[mirror_edk2.git] / NetworkPkg / IpSecDxe / Ikev2 / ChildSa.c

/** @file\r
  The operations for Child SA.\r
\r
  Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "Utility.h"\r
\r
/**\r
  Generate IKE Packet for CREATE_CHILD_SA exchange.\r
\r
  This IKE Packet would be the packet for creating new CHILD SA, or the packet for\r
  rekeying existing IKE SA, or the packet for existing CHILD SA.\r
\r
  @param[in] SaSession   Pointer to related SA session.\r
  @param[in] Context     The data passed by the caller.\r
\r
  return a pointer of IKE packet.\r
\r
**/\r
IKE_PACKET *\r
Ikev2CreateChildGenerator (\r
  IN UINT8               *SaSession,\r
  IN VOID                *Context\r
  )\r
{\r
\r
  IKEV2_CHILD_SA_SESSION  *ChildSaSession;\r
  IKEV2_SA_SESSION        *IkeSaSession;\r
  IKE_PACKET              *IkePacket;\r
  IKE_PAYLOAD             *NotifyPayload;\r
  UINT32                  *MessageId;\r
\r
  NotifyPayload   = NULL;\r
  MessageId       = NULL;\r
\r
  ChildSaSession  = (IKEV2_CHILD_SA_SESSION *) SaSession;\r
  if (ChildSaSession == NULL) {\r
    return NULL;\r
  }\r
\r
  IkePacket       = IkePacketAlloc();\r
  if (IkePacket == NULL) {\r
    return NULL;\r
  }\r
\r
\r
  if (Context != NULL) {\r
    MessageId = (UINT32 *) Context;\r
  }\r
\r
  IkePacket->Header->Version      = (UINT8) (2 << 4);\r
  IkePacket->Header->NextPayload  = IKEV2_PAYLOAD_TYPE_NOTIFY;\r
  IkePacket->Header->ExchangeType = IKE_XCG_TYPE_CREATE_CHILD_SA;\r
\r
  if (ChildSaSession->SessionCommon.IkeSessionType == IkeSessionTypeChildSa) {\r
    //\r
    // 1.a Fill the IkePacket->Hdr\r
    //\r
    IkePacket->Header->InitiatorCookie = ChildSaSession->IkeSaSession->InitiatorCookie;\r
    IkePacket->Header->ResponderCookie = ChildSaSession->IkeSaSession->ResponderCookie;\r
\r
    if (MessageId != NULL) {\r
      IkePacket->Header->MessageId     = *MessageId;\r
    } else {\r
      IkePacket->Header->MessageId     = ChildSaSession->MessageId;\r
    }\r
\r
    if (ChildSaSession->SessionCommon.IsInitiator) {\r
      IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r
    }\r
\r
  } else {\r
    IkeSaSession  = (IKEV2_SA_SESSION *) SaSession;\r
    //\r
    // 1.a Fill the IkePacket->Hdr\r
    //\r
    IkePacket->Header->InitiatorCookie = IkeSaSession->InitiatorCookie;\r
    IkePacket->Header->ResponderCookie = IkeSaSession->ResponderCookie;\r
\r
    if (MessageId != NULL) {\r
      IkePacket->Header->MessageId     = *MessageId;\r
    } else {\r
      IkePacket->Header->MessageId     = IkeSaSession->MessageId;\r
    }\r
\r
    if (IkeSaSession->SessionCommon.IsInitiator) {\r
      IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r
    }\r
  }\r
\r
  if (MessageId != NULL) {\r
    IkePacket->Header->Flags |= IKE_HEADER_FLAGS_RESPOND;\r
  }\r
\r
  //\r
  // According to RFC4306, Chapter 4.\r
  // A minimal implementation may support the CREATE_CHILD_SA exchange only to\r
  // recognize requests and reject them with a Notify payload of type NO_ADDITIONAL_SAS.\r
  //\r
  NotifyPayload = Ikev2GenerateNotifyPayload (\r
                    0,\r
                    IKEV2_PAYLOAD_TYPE_NONE,\r
                    0,\r
                    IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS,\r
                    NULL,\r
                    NULL,\r
                    0\r
                    );\r
  if (NotifyPayload == NULL) {\r
    IkePacketFree (IkePacket);\r
    return NULL;\r
  }\r
\r
  IKE_PACKET_APPEND_PAYLOAD (IkePacket, NotifyPayload);\r
  //\r
  // TODO: Support the CREATE_CHILD_SA exchange.\r
  //\r
  return IkePacket;\r
}\r
\r
/**\r
  Parse the IKE packet of CREATE_CHILD_SA exchange.\r
\r
  This function parse the IKE packet and save the related information to further\r
  calculation.\r
\r
  @param[in] SaSession   Pointer to IKEv2_CHILD_SA_SESSION related to this Exchange.\r
  @param[in] IkePacket   Received packet to be parsed.\r
\r
\r
  @retval EFI_SUCCESS       The IKE Packet is acceptable.\r
  @retval EFI_UNSUPPORTED   Not support the CREATE_CHILD_SA request.\r
\r
**/\r
EFI_STATUS\r
Ikev2CreateChildParser (\r
  IN UINT8                        *SaSession,\r
  IN IKE_PACKET                   *IkePacket\r
  )\r
{\r
  return EFI_UNSUPPORTED;\r
}\r
\r
/**\r
  Routine process before the payload decoding.\r
\r
  @param[in] SessionCommon  Pointer to ChildSa SessionCommon.\r
  @param[in] PayloadBuf     Pointer to the payload.\r
  @param[in] PayloadSize    Size of PayloadBuf in byte.\r
  @param[in] PayloadType    Type of Payload.\r
\r
**/\r
VOID\r
Ikev2ChildSaBeforeDecodePayload (\r
  IN UINT8              *SessionCommon,\r
  IN UINT8              *PayloadBuf,\r
  IN UINTN              PayloadSize,\r
  IN UINT8              PayloadType\r
  )\r
{\r
\r
}\r
\r
/**\r
  Routine Process after the payload encoding.\r
\r
  @param[in] SessionCommon  Pointer to ChildSa SessionCommon.\r
  @param[in] PayloadBuf     Pointer to the payload.\r
  @param[in] PayloadSize    Size of PayloadBuf in byte.\r
  @param[in] PayloadType    Type of Payload.\r
\r
**/\r
VOID\r
Ikev2ChildSaAfterEncodePayload (\r
  IN UINT8              *SessionCommon,\r
  IN UINT8              *PayloadBuf,\r
  IN UINTN              PayloadSize,\r
  IN UINT8              PayloadType\r
  )\r
{\r
}\r
\r
IKEV2_PACKET_HANDLER  mIkev2CreateChild = {\r
  //\r
  // Create Child\r
  //\r
  Ikev2CreateChildParser,\r
  Ikev2CreateChildGenerator\r
};\r
Commit	Line	Data
9166f840	1	/** @file\r
	2	The operations for Child SA.\r
	3	\r
f75a7f56	4	Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
9166f840	5	\r
ecf98fbc	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
9166f840	7	\r
	8	**/\r
	9	\r
	10	#include "Utility.h"\r
	11	\r
	12	/**\r
f75a7f56	13	Generate IKE Packet for CREATE_CHILD_SA exchange.\r
9166f840	14	\r
	15	This IKE Packet would be the packet for creating new CHILD SA, or the packet for\r
	16	rekeying existing IKE SA, or the packet for existing CHILD SA.\r
f75a7f56 LG	17	\r
f75a7f56 LG	18	@param[in] SaSession Pointer to related SA session.\r
9166f840	19	@param[in] Context The data passed by the caller.\r
	20	\r
	21	return a pointer of IKE packet.\r
	22	\r
	23	**/\r
	24	IKE_PACKET *\r
	25	Ikev2CreateChildGenerator (\r
	26	IN UINT8 *SaSession,\r
	27	IN VOID *Context\r
	28	)\r
	29	{\r
	30	\r
	31	IKEV2_CHILD_SA_SESSION *ChildSaSession;\r
	32	IKEV2_SA_SESSION *IkeSaSession;\r
	33	IKE_PACKET *IkePacket;\r
	34	IKE_PAYLOAD *NotifyPayload;\r
	35	UINT32 *MessageId;\r
6771c1d6 JW	36	\r
	37	NotifyPayload = NULL;\r
	38	MessageId = NULL;\r
f75a7f56	39	\r
9166f840	40	ChildSaSession = (IKEV2_CHILD_SA_SESSION *) SaSession;\r
6771c1d6	41	if (ChildSaSession == NULL) {\r
9166f840	42	return NULL;\r
9166f840	43	}\r
f75a7f56	44	\r
6771c1d6 JW	45	IkePacket = IkePacketAlloc();\r
6771c1d6 JW	46	if (IkePacket == NULL) {\r
9166f840	47	return NULL;\r
	48	}\r
	49	\r
6771c1d6	50	\r
9166f840	51	if (Context != NULL) {\r
	52	MessageId = (UINT32 *) Context;\r
	53	}\r
f75a7f56	54	\r
9166f840	55	IkePacket->Header->Version = (UINT8) (2 << 4);\r
	56	IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_NOTIFY;\r
	57	IkePacket->Header->ExchangeType = IKE_XCG_TYPE_CREATE_CHILD_SA;\r
f75a7f56	58	\r
9166f840	59	if (ChildSaSession->SessionCommon.IkeSessionType == IkeSessionTypeChildSa) {\r
	60	//\r
	61	// 1.a Fill the IkePacket->Hdr\r
f75a7f56	62	//\r
9166f840	63	IkePacket->Header->InitiatorCookie = ChildSaSession->IkeSaSession->InitiatorCookie;\r
9166f840	64	IkePacket->Header->ResponderCookie = ChildSaSession->IkeSaSession->ResponderCookie;\r
f75a7f56	65	\r
9166f840	66	if (MessageId != NULL) {\r
	67	IkePacket->Header->MessageId = *MessageId;\r
	68	} else {\r
	69	IkePacket->Header->MessageId = ChildSaSession->MessageId;\r
f75a7f56 LG	70	}\r
f75a7f56 LG	71	\r
9166f840	72	if (ChildSaSession->SessionCommon.IsInitiator) {\r
7822a1d9	73	IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r
9166f840	74	}\r
f75a7f56	75	\r
9166f840	76	} else {\r
	77	IkeSaSession = (IKEV2_SA_SESSION *) SaSession;\r
	78	//\r
	79	// 1.a Fill the IkePacket->Hdr\r
	80	//\r
	81	IkePacket->Header->InitiatorCookie = IkeSaSession->InitiatorCookie;\r
	82	IkePacket->Header->ResponderCookie = IkeSaSession->ResponderCookie;\r
	83	\r
	84	if (MessageId != NULL) {\r
	85	IkePacket->Header->MessageId = *MessageId;\r
	86	} else {\r
	87	IkePacket->Header->MessageId = IkeSaSession->MessageId;\r
f75a7f56 LG	88	}\r
f75a7f56 LG	89	\r
9166f840	90	if (IkeSaSession->SessionCommon.IsInitiator) {\r
7822a1d9	91	IkePacket->Header->Flags = IKE_HEADER_FLAGS_INIT;\r
9166f840	92	}\r
7822a1d9 JW	93	}\r
	94	\r
	95	if (MessageId != NULL) {\r
	96	IkePacket->Header->Flags \|= IKE_HEADER_FLAGS_RESPOND;\r
	97	}\r
f75a7f56	98	\r
9166f840	99	//\r
	100	// According to RFC4306, Chapter 4.\r
	101	// A minimal implementation may support the CREATE_CHILD_SA exchange only to\r
	102	// recognize requests and reject them with a Notify payload of type NO_ADDITIONAL_SAS.\r
	103	//\r
	104	NotifyPayload = Ikev2GenerateNotifyPayload (\r
	105	0,\r
	106	IKEV2_PAYLOAD_TYPE_NONE,\r
f75a7f56	107	0,\r
9166f840	108	IKEV2_NOTIFICATION_NO_ADDITIONAL_SAS,\r
	109	NULL,\r
	110	NULL,\r
	111	0\r
	112	);\r
f75a7f56	113	if (NotifyPayload == NULL) {\r
6771c1d6 JW	114	IkePacketFree (IkePacket);\r
	115	return NULL;\r
	116	}\r
f75a7f56	117	\r
9166f840	118	IKE_PACKET_APPEND_PAYLOAD (IkePacket, NotifyPayload);\r
9166f840	119	//\r
f75a7f56 LG	120	// TODO: Support the CREATE_CHILD_SA exchange.\r
f75a7f56 LG	121	//\r
9166f840	122	return IkePacket;\r
	123	}\r
	124	\r
	125	/**\r
	126	Parse the IKE packet of CREATE_CHILD_SA exchange.\r
f75a7f56	127	\r
9166f840	128	This function parse the IKE packet and save the related information to further\r
f75a7f56 LG	129	calculation.\r
f75a7f56 LG	130	\r
9166f840	131	@param[in] SaSession Pointer to IKEv2_CHILD_SA_SESSION related to this Exchange.\r
9166f840	132	@param[in] IkePacket Received packet to be parsed.\r
f75a7f56	133	\r
9166f840	134	\r
	135	@retval EFI_SUCCESS The IKE Packet is acceptable.\r
	136	@retval EFI_UNSUPPORTED Not support the CREATE_CHILD_SA request.\r
	137	\r
	138	**/\r
	139	EFI_STATUS\r
	140	Ikev2CreateChildParser (\r
	141	IN UINT8 *SaSession,\r
	142	IN IKE_PACKET *IkePacket\r
	143	)\r
	144	{\r
	145	return EFI_UNSUPPORTED;\r
	146	}\r
	147	\r
	148	/**\r
	149	Routine process before the payload decoding.\r
	150	\r
	151	@param[in] SessionCommon Pointer to ChildSa SessionCommon.\r
	152	@param[in] PayloadBuf Pointer to the payload.\r
	153	@param[in] PayloadSize Size of PayloadBuf in byte.\r
	154	@param[in] PayloadType Type of Payload.\r
	155	\r
	156	**/\r
	157	VOID\r
	158	Ikev2ChildSaBeforeDecodePayload (\r
	159	IN UINT8 *SessionCommon,\r
	160	IN UINT8 *PayloadBuf,\r
	161	IN UINTN PayloadSize,\r
	162	IN UINT8 PayloadType\r
	163	)\r
	164	{\r
	165	\r
	166	}\r
	167	\r
	168	/**\r
	169	Routine Process after the payload encoding.\r
	170	\r
	171	@param[in] SessionCommon Pointer to ChildSa SessionCommon.\r
	172	@param[in] PayloadBuf Pointer to the payload.\r
	173	@param[in] PayloadSize Size of PayloadBuf in byte.\r
	174	@param[in] PayloadType Type of Payload.\r
	175	\r
	176	**/\r
	177	VOID\r
	178	Ikev2ChildSaAfterEncodePayload (\r
	179	IN UINT8 *SessionCommon,\r
	180	IN UINT8 *PayloadBuf,\r
	181	IN UINTN PayloadSize,\r
	182	IN UINT8 PayloadType\r
	183	)\r
	184	{\r
	185	}\r
	186	\r
	187	IKEV2_PACKET_HANDLER mIkev2CreateChild = {\r
	188	//\r
	189	// Create Child\r
	190	//\r
	191	Ikev2CreateChildParser,\r
	192	Ikev2CreateChildGenerator\r
	193	};\r