/** @file\r
The main process for IpSecConfig application.\r
\r
- Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
#include "Delete.h"\r
#include "Helper.h"\r
\r
+//\r
+// String token ID of IpSecConfig command help message text.\r
+//\r
+GLOBAL_REMOVE_IF_UNREFERENCED EFI_STRING_ID mStringIpSecHelpTokenId = STRING_TOKEN (STR_IPSEC_CONFIG_HELP);\r
+\r
//\r
// Used for ShellCommandLineParseEx only\r
// and to ensure user inputs are in valid format\r
{ L"-enable", TypeFlag },\r
{ L"-disable", TypeFlag },\r
{ L"-status", TypeFlag },\r
- { L"-?", TypeFlag },\r
\r
//\r
// SPD Selector\r
// --ipsec-proto\r
//\r
{ L"--spi", TypeValue },\r
- { L"--dest", TypeValue },\r
+ { L"--tunnel-dest", TypeValue },\r
+ { L"--tunnel-source", TypeValue },\r
{ L"--lookup-spi", TypeValue },\r
{ L"--lookup-ipsec-proto", TypeValue },\r
{ L"--lookup-dest", TypeValue },\r
// --auth-algo\r
//\r
STR2INT mMapAuthAlgo[] = {\r
- { L"NONE", EFI_IPSEC_AALG_NONE },\r
- { L"MD5HMAC", EFI_IPSEC_AALG_MD5HMAC },\r
- { L"SHA1HMAC", EFI_IPSEC_AALG_SHA1HMAC },\r
- { L"SHA2-256HMAC", EFI_IPSEC_AALG_SHA2_256HMAC },\r
- { L"SHA2-384HMAC", EFI_IPSEC_AALG_SHA2_384HMAC },\r
- { L"SHA2-512HMAC", EFI_IPSEC_AALG_SHA2_512HMAC },\r
- { L"AES-XCBC-MAC", EFI_IPSEC_AALG_AES_XCBC_MAC },\r
- { L"NULL", EFI_IPSEC_AALG_NULL },\r
+ { L"NONE", IPSEC_AALG_NONE },\r
+ { L"MD5HMAC", IPSEC_AALG_MD5HMAC },\r
+ { L"SHA1HMAC", IPSEC_AALG_SHA1HMAC },\r
+ { L"SHA2-256HMAC", IPSEC_AALG_SHA2_256HMAC },\r
+ { L"SHA2-384HMAC", IPSEC_AALG_SHA2_384HMAC },\r
+ { L"SHA2-512HMAC", IPSEC_AALG_SHA2_512HMAC },\r
+ { L"AES-XCBC-MAC", IPSEC_AALG_AES_XCBC_MAC },\r
+ { L"NULL", IPSEC_AALG_NULL },\r
{ NULL, 0 },\r
};\r
\r
// --encrypt-algo\r
//\r
STR2INT mMapEncAlgo[] = {\r
- { L"NONE", EFI_IPSEC_EALG_NONE },\r
- { L"DESCBC", EFI_IPSEC_EALG_DESCBC },\r
- { L"3DESCBC", EFI_IPSEC_EALG_3DESCBC },\r
- { L"CASTCBC", EFI_IPSEC_EALG_CASTCBC },\r
- { L"BLOWFISHCBC", EFI_IPSEC_EALG_BLOWFISHCBC },\r
- { L"NULL", EFI_IPSEC_EALG_NULL },\r
- { L"AESCBC", EFI_IPSEC_EALG_AESCBC },\r
- { L"AESCTR", EFI_IPSEC_EALG_AESCTR },\r
- { L"AES-CCM-ICV8", EFI_IPSEC_EALG_AES_CCM_ICV8 },\r
- { L"AES-CCM-ICV12",EFI_IPSEC_EALG_AES_CCM_ICV12 },\r
- { L"AES-CCM-ICV16",EFI_IPSEC_EALG_AES_CCM_ICV16 },\r
- { L"AES-GCM-ICV8", EFI_IPSEC_EALG_AES_GCM_ICV8 },\r
- { L"AES-GCM-ICV12",EFI_IPSEC_EALG_AES_GCM_ICV12 },\r
- { L"AES-GCM-ICV16",EFI_IPSEC_EALG_AES_GCM_ICV16 },\r
+ { L"NONE", IPSEC_EALG_NONE },\r
+ { L"DESCBC", IPSEC_EALG_DESCBC },\r
+ { L"3DESCBC", IPSEC_EALG_3DESCBC },\r
+ { L"CASTCBC", IPSEC_EALG_CASTCBC },\r
+ { L"BLOWFISHCBC", IPSEC_EALG_BLOWFISHCBC },\r
+ { L"NULL", IPSEC_EALG_NULL },\r
+ { L"AESCBC", IPSEC_EALG_AESCBC },\r
+ { L"AESCTR", IPSEC_EALG_AESCTR },\r
+ { L"AES-CCM-ICV8", IPSEC_EALG_AES_CCM_ICV8 },\r
+ { L"AES-CCM-ICV12",IPSEC_EALG_AES_CCM_ICV12 },\r
+ { L"AES-CCM-ICV16",IPSEC_EALG_AES_CCM_ICV16 },\r
+ { L"AES-GCM-ICV8", IPSEC_EALG_AES_GCM_ICV8 },\r
+ { L"AES-GCM-ICV12",IPSEC_EALG_AES_GCM_ICV12 },\r
+ { L"AES-GCM-ICV16",IPSEC_EALG_AES_GCM_ICV16 },\r
{ NULL, 0 },\r
};\r
\r
{ NULL, 0 },\r
};\r
\r
-EFI_IPSEC_PROTOCOL *mIpSec;\r
+EFI_IPSEC2_PROTOCOL *mIpSec;\r
EFI_IPSEC_CONFIG_PROTOCOL *mIpSecConfig;\r
EFI_HII_HANDLE mHiiHandle;\r
-EFI_GUID mEfiIpSecConfigGuid = EFI_IPSEC_CONFIG_GUID;\r
CHAR16 mAppName[] = L"IpSecConfig";\r
\r
//\r
// --ipsec-proto\r
//\r
{ L"--spi", 0, 0, BIT(1), 0 },\r
- { L"--dest", 0, 0, BIT(1), 0 },\r
+ { L"--tunnel-dest", 0, 0, BIT(1), 0 },\r
+ { L"--tunnel-source", 0, 0, BIT(1), 0 },\r
{ L"--lookup-spi", 0, 0, BIT(1), 0 },\r
{ L"--lookup-ipsec-proto", 0, 0, BIT(1), 0 },\r
{ L"--lookup-dest", 0, 0, BIT(1), 0 },\r
for (Node = GetFirstNode (ParamPackage); !IsNull (ParamPackage, Node); Node = GetNextNode (ParamPackage, Node)) {\r
if (((SHELL_PARAM_PACKAGE *) Node)->Name != NULL) {\r
//\r
- // Enumerate the check list that defines the conflicted attributes of each flag.\r
+ // Enumerate the check list that defines the conflicted attributes of each flag.\r
//\r
for (; Item->VarName != NULL; Item++) {\r
if (StrCmp (((SHELL_PARAM_PACKAGE *) Node)->Name, Item->VarName) == 0) {\r
CONST CHAR16 *ValueStr;\r
CHAR16 *ProblemParam;\r
UINTN NonOptionCount;\r
+ EFI_HII_PACKAGE_LIST_HEADER *PackageList;\r
+\r
+ //\r
+ // Retrieve HII package list from ImageHandle\r
+ //\r
+ Status = gBS->OpenProtocol (\r
+ ImageHandle,\r
+ &gEfiHiiPackageListProtocolGuid,\r
+ (VOID **) &PackageList,\r
+ ImageHandle,\r
+ NULL,\r
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
\r
//\r
- // Register our string package with HII and return the handle to it.\r
+ // Publish HII package list to HII Database.\r
//\r
- mHiiHandle = HiiAddPackages (&gEfiCallerIdGuid, ImageHandle, IpSecConfigStrings, NULL);\r
+ Status = gHiiDatabase->NewPackageList (\r
+ gHiiDatabase,\r
+ PackageList,\r
+ NULL,\r
+ &mHiiHandle\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
ASSERT (mHiiHandle != NULL);\r
\r
Status = ShellCommandLineParseEx (mIpSecConfigParamList, &ParamPackage, &ProblemParam, TRUE, FALSE);\r
goto Done;\r
}\r
\r
- Status = LocateProtocol (&gEfiIpSecProtocolGuid, (VOID **) &mIpSec);\r
+ Status = LocateProtocol (&gEfiIpSec2ProtocolGuid, (VOID **) &mIpSec);\r
if (EFI_ERROR (Status) || mIpSec == NULL) {\r
ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_PROTOCOL_INEXISTENT), mHiiHandle, mAppName);\r
goto Done;\r
} else {\r
ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_STATUS_ENABLE), mHiiHandle, mAppName);\r
}\r
-\r
goto Done;\r
}\r
\r
//\r
// Try to get policy database type.\r
//\r
- DataType = (EFI_IPSEC_CONFIG_DATA_TYPE) -1;\r
+ DataType = (EFI_IPSEC_CONFIG_DATA_TYPE) - 1;\r
ValueStr = ShellCommandLineGetValue (ParamPackage, L"-p");\r
if (ValueStr != NULL) {\r
DataType = (EFI_IPSEC_CONFIG_DATA_TYPE) MapStringToInteger (ValueStr, mMapPolicy);\r
}\r
}\r
\r
- if (ShellCommandLineGetFlag (ParamPackage, L"-?")) {\r
- switch (DataType) {\r
- case (EFI_IPSEC_CONFIG_DATA_TYPE) -1:\r
- ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_HELP), mHiiHandle);\r
- break;\r
-\r
- case IPsecConfigDataTypeSpd:\r
- ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_SPD_HELP), mHiiHandle);\r
- break;\r
-\r
- case IPsecConfigDataTypeSad:\r
- ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_SAD_HELP), mHiiHandle);\r
- break;\r
-\r
- case IPsecConfigDataTypePad:\r
- ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_PAD_HELP), mHiiHandle);\r
- break;\r
-\r
- default:\r
- ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_CONFIG_INCORRECT_DB), mHiiHandle);\r
- break;\r
- }\r
-\r
- goto Done;\r
- }\r
-\r
- NonOptionCount = ShellCommandLineGetCount ();\r
+ NonOptionCount = ShellCommandLineGetCount (ParamPackage);\r
if ((NonOptionCount - 1) > 0) {\r
ValueStr = ShellCommandLineGetRawValue (ParamPackage, (UINT32) (NonOptionCount - 1));\r
ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_IPSEC_REDUNDANCY_MANY), mHiiHandle, mAppName, ValueStr);\r