IPSEC_API_MODE_INFO (Windows Embedded CE 6.0)
1/6/2010
This structure specifies the settings related to the IPSec mode.
Syntax
typedef struct {
DWORD inAction;
DWORD outAction;
DWORD auth;
PBYTE authInfo;
DWORD authInfoSize;
DWORD mmHashMask;
DWORD mmEncMask;
DWORD qmHashMask;
DWORD qmEncMask;
DWORD dhMask;
DWORD protocol;
DWORD scrIP;
} IPSEC_API_MODE_INFO, *PIPSEC_API_MODE_INFO;
Members
inAction
Specifies the action to take on incoming traffic. This member can be one of the following values:Value Description IPSEC_API_IN_ACTION_CLEAR
Allow incoming clear traffic.
IPSEC_API_IN_ACTION_SECURE
Incoming traffic has to be secured with IPSec.
The default value for this member is 0 (IPSEC_API_IN_ACTION_CLEAR).
outAction
Specifies the action to take on outgoing traffic. This member can be one of the following values:Value Description IPSEC_API_OUT_ACTION_CLEAR
Allow outgoing traffic to be sent in clear text.
IPSEC_API_OUT ACTION_SOFT
Try IPSec for outgoing traffic first and then fall back to clear text if the peer does not respond.
IPSEC_API_OUT ACTION_SECURE
Outgoing traffic must be secured with IPSec.
The default value for this member is 0 (IPSEC_API_IN_ACTION_SOFT).
auth
Specifies the authentication method to use. This member can be one of the following values:Value Description IPSEC_API_PSK_AUTH
Preshared-key authentication. The authInfo and authInfoSize members must be set for this method.
IPSEC_API_CERT_AUTH
Certificate authentication.
The default value for this member is 0 (IPSEC_API_CERT_AUTH).
- authInfo
Specifies the preshared password, in Unicode. This string must be null-terminated.
- authInfoSize
Specifies the preshared password size, in bytes. Cannot include a terminating NULL.
mmHashMask
Specifies the main-mode hash algorithm. This member can be one of the following values:Value Description IPSEC_API_AUTH_ALGO_MD5
MD5 integrity mode.
IPSEC_API_AUTH_ALGO_SHA1
SHA1 integrity mode.
IPSEC_API_AUTH_ALGO_NONE
No integrity mode.
The default value for this member is 0 (IPSEC_API_AUTH_ALGO_SHA1 | IPSEC_API_AUTH_ALGO_MD5).
mmEncMask
Specifies the main-mode encryption algorithms that are supported. This member can be one or a combination of the following values:Value Description IPSEC_API_CONF_ALGO_3_DES
3DES encryption algorithm.
IPSEC_API_CONF_ALGO_DES
DES encryption algorithm.
IPSEC_API_CONF_ALGO_NONE
No encryption algorithm.
The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_DES | IPSEC_API_CONF_ALGO_DES).
qmHashMask
Specifies the quick-mode hash algorithms that are supported. This member can be one or a combination of the following values.Value Description IPSEC_API_AUTH_ALGO_MD5
MD5 integrity mode.
IPSEC_API_AUTH_ALGO_SHA1
SHA1 integrity mode.
IPSEC_API_AUTH_ALGO_NONE
No integrity mode.
The default value for this member is set to 0 (IPSEC_API_AUTH_ALGO_SHA1 |IPSEC_API_AUTH_ALGO_MD5).
qmEncMask
Specifies the quick-mode encryption algorithms that are supported. This member can be one or a combination of the following values.Value Description IPSEC_API_CONF_ALGO_3_DES
3DES encryption algorithm.
IPSEC_API_CONF_ALGO_DES
DES encryption algorithm.
IPSEC_API_CONF_ALGO_NONE
No encryption algorithm.
The default value for this member is set to 0 (IPSEC_API_CONF_ALGO_3_NONE).
dhMask
Specifies the main-mode Diffie-Hellman parameters This member can be one of the following values:Value Description IPSEC_API_DH_GROUP_1
Diffie-Hellman Group 1.
IPSEC_API_DH_GROUP_2
Diffie-Hellman Group 2.
IPSEC_API_DH_GROUP_2048
Diffie-Hellman Group 2048.
The default value for this member is set to 0 (IPSEC_API_DH_GROUP_2).
protocol
Specifies the protocol affected by the IPSec settings. This member can be one or a combination of the following values.Value Description IPSEC_API_PROTOCOL_TCP
Transmission Control Protocol (TCP).
IPSEC_API_PROTOCOL_UDP
User Datagram Protocol (UDP).
The default value for this member is set to 0 (IPSEC_API_PROTOCOL_TCP | IPSEC_API_PROTOCOL_UDP).
- srcIP
Specifies the source IP address to which the policy is applied. This IP address must be specified in network order. If the policy applies to all source IP addresses, this member can be set to zero . If it is set to zero, the IPSEC_API_APPLY_TO_ALL_SRC_IP flag must be specified during the call to SetIPSecMode.
Requirements
Header | ipsec_api.h |
Windows Embedded CE | Windows CE 5.0 and later |