diff options
| author | qianouyang <qianouyang@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-10-15 05:40:41 +0000 |
|---|---|---|
| committer | qianouyang <qianouyang@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-10-15 05:40:41 +0000 |
| commit | 705f53a9b49e7ee3d1ca4bcc7133534ed64590dc (patch) | |
| tree | d79da69796a730af23def17ffd0de865365d3355 /MdePkg/Include/Protocol/IpSecConfig.h | |
| parent | a72526804846e44773174a7b4800168e889d831a (diff) | |
| download | edk2-705f53a9b49e7ee3d1ca4bcc7133534ed64590dc.tar.gz edk2-705f53a9b49e7ee3d1ca4bcc7133534ed64590dc.tar.bz2 edk2-705f53a9b49e7ee3d1ca4bcc7133534ed64590dc.zip | |
Update IPsec.h file to follow approved ECR which will be collected into future UEFI 2.3 Specification after 2.3 errata B and future UEFI Specifications after 2.3. The changes mainly include:
1. Add EFI_IPSEC2_PROTOCOL
2. Remove IPsec Authentication Algorithm Definition and IPsec Encryption Algorithm
Definition.
3. Add EFI_IPSEC_SA_DATA2 data structure.
And also update IPv4 driver to call EFI_IPSEC2_PROTOCOL.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10941 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdePkg/Include/Protocol/IpSecConfig.h')
| -rw-r--r-- | MdePkg/Include/Protocol/IpSecConfig.h | 84 |
1 files changed, 52 insertions, 32 deletions
diff --git a/MdePkg/Include/Protocol/IpSecConfig.h b/MdePkg/Include/Protocol/IpSecConfig.h index 4c4dad0403..e305381f7e 100644 --- a/MdePkg/Include/Protocol/IpSecConfig.h +++ b/MdePkg/Include/Protocol/IpSecConfig.h @@ -303,38 +303,6 @@ typedef struct _EFI_IPSEC_PROCESS_POLICY { } EFI_IPSEC_PROCESS_POLICY;
///
-/// IPsec Authentication Algorithm Definition
-/// The number value definition is aligned to IANA assignment
-///
-#define EFI_IPSEC_AALG_NONE 0x00
-#define EFI_IPSEC_AALG_MD5HMAC 0x02
-#define EFI_IPSEC_AALG_SHA1HMAC 0x03
-#define EFI_IPSEC_AALG_SHA2_256HMAC 0x05
-#define EFI_IPSEC_AALG_SHA2_384HMAC 0x06
-#define EFI_IPSEC_AALG_SHA2_512HMAC 0x07
-#define EFI_IPSEC_AALG_AES_XCBC_MAC 0x09
-#define EFI_IPSEC_AALG_NULL 0xFB
-
-///
-/// IPsec Encryption Algorithm Definition
-/// The number value definition is aligned to IANA assignment
-///
-#define EFI_IPSEC_EALG_NONE 0x00
-#define EFI_IPSEC_EALG_DESCBC 0x02
-#define EFI_IPSEC_EALG_3DESCBC 0x03
-#define EFI_IPSEC_EALG_CASTCBC 0x06
-#define EFI_IPSEC_EALG_BLOWFISHCBC 0x07
-#define EFI_IPSEC_EALG_NULL 0x0B
-#define EFI_IPSEC_EALG_AESCBC 0x0C
-#define EFI_IPSEC_EALG_AESCTR 0x0D
-#define EFI_IPSEC_EALG_AES_CCM_ICV8 0x0E
-#define EFI_IPSEC_EALG_AES_CCM_ICV12 0x0F
-#define EFI_IPSEC_EALG_AES_CCM_ICV16 0x10
-#define EFI_IPSEC_EALG_AES_GCM_ICV8 0x12
-#define EFI_IPSEC_EALG_AES_GCM_ICV12 0x13
-#define EFI_IPSEC_EALG_AES_GCM_ICV16 0x14
-
-///
/// EFI_IPSEC_SA_ID
/// A triplet to identify an SA, consisting of the following members.
///
@@ -487,6 +455,58 @@ typedef struct _EFI_IPSEC_SA_DATA { } EFI_IPSEC_SA_DATA;
///
+/// EFI_IPSEC_SA_DATA2
+///
+typedef struct _EFI_IPSEC_SA_DATA2 {
+ ///
+ /// IPsec mode: tunnel or transport
+ ///
+ EFI_IPSEC_MODE Mode;
+ ///
+ /// Sequence Number Counter. A 64-bit counter used to generate the sequence
+ /// number field in AH or ESP headers.
+ ///
+ UINT64 SNCount;
+ ///
+ /// Anti-Replay Window. A 64-bit counter and a bit-map used to determine
+ /// whether an inbound AH or ESP packet is a replay.
+ ///
+ UINT8 AntiReplayWindows;
+ ///
+ /// AH/ESP cryptographic algorithm, key and parameters.
+ ///
+ EFI_IPSEC_ALGO_INFO AlgoInfo;
+ ///
+ /// Lifetime of this SA.
+ ///
+ EFI_IPSEC_SA_LIFETIME SaLifetime;
+ ///
+ /// Any observed path MTU and aging variables. The Path MTU processing is
+ /// defined in section 8 of RFC 4301.
+ ///
+ UINT32 PathMTU;
+ ///
+ /// Link to one SPD entry
+ ///
+ EFI_IPSEC_SPD_SELECTOR *SpdSelector;
+ ///
+ /// Indication of whether it's manually set or negotiated automatically.
+ /// If ManualSet is FALSE, the corresponding SA entry is inserted through IKE
+ /// protocol negotiation
+ ///
+ BOOLEAN ManualSet;
+ ///
+ /// The tunnel header IP source address.
+ ///
+ EFI_IP_ADDRESS TunnelSourceAddress;
+ ///
+ /// The tunnel header IP destination address.
+ ///
+ EFI_IP_ADDRESS TunnelDestinationAddress;
+} EFI_IPSEC_SA_DATA2;
+
+
+///
/// EFI_IPSEC_PAD_ID
/// specifies the identifier for PAD entry, which is also used for SPD lookup.
/// IpAddress Pointer to the IPv4 or IPv6 address range.
|