2 IKEv2 related definitions.
4 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
21 #define IKEV2_TS_ANY_PORT 0xffff
22 #define IKEV2_TS_ANY_PROTOCOL 0
24 #define IKEV2_DELET_CHILDSA_LIST 0
25 #define IKEV2_ESTABLISHING_CHILDSA_LIST 1
26 #define IKEV2_ESTABLISHED_CHILDSA_LIST 2
28 #define IKEV2_SA_SESSION_SIGNATURE SIGNATURE_32 ('I', 'K', 'E', 'I')
29 #define IKEV2_SA_SESSION_FROM_COMMON(a) CR (a, IKEV2_SA_SESSION, SessionCommon, IKEV2_SA_SESSION_SIGNATURE)
30 #define IKEV2_SA_SESSION_BY_SESSION(a) CR (a, IKEV2_SA_SESSION, BySessionTable, IKEV2_SA_SESSION_SIGNATURE)
31 #define IKEV2_SA_SESSION_BY_ESTABLISHED(a) CR (a, IKEV2_SA_SESSION, ByEstablishedTable, IKEV2_SA_SESSION_SIGNATURE)
33 #define IKEV2_CHILD_SA_SESSION_SIGNATURE SIGNATURE_32 ('I', 'K', 'E', 'C')
34 #define IKEV2_CHILD_SA_SESSION_FROM_COMMON(a) CR (a, IKEV2_CHILD_SA_SESSION, SessionCommon, IKEV2_CHILD_SA_SESSION_SIGNATURE)
35 #define IKEV2_CHILD_SA_SESSION_BY_IKE_SA(a) CR (a, IKEV2_CHILD_SA_SESSION, ByIkeSa, IKEV2_CHILD_SA_SESSION_SIGNATURE)
36 #define IKEV2_CHILD_SA_SESSION_BY_DEL_SA(a) CR (a, IKEV2_CHILD_SA_SESSION, ByDelete, IKEV2_CHILD_SA_SESSION_SIGNATURE)
38 #define IS_IKEV2_SA_SESSION(s) ((s)->Common.IkeSessionType == IkeSessionTypeIkeSa)
39 #define IKEV2_SA_FIRST_PROPOSAL(Sa) (IKEV2_PROPOSAL *)((IKEV2_SA *)(Sa)+1)
40 #define IKEV2_NEXT_TRANSFORM_WITH_SIZE(Transform,TransformSize) \
41 (IKEV2_TRANSFORM *) ((UINT8 *)(Transform) + (TransformSize))
43 #define IKEV2_NEXT_PROPOSAL_WITH_SIZE(Proposal, ProposalSize) \
44 (IKEV2_PROPOSAL *) ((UINT8 *)(Proposal) + (ProposalSize))
46 #define IKEV2_PROPOSAL_FIRST_TRANSFORM(Proposal) \
47 (IKEV2_TRANSFORM *)((UINT8 *)((IKEV2_PROPOSAL *)(Proposal)+1) + \
48 (((IKEV2_PROPOSAL *)(Proposal))->SpiSize))
49 #define IKEV2_PROPOSAL_FIRST_TRANSFORM(Proposal) \
50 (IKEV2_TRANSFORM *)((UINT8 *)((IKEV2_PROPOSAL *)(Proposal)+1) + \
51 (((IKEV2_PROPOSAL *)(Proposal))->SpiSize))
56 IkeStateIkeSaEstablished
,
59 IkeStateChildSaEstablished
,
62 } IKEV2_SESSION_STATE
;
65 IkeRequestTypeCreateChildSa
,
66 IkeRequestTypeRekeyChildSa
,
67 IkeRequestTypeRekeyIkeSa
,
69 } IKEV2_CREATE_CHILD_REQUEST_TYPE
;
82 IKEV2_DH_BUFFER
*DhBuffer
;
118 // IKE_PROPOSAL_DATA Proposals[1];
128 // IKE_TRANSFORM_DATA Transforms[1];
130 } IKEV2_PROPOSAL_DATA
;
133 UINT8 TransformIndex
;
136 IKE_SA_ATTRIBUTE Attribute
;
137 } IKEV2_TRANSFORM_DATA
;
141 IKE_SESSION_TYPE IkeSessionType
;
143 BOOLEAN IsOnDeleting
; // Flag to indicate whether the SA is on deleting.
144 IKEV2_SESSION_STATE State
;
145 EFI_EVENT TimeoutEvent
;
146 UINT64 TimeoutInterval
;
148 IKE_PACKET
*LastSentPacket
;
149 IKEV2_SA_PARAMS
*SaParams
;
150 UINT16 PreferDhGroup
;
151 EFI_IP_ADDRESS RemotePeerIp
;
152 EFI_IP_ADDRESS LocalPeerIp
;
153 IKE_ON_PAYLOAD_FROM_NET BeforeDecodePayload
;
154 IKE_ON_PAYLOAD_FROM_NET AfterEncodePayload
;
155 IKE_UDP_SERVICE
*UdpService
;
156 IPSEC_PRIVATE_DATA
*Private
;
157 } IKEV2_SESSION_COMMON
;
161 IKEV2_SESSION_COMMON SessionCommon
;
162 UINT64 InitiatorCookie
;
163 UINT64 ResponderCookie
;
165 // Initiator: SA proposals to be sent
166 // Responder: SA proposals to be matched
168 IKEV2_SA_DATA
*SaData
; // SA Private struct used for SA payload generation
169 IKEV2_SESSION_KEYS
*IkeKeys
;
174 UINT8
*NCookie
; // Buffer Contains the Notify Cookie
175 UINTN NCookieSize
; // Size of NCookie
176 IPSEC_PAD_ENTRY
*Pad
;
177 IPSEC_SPD_ENTRY
*Spd
; // SPD that requested the negotiation, TODO: better use SPD selector
178 LIST_ENTRY ChildSaSessionList
;
179 LIST_ENTRY ChildSaEstablishSessionList
; // For Establish Child SA.
180 LIST_ENTRY InfoMIDList
; // For Information MID
181 LIST_ENTRY DeleteSaList
; // For deteling Child SA.
183 UINTN InitPacketSize
;
185 UINTN RespPacketSize
;
187 LIST_ENTRY BySessionTable
; // Use for all IkeSaSession Links
192 IKEV2_SESSION_COMMON SessionCommon
;
193 IKEV2_SA_SESSION
*IkeSaSession
;
195 IKEV2_SA_DATA
*SaData
;
198 UINT32 RemotePeerSpi
;
203 SA_KEYMATS ChildKeymats
;
204 IKEV2_DH_BUFFER
*DhBuffer
; //New DH exchnaged by CREATE_CHILD_SA
205 IPSEC_SPD_ENTRY
*Spd
;
206 EFI_IPSEC_SPD_SELECTOR
*SpdSelector
;
212 } IKEV2_CHILD_SA_SESSION
;
221 // This struct is used to pass the detail infromation to the InfoGenerator() for
222 // the response Information Exchange Message creatation.
226 IKEV2_INFO_TYPE InfoType
;
227 } IKEV2_INFO_EXCHANGE_CONTEXT
;
236 (*IKEV2_PACKET_GENERATOR
) (
243 (*IKEV2_PACKET_PARSER
) (
245 IN IKE_PACKET
*IkePacket
249 IKEV2_PACKET_PARSER Parser
;
250 IKEV2_PACKET_GENERATOR Generator
;
251 } IKEV2_PACKET_HANDLER
;
253 extern IKEV2_PACKET_HANDLER mIkev2Initial
[][2];
254 extern IKEV2_PACKET_HANDLER mIkev2CreateChild
;
255 extern IKEV2_PACKET_HANDLER mIkev2Info
;