]>
Commit | Line | Data |
---|---|---|
9166f840 | 1 | /** @file\r |
2 | The operations for Child SA.\r | |
3 | \r | |
f75a7f56 | 4 | Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r |
9166f840 | 5 | \r |
ecf98fbc | 6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
9166f840 | 7 | \r |
8 | **/\r | |
9 | \r | |
10 | #include "Utility.h"\r | |
11 | \r | |
12 | /**\r | |
f75a7f56 | 13 | Generate IKE Packet for CREATE_CHILD_SA exchange.\r |
9166f840 | 14 | \r |
15 | This IKE Packet would be the packet for creating new CHILD SA, or the packet for\r | |
16 | rekeying existing IKE SA, or the packet for existing CHILD SA.\r | |
f75a7f56 LG |
17 | \r |
18 | @param[in] SaSession Pointer to related SA session.\r | |
9166f840 | 19 | @param[in] Context The data passed by the caller.\r |
20 | \r | |
21 | return a pointer of IKE packet.\r | |
22 | \r | |
23 | **/\r | |
24 | IKE_PACKET *\r | |
25 | Ikev2CreateChildGenerator (\r | |
26 | IN UINT8 *SaSession,\r | |
27 | IN VOID *Context\r | |
28 | )\r | |
29 | {\r | |
30 | \r | |
31 | IKEV2_CHILD_SA_SESSION *ChildSaSession;\r | |
32 | IKEV2_SA_SESSION *IkeSaSession;\r | |
33 | IKE_PACKET *IkePacket;\r | |
34 | IKE_PAYLOAD *NotifyPayload;\r | |
35 | UINT32 *MessageId;\r | |
6771c1d6 JW |
36 | \r |
37 | NotifyPayload = NULL;\r | |
38 | MessageId = NULL;\r | |
f75a7f56 | 39 | \r |
9166f840 | 40 | ChildSaSession = (IKEV2_CHILD_SA_SESSION *) SaSession;\r |
6771c1d6 | 41 | if (ChildSaSession == NULL) {\r |
9166f840 | 42 | return NULL;\r |
43 | }\r | |
f75a7f56 | 44 | \r |
6771c1d6 JW |
45 | IkePacket = IkePacketAlloc();\r |
46 | if (IkePacket == NULL) {\r | |
9166f840 | 47 | return NULL;\r |
48 | }\r | |
49 | \r | |
6771c1d6 | 50 | \r |
9166f840 | 51 | if (Context != NULL) {\r |
52 | MessageId = (UINT32 *) Context;\r | |
53 | }\r | |
f75a7f56 | 54 | \r |
9166f840 | 55 | IkePacket->Header->Version = (UINT8) (2 << 4);\r |
56 | IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_NOTIFY;\r | |
57 | IkePacket->Header->ExchangeType = IKE_XCG_TYPE_CREATE_CHILD_SA;\r | |
f75a7f56 | 58 | \r |
9166f840 | 59 | if (ChildSaSession->SessionCommon.IkeSessionType == IkeSessionTypeChildSa) {\r |
60 | //\r | |
61 | // 1.a Fill the IkePacket->Hdr\r | |
f75a7f56 | 62 | //\r |
9166f840 | 63 | IkePacket->Header->InitiatorCookie = ChildSaSession->IkeSaSession->InitiatorCookie;\r |
64 | IkePacket->Header->ResponderCookie = ChildSaSession->IkeSaSession->ResponderCookie;\r | |
f75a7f56 | 65 | \r |
9166f840 | 66 | if (MessageId != NULL) {\r |
67 | IkePacket->Header->MessageId = *MessageId;\r | |
68 | } else {\r | |
69 | IkePacket->Header->MessageId = ChildSaSession->MessageId;\r | |
f75a7f56 LG |
70 | }\r |
71 | \r | |
9166f840 | 72 | if (ChildSaSession->SessionCommon.IsInitiator) {\r |
7822a1d9 | 73 | IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r |
9166f840 | 74 | }\r |
f75a7f56 | 75 | \r |
9166f840 | 76 | } else {\r |
77 | IkeSaSession = (IKEV2_SA_SESSION *) SaSession;\r | |
78 | //\r | |
79 | // 1.a Fill the IkePacket->Hdr\r | |
80 | //\r | |
81 | IkePacket->Header->InitiatorCookie = IkeSaSession->InitiatorCookie;\r | |
82 | IkePacket->Header->ResponderCookie = IkeSaSession->ResponderCookie;\r | |
83 | \r | |
84 | if (MessageId != NULL) {\r | |
85 | IkePacket->Header->MessageId = *MessageId;\r | |
86 | } else {\r | |
87 | IkePacket->Header->MessageId = IkeSaSession->MessageId;\r | |
f75a7f56 LG |
88 | }\r |
89 | \r | |
9166f840 | 90 | if (IkeSaSession->SessionCommon.IsInitiator) {\r |
7822a1d9 | 91 | IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r |
9166f840 | 92 | }\r |
7822a1d9 JW |
93 | }\r |
94 | \r | |
95 | if (MessageId != NULL) {\r | |
96 | IkePacket->Header->Flags |= IKE_HEADER_FLAGS_RESPOND;\r | |
97 | }\r | |
f75a7f56 | 98 | \r |
9166f840 | 99 | //\r |
100 | // According to RFC4306, Chapter 4.\r | |
101 | // A minimal implementation may support the CREATE_CHILD_SA exchange only to\r | |
102 | // recognize requests and reject them with a Notify payload of type NO_ADDITIONAL_SAS.\r | |
103 | //\r | |
104 | NotifyPayload = Ikev2GenerateNotifyPayload (\r | |
105 | 0,\r | |
106 | IKEV2_PAYLOAD_TYPE_NONE,\r | |
f75a7f56 | 107 | 0,\r |
9166f840 | 108 | IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS,\r |
109 | NULL,\r | |
110 | NULL,\r | |
111 | 0\r | |
112 | );\r | |
f75a7f56 | 113 | if (NotifyPayload == NULL) {\r |
6771c1d6 JW |
114 | IkePacketFree (IkePacket);\r |
115 | return NULL;\r | |
116 | }\r | |
f75a7f56 | 117 | \r |
9166f840 | 118 | IKE_PACKET_APPEND_PAYLOAD (IkePacket, NotifyPayload);\r |
119 | //\r | |
f75a7f56 LG |
120 | // TODO: Support the CREATE_CHILD_SA exchange.\r |
121 | //\r | |
9166f840 | 122 | return IkePacket;\r |
123 | }\r | |
124 | \r | |
125 | /**\r | |
126 | Parse the IKE packet of CREATE_CHILD_SA exchange.\r | |
f75a7f56 | 127 | \r |
9166f840 | 128 | This function parse the IKE packet and save the related information to further\r |
f75a7f56 LG |
129 | calculation.\r |
130 | \r | |
9166f840 | 131 | @param[in] SaSession Pointer to IKEv2_CHILD_SA_SESSION related to this Exchange.\r |
132 | @param[in] IkePacket Received packet to be parsed.\r | |
f75a7f56 | 133 | \r |
9166f840 | 134 | \r |
135 | @retval EFI_SUCCESS The IKE Packet is acceptable.\r | |
136 | @retval EFI_UNSUPPORTED Not support the CREATE_CHILD_SA request.\r | |
137 | \r | |
138 | **/\r | |
139 | EFI_STATUS\r | |
140 | Ikev2CreateChildParser (\r | |
141 | IN UINT8 *SaSession,\r | |
142 | IN IKE_PACKET *IkePacket\r | |
143 | )\r | |
144 | {\r | |
145 | return EFI_UNSUPPORTED;\r | |
146 | }\r | |
147 | \r | |
148 | /**\r | |
149 | Routine process before the payload decoding.\r | |
150 | \r | |
151 | @param[in] SessionCommon Pointer to ChildSa SessionCommon.\r | |
152 | @param[in] PayloadBuf Pointer to the payload.\r | |
153 | @param[in] PayloadSize Size of PayloadBuf in byte.\r | |
154 | @param[in] PayloadType Type of Payload.\r | |
155 | \r | |
156 | **/\r | |
157 | VOID\r | |
158 | Ikev2ChildSaBeforeDecodePayload (\r | |
159 | IN UINT8 *SessionCommon,\r | |
160 | IN UINT8 *PayloadBuf,\r | |
161 | IN UINTN PayloadSize,\r | |
162 | IN UINT8 PayloadType\r | |
163 | )\r | |
164 | {\r | |
165 | \r | |
166 | }\r | |
167 | \r | |
168 | /**\r | |
169 | Routine Process after the payload encoding.\r | |
170 | \r | |
171 | @param[in] SessionCommon Pointer to ChildSa SessionCommon.\r | |
172 | @param[in] PayloadBuf Pointer to the payload.\r | |
173 | @param[in] PayloadSize Size of PayloadBuf in byte.\r | |
174 | @param[in] PayloadType Type of Payload.\r | |
175 | \r | |
176 | **/\r | |
177 | VOID\r | |
178 | Ikev2ChildSaAfterEncodePayload (\r | |
179 | IN UINT8 *SessionCommon,\r | |
180 | IN UINT8 *PayloadBuf,\r | |
181 | IN UINTN PayloadSize,\r | |
182 | IN UINT8 PayloadType\r | |
183 | )\r | |
184 | {\r | |
185 | }\r | |
186 | \r | |
187 | IKEV2_PACKET_HANDLER mIkev2CreateChild = {\r | |
188 | //\r | |
189 | // Create Child\r | |
190 | //\r | |
191 | Ikev2CreateChildParser,\r | |
192 | Ikev2CreateChildGenerator\r | |
193 | };\r |