projects / mirror_edk2.git / blame
| Commit | Line | Data |
|---|---|---|
| 9166f840 | 1 | /** @file\r |
| 2 | Common operation of the IKE.\r | |
| 3 | \r | |
| f75a7f56 | 4 | Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r |
| 9166f840 | 5 | \r |
| 6 | This program and the accompanying materials\r | |
| 7 | are licensed and made available under the terms and conditions of the BSD License\r | |
| 8 | which accompanies this distribution. The full text of the license may be found at\r | |
| 9 | http://opensource.org/licenses/bsd-license.php.\r | |
| 10 | \r | |
| 11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
| 12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
| 13 | \r | |
| 14 | **/\r | |
| 15 | \r | |
| 16 | #ifndef _IKE_COMMON_H_\r | |
| 17 | #define _IKE_COMMON_H_\r | |
| 18 | \r | |
| 19 | #include <Protocol/Udp4.h>\r | |
| 20 | #include <Protocol/Udp6.h>\r | |
| 39561686 | 21 | #include <Protocol/Ip4Config2.h>\r |
| f75a7f56 | 22 | \r |
| 9166f840 | 23 | #include <Library/BaseLib.h>\r |
| 24 | #include <Library/BaseMemoryLib.h>\r | |
| 25 | #include <Library/MemoryAllocationLib.h>\r | |
| 26 | #include <Library/UefiRuntimeServicesTableLib.h>\r | |
| 27 | #include <Library/UefiBootServicesTableLib.h>\r | |
| 28 | #include <Library/DebugLib.h>\r | |
| 29 | #include <Library/UdpIoLib.h>\r | |
| 30 | #include <Library/BaseCryptLib.h>\r | |
| 31 | \r | |
| 32 | #include "Ikev2/Ikev2.h"\r | |
| 33 | #include "IpSecImpl.h"\r | |
| 34 | #include "IkePacket.h"\r | |
| 35 | #include "IpSecCryptIo.h"\r | |
| 36 | \r | |
| 37 | \r | |
| 38 | #define IKE_DEFAULT_PORT 500\r | |
| 39 | #define IKE_DEFAULT_TIMEOUT_INTERVAL 10000 // 10s\r | |
| 40 | #define IKE_NONCE_SIZE 16\r | |
| 41 | #define IKE_MAX_RETRY 4\r | |
| 96c13c01 | 42 | #define IKE_SPI_BASE 0x100\r |
| 9166f840 | 43 | #define IKE_PAYLOAD_SIGNATURE SIGNATURE_32('I','K','E','P')\r |
| 44 | #define IKE_PAYLOAD_BY_PACKET(a) CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)\r | |
| 45 | \r | |
| 46 | \r | |
| 47 | #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload) \\r | |
| 48 | do { \\r | |
| 49 | InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \\r | |
| 50 | } while (0)\r | |
| 51 | \r | |
| 52 | #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload) \\r | |
| 53 | do { \\r | |
| 54 | RemoveEntryList(&(IkePayload)->ByPacket); \\r | |
| 55 | } while (0)\r | |
| 56 | \r | |
| 57 | #define IKE_PACKET_END_PAYLOAD(IkePacket, Node) \\r | |
| 58 | Node = GetFirstNode (&(IkePacket)->PayloadList); \\r | |
| 59 | while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) { \\r | |
| 60 | Node = GetNextNode (&(IkePacket)->PayloadList, Node); \\r | |
| 61 | } \\r | |
| 62 | \r | |
| 63 | /**\r | |
| 64 | Call Crypto Lib to generate a random value with eight-octet length.\r | |
| f75a7f56 | 65 | \r |
| 9166f840 | 66 | @return the 64 byte vaule.\r |
| 67 | \r | |
| 68 | **/\r | |
| 69 | UINT64\r | |
| 70 | IkeGenerateCookie (\r | |
| 71 | VOID\r | |
| 72 | );\r | |
| 73 | \r | |
| 74 | /**\r | |
| 75 | Generate the random data for Nonce payload.\r | |
| 76 | \r | |
| 77 | @param[in] NonceSize Size of the data in bytes.\r | |
| f75a7f56 LG |
78 | \r |
| 79 | @return Buffer which contains the random data of the spcified size.\r | |
| 9166f840 | 80 | \r |
| 81 | **/\r | |
| 82 | UINT8 *\r | |
| 83 | IkeGenerateNonce (\r | |
| 84 | IN UINTN NonceSize\r | |
| 85 | );\r | |
| 86 | \r | |
| 87 | /**\r | |
| 88 | Convert the IKE Header from Network order to Host order.\r | |
| 89 | \r | |
| 90 | @param[in, out] Header The pointer of the IKE_HEADER.\r | |
| 91 | \r | |
| 92 | **/\r | |
| 93 | VOID\r | |
| 94 | IkeHdrNetToHost (\r | |
| 95 | IN OUT IKE_HEADER *Header\r | |
| 96 | );\r | |
| 97 | \r | |
| 98 | \r | |
| 99 | /**\r | |
| 100 | Convert the IKE Header from Host order to Network order.\r | |
| 101 | \r | |
| 102 | @param[in, out] Header The pointer of the IKE_HEADER.\r | |
| 103 | \r | |
| 104 | **/\r | |
| 105 | VOID\r | |
| 106 | IkeHdrHostToNet (\r | |
| 107 | IN OUT IKE_HEADER *Header\r | |
| 108 | );\r | |
| 109 | \r | |
| 110 | /**\r | |
| 111 | Allocate a buffer of IKE_PAYLOAD and set its Signature.\r | |
| 112 | \r | |
| 113 | @return A buffer of IKE_PAYLOAD.\r | |
| 114 | \r | |
| 115 | **/\r | |
| 116 | IKE_PAYLOAD *\r | |
| 117 | IkePayloadAlloc (\r | |
| 118 | VOID\r | |
| 119 | );\r | |
| 120 | \r | |
| 121 | /**\r | |
| 122 | Free a specified IKE_PAYLOAD buffer.\r | |
| 123 | \r | |
| 124 | @param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.\r | |
| 125 | \r | |
| 126 | **/\r | |
| 127 | VOID\r | |
| 128 | IkePayloadFree (\r | |
| 129 | IN IKE_PAYLOAD *IkePayload\r | |
| 130 | );\r | |
| 131 | \r | |
| 132 | /**\r | |
| 96c13c01 | 133 | Generate an new SPI.\r |
| f75a7f56 LG |
134 | \r |
| 135 | @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to this Child SA\r | |
| 55d05ae1 | 136 | Session.\r |
| f75a7f56 LG |
137 | @param[in, out] SpiValue Pointer to the new generated SPI value.\r |
| 138 | \r | |
| 96c13c01 JW |
139 | @retval EFI_SUCCESS The operation performs successfully.\r |
| 140 | @retval Otherwise The operation is failed.\r | |
| 9166f840 | 141 | \r |
| 142 | **/\r | |
| 96c13c01 | 143 | EFI_STATUS\r |
| 9166f840 | 144 | IkeGenerateSpi (\r |
| 55d05ae1 JW |
145 | IN IKEV2_SA_SESSION *IkeSaSession,\r |
| 146 | IN OUT UINT32 *SpiValue\r | |
| 9166f840 | 147 | );\r |
| 148 | \r | |
| 149 | /**\r | |
| 150 | Generate a random data for IV\r | |
| 151 | \r | |
| 152 | @param[in] IvBuffer The pointer of the IV buffer.\r | |
| 153 | @param[in] IvSize The IV size.\r | |
| 154 | \r | |
| 155 | @retval EFI_SUCCESS Create a random data for IV.\r | |
| 156 | @retval otherwise Failed.\r | |
| 157 | \r | |
| 158 | **/\r | |
| 159 | EFI_STATUS\r | |
| 160 | IkeGenerateIv (\r | |
| 161 | IN UINT8 *IvBuffer,\r | |
| 162 | IN UINTN IvSize\r | |
| 163 | );\r | |
| 164 | \r | |
| 165 | /**\r | |
| 166 | Get the IKE Version from the IKE_SA_SESSION.\r | |
| 167 | \r | |
| 168 | @param[in] Session Pointer of the IKE_SA_SESSION.\r | |
| 169 | \r | |
| 170 | **/\r | |
| 171 | UINT8\r | |
| 172 | IkeGetVersionFromSession (\r | |
| 173 | IN UINT8 *Session\r | |
| 174 | );\r | |
| 175 | \r | |
| 44de1013 HT |
176 | /**\r |
| 177 | Find SPD entry by a specified SPD selector.\r | |
| 178 | \r | |
| 9166f840 | 179 | @param[in] SpdSel Point to SPD Selector to be searched for.\r |
| 44de1013 HT |
180 | \r |
| 181 | @retval Point to Spd Entry if the SPD entry found.\r | |
| 182 | @retval NULL if not found.\r | |
| 183 | \r | |
| 184 | **/\r | |
| 185 | IPSEC_SPD_ENTRY *\r | |
| 9166f840 | 186 | IkeSearchSpdEntry (\r |
| 44de1013 | 187 | IN EFI_IPSEC_SPD_SELECTOR *SpdSel\r |
| 9166f840 | 188 | );\r |
| 189 | \r | |
| 9166f840 | 190 | extern MODP_GROUP OakleyModpGroup[];\r |
| 191 | extern IKE_ALG_GUID_INFO mIPsecEncrAlgInfo[];\r | |
| 192 | extern IKE_ALG_GUID_INFO mIPsecAuthAlgInfo[];\r | |
| 193 | \r | |
| 194 | #endif\r | |
| 195 | \r |