MdePkg/Include/Protocol/Tls.h: pack structures from the TLS RFC

[mirror_edk2.git] / MdePkg / Include / Protocol / IpSecConfig.h

diff --git a/MdePkg/Include/Protocol/IpSecConfig.h b/MdePkg/Include/Protocol/IpSecConfig.h
index d9a9b614a1b683afe9b59638af6efbc0b28011cc..c6e2b36beba0bc905e413d9da87d3c4504f5ed94 100644 (file)
--- a/MdePkg/Include/Protocol/IpSecConfig.h
+++ b/MdePkg/Include/Protocol/IpSecConfig.h
@@ -3,8 +3,8 @@
   The EFI_IPSEC_CONFIG_PROTOCOL provides the mechanism to set and retrieve security and \r
   policy related information for the EFI IPsec protocol driver.\r
 \r
-  Copyright (c) 2009 - 2010, Intel Corporation\r
-  All rights reserved. This program and the accompanying materials\r
+  Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+  This program and the accompanying materials\r
   are licensed and made available under the terms and conditions of the BSD License\r
   which accompanies this distribution.  The full text of the license may be found at\r
   http://opensource.org/licenses/bsd-license.php\r
@@ -302,38 +302,6 @@ typedef struct _EFI_IPSEC_PROCESS_POLICY {
   UINT8                   EncAlgoId;\r
 } EFI_IPSEC_PROCESS_POLICY;\r
 \r
-///\r
-/// IPsec Authentication Algorithm Definition\r
-///   The number value definition is aligned to IANA assignment\r
-///\r
-#define EFI_IPSEC_AALG_NONE                0x00\r
-#define EFI_IPSEC_AALG_MD5HMAC             0x02\r
-#define EFI_IPSEC_AALG_SHA1HMAC            0x03\r
-#define EFI_IPSEC_AALG_SHA2_256HMAC        0x05\r
-#define EFI_IPSEC_AALG_SHA2_384HMAC        0x06\r
-#define EFI_IPSEC_AALG_SHA2_512HMAC        0x07\r
-#define EFI_IPSEC_AALG_AES_XCBC_MAC        0x09\r
-#define EFI_IPSEC_AALG_NULL                0xFB\r
-\r
-///\r
-/// IPsec Encryption Algorithm Definition\r
-///   The number value definition is aligned to IANA assignment\r
-///\r
-#define EFI_IPSEC_EALG_NONE                0x00\r
-#define EFI_IPSEC_EALG_DESCBC              0x02\r
-#define EFI_IPSEC_EALG_3DESCBC             0x03\r
-#define EFI_IPSEC_EALG_CASTCBC             0x06\r
-#define EFI_IPSEC_EALG_BLOWFISHCBC         0x07\r
-#define EFI_IPSEC_EALG_NULL                0x0B\r
-#define EFI_IPSEC_EALG_AESCBC              0x0C\r
-#define EFI_IPSEC_EALG_AESCTR              0x0D\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV8        0x0E\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV12       0x0F\r
-#define EFI_IPSEC_EALG_AES_CCM_ICV16       0x10\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV8        0x12\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV12       0x13\r
-#define EFI_IPSEC_EALG_AES_GCM_ICV16       0x14\r
-\r
 ///\r
 /// EFI_IPSEC_SA_ID\r
 /// A triplet to identify an SA, consisting of the following members.\r
@@ -363,7 +331,7 @@ typedef struct _EFI_IPSEC_SA_ID {
 ///\r
 typedef struct _EFI_IPSEC_SPD_DATA {\r
   /// \r
-  /// A null-terminated name string which is used as a symbolic \r
+  /// A null-terminated ASCII name string which is used as a symbolic \r
   /// identifier for an IPsec Local or Remote address.\r
   /// \r
   UINT8                           Name[MAX_PEERID_LEN];\r
@@ -486,6 +454,58 @@ typedef struct _EFI_IPSEC_SA_DATA {
   BOOLEAN                         ManualSet;\r
 } EFI_IPSEC_SA_DATA;\r
 \r
+///\r
+/// EFI_IPSEC_SA_DATA2\r
+///\r
+typedef struct _EFI_IPSEC_SA_DATA2 { \r
+  ///\r
+  /// IPsec mode: tunnel or transport\r
+  ///\r
+  EFI_IPSEC_MODE             Mode; \r
+  ///\r
+  /// Sequence Number Counter. A 64-bit counter used to generate the sequence \r
+  /// number field in AH or ESP headers. \r
+  ///\r
+  UINT64                     SNCount; \r
+  ///\r
+  /// Anti-Replay Window. A 64-bit counter and a bit-map used to determine \r
+  /// whether an inbound AH or ESP packet is a replay.\r
+  ///\r
+  UINT8                      AntiReplayWindows; \r
+  ///\r
+  /// AH/ESP cryptographic algorithm, key and parameters.\r
+  ///\r
+  EFI_IPSEC_ALGO_INFO        AlgoInfo; \r
+  ///\r
+  /// Lifetime of this SA.\r
+  ///\r
+  EFI_IPSEC_SA_LIFETIME      SaLifetime; \r
+  ///\r
+  /// Any observed path MTU and aging variables. The Path MTU processing is \r
+  /// defined in section 8 of RFC 4301.\r
+  ///\r
+  UINT32                     PathMTU; \r
+  ///\r
+  /// Link to one SPD entry\r
+  ///\r
+  EFI_IPSEC_SPD_SELECTOR     *SpdSelector; \r
+  ///\r
+  /// Indication of whether it's manually set or negotiated automatically. \r
+  /// If ManualSet is FALSE, the corresponding SA entry is inserted through IKE \r
+  /// protocol negotiation\r
+  ///\r
+  BOOLEAN                    ManualSet;\r
+  ///\r
+  /// The tunnel header IP source address.\r
+  ///\r
+  EFI_IP_ADDRESS             TunnelSourceAddress;\r
+  ///\r
+  /// The tunnel header IP destination address.\r
+  ///\r
+  EFI_IP_ADDRESS             TunnelDestinationAddress;\r
+} EFI_IPSEC_SA_DATA2; \r
+\r
+\r
 ///\r
 /// EFI_IPSEC_PAD_ID\r
 /// specifies the identifier for PAD entry, which is also used for SPD lookup.\r
@@ -502,7 +522,7 @@ typedef struct _EFI_IPSEC_PAD_ID {
     ///\r
     EFI_IP_ADDRESS_INFO   IpAddress;\r
     ///\r
-    /// Pointer to a null terminated string (8-bit ASCII character) \r
+    /// Pointer to a null terminated ASCII string\r
     /// representing the symbolic names. A PeerId can be a DNS \r
     /// name, Distinguished Name, RFC 822 email address or Key ID \r
     /// (specified in section 4.4.3.1 of RFC 4301)\r