xref: /openbsd/sbin/isakmpd/isakmp_num.cst (revision 4cfece93) 
1#	$OpenBSD: isakmp_num.cst,v 1.13 2005/06/25 23:03:38 hshoexer Exp $
2#	$EOM: isakmp_num.cst,v 1.3 2000/05/17 03:09:50 angelos Exp $
3
4#
5# Copyright (c) 1998, 2001 Niklas Hallqvist.  All rights reserved.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26#
27
28#
29# This code was written under funding by Ericsson Radio Systems.
30#
31
32# XXX Please fill in references to the drafts, chapter & verse for each
33# constant group below.
34# Also think about ranges, can they be specified differently?  Can we use
35# these constants for validity checks?
36
37# ISAKMP payload type.
38# see http://www.iana.org/assignments/isakmp-registry
39ISAKMP_PAYLOAD
40  NONE				0
41  SA				1
42  PROPOSAL			2
43  TRANSFORM			3
44  KEY_EXCH			4
45  ID				5
46  CERT				6
47  CERT_REQ			7
48  HASH				8
49  SIG				9
50  NONCE				10
51  NOTIFY			11
52  DELETE			12
53  VENDOR			13
54  ATTRIBUTE			14	# IKE Mode-Config attribute
55  SAK				15	# RFC 3547, SA KEK Payload
56  SAT				16	# RFC 3547, SA TEK Payload
57  KD				17	# RFC 3547, Key Download
58  SEQ				18	# RFC 3547, Sequence Number
59  POP				19	# RFC 3547, Proof of possession
60  NAT_D				20	# RFC 3947, NAT Discovery payload
61  NAT_OA			21	# RFC 3947, NAT Original Address payload
62  RESERVED_MIN			22
63  RESERVED_MAX			127
64  PRIVATE_MIN			128
65# values from draft-ietf-ipsec-nat-t-ike-01,02,03.
66  NAT_D_DRAFT			130	# NAT Discovery payload
67  NAT_OA_DRAFT			131	# NAT Original Address payload
68  PRIVATE_MAX			255
69  MAX				255
70.
71
72# ISAKMP exchange types.
73ISAKMP_EXCH
74  NONE				0
75  BASE				1
76  ID_PROT			2
77  AUTH_ONLY			3
78  AGGRESSIVE			4
79  INFO				5
80# XXX the following are not quite legitimate according to the IETF process
81  TRANSACTION			6
82  FUTURE_MIN			7
83  FUTURE_MAX			31
84  DOI_MIN			32
85  DOI_MAX			255
86.
87
88# ISAKMP flags.
89ISAKMP_FLAGS
90  ENC				1
91  COMMIT			2
92  AUTH_ONLY			4
93.
94
95# ISAKMP certificate encoding.
96ISAKMP_CERTENC
97  NONE				0
98  PKCS				1
99  PGP				2
100  DNS				3
101  X509_SIG			4
102  X509_KE			5
103  KERBEROS			6
104  CRL				7
105  ARL				8
106  SPKI				9
107  X509_ATTR			10
108  KEYNOTE			11
109  HASH_URL_PKIX_CERT		12
110  HASH_URL_PKIX_BUNDLE		13
111  RESERVED_MIN			14
112  RESERVED_MAX			255
113.
114
115# ISAKMP Notify message types.
116ISAKMP_NOTIFY
117  INVALID_PAYLOAD_TYPE		1
118  DOI_NOT_SUPPORTED		2
119  SITUATION_NOT_SUPPORTED	3
120  INVALID_COOKIE		4
121  INVALID_MAJOR_VERSION		5
122  INVALID_MINOR_VERSION		6
123  INVALID_EXCHANGE_TYPE		7
124  INVALID_FLAGS			8
125  INVALID_MESSAGE_ID		9
126  INVALID_PROTOCOL_ID		10
127  INVALID_SPI			11
128  INVALID_TRANSFORM_ID		12
129  ATTRIBUTES_NOT_SUPPORTED	13
130  NO_PROPOSAL_CHOSEN		14
131  BAD_PROPOSAL_SYNTAX		15
132  PAYLOAD_MALFORMED		16
133  INVALID_KEY_INFORMATION	17
134  INVALID_ID_INFORMATION	18
135  INVALID_CERT_ENCODING		19
136  INVALID_CERTIFICATE		20
137  CERT_TYPE_UNSUPPORTED		21
138  INVALID_CERT_AUTHORITY	22
139  INVALID_HASH_INFORMATION	23
140  AUTHENTICATION_FAILED		24
141  INVALID_SIGNATURE		25
142  ADDRESS_NOTIFICATION		26
143  NOTIFY_SA_LIFETIME		27
144  CERTIFICATE_UNAVAILABLE	28
145  UNSUPPORTED_EXCHANGE_TYPE	29
146  UNEQUAL_PAYLOAD_LENGTHS	30
147  RESERVED_MIN			31
148  RESERVED_MAX			8191
149  PRIVATE_MIN			8192
150  PRIVATE_MAX			16383
151  STATUS_CONNECTED		16384
152  STATUS_RESERVED1_MIN		16385
153  STATUS_RESERVED1_MAX		24575
154  STATUS_DOI_MIN		24576
155  STATUS_DOI_MAX		32767
156  STATUS_PRIVATE_MIN		32768
157  STATUS_DPD_R_U_THERE		36136
158  STATUS_DPD_R_U_THERE_ACK	36137
159  STATUS_PRIVATE_MAX		40959
160  STATUS_RESERVED2_MIN		40960
161  STATUS_RESERVED2_MAX		65535
162.
163
164# ISAKMP V2 Notify payload types
165ISAKMP_V2_NOTIFY
166  UNSUPPORTED_CRITICAL_PAYLOAD		1
167  INVALID_IKE_SPI			4
168  INVALID_MAJOR_VERSION			5
169  INVALID_SYNTAX			7
170  INVALID_MESSAGE_ID			9
171  INVALID_SPI				11
172  NO_PROPOSAL_CHOSEN			14
173  AUTHENTICATION_FAILED			24
174  SINGLE_PAIR_REQUIRED			34
175  NO_ADDITIONAL_SAS			35
176  INTERNAL_ADDRESS_FAILURE		36
177  FAILED_CP_REQUIRED			37
178  TS_UNACCEPTABLE			38
179  RESERVED_MIN				39
180  RESERVED_MAX				8191
181  PRIVATE_MIN				8192
182  PRIVATE_MAX				16383
183  STATUS_RESERVED1_MIN			16384
184  STATUS_RESERVED1_MAX			24577
185  STATUS_INITIAL_CONTACT		24578
186  STATUS_SET_WINDOW_SIZE		24579
187  STATUS_ADDITIONAL_IS_POSSIBLE		24580
188  STATUS_IPCOMP_SUPPORTED		24581
189  STATUS_NAT_DETECTION_SOURCE_IP	24582
190  STATUS_NAT_DETECTION_DESTINATION_IP	24583
191  STATUS_COOKIE				24584
192  STATUS_USE_TRANSPORT_MODE		24585
193  STATUS_HTTP_CERT_LOOKUP_SUPPORTED	24586
194  STATUS_RESERVED2_MIN			24587
195  STATUS_RESERVED2_MAX			40959
196  STATUS_PRIVATE_MIN			40960
197  STATUS_PRIVATE_MAX			65535
198.
199
200# ISAKMP DOI Identifier.
201ISAKMP_DOI
202  ISAKMP		0
203.
204
205# ISAKMP Protocol ID.
206ISAKMP_PROTO
207  ISAKMP		1
208.
209
210# ISAKMP transaction message type.
211ISAKMP_CFG
212  REQUEST		1
213  REPLY			2
214  SET			3
215  ACK			4
216  FUTURE_MIN		5
217  FUTURE_MAX		127
218  PRIVATE_MIN		128
219  PRIVATE_MAX		255
220.
221
222# ISAKMP configuration attributes.
223ISAKMP_CFG_ATTR
224  INTERNAL_IP4_ADDRESS		1
225  INTERNAL_IP4_NETMASK		2
226  INTERNAL_IP4_DNS		3
227  INTERNAL_IP4_NBNS		4
228  INTERNAL_ADDRESS_EXPIRY	5
229  INTERNAL_IP4_DHCP		6
230  APPLICATION_VERSION		7
231  INTERNAL_IP6_ADDRESS		8
232  INTERNAL_IP6_NETMASK		9
233  INTERNAL_IP6_DNS		10
234  INTERNAL_IP6_NBNS		11
235  INTERNAL_IP6_DHCP		12
236  INTERNAL_IP4_SUBNET		13
237  SUPPORTED_ATTRIBUTES		14
238  INTERNAL_IP6_SUBNET		15
239  FUTURE_MIN			16
240  FUTURE_MAX			16383
241  PRIVATE_MIN			16384
242  PRIVATE_MAX			32767
243.
244
245# ISAKMP EAP
246ISAKMP_EAP_CODE
247  REQUEST			1
248  RESPONSE			2
249  SUCCESS			3
250  FAILURE			4
251.
252
253# ISAKMP EAP Types (RFC2284)
254ISAKMP_EAP_TYPE
255  IDENTITY			1
256  NOTIFICATION			2
257  NAK				3	# Response only
258  MD5_CHALLENGE			4
259  OTP				5
260  TOKEN				6	# Generic token card
261.
262
263