[mirror_edk2.git] / NetworkPkg / Application / IpsecConfig / Dump.c

/** @file\r
  The implementation of dump policy entry function in IpSecConfig application.\r
\r
  Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
\r
  This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php.\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include "IpSecConfig.h"\r
#include "Dump.h"\r
#include "ForEach.h"\r
#include "Helper.h"\r
\r
/**\r
  Private function called to get the version infomation from an EFI_IP_ADDRESS_INFO structure.\r
\r
  @param[in] AddressInfo    The pointer to the EFI_IP_ADDRESS_INFO structure.\r
\r
  @return the value of version.\r
**/\r
UINTN\r
GetVerFromAddrInfo (\r
  IN EFI_IP_ADDRESS_INFO    *AddressInfo\r
)\r
{\r
  if((AddressInfo->PrefixLength <= 32) && (AddressInfo->Address.Addr[1] == 0) &&\r
     (AddressInfo->Address.Addr[2] == 0) && (AddressInfo->Address.Addr[3] == 0)) {\r
    return IP_VERSION_4;\r
  } else {\r
    return IP_VERSION_6;\r
  }\r
}\r
\r
/**\r
  Private function called to get the version information from a EFI_IP_ADDRESS structure.\r
\r
  @param[in] Address    The pointer to the EFI_IP_ADDRESS structure.\r
\r
  @return The value of the version.\r
**/\r
UINTN\r
GetVerFromIpAddr (\r
  IN EFI_IP_ADDRESS    *Address\r
)\r
{\r
  if ((Address->Addr[1] == 0) && (Address->Addr[2] == 0) && (Address->Addr[3] == 0)) {\r
    return IP_VERSION_4;\r
  } else {\r
    return IP_VERSION_6;\r
  }\r
}\r
\r
/**\r
  Private function called to print an ASCII string in unicode char format.\r
\r
  @param[in] Str       The pointer to the ASCII string.\r
  @param[in] Length    The value of the ASCII string length.\r
**/\r
VOID\r
DumpAsciiString (\r
  IN CHAR8    *Str,\r
  IN UINTN    Length\r
  )\r
{\r
  UINTN    Index;\r
  for (Index = 0; Index < Length; Index++) {\r
    Print (L"%c", (CHAR16) Str[Index]);\r
  }\r
}\r
\r
/**\r
  Private function called to print EFI_IP_ADDRESS_INFO content.\r
\r
  @param[in] AddressInfo    The pointer to the EFI_IP_ADDRESS_INFO structure.\r
**/\r
VOID\r
DumpAddressInfo (\r
  IN EFI_IP_ADDRESS_INFO    *AddressInfo\r
  )\r
{\r
  if (IP_VERSION_4 == GetVerFromAddrInfo (AddressInfo)) {\r
    Print (\r
      L"%d.%d.%d.%d",\r
      (UINTN) AddressInfo->Address.v4.Addr[0],\r
      (UINTN) AddressInfo->Address.v4.Addr[1],\r
      (UINTN) AddressInfo->Address.v4.Addr[2],\r
      (UINTN) AddressInfo->Address.v4.Addr[3]\r
      );\r
    if (AddressInfo->PrefixLength != 32) {\r
      Print (L"/%d", (UINTN) AddressInfo->PrefixLength);\r
    }\r
  }\r
\r
  if (IP_VERSION_6 == GetVerFromAddrInfo (AddressInfo)) {\r
    Print (\r
      L"%x:%x:%x:%x:%x:%x:%x:%x",\r
      (((UINT16) AddressInfo->Address.v6.Addr[0]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[1]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[2]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[3]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[4]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[5]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[6]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[7]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[8]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[9]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[10]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[11]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[12]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[13]),\r
      (((UINT16) AddressInfo->Address.v6.Addr[14]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[15])\r
      );\r
    if (AddressInfo->PrefixLength != 128) {\r
      Print (L"/%d", AddressInfo->PrefixLength);\r
    }\r
  }\r
}\r
\r
/**\r
  Private function called to print EFI_IP_ADDRESS content.\r
\r
  @param[in] IpAddress    The pointer to the EFI_IP_ADDRESS structure.\r
**/\r
VOID\r
DumpIpAddress (\r
  IN EFI_IP_ADDRESS    *IpAddress\r
  )\r
{\r
  if (IP_VERSION_4 == GetVerFromIpAddr (IpAddress)) {\r
    Print (\r
      L"%d.%d.%d.%d",\r
      (UINTN) IpAddress->v4.Addr[0],\r
      (UINTN) IpAddress->v4.Addr[1],\r
      (UINTN) IpAddress->v4.Addr[2],\r
      (UINTN) IpAddress->v4.Addr[3]\r
      );\r
  }\r
\r
  if (IP_VERSION_6 == GetVerFromIpAddr (IpAddress)) {\r
    Print (\r
      L"%x:%x:%x:%x:%x:%x:%x:%x",\r
      (((UINT16) IpAddress->v6.Addr[0]) << 8) | ((UINT16) IpAddress->v6.Addr[1]),\r
      (((UINT16) IpAddress->v6.Addr[2]) << 8) | ((UINT16) IpAddress->v6.Addr[3]),\r
      (((UINT16) IpAddress->v6.Addr[4]) << 8) | ((UINT16) IpAddress->v6.Addr[5]),\r
      (((UINT16) IpAddress->v6.Addr[6]) << 8) | ((UINT16) IpAddress->v6.Addr[7]),\r
      (((UINT16) IpAddress->v6.Addr[8]) << 8) | ((UINT16) IpAddress->v6.Addr[9]),\r
      (((UINT16) IpAddress->v6.Addr[10]) << 8) | ((UINT16) IpAddress->v6.Addr[11]),\r
      (((UINT16) IpAddress->v6.Addr[12]) << 8) | ((UINT16) IpAddress->v6.Addr[13]),\r
      (((UINT16) IpAddress->v6.Addr[14]) << 8) | ((UINT16) IpAddress->v6.Addr[15])\r
      );\r
  }\r
\r
}\r
\r
/**\r
  Private function called to print EFI_IPSEC_SPD_SELECTOR content.\r
\r
  @param[in] Selector    The pointer to the EFI_IPSEC_SPD_SELECTOR structure.\r
**/\r
VOID\r
DumpSpdSelector (\r
  IN EFI_IPSEC_SPD_SELECTOR    *Selector\r
  )\r
{\r
  UINT32    Index;\r
  CHAR16    *Str;\r
\r
  for (Index = 0; Index < Selector->LocalAddressCount; Index++) {\r
    if (Index > 0) {\r
      Print (L",");\r
    }\r
\r
    DumpAddressInfo (&Selector->LocalAddress[Index]);\r
  }\r
\r
  if (Index == 0) {\r
    Print (L"localhost");\r
  }\r
\r
  Print (L" -> ");\r
\r
  for (Index = 0; Index < Selector->RemoteAddressCount; Index++) {\r
    if (Index > 0) {\r
      Print (L",");\r
    }\r
\r
    DumpAddressInfo (&Selector->RemoteAddress[Index]);\r
  }\r
\r
  Str = MapIntegerToString (Selector->NextLayerProtocol, mMapIpProtocol);\r
  if (Str != NULL) {\r
    Print (L" %s", Str);\r
  } else {\r
    Print (L" proto:%d", (UINTN) Selector->NextLayerProtocol);\r
  }\r
\r
  if ((Selector->NextLayerProtocol == EFI_IP4_PROTO_TCP) || (Selector->NextLayerProtocol == EFI_IP4_PROTO_UDP)) {\r
    Print (L" port:");\r
    if (Selector->LocalPort != EFI_IPSEC_ANY_PORT) {\r
      Print (L"%d", Selector->LocalPort);\r
      if (Selector->LocalPortRange != 0) {\r
        Print (L"~%d", (UINTN) Selector->LocalPort + Selector->LocalPortRange);\r
      }\r
    } else {\r
      Print (L"any");\r
    }\r
\r
    Print (L" -> ");\r
    if (Selector->RemotePort != EFI_IPSEC_ANY_PORT) {\r
      Print (L"%d", Selector->RemotePort);\r
      if (Selector->RemotePortRange != 0) {\r
        Print (L"~%d", (UINTN) Selector->RemotePort + Selector->RemotePortRange);\r
      }\r
    } else {\r
      Print (L"any");\r
    }\r
  } else if (Selector->NextLayerProtocol == EFI_IP4_PROTO_ICMP) {\r
    Print (L" class/code:");\r
    if (Selector->LocalPort != 0) {\r
      Print (L"%d", (UINTN) (UINT8) Selector->LocalPort);\r
    } else {\r
      Print (L"any");\r
    }\r
\r
    Print (L"/");\r
    if (Selector->RemotePort != 0) {\r
      Print (L"%d", (UINTN) (UINT8) Selector->RemotePort);\r
    } else {\r
      Print (L"any");\r
    }\r
  }\r
}\r
\r
/**\r
  Print EFI_IPSEC_SPD_SELECTOR and EFI_IPSEC_SPD_DATA content.\r
\r
  @param[in] Selector      The pointer to the EFI_IPSEC_SPD_SELECTOR structure.\r
  @param[in] Data          The pointer to the EFI_IPSEC_SPD_DATA structure.\r
  @param[in] EntryIndex    The pointer to the Index in SPD Database.\r
\r
  @retval EFI_SUCCESS    Dump SPD information successfully.\r
**/\r
EFI_STATUS\r
DumpSpdEntry (\r
  IN EFI_IPSEC_SPD_SELECTOR    *Selector,\r
  IN EFI_IPSEC_SPD_DATA        *Data,\r
  IN UINTN                     *EntryIndex\r
  )\r
{\r
  BOOLEAN    HasPre;\r
  CHAR16     DataName[128];\r
  CHAR16     *String1;\r
  CHAR16     *String2;\r
  CHAR16     *String3;\r
  UINT8      Index;\r
\r
  Print (L"%d.", (*EntryIndex)++);\r
\r
  //\r
  // xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400\r
  // Protect  PF:0x34323423 Name:First Entry\r
  // ext-sequence sequence-overflow fragcheck life:[B0,S1024,H3600]\r
  // ESP algo1 algo2 Tunnel [xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx set]\r
  //\r
\r
  DumpSpdSelector (Selector);\r
  Print (L"\n  ");\r
\r
  Print (L"%s ", MapIntegerToString (Data->Action, mMapIpSecAction));\r
  Print (L"PF:%08x ", Data->PackageFlag);\r
\r
  Index = 0;\r
  while (Data->Name[Index] != 0) {\r
    DataName[Index] = (CHAR16) Data->Name[Index];\r
    Index++;\r
    ASSERT (Index < 128);\r
  }\r
  DataName[Index] = L'\0';\r
\r
  Print (L"Name:%s", DataName);\r
\r
  if (Data->Action == EfiIPsecActionProtect) {\r
    Print (L"\n  ");\r
    if (Data->ProcessingPolicy->ExtSeqNum) {\r
      Print (L"ext-sequence ");\r
    }\r
\r
    if (Data->ProcessingPolicy->SeqOverflow) {\r
      Print (L"sequence-overflow ");\r
    }\r
\r
    if (Data->ProcessingPolicy->FragCheck) {\r
      Print (L"fragment-check ");\r
    }\r
\r
    HasPre = FALSE;\r
    if (Data->ProcessingPolicy->SaLifetime.ByteCount != 0) {\r
      Print (HasPre ? L"," : L"life:[");\r
      Print (L"%lxB", Data->ProcessingPolicy->SaLifetime.ByteCount);\r
      HasPre = TRUE;\r
    }\r
\r
    if (Data->ProcessingPolicy->SaLifetime.SoftLifetime != 0) {\r
      Print (HasPre ? L"," : L"life:[");\r
      Print (L"%lxs", Data->ProcessingPolicy->SaLifetime.SoftLifetime);\r
      HasPre = TRUE;\r
    }\r
\r
    if (Data->ProcessingPolicy->SaLifetime.HardLifetime != 0) {\r
      Print (HasPre ? L"," : L"life:[");\r
      Print (L"%lxS", Data->ProcessingPolicy->SaLifetime.HardLifetime);\r
      HasPre = TRUE;\r
    }\r
\r
    if (HasPre) {\r
      Print (L"]");\r
    }\r
\r
    if (HasPre || Data->ProcessingPolicy->ExtSeqNum ||\r
        Data->ProcessingPolicy->SeqOverflow || Data->ProcessingPolicy->FragCheck) {\r
      Print (L"\n  ");\r
    }\r
\r
    String1 = MapIntegerToString (Data->ProcessingPolicy->Proto, mMapIpSecProtocol);\r
    String2 = MapIntegerToString (Data->ProcessingPolicy->AuthAlgoId, mMapAuthAlgo);\r
    String3 = MapIntegerToString (Data->ProcessingPolicy->EncAlgoId, mMapEncAlgo);\r
    Print (\r
      L"%s Auth:%s Encrypt:%s ",\r
      String1,\r
      String2,\r
      String3\r
      );\r
\r
    Print (L"%s ", MapIntegerToString (Data->ProcessingPolicy->Mode, mMapIpSecMode));\r
    if (Data->ProcessingPolicy->Mode == EfiIPsecTunnel) {\r
      Print (L"[");\r
      DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->LocalTunnelAddress);\r
      Print (L" -> ");\r
      DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->RemoteTunnelAddress);\r
      Print (L" %s]", MapIntegerToString (Data->ProcessingPolicy->TunnelOption->DF, mMapDfOption));\r
    }\r
  }\r
\r
  Print (L"\n");\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Print EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA content.\r
\r
  @param[in] SaId          The pointer to the EFI_IPSEC_SA_ID structure.\r
  @param[in] Data          The pointer to the EFI_IPSEC_SA_DATA structure.\r
  @param[in] EntryIndex    The pointer to the Index in the SAD Database.\r
\r
  @retval EFI_SUCCESS    Dump SAD information successfully.\r
**/\r
EFI_STATUS\r
DumpSadEntry (\r
  IN EFI_IPSEC_SA_ID      *SaId,\r
  IN EFI_IPSEC_SA_DATA    *Data,\r
  IN UINTN                *EntryIndex\r
  )\r
{\r
  BOOLEAN    HasPre;\r
  CHAR16     *String1;\r
  CHAR16     *String2;\r
\r
  //\r
  // SPI:1234 ESP Destination:xxx.xxx.xxx.xxx\r
  //  Mode:Transport SeqNum:134 AntiReplayWin:64 life:[0B,1023s,3400S] PathMTU:34\r
  //  Auth:xxxx/password Encrypt:yyyy/password\r
  //  xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400\r
  //\r
\r
  Print (L"%d.", (*EntryIndex)++);\r
  Print (L"0x%x %s ", (UINTN) SaId->Spi, MapIntegerToString (SaId->Proto, mMapIpSecProtocol));\r
  Print (L"Destination:");\r
  DumpIpAddress (&SaId->DestAddress);\r
  Print (L"\n");\r
\r
  Print (\r
    L"  Mode:%s SeqNum:%lx AntiReplayWin:%d ",\r
    MapIntegerToString (Data->Mode, mMapIpSecMode),\r
    Data->SNCount,\r
    (UINTN) Data->AntiReplayWindows\r
    );\r
\r
  HasPre = FALSE;\r
  if (Data->SaLifetime.ByteCount != 0) {\r
    Print (HasPre ? L"," : L"life:[");\r
    Print (L"%lxB", Data->SaLifetime.ByteCount);\r
    HasPre = TRUE;\r
  }\r
\r
  if (Data->SaLifetime.SoftLifetime != 0) {\r
    Print (HasPre ? L"," : L"life:[");\r
    Print (L"%lxs", Data->SaLifetime.SoftLifetime);\r
    HasPre = TRUE;\r
  }\r
\r
  if (Data->SaLifetime.HardLifetime != 0) {\r
    Print (HasPre ? L"," : L"life:[");\r
    Print (L"%lxS", Data->SaLifetime.HardLifetime);\r
    HasPre = TRUE;\r
  }\r
\r
  if (HasPre) {\r
    Print (L"] ");\r
  }\r
\r
  Print (L"PathMTU:%d\n", (UINTN) Data->PathMTU);\r
\r
  if (SaId->Proto == EfiIPsecAH) {\r
    Print (\r
      L"  Auth:%s/%s\n",\r
      MapIntegerToString (Data->AlgoInfo.AhAlgoInfo.AuthAlgoId, mMapAuthAlgo),\r
      Data->AlgoInfo.AhAlgoInfo.AuthKey\r
      );\r
  } else {\r
    String1 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.AuthAlgoId, mMapAuthAlgo);\r
    String2 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.EncAlgoId, mMapEncAlgo);\r
    Print (\r
      L"  Auth:%s/%s Encrypt:%s/%s\n",\r
      String1,\r
      Data->AlgoInfo.EspAlgoInfo.AuthKey,\r
      String2,\r
      Data->AlgoInfo.EspAlgoInfo.EncKey\r
      );\r
  }\r
\r
  if (Data->SpdSelector != NULL) {\r
    Print (L"  ");\r
    DumpSpdSelector (Data->SpdSelector);\r
    Print (L"\n");\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Print EFI_IPSEC_PAD_ID and EFI_IPSEC_PAD_DATA content.\r
\r
  @param[in] PadId         The pointer to the EFI_IPSEC_PAD_ID structure.\r
  @param[in] Data          The pointer to the EFI_IPSEC_PAD_DATA structure.\r
  @param[in] EntryIndex    The pointer to the Index in the PAD Database.\r
\r
  @retval EFI_SUCCESS    Dump PAD information successfully.\r
**/\r
EFI_STATUS\r
DumpPadEntry (\r
  IN EFI_IPSEC_PAD_ID      *PadId,\r
  IN EFI_IPSEC_PAD_DATA    *Data,\r
  IN UINTN                 *EntryIndex\r
  )\r
{\r
  CHAR16    *String1;\r
  CHAR16    *String2;\r
\r
  //\r
  // ADDR:10.23.17.34/15\r
  // IDEv1 PreSharedSecret IKE-ID\r
  // password\r
  //\r
\r
  Print (L"%d.", (*EntryIndex)++);\r
\r
  if (PadId->PeerIdValid) {\r
    Print (L"ID:%s", PadId->Id.PeerId);\r
  } else {\r
    Print (L"ADDR:");\r
    DumpAddressInfo (&PadId->Id.IpAddress);\r
  }\r
\r
  Print (L"\n");\r
\r
  String1 = MapIntegerToString (Data->AuthProtocol, mMapAuthProto);\r
  String2 = MapIntegerToString (Data->AuthMethod, mMapAuthMethod);\r
  Print (\r
    L"  %s %s",\r
    String1,\r
    String2\r
    );\r
\r
  if (Data->IkeIdFlag) {\r
    Print (L"IKE-ID");\r
  }\r
\r
  Print (L"\n");\r
\r
  if (Data->AuthData != NULL) {\r
    DumpAsciiString (Data->AuthData, Data->AuthDataSize);\r
    Print (L"\n");\r
  }\r
\r
  if (Data->RevocationData != NULL) {\r
    Print (L"  %s\n", Data->RevocationData);\r
  }\r
\r
  return EFI_SUCCESS;\r
\r
}\r
\r
VISIT_POLICY_ENTRY  mDumpPolicyEntry[] = {\r
  (VISIT_POLICY_ENTRY) DumpSpdEntry,\r
  (VISIT_POLICY_ENTRY) DumpSadEntry,\r
  (VISIT_POLICY_ENTRY) DumpPadEntry\r
};\r
\r
/**\r
  Print all entry information in the database according to datatype.\r
\r
  @param[in] DataType        The value of EFI_IPSEC_CONFIG_DATA_TYPE.\r
  @param[in] ParamPackage    The pointer to the ParamPackage list.\r
\r
  @retval EFI_SUCCESS    Dump all information successfully.\r
  @retval Others         Some mistaken case.\r
**/\r
EFI_STATUS\r
ListPolicyEntry (\r
  IN EFI_IPSEC_CONFIG_DATA_TYPE    DataType,\r
  IN LIST_ENTRY                    *ParamPackage\r
  )\r
{\r
  UINTN  EntryIndex;\r
\r
  EntryIndex = 0;\r
  return ForeachPolicyEntry (DataType, mDumpPolicyEntry[DataType], &EntryIndex);\r
}\r
\r
Commit	Line	Data
a3bcde70 HT	1	/** @file\r
	2	The implementation of dump policy entry function in IpSecConfig application.\r
	3	\r
	4	Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
	5	\r
	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php.\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	\r
	16	#include "IpSecConfig.h"\r
	17	#include "Dump.h"\r
	18	#include "ForEach.h"\r
	19	#include "Helper.h"\r
	20	\r
	21	/**\r
	22	Private function called to get the version infomation from an EFI_IP_ADDRESS_INFO structure.\r
	23	\r
	24	@param[in] AddressInfo The pointer to the EFI_IP_ADDRESS_INFO structure.\r
	25	\r
	26	@return the value of version.\r
	27	**/\r
	28	UINTN\r
	29	GetVerFromAddrInfo (\r
	30	IN EFI_IP_ADDRESS_INFO *AddressInfo\r
	31	)\r
	32	{\r
	33	if((AddressInfo->PrefixLength <= 32) && (AddressInfo->Address.Addr[1] == 0) &&\r
	34	(AddressInfo->Address.Addr[2] == 0) && (AddressInfo->Address.Addr[3] == 0)) {\r
	35	return IP_VERSION_4;\r
	36	} else {\r
	37	return IP_VERSION_6;\r
	38	}\r
	39	}\r
	40	\r
	41	/**\r
	42	Private function called to get the version information from a EFI_IP_ADDRESS structure.\r
	43	\r
	44	@param[in] Address The pointer to the EFI_IP_ADDRESS structure.\r
	45	\r
	46	@return The value of the version.\r
	47	**/\r
	48	UINTN\r
	49	GetVerFromIpAddr (\r
	50	IN EFI_IP_ADDRESS *Address\r
	51	)\r
	52	{\r
	53	if ((Address->Addr[1] == 0) && (Address->Addr[2] == 0) && (Address->Addr[3] == 0)) {\r
	54	return IP_VERSION_4;\r
	55	} else {\r
	56	return IP_VERSION_6;\r
	57	}\r
	58	}\r
	59	\r
	60	/**\r
	61	Private function called to print an ASCII string in unicode char format.\r
	62	\r
	63	@param[in] Str The pointer to the ASCII string.\r
	64	@param[in] Length The value of the ASCII string length.\r
65	**/\r
66	VOID\r
67	DumpAsciiString (\r
68	IN CHAR8 *Str,\r
69	IN UINTN Length\r
70	)\r
71	{\r
72	UINTN Index;\r
73	for (Index = 0; Index < Length; Index++) {\r
74	Print (L"%c", (CHAR16) Str[Index]);\r
75	}\r
76	}\r
77	\r
78	/**\r
79	Private function called to print EFI_IP_ADDRESS_INFO content.\r
80	\r
81	@param[in] AddressInfo The pointer to the EFI_IP_ADDRESS_INFO structure.\r
82	**/\r
83	VOID\r
84	DumpAddressInfo (\r
85	IN EFI_IP_ADDRESS_INFO *AddressInfo\r
86	)\r
87	{\r
88	if (IP_VERSION_4 == GetVerFromAddrInfo (AddressInfo)) {\r
89	Print (\r
90	L"%d.%d.%d.%d",\r
91	(UINTN) AddressInfo->Address.v4.Addr[0],\r
92	(UINTN) AddressInfo->Address.v4.Addr[1],\r
93	(UINTN) AddressInfo->Address.v4.Addr[2],\r
94	(UINTN) AddressInfo->Address.v4.Addr[3]\r
95	);\r
96	if (AddressInfo->PrefixLength != 32) {\r
97	Print (L"/%d", (UINTN) AddressInfo->PrefixLength);\r
98	}\r
99	}\r
100	\r
101	if (IP_VERSION_6 == GetVerFromAddrInfo (AddressInfo)) {\r
102	Print (\r
103	L"%x:%x:%x:%x:%x:%x:%x:%x",\r
104	(((UINT16) AddressInfo->Address.v6.Addr[0]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[1]),\r
105	(((UINT16) AddressInfo->Address.v6.Addr[2]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[3]),\r
106	(((UINT16) AddressInfo->Address.v6.Addr[4]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[5]),\r
107	(((UINT16) AddressInfo->Address.v6.Addr[6]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[7]),\r
108	(((UINT16) AddressInfo->Address.v6.Addr[8]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[9]),\r
109	(((UINT16) AddressInfo->Address.v6.Addr[10]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[11]),\r
110	(((UINT16) AddressInfo->Address.v6.Addr[12]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[13]),\r
111	(((UINT16) AddressInfo->Address.v6.Addr[14]) << 8) \| ((UINT16) AddressInfo->Address.v6.Addr[15])\r
112	);\r
113	if (AddressInfo->PrefixLength != 128) {\r
114	Print (L"/%d", AddressInfo->PrefixLength);\r
115	}\r
116	}\r
117	}\r
118	\r
119	/**\r
120	Private function called to print EFI_IP_ADDRESS content.\r
121	\r
122	@param[in] IpAddress The pointer to the EFI_IP_ADDRESS structure.\r
123	**/\r
124	VOID\r
125	DumpIpAddress (\r
126	IN EFI_IP_ADDRESS *IpAddress\r
127	)\r
128	{\r
129	if (IP_VERSION_4 == GetVerFromIpAddr (IpAddress)) {\r
130	Print (\r
131	L"%d.%d.%d.%d",\r
132	(UINTN) IpAddress->v4.Addr[0],\r
133	(UINTN) IpAddress->v4.Addr[1],\r
134	(UINTN) IpAddress->v4.Addr[2],\r
135	(UINTN) IpAddress->v4.Addr[3]\r
136	);\r
137	}\r
138	\r
139	if (IP_VERSION_6 == GetVerFromIpAddr (IpAddress)) {\r
140	Print (\r
141	L"%x:%x:%x:%x:%x:%x:%x:%x",\r
142	(((UINT16) IpAddress->v6.Addr[0]) << 8) \| ((UINT16) IpAddress->v6.Addr[1]),\r
143	(((UINT16) IpAddress->v6.Addr[2]) << 8) \| ((UINT16) IpAddress->v6.Addr[3]),\r
144	(((UINT16) IpAddress->v6.Addr[4]) << 8) \| ((UINT16) IpAddress->v6.Addr[5]),\r
145	(((UINT16) IpAddress->v6.Addr[6]) << 8) \| ((UINT16) IpAddress->v6.Addr[7]),\r
146	(((UINT16) IpAddress->v6.Addr[8]) << 8) \| ((UINT16) IpAddress->v6.Addr[9]),\r
147	(((UINT16) IpAddress->v6.Addr[10]) << 8) \| ((UINT16) IpAddress->v6.Addr[11]),\r
148	(((UINT16) IpAddress->v6.Addr[12]) << 8) \| ((UINT16) IpAddress->v6.Addr[13]),\r
149	(((UINT16) IpAddress->v6.Addr[14]) << 8) \| ((UINT16) IpAddress->v6.Addr[15])\r
150	);\r
151	}\r
152	\r
153	}\r
154	\r
155	/**\r
156	Private function called to print EFI_IPSEC_SPD_SELECTOR content.\r
157	\r
158	@param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.\r
159	**/\r
160	VOID\r
161	DumpSpdSelector (\r
162	IN EFI_IPSEC_SPD_SELECTOR *Selector\r
163	)\r
164	{\r
165	UINT32 Index;\r
166	CHAR16 *Str;\r
167	\r
168	for (Index = 0; Index < Selector->LocalAddressCount; Index++) {\r
169	if (Index > 0) {\r
170	Print (L",");\r
171	}\r
172	\r
173	DumpAddressInfo (&Selector->LocalAddress[Index]);\r
174	}\r
175	\r
176	if (Index == 0) {\r
177	Print (L"localhost");\r
178	}\r
179	\r
180	Print (L" -> ");\r
181	\r
182	for (Index = 0; Index < Selector->RemoteAddressCount; Index++) {\r
183	if (Index > 0) {\r
184	Print (L",");\r
185	}\r
186	\r
187	DumpAddressInfo (&Selector->RemoteAddress[Index]);\r
188	}\r
189	\r
190	Str = MapIntegerToString (Selector->NextLayerProtocol, mMapIpProtocol);\r
191	if (Str != NULL) {\r
192	Print (L" %s", Str);\r
193	} else {\r
194	Print (L" proto:%d", (UINTN) Selector->NextLayerProtocol);\r
195	}\r
196	\r
197	if ((Selector->NextLayerProtocol == EFI_IP4_PROTO_TCP) \|\| (Selector->NextLayerProtocol == EFI_IP4_PROTO_UDP)) {\r
198	Print (L" port:");\r
199	if (Selector->LocalPort != EFI_IPSEC_ANY_PORT) {\r
200	Print (L"%d", Selector->LocalPort);\r
201	if (Selector->LocalPortRange != 0) {\r
202	Print (L"~%d", (UINTN) Selector->LocalPort + Selector->LocalPortRange);\r
203	}\r
204	} else {\r
205	Print (L"any");\r
206	}\r
207	\r
208	Print (L" -> ");\r
209	if (Selector->RemotePort != EFI_IPSEC_ANY_PORT) {\r
210	Print (L"%d", Selector->RemotePort);\r
211	if (Selector->RemotePortRange != 0) {\r
212	Print (L"~%d", (UINTN) Selector->RemotePort + Selector->RemotePortRange);\r
213	}\r
214	} else {\r
215	Print (L"any");\r
216	}\r
217	} else if (Selector->NextLayerProtocol == EFI_IP4_PROTO_ICMP) {\r
218	Print (L" class/code:");\r
219	if (Selector->LocalPort != 0) {\r
220	Print (L"%d", (UINTN) (UINT8) Selector->LocalPort);\r
221	} else {\r
222	Print (L"any");\r
223	}\r
224	\r
225	Print (L"/");\r
226	if (Selector->RemotePort != 0) {\r
227	Print (L"%d", (UINTN) (UINT8) Selector->RemotePort);\r
228	} else {\r
229	Print (L"any");\r
230	}\r
231	}\r
232	}\r
233	\r
234	/**\r
235	Print EFI_IPSEC_SPD_SELECTOR and EFI_IPSEC_SPD_DATA content.\r
236	\r
237	@param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.\r
238	@param[in] Data The pointer to the EFI_IPSEC_SPD_DATA structure.\r
239	@param[in] EntryIndex The pointer to the Index in SPD Database.\r
240	\r
241	@retval EFI_SUCCESS Dump SPD information successfully.\r
242	**/\r
243	EFI_STATUS\r
244	DumpSpdEntry (\r
245	IN EFI_IPSEC_SPD_SELECTOR *Selector,\r
246	IN EFI_IPSEC_SPD_DATA *Data,\r
247	IN UINTN *EntryIndex\r
248	)\r
249	{\r
250	BOOLEAN HasPre;\r
251	CHAR16 DataName[128];\r
252	CHAR16 *String1;\r
253	CHAR16 *String2;\r
254	CHAR16 *String3;\r
255	UINT8 Index;\r
256	\r
257	Print (L"%d.", (*EntryIndex)++);\r
258	\r
259	//\r
260	// xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400\r
261	// Protect PF:0x34323423 Name:First Entry\r
262	// ext-sequence sequence-overflow fragcheck life:[B0,S1024,H3600]\r
263	// ESP algo1 algo2 Tunnel [xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx set]\r
264	//\r
265	\r
266	DumpSpdSelector (Selector);\r
267	Print (L"\n ");\r
268	\r
269	Print (L"%s ", MapIntegerToString (Data->Action, mMapIpSecAction));\r
270	Print (L"PF:%08x ", Data->PackageFlag);\r
271	\r
272	Index = 0;\r
273	while (Data->Name[Index] != 0) {\r
274	DataName[Index] = (CHAR16) Data->Name[Index];\r
275	Index++;\r
276	ASSERT (Index < 128);\r
277	}\r
278	DataName[Index] = L'\0';\r
279	\r
280	Print (L"Name:%s", DataName);\r
281	\r
282	if (Data->Action == EfiIPsecActionProtect) {\r
283	Print (L"\n ");\r
284	if (Data->ProcessingPolicy->ExtSeqNum) {\r
285	Print (L"ext-sequence ");\r
286	}\r
287	\r
288	if (Data->ProcessingPolicy->SeqOverflow) {\r
289	Print (L"sequence-overflow ");\r
290	}\r
291	\r
292	if (Data->ProcessingPolicy->FragCheck) {\r
293	Print (L"fragment-check ");\r
294	}\r
295	\r
296	HasPre = FALSE;\r
297	if (Data->ProcessingPolicy->SaLifetime.ByteCount != 0) {\r
298	Print (HasPre ? L"," : L"life:[");\r
299	Print (L"%lxB", Data->ProcessingPolicy->SaLifetime.ByteCount);\r
300	HasPre = TRUE;\r
301	}\r
302	\r
303	if (Data->ProcessingPolicy->SaLifetime.SoftLifetime != 0) {\r
304	Print (HasPre ? L"," : L"life:[");\r
305	Print (L"%lxs", Data->ProcessingPolicy->SaLifetime.SoftLifetime);\r
306	HasPre = TRUE;\r
307	}\r
308	\r
309	if (Data->ProcessingPolicy->SaLifetime.HardLifetime != 0) {\r
310	Print (HasPre ? L"," : L"life:[");\r
311	Print (L"%lxS", Data->ProcessingPolicy->SaLifetime.HardLifetime);\r
312	HasPre = TRUE;\r
313	}\r
314	\r
315	if (HasPre) {\r
316	Print (L"]");\r
317	}\r
318	\r
319	if (HasPre \|\| Data->ProcessingPolicy->ExtSeqNum \|\|\r
320	Data->ProcessingPolicy->SeqOverflow \|\| Data->ProcessingPolicy->FragCheck) {\r
321	Print (L"\n ");\r
322	}\r
323	\r
324	String1 = MapIntegerToString (Data->ProcessingPolicy->Proto, mMapIpSecProtocol);\r
325	String2 = MapIntegerToString (Data->ProcessingPolicy->AuthAlgoId, mMapAuthAlgo);\r
326	String3 = MapIntegerToString (Data->ProcessingPolicy->EncAlgoId, mMapEncAlgo);\r
327	Print (\r
328	L"%s Auth:%s Encrypt:%s ",\r
329	String1,\r
330	String2,\r
331	String3\r
332	);\r
333	\r
334	Print (L"%s ", MapIntegerToString (Data->ProcessingPolicy->Mode, mMapIpSecMode));\r
335	if (Data->ProcessingPolicy->Mode == EfiIPsecTunnel) {\r
336	Print (L"[");\r
337	DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->LocalTunnelAddress);\r
338	Print (L" -> ");\r
339	DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->RemoteTunnelAddress);\r
340	Print (L" %s]", MapIntegerToString (Data->ProcessingPolicy->TunnelOption->DF, mMapDfOption));\r
341	}\r
342	}\r
343	\r
344	Print (L"\n");\r
345	\r
346	return EFI_SUCCESS;\r
347	}\r
348	\r
349	/**\r
350	Print EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA content.\r
351	\r
352	@param[in] SaId The pointer to the EFI_IPSEC_SA_ID structure.\r
353	@param[in] Data The pointer to the EFI_IPSEC_SA_DATA structure.\r
354	@param[in] EntryIndex The pointer to the Index in the SAD Database.\r
355	\r
356	@retval EFI_SUCCESS Dump SAD information successfully.\r
357	**/\r
358	EFI_STATUS\r
359	DumpSadEntry (\r
360	IN EFI_IPSEC_SA_ID *SaId,\r
361	IN EFI_IPSEC_SA_DATA *Data,\r
362	IN UINTN *EntryIndex\r
363	)\r
364	{\r
365	BOOLEAN HasPre;\r
366	CHAR16 *String1;\r
367	CHAR16 *String2;\r
368	\r
369	//\r
370	// SPI:1234 ESP Destination:xxx.xxx.xxx.xxx\r
371	// Mode:Transport SeqNum:134 AntiReplayWin:64 life:[0B,1023s,3400S] PathMTU:34\r
372	// Auth:xxxx/password Encrypt:yyyy/password\r
373	// xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400\r
374	//\r
375	\r
376	Print (L"%d.", (*EntryIndex)++);\r
377	Print (L"0x%x %s ", (UINTN) SaId->Spi, MapIntegerToString (SaId->Proto, mMapIpSecProtocol));\r
378	Print (L"Destination:");\r
379	DumpIpAddress (&SaId->DestAddress);\r
380	Print (L"\n");\r
381	\r
382	Print (\r
383	L" Mode:%s SeqNum:%lx AntiReplayWin:%d ",\r
384	MapIntegerToString (Data->Mode, mMapIpSecMode),\r
385	Data->SNCount,\r
386	(UINTN) Data->AntiReplayWindows\r
387	);\r
388	\r
389	HasPre = FALSE;\r
390	if (Data->SaLifetime.ByteCount != 0) {\r
391	Print (HasPre ? L"," : L"life:[");\r
392	Print (L"%lxB", Data->SaLifetime.ByteCount);\r
393	HasPre = TRUE;\r
394	}\r
395	\r
396	if (Data->SaLifetime.SoftLifetime != 0) {\r
397	Print (HasPre ? L"," : L"life:[");\r
398	Print (L"%lxs", Data->SaLifetime.SoftLifetime);\r
399	HasPre = TRUE;\r
400	}\r
401	\r
402	if (Data->SaLifetime.HardLifetime != 0) {\r
403	Print (HasPre ? L"," : L"life:[");\r
404	Print (L"%lxS", Data->SaLifetime.HardLifetime);\r
405	HasPre = TRUE;\r
406	}\r
407	\r
408	if (HasPre) {\r
409	Print (L"] ");\r
410	}\r
411	\r
412	Print (L"PathMTU:%d\n", (UINTN) Data->PathMTU);\r
413	\r
414	if (SaId->Proto == EfiIPsecAH) {\r
415	Print (\r
416	L" Auth:%s/%s\n",\r
417	MapIntegerToString (Data->AlgoInfo.AhAlgoInfo.AuthAlgoId, mMapAuthAlgo),\r
418	Data->AlgoInfo.AhAlgoInfo.AuthKey\r
419	);\r
420	} else {\r
421	String1 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.AuthAlgoId, mMapAuthAlgo);\r
422	String2 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.EncAlgoId, mMapEncAlgo);\r
423	Print (\r
424	L" Auth:%s/%s Encrypt:%s/%s\n",\r
425	String1,\r
426	Data->AlgoInfo.EspAlgoInfo.AuthKey,\r
427	String2,\r
428	Data->AlgoInfo.EspAlgoInfo.EncKey\r
429	);\r
430	}\r
431	\r
432	if (Data->SpdSelector != NULL) {\r
433	Print (L" ");\r
434	DumpSpdSelector (Data->SpdSelector);\r
435	Print (L"\n");\r
436	}\r
437	\r
438	return EFI_SUCCESS;\r
439	}\r
440	\r
441	/**\r
442	Print EFI_IPSEC_PAD_ID and EFI_IPSEC_PAD_DATA content.\r
443	\r
444	@param[in] PadId The pointer to the EFI_IPSEC_PAD_ID structure.\r
445	@param[in] Data The pointer to the EFI_IPSEC_PAD_DATA structure.\r
446	@param[in] EntryIndex The pointer to the Index in the PAD Database.\r
447	\r
448	@retval EFI_SUCCESS Dump PAD information successfully.\r
449	**/\r
450	EFI_STATUS\r
451	DumpPadEntry (\r
452	IN EFI_IPSEC_PAD_ID *PadId,\r
453	IN EFI_IPSEC_PAD_DATA *Data,\r
454	IN UINTN *EntryIndex\r
455	)\r
456	{\r
457	CHAR16 *String1;\r
458	CHAR16 *String2;\r
459	\r
460	//\r
461	// ADDR:10.23.17.34/15\r
462	// IDEv1 PreSharedSecret IKE-ID\r
463	// password\r
464	//\r
465	\r
466	Print (L"%d.", (*EntryIndex)++);\r
467	\r
468	if (PadId->PeerIdValid) {\r
469	Print (L"ID:%s", PadId->Id.PeerId);\r
470	} else {\r
471	Print (L"ADDR:");\r
472	DumpAddressInfo (&PadId->Id.IpAddress);\r
473	}\r
474	\r
475	Print (L"\n");\r
476	\r
477	String1 = MapIntegerToString (Data->AuthProtocol, mMapAuthProto);\r
478	String2 = MapIntegerToString (Data->AuthMethod, mMapAuthMethod);\r
479	Print (\r
480	L" %s %s",\r
481	String1,\r
482	String2\r
483	);\r
484	\r
485	if (Data->IkeIdFlag) {\r
486	Print (L"IKE-ID");\r
487	}\r
488	\r
489	Print (L"\n");\r
490	\r
491	if (Data->AuthData != NULL) {\r
492	DumpAsciiString (Data->AuthData, Data->AuthDataSize);\r
493	Print (L"\n");\r
494	}\r
495	\r
496	if (Data->RevocationData != NULL) {\r
497	Print (L" %s\n", Data->RevocationData);\r
498	}\r
499	\r
500	return EFI_SUCCESS;\r
501	\r
502	}\r
503	\r
504	VISIT_POLICY_ENTRY mDumpPolicyEntry[] = {\r
505	(VISIT_POLICY_ENTRY) DumpSpdEntry,\r
506	(VISIT_POLICY_ENTRY) DumpSadEntry,\r
507	(VISIT_POLICY_ENTRY) DumpPadEntry\r
508	};\r
509	\r
510	/**\r
511	Print all entry information in the database according to datatype.\r
512	\r
513	@param[in] DataType The value of EFI_IPSEC_CONFIG_DATA_TYPE.\r
514	@param[in] ParamPackage The pointer to the ParamPackage list.\r
515	\r
516	@retval EFI_SUCCESS Dump all information successfully.\r
517	@retval Others Some mistaken case.\r
518	**/\r
519	EFI_STATUS\r
520	ListPolicyEntry (\r
521	IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
522	IN LIST_ENTRY *ParamPackage\r
523	)\r
524	{\r
525	UINTN EntryIndex;\r
526	\r
527	EntryIndex = 0;\r
528	return ForeachPolicyEntry (DataType, mDumpPolicyEntry[DataType], &EntryIndex);\r
529	}\r
530	\r