NetworkPkg/IpSecDxe/IkeCommon.h

   1 /** @file
   2   Common operation of the IKE.
   3
   4   Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
   5
   6   This program and the accompanying materials
   7   are licensed and made available under the terms and conditions of the BSD License
   8   which accompanies this distribution.  The full text of the license may be found at
   9   http://opensource.org/licenses/bsd-license.php.
  10
  11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13
  14 **/
  15
  16 #ifndef _IKE_COMMON_H_
  17 #define _IKE_COMMON_H_
  18
  19 #include <Protocol/Udp4.h>
  20 #include <Protocol/Udp6.h>
  21 #include <Protocol/Ip4Config2.h>
  22
  23 #include <Library/BaseLib.h>
  24 #include <Library/BaseMemoryLib.h>
  25 #include <Library/MemoryAllocationLib.h>
  26 #include <Library/UefiRuntimeServicesTableLib.h>
  27 #include <Library/UefiBootServicesTableLib.h>
  28 #include <Library/DebugLib.h>
  29 #include <Library/UdpIoLib.h>
  30 #include <Library/BaseCryptLib.h>
  31
  32 #include "Ikev2/Ikev2.h"
  33 #include "IpSecImpl.h"
  34 #include "IkePacket.h"
  35 #include "IpSecCryptIo.h"
  36
  37
  38 #define IKE_DEFAULT_PORT              500
  39 #define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s
  40 #define IKE_NONCE_SIZE                16
  41 #define IKE_MAX_RETRY                 4
  42 #define IKE_SPI_BASE                  0x100
  43 #define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')
  44 #define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)
  45
  46
  47 #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \
  48   do {                                                                  \
  49     InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \
  50   } while (0)
  51
  52 #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \
  53   do {                                                                  \
  54     RemoveEntryList(&(IkePayload)->ByPacket);                           \
  55   } while (0)
  56
  57 #define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \
  58   Node = GetFirstNode (&(IkePacket)->PayloadList);                      \
  59   while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \
  60     Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \
  61   }                                                                     \
  62
  63 /**
  64   Call Crypto Lib to generate a random value with eight-octet length.
  65
  66   @return the 64 byte vaule.
  67
  68 **/
  69 UINT64
  70 IkeGenerateCookie (
  71   VOID
  72   );
  73
  74 /**
  75   Generate the random data for Nonce payload.
  76
  77   @param[in]  NonceSize      Size of the data in bytes.
  78
  79   @return Buffer which contains the random data of the spcified size.
  80
  81 **/
  82 UINT8 *
  83 IkeGenerateNonce (
  84   IN UINTN              NonceSize
  85   );
  86
  87 /**
  88   Convert the IKE Header from Network order to Host order.
  89
  90   @param[in, out]  Header    The pointer of the IKE_HEADER.
  91
  92 **/
  93 VOID
  94 IkeHdrNetToHost (
  95   IN OUT IKE_HEADER *Header
  96   );
  97
  98
  99 /**
 100   Convert the IKE Header from Host order to Network order.
 101
 102   @param[in, out] Header     The pointer of the IKE_HEADER.
 103
 104 **/
 105 VOID
 106 IkeHdrHostToNet (
 107   IN OUT IKE_HEADER *Header
 108   );
 109
 110 /**
 111   Allocate a buffer of IKE_PAYLOAD and set its Signature.
 112
 113   @return A buffer of IKE_PAYLOAD.
 114
 115 **/
 116 IKE_PAYLOAD *
 117 IkePayloadAlloc (
 118   VOID
 119   );
 120
 121 /**
 122   Free a specified IKE_PAYLOAD buffer.
 123
 124   @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.
 125
 126 **/
 127 VOID
 128 IkePayloadFree (
 129   IN IKE_PAYLOAD *IkePayload
 130   );
 131
 132 /**
 133   Generate an new SPI.
 134
 135   @param[in]       IkeSaSession   Pointer to IKEV2_SA_SESSION related to this Child SA
 136                                   Session.
 137   @param[in, out]  SpiValue       Pointer to the new generated SPI value.
 138
 139   @retval EFI_SUCCESS         The operation performs successfully.
 140   @retval Otherwise           The operation is failed.
 141
 142 **/
 143 EFI_STATUS
 144 IkeGenerateSpi (
 145   IN     IKEV2_SA_SESSION         *IkeSaSession,
 146   IN OUT UINT32                   *SpiValue
 147   );
 148
 149 /**
 150   Generate a random data for IV
 151
 152   @param[in]  IvBuffer  The pointer of the IV buffer.
 153   @param[in]  IvSize    The IV size.
 154
 155   @retval     EFI_SUCCESS  Create a random data for IV.
 156   @retval     otherwise    Failed.
 157
 158 **/
 159 EFI_STATUS
 160 IkeGenerateIv (
 161   IN UINT8                           *IvBuffer,
 162   IN UINTN                           IvSize
 163   );
 164
 165 /**
 166   Get the IKE Version from the IKE_SA_SESSION.
 167
 168   @param[in]  Session  Pointer of the IKE_SA_SESSION.
 169
 170 **/
 171 UINT8
 172 IkeGetVersionFromSession (
 173   IN UINT8                    *Session
 174   );
 175
 176 /**
 177   Find SPD entry by a specified SPD selector.
 178
 179   @param[in] SpdSel       Point to SPD Selector to be searched for.
 180
 181   @retval Point to Spd Entry if the SPD entry found.
 182   @retval NULL if not found.
 183
 184 **/
 185 IPSEC_SPD_ENTRY *
 186 IkeSearchSpdEntry (
 187   IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
 188   );
 189
 190 extern MODP_GROUP             OakleyModpGroup[];
 191 extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];
 192 extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];
 193
 194 #endif
 195