2
Common operation of the IKE
4
Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
6
This program and the accompanying materials
7
are licensed and made available under the terms and conditions of the BSD License
8
which accompanies this distribution. The full text of the license may be found at
9
http://opensource.org/licenses/bsd-license.php.
11
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
17
#include "IkeCommon.h"
18
#include "IpSecConfigImpl.h"
19
#include "IpSecDebug.h"
24
UINT32 mNextSpi = IKE_SPI_BASE;
25
EFI_GUID mZeroGuid = { 0, 0, 0, { 0, 0, 0, 0, 0, 0, 0, 0 } };
28
Call Crypto Lib to generate a random value with eight-octet length.
30
@return the 64 byte vaule.
41
Status = IpSecCryptoIoGenerateRandomBytes ((UINT8 *)&Cookie, sizeof (UINT64));
42
if (EFI_ERROR (Status)) {
50
Generate the random data for Nonce payload.
52
@param[in] NonceSize Size of the data in bytes.
54
@return Buffer which contains the random data of the spcified size.
65
Nonce = AllocateZeroPool (NonceSize);
70
Status = IpSecCryptoIoGenerateRandomBytes (Nonce, NonceSize);
71
if (EFI_ERROR (Status)) {
80
Convert the IKE Header from Network order to Host order.
82
@param[in, out] Header The pointer of the IKE_HEADER.
87
IN OUT IKE_HEADER *Header
90
Header->InitiatorCookie = NTOHLL (Header->InitiatorCookie);
91
Header->ResponderCookie = NTOHLL (Header->ResponderCookie);
92
Header->MessageId = NTOHL (Header->MessageId);
93
Header->Length = NTOHL (Header->Length);
97
Convert the IKE Header from Host order to Network order.
99
@param[in, out] Header The pointer of the IKE_HEADER.
104
IN OUT IKE_HEADER *Header
107
Header->InitiatorCookie = HTONLL (Header->InitiatorCookie);
108
Header->ResponderCookie = HTONLL (Header->ResponderCookie);
109
Header->MessageId = HTONL (Header->MessageId);
110
Header->Length = HTONL (Header->Length);
114
Allocate a buffer of IKE_PAYLOAD and set its Signature.
116
@return A buffer of IKE_PAYLOAD.
124
IKE_PAYLOAD *IkePayload;
126
IkePayload = (IKE_PAYLOAD *) AllocateZeroPool (sizeof (IKE_PAYLOAD));
127
if (IkePayload == NULL) {
131
IkePayload->Signature = IKE_PAYLOAD_SIGNATURE;
137
Free a specified IKE_PAYLOAD buffer.
139
@param[in] IkePayload Pointer of IKE_PAYLOAD to be freed.
144
IN IKE_PAYLOAD *IkePayload
147
if (IkePayload == NULL) {
151
// If this IkePayload is not referred by others, free it.
153
if (!IkePayload->IsPayloadBufExt && (IkePayload->PayloadBuf != NULL)) {
154
FreePool (IkePayload->PayloadBuf);
157
FreePool (IkePayload);
163
@return a SPI in 4 bytes.
172
// TODO: should generate SPI randomly to avoid security issue
178
Generate a random data for IV
180
@param[in] IvBuffer The pointer of the IV buffer.
181
@param[in] IvSize The IV size.
183
@retval EFI_SUCCESS Create a random data for IV.
184
@retval otherwise Failed.
193
return IpSecCryptoIoGenerateRandomBytes (IvBuffer, IvSize);
198
Find SPD entry by a specified SPD selector.
200
@param[in] SpdSel Point to SPD Selector to be searched for.
202
@retval Point to SPD Entry if the SPD entry found.
203
@retval NULL if not found.
208
IN EFI_IPSEC_SPD_SELECTOR *SpdSel
211
IPSEC_SPD_ENTRY *SpdEntry;
215
SpdList = &mConfigData[IPsecConfigDataTypeSpd];
217
NET_LIST_FOR_EACH (Entry, SpdList) {
218
SpdEntry = IPSEC_SPD_ENTRY_FROM_LIST (Entry);
221
// Find the required SPD entry
223
if (CompareSpdSelector (
224
(EFI_IPSEC_CONFIG_SELECTOR *) SpdSel,
225
(EFI_IPSEC_CONFIG_SELECTOR *) SpdEntry->Selector
236
Get the IKE Version from the IKE_SA_SESSION.
238
@param[in] Session Pointer of the IKE_SA_SESSION.
242
IkeGetVersionFromSession (
246
if (*(UINT32 *) Session == IKEV2_SA_SESSION_SIGNATURE) {
247
return ((IKEV2_SA_SESSION *) Session)->SessionCommon.IkeVer;
250
// Add IKEv1 support here.