}\r
\r
/**\r
- Print EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA content.\r
+ Print EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA2 content.\r
\r
@param[in] SaId The pointer to the EFI_IPSEC_SA_ID structure.\r
- @param[in] Data The pointer to the EFI_IPSEC_SA_DATA structure.\r
+ @param[in] Data The pointer to the EFI_IPSEC_SA_DATA2 structure.\r
@param[in] EntryIndex The pointer to the Index in the SAD Database.\r
\r
@retval EFI_SUCCESS Dump SAD information successfully.\r
EFI_STATUS\r
DumpSadEntry (\r
IN EFI_IPSEC_SA_ID *SaId,\r
- IN EFI_IPSEC_SA_DATA *Data,\r
+ IN EFI_IPSEC_SA_DATA2 *Data,\r
IN UINTN *EntryIndex\r
)\r
{\r
BOOLEAN HasPre;\r
- CHAR16 *String1;\r
- CHAR16 *String2;\r
+ CHAR16 *AuthAlgoStr;\r
+ CHAR16 *EncAlgoStr;\r
+ CHAR8 *AuthKeyAsciiStr;\r
+ CHAR8 *EncKeyAsciiStr;\r
+\r
+ AuthAlgoStr = NULL;\r
+ EncAlgoStr = NULL;\r
+ AuthKeyAsciiStr = NULL;\r
+ EncKeyAsciiStr = NULL;\r
\r
//\r
// SPI:1234 ESP Destination:xxx.xxx.xxx.xxx\r
\r
Print (L"%d.", (*EntryIndex)++);\r
Print (L"0x%x %s ", (UINTN) SaId->Spi, MapIntegerToString (SaId->Proto, mMapIpSecProtocol));\r
- Print (L"Destination:");\r
- DumpIpAddress (&SaId->DestAddress);\r
- Print (L"\n");\r
+ if (Data->Mode == EfiIPsecTunnel) {\r
+ Print (L"TunnelSourceAddress:");\r
+ DumpIpAddress (&Data->TunnelSourceAddress);\r
+ Print (L"\n");\r
+ Print (L"TunnelDestination:");\r
+ DumpIpAddress (&Data->TunnelDestinationAddress);\r
+ Print (L"\n");\r
+ }\r
\r
Print (\r
L" Mode:%s SeqNum:%lx AntiReplayWin:%d ",\r
Data->AlgoInfo.AhAlgoInfo.AuthKey\r
);\r
} else {\r
- String1 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.AuthAlgoId, mMapAuthAlgo);\r
- String2 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.EncAlgoId, mMapEncAlgo);\r
+ AuthAlgoStr = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.AuthAlgoId, mMapAuthAlgo);\r
+ EncAlgoStr = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.EncAlgoId, mMapEncAlgo);\r
+\r
+ AuthKeyAsciiStr = AllocateZeroPool (Data->AlgoInfo.EspAlgoInfo.AuthKeyLength + 1);\r
+ ASSERT (AuthKeyAsciiStr != NULL);\r
+ CopyMem (AuthKeyAsciiStr, Data->AlgoInfo.EspAlgoInfo.AuthKey, Data->AlgoInfo.EspAlgoInfo.AuthKeyLength);\r
+ AuthKeyAsciiStr[Data->AlgoInfo.EspAlgoInfo.AuthKeyLength] = '\0';\r
+\r
+ EncKeyAsciiStr = AllocateZeroPool (Data->AlgoInfo.EspAlgoInfo.EncKeyLength + 1);\r
+ ASSERT (EncKeyAsciiStr != NULL) ;\r
+ CopyMem (EncKeyAsciiStr, Data->AlgoInfo.EspAlgoInfo.EncKey, Data->AlgoInfo.EspAlgoInfo.EncKeyLength);\r
+ EncKeyAsciiStr[Data->AlgoInfo.EspAlgoInfo.EncKeyLength] = '\0';\r
+\r
Print (\r
- L" Auth:%s/%s Encrypt:%s/%s\n",\r
- String1,\r
- Data->AlgoInfo.EspAlgoInfo.AuthKey,\r
- String2,\r
- Data->AlgoInfo.EspAlgoInfo.EncKey\r
+ L" Auth:%s/%a Encrypt:%s/%a\n",\r
+ AuthAlgoStr, \r
+ AuthKeyAsciiStr,\r
+ EncAlgoStr,\r
+ EncKeyAsciiStr\r
);\r
+ \r
+ FreePool (AuthKeyAsciiStr);\r
+ FreePool (EncKeyAsciiStr);\r
}\r
\r
if (Data->SpdSelector != NULL) {\r
// --ipsec-proto\r
//\r
{ L"--spi", TypeValue },\r
- { L"--dest", TypeValue },\r
+ { L"--tunnel-dest", TypeValue },\r
+ { L"--tunnel-source", TypeValue },\r
{ L"--lookup-spi", TypeValue },\r
{ L"--lookup-ipsec-proto", TypeValue },\r
{ L"--lookup-dest", TypeValue },\r
// --ipsec-proto\r
//\r
{ L"--spi", 0, 0, BIT(1), 0 },\r
- { L"--dest", 0, 0, BIT(1), 0 },\r
+ { L"--tunnel-dest", 0, 0, BIT(1), 0 },\r
+ { L"--tunnel-source", 0, 0, BIT(1), 0 },\r
{ L"--lookup-spi", 0, 0, BIT(1), 0 },\r
{ L"--lookup-ipsec-proto", 0, 0, BIT(1), 0 },\r
{ L"--lookup-dest", 0, 0, BIT(1), 0 },\r
for (Node = GetFirstNode (ParamPackage); !IsNull (ParamPackage, Node); Node = GetNextNode (ParamPackage, Node)) {\r
if (((SHELL_PARAM_PACKAGE *) Node)->Name != NULL) {\r
//\r
- // Enumerate the check list that defines the conflicted attributes of each flag.\r
+ // Enumerate the check list that defines the conflicted attributes of each flag.\r
//\r
for (; Item->VarName != NULL; Item++) {\r
if (StrCmp (((SHELL_PARAM_PACKAGE *) Node)->Name, Item->VarName) == 0) {\r
}\r
\r
/**\r
- Fill in EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA through ParamPackage list.\r
+ Fill in EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA2 through ParamPackage list.\r
\r
@param[out] SaId The pointer to the EFI_IPSEC_SA_ID structure.\r
- @param[out] Data The pointer to the EFI_IPSEC_SA_DATA structure.\r
+ @param[out] Data The pointer to the EFI_IPSEC_SA_DATA2 structure.\r
@param[in] ParamPackage The pointer to the ParamPackage list.\r
@param[out] Mask The pointer to the Mask.\r
@param[in] CreateNew The switch to create new.\r
\r
- @retval EFI_SUCCESS Fill in EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA successfully.\r
+ @retval EFI_SUCCESS Fill in EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA2 successfully.\r
@retval EFI_INVALID_PARAMETER Invalid user input parameter.\r
\r
**/\r
EFI_STATUS\r
CreateSadEntry (\r
OUT EFI_IPSEC_SA_ID **SaId,\r
- OUT EFI_IPSEC_SA_DATA **Data,\r
+ OUT EFI_IPSEC_SA_DATA2 **Data,\r
IN LIST_ENTRY *ParamPackage,\r
OUT UINT32 *Mask,\r
IN BOOLEAN CreateNew\r
UINTN AuthKeyLength;\r
UINTN EncKeyLength;\r
CONST CHAR16 *ValueStr;\r
+ CHAR8 *AsciiStr;\r
UINTN DataSize;\r
\r
Status = EFI_SUCCESS;\r
}\r
\r
//\r
- // Convert user imput from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.\r
- //\r
- ValueStr = ShellCommandLineGetValue (ParamPackage, L"--dest");\r
- if (ValueStr != NULL) {\r
- Status = EfiInetAddr2 ((CHAR16 *) ValueStr, &(*SaId)->DestAddress);\r
- if (EFI_ERROR (Status)) {\r
- ShellPrintHiiEx (\r
- -1,\r
- -1,\r
- NULL,\r
- STRING_TOKEN (STR_IPSEC_CONFIG_INCORRECT_PARAMETER_VALUE),\r
- mHiiHandle,\r
- mAppName,\r
- L"--dest",\r
- ValueStr\r
- );\r
- ReturnStatus = EFI_INVALID_PARAMETER;\r
- } else {\r
- *Mask |= DEST;\r
- }\r
- }\r
-\r
- //\r
- // Convert user imput from string to integer, and fill in EFI_IPSEC_SA_DATA.\r
+ // Convert user imput from string to integer, and fill in EFI_IPSEC_SA_DATA2.\r
//\r
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--auth-key");\r
if (ValueStr != NULL) {\r
- AuthKeyLength = (StrLen (ValueStr) + 1) * sizeof (CHAR16);\r
+ AuthKeyLength = StrLen (ValueStr);\r
}\r
\r
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--encrypt-key");\r
if (ValueStr != NULL) {\r
- EncKeyLength = (StrLen (ValueStr) + 1) * sizeof (CHAR16);\r
+ EncKeyLength = StrLen (ValueStr);\r
}\r
\r
//\r
- // EFI_IPSEC_SA_DATA:\r
+ // EFI_IPSEC_SA_DATA2:\r
// +------------\r
- // | EFI_IPSEC_SA_DATA\r
+ // | EFI_IPSEC_SA_DATA2\r
// +-----------------------\r
// | AuthKey\r
// +-------------------------\r
//\r
// Notes: To make sure the address alignment add padding after each data if needed.\r
//\r
- DataSize = ALIGN_VARIABLE (sizeof (EFI_IPSEC_SA_DATA));\r
+ DataSize = ALIGN_VARIABLE (sizeof (EFI_IPSEC_SA_DATA2));\r
DataSize = ALIGN_VARIABLE (DataSize + AuthKeyLength);\r
DataSize = ALIGN_VARIABLE (DataSize + EncKeyLength);\r
DataSize = ALIGN_VARIABLE (DataSize + sizeof (EFI_IPSEC_SPD_SELECTOR));\r
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--encrypt-key");\r
if (ValueStr != NULL ) {\r
(*Data)->AlgoInfo.EspAlgoInfo.EncKeyLength = EncKeyLength;\r
- CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.EncKey, ValueStr, EncKeyLength);\r
+ AsciiStr = AllocateZeroPool (EncKeyLength + 1);\r
+ UnicodeStrToAsciiStr (ValueStr, AsciiStr);\r
+ CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.EncKey, AsciiStr, EncKeyLength);\r
+ FreePool (AsciiStr);\r
*Mask |= ENCRYPT_KEY;\r
} else {\r
(*Data)->AlgoInfo.EspAlgoInfo.EncKey = NULL;\r
ValueStr = ShellCommandLineGetValue (ParamPackage, L"--auth-key");\r
if (ValueStr != NULL) {\r
(*Data)->AlgoInfo.EspAlgoInfo.AuthKeyLength = AuthKeyLength;\r
- CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.AuthKey, ValueStr, AuthKeyLength);\r
+ AsciiStr = AllocateZeroPool (AuthKeyLength + 1);\r
+ UnicodeStrToAsciiStr (ValueStr, AsciiStr);\r
+ CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.AuthKey, AsciiStr, AuthKeyLength);\r
+ FreePool (AsciiStr);\r
*Mask |= AUTH_KEY;\r
} else {\r
(*Data)->AlgoInfo.EspAlgoInfo.AuthKey = NULL;\r
ReturnStatus = EFI_INVALID_PARAMETER;\r
}\r
\r
+ //\r
+ // Convert user imput from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.\r
+ //\r
+ ValueStr = ShellCommandLineGetValue (ParamPackage, L"--tunnel-dest");\r
+ if (ValueStr != NULL) {\r
+ Status = EfiInetAddr2 ((CHAR16 *) ValueStr, &(*Data)->TunnelDestinationAddress);\r
+ if (EFI_ERROR (Status)) {\r
+ ShellPrintHiiEx (\r
+ -1,\r
+ -1,\r
+ NULL,\r
+ STRING_TOKEN (STR_IPSEC_CONFIG_INCORRECT_PARAMETER_VALUE),\r
+ mHiiHandle,\r
+ mAppName,\r
+ L"--tunnel-dest",\r
+ ValueStr\r
+ );\r
+ ReturnStatus = EFI_INVALID_PARAMETER;\r
+ } else {\r
+ *Mask |= DEST;\r
+ }\r
+ }\r
+\r
+ //\r
+ // Convert user imput from string to integer, and fill in the DestAddress in EFI_IPSEC_SA_ID.\r
+ //\r
+ ValueStr = ShellCommandLineGetValue (ParamPackage, L"--tunnel-source");\r
+ if (ValueStr != NULL) {\r
+ Status = EfiInetAddr2 ((CHAR16 *) ValueStr, &(*Data)->TunnelSourceAddress);\r
+ if (EFI_ERROR (Status)) {\r
+ ShellPrintHiiEx (\r
+ -1,\r
+ -1,\r
+ NULL,\r
+ STRING_TOKEN (STR_IPSEC_CONFIG_INCORRECT_PARAMETER_VALUE),\r
+ mHiiHandle,\r
+ mAppName,\r
+ L"--tunnel-source",\r
+ ValueStr\r
+ );\r
+ ReturnStatus = EFI_INVALID_PARAMETER;\r
+ } else {\r
+ *Mask |= SOURCE;\r
+ }\r
+ }\r
ReturnStatus = CreateSpdSelector ((*Data)->SpdSelector, ParamPackage, Mask);\r
\r
if (CreateNew) {\r
- if ((*Mask & (SPI | IPSEC_PROTO | DEST)) != (SPI | IPSEC_PROTO | DEST)) {\r
+ if ((*Mask & (SPI | IPSEC_PROTO )) != (SPI | IPSEC_PROTO )) {\r
ShellPrintHiiEx (\r
-1,\r
-1,\r
(*Data)->AuthData = NULL;\r
} else {\r
DataLength = AuthDataLength;\r
- Status = ShellReadFile (FileHandle, &DataLength, (*Data)->AuthData);\r
+ Status = ShellReadFile (FileHandle, &DataLength, (*Data)->AuthData);\r
ShellCloseFile (&FileHandle);\r
if (EFI_ERROR (Status)) {\r
ShellPrintHiiEx (\r
Combine old SAD entry with new SAD entry.\r
\r
@param[in, out] OldSaId The pointer to the EFI_IPSEC_SA_ID structure.\r
- @param[in, out] OldData The pointer to the EFI_IPSEC_SA_DATA structure.\r
+ @param[in, out] OldData The pointer to the EFI_IPSEC_SA_DATA2 structure.\r
@param[in] NewSaId The pointer to the EFI_IPSEC_SA_ID structure.\r
- @param[in] NewData The pointer to the EFI_IPSEC_SA_DATA structure.\r
+ @param[in] NewData The pointer to the EFI_IPSEC_SA_DATA2 structure.\r
@param[in] Mask The pointer to the Mask.\r
@param[out] CreateNew The switch to create new.\r
\r
EFI_STATUS\r
CombineSadEntry (\r
IN OUT EFI_IPSEC_SA_ID *OldSaId,\r
- IN OUT EFI_IPSEC_SA_DATA *OldData,\r
+ IN OUT EFI_IPSEC_SA_DATA2 *OldData,\r
IN EFI_IPSEC_SA_ID *NewSaId,\r
- IN EFI_IPSEC_SA_DATA *NewData,\r
+ IN EFI_IPSEC_SA_DATA2 *NewData,\r
IN UINT32 Mask,\r
OUT BOOLEAN *CreateNew\r
)\r
}\r
\r
if ((Mask & DEST) == 0) {\r
- CopyMem (&NewSaId->DestAddress, &OldSaId->DestAddress, sizeof (EFI_IP_ADDRESS));\r
- } else if (CompareMem (&NewSaId->DestAddress, &OldSaId->DestAddress, sizeof (EFI_IP_ADDRESS)) != 0) {\r
+ CopyMem (&NewData->TunnelDestinationAddress, &OldData->TunnelDestinationAddress, sizeof (EFI_IP_ADDRESS));\r
+ } else if (CompareMem (&NewData->TunnelDestinationAddress, &OldData->TunnelDestinationAddress, sizeof (EFI_IP_ADDRESS)) != 0) {\r
*CreateNew = TRUE;\r
}\r
\r
+ if ((Mask & SOURCE) == 0) {\r
+ CopyMem (&NewData->TunnelSourceAddress, &OldData->TunnelSourceAddress, sizeof (EFI_IP_ADDRESS));\r
+ } else if (CompareMem (&NewData->TunnelSourceAddress, &OldData->TunnelSourceAddress, sizeof (EFI_IP_ADDRESS)) != 0) {\r
+ *CreateNew = TRUE;\r
+ }\r
//\r
// Process SA_DATA.\r
//\r