FD.io VPP  v20.01-48-g3e0dafb74
Vector Packet Processing
ipsec_types.api
Go to the documentation of this file.
1 /* Hey Emacs use -*- mode: C -*- */
2 /*
3  * Copyright (c) 2015-2016 Cisco and/or its affiliates.
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at:
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 option version = "3.0.0";
18 
19 import "vnet/ip/ip_types.api";
20 
21 /*
22  * @brief Support cryptographic algorithms
23  */
25 {
38 };
39 
40 /*
41  * @brief Supported Integrity Algorithms
42  */
44 {
46  /* RFC2403 */
48  /* RFC2404 */
50  /* draft-ietf-ipsec-ciph-sha-256-00 */
52  /* RFC4868 */
54  /* RFC4868 */
56  /* RFC4868 */
58 };
59 
61 {
63  /* Enable extended sequence numbers */
65  /* Enable Anti-replay */
67  /* IPsec tunnel mode if non-zero, else transport mode */
69  /* IPsec tunnel mode is IPv6 if non-zero,
70  * else IPv4 tunnel only valid if is_tunnel is non-zero */
72  /* enable UDP encapsulation for NAT traversal */
74 };
75 
77 {
80 };
81 
82 typedef key
83 {
84  /* the length of the key */
85  u8 length;
86  /* The data for the key */
87  u8 data[128];
88 };
89 
90 /** \brief IPsec: Security Association Database entry
91  @param client_index - opaque cookie to identify the sender
92  @param context - sender context, to match reply w/ request
93  @param is_add - add SAD entry if non-zero, else delete
94  @param sad_id - sad id
95  @param spi - security parameter index
96  @param protocol - 0 = AH, 1 = ESP
97  @param crypto_algorithm - a supported crypto algorithm
98  @param crypto_key - crypto keying material
99  @param integrity_algorithm - one of the supported algorithms
100  @param integrity_key - integrity keying material
101  @param tunnel_src_address - IPsec tunnel source address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
102  @param tunnel_dst_address - IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
103  @param tx_table_id - the FIB id used for encapsulated packets
104  @param salt - for use with counter mode ciphers
105  */
106 typedef ipsec_sad_entry
107 {
108  u32 sad_id;
109 
111 
112  vl_api_ipsec_proto_t protocol;
113 
114  vl_api_ipsec_crypto_alg_t crypto_algorithm;
115  vl_api_key_t crypto_key;
116 
117  vl_api_ipsec_integ_alg_t integrity_algorithm;
118  vl_api_key_t integrity_key;
119 
120  vl_api_ipsec_sad_flags_t flags;
121 
122  vl_api_address_t tunnel_src;
123  vl_api_address_t tunnel_dst;
126 };
127 
128 /*
129  * Local Variables:
130  * eval: (c-set-style "gnu")
131  * End:
132  */
u32 spi
option version
Definition: ipsec_types.api:17
vl_api_address_t tunnel_dst
ipsec_proto
Definition: ipsec_types.api:76
vl_api_ipsec_sad_flags_t flags
vl_api_ipsec_proto_t protocol
u32 tx_table_id
vl_api_ipsec_integ_alg_t integrity_algorithm
unsigned char u8
Definition: types.h:56
vl_api_ipsec_crypto_alg_t crypto_algorithm
u32 salt
unsigned int u32
Definition: types.h:88
vl_api_address_t tunnel_src
vl_api_key_t integrity_key
ipsec_sad_flags
Definition: ipsec_types.api:60
vl_api_key_t crypto_key
u8 data[128]
Definition: ipsec_types.api:87
ipsec_crypto_alg
Definition: ipsec_types.api:24
typedef key
Definition: ipsec_types.api:83
typedef ipsec_sad_entry
IPsec: Security Association Database entry.
ipsec_integ_alg
Definition: ipsec_types.api:43