1/*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16syntax = "proto2";
17package android.stats.ike;
18
19enum IkeCaller {
20    CALLER_UNKNOWN = 0;
21    CALLER_IWLAN = 1;
22    CALLER_VCN = 2;
23    CALLER_VPN = 3;
24}
25
26enum SessionType {
27    SESSION_UNKNOWN = 0;
28    SESSION_IKE = 1;
29    SESSION_CHILD = 2;
30}
31
32enum IkeState {
33    STATE_UNKNOWN = 0;
34    STATE_IKE_KILL = 1;
35    STATE_IKE_INITIAL = 2;
36    STATE_IKE_CREATE_LOCAL_IKE_INIT = 3;
37    STATE_IKE_CREATE_LOCAL_IKE_AUTH = 4;
38    STATE_IKE_CREATE_LOCAL_IKE_AUTH_IN_EAP = 5;
39    STATE_IKE_CREATE_LOCAL_IKE_AUTH_POST_EAP = 6;
40    STATE_IKE_IDLE = 7;
41    STATE_IKE_CHILD_PROCEDURE_ONGOING= 8;
42    STATE_IKE_RECEIVING = 9;
43    STATE_IKE_REKEY_LOCAL_CREATE = 10;
44    STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_CREATE = 11;
45    STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_DELETE_REMOTE_DELETE = 12;
46    STATE_IKE_SIMULTANEOUS_REKEY_LOCAL_DELETE = 13;
47    STATE_IKE_SIMULTANEOUS_REKEY_REMOTE_DELETE = 14;
48    STATE_IKE_REKEY_LOCAL_DELETE = 15;
49    STATE_IKE_REKEY_REMOTE_DELETE = 16;
50    STATE_IKE_DELETE_LOCAL_DELETE = 17;
51    STATE_IKE_DPD_LOCAL_INFO = 18;
52    STATE_IKE_MOBIKE_LOCAL_INFO = 19;
53    STATE_IKE_DPD_ON_DEMAND_LOCAL_INFO = 20;
54
55    STATE_CHILD_KILL = 101;
56    STATE_CHILD_INITIAL = 102;
57    STATE_CHILD_CREATE_LOCAL_CREATE = 103;
58    STATE_CHILD_IDLE = 104;
59    STATE_CHILD_IDLE_WITH_DEFERRED_REQUEST = 105;
60    STATE_CHILD_CLOSE_AND_AWAIT_RESPONSE = 106;
61    STATE_CHILD_DELETE_LOCAL_DELETE = 107;
62    STATE_CHILD_DELETE_REMOTE_DELETE =108;
63    STATE_CHILD_REKEY_LOCAL_CREATE = 109;
64    STATE_CHILD_MOBIKE_REKEY_LOCAL_CREATE = 110;
65    STATE_CHILD_REKEY_REMOTE_CREATE = 111;
66    STATE_CHILD_REKEY_LOCAL_DELETE = 112;
67    STATE_CHILD_REKEY_REMOTE_DELETE = 113;
68}
69
70enum DhGroups {
71    DH_GROUP_UNSPECIFIED = 0;
72    DH_GROUP_NONE = 1;
73    DH_GROUP_1024_BIT_MODP = 2;
74    DH_GROUP_1536_BIT_MODP = 5;
75    DH_GROUP_2048_BIT_MODP = 14;
76    DH_GROUP_3072_BIT_MODP = 15;
77    DH_GROUP_4096_BIT_MODP = 16;
78    DH_GROUP_CURVE_25519 = 31;
79}
80
81enum IntegrityAlgorithms {
82    INTEGRITY_ALGORITHM_UNSPECIFIED = 0;
83    INTEGRITY_ALGORITHM_NONE = 1;
84    INTEGRITY_ALGORITHM_HMAC_SHA1_96 = 2;
85    INTEGRITY_ALGORITHM_AES_XCBC_96 = 5;
86    INTEGRITY_ALGORITHM_AES_CMAC_96 = 8;
87    INTEGRITY_ALGORITHM_HMAC_SHA2_256_128 = 12;
88    INTEGRITY_ALGORITHM_HMAC_SHA2_384_192 = 13;
89    INTEGRITY_ALGORITHM_HMAC_SHA2_512_256 = 14;
90}
91
92enum PrfAlgorithms {
93    PSEUDORANDOM_FUNCTION_UNSPECIFIED = 0;
94    PSEUDORANDOM_FUNCTION_HMAC_SHA1 = 2;
95    PSEUDORANDOM_FUNCTION_AES128_XCBC = 4;
96    PSEUDORANDOM_FUNCTION_SHA2_256 = 5;
97    PSEUDORANDOM_FUNCTION_SHA2_384 = 6;
98    PSEUDORANDOM_FUNCTION_SHA2_512 = 7;
99    PSEUDORANDOM_FUNCTION_AES128_CMAC = 8;
100}
101
102enum EncryptionAlgorithms {
103    ENCRYPTION_ALGORITHM_UNSPECIFIED = 0;
104    ENCRYPTION_ALGORITHM_3DES = 3;
105    ENCRYPTION_ALGORITHM_AES_CBC = 12;
106    ENCRYPTION_ALGORITHM_AES_CTR = 13;
107    ENCRYPTION_ALGORITHM_AES_GCM_8 = 18;
108    ENCRYPTION_ALGORITHM_AES_GCM_12 = 19;
109    ENCRYPTION_ALGORITHM_AES_GCM_16 = 20;
110    ENCRYPTION_ALGORITHM_CHACHA20_POLY1305 = 28;
111}
112
113enum KeyLengths {
114    KEY_LEN_UNSPECIFIED = 0;
115    KEY_LEN_UNUSED = 1;
116    KEY_LEN_AES_128 = 128;
117    KEY_LEN_AES_192 = 192;
118    KEY_LEN_AES_256 = 256;
119}
120
121// IkeError consists of 32 bits with the top 4 bits always unset,
122// the next 12 bits representing the error categories and the
123// rest 16 bits representing the detailed error causes.
124enum IkeError {
125    ERROR_UNKNOWN = 0x0FFFFFFF;
126
127    // No error has occurred
128    ERROR_NONE = 0x00000000;
129
130    //Reserve the incorrectly used ERROR_PROTOCOL_SINGLE_PAIR_REQUIRED value here.
131    ERROR_RESERVED_00004022 = 0x00004022;
132
133    ERROR_INTERNAL = 0x00010000;
134    ERROR_NETWORK_LOST = 0x00020000;
135
136    // IO errors start from 0x00030000
137    ERROR_IO_GENERAL = 0x00030000;
138    ERROR_IO_TIMEOUT = 0x00030001;
139    ERROR_IO_DNS_FAILURE = 0x00030002;
140
141    // IKE protocol (RFC 7296) errors start from 0x00040000
142    ERROR_PROTOCOL_UNKNOWN = 0x00040000;
143    ERROR_PROTOCOL_UNSUPPORTED_CRITICAL_PAYLOAD= 0x00040001;
144    ERROR_PROTOCOL_INVALID_IKE_SPI= 0x00040004;
145    ERROR_PROTOCOL_INVALID_MAJOR_VERSION= 0x00040005;
146    ERROR_PROTOCOL_INVALID_SYNTAX= 0x00040007;
147    ERROR_PROTOCOL_INVALID_MESSAGE_ID= 0x00040009;
148    ERROR_PROTOCOL_NO_PROPOSAL_CHOSEN= 0x0004000E;
149    ERROR_PROTOCOL_INVALID_KE_PAYLOAD= 0x00040011;
150    ERROR_PROTOCOL_AUTHENTICATION_FAILED= 0x00040018;
151    ERROR_PROTOCOL_SINGLE_PAIR_REQUIRED= 0x00040022;
152    ERROR_PROTOCOL_NO_ADDITIONAL_SAS= 0x00040023;
153    ERROR_PROTOCOL_INTERNAL_ADDRESS_FAILURE= 0x00040024;
154    ERROR_PROTOCOL_FAILED_CP_REQUIRED= 0x00040025;
155    ERROR_PROTOCOL_TS_UNACCEPTABLE= 0x00040026;
156    ERROR_PROTOCOL_INVALID_SELECTORS= 0x00040027;
157    ERROR_PROTOCOL_TEMPORARY_FAILURE= 0x0004002B;
158    ERROR_PROTOCOL_CHILD_SA_NOT_FOUND= 0x0004002C;
159}
160
161// Deprecated. Use IkeState instead.
162enum IkeTask {
163    IKE_TASK_UNSPECIFIED = 0;
164    IKE_TASK_ON_DEMAND_DPD = 1;
165    IKE_TASK_UNKNOWN_BUSY = 2;
166    IKE_TASK_PERIODIC_DPD = 3;
167    IKE_TASK_REKEY_IKE = 4;
168    IKE_TASK_REKEY_CHILD = 5;
169    IKE_TASK_MOBIKE = 6;
170}
171
172enum IkeUnderlyingNetworkType {
173    NETWORK_UNSPECIFIED = 0;
174    NETWORK_WIFI = 1;
175    NETWORK_CELLULAR = 2;
176}
177
178
179