[mirror_edk2.git] / NetworkPkg / IpSecDxe / IkeCommon.h

/** @file\r
  Common operation of the IKE.\r
\r
  Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
\r
  This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php.\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#ifndef _IKE_COMMON_H_\r
#define _IKE_COMMON_H_\r
\r
#include <Protocol/Udp4.h>\r
#include <Protocol/Udp6.h>\r
#include <Protocol/Ip4Config.h>\r
 \r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/UdpIoLib.h>\r
#include <Library/BaseCryptLib.h>\r
\r
#include "Ikev2/Ikev2.h"\r
#include "IpSecImpl.h"\r
#include "IkePacket.h"\r
#include "IpSecCryptIo.h"\r
\r
\r
#define IKE_DEFAULT_PORT              500\r
#define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s\r
#define IKE_NONCE_SIZE                16\r
#define IKE_MAX_RETRY                 4\r
#define IKE_SPI_BASE                  0x10000\r
#define PRF_HMAC_SHA1_GUID            &gEfiCryptAlgorithmSha1Guid\r
#define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')\r
#define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)\r
\r
\r
#define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \\r
  do {                                                                  \\r
    InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \\r
  } while (0)\r
\r
#define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \\r
  do {                                                                  \\r
    RemoveEntryList(&(IkePayload)->ByPacket);                           \\r
  } while (0)\r
\r
#define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \\r
  Node = GetFirstNode (&(IkePacket)->PayloadList);                      \\r
  while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \\r
    Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \\r
  }                                                                     \\r
\r
/**\r
  Call Crypto Lib to generate a random value with eight-octet length.\r
  \r
  @return the 64 byte vaule.\r
\r
**/\r
UINT64\r
IkeGenerateCookie (\r
  VOID\r
  );\r
\r
/**\r
  Generate the random data for Nonce payload.\r
\r
  @param[in]  NonceSize      Size of the data in bytes.\r
  \r
  @return Buffer which contains the random data of the spcified size. \r
\r
**/\r
UINT8 *\r
IkeGenerateNonce (\r
  IN UINTN              NonceSize\r
  );\r
\r
/**\r
  Convert the IKE Header from Network order to Host order.\r
\r
  @param[in, out]  Header    The pointer of the IKE_HEADER.\r
\r
**/\r
VOID\r
IkeHdrNetToHost (\r
  IN OUT IKE_HEADER *Header\r
  );\r
\r
\r
/**\r
  Convert the IKE Header from Host order to Network order.\r
\r
  @param[in, out] Header     The pointer of the IKE_HEADER.\r
\r
**/\r
VOID\r
IkeHdrHostToNet (\r
  IN OUT IKE_HEADER *Header\r
  );\r
\r
/**\r
  Allocate a buffer of IKE_PAYLOAD and set its Signature.\r
\r
  @return A buffer of IKE_PAYLOAD.\r
\r
**/\r
IKE_PAYLOAD *\r
IkePayloadAlloc (\r
  VOID\r
  );\r
\r
/**\r
  Free a specified IKE_PAYLOAD buffer.\r
\r
  @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.\r
\r
**/\r
VOID\r
IkePayloadFree (\r
  IN IKE_PAYLOAD *IkePayload\r
  );\r
\r
/**\r
  Generate an unused SPI\r
\r
  @return a SPI in 4 bytes.\r
\r
**/\r
UINT32\r
IkeGenerateSpi (\r
  VOID\r
  );\r
\r
/**\r
  Generate a random data for IV\r
\r
  @param[in]  IvBuffer  The pointer of the IV buffer.\r
  @param[in]  IvSize    The IV size.\r
\r
  @retval     EFI_SUCCESS  Create a random data for IV.\r
  @retval     otherwise    Failed.\r
\r
**/\r
EFI_STATUS\r
IkeGenerateIv (\r
  IN UINT8                           *IvBuffer,\r
  IN UINTN                           IvSize\r
  );\r
\r
/**\r
  Get the IKE Version from the IKE_SA_SESSION.\r
\r
  @param[in]  Session  Pointer of the IKE_SA_SESSION.\r
\r
**/\r
UINT8\r
IkeGetVersionFromSession (\r
  IN UINT8                    *Session\r
  );\r
\r
/**
  Find SPD entry by a specified SPD selector.

  @param[in] SpdSel       Point to SPD Selector to be searched for.\r

  @retval Point to Spd Entry if the SPD entry found.
  @retval NULL if not found.

**/
IPSEC_SPD_ENTRY *
IkeSearchSpdEntry (\r
  IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
  );\r
\r
extern EFI_GUID               mZeroGuid;\r
extern MODP_GROUP             OakleyModpGroup[];\r
extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];\r
extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];\r
\r
#endif\r
\r
Commit	Line	Data
9166f840	1	/** @file\r
	2	Common operation of the IKE.\r
	3	\r
	4	Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
	5	\r
	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php.\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	\r
	16	#ifndef _IKE_COMMON_H_\r
	17	#define _IKE_COMMON_H_\r
	18	\r
	19	#include <Protocol/Udp4.h>\r
	20	#include <Protocol/Udp6.h>\r
	21	#include <Protocol/Ip4Config.h>\r
	22	\r
	23	#include <Library/BaseLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/MemoryAllocationLib.h>\r
	26	#include <Library/UefiRuntimeServicesTableLib.h>\r
	27	#include <Library/UefiBootServicesTableLib.h>\r
	28	#include <Library/DebugLib.h>\r
	29	#include <Library/UdpIoLib.h>\r
	30	#include <Library/BaseCryptLib.h>\r
	31	\r
	32	#include "Ikev2/Ikev2.h"\r
	33	#include "IpSecImpl.h"\r
	34	#include "IkePacket.h"\r
	35	#include "IpSecCryptIo.h"\r
	36	\r
	37	\r
	38	#define IKE_DEFAULT_PORT 500\r
	39	#define IKE_DEFAULT_TIMEOUT_INTERVAL 10000 // 10s\r
	40	#define IKE_NONCE_SIZE 16\r
	41	#define IKE_MAX_RETRY 4\r
	42	#define IKE_SPI_BASE 0x10000\r
	43	#define PRF_HMAC_SHA1_GUID &gEfiCryptAlgorithmSha1Guid\r
	44	#define IKE_PAYLOAD_SIGNATURE SIGNATURE_32('I','K','E','P')\r
	45	#define IKE_PAYLOAD_BY_PACKET(a) CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)\r
	46	\r
	47	\r
	48	#define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload) \\r
	49	do { \\r
	50	InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \\r
	51	} while (0)\r
	52	\r
	53	#define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload) \\r
	54	do { \\r
	55	RemoveEntryList(&(IkePayload)->ByPacket); \\r
	56	} while (0)\r
	57	\r
	58	#define IKE_PACKET_END_PAYLOAD(IkePacket, Node) \\r
	59	Node = GetFirstNode (&(IkePacket)->PayloadList); \\r
	60	while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) { \\r
	61	Node = GetNextNode (&(IkePacket)->PayloadList, Node); \\r
	62	} \\r
	63	\r
	64	/**\r
65	Call Crypto Lib to generate a random value with eight-octet length.\r
66	\r
67	@return the 64 byte vaule.\r
68	\r
69	**/\r
70	UINT64\r
71	IkeGenerateCookie (\r
72	VOID\r
73	);\r
74	\r
75	/**\r
76	Generate the random data for Nonce payload.\r
77	\r
78	@param[in] NonceSize Size of the data in bytes.\r
79	\r
80	@return Buffer which contains the random data of the spcified size. \r
81	\r
82	**/\r
83	UINT8 *\r
84	IkeGenerateNonce (\r
85	IN UINTN NonceSize\r
86	);\r
87	\r
88	/**\r
89	Convert the IKE Header from Network order to Host order.\r
90	\r
91	@param[in, out] Header The pointer of the IKE_HEADER.\r
92	\r
93	**/\r
94	VOID\r
95	IkeHdrNetToHost (\r
96	IN OUT IKE_HEADER *Header\r
97	);\r
98	\r
99	\r
100	/**\r
101	Convert the IKE Header from Host order to Network order.\r
102	\r
103	@param[in, out] Header The pointer of the IKE_HEADER.\r
104	\r
105	**/\r
106	VOID\r
107	IkeHdrHostToNet (\r
108	IN OUT IKE_HEADER *Header\r
109	);\r
110	\r
111	/**\r
112	Allocate a buffer of IKE_PAYLOAD and set its Signature.\r
113	\r
114	@return A buffer of IKE_PAYLOAD.\r
115	\r
116	**/\r
117	IKE_PAYLOAD *\r
118	IkePayloadAlloc (\r
119	VOID\r
120	);\r
121	\r
122	/**\r
123	Free a specified IKE_PAYLOAD buffer.\r
124	\r
125	@param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.\r
126	\r
127	**/\r
128	VOID\r
129	IkePayloadFree (\r
130	IN IKE_PAYLOAD *IkePayload\r
131	);\r
132	\r
133	/**\r
134	Generate an unused SPI\r
135	\r
136	@return a SPI in 4 bytes.\r
137	\r
138	**/\r
139	UINT32\r
140	IkeGenerateSpi (\r
141	VOID\r
142	);\r
143	\r
144	/**\r
145	Generate a random data for IV\r
146	\r
147	@param[in] IvBuffer The pointer of the IV buffer.\r
148	@param[in] IvSize The IV size.\r
149	\r
150	@retval EFI_SUCCESS Create a random data for IV.\r
151	@retval otherwise Failed.\r
152	\r
153	**/\r
154	EFI_STATUS\r
155	IkeGenerateIv (\r
156	IN UINT8 *IvBuffer,\r
157	IN UINTN IvSize\r
158	);\r
159	\r
160	/**\r
161	Get the IKE Version from the IKE_SA_SESSION.\r
162	\r
163	@param[in] Session Pointer of the IKE_SA_SESSION.\r
164	\r
165	**/\r
166	UINT8\r
167	IkeGetVersionFromSession (\r
168	IN UINT8 *Session\r
169	);\r
170	\r
171	/**
172	Find SPD entry by a specified SPD selector.
173
174	@param[in] SpdSel Point to SPD Selector to be searched for.\r
175
176	@retval Point to Spd Entry if the SPD entry found.
177	@retval NULL if not found.
178
179	**/
180	IPSEC_SPD_ENTRY *
181	IkeSearchSpdEntry (\r
182	IN EFI_IPSEC_SPD_SELECTOR *SpdSel
183	);\r
184	\r
185	extern EFI_GUID mZeroGuid;\r
186	extern MODP_GROUP OakleyModpGroup[];\r
187	extern IKE_ALG_GUID_INFO mIPsecEncrAlgInfo[];\r
188	extern IKE_ALG_GUID_INFO mIPsecAuthAlgInfo[];\r
189	\r
190	#endif\r
191	\r