16d49e1aeSJan Lentfer /* 26d49e1aeSJan Lentfer * IKEv2 definitions 36d49e1aeSJan Lentfer * Copyright (c) 2007, Jouni Malinen <j@w1.fi> 46d49e1aeSJan Lentfer * 5*3ff40c12SJohn Marino * This software may be distributed under the terms of the BSD license. 6*3ff40c12SJohn Marino * See README for more details. 76d49e1aeSJan Lentfer */ 86d49e1aeSJan Lentfer 96d49e1aeSJan Lentfer #ifndef IKEV2_COMMON_H 106d49e1aeSJan Lentfer #define IKEV2_COMMON_H 116d49e1aeSJan Lentfer 126d49e1aeSJan Lentfer /* 136d49e1aeSJan Lentfer * Nonce length must be at least 16 octets. It must also be at least half the 146d49e1aeSJan Lentfer * key size of the negotiated PRF. 156d49e1aeSJan Lentfer */ 166d49e1aeSJan Lentfer #define IKEV2_NONCE_MIN_LEN 16 176d49e1aeSJan Lentfer #define IKEV2_NONCE_MAX_LEN 256 186d49e1aeSJan Lentfer 196d49e1aeSJan Lentfer /* IKE Header - RFC 4306, Sect. 3.1 */ 206d49e1aeSJan Lentfer #ifdef _MSC_VER 216d49e1aeSJan Lentfer #pragma pack(push, 1) 226d49e1aeSJan Lentfer #endif /* _MSC_VER */ 236d49e1aeSJan Lentfer 246d49e1aeSJan Lentfer #define IKEV2_SPI_LEN 8 256d49e1aeSJan Lentfer 266d49e1aeSJan Lentfer struct ikev2_hdr { 276d49e1aeSJan Lentfer u8 i_spi[IKEV2_SPI_LEN]; /* IKE_SA Initiator's SPI */ 286d49e1aeSJan Lentfer u8 r_spi[IKEV2_SPI_LEN]; /* IKE_SA Responder's SPI */ 296d49e1aeSJan Lentfer u8 next_payload; 306d49e1aeSJan Lentfer u8 version; /* MjVer | MnVer */ 316d49e1aeSJan Lentfer u8 exchange_type; 326d49e1aeSJan Lentfer u8 flags; 336d49e1aeSJan Lentfer u8 message_id[4]; 346d49e1aeSJan Lentfer u8 length[4]; /* total length of HDR + payloads */ 356d49e1aeSJan Lentfer } STRUCT_PACKED; 366d49e1aeSJan Lentfer 376d49e1aeSJan Lentfer struct ikev2_payload_hdr { 386d49e1aeSJan Lentfer u8 next_payload; 396d49e1aeSJan Lentfer u8 flags; 406d49e1aeSJan Lentfer u8 payload_length[2]; /* this payload, including the payload header */ 416d49e1aeSJan Lentfer } STRUCT_PACKED; 426d49e1aeSJan Lentfer 436d49e1aeSJan Lentfer struct ikev2_proposal { 446d49e1aeSJan Lentfer u8 type; /* 0 (last) or 2 (more) */ 456d49e1aeSJan Lentfer u8 reserved; 466d49e1aeSJan Lentfer u8 proposal_length[2]; /* including all transform and attributes */ 476d49e1aeSJan Lentfer u8 proposal_num; 486d49e1aeSJan Lentfer u8 protocol_id; /* IKEV2_PROTOCOL_* */ 496d49e1aeSJan Lentfer u8 spi_size; 506d49e1aeSJan Lentfer u8 num_transforms; 516d49e1aeSJan Lentfer /* SPI of spi_size octets */ 526d49e1aeSJan Lentfer /* Transforms */ 536d49e1aeSJan Lentfer } STRUCT_PACKED; 546d49e1aeSJan Lentfer 556d49e1aeSJan Lentfer struct ikev2_transform { 566d49e1aeSJan Lentfer u8 type; /* 0 (last) or 3 (more) */ 576d49e1aeSJan Lentfer u8 reserved; 586d49e1aeSJan Lentfer u8 transform_length[2]; /* including Header and Attributes */ 596d49e1aeSJan Lentfer u8 transform_type; 606d49e1aeSJan Lentfer u8 reserved2; 616d49e1aeSJan Lentfer u8 transform_id[2]; 626d49e1aeSJan Lentfer /* Transform Attributes */ 636d49e1aeSJan Lentfer } STRUCT_PACKED; 646d49e1aeSJan Lentfer 656d49e1aeSJan Lentfer #ifdef _MSC_VER 666d49e1aeSJan Lentfer #pragma pack(pop) 676d49e1aeSJan Lentfer #endif /* _MSC_VER */ 686d49e1aeSJan Lentfer 696d49e1aeSJan Lentfer 706d49e1aeSJan Lentfer /* Current IKEv2 version from RFC 4306 */ 716d49e1aeSJan Lentfer #define IKEV2_MjVer 2 726d49e1aeSJan Lentfer #define IKEV2_MnVer 0 736d49e1aeSJan Lentfer #define IKEV2_VERSION (((IKEV2_MjVer) << 4) | (IKEV2_MnVer)) 746d49e1aeSJan Lentfer 756d49e1aeSJan Lentfer /* IKEv2 Exchange Types */ 766d49e1aeSJan Lentfer enum { 776d49e1aeSJan Lentfer /* 0-33 RESERVED */ 786d49e1aeSJan Lentfer IKE_SA_INIT = 34, 796d49e1aeSJan Lentfer IKE_SA_AUTH = 35, 806d49e1aeSJan Lentfer CREATE_CHILD_SA = 36, 816d49e1aeSJan Lentfer INFORMATION = 37 826d49e1aeSJan Lentfer /* 38-239 RESERVED TO IANA */ 836d49e1aeSJan Lentfer /* 240-255 Reserved for private use */ 846d49e1aeSJan Lentfer }; 856d49e1aeSJan Lentfer 866d49e1aeSJan Lentfer /* IKEv2 Flags */ 876d49e1aeSJan Lentfer #define IKEV2_HDR_INITIATOR 0x08 886d49e1aeSJan Lentfer #define IKEV2_HDR_VERSION 0x10 896d49e1aeSJan Lentfer #define IKEV2_HDR_RESPONSE 0x20 906d49e1aeSJan Lentfer 916d49e1aeSJan Lentfer /* Payload Header Flags */ 926d49e1aeSJan Lentfer #define IKEV2_PAYLOAD_FLAGS_CRITICAL 0x01 936d49e1aeSJan Lentfer 946d49e1aeSJan Lentfer 956d49e1aeSJan Lentfer /* EAP-IKEv2 Payload Types (in Next Payload Type field) 966d49e1aeSJan Lentfer * http://www.iana.org/assignments/eap-ikev2-payloads */ 976d49e1aeSJan Lentfer enum { 986d49e1aeSJan Lentfer IKEV2_PAYLOAD_NO_NEXT_PAYLOAD = 0, 996d49e1aeSJan Lentfer IKEV2_PAYLOAD_SA = 33, 1006d49e1aeSJan Lentfer IKEV2_PAYLOAD_KEY_EXCHANGE = 34, 1016d49e1aeSJan Lentfer IKEV2_PAYLOAD_IDi = 35, 1026d49e1aeSJan Lentfer IKEV2_PAYLOAD_IDr = 36, 1036d49e1aeSJan Lentfer IKEV2_PAYLOAD_CERTIFICATE = 37, 1046d49e1aeSJan Lentfer IKEV2_PAYLOAD_CERT_REQ = 38, 1056d49e1aeSJan Lentfer IKEV2_PAYLOAD_AUTHENTICATION = 39, 1066d49e1aeSJan Lentfer IKEV2_PAYLOAD_NONCE = 40, 1076d49e1aeSJan Lentfer IKEV2_PAYLOAD_NOTIFICATION = 41, 1086d49e1aeSJan Lentfer IKEV2_PAYLOAD_VENDOD_ID = 43, 1096d49e1aeSJan Lentfer IKEV2_PAYLOAD_ENCRYPTED = 46, 1106d49e1aeSJan Lentfer IKEV2_PAYLOAD_NEXT_FAST_ID = 121 1116d49e1aeSJan Lentfer }; 1126d49e1aeSJan Lentfer 1136d49e1aeSJan Lentfer 1146d49e1aeSJan Lentfer /* IKEv2 Proposal - Protocol ID */ 1156d49e1aeSJan Lentfer enum { 1166d49e1aeSJan Lentfer IKEV2_PROTOCOL_RESERVED = 0, 1176d49e1aeSJan Lentfer IKEV2_PROTOCOL_IKE = 1, /* IKE is the only one allowed for EAP-IKEv2 */ 1186d49e1aeSJan Lentfer IKEV2_PROTOCOL_AH = 2, 1196d49e1aeSJan Lentfer IKEV2_PROTOCOL_ESP = 3 1206d49e1aeSJan Lentfer }; 1216d49e1aeSJan Lentfer 1226d49e1aeSJan Lentfer 1236d49e1aeSJan Lentfer /* IKEv2 Transform Types */ 1246d49e1aeSJan Lentfer enum { 1256d49e1aeSJan Lentfer IKEV2_TRANSFORM_ENCR = 1, 1266d49e1aeSJan Lentfer IKEV2_TRANSFORM_PRF = 2, 1276d49e1aeSJan Lentfer IKEV2_TRANSFORM_INTEG = 3, 1286d49e1aeSJan Lentfer IKEV2_TRANSFORM_DH = 4, 1296d49e1aeSJan Lentfer IKEV2_TRANSFORM_ESN = 5 1306d49e1aeSJan Lentfer }; 1316d49e1aeSJan Lentfer 132*3ff40c12SJohn Marino /* IKEv2 Transform Type 1 (Encryption Algorithm) */ 1336d49e1aeSJan Lentfer enum { 1346d49e1aeSJan Lentfer ENCR_DES_IV64 = 1, 1356d49e1aeSJan Lentfer ENCR_DES = 2, 1366d49e1aeSJan Lentfer ENCR_3DES = 3, 1376d49e1aeSJan Lentfer ENCR_RC5 = 4, 1386d49e1aeSJan Lentfer ENCR_IDEA = 5, 1396d49e1aeSJan Lentfer ENCR_CAST = 6, 1406d49e1aeSJan Lentfer ENCR_BLOWFISH = 7, 1416d49e1aeSJan Lentfer ENCR_3IDEA = 8, 1426d49e1aeSJan Lentfer ENCR_DES_IV32 = 9, 1436d49e1aeSJan Lentfer ENCR_NULL = 11, 1446d49e1aeSJan Lentfer ENCR_AES_CBC = 12, 1456d49e1aeSJan Lentfer ENCR_AES_CTR = 13 1466d49e1aeSJan Lentfer }; 1476d49e1aeSJan Lentfer 1486d49e1aeSJan Lentfer /* IKEv2 Transform Type 2 (Pseudo-random Function) */ 1496d49e1aeSJan Lentfer enum { 1506d49e1aeSJan Lentfer PRF_HMAC_MD5 = 1, 1516d49e1aeSJan Lentfer PRF_HMAC_SHA1 = 2, 1526d49e1aeSJan Lentfer PRF_HMAC_TIGER = 3, 1536d49e1aeSJan Lentfer PRF_AES128_XCBC = 4 1546d49e1aeSJan Lentfer }; 1556d49e1aeSJan Lentfer 1566d49e1aeSJan Lentfer /* IKEv2 Transform Type 3 (Integrity Algorithm) */ 1576d49e1aeSJan Lentfer enum { 1586d49e1aeSJan Lentfer AUTH_HMAC_MD5_96 = 1, 1596d49e1aeSJan Lentfer AUTH_HMAC_SHA1_96 = 2, 1606d49e1aeSJan Lentfer AUTH_DES_MAC = 3, 1616d49e1aeSJan Lentfer AUTH_KPDK_MD5 = 4, 1626d49e1aeSJan Lentfer AUTH_AES_XCBC_96 = 5 1636d49e1aeSJan Lentfer }; 1646d49e1aeSJan Lentfer 1656d49e1aeSJan Lentfer /* IKEv2 Transform Type 4 (Diffie-Hellman Group) */ 1666d49e1aeSJan Lentfer enum { 1676d49e1aeSJan Lentfer DH_GROUP1_768BIT_MODP = 1, /* RFC 4306 */ 1686d49e1aeSJan Lentfer DH_GROUP2_1024BIT_MODP = 2, /* RFC 4306 */ 1696d49e1aeSJan Lentfer DH_GROUP5_1536BIT_MODP = 5, /* RFC 3526 */ 1706d49e1aeSJan Lentfer DH_GROUP5_2048BIT_MODP = 14, /* RFC 3526 */ 1716d49e1aeSJan Lentfer DH_GROUP5_3072BIT_MODP = 15, /* RFC 3526 */ 1726d49e1aeSJan Lentfer DH_GROUP5_4096BIT_MODP = 16, /* RFC 3526 */ 1736d49e1aeSJan Lentfer DH_GROUP5_6144BIT_MODP = 17, /* RFC 3526 */ 1746d49e1aeSJan Lentfer DH_GROUP5_8192BIT_MODP = 18 /* RFC 3526 */ 1756d49e1aeSJan Lentfer }; 1766d49e1aeSJan Lentfer 1776d49e1aeSJan Lentfer 1786d49e1aeSJan Lentfer /* Identification Data Types (RFC 4306, Sect. 3.5) */ 1796d49e1aeSJan Lentfer enum { 1806d49e1aeSJan Lentfer ID_IPV4_ADDR = 1, 1816d49e1aeSJan Lentfer ID_FQDN = 2, 1826d49e1aeSJan Lentfer ID_RFC822_ADDR = 3, 1836d49e1aeSJan Lentfer ID_IPV6_ADDR = 5, 1846d49e1aeSJan Lentfer ID_DER_ASN1_DN = 9, 1856d49e1aeSJan Lentfer ID_DER_ASN1_GN= 10, 1866d49e1aeSJan Lentfer ID_KEY_ID = 11 1876d49e1aeSJan Lentfer }; 1886d49e1aeSJan Lentfer 1896d49e1aeSJan Lentfer 1906d49e1aeSJan Lentfer /* Certificate Encoding (RFC 4306, Sect. 3.6) */ 1916d49e1aeSJan Lentfer enum { 1926d49e1aeSJan Lentfer CERT_ENCODING_PKCS7_X509 = 1, 1936d49e1aeSJan Lentfer CERT_ENCODING_PGP_CERT = 2, 1946d49e1aeSJan Lentfer CERT_ENCODING_DNS_SIGNED_KEY = 3, 1956d49e1aeSJan Lentfer /* X.509 Certificate - Signature: DER encoded X.509 certificate whose 1966d49e1aeSJan Lentfer * public key is used to validate the sender's AUTH payload */ 1976d49e1aeSJan Lentfer CERT_ENCODING_X509_CERT_SIGN = 4, 1986d49e1aeSJan Lentfer CERT_ENCODING_KERBEROS_TOKEN = 6, 1996d49e1aeSJan Lentfer /* DER encoded X.509 certificate revocation list */ 2006d49e1aeSJan Lentfer CERT_ENCODING_CRL = 7, 2016d49e1aeSJan Lentfer CERT_ENCODING_ARL = 8, 2026d49e1aeSJan Lentfer CERT_ENCODING_SPKI_CERT = 9, 2036d49e1aeSJan Lentfer CERT_ENCODING_X509_CERT_ATTR = 10, 2046d49e1aeSJan Lentfer /* PKCS #1 encoded RSA key */ 2056d49e1aeSJan Lentfer CERT_ENCODING_RAW_RSA_KEY = 11, 2066d49e1aeSJan Lentfer CERT_ENCODING_HASH_AND_URL_X509_CERT = 12, 2076d49e1aeSJan Lentfer CERT_ENCODING_HASH_AND_URL_X509_BUNDLE = 13 2086d49e1aeSJan Lentfer }; 2096d49e1aeSJan Lentfer 2106d49e1aeSJan Lentfer 2116d49e1aeSJan Lentfer /* Authentication Method (RFC 4306, Sect. 3.8) */ 2126d49e1aeSJan Lentfer enum { 2136d49e1aeSJan Lentfer AUTH_RSA_SIGN = 1, 2146d49e1aeSJan Lentfer AUTH_SHARED_KEY_MIC = 2, 2156d49e1aeSJan Lentfer AUTH_DSS_SIGN = 3 2166d49e1aeSJan Lentfer }; 2176d49e1aeSJan Lentfer 2186d49e1aeSJan Lentfer 2196d49e1aeSJan Lentfer /* Notify Message Types (RFC 4306, Sect. 3.10.1) */ 2206d49e1aeSJan Lentfer enum { 2216d49e1aeSJan Lentfer UNSUPPORTED_CRITICAL_PAYLOAD = 1, 2226d49e1aeSJan Lentfer INVALID_IKE_SPI = 4, 2236d49e1aeSJan Lentfer INVALID_MAJOR_VERSION = 5, 2246d49e1aeSJan Lentfer INVALID_SYNTAX = 7, 2256d49e1aeSJan Lentfer INVALID_MESSAGE_ID = 9, 2266d49e1aeSJan Lentfer INVALID_SPI = 11, 2276d49e1aeSJan Lentfer NO_PROPOSAL_CHOSEN = 14, 2286d49e1aeSJan Lentfer INVALID_KE_PAYLOAD = 17, 2296d49e1aeSJan Lentfer AUTHENTICATION_FAILED = 24, 2306d49e1aeSJan Lentfer SINGLE_PAIR_REQUIRED = 34, 2316d49e1aeSJan Lentfer NO_ADDITIONAL_SAS = 35, 2326d49e1aeSJan Lentfer INTERNAL_ADDRESS_FAILURE = 36, 2336d49e1aeSJan Lentfer FAILED_CP_REQUIRED = 37, 2346d49e1aeSJan Lentfer TS_UNACCEPTABLE = 38, 2356d49e1aeSJan Lentfer INVALID_SELECTORS = 39 2366d49e1aeSJan Lentfer }; 2376d49e1aeSJan Lentfer 2386d49e1aeSJan Lentfer 2396d49e1aeSJan Lentfer struct ikev2_keys { 2406d49e1aeSJan Lentfer u8 *SK_d, *SK_ai, *SK_ar, *SK_ei, *SK_er, *SK_pi, *SK_pr; 2416d49e1aeSJan Lentfer size_t SK_d_len, SK_integ_len, SK_encr_len, SK_prf_len; 2426d49e1aeSJan Lentfer }; 2436d49e1aeSJan Lentfer 2446d49e1aeSJan Lentfer 2456d49e1aeSJan Lentfer int ikev2_keys_set(struct ikev2_keys *keys); 2466d49e1aeSJan Lentfer void ikev2_free_keys(struct ikev2_keys *keys); 2476d49e1aeSJan Lentfer 2486d49e1aeSJan Lentfer 2496d49e1aeSJan Lentfer /* Maximum hash length for supported hash algorithms */ 2506d49e1aeSJan Lentfer #define IKEV2_MAX_HASH_LEN 20 2516d49e1aeSJan Lentfer 2526d49e1aeSJan Lentfer struct ikev2_integ_alg { 2536d49e1aeSJan Lentfer int id; 2546d49e1aeSJan Lentfer size_t key_len; 2556d49e1aeSJan Lentfer size_t hash_len; 2566d49e1aeSJan Lentfer }; 2576d49e1aeSJan Lentfer 2586d49e1aeSJan Lentfer struct ikev2_prf_alg { 2596d49e1aeSJan Lentfer int id; 2606d49e1aeSJan Lentfer size_t key_len; 2616d49e1aeSJan Lentfer size_t hash_len; 2626d49e1aeSJan Lentfer }; 2636d49e1aeSJan Lentfer 2646d49e1aeSJan Lentfer struct ikev2_encr_alg { 2656d49e1aeSJan Lentfer int id; 2666d49e1aeSJan Lentfer size_t key_len; 2676d49e1aeSJan Lentfer size_t block_size; 2686d49e1aeSJan Lentfer }; 2696d49e1aeSJan Lentfer 2706d49e1aeSJan Lentfer const struct ikev2_integ_alg * ikev2_get_integ(int id); 2716d49e1aeSJan Lentfer int ikev2_integ_hash(int alg, const u8 *key, size_t key_len, const u8 *data, 2726d49e1aeSJan Lentfer size_t data_len, u8 *hash); 2736d49e1aeSJan Lentfer const struct ikev2_prf_alg * ikev2_get_prf(int id); 2746d49e1aeSJan Lentfer int ikev2_prf_hash(int alg, const u8 *key, size_t key_len, 2756d49e1aeSJan Lentfer size_t num_elem, const u8 *addr[], const size_t *len, 2766d49e1aeSJan Lentfer u8 *hash); 2776d49e1aeSJan Lentfer int ikev2_prf_plus(int alg, const u8 *key, size_t key_len, 2786d49e1aeSJan Lentfer const u8 *data, size_t data_len, 2796d49e1aeSJan Lentfer u8 *out, size_t out_len); 2806d49e1aeSJan Lentfer const struct ikev2_encr_alg * ikev2_get_encr(int id); 2816d49e1aeSJan Lentfer int ikev2_encr_encrypt(int alg, const u8 *key, size_t key_len, const u8 *iv, 2826d49e1aeSJan Lentfer const u8 *plain, u8 *crypt, size_t len); 2836d49e1aeSJan Lentfer int ikev2_encr_decrypt(int alg, const u8 *key, size_t key_len, const u8 *iv, 2846d49e1aeSJan Lentfer const u8 *crypt, u8 *plain, size_t len); 2856d49e1aeSJan Lentfer 2866d49e1aeSJan Lentfer int ikev2_derive_auth_data(int prf_alg, const struct wpabuf *sign_msg, 2876d49e1aeSJan Lentfer const u8 *ID, size_t ID_len, u8 ID_type, 2886d49e1aeSJan Lentfer struct ikev2_keys *keys, int initiator, 2896d49e1aeSJan Lentfer const u8 *shared_secret, size_t shared_secret_len, 2906d49e1aeSJan Lentfer const u8 *nonce, size_t nonce_len, 2916d49e1aeSJan Lentfer const u8 *key_pad, size_t key_pad_len, 2926d49e1aeSJan Lentfer u8 *auth_data); 2936d49e1aeSJan Lentfer 2946d49e1aeSJan Lentfer 2956d49e1aeSJan Lentfer struct ikev2_payloads { 2966d49e1aeSJan Lentfer const u8 *sa; 2976d49e1aeSJan Lentfer size_t sa_len; 2986d49e1aeSJan Lentfer const u8 *ke; 2996d49e1aeSJan Lentfer size_t ke_len; 3006d49e1aeSJan Lentfer const u8 *idi; 3016d49e1aeSJan Lentfer size_t idi_len; 3026d49e1aeSJan Lentfer const u8 *idr; 3036d49e1aeSJan Lentfer size_t idr_len; 3046d49e1aeSJan Lentfer const u8 *cert; 3056d49e1aeSJan Lentfer size_t cert_len; 3066d49e1aeSJan Lentfer const u8 *auth; 3076d49e1aeSJan Lentfer size_t auth_len; 3086d49e1aeSJan Lentfer const u8 *nonce; 3096d49e1aeSJan Lentfer size_t nonce_len; 3106d49e1aeSJan Lentfer const u8 *encrypted; 3116d49e1aeSJan Lentfer size_t encrypted_len; 3126d49e1aeSJan Lentfer u8 encr_next_payload; 3136d49e1aeSJan Lentfer const u8 *notification; 3146d49e1aeSJan Lentfer size_t notification_len; 3156d49e1aeSJan Lentfer }; 3166d49e1aeSJan Lentfer 3176d49e1aeSJan Lentfer int ikev2_parse_payloads(struct ikev2_payloads *payloads, 3186d49e1aeSJan Lentfer u8 next_payload, const u8 *pos, const u8 *end); 3196d49e1aeSJan Lentfer 3206d49e1aeSJan Lentfer u8 * ikev2_decrypt_payload(int encr_id, int integ_id, struct ikev2_keys *keys, 3216d49e1aeSJan Lentfer int initiator, const struct ikev2_hdr *hdr, 3226d49e1aeSJan Lentfer const u8 *encrypted, size_t encrypted_len, 3236d49e1aeSJan Lentfer size_t *res_len); 3246d49e1aeSJan Lentfer void ikev2_update_hdr(struct wpabuf *msg); 3256d49e1aeSJan Lentfer int ikev2_build_encrypted(int encr_id, int integ_id, struct ikev2_keys *keys, 3266d49e1aeSJan Lentfer int initiator, struct wpabuf *msg, 3276d49e1aeSJan Lentfer struct wpabuf *plain, u8 next_payload); 3286d49e1aeSJan Lentfer int ikev2_derive_sk_keys(const struct ikev2_prf_alg *prf, 3296d49e1aeSJan Lentfer const struct ikev2_integ_alg *integ, 3306d49e1aeSJan Lentfer const struct ikev2_encr_alg *encr, 3316d49e1aeSJan Lentfer const u8 *skeyseed, const u8 *data, size_t data_len, 3326d49e1aeSJan Lentfer struct ikev2_keys *keys); 3336d49e1aeSJan Lentfer 3346d49e1aeSJan Lentfer #endif /* IKEV2_COMMON_H */ 335