263 lines
6.3 KiB
Plaintext
263 lines
6.3 KiB
Plaintext
# $OpenBSD: isakmp_num.cst,v 1.13 2005/06/25 23:03:38 hshoexer Exp $
|
|
# $EOM: isakmp_num.cst,v 1.3 2000/05/17 03:09:50 angelos Exp $
|
|
|
|
#
|
|
# Copyright (c) 1998, 2001 Niklas Hallqvist. All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
#
|
|
|
|
#
|
|
# This code was written under funding by Ericsson Radio Systems.
|
|
#
|
|
|
|
# XXX Please fill in references to the drafts, chapter & verse for each
|
|
# constant group below.
|
|
# Also think about ranges, can they be specified differently? Can we use
|
|
# these constants for validity checks?
|
|
|
|
# ISAKMP payload type.
|
|
# see http://www.iana.org/assignments/isakmp-registry
|
|
ISAKMP_PAYLOAD
|
|
NONE 0
|
|
SA 1
|
|
PROPOSAL 2
|
|
TRANSFORM 3
|
|
KEY_EXCH 4
|
|
ID 5
|
|
CERT 6
|
|
CERT_REQ 7
|
|
HASH 8
|
|
SIG 9
|
|
NONCE 10
|
|
NOTIFY 11
|
|
DELETE 12
|
|
VENDOR 13
|
|
ATTRIBUTE 14 # IKE Mode-Config attribute
|
|
SAK 15 # RFC 3547, SA KEK Payload
|
|
SAT 16 # RFC 3547, SA TEK Payload
|
|
KD 17 # RFC 3547, Key Download
|
|
SEQ 18 # RFC 3547, Sequence Number
|
|
POP 19 # RFC 3547, Proof of possession
|
|
NAT_D 20 # RFC 3947, NAT Discovery payload
|
|
NAT_OA 21 # RFC 3947, NAT Original Address payload
|
|
RESERVED_MIN 22
|
|
RESERVED_MAX 127
|
|
PRIVATE_MIN 128
|
|
# values from draft-ietf-ipsec-nat-t-ike-01,02,03.
|
|
NAT_D_DRAFT 130 # NAT Discovery payload
|
|
NAT_OA_DRAFT 131 # NAT Original Address payload
|
|
PRIVATE_MAX 255
|
|
MAX 255
|
|
.
|
|
|
|
# ISAKMP exchange types.
|
|
ISAKMP_EXCH
|
|
NONE 0
|
|
BASE 1
|
|
ID_PROT 2
|
|
AUTH_ONLY 3
|
|
AGGRESSIVE 4
|
|
INFO 5
|
|
# XXX the following are not quite legitimate according to the IETF process
|
|
TRANSACTION 6
|
|
FUTURE_MIN 7
|
|
FUTURE_MAX 31
|
|
DOI_MIN 32
|
|
DOI_MAX 255
|
|
.
|
|
|
|
# ISAKMP flags.
|
|
ISAKMP_FLAGS
|
|
ENC 1
|
|
COMMIT 2
|
|
AUTH_ONLY 4
|
|
.
|
|
|
|
# ISAKMP certificate encoding.
|
|
ISAKMP_CERTENC
|
|
NONE 0
|
|
PKCS 1
|
|
PGP 2
|
|
DNS 3
|
|
X509_SIG 4
|
|
X509_KE 5
|
|
KERBEROS 6
|
|
CRL 7
|
|
ARL 8
|
|
SPKI 9
|
|
X509_ATTR 10
|
|
KEYNOTE 11
|
|
HASH_URL_PKIX_CERT 12
|
|
HASH_URL_PKIX_BUNDLE 13
|
|
RESERVED_MIN 14
|
|
RESERVED_MAX 255
|
|
.
|
|
|
|
# ISAKMP Notify message types.
|
|
ISAKMP_NOTIFY
|
|
INVALID_PAYLOAD_TYPE 1
|
|
DOI_NOT_SUPPORTED 2
|
|
SITUATION_NOT_SUPPORTED 3
|
|
INVALID_COOKIE 4
|
|
INVALID_MAJOR_VERSION 5
|
|
INVALID_MINOR_VERSION 6
|
|
INVALID_EXCHANGE_TYPE 7
|
|
INVALID_FLAGS 8
|
|
INVALID_MESSAGE_ID 9
|
|
INVALID_PROTOCOL_ID 10
|
|
INVALID_SPI 11
|
|
INVALID_TRANSFORM_ID 12
|
|
ATTRIBUTES_NOT_SUPPORTED 13
|
|
NO_PROPOSAL_CHOSEN 14
|
|
BAD_PROPOSAL_SYNTAX 15
|
|
PAYLOAD_MALFORMED 16
|
|
INVALID_KEY_INFORMATION 17
|
|
INVALID_ID_INFORMATION 18
|
|
INVALID_CERT_ENCODING 19
|
|
INVALID_CERTIFICATE 20
|
|
CERT_TYPE_UNSUPPORTED 21
|
|
INVALID_CERT_AUTHORITY 22
|
|
INVALID_HASH_INFORMATION 23
|
|
AUTHENTICATION_FAILED 24
|
|
INVALID_SIGNATURE 25
|
|
ADDRESS_NOTIFICATION 26
|
|
NOTIFY_SA_LIFETIME 27
|
|
CERTIFICATE_UNAVAILABLE 28
|
|
UNSUPPORTED_EXCHANGE_TYPE 29
|
|
UNEQUAL_PAYLOAD_LENGTHS 30
|
|
RESERVED_MIN 31
|
|
RESERVED_MAX 8191
|
|
PRIVATE_MIN 8192
|
|
PRIVATE_MAX 16383
|
|
STATUS_CONNECTED 16384
|
|
STATUS_RESERVED1_MIN 16385
|
|
STATUS_RESERVED1_MAX 24575
|
|
STATUS_DOI_MIN 24576
|
|
STATUS_DOI_MAX 32767
|
|
STATUS_PRIVATE_MIN 32768
|
|
STATUS_DPD_R_U_THERE 36136
|
|
STATUS_DPD_R_U_THERE_ACK 36137
|
|
STATUS_PRIVATE_MAX 40959
|
|
STATUS_RESERVED2_MIN 40960
|
|
STATUS_RESERVED2_MAX 65535
|
|
.
|
|
|
|
# ISAKMP V2 Notify payload types
|
|
ISAKMP_V2_NOTIFY
|
|
UNSUPPORTED_CRITICAL_PAYLOAD 1
|
|
INVALID_IKE_SPI 4
|
|
INVALID_MAJOR_VERSION 5
|
|
INVALID_SYNTAX 7
|
|
INVALID_MESSAGE_ID 9
|
|
INVALID_SPI 11
|
|
NO_PROPOSAL_CHOSEN 14
|
|
AUTHENTICATION_FAILED 24
|
|
SINGLE_PAIR_REQUIRED 34
|
|
NO_ADDITIONAL_SAS 35
|
|
INTERNAL_ADDRESS_FAILURE 36
|
|
FAILED_CP_REQUIRED 37
|
|
TS_UNACCEPTABLE 38
|
|
RESERVED_MIN 39
|
|
RESERVED_MAX 8191
|
|
PRIVATE_MIN 8192
|
|
PRIVATE_MAX 16383
|
|
STATUS_RESERVED1_MIN 16384
|
|
STATUS_RESERVED1_MAX 24577
|
|
STATUS_INITIAL_CONTACT 24578
|
|
STATUS_SET_WINDOW_SIZE 24579
|
|
STATUS_ADDITIONAL_IS_POSSIBLE 24580
|
|
STATUS_IPCOMP_SUPPORTED 24581
|
|
STATUS_NAT_DETECTION_SOURCE_IP 24582
|
|
STATUS_NAT_DETECTION_DESTINATION_IP 24583
|
|
STATUS_COOKIE 24584
|
|
STATUS_USE_TRANSPORT_MODE 24585
|
|
STATUS_HTTP_CERT_LOOKUP_SUPPORTED 24586
|
|
STATUS_RESERVED2_MIN 24587
|
|
STATUS_RESERVED2_MAX 40959
|
|
STATUS_PRIVATE_MIN 40960
|
|
STATUS_PRIVATE_MAX 65535
|
|
.
|
|
|
|
# ISAKMP DOI Identifier.
|
|
ISAKMP_DOI
|
|
ISAKMP 0
|
|
.
|
|
|
|
# ISAKMP Protocol ID.
|
|
ISAKMP_PROTO
|
|
ISAKMP 1
|
|
.
|
|
|
|
# ISAKMP transaction message type.
|
|
ISAKMP_CFG
|
|
REQUEST 1
|
|
REPLY 2
|
|
SET 3
|
|
ACK 4
|
|
FUTURE_MIN 5
|
|
FUTURE_MAX 127
|
|
PRIVATE_MIN 128
|
|
PRIVATE_MAX 255
|
|
.
|
|
|
|
# ISAKMP configuration attributes.
|
|
ISAKMP_CFG_ATTR
|
|
INTERNAL_IP4_ADDRESS 1
|
|
INTERNAL_IP4_NETMASK 2
|
|
INTERNAL_IP4_DNS 3
|
|
INTERNAL_IP4_NBNS 4
|
|
INTERNAL_ADDRESS_EXPIRY 5
|
|
INTERNAL_IP4_DHCP 6
|
|
APPLICATION_VERSION 7
|
|
INTERNAL_IP6_ADDRESS 8
|
|
INTERNAL_IP6_NETMASK 9
|
|
INTERNAL_IP6_DNS 10
|
|
INTERNAL_IP6_NBNS 11
|
|
INTERNAL_IP6_DHCP 12
|
|
INTERNAL_IP4_SUBNET 13
|
|
SUPPORTED_ATTRIBUTES 14
|
|
INTERNAL_IP6_SUBNET 15
|
|
FUTURE_MIN 16
|
|
FUTURE_MAX 16383
|
|
PRIVATE_MIN 16384
|
|
PRIVATE_MAX 32767
|
|
.
|
|
|
|
# ISAKMP EAP
|
|
ISAKMP_EAP_CODE
|
|
REQUEST 1
|
|
RESPONSE 2
|
|
SUCCESS 3
|
|
FAILURE 4
|
|
.
|
|
|
|
# ISAKMP EAP Types (RFC2284)
|
|
ISAKMP_EAP_TYPE
|
|
IDENTITY 1
|
|
NOTIFICATION 2
|
|
NAK 3 # Response only
|
|
MD5_CHALLENGE 4
|
|
OTP 5
|
|
TOKEN 6 # Generic token card
|
|
.
|
|
|