io VPP  v18.01.2-1-g9b554f3
Vector Packet Processing
ikev2.h File Reference
+ Include dependency graph for ikev2.h:
+ This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define IKEV2_NONCE_SIZE   32
 
#define IKEV2_KEY_PAD   "Key Pad for IKEv2"
 
#define IKE_VERSION_2   0x20
 
#define IKEV2_EXCHANGE_SA_INIT   34
 
#define IKEV2_EXCHANGE_IKE_AUTH   35
 
#define IKEV2_EXCHANGE_CREATE_CHILD_SA   36
 
#define IKEV2_EXCHANGE_INFORMATIONAL   37
 
#define IKEV2_HDR_FLAG_INITIATOR   (1<<3)
 
#define IKEV2_HDR_FLAG_VERSION   (1<<4)
 
#define IKEV2_HDR_FLAG_RESPONSE   (1<<5)
 
#define IKEV2_PAYLOAD_FLAG_CRITICAL   (1<<7)
 
#define IKEV2_PAYLOAD_NONE   0
 
#define IKEV2_PAYLOAD_SA   33
 
#define IKEV2_PAYLOAD_KE   34
 
#define IKEV2_PAYLOAD_IDI   35
 
#define IKEV2_PAYLOAD_IDR   36
 
#define IKEV2_PAYLOAD_AUTH   39
 
#define IKEV2_PAYLOAD_NONCE   40
 
#define IKEV2_PAYLOAD_NOTIFY   41
 
#define IKEV2_PAYLOAD_DELETE   42
 
#define IKEV2_PAYLOAD_VENDOR   43
 
#define IKEV2_PAYLOAD_TSI   44
 
#define IKEV2_PAYLOAD_TSR   45
 
#define IKEV2_PAYLOAD_SK   46
 
#define foreach_ikev2_notify_msg_type
 
#define foreach_ikev2_transform_type
 
#define foreach_ikev2_transform_encr_type
 
#define foreach_ikev2_transform_prf_type
 
#define foreach_ikev2_transform_integ_type
 
#define foreach_ikev2_transform_dh_type
 
#define foreach_ikev2_transform_esn_type
 
#define foreach_ikev2_auth_method
 
#define foreach_ikev2_id_type
 

Typedefs

typedef u8 v8
 

Enumerations

enum  ikev2_protocol_id_t { IKEV2_PROTOCOL_IKE = 1, IKEV2_PROTOCOL_AH = 2, IKEV2_PROTOCOL_ESP = 3 }
 
enum  ikev2_notify_msg_type_t { foreach_ikev2_notify_msg_type }
 
enum  ikev2_transform_type_t { IKEV2_TRANSFORM_NUM_TYPES }
 
enum  ikev2_transform_encr_type_t { foreach_ikev2_transform_encr_type }
 
enum  ikev2_transform_prf_type_t { foreach_ikev2_transform_prf_type }
 
enum  ikev2_transform_integ_type_t { foreach_ikev2_transform_integ_type }
 
enum  ikev2_transform_dh_type_t { foreach_ikev2_transform_dh_type }
 
enum  ikev2_transform_esn_type_t { foreach_ikev2_transform_esn_type }
 
enum  ikev2_auth_method_t { foreach_ikev2_auth_method }
 
enum  ikev2_id_type_t { foreach_ikev2_id_type }
 

Functions

typedef CLIB_PACKED (struct{u64 ispi;u64 rspi;u8 nextpayload;u8 version;u8 exchange;u8 flags;u32 msgid;u32 length;u8 payload[0];}) ike_header_t
 
typedef CLIB_PACKED (struct{u8 nextpayload;u8 flags;u16 length;u16 dh_group;u8 reserved[2];u8 payload[0];}) ike_ke_payload_header_t
 
typedef CLIB_PACKED (struct{u8 nextpayload;u8 flags;u16 length;u8 payload[0];}) ike_payload_header_t
 
typedef CLIB_PACKED (struct{u8 nextpayload;u8 flags;u16 length;u8 auth_method;u8 reserved[3];u8 payload[0];}) ike_auth_payload_header_t
 
typedef CLIB_PACKED (struct{u8 nextpayload;u8 flags;u16 length;u8 id_type;u8 reserved[3];u8 payload[0];}) ike_id_payload_header_t
 
clib_error_tikev2_init (vlib_main_t *vm)
 
clib_error_tikev2_set_local_key (vlib_main_t *vm, u8 *file)
 
clib_error_tikev2_add_del_profile (vlib_main_t *vm, u8 *name, int is_add)
 
clib_error_tikev2_set_profile_auth (vlib_main_t *vm, u8 *name, u8 auth_method, u8 *data, u8 data_hex_format)
 
clib_error_tikev2_set_profile_id (vlib_main_t *vm, u8 *name, u8 id_type, u8 *data, int is_local)
 
clib_error_tikev2_set_profile_ts (vlib_main_t *vm, u8 *name, u8 protocol_id, u16 start_port, u16 end_port, ip4_address_t start_addr, ip4_address_t end_addr, int is_local)
 
clib_error_tikev2_set_profile_responder (vlib_main_t *vm, u8 *name, u32 sw_if_index, ip4_address_t ip4)
 
clib_error_tikev2_set_profile_ike_transforms (vlib_main_t *vm, u8 *name, ikev2_transform_encr_type_t crypto_alg, ikev2_transform_integ_type_t integ_alg, ikev2_transform_dh_type_t dh_type, u32 crypto_key_size)
 
clib_error_tikev2_set_profile_esp_transforms (vlib_main_t *vm, u8 *name, ikev2_transform_encr_type_t crypto_alg, ikev2_transform_integ_type_t integ_alg, ikev2_transform_dh_type_t dh_type, u32 crypto_key_size)
 
clib_error_tikev2_set_profile_sa_lifetime (vlib_main_t *vm, u8 *name, u64 lifetime, u32 jitter, u32 handover, u64 maxdata)
 
clib_error_tikev2_initiate_sa_init (vlib_main_t *vm, u8 *name)
 
clib_error_tikev2_initiate_delete_child_sa (vlib_main_t *vm, u32 ispi)
 
clib_error_tikev2_initiate_delete_ike_sa (vlib_main_t *vm, u64 ispi)
 
clib_error_tikev2_initiate_rekey_child_sa (vlib_main_t *vm, u32 ispi)
 
u8format_ikev2_auth_method (u8 *s, va_list *args)
 
u8format_ikev2_id_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_type (u8 *s, va_list *args)
 
u8format_ikev2_notify_msg_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_encr_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_prf_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_integ_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_dh_type (u8 *s, va_list *args)
 
u8format_ikev2_transform_esn_type (u8 *s, va_list *args)
 
u8format_ikev2_sa_transform (u8 *s, va_list *args)
 
uword unformat_ikev2_auth_method (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_id_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_encr_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_prf_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_integ_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_dh_type (unformat_input_t *input, va_list *args)
 
uword unformat_ikev2_transform_esn_type (unformat_input_t *input, va_list *args)
 

Macro Definition Documentation

#define foreach_ikev2_auth_method
Value:
_( 1, RSA_SIG, "rsa-sig") \
_( 2, SHARED_KEY_MIC, "shared-key-mic")

Definition at line 335 of file ikev2.h.

#define foreach_ikev2_id_type
Value:
_( 1, ID_IPV4_ADDR, "ip4-addr") \
_( 2, ID_FQDN, "fqdn") \
_( 3, ID_RFC822_ADDR, "rfc822") \
_( 5, ID_IPV6_ADDR, "ip6-addr") \
_( 9, ID_DER_ASN1_DN, "der-asn1-dn") \
_(10, ID_DER_ASN1_GN, "der-asn1-gn") \
_(11, ID_KEY_ID, "key-id")

Definition at line 346 of file ikev2.h.

#define foreach_ikev2_notify_msg_type

Definition at line 114 of file ikev2.h.

#define foreach_ikev2_transform_dh_type
Value:
_(0, NONE, "none") \
_(1, MODP_768, "modp-768") \
_(2, MODP_1024, "modp-1024") \
_(5, MODP_1536, "modp-1536") \
_(14, MODP_2048, "modp-2048") \
_(15, MODP_3072, "modp-3072") \
_(16, MODP_4096, "modp-4096") \
_(17, MODP_6144, "modp-6144") \
_(18, MODP_8192, "modp-8192") \
_(19, ECP_256, "ecp-256") \
_(20, ECP_384, "ecp-384") \
_(21, ECP_521, "ecp-521") \
_(22, MODP_1024_160, "modp-1024-160") \
_(23, MODP_2048_224, "modp-2048-224") \
_(24, MODP_2048_256, "modp-2048-256") \
_(25, ECP_192, "ecp-192")

Definition at line 298 of file ikev2.h.

#define foreach_ikev2_transform_encr_type
Value:
_(1 , DES_IV64, "des-iv64") \
_(2 , DES, "des") \
_(3 , 3DES, "3des") \
_(4 , RC5, "rc5") \
_(5 , IDEA, "idea") \
_(6 , CAST, "cast") \
_(7 , BLOWFISH, "blowfish") \
_(8 , 3IDEA, "3idea") \
_(9 , DES_IV32, "des-iv32") \
_(11, NULL, "null") \
_(12, AES_CBC, "aes-cbc") \
_(13, AES_CTR, "aes-ctr")
#define NULL
Definition: clib.h:55

Definition at line 212 of file ikev2.h.

#define foreach_ikev2_transform_esn_type
Value:
_(0, NO_ESN, "no") \
_(1, ESN, "yes")

Definition at line 324 of file ikev2.h.

#define foreach_ikev2_transform_integ_type
Value:
_(0, NONE, "none") \
_(1, AUTH_HMAC_MD5_96, "md5-96") \
_(2, AUTH_HMAC_SHA1_96, "sha1-96") \
_(3, AUTH_DES_MAC, "des-mac") \
_(4, AUTH_KPDK_MD5, "kpdk-md5") \
_(5, AUTH_AES_XCBC_96, "aes-xcbc-96") \
_(6, AUTH_HMAC_MD5_128, "md5-128") \
_(7, AUTH_HMAC_SHA1_160, "sha1-160") \
_(8, AUTH_AES_CMAC_96, "cmac-96") \
_(9, AUTH_AES_128_GMAC, "aes-128-gmac") \
_(10, AUTH_AES_192_GMAC, "aes-192-gmac") \
_(11, AUTH_AES_256_GMAC, "aes-256-gmac") \
_(12, AUTH_HMAC_SHA2_256_128, "hmac-sha2-256-128") \
_(13, AUTH_HMAC_SHA2_384_192, "hmac-sha2-384-192") \
_(14, AUTH_HMAC_SHA2_512_256, "hmac-sha2-512-256")

Definition at line 250 of file ikev2.h.

#define foreach_ikev2_transform_prf_type
Value:
_(1, PRF_HMAC_MD5, "hmac-md5") \
_(2, PRF_HMAC_SHA1, "hmac-sha1") \
_(3, PRF_MAC_TIGER, "mac-tiger") \
_(4, PRF_AES128_XCBC, "aes128-xcbc") \
_(5, PRF_HMAC_SHA2_256, "hmac-sha2-256") \
_(6, PRF_HMAC_SHA2_384, "hmac-sha2-384") \
_(7, PRF_HMAC_SHA2_512, "hmac-sha2-512") \
_(8, PRF_AES128_CMAC, "aes128-cmac")

Definition at line 233 of file ikev2.h.

#define foreach_ikev2_transform_type
Value:
_(0, UNDEFINED, "undefinded") \
_(1, ENCR, "encr") \
_(2, PRF, "prf") \
_(3, INTEG, "integ") \
_(4, DH, "dh-group") \
_(5, ESN, "esn")

Definition at line 195 of file ikev2.h.

#define IKE_VERSION_2   0x20

Definition at line 80 of file ikev2.h.

#define IKEV2_EXCHANGE_CREATE_CHILD_SA   36

Definition at line 84 of file ikev2.h.

#define IKEV2_EXCHANGE_IKE_AUTH   35

Definition at line 83 of file ikev2.h.

#define IKEV2_EXCHANGE_INFORMATIONAL   37

Definition at line 85 of file ikev2.h.

#define IKEV2_EXCHANGE_SA_INIT   34

Definition at line 82 of file ikev2.h.

#define IKEV2_HDR_FLAG_INITIATOR   (1<<3)

Definition at line 87 of file ikev2.h.

#define IKEV2_HDR_FLAG_RESPONSE   (1<<5)

Definition at line 89 of file ikev2.h.

#define IKEV2_HDR_FLAG_VERSION   (1<<4)

Definition at line 88 of file ikev2.h.

#define IKEV2_KEY_PAD   "Key Pad for IKEv2"

Definition at line 25 of file ikev2.h.

#define IKEV2_NONCE_SIZE   32

Definition at line 23 of file ikev2.h.

#define IKEV2_PAYLOAD_AUTH   39

Definition at line 98 of file ikev2.h.

#define IKEV2_PAYLOAD_DELETE   42

Definition at line 101 of file ikev2.h.

#define IKEV2_PAYLOAD_FLAG_CRITICAL   (1<<7)

Definition at line 91 of file ikev2.h.

#define IKEV2_PAYLOAD_IDI   35

Definition at line 96 of file ikev2.h.

#define IKEV2_PAYLOAD_IDR   36

Definition at line 97 of file ikev2.h.

#define IKEV2_PAYLOAD_KE   34

Definition at line 95 of file ikev2.h.

#define IKEV2_PAYLOAD_NONCE   40

Definition at line 99 of file ikev2.h.

#define IKEV2_PAYLOAD_NONE   0

Definition at line 93 of file ikev2.h.

#define IKEV2_PAYLOAD_NOTIFY   41

Definition at line 100 of file ikev2.h.

#define IKEV2_PAYLOAD_SA   33

Definition at line 94 of file ikev2.h.

#define IKEV2_PAYLOAD_SK   46

Definition at line 105 of file ikev2.h.

#define IKEV2_PAYLOAD_TSI   44

Definition at line 103 of file ikev2.h.

#define IKEV2_PAYLOAD_TSR   45

Definition at line 104 of file ikev2.h.

#define IKEV2_PAYLOAD_VENDOR   43

Definition at line 102 of file ikev2.h.

Typedef Documentation

typedef u8 v8

Definition at line 27 of file ikev2.h.

Enumeration Type Documentation

Enumerator
foreach_ikev2_auth_method 

Definition at line 339 of file ikev2.h.

Enumerator
foreach_ikev2_id_type 

Definition at line 355 of file ikev2.h.

Enumerator
foreach_ikev2_notify_msg_type 

Definition at line 188 of file ikev2.h.

Enumerator
IKEV2_PROTOCOL_IKE 
IKEV2_PROTOCOL_AH 
IKEV2_PROTOCOL_ESP 

Definition at line 107 of file ikev2.h.

Enumerator
foreach_ikev2_transform_dh_type 

Definition at line 317 of file ikev2.h.

Enumerator
foreach_ikev2_transform_encr_type 

Definition at line 226 of file ikev2.h.

Enumerator
foreach_ikev2_transform_esn_type 

Definition at line 328 of file ikev2.h.

Enumerator
foreach_ikev2_transform_integ_type 

Definition at line 267 of file ikev2.h.

Enumerator
foreach_ikev2_transform_prf_type 

Definition at line 243 of file ikev2.h.

Enumerator
IKEV2_TRANSFORM_NUM_TYPES 

Definition at line 203 of file ikev2.h.

Function Documentation

typedef CLIB_PACKED ( struct{u64 ispi;u64 rspi;u8 nextpayload;u8 version;u8 exchange;u8 flags;u32 msgid;u32 length;u8 payload[0];}  )
typedef CLIB_PACKED ( struct{u8 nextpayload;u8 flags;u16 length;u16 dh_group;u8 reserved[2];u8 payload[0];}  )
typedef CLIB_PACKED ( struct{u8 nextpayload;u8 flags;u16 length;u8 payload[0];}  )
typedef CLIB_PACKED ( struct{u8 nextpayload;u8 flags;u16 length;u8 auth_method;u8 reserved[3];u8 payload[0];}  )
typedef CLIB_PACKED ( struct{u8 nextpayload;u8 flags;u16 length;u8 id_type;u8 reserved[3];u8 payload[0];}  )
u8* format_ikev2_auth_method ( u8 s,
va_list *  args 
)
u8* format_ikev2_id_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_notify_msg_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_sa_transform ( u8 s,
va_list *  args 
)

Definition at line 25 of file ikev2_format.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

u8* format_ikev2_transform_dh_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_transform_encr_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_transform_esn_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_transform_integ_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_transform_prf_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

u8* format_ikev2_transform_type ( u8 s,
va_list *  args 
)

+ Here is the caller graph for this function:

clib_error_t* ikev2_add_del_profile ( vlib_main_t vm,
u8 name,
int  is_add 
)

Definition at line 2666 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_init ( vlib_main_t vm)

Definition at line 3275 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_initiate_delete_child_sa ( vlib_main_t vm,
u32  ispi 
)

Definition at line 3085 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_initiate_delete_ike_sa ( vlib_main_t vm,
u64  ispi 
)

Definition at line 3125 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_initiate_rekey_child_sa ( vlib_main_t vm,
u32  ispi 
)

Definition at line 3235 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_initiate_sa_init ( vlib_main_t vm,
u8 name 
)

Definition at line 2901 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_local_key ( vlib_main_t vm,
u8 file 
)

Definition at line 2654 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_auth ( vlib_main_t vm,
u8 name,
u8  auth_method,
u8 data,
u8  data_hex_format 
)

Definition at line 2697 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_esp_transforms ( vlib_main_t vm,
u8 name,
ikev2_transform_encr_type_t  crypto_alg,
ikev2_transform_integ_type_t  integ_alg,
ikev2_transform_dh_type_t  dh_type,
u32  crypto_key_size 
)

Definition at line 2853 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_id ( vlib_main_t vm,
u8 name,
u8  id_type,
u8 data,
int  is_local 
)

Definition at line 2729 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_ike_transforms ( vlib_main_t vm,
u8 name,
ikev2_transform_encr_type_t  crypto_alg,
ikev2_transform_integ_type_t  integ_alg,
ikev2_transform_dh_type_t  dh_type,
u32  crypto_key_size 
)

Definition at line 2828 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_responder ( vlib_main_t vm,
u8 name,
u32  sw_if_index,
ip4_address_t  ip4 
)

Definition at line 2807 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_sa_lifetime ( vlib_main_t vm,
u8 name,
u64  lifetime,
u32  jitter,
u32  handover,
u64  maxdata 
)

Definition at line 2878 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

clib_error_t* ikev2_set_profile_ts ( vlib_main_t vm,
u8 name,
u8  protocol_id,
u16  start_port,
u16  end_port,
ip4_address_t  start_addr,
ip4_address_t  end_addr,
int  is_local 
)

Definition at line 2768 of file ikev2.c.

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

uword unformat_ikev2_auth_method ( unformat_input_t input,
va_list *  args 
)
uword unformat_ikev2_id_type ( unformat_input_t input,
va_list *  args 
)

+ Here is the caller graph for this function:

uword unformat_ikev2_transform_dh_type ( unformat_input_t input,
va_list *  args 
)

+ Here is the caller graph for this function:

uword unformat_ikev2_transform_encr_type ( unformat_input_t input,
va_list *  args 
)

+ Here is the caller graph for this function:

uword unformat_ikev2_transform_esn_type ( unformat_input_t input,
va_list *  args 
)
uword unformat_ikev2_transform_integ_type ( unformat_input_t input,
va_list *  args 
)

+ Here is the caller graph for this function:

uword unformat_ikev2_transform_prf_type ( unformat_input_t input,
va_list *  args 
)
uword unformat_ikev2_transform_type ( unformat_input_t input,
va_list *  args 
)