X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Fikev2%2Fikev2.h;h=d435179275aa454d4a67f40c4480790d660c5d07;hb=459d17bb7;hp=55731bff9754f284bce0d21c19f7cd61b7422b86;hpb=7c44d78ef2e7bf0c8714be4184511ed8f23ff239;p=vpp.git

diff --git a/src/plugins/ikev2/ikev2.h b/src/plugins/ikev2/ikev2.h
index 55731bff975..d435179275a 100644
--- a/src/plugins/ikev2/ikev2.h
+++ b/src/plugins/ikev2/ikev2.h
@@ -21,9 +21,15 @@
 #include <vppinfra/error.h>
 
 #define IKEV2_NONCE_SIZE  32
-
+#define IKEV2_PORT        500
+#define IKEV2_PORT_NATT   4500
 #define IKEV2_KEY_PAD "Key Pad for IKEv2"
 
+#define IKEV2_GCM_ICV_SIZE 16
+#define IKEV2_GCM_NONCE_SIZE 12
+#define IKEV2_GCM_SALT_SIZE 4
+#define IKEV2_GCM_IV_SIZE (IKEV2_GCM_NONCE_SIZE - IKEV2_GCM_SALT_SIZE)
+
 typedef u8 v8;
 
 /* *INDENT-OFF* */
@@ -91,6 +97,8 @@ typedef CLIB_PACKED (struct {
 #define IKEV2_PAYLOAD_FLAG_CRITICAL      (1<<7)
 
 #define IKEV2_PAYLOAD_NONE      0
+#define IKEV2_PAYLOAD_NAT_D     20
+#define IKEV2_PAYLOAD_NAT_OA    21
 #define IKEV2_PAYLOAD_SA        33
 #define IKEV2_PAYLOAD_KE        34
 #define IKEV2_PAYLOAD_IDI       35
@@ -221,7 +229,8 @@ typedef enum
   _(9 , DES_IV32,  "des-iv32") \
   _(11, NULL,      "null")     \
   _(12, AES_CBC,   "aes-cbc")  \
-  _(13, AES_CTR,   "aes-ctr")
+  _(13, AES_CTR,   "aes-ctr")  \
+  _(20, AES_GCM_16, "aes-gcm-16")
 
 typedef enum
 {
@@ -386,11 +395,16 @@ clib_error_t *ikev2_set_profile_esp_transforms (vlib_main_t * vm, u8 * name,
 						crypto_alg,
 						ikev2_transform_integ_type_t
 						integ_alg,
-						ikev2_transform_dh_type_t
-						dh_type, u32 crypto_key_size);
+						u32 crypto_key_size);
 clib_error_t *ikev2_set_profile_sa_lifetime (vlib_main_t * vm, u8 * name,
 					     u64 lifetime, u32 jitter,
 					     u32 handover, u64 maxdata);
+clib_error_t *ikev2_set_profile_tunnel_interface (vlib_main_t * vm, u8 * name,
+						  u32 sw_if_index);
+vnet_api_error_t ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm,
+						   u8 * name, u16 port,
+						   u8 is_set);
+clib_error_t *ikev2_set_profile_udp_encap (vlib_main_t * vm, u8 * name);
 clib_error_t *ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name);
 clib_error_t *ikev2_initiate_delete_child_sa (vlib_main_t * vm, u32 ispi);
 clib_error_t *ikev2_initiate_delete_ike_sa (vlib_main_t * vm, u64 ispi);
@@ -422,6 +436,9 @@ uword unformat_ikev2_transform_dh_type (unformat_input_t * input,
 					va_list * args);
 uword unformat_ikev2_transform_esn_type (unformat_input_t * input,
 					 va_list * args);
+void ikev2_cli_reference (void);
+
+clib_error_t *ikev2_set_liveness_params (u32 period, u32 max_retries);
 
 #endif /* __included_ikev2_h__ */