NetworkPkg/IpSecDxe/IkeCommon.h

   1 /** @file
   2   Common operation of the IKE.
   3
   4   Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
   5
   6   This program and the accompanying materials
   7   are licensed and made available under the terms and conditions of the BSD License
   8   which accompanies this distribution.  The full text of the license may be found at
   9   http://opensource.org/licenses/bsd-license.php.
  10
  11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13
  14 **/
  15
  16 #ifndef _IKE_COMMON_H_
  17 #define _IKE_COMMON_H_
  18
  19 #include <Protocol/Udp4.h>
  20 #include <Protocol/Udp6.h>
  21 #include <Protocol/Ip4Config.h>
  22
  23 #include <Library/BaseLib.h>
  24 #include <Library/BaseMemoryLib.h>
  25 #include <Library/MemoryAllocationLib.h>
  26 #include <Library/UefiRuntimeServicesTableLib.h>
  27 #include <Library/UefiBootServicesTableLib.h>
  28 #include <Library/DebugLib.h>
  29 #include <Library/UdpIoLib.h>
  30 #include <Library/BaseCryptLib.h>
  31
  32 #include "Ikev2/Ikev2.h"
  33 #include "IpSecImpl.h"
  34 #include "IkePacket.h"
  35 #include "IpSecCryptIo.h"
  36
  37
  38 #define IKE_DEFAULT_PORT              500
  39 #define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s
  40 #define IKE_NONCE_SIZE                16
  41 #define IKE_MAX_RETRY                 4
  42 #define IKE_SPI_BASE                  0x10000
  43 #define PRF_HMAC_SHA1_GUID            &gEfiCryptAlgorithmSha1Guid
  44 #define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')
  45 #define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)
  46
  47
  48 #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \
  49   do {                                                                  \
  50     InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \
  51   } while (0)
  52
  53 #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \
  54   do {                                                                  \
  55     RemoveEntryList(&(IkePayload)->ByPacket);                           \
  56   } while (0)
  57
  58 #define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \
  59   Node = GetFirstNode (&(IkePacket)->PayloadList);                      \
  60   while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \
  61     Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \
  62   }                                                                     \
  63
  64 /**
  65   Call Crypto Lib to generate a random value with eight-octet length.
  66
  67   @return the 64 byte vaule.
  68
  69 **/
  70 UINT64
  71 IkeGenerateCookie (
  72   VOID
  73   );
  74
  75 /**
  76   Generate the random data for Nonce payload.
  77
  78   @param[in]  NonceSize      Size of the data in bytes.
  79
  80   @return Buffer which contains the random data of the spcified size.
  81
  82 **/
  83 UINT8 *
  84 IkeGenerateNonce (
  85   IN UINTN              NonceSize
  86   );
  87
  88 /**
  89   Convert the IKE Header from Network order to Host order.
  90
  91   @param[in, out]  Header    The pointer of the IKE_HEADER.
  92
  93 **/
  94 VOID
  95 IkeHdrNetToHost (
  96   IN OUT IKE_HEADER *Header
  97   );
  98
  99
 100 /**
 101   Convert the IKE Header from Host order to Network order.
 102
 103   @param[in, out] Header     The pointer of the IKE_HEADER.
 104
 105 **/
 106 VOID
 107 IkeHdrHostToNet (
 108   IN OUT IKE_HEADER *Header
 109   );
 110
 111 /**
 112   Allocate a buffer of IKE_PAYLOAD and set its Signature.
 113
 114   @return A buffer of IKE_PAYLOAD.
 115
 116 **/
 117 IKE_PAYLOAD *
 118 IkePayloadAlloc (
 119   VOID
 120   );
 121
 122 /**
 123   Free a specified IKE_PAYLOAD buffer.
 124
 125   @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.
 126
 127 **/
 128 VOID
 129 IkePayloadFree (
 130   IN IKE_PAYLOAD *IkePayload
 131   );
 132
 133 /**
 134   Generate an unused SPI
 135
 136   @return a SPI in 4 bytes.
 137
 138 **/
 139 UINT32
 140 IkeGenerateSpi (
 141   VOID
 142   );
 143
 144 /**
 145   Generate a random data for IV
 146
 147   @param[in]  IvBuffer  The pointer of the IV buffer.
 148   @param[in]  IvSize    The IV size.
 149
 150   @retval     EFI_SUCCESS  Create a random data for IV.
 151   @retval     otherwise    Failed.
 152
 153 **/
 154 EFI_STATUS
 155 IkeGenerateIv (
 156   IN UINT8                           *IvBuffer,
 157   IN UINTN                           IvSize
 158   );
 159
 160 /**
 161   Get the IKE Version from the IKE_SA_SESSION.
 162
 163   @param[in]  Session  Pointer of the IKE_SA_SESSION.
 164
 165 **/
 166 UINT8
 167 IkeGetVersionFromSession (
 168   IN UINT8                    *Session
 169   );
 170
 171 /**
 172   Find SPD entry by a specified SPD selector.
 173
 174   @param[in] SpdSel       Point to SPD Selector to be searched for.
 175
 176   @retval Point to Spd Entry if the SPD entry found.
 177   @retval NULL if not found.
 178
 179 **/
 180 IPSEC_SPD_ENTRY *
 181 IkeSearchSpdEntry (
 182   IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
 183   );
 184
 185 extern EFI_GUID               mZeroGuid;
 186 extern MODP_GROUP             OakleyModpGroup[];
 187 extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];
 188 extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];
 189
 190 #endif
 191