+++ /dev/null
-/** @file\r
- IKEv2 related definitions.\r
-\r
- Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>\r
-\r
- SPDX-License-Identifier: BSD-2-Clause-Patent\r
-\r
-**/\r
-#ifndef _IKE_V2_H_\r
-#define _IKE_V2_H_\r
-\r
-#include "Ike.h"\r
-#include "Payload.h"\r
-\r
-#define IKEV2_TS_ANY_PORT 0xffff\r
-#define IKEV2_TS_ANY_PROTOCOL 0\r
-\r
-#define IKEV2_DELET_CHILDSA_LIST 0\r
-#define IKEV2_ESTABLISHING_CHILDSA_LIST 1\r
-#define IKEV2_ESTABLISHED_CHILDSA_LIST 2\r
-\r
-#define IKEV2_SA_SESSION_SIGNATURE SIGNATURE_32 ('I', 'K', 'E', 'I')\r
-#define IKEV2_SA_SESSION_FROM_COMMON(a) CR (a, IKEV2_SA_SESSION, SessionCommon, IKEV2_SA_SESSION_SIGNATURE)\r
-#define IKEV2_SA_SESSION_BY_SESSION(a) CR (a, IKEV2_SA_SESSION, BySessionTable, IKEV2_SA_SESSION_SIGNATURE)\r
-#define IKEV2_SA_SESSION_BY_ESTABLISHED(a) CR (a, IKEV2_SA_SESSION, ByEstablishedTable, IKEV2_SA_SESSION_SIGNATURE)\r
-\r
-#define IKEV2_CHILD_SA_SESSION_SIGNATURE SIGNATURE_32 ('I', 'K', 'E', 'C')\r
-#define IKEV2_CHILD_SA_SESSION_FROM_COMMON(a) CR (a, IKEV2_CHILD_SA_SESSION, SessionCommon, IKEV2_CHILD_SA_SESSION_SIGNATURE)\r
-#define IKEV2_CHILD_SA_SESSION_BY_IKE_SA(a) CR (a, IKEV2_CHILD_SA_SESSION, ByIkeSa, IKEV2_CHILD_SA_SESSION_SIGNATURE)\r
-#define IKEV2_CHILD_SA_SESSION_BY_DEL_SA(a) CR (a, IKEV2_CHILD_SA_SESSION, ByDelete, IKEV2_CHILD_SA_SESSION_SIGNATURE)\r
-\r
-#define IS_IKEV2_SA_SESSION(s) ((s)->Common.IkeSessionType == IkeSessionTypeIkeSa)\r
-#define IKEV2_SA_FIRST_PROPOSAL(Sa) (IKEV2_PROPOSAL *)((IKEV2_SA *)(Sa)+1)\r
-#define IKEV2_NEXT_TRANSFORM_WITH_SIZE(Transform,TransformSize) \\r
- (IKEV2_TRANSFORM *) ((UINT8 *)(Transform) + (TransformSize))\r
-\r
-#define IKEV2_NEXT_PROPOSAL_WITH_SIZE(Proposal, ProposalSize) \\r
- (IKEV2_PROPOSAL *) ((UINT8 *)(Proposal) + (ProposalSize))\r
-\r
-#define IKEV2_PROPOSAL_FIRST_TRANSFORM(Proposal) \\r
- (IKEV2_TRANSFORM *)((UINT8 *)((IKEV2_PROPOSAL *)(Proposal)+1) + \\r
- (((IKEV2_PROPOSAL *)(Proposal))->SpiSize))\r
-#define IKEV2_PROPOSAL_FIRST_TRANSFORM(Proposal) \\r
- (IKEV2_TRANSFORM *)((UINT8 *)((IKEV2_PROPOSAL *)(Proposal)+1) + \\r
- (((IKEV2_PROPOSAL *)(Proposal))->SpiSize))\r
-\r
-typedef enum {\r
- IkeStateInit,\r
- IkeStateAuth,\r
- IkeStateIkeSaEstablished,\r
- IkeStateCreateChild,\r
- IkeStateSaRekeying,\r
- IkeStateChildSaEstablished,\r
- IkeStateSaDeleting,\r
- IkeStateMaximum\r
-} IKEV2_SESSION_STATE;\r
-\r
-typedef enum {\r
- IkeRequestTypeCreateChildSa,\r
- IkeRequestTypeRekeyChildSa,\r
- IkeRequestTypeRekeyIkeSa,\r
- IkeRequestTypeMaximum\r
-} IKEV2_CREATE_CHILD_REQUEST_TYPE;\r
-\r
-typedef struct {\r
- UINT8 *GxBuffer;\r
- UINTN GxSize;\r
- UINT8 *GyBuffer;\r
- UINTN GySize;\r
- UINT8 *GxyBuffer;\r
- UINTN GxySize;\r
- UINT8 *DhContext;\r
-} IKEV2_DH_BUFFER;\r
-\r
-typedef struct {\r
- IKEV2_DH_BUFFER *DhBuffer;\r
- UINT8 *SkdKey;\r
- UINTN SkdKeySize;\r
- UINT8 *SkAiKey;\r
- UINTN SkAiKeySize;\r
- UINT8 *SkArKey;\r
- UINTN SkArKeySize;\r
- UINT8 *SkEiKey;\r
- UINTN SkEiKeySize;\r
- UINT8 *SkErKey;\r
- UINTN SkErKeySize;\r
- UINT8 *SkPiKey;\r
- UINTN SkPiKeySize;\r
- UINT8 *SkPrKey;\r
- UINTN SkPrKeySize;\r
-} IKEV2_SESSION_KEYS;\r
-\r
-typedef struct {\r
- UINT16 LifeType;\r
- UINT64 LifeDuration;\r
- UINT16 EncAlgId;\r
- UINTN EnckeyLen;\r
- UINT16 Prf;\r
- UINT16 IntegAlgId;\r
- UINTN IntegKeyLen;\r
- UINT16 DhGroup;\r
- UINT8 ExtSeq;\r
-} IKEV2_SA_PARAMS;\r
-\r
-//\r
-// Internal Payload\r
-//\r
-typedef struct {\r
- IKEV2_SA SaHeader;\r
- UINTN NumProposals;\r
- //\r
- // IKE_PROPOSAL_DATA Proposals[1];\r
- //\r
-} IKEV2_SA_DATA;\r
-\r
-typedef struct {\r
- UINT8 ProposalIndex;\r
- UINT8 ProtocolId;\r
- UINT8 *Spi;\r
- UINT8 NumTransforms;\r
- //\r
- // IKE_TRANSFORM_DATA Transforms[1];\r
- //\r
-} IKEV2_PROPOSAL_DATA;\r
-\r
-typedef struct {\r
- UINT8 TransformIndex;\r
- UINT8 TransformType;\r
- UINT16 TransformId;\r
- IKE_SA_ATTRIBUTE Attribute;\r
-} IKEV2_TRANSFORM_DATA;\r
-\r
-typedef struct {\r
- UINT8 IkeVer;\r
- IKE_SESSION_TYPE IkeSessionType;\r
- BOOLEAN IsInitiator;\r
- BOOLEAN IsOnDeleting; // Flag to indicate whether the SA is on deleting.\r
- IKEV2_SESSION_STATE State;\r
- EFI_EVENT TimeoutEvent;\r
- UINT64 TimeoutInterval;\r
- UINTN RetryCount;\r
- IKE_PACKET *LastSentPacket;\r
- IKEV2_SA_PARAMS *SaParams;\r
- UINT16 PreferDhGroup;\r
- EFI_IP_ADDRESS RemotePeerIp;\r
- EFI_IP_ADDRESS LocalPeerIp;\r
- IKE_ON_PAYLOAD_FROM_NET BeforeDecodePayload;\r
- IKE_ON_PAYLOAD_FROM_NET AfterEncodePayload;\r
- IKE_UDP_SERVICE *UdpService;\r
- IPSEC_PRIVATE_DATA *Private;\r
-} IKEV2_SESSION_COMMON;\r
-\r
-typedef struct {\r
- UINT32 Signature;\r
- IKEV2_SESSION_COMMON SessionCommon;\r
- UINT64 InitiatorCookie;\r
- UINT64 ResponderCookie;\r
- //\r
- // Initiator: SA proposals to be sent\r
- // Responder: SA proposals to be matched\r
- //\r
- IKEV2_SA_DATA *SaData; // SA Private struct used for SA payload generation\r
- IKEV2_SESSION_KEYS *IkeKeys;\r
- UINT8 *NiBlock;\r
- UINTN NiBlkSize;\r
- UINT8 *NrBlock;\r
- UINTN NrBlkSize;\r
- UINT8 *NCookie; // Buffer Contains the Notify Cookie\r
- UINTN NCookieSize; // Size of NCookie\r
- IPSEC_PAD_ENTRY *Pad;\r
- IPSEC_SPD_ENTRY *Spd; // SPD that requested the negotiation, TODO: better use SPD selector\r
- LIST_ENTRY ChildSaSessionList;\r
- LIST_ENTRY ChildSaEstablishSessionList; // For Establish Child SA.\r
- LIST_ENTRY InfoMIDList; // For Information MID\r
- LIST_ENTRY DeleteSaList; // For deteling Child SA.\r
- UINT8 *InitPacket;\r
- UINTN InitPacketSize;\r
- UINT8 *RespPacket;\r
- UINTN RespPacketSize;\r
- UINT32 MessageId;\r
- LIST_ENTRY BySessionTable; // Use for all IkeSaSession Links\r
-} IKEV2_SA_SESSION;\r
-\r
-typedef struct {\r
- UINT32 Signature;\r
- IKEV2_SESSION_COMMON SessionCommon;\r
- IKEV2_SA_SESSION *IkeSaSession;\r
- UINT32 MessageId;\r
- IKEV2_SA_DATA *SaData;\r
- UINT8 IpsecProtocol;\r
- UINT32 LocalPeerSpi;\r
- UINT32 RemotePeerSpi;\r
- UINT8 *NiBlock;\r
- UINTN NiBlkSize;\r
- UINT8 *NrBlock;\r
- UINTN NrBlkSize;\r
- SA_KEYMATS ChildKeymats;\r
- IKEV2_DH_BUFFER *DhBuffer; //New DH exchnaged by CREATE_CHILD_SA\r
- IPSEC_SPD_ENTRY *Spd;\r
- EFI_IPSEC_SPD_SELECTOR *SpdSelector;\r
- UINT16 ProtoId;\r
- UINT16 RemotePort;\r
- UINT16 LocalPort;\r
- LIST_ENTRY ByIkeSa;\r
- LIST_ENTRY ByDelete;\r
-} IKEV2_CHILD_SA_SESSION;\r
-\r
-typedef enum {\r
- Ikev2InfoNotify,\r
- Ikev2InfoDelete,\r
- Ikev2InfoLiveCheck\r
-} IKEV2_INFO_TYPE;\r
-\r
-//\r
-// This struct is used to pass the detail infromation to the InfoGenerator() for\r
-// the response Information Exchange Message creatation.\r
-//\r
-typedef struct {\r
- UINT32 MessageId;\r
- IKEV2_INFO_TYPE InfoType;\r
-} IKEV2_INFO_EXCHANGE_CONTEXT;\r
-\r
-typedef struct {\r
- UINTN DataSize;\r
- UINT8 *Data;\r
-} PRF_DATA_FRAGMENT;\r
-\r
-typedef\r
-IKE_PACKET *\r
-(*IKEV2_PACKET_GENERATOR) (\r
- IN UINT8 *SaSession,\r
- IN VOID *Context\r
-);\r
-\r
-typedef\r
-EFI_STATUS\r
-(*IKEV2_PACKET_PARSER) (\r
- IN UINT8 *SaSession,\r
- IN IKE_PACKET *IkePacket\r
-);\r
-\r
-typedef struct {\r
- IKEV2_PACKET_PARSER Parser;\r
- IKEV2_PACKET_GENERATOR Generator;\r
-} IKEV2_PACKET_HANDLER;\r
-\r
-extern IKEV2_PACKET_HANDLER mIkev2Initial[][2];\r
-extern IKEV2_PACKET_HANDLER mIkev2CreateChild;\r
-extern IKEV2_PACKET_HANDLER mIkev2Info;\r
-\r
-#endif\r
-\r
projects / mirror_edk2.git / blobdiff