Home | History | Annotate | Download | only in IpSecDxe 
      1 /** @file
      2   Common operation of the IKE.
      3 
      4   Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
      5 
      6   This program and the accompanying materials
      7   are licensed and made available under the terms and conditions of the BSD License
      8   which accompanies this distribution.  The full text of the license may be found at
      9   http://opensource.org/licenses/bsd-license.php.
     10 
     11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     13 
     14 **/
     15 
     16 #ifndef _IKE_COMMON_H_
     17 #define _IKE_COMMON_H_
     18 
     19 #include <Protocol/Udp4.h>
     20 #include <Protocol/Udp6.h>
     21 #include <Protocol/Ip4Config2.h>
     22 
     23 #include <Library/BaseLib.h>
     24 #include <Library/BaseMemoryLib.h>
     25 #include <Library/MemoryAllocationLib.h>
     26 #include <Library/UefiRuntimeServicesTableLib.h>
     27 #include <Library/UefiBootServicesTableLib.h>
     28 #include <Library/DebugLib.h>
     29 #include <Library/UdpIoLib.h>
     30 #include <Library/BaseCryptLib.h>
     31 
     32 #include "Ikev2/Ikev2.h"
     33 #include "IpSecImpl.h"
     34 #include "IkePacket.h"
     35 #include "IpSecCryptIo.h"
     36 
     37 
     38 #define IKE_DEFAULT_PORT              500
     39 #define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s
     40 #define IKE_NONCE_SIZE                16
     41 #define IKE_MAX_RETRY                 4
     42 #define IKE_SPI_BASE                  0x100
     43 #define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')
     44 #define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)
     45 
     46 
     47 #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \
     48   do {                                                                  \
     49     InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \
     50   } while (0)
     51 
     52 #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \
     53   do {                                                                  \
     54     RemoveEntryList(&(IkePayload)->ByPacket);                           \
     55   } while (0)
     56 
     57 #define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \
     58   Node = GetFirstNode (&(IkePacket)->PayloadList);                      \
     59   while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \
     60     Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \
     61   }                                                                     \
     62 
     63 /**
     64   Call Crypto Lib to generate a random value with eight-octet length.
     65 
     66   @return the 64 byte vaule.
     67 
     68 **/
     69 UINT64
     70 IkeGenerateCookie (
     71   VOID
     72   );
     73 
     74 /**
     75   Generate the random data for Nonce payload.
     76 
     77   @param[in]  NonceSize      Size of the data in bytes.
     78 
     79   @return Buffer which contains the random data of the spcified size.
     80 
     81 **/
     82 UINT8 *
     83 IkeGenerateNonce (
     84   IN UINTN              NonceSize
     85   );
     86 
     87 /**
     88   Convert the IKE Header from Network order to Host order.
     89 
     90   @param[in, out]  Header    The pointer of the IKE_HEADER.
     91 
     92 **/
     93 VOID
     94 IkeHdrNetToHost (
     95   IN OUT IKE_HEADER *Header
     96   );
     97 
     98 
     99 /**
    100   Convert the IKE Header from Host order to Network order.
    101 
    102   @param[in, out] Header     The pointer of the IKE_HEADER.
    103 
    104 **/
    105 VOID
    106 IkeHdrHostToNet (
    107   IN OUT IKE_HEADER *Header
    108   );
    109 
    110 /**
    111   Allocate a buffer of IKE_PAYLOAD and set its Signature.
    112 
    113   @return A buffer of IKE_PAYLOAD.
    114 
    115 **/
    116 IKE_PAYLOAD *
    117 IkePayloadAlloc (
    118   VOID
    119   );
    120 
    121 /**
    122   Free a specified IKE_PAYLOAD buffer.
    123 
    124   @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.
    125 
    126 **/
    127 VOID
    128 IkePayloadFree (
    129   IN IKE_PAYLOAD *IkePayload
    130   );
    131 
    132 /**
    133   Generate an new SPI.
    134 
    135   @param[in]       IkeSaSession   Pointer to IKEV2_SA_SESSION related to this Child SA
    136                                   Session.
    137   @param[in, out]  SpiValue       Pointer to the new generated SPI value.
    138 
    139   @retval EFI_SUCCESS         The operation performs successfully.
    140   @retval Otherwise           The operation is failed.
    141 
    142 **/
    143 EFI_STATUS
    144 IkeGenerateSpi (
    145   IN     IKEV2_SA_SESSION         *IkeSaSession,
    146   IN OUT UINT32                   *SpiValue
    147   );
    148 
    149 /**
    150   Generate a random data for IV
    151 
    152   @param[in]  IvBuffer  The pointer of the IV buffer.
    153   @param[in]  IvSize    The IV size.
    154 
    155   @retval     EFI_SUCCESS  Create a random data for IV.
    156   @retval     otherwise    Failed.
    157 
    158 **/
    159 EFI_STATUS
    160 IkeGenerateIv (
    161   IN UINT8                           *IvBuffer,
    162   IN UINTN                           IvSize
    163   );
    164 
    165 /**
    166   Get the IKE Version from the IKE_SA_SESSION.
    167 
    168   @param[in]  Session  Pointer of the IKE_SA_SESSION.
    169 
    170 **/
    171 UINT8
    172 IkeGetVersionFromSession (
    173   IN UINT8                    *Session
    174   );
    175 
    176 /**
    177   Find SPD entry by a specified SPD selector.
    178 
    179   @param[in] SpdSel       Point to SPD Selector to be searched for.
    180 
    181   @retval Point to Spd Entry if the SPD entry found.
    182   @retval NULL if not found.
    183 
    184 **/
    185 IPSEC_SPD_ENTRY *
    186 IkeSearchSpdEntry (
    187   IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
    188   );
    189 
    190 extern MODP_GROUP             OakleyModpGroup[];
    191 extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];
    192 extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];
    193 
    194 #endif
    195 
    196