[mirror_edk2.git] / MdePkg / Include / Protocol / IpSec.h

/** @file\r
  EFI IPSEC Protocol Definition\r
  The EFI_IPSEC_PROTOCOL is used to abstract the ability to deal with the individual\r
  packets sent and received by the host and provide packet-level security for IP datagram.\r
\r
  Copyright (c) 2009 - 2010, Intel Corporation\r
  All rights reserved. This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
  @par Revision Reference:          \r
  This Protocol is introduced in UEFI Specification 2.3\r
\r
**/\r
\r
#ifndef __EFI_IPSEC_PROTOCOL_H__\r
#define __EFI_IPSEC_PROTOCOL_H__\r
\r
#include <Protocol/IpSecConfig.h>\r
\r
#define EFI_IPSEC_PROTOCOL_GUID \\r
  { \\r
    0xdfb386f7, 0xe100, 0x43ad, {0x9c, 0x9a, 0xed, 0x90, 0xd0, 0x8a, 0x5e, 0x12 } \\r
  }\r
\r
typedef struct _EFI_IPSEC_PROTOCOL  EFI_IPSEC_PROTOCOL;\r
\r
///\r
/// EFI_IPSEC_FRAGMENT_DATA \r
/// defines the instances of packet fragments.\r
///\r
typedef struct _EFI_IPSEC_FRAGMENT_DATA { \r
  UINT32  FragmentLength;\r
  VOID    *FragmentBuffer;\r
} EFI_IPSEC_FRAGMENT_DATA; \r
\r
\r
/**\r
  Handles IPsec packet processing for inbound and outbound IP packets. \r
\r
  The EFI_IPSEC_PROCESS process routine handles each inbound or outbound packet.\r
  The behavior is that it can perform one of the following actions: \r
  bypass the packet, discard the packet, or protect the packet.       \r
\r
  @param[in]      This             Pointer to the EFI_IPSEC_PROTOCOL instance.\r
  @param[in]      NicHandle        Instance of the network interface.\r
  @param[in]      IpVer            IPV4 or IPV6.\r
  @param[in, out] IpHead           Pointer to the IP Header.\r
  @param[in]      LastHead         The protocol of the next layer to be processed by IPsec.\r
  @param[in]      OptionsBuffer    Pointer to the options buffer. \r
  @param[in]      OptionsLength    Length of the options buffer.\r
  @param[in, out] FragmentTable    Pointer to a list of fragments. \r
  @param[in]      FragmentCount    Number of fragments.\r
  @param[in]      TrafficDirection Traffic direction.\r
  @param[out]     RecycleSignal    Event for recycling of resources.\r
 \r
  @retval EFI_SUCCESS              The packet was bypassed and all buffers remain the same.\r
  @retval EFI_SUCCESS              The packet was protected.\r
  @retval EFI_ACCESS_DENIED        The packet was discarded.\r
\r
**/\r
typedef\r
EFI_STATUS\r
(EFIAPI  *EFI_IPSEC_PROCESS)(\r
  IN     EFI_IPSEC_PROTOCOL      *This,\r
  IN     EFI_HANDLE              NicHandle,\r
  IN     UINT8                   IpVer,\r
  IN OUT VOID                    *IpHead,\r
  IN     UINT8                   *LastHead,\r
  IN     VOID                    *OptionsBuffer,\r
  IN     UINT32                  OptionsLength,\r
  IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable,\r
  IN     UINT32                  *FragmentCount,\r
  IN     EFI_IPSEC_TRAFFIC_DIR   TrafficDirection,\r
     OUT EFI_EVENT               *RecycleSignal\r
  );\r
\r
///\r
/// EFI_IPSEC_PROTOCOL \r
/// provides the ability for  securing IP communications by authenticating\r
/// and/or encrypting each IP packet in a data stream. \r
//  EFI_IPSEC_PROTOCOL can be consumed by both the IPv4 and IPv6 stack.\r
//  A user can employ this protocol for IPsec package handling in both IPv4\r
//  and IPv6 environment.\r
///\r
struct _EFI_IPSEC_PROTOCOL {\r
  EFI_IPSEC_PROCESS      Process;           ///< Handle the IPsec message.\r
  EFI_EVENT              DisabledEvent;     ///< Event signaled when the interface is disabled.\r
  BOOLEAN                DisabledFlag;      ///< State of the interface.\r
};\r
\r
extern EFI_GUID gEfiIpSecProtocolGuid;\r
\r
#endif\r
Commit	Line	Data
fa05b97b	1	/** @file\r
	2	EFI IPSEC Protocol Definition\r
	3	The EFI_IPSEC_PROTOCOL is used to abstract the ability to deal with the individual\r
	4	packets sent and received by the host and provide packet-level security for IP datagram.\r
	5	\r
a1749b80	6	Copyright (c) 2009 - 2010, Intel Corporation\r
fa05b97b	7	All rights reserved. This program and the accompanying materials\r
	8	are licensed and made available under the terms and conditions of the BSD License\r
	9	which accompanies this distribution. The full text of the license may be found at\r
	10	http://opensource.org/licenses/bsd-license.php\r
	11	\r
	12	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	13	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	14	\r
	15	@par Revision Reference: \r
	16	This Protocol is introduced in UEFI Specification 2.3\r
	17	\r
	18	**/\r
	19	\r
	20	#ifndef __EFI_IPSEC_PROTOCOL_H__\r
	21	#define __EFI_IPSEC_PROTOCOL_H__\r
	22	\r
	23	#include <Protocol/IpSecConfig.h>\r
	24	\r
	25	#define EFI_IPSEC_PROTOCOL_GUID \\r
	26	{ \\r
	27	0xdfb386f7, 0xe100, 0x43ad, {0x9c, 0x9a, 0xed, 0x90, 0xd0, 0x8a, 0x5e, 0x12 } \\r
	28	}\r
	29	\r
	30	typedef struct _EFI_IPSEC_PROTOCOL EFI_IPSEC_PROTOCOL;\r
	31	\r
	32	///\r
	33	/// EFI_IPSEC_FRAGMENT_DATA \r
	34	/// defines the instances of packet fragments.\r
	35	///\r
	36	typedef struct _EFI_IPSEC_FRAGMENT_DATA { \r
	37	UINT32 FragmentLength;\r
	38	VOID *FragmentBuffer;\r
	39	} EFI_IPSEC_FRAGMENT_DATA; \r
	40	\r
	41	\r
	42	/**\r
	43	Handles IPsec packet processing for inbound and outbound IP packets. \r
	44	\r
	45	The EFI_IPSEC_PROCESS process routine handles each inbound or outbound packet.\r
	46	The behavior is that it can perform one of the following actions: \r
	47	bypass the packet, discard the packet, or protect the packet. \r
	48	\r
	49	@param[in] This Pointer to the EFI_IPSEC_PROTOCOL instance.\r
	50	@param[in] NicHandle Instance of the network interface.\r
	51	@param[in] IpVer IPV4 or IPV6.\r
	52	@param[in, out] IpHead Pointer to the IP Header.\r
	53	@param[in] LastHead The protocol of the next layer to be processed by IPsec.\r
	54	@param[in] OptionsBuffer Pointer to the options buffer. \r
	55	@param[in] OptionsLength Length of the options buffer.\r
	56	@param[in, out] FragmentTable Pointer to a list of fragments. \r
	57	@param[in] FragmentCount Number of fragments.\r
	58	@param[in] TrafficDirection Traffic direction.\r
	59	@param[out] RecycleSignal Event for recycling of resources.\r
	60	\r
	61	@retval EFI_SUCCESS The packet was bypassed and all buffers remain the same.\r
	62	@retval EFI_SUCCESS The packet was protected.\r
	63	@retval EFI_ACCESS_DENIED The packet was discarded.\r
	64	\r
	65	**/\r
	66	typedef\r
	67	EFI_STATUS\r
a1749b80	68	(EFIAPI *EFI_IPSEC_PROCESS)(\r
fa05b97b	69	IN EFI_IPSEC_PROTOCOL *This,\r
	70	IN EFI_HANDLE NicHandle,\r
	71	IN UINT8 IpVer,\r
	72	IN OUT VOID *IpHead,\r
	73	IN UINT8 *LastHead,\r
	74	IN VOID *OptionsBuffer,\r
	75	IN UINT32 OptionsLength,\r
	76	IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable,\r
	77	IN UINT32 *FragmentCount,\r
	78	IN EFI_IPSEC_TRAFFIC_DIR TrafficDirection,\r
	79	OUT EFI_EVENT *RecycleSignal\r
	80	);\r
	81	\r
	82	///\r
	83	/// EFI_IPSEC_PROTOCOL \r
	84	/// provides the ability for securing IP communications by authenticating\r
	85	/// and/or encrypting each IP packet in a data stream. \r
	86	// EFI_IPSEC_PROTOCOL can be consumed by both the IPv4 and IPv6 stack.\r
	87	// A user can employ this protocol for IPsec package handling in both IPv4\r
	88	// and IPv6 environment.\r
	89	///\r
	90	struct _EFI_IPSEC_PROTOCOL {\r
	91	EFI_IPSEC_PROCESS Process; ///< Handle the IPsec message.\r
	92	EFI_EVENT DisabledEvent; ///< Event signaled when the interface is disabled.\r
	93	BOOLEAN DisabledFlag; ///< State of the interface.\r
	94	};\r
	95	\r
	96	extern EFI_GUID gEfiIpSecProtocolGuid;\r
	97	\r
	98	#endif\r