NetworkPkg/IpSecDxe/IpSecCryptIo.h

   1 /** @file
   2   Definition related to the Security operation.
   3
   4   Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
   5
   6   This program and the accompanying materials
   7   are licensed and made available under the terms and conditions of the BSD License
   8   which accompanies this distribution.  The full text of the license may be found at
   9   http://opensource.org/licenses/bsd-license.php.
  10
  11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13
  14 **/
  15
  16 #ifndef _EFI_IPSEC_CRYPTIO_H_
  17 #define _EFI_IPSEC_CRYPTIO_H_
  18
  19 #include <Protocol/IpSecConfig.h>
  20 #include <Library/DebugLib.h>
  21
  22 #define IPSEC_ENCRYPT_ALGORITHM_LIST_SIZE 2
  23 #define IPSEC_AUTH_ALGORITHM_LIST_SIZE    3
  24
  25 ///
  26 /// Authentication Algorithm Definition
  27 ///   The number value definition is aligned to IANA assignment
  28 ///
  29 #define IKE_AALG_NONE                0x00
  30 #define IKE_AALG_SHA1HMAC            0x02
  31 #define IKE_AALG_NULL                0xFB
  32
  33 ///
  34 /// Encryption Algorithm Definition
  35 ///   The number value definition is aligned to IANA assignment
  36 ///
  37 #define IKE_EALG_NONE                0x00
  38 #define IKE_EALG_3DESCBC             0x03
  39 #define IKE_EALG_NULL                0x0B
  40 #define IKE_EALG_AESCBC              0x0C
  41
  42 /**
  43   Prototype of Hash GetContextSize.
  44
  45   Retrieves the size, in bytes, of the context buffer required.
  46
  47   @return  The size, in bytes, of the context buffer required.
  48
  49 **/
  50 typedef
  51 UINTN
  52 (EFIAPI *CPL_HASH_GETCONTEXTSIZE) (
  53   VOID
  54   );
  55
  56 /**
  57   Prototype of Hash Operation Initiating.
  58
  59   Initialization with a new context.
  60
  61
  62   @param[in,out]  Context  Input Context.
  63
  64   @retval TRUE  Initialization Successfully.
  65
  66 **/
  67 typedef
  68 EFI_STATUS
  69 (EFIAPI *CPL_HASH_INIT) (
  70   IN OUT  VOID     *Context
  71   );
  72
  73 /**
  74   Prototype of HASH update.
  75   Hash update operation. Continue an Hash message digest operation, processing
  76   another message block, and updating the Hash context.
  77
  78   If Context is NULL, then ASSERT().
  79   If Data is NULL, then ASSERT().
  80
  81   @param[in,out]  Context     The Specified Context.
  82   @param[in,out]  Data        The Input Data to hash.
  83   @param[in]      DataLength  The length, in bytes, of Data.
  84
  85   @retval TRUE   Update data successfully.
  86   @retval FALSE  The Context has been finalized.
  87
  88 **/
  89 typedef
  90 BOOLEAN
  91 (EFIAPI *CPL_HASH_UPDATE) (
  92   IN OUT       VOID  *Context,
  93   IN     CONST VOID  *Data,
  94   IN           UINTN DataLength
  95   );
  96
  97 /**
  98   Prototype of Hash finallization.
  99   Terminate a Hash message digest operation and output the message digest.
 100
 101   If Context is NULL, then ASSERT().
 102   If HashValue is NULL, then ASSERT().
 103
 104   @param[in,out]  Context     The specified Context.
 105   @param[out]     HashValue   Pointer to a 16-byte message digest output buffer.
 106
 107   @retval TRUE  Finalized successfully.
 108
 109 **/
 110 typedef
 111 BOOLEAN
 112 (EFIAPI *CPL_HASH_FINAL) (
 113   IN OUT  VOID   *Context,
 114      OUT  UINT8  *HashValue
 115   );
 116
 117 /**
 118   Prototype of Cipher GetContextSize.
 119
 120   Retrieves the size, in bytes, of the context buffer required.
 121
 122   @return  The size, in bytes, of the context buffer required.
 123
 124 **/
 125 typedef
 126 UINTN
 127 (EFIAPI *CPL_CIPHER_GETCONTEXTSIZE) (
 128   VOID
 129   );
 130
 131 /**
 132   Prototype of Cipher initiation.
 133   Intializes the user-supplied key as the specifed context (key materials) for both
 134   encryption and decryption operations.
 135
 136   If Context is NULL, then ASSERT().
 137   If Key is NULL, then generate random key for usage.
 138
 139   @param[in,out]  Context      The specified Context.
 140   @param[in]      Key          User-supplied TDES key (64/128/192 bits).
 141   @param[in]      KeyBits      Key length in bits.
 142
 143   @retval TRUE  TDES Initialization was successful.
 144
 145 **/
 146 typedef
 147 BOOLEAN
 148 (EFIAPI *CPL_CIPHER_INIT) (
 149   IN OUT        VOID   *Context,
 150   IN      CONST UINT8  *Key,
 151   IN      CONST UINTN  KeyBits
 152   );
 153
 154
 155 /**
 156   Prototype of Cipher encryption.
 157   Encrypts plaintext message with the specified cipher.
 158
 159   If Context is NULL, then ASSERT().
 160   if InData is NULL, then ASSERT().
 161   If Size of input data is not multiple of Cipher algorithm related block size,
 162   then ASSERT().
 163
 164   @param[in]      Context      The specified Context.
 165   @param[in]      InData       The input plaintext data to be encrypted.
 166   @param[out]     OutData      The resultant encrypted ciphertext.
 167   @param[in]      DataLength   Length of input data in bytes.
 168
 169   @retval TRUE  Encryption successful.
 170
 171 **/
 172 typedef
 173 BOOLEAN
 174 (EFIAPI *CPL_CIPHER_ENCRYPT) (
 175   IN            VOID   *Context,
 176   IN      CONST UINT8  *InData,
 177       OUT       UINT8  *OutData,
 178   IN      CONST UINTN  DataLength
 179   );
 180
 181
 182 /**
 183   Prototype of Cipher decryption.
 184   Decrypts cipher message with specified cipher.
 185
 186   If Context is NULL, then ASSERT().
 187   if InData is NULL, then ASSERT().
 188   If Size of input data is not a multiple of a certaion block size , then ASSERT().
 189
 190   @param[in]      Context      The specified Context.
 191   @param[in]      InData       The input ciphertext data to be decrypted.
 192   @param[out]     OutData      The resultant decrypted plaintext.
 193   @param[in]      DataLength   Length of input data in bytes.
 194
 195   @retval TRUE  Decryption successful.
 196
 197 **/
 198 typedef
 199 BOOLEAN
 200 (EFIAPI *CPL_CIPHER_DECRYPT) (
 201   IN     CONST VOID   *Context,
 202   IN     CONST UINT8  *InData,
 203      OUT       UINT8  *OutData,
 204   IN     CONST UINTN  DataLength
 205   );
 206
 207 //
 208 // The struct used to store the informatino and operation of  Cipher algorithm.
 209 //
 210 typedef struct _ENCRYPT_ALGORITHM {
 211 //
 212 // The ID of the Algorithm
 213 //
 214 UINT8                     AlgorithmId;
 215 //
 216 // The Key length of the Algorithm
 217 //
 218 UINTN                     KeyLength;
 219 //
 220 // Iv Size of the Algorithm
 221 //
 222 UINTN                     IvLength;
 223 //
 224 // The Block Size of the Algorithm
 225 //
 226 UINTN                     BlockSize;
 227 //
 228 // The Function pointer of GetContextSize.
 229 //
 230 CPL_CIPHER_GETCONTEXTSIZE CipherGetContextSize;
 231 //
 232 // The Function pointer of Cipher intitiaion.
 233 //
 234 CPL_CIPHER_INIT           CipherInitiate;
 235 //
 236 // The Function pointer of Cipher Encryption.
 237 //
 238 CPL_CIPHER_ENCRYPT        CipherEncrypt;
 239 //
 240 // The Function pointer of Cipher Decrption.
 241 //
 242 CPL_CIPHER_DECRYPT        CipherDecrypt;
 243 } ENCRYPT_ALGORITHM;
 244
 245 //
 246 // The struct used to store the informatino and operation of  Autahentication algorithm.
 247 //
 248 typedef struct _AUTH_ALGORITHM {
 249   //
 250   // ID of the Algorithm
 251   //
 252   UINT8                    AlgorithmId;
 253   //
 254   // The Key length of the Algorithm
 255   //
 256   UINTN                    KeyLength;
 257   //
 258   // The ICV length of the Algorithm
 259   //
 260   UINTN                    IcvLength;
 261   //
 262   // The block size of the Algorithm
 263   //
 264   UINTN                    BlockSize;
 265   //
 266   // The function pointer of GetContextSize.
 267   //
 268   CPL_HASH_GETCONTEXTSIZE  HashGetContextSize;
 269   //
 270   // The function pointer of Initiatoion
 271   //
 272   CPL_HASH_INIT            HashInitiate;
 273   //
 274   // The function pointer of Hash Update.
 275   //
 276   CPL_HASH_UPDATE          HashUpdate;
 277   //
 278   // The fucntion pointer of Hash Final
 279   //
 280   CPL_HASH_FINAL           HashFinal;
 281 } AUTH_ALGORITHM;
 282
 283 /**
 284   Get the IV size of encrypt alogrithm. IV size is different from different algorithm.
 285
 286   @param[in]  AlgorithmId          The encrypt algorithm ID.
 287
 288   @return The value of IV size.
 289
 290 **/
 291 UINTN
 292 IpSecGetEncryptIvLength (
 293   IN UINT8 AlgorithmId
 294   );
 295
 296 /**
 297   Get the block size of encrypt alogrithm. Block size is different from different algorithm.
 298
 299   @param[in]  AlgorithmId          The encrypt algorithm ID.
 300
 301   @return The value of block size.
 302
 303 **/
 304 UINTN
 305 IpSecGetEncryptBlockSize (
 306   IN UINT8   AlgorithmId
 307   );
 308
 309 /**
 310   Get the ICV size of Authenticaion alogrithm. ICV size is different from different algorithm.
 311
 312   @param[in]  AuthAlgorithmId          The Authentication algorithm ID.
 313
 314   @return The value of ICV size.
 315
 316 **/
 317 UINTN
 318 IpSecGetIcvLength (
 319   IN UINT8  AuthAlgorithmId
 320   );
 321
 322 /**
 323   Generate a random data for IV. If the IvSize is zero, not needed to create
 324   IV and return EFI_SUCCESS.
 325
 326   @param[in]  IvBuffer  The pointer of the IV buffer.
 327   @param[in]  IvSize    The IV size.
 328
 329   @retval     EFI_SUCCESS  Create random data for IV.
 330
 331 **/
 332 EFI_STATUS
 333 IpSecGenerateIv (
 334   IN UINT8                           *IvBuffer,
 335   IN UINTN                           IvSize
 336   );
 337
 338 #endif
 339