Home | History | Annotate | Download | only in IpSecDxe 
      1 /** @file
      2   Common operation of the IKE.
      3 
      4   Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
      5 
      6   This program and the accompanying materials
      7   are licensed and made available under the terms and conditions of the BSD License
      8   which accompanies this distribution.  The full text of the license may be found at
      9   http://opensource.org/licenses/bsd-license.php.
     10 
     11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     13 
     14 **/
     15 
     16 #ifndef _IKE_COMMON_H_
     17 #define _IKE_COMMON_H_
     18 
     19 #include <Protocol/Udp4.h>
     20 #include <Protocol/Udp6.h>
     21 #include <Protocol/Ip4Config2.h>
     22 
     23 #include <Library/BaseLib.h>
     24 #include <Library/BaseMemoryLib.h>
     25 #include <Library/MemoryAllocationLib.h>
     26 #include <Library/UefiRuntimeServicesTableLib.h>
     27 #include <Library/UefiBootServicesTableLib.h>
     28 #include <Library/DebugLib.h>
     29 #include <Library/UdpIoLib.h>
     30 #include <Library/BaseCryptLib.h>
     31 
     32 #include "Ikev2/Ikev2.h"
     33 #include "IpSecImpl.h"
     34 #include "IkePacket.h"
     35 #include "IpSecCryptIo.h"
     36 
     37 
     38 #define IKE_DEFAULT_PORT              500
     39 #define IKE_DEFAULT_TIMEOUT_INTERVAL  10000 // 10s
     40 #define IKE_NONCE_SIZE                16
     41 #define IKE_MAX_RETRY                 4
     42 #define IKE_SPI_BASE                  0x10000
     43 #define IKE_PAYLOAD_SIGNATURE         SIGNATURE_32('I','K','E','P')
     44 #define IKE_PAYLOAD_BY_PACKET(a)      CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE)
     45 
     46 
     47 #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload)                 \
     48   do {                                                                  \
     49     InsertTailList(&(IkePacket)->PayloadList, &(IkePayload)->ByPacket); \
     50   } while (0)
     51 
     52 #define IKE_PACKET_REMOVE_PAYLOAD(IkePacket,IkePayload)                 \
     53   do {                                                                  \
     54     RemoveEntryList(&(IkePayload)->ByPacket);                           \
     55   } while (0)
     56 
     57 #define IKE_PACKET_END_PAYLOAD(IkePacket, Node)                        \
     58   Node = GetFirstNode (&(IkePacket)->PayloadList);                      \
     59   while (!IsNodeAtEnd (&(IkePacket)->PayloadList, Node)) {             \
     60     Node = GetNextNode (&(IkePacket)->PayloadList, Node);              \
     61   }                                                                     \
     62 
     63 /**
     64   Call Crypto Lib to generate a random value with eight-octet length.
     65 
     66   @return the 64 byte vaule.
     67 
     68 **/
     69 UINT64
     70 IkeGenerateCookie (
     71   VOID
     72   );
     73 
     74 /**
     75   Generate the random data for Nonce payload.
     76 
     77   @param[in]  NonceSize      Size of the data in bytes.
     78 
     79   @return Buffer which contains the random data of the spcified size.
     80 
     81 **/
     82 UINT8 *
     83 IkeGenerateNonce (
     84   IN UINTN              NonceSize
     85   );
     86 
     87 /**
     88   Convert the IKE Header from Network order to Host order.
     89 
     90   @param[in, out]  Header    The pointer of the IKE_HEADER.
     91 
     92 **/
     93 VOID
     94 IkeHdrNetToHost (
     95   IN OUT IKE_HEADER *Header
     96   );
     97 
     98 
     99 /**
    100   Convert the IKE Header from Host order to Network order.
    101 
    102   @param[in, out] Header     The pointer of the IKE_HEADER.
    103 
    104 **/
    105 VOID
    106 IkeHdrHostToNet (
    107   IN OUT IKE_HEADER *Header
    108   );
    109 
    110 /**
    111   Allocate a buffer of IKE_PAYLOAD and set its Signature.
    112 
    113   @return A buffer of IKE_PAYLOAD.
    114 
    115 **/
    116 IKE_PAYLOAD *
    117 IkePayloadAlloc (
    118   VOID
    119   );
    120 
    121 /**
    122   Free a specified IKE_PAYLOAD buffer.
    123 
    124   @param[in]  IkePayload   Pointer of IKE_PAYLOAD to be freed.
    125 
    126 **/
    127 VOID
    128 IkePayloadFree (
    129   IN IKE_PAYLOAD *IkePayload
    130   );
    131 
    132 /**
    133   Generate an unused SPI
    134 
    135   @return a SPI in 4 bytes.
    136 
    137 **/
    138 UINT32
    139 IkeGenerateSpi (
    140   VOID
    141   );
    142 
    143 /**
    144   Generate a random data for IV
    145 
    146   @param[in]  IvBuffer  The pointer of the IV buffer.
    147   @param[in]  IvSize    The IV size.
    148 
    149   @retval     EFI_SUCCESS  Create a random data for IV.
    150   @retval     otherwise    Failed.
    151 
    152 **/
    153 EFI_STATUS
    154 IkeGenerateIv (
    155   IN UINT8                           *IvBuffer,
    156   IN UINTN                           IvSize
    157   );
    158 
    159 /**
    160   Get the IKE Version from the IKE_SA_SESSION.
    161 
    162   @param[in]  Session  Pointer of the IKE_SA_SESSION.
    163 
    164 **/
    165 UINT8
    166 IkeGetVersionFromSession (
    167   IN UINT8                    *Session
    168   );
    169 
    170 /**
    171   Find SPD entry by a specified SPD selector.
    172 
    173   @param[in] SpdSel       Point to SPD Selector to be searched for.
    174 
    175   @retval Point to Spd Entry if the SPD entry found.
    176   @retval NULL if not found.
    177 
    178 **/
    179 IPSEC_SPD_ENTRY *
    180 IkeSearchSpdEntry (
    181   IN EFI_IPSEC_SPD_SELECTOR             *SpdSel
    182   );
    183 
    184 extern MODP_GROUP             OakleyModpGroup[];
    185 extern IKE_ALG_GUID_INFO      mIPsecEncrAlgInfo[];
    186 extern IKE_ALG_GUID_INFO      mIPsecAuthAlgInfo[];
    187 
    188 #endif
    189 
    190