/** @file\r
- The interfaces of IKE/Child session operations and payload related operations \r
+ The interfaces of IKE/Child session operations and payload related operations\r
used by IKE Exchange Process.\r
\r
- Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
Private->Ikev2SaSession list or Private->Ikev2EstablishedList list.\r
\r
@param[in] SaSessionList Pointer to list to be inserted into.\r
- @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be inserted. \r
- @param[in] RemotePeerIp Pointer to EFI_IP_ADDRESSS to indicate the \r
+ @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be inserted.\r
+ @param[in] RemotePeerIp Pointer to EFI_IP_ADDRESSS to indicate the\r
unique IKEV2_SA_SESSION.\r
\r
**/\r
@param[in] SaSessionList Pointer to list to be searched.\r
@param[in] RemotePeerIp Pointer to EFI_IP_ADDRESS to use for SA Session search.\r
\r
- @retval Pointer to IKEV2_SA_SESSION with the specified remote IP address. \r
+ @retval Pointer to IKEV2_SA_SESSION with the specified remote IP address.\r
\r
**/\r
IKEV2_SA_SESSION *\r
);\r
\r
/**\r
- Free specified IKEV2 SA Session. \r
+ Free specified IKEV2 SA Session.\r
\r
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be freed.\r
\r
);\r
\r
/**\r
- Free specified Seession Common. The session common would belong to a IKE SA or \r
+ Free specified Seession Common. The session common would belong to a IKE SA or\r
a Child SA.\r
\r
@param[in] SessionCommon Pointer to a Session Common.\r
\r
/**\r
Allocate Momery for IKEV2 Child SA Session.\r
- \r
+\r
@param[in] UdpService Pointer to IKE_UDP_SERVICE.\r
- @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to this Child SA \r
+ @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to this Child SA\r
Session.\r
\r
@retval Pointer of a new created IKEV2 Child SA Session.\r
);\r
\r
/**\r
- Register a established IKEv2 Child SA into IkeSaSession->ChildSaEstablishSessionList. \r
- If the there is IKEV2_CHILD_SA_SESSION with same remote peer IP, remove the old one \r
+ Register a established IKEv2 Child SA into IkeSaSession->ChildSaEstablishSessionList.\r
+ If the there is IKEV2_CHILD_SA_SESSION with same remote peer IP, remove the old one\r
then register the new one.\r
\r
@param[in] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION to be registered.\r
\r
This functin find a ChildSA session by searching the ChildSaSessionlist of\r
the input IKEV2_SA_SESSION by specified MessageID.\r
- \r
+\r
@param[in] SaSessionList Pointer to List to be searched.\r
@param[in] Spi Specified SPI.\r
\r
\r
/**\r
Remove the IKEV2_CHILD_SA_SESSION from IkeSaSessionList.\r
- \r
+\r
@param[in] SaSessionList The SA Session List to be iterated.\r
@param[in] Spi Spi used to identify the IKEV2_CHILD_SA_SESSION.\r
- @param[in] ListType The type of the List to indicate whether it is a \r
- Established. \r
+ @param[in] ListType The type of the List to indicate whether it is a\r
+ Established.\r
\r
@return The point to IKEV2_CHILD_SA_SESSION.\r
- \r
+\r
**/\r
IKEV2_CHILD_SA_SESSION *\r
Ikev2ChildSaSessionRemove (\r
IN LIST_ENTRY *SaSessionList,\r
- IN UINT32 Spi, \r
- IN UINT8 ListType \r
+ IN UINT32 Spi,\r
+ IN UINT8 ListType\r
);\r
\r
/**\r
);\r
\r
/**\r
- Free the memory located for the specified IKEV2_CHILD_SA_SESSION. \r
+ Free the memory located for the specified IKEV2_CHILD_SA_SESSION.\r
\r
@param[in] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION.\r
\r
Free the specified DhBuffer.\r
\r
@param[in] DhBuffer Pointer to IKEV2_DH_BUFFER to be freed.\r
- \r
+\r
**/\r
VOID\r
Ikev2DhBufferFree (\r
\r
/**\r
This function is to parse a request IKE packet and return its request type.\r
- The request type is one of IKE CHILD SA creation, IKE SA rekeying and \r
+ The request type is one of IKE CHILD SA creation, IKE SA rekeying and\r
IKE CHILD SA rekeying.\r
\r
@param[in] IkePacket IKE packet to be prased.\r
\r
/**\r
This function finds the SPI from Create Child Sa Exchange Packet.\r
- \r
+\r
@param[in] IkePacket Pointer to IKE_PACKET to be searched.\r
\r
@retval SPI number.\r
/**\r
Associate a SPD selector to the Child SA Session.\r
\r
- This function is called when the Child SA is not the first child SA of its \r
+ This function is called when the Child SA is not the first child SA of its\r
IKE SA. It associate a SPD to this Child SA.\r
\r
- @param[in, out] ChildSaSession Pointer to the Child SA Session to be associated to \r
+ @param[in, out] ChildSaSession Pointer to the Child SA Session to be associated to\r
a SPD selector.\r
\r
@retval EFI_SUCCESS Associate one SPD selector to this Child SA Session successfully.\r
Generate Ikev2 SA payload according to SessionSaData\r
\r
@param[in] SessionSaData The data used in SA payload.\r
- @param[in] NextPayload The payload type presented in NextPayload field of \r
+ @param[in] NextPayload The payload type presented in NextPayload field of\r
SA Payload header.\r
@param[in] Type The SA type. It MUST be neither (1) for IKE_SA or\r
(2) for CHILD_SA or (3) for INFO.\r
\r
@retval a Pointer to SA IKE payload.\r
- \r
+\r
**/\r
IKE_PAYLOAD *\r
Ikev2GenerateSaPayload (\r
Generate a ID payload.\r
\r
@param[in] CommonSession Pointer to IKEV2_SESSION_COMMON related to ID payload.\r
- @param[in] NextPayload The payload type presented in the NextPayload field \r
+ @param[in] NextPayload The payload type presented in the NextPayload field\r
of ID Payload header.\r
\r
@retval Pointer to ID IKE payload.\r
Generate a ID payload.\r
\r
@param[in] CommonSession Pointer to IKEV2_SESSION_COMMON related to ID payload.\r
- @param[in] NextPayload The payload type presented in the NextPayload field \r
+ @param[in] NextPayload The payload type presented in the NextPayload field\r
of ID Payload header.\r
@param[in] InCert Pointer to the Certificate which distinguished name\r
will be added into the Id payload.\r
IKE_PAYLOAD *\r
Ikev2GenerateCertIdPayload (\r
IN IKEV2_SESSION_COMMON *CommonSession,\r
- IN UINT8 NextPayload, \r
+ IN UINT8 NextPayload,\r
IN UINT8 *InCert,\r
IN UINTN CertSize\r
);\r
/**\r
Generate a Nonce payload contenting the input parameter NonceBuf.\r
\r
- @param[in] NonceBuf The nonce buffer content the whole Nonce payload block \r
+ @param[in] NonceBuf The nonce buffer content the whole Nonce payload block\r
except the payload header.\r
@param[in] NonceSize The buffer size of the NonceBuf\r
- @param[in] NextPayload The payload type presented in the NextPayload field \r
+ @param[in] NextPayload The payload type presented in the NextPayload field\r
of Nonce Payload header.\r
\r
@retval Pointer to Nonce IKE paload.\r
Generate the Notify payload.\r
\r
Since the structure of Notify payload which defined in RFC 4306 is simple, so\r
- there is no internal data structure for Notify payload. This function generate \r
- Notify payload defined in RFC 4306, but all the fields in this payload are still \r
- in host order and need call Ikev2EncodePayload() to convert those fields from \r
+ there is no internal data structure for Notify payload. This function generate\r
+ Notify payload defined in RFC 4306, but all the fields in this payload are still\r
+ in host order and need call Ikev2EncodePayload() to convert those fields from\r
the host order to network order beforing sending it.\r
\r
@param[in] ProtocolId The protocol type ID. For IKE_SA it MUST be one (1).\r
For IPsec SAs it MUST be neither (2) for AH or (3)\r
for ESP.\r
- @param[in] NextPayload The next paylaod type in NextPayload field of \r
+ @param[in] NextPayload The next paylaod type in NextPayload field of\r
the Notify payload.\r
@param[in] SpiSize Size of the SPI in SPI size field of the Notify Payload.\r
- @param[in] MessageType The message type in NotifyMessageType field of the \r
+ @param[in] MessageType The message type in NotifyMessageType field of the\r
Notify Payload.\r
@param[in] SpiBuf Pointer to buffer contains the SPI value.\r
@param[in] NotifyData Pointer to buffer contains the notification data.\r
@param[in] NotifyDataSize The size of NotifyData in bytes.\r
- \r
+\r
\r
@retval Pointer to IKE Notify Payload.\r
\r
/**\r
Generate the Delete payload.\r
\r
- Since the structure of Delete payload which defined in RFC 4306 is simple, \r
- there is no internal data structure for Delete payload. This function generate \r
- Delete payload defined in RFC 4306, but all the fields in this payload are still \r
- in host order and need call Ikev2EncodePayload() to convert those fields from \r
+ Since the structure of Delete payload which defined in RFC 4306 is simple,\r
+ there is no internal data structure for Delete payload. This function generate\r
+ Delete payload defined in RFC 4306, but all the fields in this payload are still\r
+ in host order and need call Ikev2EncodePayload() to convert those fields from\r
the host order to network order beforing sending it.\r
\r
@param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload generation.\r
- @param[in] NextPayload The next paylaod type in NextPayload field of \r
+ @param[in] NextPayload The next paylaod type in NextPayload field of\r
the Delete payload.\r
@param[in] SpiSize Size of the SPI in SPI size field of the Delete Payload.\r
@param[in] SpiNum Number of SPI in NumofSPIs field of the Delete Payload.\r
IN UINT8 NextPayload,\r
IN UINT8 SpiSize,\r
IN UINT16 SpiNum,\r
- IN UINT8 *SpiBuf \r
+ IN UINT8 *SpiBuf\r
);\r
\r
/**\r
Generate the Configuration payload.\r
\r
- This function generates a configuration payload defined in RFC 4306, but all the \r
- fields in this payload are still in host order and need call Ikev2EncodePayload() \r
+ This function generates a configuration payload defined in RFC 4306, but all the\r
+ fields in this payload are still in host order and need call Ikev2EncodePayload()\r
to convert those fields from the host order to network order beforing sending it.\r
\r
@param[in] IkeSaSession Pointer to IKE SA Session to be used for Delete payload\r
generation.\r
- @param[in] NextPayload The next paylaod type in NextPayload field of \r
+ @param[in] NextPayload The next paylaod type in NextPayload field of\r
the Delete payload.\r
@param[in] CfgType The attribute type in the Configuration attribute.\r
\r
/**\r
Generate a Authentication Payload.\r
\r
- This function is used for both Authentication generation and verification. When the \r
- IsVerify is TRUE, it create a Auth Data for verification. This function choose the \r
+ This function is used for both Authentication generation and verification. When the\r
+ IsVerify is TRUE, it create a Auth Data for verification. This function choose the\r
related IKE_SA_INIT Message for Auth data creation according to the IKE Session's type\r
and the value of IsVerify parameter.\r
\r
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to.\r
- @param[in] IdPayload Pointer to the ID payload to be used for Authentication \r
+ @param[in] IdPayload Pointer to the ID payload to be used for Authentication\r
payload generation.\r
- @param[in] NextPayload The type filled into the Authentication Payload next \r
+ @param[in] NextPayload The type filled into the Authentication Payload next\r
payload field.\r
@param[in] IsVerify If it is TURE, the Authentication payload is used for\r
verification.\r
);\r
\r
/**\r
- Generate a Authentication Payload for Certificate Auth method. \r
+ Generate a Authentication Payload for Certificate Auth method.\r
\r
- This function has two functions. One is creating a local Authentication \r
- Payload for sending and other is creating the remote Authentication data \r
+ This function has two functions. One is creating a local Authentication\r
+ Payload for sending and other is creating the remote Authentication data\r
for verification when the IsVerify is TURE.\r
\r
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to.\r
- @param[in] IdPayload Pointer to the ID payload to be used for Authentication \r
+ @param[in] IdPayload Pointer to the ID payload to be used for Authentication\r
payload generation.\r
- @param[in] NextPayload The type filled into the Authentication Payload \r
+ @param[in] NextPayload The type filled into the Authentication Payload\r
next payload field.\r
- @param[in] IsVerify If it is TURE, the Authentication payload is used \r
+ @param[in] IsVerify If it is TURE, the Authentication payload is used\r
for verification.\r
- @param[in] UefiPrivateKey Pointer to the UEFI private key. Ignore it when \r
+ @param[in] UefiPrivateKey Pointer to the UEFI private key. Ignore it when\r
verify the authenticate payload.\r
- @param[in] UefiPrivateKeyLen The size of UefiPrivateKey in bytes. Ignore it \r
+ @param[in] UefiPrivateKeyLen The size of UefiPrivateKey in bytes. Ignore it\r
when verify the authenticate payload.\r
- @param[in] UefiKeyPwd Pointer to the password of UEFI private key. \r
+ @param[in] UefiKeyPwd Pointer to the password of UEFI private key.\r
Ignore it when verify the authenticate payload.\r
- @param[in] UefiKeyPwdLen The size of UefiKeyPwd in bytes.Ignore it when \r
+ @param[in] UefiKeyPwdLen The size of UefiKeyPwd in bytes.Ignore it when\r
verify the authenticate payload.\r
\r
@return pointer to IKE Authentication payload for certification method.\r
This function generates TSi or TSr payload according to type of next payload.\r
If the next payload is Responder TS, gereate TSi Payload. Otherwise, generate\r
TSr payload\r
- \r
+\r
@param[in] ChildSa Pointer to IKEV2_CHILD_SA_SESSION related to this TS payload.\r
- @param[in] NextPayload The payload type presented in the NextPayload field \r
+ @param[in] NextPayload The payload type presented in the NextPayload field\r
of ID Payload header.\r
@param[in] IsTunnel It indicates that if the Ts Payload is after the CP payload.\r
If yes, it means the Tsi and Tsr payload should be with\r
IPSEC_PROTO_ISAKMP or if the SpiSize is not zero or if the MessageType is not\r
the COOKIE, return EFI_INVALID_PARAMETER.\r
\r
- @param[in] IkeNCookie Pointer to the IKE_PAYLOAD which contians the \r
+ @param[in] IkeNCookie Pointer to the IKE_PAYLOAD which contians the\r
Notify Cookie payload.\r
the Notify payload.\r
@param[in, out] IkeSaSession Pointer to the relevant IKE SA Session.\r
/**\r
Generate the Certificate payload or Certificate Request Payload.\r
\r
- Since the Certificate Payload structure is same with Certificate Request Payload, \r
+ Since the Certificate Payload structure is same with Certificate Request Payload,\r
the only difference is that one contains the Certificate Data, other contains\r
- the acceptable certificateion CA. This function generate Certificate payload \r
- or Certificate Request Payload defined in RFC 4306, but all the fields \r
- in the payload are still in host order and need call Ikev2EncodePayload() \r
+ the acceptable certificateion CA. This function generate Certificate payload\r
+ or Certificate Request Payload defined in RFC 4306, but all the fields\r
+ in the payload are still in host order and need call Ikev2EncodePayload()\r
to convert those fields from the host order to network order beforing sending it.\r
\r
- @param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload \r
+ @param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload\r
generation.\r
- @param[in] NextPayload The next paylaod type in NextPayload field of \r
+ @param[in] NextPayload The next paylaod type in NextPayload field of\r
the Delete payload.\r
@param[in] Certificate Pointer of buffer contains the certification data.\r
@param[in] CertificateLen The length of Certificate in byte.\r
IN UINT8 EncodeType,\r
IN BOOLEAN IsRequest\r
);\r
- \r
+\r
/**\r
General interface of payload encoding.\r
\r
- This function encode the internal data structure into payload which \r
- is defined in RFC 4306. The IkePayload->PayloadBuf used to store both the input \r
- payload and converted payload. Only the SA payload use the interal structure \r
- to store the attribute. Other payload use structure which is same with the RFC \r
- defined, for this kind payloads just do host order to network order change of \r
+ This function encode the internal data structure into payload which\r
+ is defined in RFC 4306. The IkePayload->PayloadBuf used to store both the input\r
+ payload and converted payload. Only the SA payload use the interal structure\r
+ to store the attribute. Other payload use structure which is same with the RFC\r
+ defined, for this kind payloads just do host order to network order change of\r
some fields.\r
\r
@param[in] SessionCommon Pointer to IKE Session Common used to encode the payload.\r
\r
@param[in] SessionCommon Pointer to IKE Session Common to use for decoding.\r
@param[in, out] IkePayload Pointer to IKE payload to be decode as input, and\r
- store the decoded result as output. \r
+ store the decoded result as output.\r
\r
@retval EFI_INVALID_PARAMETER Meet error when decode the SA payload.\r
@retval EFI_SUCCESS Decode successfully.\r
\r
This function decrpt the Encrypted IKE packet and put the result into IkePacket->PayloadBuf.\r
\r
- @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing \r
+ @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing\r
some parameter used during decrypting.\r
- @param[in, out] IkePacket Point to IKE_PACKET to be decrypted as input, \r
+ @param[in, out] IkePacket Point to IKE_PACKET to be decrypted as input,\r
and the decrypted reslult as output.\r
@param[in, out] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and\r
IKE_CHILD_TYPE are supportted.\r
\r
- @retval EFI_INVALID_PARAMETER If the IKE packet length is zero or the \r
+ @retval EFI_INVALID_PARAMETER If the IKE packet length is zero or the\r
IKE packet length is not Algorithm Block Size\r
alignment.\r
@retval EFI_SUCCESS Decrypt IKE packet successfully.\r
- \r
+\r
**/\r
EFI_STATUS\r
Ikev2DecryptPacket (\r
\r
This function encrypt IKE packet before sending it. The Encrypted IKE packet\r
is put in to IKEV2 Encrypted Payload.\r
- \r
+\r
@param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON related to the IKE packet.\r
@param[in, out] IkePacket Pointer to IKE packet to be encrypted.\r
\r
\r
This function put all Payloads into one payload then encrypt it if needed.\r
\r
- @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing \r
+ @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing\r
some parameter used during IKE packet encoding.\r
- @param[in, out] IkePacket Pointer to IKE_PACKET to be encoded as input, \r
+ @param[in, out] IkePacket Pointer to IKE_PACKET to be encoded as input,\r
and the encoded reslult as output.\r
@param[in] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and\r
IKE_CHILD_TYPE are supportted.\r
/**\r
Decode the IKE packet.\r
\r
- This function first decrypts the IKE packet if needed , then separats the whole \r
+ This function first decrypts the IKE packet if needed , then separats the whole\r
IKE packet from the IkePacket->PayloadBuf into IkePacket payload list.\r
- \r
- @param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON containing \r
+\r
+ @param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON containing\r
some parameter used by IKE packet decoding.\r
- @param[in, out] IkePacket The IKE Packet to be decoded on input, and \r
+ @param[in, out] IkePacket The IKE Packet to be decoded on input, and\r
the decoded result on return.\r
@param[in] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and\r
IKE_CHILD_TYPE are supportted.\r
@param[in] IkeUdpService Pointer to IKE_UDP_SERVICE used to send the IKE packet.\r
@param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON related to the IKE packet.\r
@param[in] IkePacket Pointer to IKE_PACKET to be sent out.\r
- @param[in] IkeType The type of IKE to point what's kind of the IKE \r
- packet is to be sent out. IKE_SA_TYPE, IKE_INFO_TYPE \r
+ @param[in] IkeType The type of IKE to point what's kind of the IKE\r
+ packet is to be sent out. IKE_SA_TYPE, IKE_INFO_TYPE\r
and IKE_CHILD_TYPE are supportted.\r
\r
@retval EFI_SUCCESS The operation complete successfully.\r
/**\r
Callback function for the IKE life time is over.\r
\r
- This function will mark the related IKE SA Session as deleting and trigger a \r
+ This function will mark the related IKE SA Session as deleting and trigger a\r
Information negotiation.\r
\r
@param[in] Event The time out event.\r
@param[in] Context Pointer to data passed by caller.\r
- \r
+\r
**/\r
VOID\r
EFIAPI\r
);\r
\r
/**\r
- Generate a Key Exchange payload according to the DH group type and save the \r
+ Generate a Key Exchange payload according to the DH group type and save the\r
public Key into IkeSaSession IkeKey field.\r
\r
@param[in, out] IkeSaSession Pointer of the IKE_SA_SESSION.\r
- @param[in] NextPayload The payload type presented in the NextPayload field of Key \r
+ @param[in] NextPayload The payload type presented in the NextPayload field of Key\r
Exchange Payload header.\r
\r
@retval Pointer to Key IKE payload.\r
**/\r
IKE_PAYLOAD *\r
Ikev2GenerateKePayload (\r
- IN OUT IKEV2_SA_SESSION *IkeSaSession, \r
- IN UINT8 NextPayload \r
+ IN OUT IKEV2_SA_SESSION *IkeSaSession,\r
+ IN UINT8 NextPayload\r
);\r
\r
/**\r
Check if the SPD is related to the input Child SA Session.\r
\r
This function is the subfunction of Ikev1AssociateSpdEntry(). It is the call\r
- back function of IpSecVisitConfigData(). \r
- \r
+ back function of IpSecVisitConfigData().\r
+\r
\r
@param[in] Type Type of the input Config Selector.\r
- @param[in] Selector Pointer to the Configure Selector to be checked. \r
- @param[in] Data Pointer to the Configure Selector's Data passed \r
+ @param[in] Selector Pointer to the Configure Selector to be checked.\r
+ @param[in] Data Pointer to the Configure Selector's Data passed\r
from the caller.\r
@param[in] SelectorSize The buffer size of Selector.\r
@param[in] DataSize The buffer size of the Data.\r
@param[in] Context The data passed from the caller. It is a Child\r
SA Session in this context.\r
\r
- @retval EFI_SUCCESS The SPD Selector is not related to the Child SA Session. \r
- @retval EFI_ABORTED The SPD Selector is related to the Child SA session and \r
+ @retval EFI_SUCCESS The SPD Selector is not related to the Child SA Session.\r
+ @retval EFI_ABORTED The SPD Selector is related to the Child SA session and\r
set the ChildSaSession->Spd to point to this SPD Selector.\r
\r
**/\r
\r
/**\r
Parse the received Initial Exchange Packet.\r
- \r
- This function parse the SA Payload and Key Payload to find out the cryptographic \r
- suite for the further IKE negotiation and fill it into the IKE SA Session's \r
+\r
+ This function parse the SA Payload and Key Payload to find out the cryptographic\r
+ suite for the further IKE negotiation and fill it into the IKE SA Session's\r
CommonSession->SaParams.\r
\r
@param[in, out] IkeSaSession Pointer to related IKEV2_SA_SESSION.\r
@param[in] SaPayload The received packet.\r
- @param[in] Type The received packet IKE header flag. \r
+ @param[in] Type The received packet IKE header flag.\r
\r
@retval TRUE If the SA proposal in Packet is acceptable.\r
@retval FALSE If the SA proposal in Packet is not acceptable.\r
\r
/**\r
Parse the received Authentication Exchange Packet.\r
- \r
+\r
This function parse the SA Payload and Key Payload to find out the cryptographic\r
suite for the ESP and fill it into the Child SA Session's CommonSession->SaParams.\r
- \r
- @param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to \r
+\r
+ @param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to\r
this Authentication Exchange.\r
@param[in] SaPayload The received packet.\r
- @param[in] Type The IKE header's flag of received packet . \r
- \r
+ @param[in] Type The IKE header's flag of received packet .\r
+\r
@retval TRUE If the SA proposal in Packet is acceptable.\r
@retval FALSE If the SA proposal in Packet is not acceptable.\r
\r
/**\r
Generate Key buffer from fragments.\r
\r
- If the digest length of specified HashAlgId is larger than or equal with the \r
- required output key length, derive the key directly. Otherwise, Key Material \r
- needs to be PRF-based concatenation according to 2.13 of RFC 4306: \r
+ If the digest length of specified HashAlgId is larger than or equal with the\r
+ required output key length, derive the key directly. Otherwise, Key Material\r
+ needs to be PRF-based concatenation according to 2.13 of RFC 4306:\r
prf+ (K,S) = T1 | T2 | T3 | T4 | ..., T1 = prf (K, S | 0x01),\r
T2 = prf (K, T1 | S | 0x02), T3 = prf (K, T2 | S | 0x03),T4 = prf (K, T3 | S | 0x04)\r
then derive the key from this key material.\r
- \r
+\r
@param[in] HashAlgId The Hash Algorithm ID used to generate key.\r
@param[in] HashKey Pointer to a key buffer which contains hash key.\r
@param[in] HashKeyLength The length of HashKey in bytes.\r
- @param[in, out] OutputKey Pointer to buffer which is used to receive the \r
+ @param[in, out] OutputKey Pointer to buffer which is used to receive the\r
output key.\r
@param[in] OutputKeyLength The length of OutPutKey buffer.\r
@param[in] Fragments Pointer to the data to be used to generate key.\r
Copy ChildSaSession->Spd->Selector to ChildSaSession->SpdSelector.\r
\r
ChildSaSession->SpdSelector stores the real Spdselector for its SA. Sometime,\r
- the SpdSelector in ChildSaSession is more accurated or the scope is smaller \r
+ the SpdSelector in ChildSaSession is more accurated or the scope is smaller\r
than the one in ChildSaSession->Spd, especially for the tunnel mode.\r
- \r
+\r
@param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to.\r
\r
@retval EFI_SUCCESS The operation complete successfully.\r
@retval EFI_OUT_OF_RESOURCES If the required resource can't be allocated.\r
- \r
+\r
**/\r
EFI_STATUS\r
Ikev2ChildSaSessionSpdSelectorCreate (\r