2 The Interfaces of IPsec debug information printing.
4 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #include "IpSecImpl.h"
17 #include "IpSecDebug.h"
20 // The print title for IKEv1 variety phase.
22 CHAR8
*mIkev1StateStr
[IKE_STATE_NUM
] = {
26 "IKEv1_MAIN_ESTABLISHED",
29 "IKEv1_QUICK_ESTABLISHED"
33 // The print title for IKEv2 variety phase.
35 CHAR8
*mIkev2StateStr
[IKE_STATE_NUM
] = {
38 "IKEv2_STATE_SA_ESTABLISH",
39 "IKEv2_STATE_CREATE_CHILD",
40 "IKEv2_STATE_SA_REKEYING",
41 "IKEv2_STATE_CHILD_SA_ESTABLISHED",
42 "IKEv2_STATE_SA_DELETING"
46 // The print title for IKEv1 variety Exchagne.
48 CHAR8
*mExchangeStr
[] = {
49 "IKEv1 Main Exchange",
50 "IKEv1 Info Exchange",
51 "IKEv1 Quick Exchange",
52 "IKEv2 Initial Exchange",
53 "IKEv2 Auth Exchange",
54 "IKEv2 Create Child Exchange",
55 "IKEv2 Info Exchange",
60 // The print title for IKEv1 variety Payload.
62 CHAR8
*mIkev1PayloadStr
[] = {
65 "IKEv1 Proposal Payload",
66 "IKEv1 Transform Payload",
69 "IKEv1 Certificate Payload",
70 "IKEv1 Certificate Request Payload",
72 "IKEv1 Signature Payload",
73 "IKEv1 Nonce Payload",
74 "IKEv1 Notify Payload",
75 "IKEv1 Delete Payload",
76 "IKEv1 Vendor Payload"
80 // The print title for IKEv2 variety Payload.
82 CHAR8
* mIkev2PayloadStr
[] = {
85 "IKEv2 Identity Initial Payload",
86 "IKEv2 Identity Respond Payload",
87 "IKEv2 Certificate Payload",
88 "IKEv2 Certificate Request Payload",
90 "IKEv2 Nonce Payload",
91 "IKEv2 Notify Payload",
92 "IKEv2 Delet Payload",
93 "IKEv2 Vendor Payload",
94 "IKEv2 Traffic Selector Initiator Payload",
95 "IKEv2 Traffic Selector Respond Payload",
96 "IKEv2 Encrypt Payload",
97 "IKEv2 Configuration Payload",
98 "IKEv2 Extensible Authentication Payload"
102 Print the IP address.
104 @param[in] Level Debug print error level. Pass to DEBUG().
105 @param[in] Ip Point to a specified IP address.
106 @param[in] IpVersion The IP Version.
112 IN EFI_IP_ADDRESS
*Ip
,
116 if (IpVersion
== IP_VERSION_6
) {
119 "%x%x:%x%x:%x%x:%x%x",
131 ":%x%x:%x%x:%x%x:%x%x\n",
155 Print IKE Current states.
157 @param[in] Previous The Previous state of IKE.
158 @param[in] Current The current state of IKE.
159 @param[in] IkeVersion The version of IKE.
169 if (Previous
>= IKE_STATE_NUM
|| Current
>= IKE_STATE_NUM
) {
173 if (Previous
== Current
) {
174 if (IkeVersion
== 1) {
175 DEBUG ((DEBUG_INFO
, "\n****Current state is %a\n", mIkev1StateStr
[Previous
]));
176 } else if (IkeVersion
== 2) {
177 DEBUG ((DEBUG_INFO
, "\n****Current state is %a\n", mIkev2StateStr
[Previous
]));
180 if (IkeVersion
== 1) {
181 DEBUG ((DEBUG_INFO
, "\n****Change state from %a to %a\n", mIkev1StateStr
[Previous
], mIkev1StateStr
[Current
]));
183 DEBUG ((DEBUG_INFO
, "\n****Change state from %a to %a\n", mIkev2StateStr
[Previous
], mIkev2StateStr
[Current
]));
189 Print the IKE Packet.
191 @param[in] Packet Point to IKE packet to be printed.
192 @param[in] Direction Point to the IKE packet is inbound or outbound.
193 @param[in] IpVersion Specified IP Version.
198 IN IKE_PACKET
*Packet
,
199 IN EFI_IPSEC_TRAFFIC_DIR Direction
,
208 ASSERT (Packet
!= NULL
);
210 PacketSize
= Packet
->PayloadTotalSize
+ sizeof (IKE_HEADER
);
211 InitCookie
= (Direction
== EfiIPsecOutBound
) ? HTONLL (Packet
->Header
->InitiatorCookie
) : Packet
->Header
->InitiatorCookie
;
212 RespCookie
= (Direction
== EfiIPsecOutBound
) ? HTONLL (Packet
->Header
->ResponderCookie
) : Packet
->Header
->ResponderCookie
;
214 switch (Packet
->Header
->ExchangeType
) {
215 case IKE_XCG_TYPE_IDENTITY_PROTECT
:
216 TypeStr
= mExchangeStr
[0];
219 case IKE_XCG_TYPE_INFO
:
220 TypeStr
= mExchangeStr
[1];
223 case IKE_XCG_TYPE_QM
:
224 TypeStr
= mExchangeStr
[2];
227 case IKE_XCG_TYPE_SA_INIT
:
228 TypeStr
= mExchangeStr
[3];
231 case IKE_XCG_TYPE_AUTH
:
232 TypeStr
= mExchangeStr
[4];
235 case IKE_XCG_TYPE_CREATE_CHILD_SA
:
236 TypeStr
= mExchangeStr
[5];
239 case IKE_XCG_TYPE_INFO2
:
240 TypeStr
= mExchangeStr
[6];
244 TypeStr
= mExchangeStr
[7];
248 if (Direction
== EfiIPsecOutBound
) {
249 DEBUG ((DEBUG_INFO
, "\n>>>Sending %d bytes %a to ", PacketSize
, TypeStr
));
251 DEBUG ((DEBUG_INFO
, "\n>>>Receiving %d bytes %a from ", PacketSize
, TypeStr
));
254 IpSecDumpAddress (DEBUG_INFO
, &Packet
->RemotePeerIp
, IpVersion
);
256 DEBUG ((DEBUG_INFO
, " InitiatorCookie:0x%lx ResponderCookie:0x%lx\n", InitCookie
, RespCookie
));
259 " Version: 0x%x Flags:0x%x ExchangeType:0x%x\n",
260 Packet
->Header
->Version
,
261 Packet
->Header
->Flags
,
262 Packet
->Header
->ExchangeType
)
266 " MessageId:0x%x NextPayload:0x%x\n",
267 Packet
->Header
->MessageId
,
268 Packet
->Header
->NextPayload
)
274 Print the IKE Paylolad.
276 @param[in] IkePayload Point to payload to be printed.
277 @param[in] IkeVersion The specified version of IKE.
282 IN IKE_PAYLOAD
*IkePayload
,
286 if (IkeVersion
== 1) {
287 DEBUG ((DEBUG_INFO
, "+%a\n", mIkev1PayloadStr
[IkePayload
->PayloadType
]));
290 // For IKEV2 the first Payload type is started from 33.
292 DEBUG ((DEBUG_INFO
, "+%a\n", mIkev2PayloadStr
[IkePayload
->PayloadType
- 33]));
294 IpSecDumpBuf ("Payload data", IkePayload
->PayloadBuf
, IkePayload
->PayloadSize
);
298 Print the buffer in form of Hex.
300 @param[in] Title The strings to be printed before the data of the buffer.
301 @param[in] Data Points to buffer to be printed.
302 @param[in] DataSize The size of the buffer to be printed.
314 UINTN BytesRemaining
;
318 BytesRemaining
= DataSize
;
320 DEBUG ((DEBUG_INFO
, "==%a %d bytes==\n", Title
, DataSize
));
322 while (BytesRemaining
> 0) {
324 BytesToPrint
= (BytesRemaining
> IPSEC_DEBUG_BYTE_PER_LINE
) ? IPSEC_DEBUG_BYTE_PER_LINE
: BytesRemaining
;
326 for (Index
= 0; Index
< BytesToPrint
; Index
++) {
327 DEBUG ((DEBUG_INFO
, " 0x%02x,", Data
[DataIndex
++]));
330 DEBUG ((DEBUG_INFO
, "\n"));
331 BytesRemaining
-= BytesToPrint
;