--- /dev/null
+/** @file\r
+ Common operation of the IKE.\r
+\r
+ Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+\r
+ This program and the accompanying materials\r
+ are licensed and made available under the terms and conditions of the BSD License\r
+ which accompanies this distribution. The full text of the license may be found at\r
+ http://opensource.org/licenses/bsd-license.php.\r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#ifndef _IKE_COMMON_H_\r
+#define _IKE_COMMON_H_\r
+\r
+#include <Protocol/Udp4.h>\r
+#include <Protocol/Udp6.h>\r
+#include <Protocol/Ip4Config.h>\r
+ \r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+#include <Library/UefiRuntimeServicesTableLib.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/UdpIoLib.h>\r
+#include <Library/BaseCryptLib.h>\r
+\r
+#include "Ikev2/Ikev2.h"\r
+#include "IpSecImpl.h"\r
+#include "IkePacket.h"\r
+#include "IpSecCryptIo.h"\r
+\r
+\r
+#define IKE_DEFAULT_PORT 500\r
+#define IKE_DEFAULT_TIMEOUT_INTERVAL 10000 // 10s\r
+#define IKE_NONCE_SIZE 16\r
+#define IKE_MAX_RETRY 4\r
+#define IKE_SPI_BASE 0x10000\r
+#define PRF_HMAC_SHA1_GUID &gEfiCryptAlgorithmSha1Guid\r
+#define IKE_PAYLOAD_SIGNATURE SIGNATURE_32('I','K','E','P')\r
+#define IKE_PAYLOAD_BY_PACKET(a) CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)\r
+\r
+\r
+#define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload) \\r
+ do { \\r
+ InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \\r
+ } while (0)\r
+\r
+#define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload) \\r
+ do { \\r
+ RemoveEntryList(&(IkePayload)->ByPacket); \\r
+ } while (0)\r
+\r
+#define IKE_PACKET_END_PAYLOAD(IkePacket, Node) \\r
+ Node = GetFirstNode (&(IkePacket)->PayloadList); \\r
+ while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) { \\r
+ Node = GetNextNode (&(IkePacket)->PayloadList, Node); \\r
+ } \\r
+\r
+/**\r
+ Call Crypto Lib to generate a random value with eight-octet length.\r
+ \r
+ @return the 64 byte vaule.\r
+\r
+**/\r
+UINT64\r
+IkeGenerateCookie (\r
+ VOID\r
+ );\r
+\r
+/**\r
+ Generate the random data for Nonce payload.\r
+\r
+ @param[in] NonceSize Size of the data in bytes.\r
+ \r
+ @return Buffer which contains the random data of the spcified size. \r
+\r
+**/\r
+UINT8 *\r
+IkeGenerateNonce (\r
+ IN UINTN NonceSize\r
+ );\r
+\r
+/**\r
+ Convert the IKE Header from Network order to Host order.\r
+\r
+ @param[in, out] Header The pointer of the IKE_HEADER.\r
+\r
+**/\r
+VOID\r
+IkeHdrNetToHost (\r
+ IN OUT IKE_HEADER *Header\r
+ );\r
+\r
+\r
+/**\r
+ Convert the IKE Header from Host order to Network order.\r
+\r
+ @param[in, out] Header The pointer of the IKE_HEADER.\r
+\r
+**/\r
+VOID\r
+IkeHdrHostToNet (\r
+ IN OUT IKE_HEADER *Header\r
+ );\r
+\r
+/**\r
+ Allocate a buffer of IKE_PAYLOAD and set its Signature.\r
+\r
+ @return A buffer of IKE_PAYLOAD.\r
+\r
+**/\r
+IKE_PAYLOAD *\r
+IkePayloadAlloc (\r
+ VOID\r
+ );\r
+\r
+/**\r
+ Free a specified IKE_PAYLOAD buffer.\r
+\r
+ @param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.\r
+\r
+**/\r
+VOID\r
+IkePayloadFree (\r
+ IN IKE_PAYLOAD *IkePayload\r
+ );\r
+\r
+/**\r
+ Generate an unused SPI\r
+\r
+ @return a SPI in 4 bytes.\r
+\r
+**/\r
+UINT32\r
+IkeGenerateSpi (\r
+ VOID\r
+ );\r
+\r
+/**\r
+ Generate a random data for IV\r
+\r
+ @param[in] IvBuffer The pointer of the IV buffer.\r
+ @param[in] IvSize The IV size.\r
+\r
+ @retval EFI_SUCCESS Create a random data for IV.\r
+ @retval otherwise Failed.\r
+\r
+**/\r
+EFI_STATUS\r
+IkeGenerateIv (\r
+ IN UINT8 *IvBuffer,\r
+ IN UINTN IvSize\r
+ );\r
+\r
+/**\r
+ Get the IKE Version from the IKE_SA_SESSION.\r
+\r
+ @param[in] Session Pointer of the IKE_SA_SESSION.\r
+\r
+**/\r
+UINT8\r
+IkeGetVersionFromSession (\r
+ IN UINT8 *Session\r
+ );\r
+\r
+/**
+ Find SPD entry by a specified SPD selector.
+
+ @param[in] SpdSel Point to SPD Selector to be searched for.\r
+
+ @retval Point to Spd Entry if the SPD entry found.
+ @retval NULL if not found.
+
+**/
+IPSEC_SPD_ENTRY *
+IkeSearchSpdEntry (\r
+ IN EFI_IPSEC_SPD_SELECTOR *SpdSel
+ );\r
+\r
+extern EFI_GUID mZeroGuid;\r
+extern MODP_GROUP OakleyModpGroup[];\r
+extern IKE_ALG_GUID_INFO mIPsecEncrAlgInfo[];\r
+extern IKE_ALG_GUID_INFO mIPsecAuthAlgInfo[];\r
+\r
+#endif\r
+\r
projects / mirror_edk2.git / blobdiff