| /* |
| * Copyright (C) 2023 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| syntax = "proto2"; |
| package android.stats.ike; |
| |
| enum IkeCaller { |
| CALLER_UNKNOWN = 0; |
| CALLER_IWLAN = 1; |
| CALLER_VCN = 2; |
| CALLER_VPN = 3; |
| } |
| |
| enum SessionType { |
| SESSION_UNKNOWN = 0; |
| SESSION_IKE = 1; |
| SESSION_CHILD = 2; |
| } |
| |
| enum SessionState { |
| SESSION_STATE_UNKNOWN = 0; |
| SESSION_STATE_INITIAL = 1; |
| SESSION_STATE_REKEY = 2; |
| } |
| |
| enum IkeState { |
| STATE_UNKNOWN = 0; |
| STATE_IKE_KILL = 1; |
| STATE_IKE_INITIAL = 2; |
| STATE_IKE_CREATE_LOCAL_IKE_INIT = 3; |
| STATE_IKE_CREATE_LOCAL_IKE_AUTH = 4; |
| STATE_IKE_CREATE_LOCAL_IKE_AUTH_IN_EAP = 5; |
| STATE_IKE_CREATE_LOCAL_IKE_AUTH_POST_EAP = 6; |
| STATE_IKE_IDLE = 7; |
| STATE_IKE_CHILD_PROCEDURE_ONGOING= 8; |
| STATE_IKE_RECEIVING = 9; |
| STATE_IKE_REKEY_LOCAL_CREATE = 10; |
| STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_CREATE = 11; |
| STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_DELETE_REMOTE_DELETE = 12; |
| STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_DELETE = 13; |
| STATE_IKE_SIMULTANEOUS_REKEY_REMOTE_DELETE = 14; |
| STATE_IKE_REKEY_LOCAL_DELETE = 15; |
| STATE_IKE_REKEY_REMOTE_DELETE = 16; |
| STATE_IKE_DELETE_LOCAL_DELETE = 17; |
| STATE_IKE_DPD_LOCAL_INFO = 18; |
| STATE_IKE_MOBIKE_LOCAL_INFO = 19; |
| STATE_IKE_DPD_ON_DEMAND_LOCAL_INFO = 20; |
| |
| STATE_CHILD_KILL = 101; |
| STATE_CHILD_INITIAL = 102; |
| STATE_CHILD_CREATE_LOCAL_CREATE = 103; |
| STATE_CHILD_IDLE = 104; |
| STATE_CHILD_IDLE_WITH_DEFERRED_REQUEST = 105; |
| STATE_CHILD_CLOSE_AND_AWAIT_RESPONSE = 106; |
| STATE_CHILD_DELETE_LOCAL_DELETE = 107; |
| STATE_CHILD_DELETE_REMOTE_DELETE =108; |
| STATE_CHILD_REKEY_LOCAL_CREATE = 109; |
| STATE_CHILD_MOBIKE_REKEY_LOCAL_CREATE = 110; |
| STATE_CHILD_REKEY_REMOTE_CREATE = 111; |
| STATE_CHILD_REKEY_LOCAL_DELETE = 112; |
| STATE_CHILD_REKEY_REMOTE_DELETE = 113; |
| } |
| |
| enum DhGroups { |
| DH_GROUP_UNSPECIFIED = 0; |
| DH_GROUP_NONE = 1; |
| DH_GROUP_1024_BIT_MODP = 2; |
| DH_GROUP_1536_BIT_MODP = 5; |
| DH_GROUP_2048_BIT_MODP = 14; |
| DH_GROUP_3072_BIT_MODP = 15; |
| DH_GROUP_4096_BIT_MODP = 16; |
| DH_GROUP_CURVE_25519 = 31; |
| } |
| |
| enum IntegrityAlgorithms { |
| INTEGRITY_ALGORITHM_UNSPECIFIED = 0; |
| INTEGRITY_ALGORITHM_NONE = 1; |
| INTEGRITY_ALGORITHM_HMAC_SHA1_96 = 2; |
| INTEGRITY_ALGORITHM_AES_XCBC_96 = 5; |
| INTEGRITY_ALGORITHM_AES_CMAC_96 = 8; |
| INTEGRITY_ALGORITHM_HMAC_SHA2_256_128 = 12; |
| INTEGRITY_ALGORITHM_HMAC_SHA2_384_192 = 13; |
| INTEGRITY_ALGORITHM_HMAC_SHA2_512_256 = 14; |
| } |
| |
| enum PrfAlgorithms { |
| PSEUDORANDOM_FUNCTION_UNSPECIFIED = 0; |
| PSEUDORANDOM_FUNCTION_HMAC_SHA1 = 2; |
| PSEUDORANDOM_FUNCTION_AES128_XCBC = 4; |
| PSEUDORANDOM_FUNCTION_SHA2_256 = 5; |
| PSEUDORANDOM_FUNCTION_SHA2_384 = 6; |
| PSEUDORANDOM_FUNCTION_SHA2_512 = 7; |
| PSEUDORANDOM_FUNCTION_AES128_CMAC = 8; |
| } |
| |
| enum EncryptionAlgorithms { |
| ENCRYPTION_ALGORITHM_UNSPECIFIED = 0; |
| ENCRYPTION_ALGORITHM_3DES = 3; |
| ENCRYPTION_ALGORITHM_AES_CBC = 12; |
| ENCRYPTION_ALGORITHM_AES_CTR = 13; |
| ENCRYPTION_ALGORITHM_AES_GCM_8 = 18; |
| ENCRYPTION_ALGORITHM_AES_GCM_12 = 19; |
| ENCRYPTION_ALGORITHM_AES_GCM_16 = 20; |
| ENCRYPTION_ALGORITHM_CHACHA20_POLY1305 = 28; |
| } |
| |
| enum KeyLengths { |
| KEY_LEN_UNSPECIFIED = 0; |
| KEY_LEN_UNUSED = 1; |
| KEY_LEN_AES_128 = 128; |
| KEY_LEN_AES_192 = 192; |
| KEY_LEN_AES_256 = 256; |
| } |
| |
| // IkeError consists of 32 bits with the top 4 bits always unset, |
| // the next 12 bits representing the error categories and the |
| // rest 16 bits representing the detailed error causes. |
| enum IkeError { |
| ERROR_UNKNOWN = 0x0FFFFFFF; |
| |
| // No error has occurred |
| ERROR_NONE = 0x00000000; |
| |
| //Reserve the incorrectly used ERROR_PROTOCOL_SINGLE_PAIR_REQUIRED value here. |
| ERROR_RESERVED_00004022 = 0x00004022; |
| |
| ERROR_INTERNAL = 0x00010000; |
| ERROR_NETWORK_LOST = 0x00020000; |
| |
| // IO errors start from 0x00030000 |
| ERROR_IO_GENERAL = 0x00030000; |
| ERROR_IO_TIMEOUT = 0x00030001; |
| ERROR_IO_DNS_FAILURE = 0x00030002; |
| |
| // IKE protocol (RFC 7296) errors start from 0x00040000 |
| ERROR_PROTOCOL_UNKNOWN = 0x00040000; |
| ERROR_PROTOCOL_UNSUPPORTED_CRITICAL_PAYLOAD= 0x00040001; |
| ERROR_PROTOCOL_INVALID_IKE_SPI= 0x00040004; |
| ERROR_PROTOCOL_INVALID_MAJOR_VERSION= 0x00040005; |
| ERROR_PROTOCOL_INVALID_SYNTAX= 0x00040007; |
| ERROR_PROTOCOL_INVALID_MESSAGE_ID= 0x00040009; |
| ERROR_PROTOCOL_NO_PROPOSAL_CHOSEN= 0x0004000E; |
| ERROR_PROTOCOL_INVALID_KE_PAYLOAD= 0x00040011; |
| ERROR_PROTOCOL_AUTHENTICATION_FAILED= 0x00040018; |
| ERROR_PROTOCOL_SINGLE_PAIR_REQUIRED= 0x00040022; |
| ERROR_PROTOCOL_NO_ADDITIONAL_SAS= 0x00040023; |
| ERROR_PROTOCOL_INTERNAL_ADDRESS_FAILURE= 0x00040024; |
| ERROR_PROTOCOL_FAILED_CP_REQUIRED= 0x00040025; |
| ERROR_PROTOCOL_TS_UNACCEPTABLE= 0x00040026; |
| ERROR_PROTOCOL_INVALID_SELECTORS= 0x00040027; |
| ERROR_PROTOCOL_TEMPORARY_FAILURE= 0x0004002B; |
| ERROR_PROTOCOL_CHILD_SA_NOT_FOUND= 0x0004002C; |
| } |
| |
| // Deprecated. Use IkeState instead. |
| enum IkeTask { |
| IKE_TASK_UNSPECIFIED = 0; |
| IKE_TASK_ON_DEMAND_DPD = 1; |
| IKE_TASK_UNKNOWN_BUSY = 2; |
| IKE_TASK_PERIODIC_DPD = 3; |
| IKE_TASK_REKEY_IKE = 4; |
| IKE_TASK_REKEY_CHILD = 5; |
| IKE_TASK_MOBIKE = 6; |
| } |
| |
| enum IkeUnderlyingNetworkType { |
| NETWORK_UNSPECIFIED = 0; |
| NETWORK_WIFI = 1; |
| NETWORK_CELLULAR = 2; |
| } |
| |
| |