2 The Interfaces of IPsec debug information printing.
4 Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #include "IpSecImpl.h"
11 #include "IpSecDebug.h"
14 // The print title for IKEv1 variety phase.
16 CHAR8
*mIkev1StateStr
[IKE_STATE_NUM
] = {
20 "IKEv1_MAIN_ESTABLISHED",
23 "IKEv1_QUICK_ESTABLISHED"
27 // The print title for IKEv2 variety phase.
29 CHAR8
*mIkev2StateStr
[IKE_STATE_NUM
] = {
32 "IKEv2_STATE_SA_ESTABLISH",
33 "IKEv2_STATE_CREATE_CHILD",
34 "IKEv2_STATE_SA_REKEYING",
35 "IKEv2_STATE_CHILD_SA_ESTABLISHED",
36 "IKEv2_STATE_SA_DELETING"
40 // The print title for IKEv1 variety Exchagne.
42 CHAR8
*mExchangeStr
[] = {
43 "IKEv1 Main Exchange",
44 "IKEv1 Info Exchange",
45 "IKEv1 Quick Exchange",
46 "IKEv2 Initial Exchange",
47 "IKEv2 Auth Exchange",
48 "IKEv2 Create Child Exchange",
49 "IKEv2 Info Exchange",
54 // The print title for IKEv1 variety Payload.
56 CHAR8
*mIkev1PayloadStr
[] = {
59 "IKEv1 Proposal Payload",
60 "IKEv1 Transform Payload",
63 "IKEv1 Certificate Payload",
64 "IKEv1 Certificate Request Payload",
66 "IKEv1 Signature Payload",
67 "IKEv1 Nonce Payload",
68 "IKEv1 Notify Payload",
69 "IKEv1 Delete Payload",
70 "IKEv1 Vendor Payload"
74 // The print title for IKEv2 variety Payload.
76 CHAR8
* mIkev2PayloadStr
[] = {
79 "IKEv2 Identity Initial Payload",
80 "IKEv2 Identity Respond Payload",
81 "IKEv2 Certificate Payload",
82 "IKEv2 Certificate Request Payload",
84 "IKEv2 Nonce Payload",
85 "IKEv2 Notify Payload",
86 "IKEv2 Delet Payload",
87 "IKEv2 Vendor Payload",
88 "IKEv2 Traffic Selector Initiator Payload",
89 "IKEv2 Traffic Selector Respond Payload",
90 "IKEv2 Encrypt Payload",
91 "IKEv2 Configuration Payload",
92 "IKEv2 Extensible Authentication Payload"
98 @param[in] Level Debug print error level. Pass to DEBUG().
99 @param[in] Ip Point to a specified IP address.
100 @param[in] IpVersion The IP Version.
106 IN EFI_IP_ADDRESS
*Ip
,
110 if (IpVersion
== IP_VERSION_6
) {
113 "%x%x:%x%x:%x%x:%x%x",
125 ":%x%x:%x%x:%x%x:%x%x\n",
149 Print IKE Current states.
151 @param[in] Previous The Previous state of IKE.
152 @param[in] Current The current state of IKE.
153 @param[in] IkeVersion The version of IKE.
163 if (Previous
>= IKE_STATE_NUM
|| Current
>= IKE_STATE_NUM
) {
167 if (Previous
== Current
) {
168 if (IkeVersion
== 1) {
169 DEBUG ((DEBUG_INFO
, "\n****Current state is %a\n", mIkev1StateStr
[Previous
]));
170 } else if (IkeVersion
== 2) {
171 DEBUG ((DEBUG_INFO
, "\n****Current state is %a\n", mIkev2StateStr
[Previous
]));
174 if (IkeVersion
== 1) {
175 DEBUG ((DEBUG_INFO
, "\n****Change state from %a to %a\n", mIkev1StateStr
[Previous
], mIkev1StateStr
[Current
]));
177 DEBUG ((DEBUG_INFO
, "\n****Change state from %a to %a\n", mIkev2StateStr
[Previous
], mIkev2StateStr
[Current
]));
183 Print the IKE Packet.
185 @param[in] Packet Point to IKE packet to be printed.
186 @param[in] Direction Point to the IKE packet is inbound or outbound.
187 @param[in] IpVersion Specified IP Version.
192 IN IKE_PACKET
*Packet
,
193 IN EFI_IPSEC_TRAFFIC_DIR Direction
,
202 ASSERT (Packet
!= NULL
);
204 PacketSize
= Packet
->PayloadTotalSize
+ sizeof (IKE_HEADER
);
205 InitCookie
= (Direction
== EfiIPsecOutBound
) ? HTONLL (Packet
->Header
->InitiatorCookie
) : Packet
->Header
->InitiatorCookie
;
206 RespCookie
= (Direction
== EfiIPsecOutBound
) ? HTONLL (Packet
->Header
->ResponderCookie
) : Packet
->Header
->ResponderCookie
;
208 switch (Packet
->Header
->ExchangeType
) {
209 case IKE_XCG_TYPE_IDENTITY_PROTECT
:
210 TypeStr
= mExchangeStr
[0];
213 case IKE_XCG_TYPE_INFO
:
214 TypeStr
= mExchangeStr
[1];
217 case IKE_XCG_TYPE_QM
:
218 TypeStr
= mExchangeStr
[2];
221 case IKE_XCG_TYPE_SA_INIT
:
222 TypeStr
= mExchangeStr
[3];
225 case IKE_XCG_TYPE_AUTH
:
226 TypeStr
= mExchangeStr
[4];
229 case IKE_XCG_TYPE_CREATE_CHILD_SA
:
230 TypeStr
= mExchangeStr
[5];
233 case IKE_XCG_TYPE_INFO2
:
234 TypeStr
= mExchangeStr
[6];
238 TypeStr
= mExchangeStr
[7];
242 if (Direction
== EfiIPsecOutBound
) {
243 DEBUG ((DEBUG_INFO
, "\n>>>Sending %d bytes %a to ", PacketSize
, TypeStr
));
245 DEBUG ((DEBUG_INFO
, "\n>>>Receiving %d bytes %a from ", PacketSize
, TypeStr
));
248 IpSecDumpAddress (DEBUG_INFO
, &Packet
->RemotePeerIp
, IpVersion
);
250 DEBUG ((DEBUG_INFO
, " InitiatorCookie:0x%lx ResponderCookie:0x%lx\n", InitCookie
, RespCookie
));
253 " Version: 0x%x Flags:0x%x ExchangeType:0x%x\n",
254 Packet
->Header
->Version
,
255 Packet
->Header
->Flags
,
256 Packet
->Header
->ExchangeType
)
260 " MessageId:0x%x NextPayload:0x%x\n",
261 Packet
->Header
->MessageId
,
262 Packet
->Header
->NextPayload
)
268 Print the IKE Paylolad.
270 @param[in] IkePayload Point to payload to be printed.
271 @param[in] IkeVersion The specified version of IKE.
276 IN IKE_PAYLOAD
*IkePayload
,
280 if (IkeVersion
== 1) {
281 DEBUG ((DEBUG_INFO
, "+%a\n", mIkev1PayloadStr
[IkePayload
->PayloadType
]));
284 // For IKEV2 the first Payload type is started from 33.
286 DEBUG ((DEBUG_INFO
, "+%a\n", mIkev2PayloadStr
[IkePayload
->PayloadType
- 33]));
288 IpSecDumpBuf ("Payload data", IkePayload
->PayloadBuf
, IkePayload
->PayloadSize
);
292 Print the buffer in form of Hex.
294 @param[in] Title The strings to be printed before the data of the buffer.
295 @param[in] Data Points to buffer to be printed.
296 @param[in] DataSize The size of the buffer to be printed.
308 UINTN BytesRemaining
;
312 BytesRemaining
= DataSize
;
314 DEBUG ((DEBUG_INFO
, "==%a %d bytes==\n", Title
, DataSize
));
316 while (BytesRemaining
> 0) {
318 BytesToPrint
= (BytesRemaining
> IPSEC_DEBUG_BYTE_PER_LINE
) ? IPSEC_DEBUG_BYTE_PER_LINE
: BytesRemaining
;
320 for (Index
= 0; Index
< BytesToPrint
; Index
++) {
321 DEBUG ((DEBUG_INFO
, " 0x%02x,", Data
[DataIndex
++]));
324 DEBUG ((DEBUG_INFO
, "\n"));
325 BytesRemaining
-= BytesToPrint
;