1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
|
# $OpenBSD: isakmp_num.cst,v 1.9 2004/06/20 15:20:07 ho Exp $
# $EOM: isakmp_num.cst,v 1.3 2000/05/17 03:09:50 angelos Exp $
#
# Copyright (c) 1998, 2001 Niklas Hallqvist. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
#
# This code was written under funding by Ericsson Radio Systems.
#
# XXX Please fill in references to the drafts, chapter & verse for each
# constant group below.
# Also think about ranges, can they be specified differently? Can we use
# these constants for validity checks?
# ISAKMP payload type.
ISAKMP_PAYLOAD
NONE 0
SA 1
PROPOSAL 2
TRANSFORM 3
KEY_EXCH 4
ID 5
CERT 6
CERT_REQ 7
HASH 8
SIG 9
NONCE 10
NOTIFY 11
DELETE 12
VENDOR 13
# XXX the following are not quite legitimate according to the IETF process
ATTRIBUTE 14 # IKE Mode-Config attribute
SAK 15 # RFC 3547, SA KEK Payload
SAT 16 # RFC 3547, SA TEK Payload
KD 17 # RFC 3547, Key Download
SEQ 18 # RFC 3547, Sequence Number
POP 19 # RFC 3547, Proof of possession
RESERVED_MIN 20
RESERVED_MAX 127
PRIVATE_MIN 128
# XXX values from draft-ietf-ipsec-nat-t-ike-01,02,03. Later drafts specify
# XXX NAT_D as payload 15 and NAT_OA as 16, but these are allocated by RFC
# XXX 3547 as seen above.
NAT_D 130 # NAT Discovery payload
NAT_OA 131 # NAT Original Address payload
PRIVATE_MAX 255
.
# ISAKMP exchange types.
ISAKMP_EXCH
NONE 0
BASE 1
ID_PROT 2
AUTH_ONLY 3
AGGRESSIVE 4
INFO 5
# XXX the following are not quite legitimate according to the IETF process
TRANSACTION 6
DPD 7
FUTURE_MIN 8
FUTURE_MAX 31
DOI_MIN 32
DOI_MAX 255
.
# ISAKMP flags.
ISAKMP_FLAGS
ENC 1
COMMIT 2
AUTH_ONLY 4
.
# ISAKMP certificate encoding.
ISAKMP_CERTENC
NONE 0
PKCS 1
PGP 2
DNS 3
X509_SIG 4
X509_KE 5
KERBEROS 6
CRL 7
ARL 8
SPKI 9
X509_ATTR 10
KEYNOTE 11
HASH_URL_PKIX_CERT 12
HASH_URL_PKIX_BUNDLE 13
RESERVED_MIN 14
RESERVED_MAX 255
.
# ISAKMP Notify message types.
ISAKMP_NOTIFY
INVALID_PAYLOAD_TYPE 1
DOI_NOT_SUPPORTED 2
SITUATION_NOT_SUPPORTED 3
INVALID_COOKIE 4
INVALID_MAJOR_VERSION 5
INVALID_MINOR_VERSION 6
INVALID_EXCHANGE_TYPE 7
INVALID_FLAGS 8
INVALID_MESSAGE_ID 9
INVALID_PROTOCOL_ID 10
INVALID_SPI 11
INVALID_TRANSFORM_ID 12
ATTRIBUTES_NOT_SUPPORTED 13
NO_PROPOSAL_CHOSEN 14
BAD_PROPOSAL_SYNTAX 15
PAYLOAD_MALFORMED 16
INVALID_KEY_INFORMATION 17
INVALID_ID_INFORMATION 18
INVALID_CERT_ENCODING 19
INVALID_CERTIFICATE 20
CERT_TYPE_UNSUPPORTED 21
INVALID_CERT_AUTHORITY 22
INVALID_HASH_INFORMATION 23
AUTHENTICATION_FAILED 24
INVALID_SIGNATURE 25
ADDRESS_NOTIFICATION 26
NOTIFY_SA_LIFETIME 27
CERTIFICATE_UNAVAILABLE 28
UNSUPPORTED_EXCHANGE_TYPE 29
UNEQUAL_PAYLOAD_LENGTHS 30
RESERVED_MIN 31
RESERVED_MAX 8191
PRIVATE_MIN 8192
PRIVATE_MAX 16383
STATUS_CONNECTED 16384
STATUS_RESERVED1_MIN 16385
STATUS_RESERVED1_MAX 24575
STATUS_DOI_MIN 24576
STATUS_DOI_MAX 32767
STATUS_PRIVATE_MIN 32768
STATUS_DPD_R_U_THERE 36136
STATUS_DPD_R_U_THERE_ACK 36137
STATUS_PRIVATE_MAX 40959
STATUS_RESERVED2_MIN 40960
STATUS_RESERVED2_MAX 65535
.
# ISAKMP V2 Notify payload types
ISAKMP_V2_NOTIFY
UNSUPPORTED_CRITICAL_PAYLOAD 1
INVALID_IKE_SPI 4
INVALID_MAJOR_VERSION 5
INVALID_SYNTAX 7
INVALID_MESSAGE_ID 9
INVALID_SPI 11
NO_PROPOSAL_CHOSEN 14
AUTHENTICATION_FAILED 24
SINGLE_PAIR_REQUIRED 34
NO_ADDITIONAL_SAS 35
INTERNAL_ADDRESS_FAILURE 36
FAILED_CP_REQUIRED 37
TS_UNACCEPTABLE 38
RESERVED_MIN 39
RESERVED_MAX 8191
PRIVATE_MIN 8192
PRIVATE_MAX 16383
STATUS_RESERVED1_MIN 16384
STATUS_RESERVED1_MAX 24577
STATUS_INITIAL_CONTACT 24578
STATUS_SET_WINDOW_SIZE 24579
STATUS_ADDITIONAL_IS_POSSIBLE 24580
STATUS_IPCOMP_SUPPORTED 24581
STATUS_NAT_DETECTION_SOURCE_IP 24582
STATUS_NAT_DETECTION_DESTINATION_IP 24583
STATUS_COOKIE 24584
STATUS_USE_TRANSPORT_MODE 24585
STATUS_HTTP_CERT_LOOKUP_SUPPORTED 24586
STATUS_RESERVED2_MIN 24587
STATUS_RESERVED2_MAX 40959
STATUS_PRIVATE_MIN 40960
STATUS_PRIVATE_MAX 65535
.
# ISAKMP DOI Identifier.
ISAKMP_DOI
ISAKMP 0
.
# ISAKMP Protocol ID.
ISAKMP_PROTO
ISAKMP 1
.
# ISAKMP transaction message type.
ISAKMP_CFG
REQUEST 1
REPLY 2
SET 3
ACK 4
FUTURE_MIN 5
FUTURE_MAX 127
PRIVATE_MIN 128
PRIVATE_MAX 255
.
# ISAKMP configuration attributes.
ISAKMP_CFG_ATTR
INTERNAL_IP4_ADDRESS 1
INTERNAL_IP4_NETMASK 2
INTERNAL_IP4_DNS 3
INTERNAL_IP4_NBNS 4
INTERNAL_ADDRESS_EXPIRY 5
INTERNAL_IP4_DHCP 6
APPLICATION_VERSION 7
INTERNAL_IP6_ADDRESS 8
INTERNAL_IP6_NETMASK 9
INTERNAL_IP6_DNS 10
INTERNAL_IP6_NBNS 11
INTERNAL_IP6_DHCP 12
INTERNAL_IP4_SUBNET 13
SUPPORTED_ATTRIBUTES 14
INTERNAL_IP6_SUBNET 15
FUTURE_MIN 16
FUTURE_MAX 16383
PRIVATE_MIN 16384
PRIVATE_MAX 32767
.
# ISAKMP EAP
ISAKMP_EAP_CODE
REQUEST 1
RESPONSE 2
SUCCESS 3
FAILURE 4
.
# ISAKMP EAP Types (RFC2284)
ISAKMP_EAP_TYPE
IDENTITY 1
NOTIFICATION 2
NAK 3 # Response only
MD5_CHALLENGE 4
OTP 5
TOKEN 6 # Generic token card
.
|