Partager via


IPSEC_API_MODE_INFO (Windows Embedded CE 6.0)

1/6/2010

This structure specifies the settings related to the IPSec mode.

Syntax

typedef struct {
  DWORD inAction;
  DWORD outAction;
  DWORD auth;
  PBYTE authInfo;
  DWORD authInfoSize;
  DWORD mmHashMask;
  DWORD mmEncMask;
  DWORD qmHashMask;
  DWORD qmEncMask;
  DWORD dhMask;
  DWORD protocol;
  DWORD scrIP;
} IPSEC_API_MODE_INFO, *PIPSEC_API_MODE_INFO;

Members

  • inAction
    Specifies the action to take on incoming traffic. This member can be one of the following values:

    Value Description

    IPSEC_API_IN_ACTION_CLEAR

    Allow incoming clear traffic.

    IPSEC_API_IN_ACTION_SECURE

    Incoming traffic has to be secured with IPSec.

    The default value for this member is 0 (IPSEC_API_IN_ACTION_CLEAR).

  • outAction
    Specifies the action to take on outgoing traffic. This member can be one of the following values:

    Value Description

    IPSEC_API_OUT_ACTION_CLEAR

    Allow outgoing traffic to be sent in clear text.

    IPSEC_API_OUT ACTION_SOFT

    Try IPSec for outgoing traffic first and then fall back to clear text if the peer does not respond.

    IPSEC_API_OUT ACTION_SECURE

    Outgoing traffic must be secured with IPSec.

    The default value for this member is 0 (IPSEC_API_IN_ACTION_SOFT).

  • auth
    Specifies the authentication method to use. This member can be one of the following values:

    Value Description

    IPSEC_API_PSK_AUTH

    Preshared-key authentication. The authInfo and authInfoSize members must be set for this method.

    IPSEC_API_CERT_AUTH

    Certificate authentication.

    The default value for this member is 0 (IPSEC_API_CERT_AUTH).

  • authInfo
    Specifies the preshared password, in Unicode. This string must be null-terminated.
  • authInfoSize
    Specifies the preshared password size, in bytes. Cannot include a terminating NULL.
  • mmHashMask
    Specifies the main-mode hash algorithm. This member can be one of the following values:

    Value Description

    IPSEC_API_AUTH_ALGO_MD5

    MD5 integrity mode.

    IPSEC_API_AUTH_ALGO_SHA1

    SHA1 integrity mode.

    IPSEC_API_AUTH_ALGO_NONE

    No integrity mode.

    The default value for this member is 0 (IPSEC_API_AUTH_ALGO_SHA1 | IPSEC_API_AUTH_ALGO_MD5).

  • mmEncMask
    Specifies the main-mode encryption algorithms that are supported. This member can be one or a combination of the following values:

    Value Description

    IPSEC_API_CONF_ALGO_3_DES

    3DES encryption algorithm.

    IPSEC_API_CONF_ALGO_DES

    DES encryption algorithm.

    IPSEC_API_CONF_ALGO_NONE

    No encryption algorithm.

    The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_DES | IPSEC_API_CONF_ALGO_DES).

  • qmHashMask
    Specifies the quick-mode hash algorithms that are supported. This member can be one or a combination of the following values.

    Value Description

    IPSEC_API_AUTH_ALGO_MD5

    MD5 integrity mode.

    IPSEC_API_AUTH_ALGO_SHA1

    SHA1 integrity mode.

    IPSEC_API_AUTH_ALGO_NONE

    No integrity mode.

    The default value for this member is set to 0 (IPSEC_API_AUTH_ALGO_SHA1 |IPSEC_API_AUTH_ALGO_MD5).

  • qmEncMask
    Specifies the quick-mode encryption algorithms that are supported. This member can be one or a combination of the following values.

    Value Description

    IPSEC_API_CONF_ALGO_3_DES

    3DES encryption algorithm.

    IPSEC_API_CONF_ALGO_DES

    DES encryption algorithm.

    IPSEC_API_CONF_ALGO_NONE

    No encryption algorithm.

    The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_NONE).

  • dhMask
    Specifies the main-mode Diffie-Hellman parameters This member can be one of the following values:

    Value Description

    IPSEC_API_DH_GROUP_1

    Diffie-Hellman Group 1.

    IPSEC_API_DH_GROUP_2

    Diffie-Hellman Group 2.

    IPSEC_API_DH_GROUP_2048

    Diffie-Hellman Group 2048.

    The default value for this member is set to 0 (IPSEC_API_DH_GROUP_2).

  • protocol
    Specifies the protocol affected by the IPSec settings. This member can be one or a combination of the following values.

    Value Description

    IPSEC_API_PROTOCOL_TCP

    Transmission Control Protocol (TCP).

    IPSEC_API_PROTOCOL_UDP

    User Datagram Protocol (UDP).

    The default value for this member is set to 0 (IPSEC_API_PROTOCOL_TCP | IPSEC_API_PROTOCOL_UDP).

  • srcIP
    Specifies the source IP address to which the policy is applied. This IP address must be specified in network order. If the policy applies to all source IP addresses, this member can be set to zero . If it is set to zero, the IPSEC_API_APPLY_TO_ALL_SRC_IP flag must be specified during the call to SetIPSecMode.

Requirements

Header ipsec_api.h
Windows Embedded CE Windows CE 5.0 and later

See Also

Reference

IPSec Structures
SetIPSecMode