2.2.4 AUTH_CGA Authentication Method Packet
AUTH_CGA is an authentication method within an ISAKMP SA payload, as specified in [RFC2407] section 4.6.1. The format of the SA payload is the following, as specified in [RFC2408] section 3.4.
A number of Proposal payloads, as specified in [RFC2408] section 3.5.
Within each Proposal payload, there is a number of Transform payloads, as specified in [RFC2408] section 3.6.
Within each Proposal payload, there is a number of Data Attributes payloads, as specified in [RFC2408] section 3.3. In a Data Attribute payload, an authentication method is indicated by the value 0x0003 in the Attribute_Type field of the Data Attribute payload, as specified in [RFC2409] Appendix A. The particular authentication method is determined by the value of the Attribute Value field, as specified in [RFC2409] Appendix A.
The Data Attribute payload for the AUTH_CGA Authentication method has the format seen in the following AUTH_CGA packet.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
A |
Attribute_Type |
Attribute_Value |
|||||||||||||||||||||||||||||
A - One (1 bit): This field MUST be set to 1.
Attribute_Type (15 bits): For the AUTH_CGA authentication method, this field MUST be set to the value 0x0003. This value corresponds to the authentication method, as specified in [RFC2409] Appendix A.
Attribute_Value (2 bytes): For the AUTH_CGA authentication method, this field MUST be set to the value 0xFDED in network order. This value is from the private authentication method range, as specified in [RFC2409] Appendix A.