Home | History | Annotate | Download | only in include
      1 /**
      2  * This file has no copyright assigned and is placed in the Public Domain.
      3  * This file is part of the mingw-w64 runtime package.
      4  * No warranty is given; refer to the file DISCLAIMER.PD within this package.
      5  */
      6 #ifndef _INC_IPSECTYPES
      7 #define _INC_IPSECTYPES
      8 #include <iketypes.h>
      9 
     10 #ifdef __cplusplus
     11 extern "C" {
     12 #endif
     13 
     14 #if (_WIN32_WINNT >= 0x0600)
     15 
     16 typedef UINT8 IPSEC_AUTH_CONFIG;
     17 typedef UINT8 IPSEC_CIPHER_CONFIG;
     18 typedef UINT32 IPSEC_SA_SPI;
     19 typedef UINT64 IPSEC_TOKEN_HANDLE;
     20 typedef GUID IPSEC_CRYPTO_MODULE_ID;
     21 
     22 #ifndef __IPSEC_SA_TRANSFORM0_FWD_DECLARED
     23 #define __IPSEC_SA_TRANSFORM0_FWD_DECLARED
     24 typedef struct IPSEC_SA_TRANSFORM0_ IPSEC_SA_TRANSFORM0;
     25 #endif /* __IPSEC_SA_TRANSFORM0_FWD_DECLARED */
     26 
     27 #ifndef __FWPM_FILTER0_FWD_DECLARED
     28 #define __FWPM_FILTER0_FWD_DECLARED
     29 typedef struct FWPM_FILTER0_ FWPM_FILTER0;
     30 #endif /* __FWPM_FILTER0_FWD_DECLARED */
     31 
     32 typedef enum IPSEC_FAILURE_POINT_ {
     33   IPSEC_FAILURE_NONE,
     34   IPSEC_FAILURE_ME,
     35   IPSEC_FAILURE_PEER,
     36   IPSEC_FAILURE_POINT_MAX
     37 } IPSEC_FAILURE_POINT;
     38 
     39 typedef enum IPSEC_TRAFFIC_TYPE_ {
     40   IPSEC_TRAFFIC_TYPE_TRANSPORT,
     41   IPSEC_TRAFFIC_TYPE_TUNNEL,
     42   IPSEC_TRAFFIC_TYPE_MAX
     43 } IPSEC_TRAFFIC_TYPE;
     44 
     45 typedef enum IPSEC_PFS_GROUP_ {
     46   IPSEC_PFS_NONE,
     47   IPSEC_PFS_1,
     48   IPSEC_PFS_2,
     49   IPSEC_PFS_2048,
     50   IPSEC_PFS_ECP_256,
     51   IPSEC_PFS_ECP_384,
     52   IPSEC_PFS_MM,
     53   IPSEC_PFS_MAX
     54 } IPSEC_PFS_GROUP;
     55 
     56 typedef enum IPSEC_TRANSFORM_TYPE_ {
     57   IPSEC_TRANSFORM_AH = 1,
     58   IPSEC_TRANSFORM_ESP_AUTH,
     59   IPSEC_TRANSFORM_ESP_CIPHER,
     60   IPSEC_TRANSFORM_ESP_AUTH_AND_CIPHER,
     61   IPSEC_TRANSFORM_ESP_AUTH_FW,
     62   IPSEC_TRANSFORM_TYPE_MAX
     63 } IPSEC_TRANSFORM_TYPE;
     64 
     65 typedef enum IPSEC_AUTH_TYPE_ {
     66   IPSEC_AUTH_MD5,
     67   IPSEC_AUTH_SHA_1,
     68   IPSEC_AUTH_SHA_256,
     69   IPSEC_AUTH_AES_128,
     70   IPSEC_AUTH_AES_192,
     71   IPSEC_AUTH_AES_256,
     72   IPSEC_AUTH_MAX
     73 } IPSEC_AUTH_TYPE;
     74 
     75 typedef enum IPSEC_CIPHER_TYPE_ {
     76   IPSEC_CIPHER_TYPE_DES = 1,
     77   IPSEC_CIPHER_TYPE_3DES,
     78   IPSEC_CIPHER_TYPE_AES_128,
     79   IPSEC_CIPHER_TYPE_AES_192,
     80   IPSEC_CIPHER_TYPE_AES_256,
     81   IPSEC_CIPHER_TYPE_MAX
     82 } IPSEC_CIPHER_TYPE;
     83 
     84 typedef enum IPSEC_TOKEN_MODE_ {
     85   IPSEC_TOKEN_MODE_MAIN,
     86   IPSEC_TOKEN_MODE_EXTENDED,
     87   IPSEC_TOKEN_MODE_MAX
     88 } IPSEC_TOKEN_MODE;
     89 
     90 typedef enum IPSEC_TOKEN_PRINCIPAL_ {
     91   IPSEC_TOKEN_PRINCIPAL_LOCAL,
     92   IPSEC_TOKEN_PRINCIPAL_PEER,
     93   IPSEC_TOKEN_PRINCIPAL_MAX
     94 } IPSEC_TOKEN_PRINCIPAL;
     95 
     96 typedef enum IPSEC_TOKEN_TYPE_ {
     97   IPSEC_TOKEN_TYPE_MACHINE,
     98   IPSEC_TOKEN_TYPE_IMPERSONATION,
     99   IPSEC_TOKEN_TYPE_MAX
    100 } IPSEC_TOKEN_TYPE;
    101 
    102 typedef struct IPSEC_SA_LIFETIME0_ {
    103   UINT32 lifetimeSeconds;
    104   UINT32 lifetimeKilobytes;
    105   UINT32 lifetimePackets;
    106 } IPSEC_SA_LIFETIME0;
    107 
    108 typedef struct IPSEC_KEYING_POLICY0_ {
    109   UINT32 numKeyMods;
    110   GUID   *keyModKeys;
    111 } IPSEC_KEYING_POLICY0;
    112 
    113 typedef struct IPSEC_SA_IDLE_TIMEOUT0_ {
    114   UINT32 idleTimeoutSeconds;
    115   UINT32 idleTimeoutSecondsFailOver;
    116 } IPSEC_SA_IDLE_TIMEOUT0;
    117 
    118 typedef struct IPSEC_PROPOSAL0_ {
    119   IPSEC_SA_LIFETIME0  lifetime;
    120   UINT32              numSaTransforms;
    121   IPSEC_SA_TRANSFORM0 *saTransforms;
    122   IPSEC_PFS_GROUP     pfsGroup;
    123 } IPSEC_PROPOSAL0;
    124 
    125 typedef struct IPSEC_TRANSPORT_POLICY0_ {
    126   UINT32                 numIpsecProposals;
    127   IPSEC_PROPOSAL0        *ipsecProposals;
    128   UINT32                 flags;
    129   UINT32                 ndAllowClearTimeoutSeconds;
    130   IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout;
    131   IKEEXT_EM_POLICY0      *emPolicy;
    132 } IPSEC_TRANSPORT_POLICY0;
    133 
    134 typedef struct IPSEC_AUTH_TRANSFORM_ID0_ {
    135   IPSEC_AUTH_TYPE   authType;
    136   IPSEC_AUTH_CONFIG authConfig;
    137 } IPSEC_AUTH_TRANSFORM_ID0;
    138 
    139 typedef struct IPSEC_AUTH_TRANSFORM0_ {
    140   IPSEC_AUTH_TRANSFORM_ID0 authTransformId;
    141   IPSEC_CRYPTO_MODULE_ID   *cryptoModuleId;
    142 } IPSEC_AUTH_TRANSFORM0;
    143 
    144 typedef struct IPSEC_CIPHER_TRANSFORM_ID0_ {
    145   IPSEC_CIPHER_TYPE   cipherType;
    146   IPSEC_CIPHER_CONFIG cipherConfig;
    147 } IPSEC_CIPHER_TRANSFORM_ID0;
    148 
    149 typedef struct IPSEC_CIPHER_TRANSFORM0_ {
    150   IPSEC_CIPHER_TRANSFORM_ID0 cipherTransformId;
    151   IPSEC_CRYPTO_MODULE_ID     *cryptoModuleId;
    152 } IPSEC_CIPHER_TRANSFORM0;
    153 
    154 typedef struct IPSEC_AUTH_AND_CIPHER_TRANSFORM0_ {
    155   IPSEC_AUTH_TRANSFORM0   authTransform;
    156   IPSEC_CIPHER_TRANSFORM0 cipherTransform;
    157 } IPSEC_AUTH_AND_CIPHER_TRANSFORM0;
    158 
    159 typedef struct IPSEC_SA_TRANSFORM0_ {
    160   IPSEC_TRANSFORM_TYPE ipsecTransformType;
    161   __C89_NAMELESS union {
    162     IPSEC_AUTH_TRANSFORM0            *ahTransform;
    163     IPSEC_AUTH_TRANSFORM0            *espAuthTransform;
    164     IPSEC_CIPHER_TRANSFORM0          *espCipherTransform;
    165     IPSEC_AUTH_AND_CIPHER_TRANSFORM0 *espAuthAndCipherTransform;
    166     IPSEC_AUTH_TRANSFORM0            *espAuthFwTransform;
    167   };
    168 } IPSEC_SA_TRANSFORM0;
    169 
    170 typedef struct IPSEC_TUNNEL_ENDPOINTS0_ {
    171   FWP_IP_VERSION ipVersion;
    172   __C89_NAMELESS union {
    173     UINT32 localV4Address;
    174     UINT8  localV6Address[16];
    175   };
    176   __C89_NAMELESS union {
    177     UINT32 remoteV4Address;
    178     UINT8  remoteV6Address[16];
    179   };
    180 } IPSEC_TUNNEL_ENDPOINTS0;
    181 
    182 typedef struct IPSEC_TUNNEL_POLICY0_ {
    183   UINT32                  flags;
    184   UINT32                  numIpsecProposals;
    185   IPSEC_PROPOSAL0         *ipsecProposals;
    186   IPSEC_TUNNEL_ENDPOINTS0 tunnelEndpoints;
    187   IPSEC_SA_IDLE_TIMEOUT0  saIdleTimeout;
    188   IKEEXT_EM_POLICY0       *emPolicy;
    189 } IPSEC_TUNNEL_POLICY0;
    190 
    191 typedef struct IPSEC_V4_UDP_ENCAPSULATION0_ {
    192   UINT16 localUdpEncapPort;
    193   UINT16 remoteUdpEncapPort;
    194 } IPSEC_V4_UDP_ENCAPSULATION0;
    195 
    196 typedef struct IPSEC_AGGREGATE_SA_STATISTICS0_ {
    197   UINT32 activeSas;
    198   UINT32 pendingSaNegotiations;
    199   UINT32 totalSasAdded;
    200   UINT32 totalSasDeleted;
    201   UINT32 successfulRekeys;
    202   UINT32 activeTunnels;
    203   UINT32 offloadedSas;
    204 } IPSEC_AGGREGATE_SA_STATISTICS0;
    205 
    206 typedef struct IPSEC_ESP_DROP_PACKET_STATISTICS0_ {
    207   UINT32 invalidSpisOnInbound;
    208   UINT32 decryptionFailuresOnInbound;
    209   UINT32 authenticationFailuresOnInbound;
    210   UINT32 replayCheckFailuresOnInbound;
    211   UINT32 saNotInitializedOnInbound;
    212 } IPSEC_ESP_DROP_PACKET_STATISTICS0;
    213 
    214 typedef struct IPSEC_AH_DROP_PACKET_STATISTICS0_ {
    215   UINT32 invalidSpisOnInbound;
    216   UINT32 authenticationFailuresOnInbound;
    217   UINT32 replayCheckFailuresOnInbound;
    218   UINT32 saNotInitializedOnInbound;
    219 } IPSEC_AH_DROP_PACKET_STATISTICS0;
    220 
    221 typedef struct IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0_ {
    222   UINT32 invalidSpisOnInbound;
    223   UINT32 decryptionFailuresOnInbound;
    224   UINT32 authenticationFailuresOnInbound;
    225   UINT32 udpEspValidationFailuresOnInbound;
    226   UINT32 replayCheckFailuresOnInbound;
    227   UINT32 invalidClearTextInbound;
    228   UINT32 saNotInitializedOnInbound;
    229   UINT32 receiveOverIncorrectSaInbound;
    230   UINT32 secureReceivesNotMatchingFilters;
    231 } IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0;
    232 
    233 typedef struct IPSEC_TRAFFIC_STATISTICS0_ {
    234   UINT64 encryptedByteCount;
    235   UINT64 authenticatedAHByteCount;
    236   UINT64 authenticatedESPByteCount;
    237   UINT64 transportByteCount;
    238   UINT64 tunnelByteCount;
    239   UINT64 offloadByteCount;
    240 } IPSEC_TRAFFIC_STATISTICS0;
    241 
    242 typedef struct IPSEC_STATISTICS0_ {
    243   IPSEC_AGGREGATE_SA_STATISTICS0          aggregateSaStatistics;
    244   IPSEC_ESP_DROP_PACKET_STATISTICS0       espDropPacketStatistics;
    245   IPSEC_AH_DROP_PACKET_STATISTICS0        ahDropPacketStatistics;
    246   IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0 aggregateDropPacketStatistics;
    247   IPSEC_TRAFFIC_STATISTICS0               inboundTrafficStatistics;
    248   IPSEC_TRAFFIC_STATISTICS0               outboundTrafficStatistics;
    249 } IPSEC_STATISTICS0;
    250 
    251 typedef struct IPSEC_TOKEN0_ {
    252   IPSEC_TOKEN_TYPE      type;
    253   IPSEC_TOKEN_PRINCIPAL principal;
    254   IPSEC_TOKEN_MODE      mode;
    255   IPSEC_TOKEN_HANDLE    token;
    256 } IPSEC_TOKEN0;
    257 
    258 typedef struct IPSEC_ID0_ {
    259   wchar_t      *mmTargetName;
    260   wchar_t      *emTargetName;
    261   UINT32       numTokens;
    262   IPSEC_TOKEN0 *tokens;
    263   UINT64       explicitCredentials;
    264   UINT64       logonId;
    265 } IPSEC_ID0;
    266 
    267 typedef struct IPSEC_SA_AUTH_INFORMATION0_ {
    268   IPSEC_AUTH_TRANSFORM0 authTransform;
    269   FWP_BYTE_BLOB         authKey;
    270 } IPSEC_SA_AUTH_INFORMATION0;
    271 
    272 typedef struct IPSEC_SA_CIPHER_INFORMATION0_ {
    273   IPSEC_CIPHER_TRANSFORM0 cipherTransform;
    274   FWP_BYTE_BLOB           cipherKey;
    275 } IPSEC_SA_CIPHER_INFORMATION0;
    276 
    277 typedef struct IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0_ {
    278   IPSEC_SA_CIPHER_INFORMATION0 saCipherInformation;
    279   IPSEC_SA_AUTH_INFORMATION0   saAuthInformation;
    280 } IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0;
    281 
    282 typedef struct IPSEC_SA0_ {
    283   IPSEC_SA_SPI         spi;
    284   IPSEC_TRANSFORM_TYPE saTransformType;
    285   __C89_NAMELESS union {
    286     IPSEC_SA_AUTH_INFORMATION0            *ahInformation;
    287     IPSEC_SA_AUTH_INFORMATION0            *espAuthInformation;
    288     IPSEC_SA_CIPHER_INFORMATION0          *espCipherInformation;
    289     IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0 *espAuthAndCipherInformation;
    290     IPSEC_SA_AUTH_INFORMATION0            *espAuthFwInformation;
    291   };
    292 } IPSEC_SA0;
    293 
    294 typedef struct IPSEC_KEYMODULE_STATE0_ {
    295   GUID          keyModuleKey;
    296   FWP_BYTE_BLOB stateBlob;
    297 } IPSEC_KEYMODULE_STATE0;
    298 
    299 typedef struct IPSEC_SA_BUNDLE0_ {
    300   UINT32                 flags;
    301   IPSEC_SA_LIFETIME0     lifetime;
    302   UINT32                 idleTimeoutSeconds;
    303   UINT32                 ndAllowClearTimeoutSeconds;
    304   IPSEC_ID0              *ipsecId;
    305   UINT32                 napContext;
    306   UINT32                 qmSaId;
    307   UINT32                 numSAs;
    308   IPSEC_SA0              *saList;
    309   IPSEC_KEYMODULE_STATE0 *keyModuleState;
    310   FWP_IP_VERSION         ipVersion;
    311   __C89_NAMELESS union {
    312     UINT32 peerV4PrivateAddress;
    313     ;      // case(FWP_IP_VERSION_V6)
    314   };
    315   UINT64                 mmSaId;
    316   IPSEC_PFS_GROUP        pfsGroup;
    317 } IPSEC_SA_BUNDLE0;
    318 
    319 typedef struct IPSEC_TRAFFIC0_ {
    320   FWP_IP_VERSION     ipVersion;
    321   __C89_NAMELESS union {
    322     UINT32 localV4Address;
    323     UINT8  localV6Address[16];
    324   };
    325   __C89_NAMELESS union {
    326     UINT32 remoteV4Address;
    327     UINT8  remoteV6Address[16];
    328   };
    329   IPSEC_TRAFFIC_TYPE trafficType;
    330   __C89_NAMELESS union {
    331     UINT64 ipsecFilterId;
    332     UINT64 tunnelPolicyId;
    333   };
    334   UINT16             remotePort;
    335 } IPSEC_TRAFFIC0;
    336 
    337 typedef struct IPSEC_SA_DETAILS0_ {
    338   FWP_IP_VERSION   ipVersion;
    339   FWP_DIRECTION    saDirection;
    340   IPSEC_TRAFFIC0   traffic;
    341   IPSEC_SA_BUNDLE0 saBundle;
    342   __C89_NAMELESS union {
    343     IPSEC_V4_UDP_ENCAPSULATION0 *udpEncapsulation;
    344     ;      // case(FWP_IP_VERSION_V6)
    345   };
    346   FWPM_FILTER0     *transportFilter;
    347 } IPSEC_SA_DETAILS0;
    348 
    349 typedef struct IPSEC_SA_CONTEXT0_ {
    350   UINT64            saContextId;
    351   IPSEC_SA_DETAILS0 *inboundSa;
    352   IPSEC_SA_DETAILS0 *outboundSa;
    353 } IPSEC_SA_CONTEXT0;
    354 
    355 typedef struct IPSEC_GETSPI0_ {
    356   IPSEC_TRAFFIC0         inboundIpsecTraffic;
    357   FWP_IP_VERSION         ipVersion;
    358   __C89_NAMELESS union {
    359     IPSEC_V4_UDP_ENCAPSULATION0 *inboundUdpEncapsulation;
    360     ;      // case(FWP_IP_VERSION_V6)
    361   };
    362   IPSEC_CRYPTO_MODULE_ID *rngCryptoModuleID;
    363 } IPSEC_GETSPI0;
    364 
    365 typedef struct IPSEC_SA_ENUM_TEMPLATE0_ {
    366   FWP_DIRECTION saDirection;
    367 } IPSEC_SA_ENUM_TEMPLATE0;
    368 
    369 typedef struct IPSEC_SA_CONTEXT_ENUM_TEMPLATE0_ {
    370   FWP_CONDITION_VALUE0 localSubNet;
    371   FWP_CONDITION_VALUE0 remoteSubNet;
    372 } IPSEC_SA_CONTEXT_ENUM_TEMPLATE0;
    373 
    374 #endif /*(_WIN32_WINNT >= 0x0600)*/
    375 #if (_WIN32_WINNT >= 0x0601)
    376 
    377 typedef struct IPSEC_TUNNEL_ENDPOINTS1_ {
    378   FWP_IP_VERSION ipVersion;
    379   __C89_NAMELESS union {
    380     UINT32 localV4Address;
    381     UINT8  localV6Address[16];
    382   };
    383   __C89_NAMELESS union {
    384     UINT32 remoteV4Address;
    385     UINT8  remoteV6Address[16];
    386   };
    387   UINT64         localIfLuid;
    388 } IPSEC_TUNNEL_ENDPOINTS1;
    389 
    390 typedef struct IPSEC_TUNNEL_POLICY1_ {
    391   UINT32                  flags;
    392   UINT32                  numIpsecProposals;
    393   IPSEC_PROPOSAL0         *ipsecProposals;
    394   IPSEC_TUNNEL_ENDPOINTS1 tunnelEndpoints;
    395   IPSEC_SA_IDLE_TIMEOUT0  saIdleTimeout;
    396   IKEEXT_EM_POLICY1       *emPolicy;
    397 } IPSEC_TUNNEL_POLICY1;
    398 
    399 typedef struct IPSEC_TRANSPORT_POLICY1_ {
    400   UINT32                 numIpsecProposals;
    401   IPSEC_PROPOSAL0        *ipsecProposals;
    402   UINT32                 flags;
    403   UINT32                 ndAllowClearTimeoutSeconds;
    404   IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout;
    405   IKEEXT_EM_POLICY1      *emPolicy;
    406 } IPSEC_TRANSPORT_POLICY1;
    407 
    408 typedef struct _IPSEC_DOSP_OPTIONS0 {
    409   UINT32               stateIdleTimeoutSeconds;
    410   UINT32               perIPRateLimitQueueIdleTimeoutSeconds;
    411   UINT8                ipV6IPsecUnauthDscp;
    412   UINT32               ipV6IPsecUnauthRateLimitBytesPerSec;
    413   UINT32               ipV6IPsecUnauthPerIPRateLimitBytesPerSec;
    414   UINT8                ipV6IPsecAuthDscp;
    415   UINT32               ipV6IPsecAuthRateLimitBytesPerSec;
    416   UINT8                icmpV6Dscp;
    417   UINT32               icmpV6RateLimitBytesPerSec;
    418   UINT8                ipV6FilterExemptDscp;
    419   UINT32               ipV6FilterExemptRateLimitBytesPerSec;
    420   UINT8                defBlockExemptDscp;
    421   UINT32               defBlockExemptRateLimitBytesPerSec;
    422   UINT32               maxStateEntries;
    423   UINT32               maxPerIPRateLimitQueues;
    424   UINT32               flags;
    425   UINT32               numPublicIFLuids;
    426   UINT64               *publicIFLuids;
    427   UINT32               numInternalIFLuids;
    428   UINT64               *internalIFLuids;
    429   FWP_V6_ADDR_AND_MASK publicV6AddrMask;
    430   FWP_V6_ADDR_AND_MASK internalV6AddrMask;
    431 } IPSEC_DOSP_OPTIONS0;
    432 
    433 typedef struct _IPSEC_DOSP_STATISTICS0 {
    434   UINT64 totalStateEntriesCreated;
    435   UINT64 currentStateEntries;
    436   UINT64 totalInboundAllowedIPv6IPsecUnauthPkts;
    437   UINT64 totalInboundRatelimitDiscardedIPv6IPsecUnauthPkts;
    438   UINT64 totalInboundPerIPRatelimitDiscardedIPv6IPsecUnauthPkts;
    439   UINT64 totalInboundOtherDiscardedIPv6IPsecUnauthPkts;
    440   UINT64 totalInboundAllowedIPv6IPsecAuthPkts;
    441   UINT64 totalInboundRatelimitDiscardedIPv6IPsecAuthPkts;
    442   UINT64 totalInboundOtherDiscardedIPv6IPsecAuthPkts;
    443   UINT64 totalInboundAllowedICMPv6Pkts;
    444   UINT64 totalInboundRatelimitDiscardedICMPv6Pkts;
    445   UINT64 totalInboundAllowedIPv6FilterExemptPkts;
    446   UINT64 totalInboundRatelimitDiscardedIPv6FilterExemptPkts;
    447   UINT64 totalInboundDiscardedIPv6FilterBlockPkts;
    448   UINT64 totalInboundAllowedDefBlockExemptPkts;
    449   UINT64 totalInboundRatelimitDiscardedDefBlockExemptPkts;
    450   UINT64 totalInboundDiscardedDefBlockPkts;
    451   UINT64 currentInboundIPv6IPsecUnauthPerIPRateLimitQueues;
    452 } IPSEC_DOSP_STATISTICS0;
    453 
    454 typedef struct _IPSEC_DOSP_STATE_ENUM_TEMPLATE0 {
    455   FWP_V6_ADDR_AND_MASK publicV6AddrMask;
    456   FWP_V6_ADDR_AND_MASK internalV6AddrMask;
    457 } IPSEC_DOSP_STATE_ENUM_TEMPLATE0;
    458 
    459 typedef struct _IPSEC_DOSP_STATE0 {
    460   UINT8  publicHostV6Addr[16];
    461   UINT8  internalHostV6Addr[16];
    462   UINT64 totalInboundIPv6IPsecAuthPackets;
    463   UINT64 totalOutboundIPv6IPsecAuthPackets;
    464   UINT32 durationSecs;
    465 } IPSEC_DOSP_STATE0;
    466 
    467 typedef struct IPSEC_TRAFFIC_STATISTICS1_ {
    468   UINT64 encryptedByteCount;
    469   UINT64 authenticatedAHByteCount;
    470   UINT64 authenticatedESPByteCount;
    471   UINT64 transportByteCount;
    472   UINT64 tunnelByteCount;
    473   UINT64 offloadByteCount;
    474   UINT64 totalSuccessfulPackets;
    475 } IPSEC_TRAFFIC_STATISTICS1;
    476 
    477 typedef struct IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1_ {
    478   UINT32 invalidSpisOnInbound;
    479   UINT32 decryptionFailuresOnInbound;
    480   UINT32 authenticationFailuresOnInbound;
    481   UINT32 udpEspValidationFailuresOnInbound;
    482   UINT32 replayCheckFailuresOnInbound;
    483   UINT32 invalidClearTextInbound;
    484   UINT32 saNotInitializedOnInbound;
    485   UINT32 receiveOverIncorrectSaInbound;
    486   UINT32 secureReceivesNotMatchingFilters;
    487   UINT32 totalDropPacketsInbound;
    488 } IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1;
    489 
    490 typedef struct IPSEC_STATISTICS1_ {
    491   IPSEC_AGGREGATE_SA_STATISTICS0          aggregateSaStatistics;
    492   IPSEC_ESP_DROP_PACKET_STATISTICS0       espDropPacketStatistics;
    493   IPSEC_AH_DROP_PACKET_STATISTICS0        ahDropPacketStatistics;
    494   IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1 aggregateDropPacketStatistics;
    495   IPSEC_TRAFFIC_STATISTICS1               inboundTrafficStatistics;
    496   IPSEC_TRAFFIC_STATISTICS1               outboundTrafficStatistics;
    497 } IPSEC_STATISTICS1;
    498 
    499 typedef struct IPSEC_SA_BUNDLE1_ {
    500   UINT32                 flags;
    501   IPSEC_SA_LIFETIME0     lifetime;
    502   UINT32                 idleTimeoutSeconds;
    503   UINT32                 ndAllowClearTimeoutSeconds;
    504   IPSEC_ID0              *ipsecId;
    505   UINT32                 napContext;
    506   UINT32                 qmSaId;
    507   UINT32                 numSAs;
    508   IPSEC_SA0              *saList;
    509   IPSEC_KEYMODULE_STATE0 *keyModuleState;
    510   FWP_IP_VERSION         ipVersion;
    511   __C89_NAMELESS union {
    512     UINT32 peerV4PrivateAddress;
    513     ;      // case(FWP_IP_VERSION_V6)
    514   };
    515   UINT64                 mmSaId;
    516   IPSEC_PFS_GROUP        pfsGroup;
    517   GUID                   saLookupContext;
    518   UINT64                 qmFilterId;
    519 } IPSEC_SA_BUNDLE1;
    520 
    521 typedef struct _IPSEC_VIRTUAL_IF_TUNNEL_INFO0 {
    522      UINT64    virtualIfTunnelId;
    523      UINT64    trafficSelectorId;
    524 } IPSEC_VIRTUAL_IF_TUNNEL_INFO0;
    525 
    526 typedef struct IPSEC_TRAFFIC1_ {
    527   FWP_IP_VERSION     ipVersion;
    528   __C89_NAMELESS union {
    529     UINT32 localV4Address;
    530     UINT8  localV6Address[16];
    531   };
    532   __C89_NAMELESS union {
    533     UINT32 remoteV4Address;
    534     UINT8  remoteV6Address[16];
    535   };
    536   IPSEC_TRAFFIC_TYPE trafficType;
    537   __C89_NAMELESS union {
    538     UINT64 ipsecFilterId;
    539     UINT64 tunnelPolicyId;
    540   };
    541   UINT16             remotePort;
    542   UINT16             localPort;
    543   UINT8              ipProtocol;
    544   UINT64             localIfLuid;
    545   UINT32             realIfProfileId;
    546 } IPSEC_TRAFFIC1;
    547 
    548 typedef struct IPSEC_SA_DETAILS1_ {
    549   FWP_IP_VERSION                ipVersion;
    550   FWP_DIRECTION                 saDirection;
    551   IPSEC_TRAFFIC1                traffic;
    552   IPSEC_SA_BUNDLE1              saBundle;
    553   __C89_NAMELESS union {
    554     IPSEC_V4_UDP_ENCAPSULATION0 *udpEncapsulation;
    555     ;      // case(FWP_IP_VERSION_V6)
    556   };
    557   FWPM_FILTER0                  *transportFilter;
    558   IPSEC_VIRTUAL_IF_TUNNEL_INFO0 *virtualIfTunnelInfo;
    559 } IPSEC_SA_DETAILS1;
    560 
    561 typedef struct IPSEC_SA_CONTEXT1_ {
    562   UINT64            saContextId;
    563   IPSEC_SA_DETAILS1 *inboundSa;
    564   IPSEC_SA_DETAILS1 *outboundSa;
    565 } IPSEC_SA_CONTEXT1;
    566 
    567 typedef struct IPSEC_GETSPI1_ {
    568   IPSEC_TRAFFIC1         inboundIpsecTraffic;
    569   FWP_IP_VERSION         ipVersion;
    570   __C89_NAMELESS union {
    571     IPSEC_V4_UDP_ENCAPSULATION0 *inboundUdpEncapsulation;
    572     ;      // case(FWP_IP_VERSION_V6)
    573   };
    574   IPSEC_CRYPTO_MODULE_ID *rngCryptoModuleID;
    575 } IPSEC_GETSPI1;
    576 
    577 typedef struct _IPSEC_ADDRESS_INFO0 {
    578   UINT32           numV4Addresses;
    579   UINT32           *v4Addresses;
    580   UINT32           numV6Addresses;
    581   FWP_BYTE_ARRAY16 *v6Addresses;
    582 } IPSEC_ADDRESS_INFO0;
    583 
    584 #endif /*(_WIN32_WINNT >= 0x0601)*/
    585 #ifdef __cplusplus
    586 }
    587 #endif
    588 
    589 #endif /*_INC_IPSECTYPES*/
    590