2 Common operation of the IKE
4 Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
17 #include "IkeCommon.h"
18 #include "IpSecConfigImpl.h"
19 #include "IpSecDebug.h"
24 UINT32 mNextSpi
= IKE_SPI_BASE
;
25 EFI_GUID mZeroGuid
= { 0, 0, 0, { 0, 0, 0, 0, 0, 0, 0, 0 } };
28 Call Crypto Lib to generate a random value with eight-octet length.
30 @return the 64 byte vaule.
41 Status
= IpSecCryptoIoGenerateRandomBytes ((UINT8
*)&Cookie
, sizeof (UINT64
));
42 if (EFI_ERROR (Status
)) {
50 Generate the random data for Nonce payload.
52 @param[in] NonceSize Size of the data in bytes.
54 @return Buffer which contains the random data of the spcified size.
65 Nonce
= AllocateZeroPool (NonceSize
);
70 Status
= IpSecCryptoIoGenerateRandomBytes (Nonce
, NonceSize
);
71 if (EFI_ERROR (Status
)) {
80 Convert the IKE Header from Network order to Host order.
82 @param[in, out] Header The pointer of the IKE_HEADER.
87 IN OUT IKE_HEADER
*Header
90 Header
->InitiatorCookie
= NTOHLL (Header
->InitiatorCookie
);
91 Header
->ResponderCookie
= NTOHLL (Header
->ResponderCookie
);
92 Header
->MessageId
= NTOHL (Header
->MessageId
);
93 Header
->Length
= NTOHL (Header
->Length
);
97 Convert the IKE Header from Host order to Network order.
99 @param[in, out] Header The pointer of the IKE_HEADER.
104 IN OUT IKE_HEADER
*Header
107 Header
->InitiatorCookie
= HTONLL (Header
->InitiatorCookie
);
108 Header
->ResponderCookie
= HTONLL (Header
->ResponderCookie
);
109 Header
->MessageId
= HTONL (Header
->MessageId
);
110 Header
->Length
= HTONL (Header
->Length
);
114 Allocate a buffer of IKE_PAYLOAD and set its Signature.
116 @return A buffer of IKE_PAYLOAD.
124 IKE_PAYLOAD
*IkePayload
;
126 IkePayload
= (IKE_PAYLOAD
*) AllocateZeroPool (sizeof (IKE_PAYLOAD
));
127 if (IkePayload
== NULL
) {
131 IkePayload
->Signature
= IKE_PAYLOAD_SIGNATURE
;
137 Free a specified IKE_PAYLOAD buffer.
139 @param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.
144 IN IKE_PAYLOAD
*IkePayload
147 if (IkePayload
== NULL
) {
151 // If this IkePayload is not referred by others, free it.
153 if (!IkePayload
->IsPayloadBufExt
&& (IkePayload
->PayloadBuf
!= NULL
)) {
154 FreePool (IkePayload
->PayloadBuf
);
157 FreePool (IkePayload
);
163 @return a SPI in 4 bytes.
172 // TODO: should generate SPI randomly to avoid security issue
178 Generate a random data for IV
180 @param[in] IvBuffer The pointer of the IV buffer.
181 @param[in] IvSize The IV size.
183 @retval EFI_SUCCESS Create a random data for IV.
184 @retval otherwise Failed.
193 return IpSecCryptoIoGenerateRandomBytes (IvBuffer
, IvSize
);
198 Find SPD entry by a specified SPD selector.
200 @param[in] SpdSel Point to SPD Selector to be searched for.
202 @retval Point to SPD Entry if the SPD entry found.
203 @retval NULL if not found.
208 IN EFI_IPSEC_SPD_SELECTOR
*SpdSel
211 IPSEC_SPD_ENTRY
*SpdEntry
;
215 SpdList
= &mConfigData
[IPsecConfigDataTypeSpd
];
217 NET_LIST_FOR_EACH (Entry
, SpdList
) {
218 SpdEntry
= IPSEC_SPD_ENTRY_FROM_LIST (Entry
);
221 // Find the required SPD entry
223 if (CompareSpdSelector (
224 (EFI_IPSEC_CONFIG_SELECTOR
*) SpdSel
,
225 (EFI_IPSEC_CONFIG_SELECTOR
*) SpdEntry
->Selector
236 Get the IKE Version from the IKE_SA_SESSION.
238 @param[in] Session Pointer of the IKE_SA_SESSION.
242 IkeGetVersionFromSession (
246 if (*(UINT32
*) Session
== IKEV2_SA_SESSION_SIGNATURE
) {
247 return ((IKEV2_SA_SESSION
*) Session
)->SessionCommon
.IkeVer
;
250 // Add IKEv1 support here.