1 /** @file 2 The implementation of match policy entry function in IpSecConfig application. 3 4 Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR> 5 6 This program and the accompanying materials 7 are licensed and made available under the terms and conditions of the BSD License 8 which accompanies this distribution. The full text of the license may be found at 9 http://opensource.org/licenses/bsd-license.php. 10 11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 13 14 **/ 15 16 #include "IpSecConfig.h" 17 #include "Indexer.h" 18 #include "Match.h" 19 20 /** 21 Private function to validate a buffer that should be filled with zero. 22 23 @param[in] Memory The pointer to the buffer. 24 @param[in] Size The size of the buffer. 25 26 @retval TRUE The memory is filled with zero. 27 @retval FALSE The memory isn't filled with zero. 28 **/ 29 BOOLEAN 30 IsMemoryZero ( 31 IN VOID *Memory, 32 IN UINTN Size 33 ) 34 { 35 UINTN Index; 36 37 for (Index = 0; Index < Size; Index++) { 38 if (*((UINT8 *) Memory + Index) != 0) { 39 return FALSE; 40 } 41 } 42 43 return TRUE; 44 } 45 46 /** 47 Find the matching SPD with Indexer. 48 49 @param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure. 50 @param[in] Data The pointer to the EFI_IPSEC_SPD_DATA structure. 51 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure. 52 53 @retval TRUE The matched SPD is found. 54 @retval FALSE The matched SPD is not found. 55 **/ 56 BOOLEAN 57 MatchSpdEntry ( 58 IN EFI_IPSEC_SPD_SELECTOR *Selector, 59 IN EFI_IPSEC_SPD_DATA *Data, 60 IN SPD_ENTRY_INDEXER *Indexer 61 ) 62 { 63 BOOLEAN Match; 64 65 Match = FALSE; 66 if (!IsMemoryZero (Indexer->Name, MAX_PEERID_LEN)) { 67 if ((Data->Name != NULL) && (AsciiStrCmp ((CHAR8 *) Indexer->Name, (CHAR8 *) Data->Name) == 0)) { 68 Match = TRUE; 69 } 70 } else { 71 if (Indexer->Index == 0) { 72 Match = TRUE; 73 } 74 75 Indexer->Index--; 76 } 77 78 return Match; 79 } 80 81 /** 82 Find the matching SAD with Indexer. 83 84 @param[in] SaId The pointer to the EFI_IPSEC_SA_ID structure. 85 @param[in] Data The pointer to the EFI_IPSEC_SA_DATA2 structure. 86 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure. 87 88 @retval TRUE The matched SAD is found. 89 @retval FALSE The matched SAD is not found. 90 **/ 91 BOOLEAN 92 MatchSadEntry ( 93 IN EFI_IPSEC_SA_ID *SaId, 94 IN EFI_IPSEC_SA_DATA2 *Data, 95 IN SAD_ENTRY_INDEXER *Indexer 96 ) 97 { 98 BOOLEAN Match; 99 100 Match = FALSE; 101 if (!IsMemoryZero (&Indexer->SaId, sizeof (EFI_IPSEC_SA_ID))) { 102 Match = (BOOLEAN) (CompareMem (&Indexer->SaId, SaId, sizeof (EFI_IPSEC_SA_ID)) == 0); 103 } else { 104 if (Indexer->Index == 0) { 105 Match = TRUE; 106 } 107 Indexer->Index--; 108 } 109 110 return Match; 111 } 112 113 /** 114 Find the matching PAD with Indexer. 115 116 @param[in] PadId The pointer to the EFI_IPSEC_PAD_ID structure. 117 @param[in] Data The pointer to the EFI_IPSEC_PAD_DATA structure. 118 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure. 119 120 @retval TRUE The matched PAD is found. 121 @retval FALSE The matched PAD is not found. 122 **/ 123 BOOLEAN 124 MatchPadEntry ( 125 IN EFI_IPSEC_PAD_ID *PadId, 126 IN EFI_IPSEC_PAD_DATA *Data, 127 IN PAD_ENTRY_INDEXER *Indexer 128 ) 129 { 130 BOOLEAN Match; 131 132 Match = FALSE; 133 if (!IsMemoryZero (&Indexer->PadId, sizeof (EFI_IPSEC_PAD_ID))) { 134 Match = (BOOLEAN) ((Indexer->PadId.PeerIdValid == PadId->PeerIdValid) && 135 ((PadId->PeerIdValid && 136 (StrCmp ( 137 (CONST CHAR16 *) Indexer->PadId.Id.PeerId, 138 (CONST CHAR16 *) PadId->Id.PeerId 139 ) == 0)) || 140 ((!PadId->PeerIdValid) && 141 (Indexer->PadId.Id.IpAddress.PrefixLength == PadId->Id.IpAddress.PrefixLength) && 142 (CompareMem ( 143 &Indexer->PadId.Id.IpAddress.Address, 144 &PadId->Id.IpAddress.Address, 145 sizeof (EFI_IP_ADDRESS) 146 ) == 0)))); 147 } else { 148 if (Indexer->Index == 0) { 149 Match = TRUE; 150 } 151 152 Indexer->Index--; 153 } 154 155 return Match; 156 } 157 158 MATCH_POLICY_ENTRY mMatchPolicyEntry[] = { 159 (MATCH_POLICY_ENTRY) MatchSpdEntry, 160 (MATCH_POLICY_ENTRY) MatchSadEntry, 161 (MATCH_POLICY_ENTRY) MatchPadEntry 162 }; 163 164