Share via


2.2.72 FW_PHASE1_CRYPTO_FLAGS

This enumeration is used to identify the different cryptographic flags that are supported.

 typedef  enum _tag_FW_PHASE1_CRYPTO_FLAGS
 {
   FW_PHASE1_CRYPTO_FLAGS_NONE = 0x00,
   FW_PHASE1_CRYPTO_FLAGS_DO_NOT_SKIP_DH = 0x01,
   FW_PHASE1_CRYPTO_FLAGS_MAX = 0x02
 } FW_PHASE1_CRYPTO_FLAGS;

FW_PHASE1_CRYPTO_FLAGS_NONE:  This value represents no flag. It is used when none of the behaviors that are represented by the defined flags in the enumeration are intended. This symbolic constant has a value of 0x00.

FW_PHASE1_CRYPTO_FLAGS_DO_NOT_SKIP_DH:  This flag ensures that Authenticated IP (AuthIP), as specified in [MS-AIPS], always performs a DH key exchange. (AuthIP can avoid this exchange because the protocol already contains enough key material information to protect the negotiation. Hence, by skipping DH, round trips and the computational cost of DH are avoided.) This symbolic constant has a value of 0x01.

FW_PHASE1_CRYPTO_FLAGS_MAX:  This value and values that exceed this value are not valid and MUST NOT be used. It is defined for simplicity in writing IDL definitions and code. This symbolic constant has a value of 0x02.