2 Common operation of the IKE
4 Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
17 #include "IkeCommon.h"
18 #include "IpSecConfigImpl.h"
19 #include "IpSecDebug.h"
24 UINT32 mNextSpi
= IKE_SPI_BASE
;
27 Call Crypto Lib to generate a random value with eight-octet length.
29 @return the 64 byte vaule.
40 Status
= IpSecCryptoIoGenerateRandomBytes ((UINT8
*)&Cookie
, sizeof (UINT64
));
41 if (EFI_ERROR (Status
)) {
49 Generate the random data for Nonce payload.
51 @param[in] NonceSize Size of the data in bytes.
53 @return Buffer which contains the random data of the spcified size.
64 Nonce
= AllocateZeroPool (NonceSize
);
69 Status
= IpSecCryptoIoGenerateRandomBytes (Nonce
, NonceSize
);
70 if (EFI_ERROR (Status
)) {
79 Convert the IKE Header from Network order to Host order.
81 @param[in, out] Header The pointer of the IKE_HEADER.
86 IN OUT IKE_HEADER
*Header
89 Header
->InitiatorCookie
= NTOHLL (Header
->InitiatorCookie
);
90 Header
->ResponderCookie
= NTOHLL (Header
->ResponderCookie
);
91 Header
->MessageId
= NTOHL (Header
->MessageId
);
92 Header
->Length
= NTOHL (Header
->Length
);
96 Convert the IKE Header from Host order to Network order.
98 @param[in, out] Header The pointer of the IKE_HEADER.
103 IN OUT IKE_HEADER
*Header
106 Header
->InitiatorCookie
= HTONLL (Header
->InitiatorCookie
);
107 Header
->ResponderCookie
= HTONLL (Header
->ResponderCookie
);
108 Header
->MessageId
= HTONL (Header
->MessageId
);
109 Header
->Length
= HTONL (Header
->Length
);
113 Allocate a buffer of IKE_PAYLOAD and set its Signature.
115 @return A buffer of IKE_PAYLOAD.
123 IKE_PAYLOAD
*IkePayload
;
125 IkePayload
= (IKE_PAYLOAD
*) AllocateZeroPool (sizeof (IKE_PAYLOAD
));
126 if (IkePayload
== NULL
) {
130 IkePayload
->Signature
= IKE_PAYLOAD_SIGNATURE
;
136 Free a specified IKE_PAYLOAD buffer.
138 @param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.
143 IN IKE_PAYLOAD
*IkePayload
146 if (IkePayload
== NULL
) {
150 // If this IkePayload is not referred by others, free it.
152 if (!IkePayload
->IsPayloadBufExt
&& (IkePayload
->PayloadBuf
!= NULL
)) {
153 FreePool (IkePayload
->PayloadBuf
);
156 FreePool (IkePayload
);
162 @return a SPI in 4 bytes.
171 // TODO: should generate SPI randomly to avoid security issue
177 Generate a random data for IV
179 @param[in] IvBuffer The pointer of the IV buffer.
180 @param[in] IvSize The IV size.
182 @retval EFI_SUCCESS Create a random data for IV.
183 @retval otherwise Failed.
192 return IpSecCryptoIoGenerateRandomBytes (IvBuffer
, IvSize
);
197 Find SPD entry by a specified SPD selector.
199 @param[in] SpdSel Point to SPD Selector to be searched for.
201 @retval Point to SPD Entry if the SPD entry found.
202 @retval NULL if not found.
207 IN EFI_IPSEC_SPD_SELECTOR
*SpdSel
210 IPSEC_SPD_ENTRY
*SpdEntry
;
214 SpdList
= &mConfigData
[IPsecConfigDataTypeSpd
];
216 NET_LIST_FOR_EACH (Entry
, SpdList
) {
217 SpdEntry
= IPSEC_SPD_ENTRY_FROM_LIST (Entry
);
220 // Find the required SPD entry
222 if (CompareSpdSelector (
223 (EFI_IPSEC_CONFIG_SELECTOR
*) SpdSel
,
224 (EFI_IPSEC_CONFIG_SELECTOR
*) SpdEntry
->Selector
235 Get the IKE Version from the IKE_SA_SESSION.
237 @param[in] Session Pointer of the IKE_SA_SESSION.
241 IkeGetVersionFromSession (
245 if (*(UINT32
*) Session
== IKEV2_SA_SESSION_SIGNATURE
) {
246 return ((IKEV2_SA_SESSION
*) Session
)->SessionCommon
.IkeVer
;
249 // Add IKEv1 support here.