2 Definition related to the Security operation.
4 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #ifndef _EFI_IPSEC_CRYPTIO_H_
17 #define _EFI_IPSEC_CRYPTIO_H_
19 #include <Protocol/IpSecConfig.h>
20 #include <Library/DebugLib.h>
22 #define IPSEC_ENCRYPT_ALGORITHM_LIST_SIZE 2
23 #define IPSEC_AUTH_ALGORITHM_LIST_SIZE 3
26 /// Authentication Algorithm Definition
27 /// The number value definition is aligned to IANA assignment
29 #define IKE_AALG_NONE 0x00
30 #define IKE_AALG_SHA1HMAC 0x02
31 #define IKE_AALG_NULL 0xFB
34 /// Encryption Algorithm Definition
35 /// The number value definition is aligned to IANA assignment
37 #define IKE_EALG_NONE 0x00
38 #define IKE_EALG_3DESCBC 0x03
39 #define IKE_EALG_NULL 0x0B
40 #define IKE_EALG_AESCBC 0x0C
43 Prototype of Hash GetContextSize.
45 Retrieves the size, in bytes, of the context buffer required.
47 @return The size, in bytes, of the context buffer required.
52 (EFIAPI
*CPL_HASH_GETCONTEXTSIZE
) (
57 Prototype of Hash Operation Initiating.
59 Initialization with a new context.
62 @param[in,out] Context Input Context.
64 @retval TRUE Initialization Successfully.
69 (EFIAPI
*CPL_HASH_INIT
) (
74 Prototype of HASH update.
75 Hash update operation. Continue an Hash message digest operation, processing
76 another message block, and updating the Hash context.
78 If Context is NULL, then ASSERT().
79 If Data is NULL, then ASSERT().
81 @param[in,out] Context The Specified Context.
82 @param[in,out] Data The Input Data to hash.
83 @param[in] DataLength The length, in bytes, of Data.
85 @retval TRUE Update data successfully.
86 @retval FALSE The Context has been finalized.
91 (EFIAPI
*CPL_HASH_UPDATE
) (
98 Prototype of Hash finallization.
99 Terminate a Hash message digest operation and output the message digest.
101 If Context is NULL, then ASSERT().
102 If HashValue is NULL, then ASSERT().
104 @param[in,out] Context The specified Context.
105 @param[out] HashValue Pointer to a 16-byte message digest output buffer.
107 @retval TRUE Finalized successfully.
112 (EFIAPI
*CPL_HASH_FINAL
) (
113 IN OUT VOID
*Context
,
118 Prototype of Cipher GetContextSize.
120 Retrieves the size, in bytes, of the context buffer required.
122 @return The size, in bytes, of the context buffer required.
127 (EFIAPI
*CPL_CIPHER_GETCONTEXTSIZE
) (
132 Prototype of Cipher initiation.
133 Intializes the user-supplied key as the specifed context (key materials) for both
134 encryption and decryption operations.
136 If Context is NULL, then ASSERT().
137 If Key is NULL, then generate random key for usage.
139 @param[in,out] Context The specified Context.
140 @param[in] Key User-supplied TDES key (64/128/192 bits).
141 @param[in] KeyBits Key length in bits.
143 @retval TRUE TDES Initialization was successful.
148 (EFIAPI
*CPL_CIPHER_INIT
) (
149 IN OUT VOID
*Context
,
151 IN CONST UINTN KeyBits
156 Prototype of Cipher encryption.
157 Encrypts plaintext message with the specified cipher.
159 If Context is NULL, then ASSERT().
160 if InData is NULL, then ASSERT().
161 If Size of input data is not multiple of Cipher algorithm related block size,
164 @param[in] Context The specified Context.
165 @param[in] InData The input plaintext data to be encrypted.
166 @param[out] OutData The resultant encrypted ciphertext.
167 @param[in] DataLength Length of input data in bytes.
169 @retval TRUE Encryption successful.
174 (EFIAPI
*CPL_CIPHER_ENCRYPT
) (
176 IN CONST UINT8
*InData
,
178 IN CONST UINTN DataLength
183 Prototype of Cipher decryption.
184 Decrypts cipher message with specified cipher.
186 If Context is NULL, then ASSERT().
187 if InData is NULL, then ASSERT().
188 If Size of input data is not a multiple of a certaion block size , then ASSERT().
190 @param[in] Context The specified Context.
191 @param[in] InData The input ciphertext data to be decrypted.
192 @param[out] OutData The resultant decrypted plaintext.
193 @param[in] DataLength Length of input data in bytes.
195 @retval TRUE Decryption successful.
200 (EFIAPI
*CPL_CIPHER_DECRYPT
) (
201 IN CONST VOID
*Context
,
202 IN CONST UINT8
*InData
,
204 IN CONST UINTN DataLength
208 // The struct used to store the informatino and operation of Cipher algorithm.
210 typedef struct _ENCRYPT_ALGORITHM
{
212 // The ID of the Algorithm
216 // The Key length of the Algorithm
220 // Iv Size of the Algorithm
224 // The Block Size of the Algorithm
228 // The Function pointer of GetContextSize.
230 CPL_CIPHER_GETCONTEXTSIZE CipherGetContextSize
;
232 // The Function pointer of Cipher intitiaion.
234 CPL_CIPHER_INIT CipherInitiate
;
236 // The Function pointer of Cipher Encryption.
238 CPL_CIPHER_ENCRYPT CipherEncrypt
;
240 // The Function pointer of Cipher Decrption.
242 CPL_CIPHER_DECRYPT CipherDecrypt
;
246 // The struct used to store the informatino and operation of Autahentication algorithm.
248 typedef struct _AUTH_ALGORITHM
{
250 // ID of the Algorithm
254 // The Key length of the Algorithm
258 // The ICV length of the Algorithm
262 // The block size of the Algorithm
266 // The function pointer of GetContextSize.
268 CPL_HASH_GETCONTEXTSIZE HashGetContextSize
;
270 // The function pointer of Initiatoion
272 CPL_HASH_INIT HashInitiate
;
274 // The function pointer of Hash Update.
276 CPL_HASH_UPDATE HashUpdate
;
278 // The fucntion pointer of Hash Final
280 CPL_HASH_FINAL HashFinal
;
284 Get the IV size of encrypt alogrithm. IV size is different from different algorithm.
286 @param[in] AlgorithmId The encrypt algorithm ID.
288 @return The value of IV size.
292 IpSecGetEncryptIvLength (
297 Get the block size of encrypt alogrithm. Block size is different from different algorithm.
299 @param[in] AlgorithmId The encrypt algorithm ID.
301 @return The value of block size.
305 IpSecGetEncryptBlockSize (
310 Get the ICV size of Authenticaion alogrithm. ICV size is different from different algorithm.
312 @param[in] AuthAlgorithmId The Authentication algorithm ID.
314 @return The value of ICV size.
319 IN UINT8 AuthAlgorithmId
323 Generate a random data for IV. If the IvSize is zero, not needed to create
324 IV and return EFI_SUCCESS.
326 @param[in] IvBuffer The pointer of the IV buffer.
327 @param[in] IvSize The IV size.
329 @retval EFI_SUCCESS Create random data for IV.