NetworkPkg/IpSecDxe/IkeCommon.h

   1 /** @file
   2   Common operation of the IKE.
   3
   4   Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
   5
   6   SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10 #ifndef _IKE_COMMON_H_
  11 #define _IKE_COMMON_H_
  12
  13 #include <Protocol/Udp4.h>
  14 #include <Protocol/Udp6.h>
  15 #include <Protocol/Ip4Config2.h>
  16
  17 #include <Library/BaseLib.h>
  18 #include <Library/BaseMemoryLib.h>
  19 #include <Library/MemoryAllocationLib.h>
  20 #include <Library/UefiRuntimeServicesTableLib.h>
  21 #include <Library/UefiBootServicesTableLib.h>
  22 #include <Library/DebugLib.h>
  23 #include <Library/UdpIoLib.h>
  24 #include <Library/BaseCryptLib.h>
  25
  26 #include "Ikev2/Ikev2.h"
  27 #include "IpSecImpl.h"
  28 #include "IkePacket.h"
  29 #include "IpSecCryptIo.h"
  30
  31
  32 #define IKE_DEFAULT_PORT              500
  33 #define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s
  34 #define IKE_NONCE_SIZE                16
  35 #define IKE_MAX_RETRY                 4
  36 #define IKE_SPI_BASE                  0x100
  37 #define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')
  38 #define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)
  39
  40
  41 #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \
  42   do {                                                                  \
  43     InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \
  44   } while (0)
  45
  46 #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \
  47   do {                                                                  \
  48     RemoveEntryList(&(IkePayload)->ByPacket);                           \
  49   } while (0)
  50
  51 #define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \
  52   Node = GetFirstNode (&(IkePacket)->PayloadList);                      \
  53   while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \
  54     Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \
  55   }                                                                     \
  56
  57 /**
  58   Call Crypto Lib to generate a random value with eight-octet length.
  59
  60   @return the 64 byte vaule.
  61
  62 **/
  63 UINT64
  64 IkeGenerateCookie (
  65   VOID
  66   );
  67
  68 /**
  69   Generate the random data for Nonce payload.
  70
  71   @param[in]  NonceSize      Size of the data in bytes.
  72
  73   @return Buffer which contains the random data of the spcified size.
  74
  75 **/
  76 UINT8 *
  77 IkeGenerateNonce (
  78   IN UINTN              NonceSize
  79   );
  80
  81 /**
  82   Convert the IKE Header from Network order to Host order.
  83
  84   @param[in, out]  Header    The pointer of the IKE_HEADER.
  85
  86 **/
  87 VOID
  88 IkeHdrNetToHost (
  89   IN OUT IKE_HEADER *Header
  90   );
  91
  92
  93 /**
  94   Convert the IKE Header from Host order to Network order.
  95
  96   @param[in, out] Header     The pointer of the IKE_HEADER.
  97
  98 **/
  99 VOID
 100 IkeHdrHostToNet (
 101   IN OUT IKE_HEADER *Header
 102   );
 103
 104 /**
 105   Allocate a buffer of IKE_PAYLOAD and set its Signature.
 106
 107   @return A buffer of IKE_PAYLOAD.
 108
 109 **/
 110 IKE_PAYLOAD *
 111 IkePayloadAlloc (
 112   VOID
 113   );
 114
 115 /**
 116   Free a specified IKE_PAYLOAD buffer.
 117
 118   @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.
 119
 120 **/
 121 VOID
 122 IkePayloadFree (
 123   IN IKE_PAYLOAD *IkePayload
 124   );
 125
 126 /**
 127   Generate an new SPI.
 128
 129   @param[in]       IkeSaSession   Pointer to IKEV2_SA_SESSION related to this Child SA
 130                                   Session.
 131   @param[in, out]  SpiValue       Pointer to the new generated SPI value.
 132
 133   @retval EFI_SUCCESS         The operation performs successfully.
 134   @retval Otherwise           The operation is failed.
 135
 136 **/
 137 EFI_STATUS
 138 IkeGenerateSpi (
 139   IN     IKEV2_SA_SESSION         *IkeSaSession,
 140   IN OUT UINT32                   *SpiValue
 141   );
 142
 143 /**
 144   Generate a random data for IV
 145
 146   @param[in]  IvBuffer  The pointer of the IV buffer.
 147   @param[in]  IvSize    The IV size.
 148
 149   @retval     EFI_SUCCESS  Create a random data for IV.
 150   @retval     otherwise    Failed.
 151
 152 **/
 153 EFI_STATUS
 154 IkeGenerateIv (
 155   IN UINT8                           *IvBuffer,
 156   IN UINTN                           IvSize
 157   );
 158
 159 /**
 160   Get the IKE Version from the IKE_SA_SESSION.
 161
 162   @param[in]  Session  Pointer of the IKE_SA_SESSION.
 163
 164 **/
 165 UINT8
 166 IkeGetVersionFromSession (
 167   IN UINT8                    *Session
 168   );
 169
 170 /**
 171   Find SPD entry by a specified SPD selector.
 172
 173   @param[in] SpdSel       Point to SPD Selector to be searched for.
 174
 175   @retval Point to Spd Entry if the SPD entry found.
 176   @retval NULL if not found.
 177
 178 **/
 179 IPSEC_SPD_ENTRY *
 180 IkeSearchSpdEntry (
 181   IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
 182   );
 183
 184 extern MODP_GROUP             OakleyModpGroup[];
 185 extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];
 186 extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];
 187
 188 #endif
 189