Inheritance diagram for ProtocolPP::jikev2sa:

Collaboration diagram for ProtocolPP::jikev2sa:

Public Member Functions
	jikev2sa ()

	jikev2sa (direction_t dir, std::string ikecnxt, exchg_t exchg, ike_pyld_t nxtpyld, uint8_t majorev, uint8_t minorev, uint8_t flags, uint32_t msgid_init, uint32_t msgid_resp, jarray< uint8_t > SPIi, jarray< uint8_t > SPIr, jarray< uint8_t > Ni, jarray< uint8_t > Nr, jarray< uint8_t > SKd, encr_id_t cipher, uint32_t ckeylen, uint32_t ivlen, uint32_t saltlen, jarray< uint8_t > SKei, jarray< uint8_t > SKer, jarray< uint8_t > iv, jarray< uint8_t > SKsi, jarray< uint8_t > SKsr, integ_id_t integ, uint32_t akeylen, uint32_t icvlen, jarray< uint8_t > SKai, jarray< uint8_t > SKar, prf_id_t prf, uint32_t prflen, jarray< uint8_t > SKpi, jarray< uint8_t > SKpr, dh_id_t dh, auth_method_t ikeauth, uint32_t arlen)

	jikev2sa (jikev2sa &rhs)

	jikev2sa (std::shared_ptr< jikev2sa > &rhs)

virtual	~jikev2sa ()=default

template<typename T >
void	set_field (field_t field, T value)

template<typename T >
T	get_field (field_t field)

void	to_xml (tinyxml2::XMLPrinter &myxml, direction_t direction)

void	to_json (std::ofstream &myjson, direction_t direction, std::string &indent)

	jikev2sa (const jikev2sa &jipsec)=delete

Public Member Functions inherited from ProtocolPP::jsecass
	jsecass ()

virtual	~jsecass ()=default
	Standard deconstructor.

	jsecass (jsecass &jsecass)=delete

	jsecass (const jsecass &jsecass)=delete

Constructor & Destructor Documentation

◆ jikev2sa() [1/4]

ProtocolPP::jikev2sa::jikev2sa ( )

Standard constructor with defaults

IKEv2 Defaults
field	Default Value
DIRECTION	ENCAP
IKECNXT	NOCONNECTION
EXCHG	EXCHG_IKE_SA_INIT
NXTPYLD	PYLD_SA
MAJOREV	2
MINOREV	0
FLAGS	0x80
MSGID	0
SPIi	0
SPIr	0
Ni	0
Nr	0
SKd	0
CIPHER	ENCR_AES_CBC
CKEYLEN	16
IVLEN	16
SALTLEN	0
SKei	0
SKer	0
IV	0
SKsi	0
SKsr	0
INTEG	AUTH_NONE (AEAD encryption does not require a separate integrity function, so we default to AUTH_NONE)
SKai	0
SKar	0
AKEYLEN	0
ICVLEN	12
PRF	PRF_HMAC_SHA2_256
PRFLEN	32
SKpi	0
SKpr	0
DH	DH_MODP_3072
IKEAUTH	AUTH_RSA
ARLEN	0

◆ jikev2sa() [2/4]

ProtocolPP::jikev2sa::jikev2sa	(	direction_t	dir,
		std::string	ikecnxt,
		exchg_t	exchg,
		ike_pyld_t	nxtpyld,
		uint8_t	majorev,
		uint8_t	minorev,
		uint8_t	flags,
		uint32_t	msgid_init,
		uint32_t	msgid_resp,
		jarray< uint8_t >	SPIi,
		jarray< uint8_t >	SPIr,
		jarray< uint8_t >	Ni,
		jarray< uint8_t >	Nr,
		jarray< uint8_t >	SKd,
		encr_id_t	cipher,
		uint32_t	ckeylen,
		uint32_t	ivlen,
		uint32_t	saltlen,
		jarray< uint8_t >	SKei,
		jarray< uint8_t >	SKer,
		jarray< uint8_t >	iv,
		jarray< uint8_t >	SKsi,
		jarray< uint8_t >	SKsr,
		integ_id_t	integ,
		uint32_t	akeylen,
		uint32_t	icvlen,
		jarray< uint8_t >	SKai,
		jarray< uint8_t >	SKar,
		prf_id_t	prf,
		uint32_t	prflen,
		jarray< uint8_t >	SKpi,
		jarray< uint8_t >	SKpr,
		dh_id_t	dh,
		auth_method_t	ikeauth,
		uint32_t	arlen
	)

See RFC7296 for required fields and their meanings

Security Association for IKEv2. Initialization Vectors are generated randomly using the Mersenne Twister algorithm or are passed to the SA during key negotiation depending on the randiv setting

Parameters

dir	- Direction of processing ENCAP (or out) and DECAP (or in)
ikecnxt	- IKE connection name
exchg	- Exchange type
nxtpyld	- Next payload after header
majorev	- Major IKE version (currently 2)
minorev	- Minor IKE version (currently 0)
flags	- Flags for responder, initiator, and version check
msgid_init	- Message ID for INITIATOR (default is 0)
msgid_resp	- Message ID for RESPONDER (default is 0)
SPIi	- Initiator Security Protocol Index
SPIr	- Responder Security Protocol Index
Ni	- Initiator Nonce
Nr	- Responder Nonce
SKd	- IKE D Key
cipher	- Encryption algorithm
ckeylen	- IKE Cipher Algorithm Key Length
ivlen	- IKE Cipher Initialization Vecotr Length
saltlen	- IKE Cipher Salt Length
SKei	- IKE Cipher Initiator Key
SKer	- IKE Cipher Responder Key
iv	- IKE Cipher Initialization Vector
SKsi	- IKE Cipher Initiator Salt Value
SKsr	- IKE Cipher Initiator Salt Value
integ	- IKE Integrity Algorithm
SKai	- IKE Integrity Algorithm Initiator Key
SKar	- IKE Integrity Algorithm Responder Key
akeylen	- IKE Integrity Algorithm Key Length
icvlen	- IKE Integerity Check Value
prf	- IKE Psuedo Random Function
prflen	- IKE Psuedo Random Function Key Length
SKpi	- IKE Psuedo Random Function Initiator Key
SKpr	- IKE Psuedo Random Function Responder Key
dh	- IKE Diffie-Hellman Method
ikeauth	- IKE Authentication Algorithm
arlen	- IKE Anti-Replay Length

◆ jikev2sa() [3/4]

ProtocolPP::jikev2sa::jikev2sa ( jikev2sa & rhs )

Constructor for IKEv2

Parameters

rhs	- Security association (SA) for this IKEv2 flow

◆ jikev2sa() [4/4]

ProtocolPP::jikev2sa::jikev2sa ( std::shared_ptr< jikev2sa > & rhs )

explicit

Constructor for IKEv2

Parameters

rhs	- Security association (SA) for this IKEv2 flow

◆ ~jikev2sa()

virtual ProtocolPP::jikev2sa::~jikev2sa ( )

virtualdefault

Standard deconstructor flush and close the auditlog if present

Member Function Documentation

◆ get_field()

template<typename T >

T ProtocolPP::jikev2sa::get_field ( field_t field )

Retrieve the field from the IKEv2 security association

IKEv2 Get Fields
field type	field name	Example
direction_t	DIRECTION	direction_t direction = get_field<direction_t>(ProtocolPP::DIRECTION)
exchg_t	EXCHG	exchg_t exchg = get_field<exchg_t>(ProtocolPP::EXCHG)
ike_pyld_t	NXTPYLD	ike_pyld_t pyld = get_field<ike_pyld_t>(ProtocolPP::NXTPYLD)
uint8_t	MAJOR_REVISION	uint8_t major = get_field<uint8_t>(ProtocolPP::MAJOR_REVISION)
uint32_t	MSGID	uint32_t msgid = get_field<uint32_t>(ProtocolPP::MSGID)
jarray<uint8_t>	SPIei	jarray<uint8_t> encryptkey = get_field<jarray<uint8_t>>(ProtocolPP::SPIei)
encr_id_t	ENCR	encr_id_t cipher = get_field<encr_id_t>(ProtocolPP::CIPHER)
integ_id_t	INTEG	integ_id_t integ = get_field<integ_id_t>(ProtocolPP::INTEG)
prf_id_t	PRF	prf_id_t prf = get_field<prf_id_t>(ProtocolPP::PRF)
dh_id_t	DH	dh_id_t dh = get_field<dh_id_t>(ProtocolPP::DH)
auth_method_t	IKEPRF	auth_method_t ikeauth = get_field<auth_method_t>(ProtocolPP::IKEPRF)

Due to their dynamic nature, some fields are only available in jikev2 which include the following fields

LENGTH

Parameters

field - field to return from the secuirty association

Returns: field

◆ set_field()

template<typename T >

void ProtocolPP::jikev2sa::set_field	(	field_t	field,
		T	value
	)

Update IKEv2 field with the new value

IKEv2 Set Fields
field type	field name	Example
direction_t	DIRECTION	set_field<direction_t>(ProtocolPP::DIRECTION, direction_t::DECAP)
exchg_t	EXCHG	set_field<exchg_t>(ProtocolPP::EXCHG, exchg_t::EXCHG_IKE_SA_INIT)
ike_pyld_t	NXTPYLD	set_field<ike_pyld_t>(ProtocolPP::NXTPYLD, exchg_t::PYLD_SA)
uint8_t	MAJOR_REVISION	set_field<uint8_t>(ProtocolPP::MAJOR_REVISION, 0x02)
uint8_t	MINOR_REVISION	set_field<uint8_t>(ProtocolPP::MINOR_REVISION, 0x00)
uint32_t	MSGID	set_field<uint32_t>(ProtocolPP::MSGID, 0x00000011)
jarray<uint8_t>	SPIei	set_field<jarray<uint8_t>>(ProtocolPP::SPIei, jarray<uint8_t>("AABBCCDDEEFF00112233445566778899"))
encr_id_t	ENCR	set_field<encr_id_t>(ProtocolPP::CIPHER, encr_id_t::ENCR_DES)
integ_id_t	INTEG	set_field<integ_id_t>(ProtocolPP::INTEG, integ_id_t::AUTH_HMAC_MD5_96)
prf_id_t	PRF	set_field<prf_id_t>(ProtocolPP::PRF, prf_id_t::PRF_HMAC_SHA2_256)
dh_id_t	DH	set_field<dh_id_t>(ProtocolPP::DH, dh_id_t::DH_ECP_384)
auth_method_t	IKEPRF	set_field<auth_method_t>(ProtocolPP::IKEPRF, auth_method_t::AUTH_ECDSA_P256)

Due to their dynamic nature, some fields are only available in jikev2 which include the following fields

LENGTH

Parameters

field	- field to update
value	- new value for the field

◆ to_json()

void ProtocolPP::jikev2sa::to_json	(	std::ofstream &	myjson,
		direction_t	direction,
		std::string &	indent
	)

virtual

Return the protocol and security fields as JSON

Parameters

myjson	- JSON object
direction	- randomization
indent	- indentation for JSON output

Implements ProtocolPP::jsecass.

◆ to_xml()

void ProtocolPP::jikev2sa::to_xml	(	tinyxml2::XMLPrinter &	myxml,
		direction_t	direction
	)

virtual

Return the protocol and security fields as XML

Parameters

myxml	- XMLPrinter object
direction	- randomization

Implements ProtocolPP::jsecass.

The documentation for this class was generated from the following file:

jikev2/include/jikev2sa.h

Public Member Functions

Constructor & Destructor Documentation

◆ jikev2sa() [1/4]

◆ jikev2sa() [2/4]

◆ jikev2sa() [3/4]

◆ jikev2sa() [4/4]

◆ ~jikev2sa()

Member Function Documentation

◆ get_field()

◆ set_field()

◆ to_json()

◆ to_xml()