+++ /dev/null
-/** @file\r
- The Interfaces of IPsec debug information printing.\r
-\r
- Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
-\r
- SPDX-License-Identifier: BSD-2-Clause-Patent\r
-\r
-**/\r
-\r
-#include "IpSecImpl.h"\r
-#include "IpSecDebug.h"\r
-\r
-//\r
-// The print title for IKEv1 variety phase.\r
-//\r
-CHAR8 *mIkev1StateStr[IKE_STATE_NUM] = {\r
- "IKEv1_MAIN_1",\r
- "IKEv1_MAIN_2",\r
- "IKEv1_MAIN_3",\r
- "IKEv1_MAIN_ESTABLISHED",\r
- "IKEv1_QUICK_1",\r
- "IKEv1_QUICK_2",\r
- "IKEv1_QUICK_ESTABLISHED"\r
-};\r
-\r
-//\r
-// The print title for IKEv2 variety phase.\r
-//\r
-CHAR8 *mIkev2StateStr[IKE_STATE_NUM] = {\r
- "IKEv2_STATE_INIT",\r
- "IKEv2_STATE_AUTH",\r
- "IKEv2_STATE_SA_ESTABLISH",\r
- "IKEv2_STATE_CREATE_CHILD",\r
- "IKEv2_STATE_SA_REKEYING",\r
- "IKEv2_STATE_CHILD_SA_ESTABLISHED",\r
- "IKEv2_STATE_SA_DELETING"\r
-};\r
-\r
-//\r
-// The print title for IKEv1 variety Exchagne.\r
-//\r
-CHAR8 *mExchangeStr[] = {\r
- "IKEv1 Main Exchange",\r
- "IKEv1 Info Exchange",\r
- "IKEv1 Quick Exchange",\r
- "IKEv2 Initial Exchange",\r
- "IKEv2 Auth Exchange",\r
- "IKEv2 Create Child Exchange",\r
- "IKEv2 Info Exchange",\r
- "IKE Unknow Exchange"\r
-};\r
-\r
-//\r
-// The print title for IKEv1 variety Payload.\r
-//\r
-CHAR8 *mIkev1PayloadStr[] = {\r
- "IKEv1 None Payload",\r
- "IKEv1 SA Payload",\r
- "IKEv1 Proposal Payload",\r
- "IKEv1 Transform Payload",\r
- "IKEv1 KE Payload",\r
- "IKEv1 ID Payload",\r
- "IKEv1 Certificate Payload",\r
- "IKEv1 Certificate Request Payload",\r
- "IKEv1 Hash Payload",\r
- "IKEv1 Signature Payload",\r
- "IKEv1 Nonce Payload",\r
- "IKEv1 Notify Payload",\r
- "IKEv1 Delete Payload",\r
- "IKEv1 Vendor Payload"\r
-};\r
-\r
-//\r
-// The print title for IKEv2 variety Payload.\r
-//\r
-CHAR8* mIkev2PayloadStr[] = {\r
- "IKEv2 SA Payload",\r
- "IKEv2 Key Payload",\r
- "IKEv2 Identity Initial Payload",\r
- "IKEv2 Identity Respond Payload",\r
- "IKEv2 Certificate Payload",\r
- "IKEv2 Certificate Request Payload",\r
- "IKEv2 Auth Payload",\r
- "IKEv2 Nonce Payload",\r
- "IKEv2 Notify Payload",\r
- "IKEv2 Delet Payload",\r
- "IKEv2 Vendor Payload",\r
- "IKEv2 Traffic Selector Initiator Payload",\r
- "IKEv2 Traffic Selector Respond Payload",\r
- "IKEv2 Encrypt Payload",\r
- "IKEv2 Configuration Payload",\r
- "IKEv2 Extensible Authentication Payload"\r
-};\r
-\r
-/**\r
- Print the IP address.\r
-\r
- @param[in] Level Debug print error level. Pass to DEBUG().\r
- @param[in] Ip Point to a specified IP address.\r
- @param[in] IpVersion The IP Version.\r
-\r
-**/\r
-VOID\r
-IpSecDumpAddress (\r
- IN UINTN Level,\r
- IN EFI_IP_ADDRESS *Ip,\r
- IN UINT8 IpVersion\r
- )\r
-{\r
- if (IpVersion == IP_VERSION_6) {\r
- DEBUG (\r
- (Level,\r
- "%x%x:%x%x:%x%x:%x%x",\r
- Ip->v6.Addr[0],\r
- Ip->v6.Addr[1],\r
- Ip->v6.Addr[2],\r
- Ip->v6.Addr[3],\r
- Ip->v6.Addr[4],\r
- Ip->v6.Addr[5],\r
- Ip->v6.Addr[6],\r
- Ip->v6.Addr[7])\r
- );\r
- DEBUG (\r
- (Level,\r
- ":%x%x:%x%x:%x%x:%x%x\n",\r
- Ip->v6.Addr[8],\r
- Ip->v6.Addr[9],\r
- Ip->v6.Addr[10],\r
- Ip->v6.Addr[11],\r
- Ip->v6.Addr[12],\r
- Ip->v6.Addr[13],\r
- Ip->v6.Addr[14],\r
- Ip->v6.Addr[15])\r
- );\r
- } else {\r
- DEBUG (\r
- (Level,\r
- "%d.%d.%d.%d\n",\r
- Ip->v4.Addr[0],\r
- Ip->v4.Addr[1],\r
- Ip->v4.Addr[2],\r
- Ip->v4.Addr[3])\r
- );\r
- }\r
-\r
-}\r
-\r
-/**\r
- Print IKE Current states.\r
-\r
- @param[in] Previous The Previous state of IKE.\r
- @param[in] Current The current state of IKE.\r
- @param[in] IkeVersion The version of IKE.\r
-\r
-**/\r
-VOID\r
-IkeDumpState (\r
- IN UINT32 Previous,\r
- IN UINT32 Current,\r
- IN UINT8 IkeVersion\r
- )\r
-{\r
- if (Previous >= IKE_STATE_NUM || Current >= IKE_STATE_NUM) {\r
- return;\r
- }\r
-\r
- if (Previous == Current) {\r
- if (IkeVersion == 1) {\r
- DEBUG ((DEBUG_INFO, "\n****Current state is %a\n", mIkev1StateStr[Previous]));\r
- } else if (IkeVersion == 2) {\r
- DEBUG ((DEBUG_INFO, "\n****Current state is %a\n", mIkev2StateStr[Previous]));\r
- }\r
- } else {\r
- if (IkeVersion == 1) {\r
- DEBUG ((DEBUG_INFO, "\n****Change state from %a to %a\n", mIkev1StateStr[Previous], mIkev1StateStr[Current]));\r
- } else {\r
- DEBUG ((DEBUG_INFO, "\n****Change state from %a to %a\n", mIkev2StateStr[Previous], mIkev2StateStr[Current]));\r
- }\r
- }\r
-}\r
-\r
-/**\r
- Print the IKE Packet.\r
-\r
- @param[in] Packet Point to IKE packet to be printed.\r
- @param[in] Direction Point to the IKE packet is inbound or outbound.\r
- @param[in] IpVersion Specified IP Version.\r
-\r
-**/\r
-VOID\r
-IpSecDumpPacket (\r
- IN IKE_PACKET *Packet,\r
- IN EFI_IPSEC_TRAFFIC_DIR Direction,\r
- IN UINT8 IpVersion\r
- )\r
-{\r
- CHAR8 *TypeStr;\r
- UINTN PacketSize;\r
- UINT64 InitCookie;\r
- UINT64 RespCookie;\r
-\r
- ASSERT (Packet != NULL);\r
-\r
- PacketSize = Packet->PayloadTotalSize + sizeof (IKE_HEADER);\r
- InitCookie = (Direction == EfiIPsecOutBound) ? HTONLL (Packet->Header->InitiatorCookie) : Packet->Header->InitiatorCookie;\r
- RespCookie = (Direction == EfiIPsecOutBound) ? HTONLL (Packet->Header->ResponderCookie) : Packet->Header->ResponderCookie;\r
-\r
- switch (Packet->Header->ExchangeType) {\r
- case IKE_XCG_TYPE_IDENTITY_PROTECT:\r
- TypeStr = mExchangeStr[0];\r
- break;\r
-\r
- case IKE_XCG_TYPE_INFO:\r
- TypeStr = mExchangeStr[1];\r
- break;\r
-\r
- case IKE_XCG_TYPE_QM:\r
- TypeStr = mExchangeStr[2];\r
- break;\r
-\r
- case IKE_XCG_TYPE_SA_INIT:\r
- TypeStr = mExchangeStr[3];\r
- break;\r
-\r
- case IKE_XCG_TYPE_AUTH:\r
- TypeStr = mExchangeStr[4];\r
- break;\r
-\r
- case IKE_XCG_TYPE_CREATE_CHILD_SA:\r
- TypeStr = mExchangeStr[5];\r
- break;\r
-\r
- case IKE_XCG_TYPE_INFO2:\r
- TypeStr = mExchangeStr[6];\r
- break;\r
-\r
- default:\r
- TypeStr = mExchangeStr[7];\r
- break;\r
- }\r
-\r
- if (Direction == EfiIPsecOutBound) {\r
- DEBUG ((DEBUG_INFO, "\n>>>Sending %d bytes %a to ", PacketSize, TypeStr));\r
- } else {\r
- DEBUG ((DEBUG_INFO, "\n>>>Receiving %d bytes %a from ", PacketSize, TypeStr));\r
- }\r
-\r
- IpSecDumpAddress (DEBUG_INFO, &Packet->RemotePeerIp, IpVersion);\r
-\r
- DEBUG ((DEBUG_INFO, " InitiatorCookie:0x%lx ResponderCookie:0x%lx\n", InitCookie, RespCookie));\r
- DEBUG (\r
- (DEBUG_INFO,\r
- " Version: 0x%x Flags:0x%x ExchangeType:0x%x\n",\r
- Packet->Header->Version,\r
- Packet->Header->Flags,\r
- Packet->Header->ExchangeType)\r
- );\r
- DEBUG (\r
- (DEBUG_INFO,\r
- " MessageId:0x%x NextPayload:0x%x\n",\r
- Packet->Header->MessageId,\r
- Packet->Header->NextPayload)\r
- );\r
-\r
-}\r
-\r
-/**\r
- Print the IKE Paylolad.\r
-\r
- @param[in] IkePayload Point to payload to be printed.\r
- @param[in] IkeVersion The specified version of IKE.\r
-\r
-**/\r
-VOID\r
-IpSecDumpPayload (\r
- IN IKE_PAYLOAD *IkePayload,\r
- IN UINT8 IkeVersion\r
- )\r
-{\r
- if (IkeVersion == 1) {\r
- DEBUG ((DEBUG_INFO, "+%a\n", mIkev1PayloadStr[IkePayload->PayloadType]));\r
- } else {\r
- //\r
- // For IKEV2 the first Payload type is started from 33.\r
- //\r
- DEBUG ((DEBUG_INFO, "+%a\n", mIkev2PayloadStr[IkePayload->PayloadType - 33]));\r
- }\r
- IpSecDumpBuf ("Payload data", IkePayload->PayloadBuf, IkePayload->PayloadSize);\r
-}\r
-\r
-/**\r
- Print the buffer in form of Hex.\r
-\r
- @param[in] Title The strings to be printed before the data of the buffer.\r
- @param[in] Data Points to buffer to be printed.\r
- @param[in] DataSize The size of the buffer to be printed.\r
-\r
-**/\r
-VOID\r
-IpSecDumpBuf (\r
- IN CHAR8 *Title,\r
- IN UINT8 *Data,\r
- IN UINTN DataSize\r
- )\r
-{\r
- UINTN Index;\r
- UINTN DataIndex;\r
- UINTN BytesRemaining;\r
- UINTN BytesToPrint;\r
-\r
- DataIndex = 0;\r
- BytesRemaining = DataSize;\r
-\r
- DEBUG ((DEBUG_INFO, "==%a %d bytes==\n", Title, DataSize));\r
-\r
- while (BytesRemaining > 0) {\r
-\r
- BytesToPrint = (BytesRemaining > IPSEC_DEBUG_BYTE_PER_LINE) ? IPSEC_DEBUG_BYTE_PER_LINE : BytesRemaining;\r
-\r
- for (Index = 0; Index < BytesToPrint; Index++) {\r
- DEBUG ((DEBUG_INFO, " 0x%02x,", Data[DataIndex++]));\r
- }\r
-\r
- DEBUG ((DEBUG_INFO, "\n"));\r
- BytesRemaining -= BytesToPrint;\r
- }\r
-\r
-}\r