1# $OpenBSD: ipsec_num.cst,v 1.19 2012/06/30 14:51:31 naddy Exp $ 2# $EOM: ipsec_num.cst,v 1.5 2000/10/13 17:56:52 angelos Exp $ 3 4# 5# Copyright (c) 1998 Niklas Hallqvist. All rights reserved. 6# Copyright (c) 2003 H�kan Olsson. All rights reserved. 7# 8# Redistribution and use in source and binary forms, with or without 9# modification, are permitted provided that the following conditions 10# are met: 11# 1. Redistributions of source code must retain the above copyright 12# notice, this list of conditions and the following disclaimer. 13# 2. Redistributions in binary form must reproduce the above copyright 14# notice, this list of conditions and the following disclaimer in the 15# documentation and/or other materials provided with the distribution. 16# 17# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27# 28 29# 30# This code was written under funding by Ericsson Radio Systems. 31# 32 33# XXX Please fill in references to the drafts, chapter & verse for each 34# constant group below. 35 36# IPSEC DOI Identifier. 37IPSEC_DOI 38 IPSEC 1 39. 40 41# IPSEC SA attributes 42IPSEC_ATTR 43 SA_LIFE_TYPE 1 44 SA_LIFE_DURATION 2 45 GROUP_DESCRIPTION 3 46 ENCAPSULATION_MODE 4 47 AUTHENTICATION_ALGORITHM 5 48 KEY_LENGTH 6 49 KEY_ROUNDS 7 50 COMPRESS_DICTIONARY_SIZE 8 51 COMPRESS_PRIVATE_ALGORITHM 9 52 ECN_TUNNEL 10 53. 54 55# IPSEC SA duration. 56IPSEC_DURATION 57 SECONDS 1 58 KILOBYTES 2 59. 60 61# IPSEC encapsulation mode. 62IPSEC_ENCAP 63 TUNNEL 1 64 TRANSPORT 2 65 UDP_ENCAP_TUNNEL 3 66 UDP_ENCAP_TRANSPORT 4 67 UDP_ENCAP_TUNNEL_DRAFT 61443 # draft-ietf-ipsec-nat-t-ike 68 UDP_ENCAP_TRANSPORT_DRAFT 61444 # draft-ietf-ipsec-nat-t-ike 69. 70 71# IPSEC authentication algorithm. 72IPSEC_AUTH 73 HMAC_MD5 1 74 HMAC_SHA 2 75 DES_MAC 3 76 KPDK 4 77 HMAC_SHA2_256 5 78 HMAC_SHA2_384 6 79 HMAC_SHA2_512 7 80 HMAC_RIPEMD 8 81. 82 83# IPSEC ID types. 84IPSEC_ID 85 IPV4_ADDR 1 86 FQDN 2 87 USER_FQDN 3 88 IPV4_ADDR_SUBNET 4 89 IPV6_ADDR 5 90 IPV6_ADDR_SUBNET 6 91 IPV4_RANGE 7 92 IPV6_RANGE 8 93 DER_ASN1_DN 9 94 DER_ASN1_GN 10 95 KEY_ID 11 96. 97 98# IKE SA attributes 99IKE_ATTR 100 ENCRYPTION_ALGORITHM 1 ike_encrypt_cst 101 HASH_ALGORITHM 2 ike_hash_cst 102 AUTHENTICATION_METHOD 3 ike_auth_cst 103 GROUP_DESCRIPTION 4 ike_group_desc_cst 104 GROUP_TYPE 5 ike_group_cst 105 GROUP_PRIME 6 106 GROUP_GENERATOR_1 7 107 GROUP_GENERATOR_2 8 108 GROUP_CURVE_A 9 109 GROUP_CURVE_B 10 110 LIFE_TYPE 11 ike_duration_cst 111 LIFE_DURATION 12 112 PRF 13 ike_prf_cst 113 KEY_LENGTH 14 114 FIELD_SIZE 15 115 GROUP_ORDER 16 116 BLOCK_SIZE 17 117. 118 119# XXX Fill in reserved ranges for the attributes below. 120 121# IKE encryption algorithm. 122IKE_ENCRYPT 123 DES_CBC 1 124 IDEA_CBC 2 125 BLOWFISH_CBC 3 126 RC5_R16_B64_CBC 4 127 3DES_CBC 5 128 CAST_CBC 6 129 AES_CBC 7 130. 131 132# IKE hash algorithm. 133IKE_HASH 134 MD5 1 135 SHA 2 136 TIGER 3 137 SHA2_256 4 138 SHA2_384 5 139 SHA2_512 6 140. 141 142# IKE authentication method. 143IKE_AUTH 144 PRE_SHARED 1 145 DSS 2 146 RSA_SIG 3 147 RSA_ENC 4 148 RSA_ENC_REV 5 149 EL_GAMAL_ENC 6 150 EL_GAMAL_ENC_REV 7 151 ECDSA_SIG 8 152. 153 154# IKE group description. 155IKE_GROUP_DESC 156 MODP_768 1 157 MODP_1024 2 158 EC2N_155 3 159 EC2N_185 4 160 MODP_1536 5 161 EC2N_163sect 6 162 EC2N_163K 7 163 EC2N_283sect 8 164 EC2N_283K 9 165 EC2N_409sect 10 166 EC2N_409K 11 167 EC2N_571sect 12 168 EC2N_571K 13 169 MODP_2048 14 170 MODP_3072 15 171 MODP_4096 16 172 MODP_6144 17 173 MODP_8192 18 174. 175 176# IKE Group type. 177IKE_GROUP 178 MODP 1 179 ECP 2 180 EC2N 3 181. 182 183# IKE SA duration. 184IKE_DURATION 185 SECONDS 1 186 KILOBYTES 2 187. 188 189# IKE Pseudo random function. No defined so far. 190IKE_PRF 191. 192 193# IPSEC Situation bits. 194IPSEC_SIT 195 IDENTITY_ONLY 1 196 SECRECY 2 197 INTEGRITY 4 198. 199 200# IPSEC security protocol IDs. 201IPSEC_PROTO 202 IPSEC_AH 2 203 IPSEC_ESP 3 204 IPCOMP 4 205. 206 207# IPSEC ISAKMP transform IDs. 208IPSEC_TRANSFORM 209 KEY_IKE 1 210. 211 212# IPSEC AH transform IDs. 213IPSEC_AH 214 MD5 2 215 SHA 3 216 DES 4 217 SHA2_256 5 218 SHA2_384 6 219 SHA2_512 7 220 RIPEMD 8 221. 222 223# IPSEC ESP transform IDs. 224IPSEC_ESP 225 DES_IV64 1 226 DES 2 227 3DES 3 228 RC5 4 229 IDEA 5 230 CAST 6 231 BLOWFISH 7 232 3IDEA 8 233 DES_IV32 9 234 RC4 10 235 NULL 11 236 AES 12 237 AES_CTR 13 238 AES_GCM_16 20 239 AES_GMAC 23 240 AES_MARS 249 241 AES_RC6 250 242 AES_RIJNDAEL 251 243 AES_SERPENT 252 244 AES_TWOFISH 253 245. 246 247# IPSEC IPCOMP transform IDs 248IPSEC_IPCOMP 249 OUI 1 250 DEFLATE 2 251 LZS 3 252 V42BIS 4 253. 254 255# IPSEC notify message types. 256IPSEC_NOTIFY 257 RESPONDER_LIFETIME 24576 258 REPLAY_STATUS 24577 259 INITIAL_CONTACT 24578 260. 261 262# IKE exchange types. 263IKE_EXCH 264 QUICK_MODE 32 265 NEW_GROUP_MODE 33 266. 267