IPSEC_API_MODE_INFO (Compact 2013)

[アーティクル]
11/04/2015

3/26/2014

Deprecated.

This structure specifies the settings related to the IPSec mode.

Note

The IPSec APIs will be deprecated in the next release of Windows Embedded Compact. Replace them with the WFP IPSec APIs. For more information, see Windows Filtering Platform.

Syntax

typedef struct {
  DWORD inAction;
  DWORD outAction;
  DWORD auth;
  PBYTE authInfo;
  DWORD authInfoSize;
  DWORD mmHashMask;
  DWORD mmEncMask;
  DWORD qmHashMask;
  DWORD qmEncMask;
  DWORD dhMask;
  DWORD protocol;
  DWORD scrIP;
} IPSEC_API_MODE_INFO, *PIPSEC_API_MODE_INFO;

Members

inAction
Specifies the action to take on incoming traffic. This member can be one of the following values:

Value

Description

IPSEC_API_IN_ACTION_CLEAR

Allow incoming clear traffic.

IPSEC_API_IN_ACTION_SECURE

Incoming traffic has to be secured with IPSec.

The default value for this member is 0 (IPSEC_API_IN_ACTION_CLEAR).

Value	Description
IPSEC_API_IN_ACTION_CLEAR	Allow incoming clear traffic.
IPSEC_API_IN_ACTION_SECURE	Incoming traffic has to be secured with IPSec.

outAction
Specifies the action to take on outgoing traffic. This member can be one of the following values:

Value	Description
IPSEC_API_OUT_ACTION_CLEAR	Try IPSec for outgoing traffic first and then fall back to clear text if the peer does not respond.
IPSEC_API_OUT ACTION_SOFT	Try IPSec for outgoing traffic first and then fall back to clear text if the peer does not respond.
IPSEC_API_OUT ACTION_SECURE	Outgoing traffic must be secured with IPSec.

The default value for this member is 0 (IPSEC_API_IN_ACTION_SOFT).

auth
Specifies the authentication method to use. This member can be one of the following values:

Value

Description

IPSEC_API_PSK_AUTH

Preshared-key authentication. The authInfo and authInfoSize members must be set for this method.

IPSEC_API_CERT_AUTH

Certificate authentication.

The default value for this member is 0 (IPSEC_API_CERT_AUTH).

Value	Description
IPSEC_API_PSK_AUTH	Preshared-key authentication. The authInfo and authInfoSize members must be set for this method.
IPSEC_API_CERT_AUTH	Certificate authentication.

authInfo
Specifies the preshared password, in Unicode. This string must be null-terminated.

authInfoSize
Specifies the preshared password size, in bytes. Cannot include a terminating NULL.

mmHashMask
Specifies the main-mode hash algorithm. This member can be one of the following values:

Value

Description

IPSEC_API_AUTH_ALGO_MD5

MD5 integrity mode.

IPSEC_API_AUTH_ALGO_SHA1

SHA1 integrity mode.

IPSEC_API_AUTH_ALGO_NONE

No integrity mode.

The default value for this member is 0 (IPSEC_API_AUTH_ALGO_SHA1 | IPSEC_API_AUTH_ALGO_MD5).

Value	Description
IPSEC_API_AUTH_ALGO_MD5	MD5 integrity mode.
IPSEC_API_AUTH_ALGO_SHA1	SHA1 integrity mode.
IPSEC_API_AUTH_ALGO_NONE	No integrity mode.

mmEncMask
Specifies the main-mode encryption algorithms that are supported. This member can be one or a combination of the following values:

Value

Description

IPSEC_API_CONF_ALGO_3_DES

3DES encryption algorithm.

IPSEC_API_CONF_ALGO_DES

DES encryption algorithm.

IPSEC_API_CONF_ALGO_NONE

No encryption algorithm.

The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_DES | IPSEC_API_CONF_ALGO_DES).

Value	Description
IPSEC_API_CONF_ALGO_3_DES	3DES encryption algorithm.
IPSEC_API_CONF_ALGO_DES	DES encryption algorithm.
IPSEC_API_CONF_ALGO_NONE	No encryption algorithm.

qmHashMask
Specifies the quick-mode hash algorithms that are supported. This member can be one or a combination of the following values.

Value

Description

IPSEC_API_AUTH_ALGO_MD5

MD5 integrity mode.

IPSEC_API_AUTH_ALGO_SHA1

SHA1 integrity mode.

IPSEC_API_AUTH_ALGO_NONE

No integrity mode.

The default value for this member is set to 0 (IPSEC_API_AUTH_ALGO_SHA1 |IPSEC_API_AUTH_ALGO_MD5).

Value	Description
IPSEC_API_AUTH_ALGO_MD5	MD5 integrity mode.
IPSEC_API_AUTH_ALGO_SHA1	SHA1 integrity mode.
IPSEC_API_AUTH_ALGO_NONE	No integrity mode.

qmEncMask
Specifies the quick-mode encryption algorithms that are supported. This member can be one or a combination of the following values.

Value

Description

IPSEC_API_CONF_ALGO_3_DES

3DES encryption algorithm.

IPSEC_API_CONF_ALGO_DES

DES encryption algorithm.

IPSEC_API_CONF_ALGO_NONE

No encryption algorithm.

The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_NONE).

Value	Description
IPSEC_API_CONF_ALGO_3_DES	3DES encryption algorithm.
IPSEC_API_CONF_ALGO_DES	DES encryption algorithm.
IPSEC_API_CONF_ALGO_NONE	No encryption algorithm.

dhMask
Specifies the main-mode Diffie-Hellman parameters This member can be one of the following values:

Value

Description

IPSEC_API_DH_GROUP_1

Diffie-Hellman Group 1.

IPSEC_API_DH_GROUP_2

Diffie-Hellman Group 2.

IPSEC_API_DH_GROUP_2048

Diffie-Hellman Group 2048.

The default value for this member is set to 0 (IPSEC_API_DH_GROUP_2).

Value	Description
IPSEC_API_DH_GROUP_1	Diffie-Hellman Group 1.
IPSEC_API_DH_GROUP_2	Diffie-Hellman Group 2.
IPSEC_API_DH_GROUP_2048	Diffie-Hellman Group 2048.

protocol
Specifies the protocol affected by the IPSec settings. This member can be one or a combination of the following values.

Value

Description

IPSEC_API_PROTOCOL_TCP

Transmission Control Protocol (TCP).

IPSEC_API_PROTOCOL_UDP

User Datagram Protocol (UDP).

The default value for this member is set to 0 (IPSEC_API_PROTOCOL_TCP | IPSEC_API_PROTOCOL_UDP).

Value	Description
IPSEC_API_PROTOCOL_TCP	Transmission Control Protocol (TCP).
IPSEC_API_PROTOCOL_UDP	User Datagram Protocol (UDP).

srcIP
Specifies the source IP address to which the policy is applied. This IP address must be specified in network order. If the policy applies to all source IP addresses, this member can be set to zero.

Requirements

Header

ipsec_api.h

次の方法で共有

IPSEC_API_MODE_INFO (Compact 2013)

Syntax

Members

Requirements

See Also

Reference

Other Resources

その他のリソース