Home | History | Annotate | Download | only in IpsecConfig
      1 /** @file
      2   The implementation of match policy entry function in IpSecConfig application.
      3 
      4   Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
      5 
      6   This program and the accompanying materials
      7   are licensed and made available under the terms and conditions of the BSD License
      8   which accompanies this distribution.  The full text of the license may be found at
      9   http://opensource.org/licenses/bsd-license.php.
     10 
     11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     13 
     14 **/
     15 
     16 #include "IpSecConfig.h"
     17 #include "Indexer.h"
     18 #include "Match.h"
     19 
     20 /**
     21   Private function to validate a buffer that should be filled with zero.
     22 
     23   @param[in] Memory    The pointer to the buffer.
     24   @param[in] Size      The size of the buffer.
     25 
     26   @retval TRUE     The memory is filled with zero.
     27   @retval FALSE    The memory isn't filled with zero.
     28 **/
     29 BOOLEAN
     30 IsMemoryZero (
     31   IN VOID     *Memory,
     32   IN UINTN    Size
     33   )
     34 {
     35   UINTN    Index;
     36 
     37   for (Index = 0; Index < Size; Index++) {
     38     if (*((UINT8 *) Memory + Index) != 0) {
     39       return FALSE;
     40     }
     41   }
     42 
     43   return TRUE;
     44 }
     45 
     46 /**
     47   Find the matching SPD with Indexer.
     48 
     49   @param[in] Selector    The pointer to the EFI_IPSEC_SPD_SELECTOR structure.
     50   @param[in] Data        The pointer to the EFI_IPSEC_SPD_DATA structure.
     51   @param[in] Indexer     The pointer to the SPD_ENTRY_INDEXER structure.
     52 
     53   @retval TRUE     The matched SPD is found.
     54   @retval FALSE    The matched SPD is not found.
     55 **/
     56 BOOLEAN
     57 MatchSpdEntry (
     58   IN EFI_IPSEC_SPD_SELECTOR    *Selector,
     59   IN EFI_IPSEC_SPD_DATA        *Data,
     60   IN SPD_ENTRY_INDEXER         *Indexer
     61   )
     62 {
     63   BOOLEAN    Match;
     64 
     65   Match = FALSE;
     66   if (!IsMemoryZero (Indexer->Name, MAX_PEERID_LEN)) {
     67     if ((Data->Name != NULL) && (AsciiStrCmp ((CHAR8 *) Indexer->Name, (CHAR8 *) Data->Name) == 0)) {
     68       Match = TRUE;
     69     }
     70   } else {
     71     if (Indexer->Index == 0) {
     72       Match = TRUE;
     73     }
     74 
     75     Indexer->Index--;
     76   }
     77 
     78   return Match;
     79 }
     80 
     81 /**
     82   Find the matching SAD with Indexer.
     83 
     84   @param[in] SaId       The pointer to the EFI_IPSEC_SA_ID structure.
     85   @param[in] Data       The pointer to the EFI_IPSEC_SA_DATA2 structure.
     86   @param[in] Indexer    The pointer to the SPD_ENTRY_INDEXER structure.
     87 
     88   @retval TRUE     The matched SAD is found.
     89   @retval FALSE    The matched SAD is not found.
     90 **/
     91 BOOLEAN
     92 MatchSadEntry (
     93   IN EFI_IPSEC_SA_ID      *SaId,
     94   IN EFI_IPSEC_SA_DATA2   *Data,
     95   IN SAD_ENTRY_INDEXER    *Indexer
     96   )
     97 {
     98   BOOLEAN    Match;
     99 
    100   Match = FALSE;
    101   if (!IsMemoryZero (&Indexer->SaId, sizeof (EFI_IPSEC_SA_ID))) {
    102     Match = (BOOLEAN) (CompareMem (&Indexer->SaId, SaId, sizeof (EFI_IPSEC_SA_ID)) == 0);
    103   } else {
    104     if (Indexer->Index == 0) {
    105       Match = TRUE;
    106     }
    107     Indexer->Index--;
    108   }
    109 
    110   return Match;
    111 }
    112 
    113 /**
    114   Find the matching PAD with Indexer.
    115 
    116   @param[in] PadId      The pointer to the EFI_IPSEC_PAD_ID structure.
    117   @param[in] Data       The pointer to the EFI_IPSEC_PAD_DATA structure.
    118   @param[in] Indexer    The pointer to the SPD_ENTRY_INDEXER structure.
    119 
    120   @retval TRUE     The matched PAD is found.
    121   @retval FALSE    The matched PAD is not found.
    122 **/
    123 BOOLEAN
    124 MatchPadEntry (
    125   IN EFI_IPSEC_PAD_ID      *PadId,
    126   IN EFI_IPSEC_PAD_DATA    *Data,
    127   IN PAD_ENTRY_INDEXER     *Indexer
    128   )
    129 {
    130   BOOLEAN                       Match;
    131 
    132   Match = FALSE;
    133   if (!IsMemoryZero (&Indexer->PadId, sizeof (EFI_IPSEC_PAD_ID))) {
    134     Match = (BOOLEAN) ((Indexer->PadId.PeerIdValid == PadId->PeerIdValid) &&
    135                        ((PadId->PeerIdValid &&
    136                          (StrCmp (
    137                             (CONST CHAR16 *) Indexer->PadId.Id.PeerId,
    138                             (CONST CHAR16 *) PadId->Id.PeerId
    139                             ) == 0)) ||
    140                         ((!PadId->PeerIdValid) &&
    141                          (Indexer->PadId.Id.IpAddress.PrefixLength == PadId->Id.IpAddress.PrefixLength) &&
    142                          (CompareMem (
    143                             &Indexer->PadId.Id.IpAddress.Address,
    144                             &PadId->Id.IpAddress.Address,
    145                             sizeof (EFI_IP_ADDRESS)
    146                             ) == 0))));
    147   } else {
    148     if (Indexer->Index == 0) {
    149       Match = TRUE;
    150     }
    151 
    152     Indexer->Index--;
    153   }
    154 
    155   return Match;
    156 }
    157 
    158 MATCH_POLICY_ENTRY mMatchPolicyEntry[] = {
    159   (MATCH_POLICY_ENTRY) MatchSpdEntry,
    160   (MATCH_POLICY_ENTRY) MatchSadEntry,
    161   (MATCH_POLICY_ENTRY) MatchPadEntry
    162 };
    163 
    164