diff options
Diffstat (limited to 'NetworkPkg/IpSecDxe/Ikev2/Utility.h')
| -rw-r--r-- | NetworkPkg/IpSecDxe/Ikev2/Utility.h | 236 |
1 files changed, 118 insertions, 118 deletions
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.h b/NetworkPkg/IpSecDxe/Ikev2/Utility.h index 319b6cb32c..8383ff8dd6 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/Utility.h +++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.h @@ -1,8 +1,8 @@ /** @file
- The interfaces of IKE/Child session operations and payload related operations
+ The interfaces of IKE/Child session operations and payload related operations
used by IKE Exchange Process.
- Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -76,8 +76,8 @@ Ikev2SaSessionLookup ( Private->Ikev2SaSession list or Private->Ikev2EstablishedList list.
@param[in] SaSessionList Pointer to list to be inserted into.
- @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be inserted.
- @param[in] RemotePeerIp Pointer to EFI_IP_ADDRESSS to indicate the
+ @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be inserted.
+ @param[in] RemotePeerIp Pointer to EFI_IP_ADDRESSS to indicate the
unique IKEV2_SA_SESSION.
**/
@@ -94,7 +94,7 @@ Ikev2SaSessionInsert ( @param[in] SaSessionList Pointer to list to be searched.
@param[in] RemotePeerIp Pointer to EFI_IP_ADDRESS to use for SA Session search.
- @retval Pointer to IKEV2_SA_SESSION with the specified remote IP address.
+ @retval Pointer to IKEV2_SA_SESSION with the specified remote IP address.
**/
IKEV2_SA_SESSION *
@@ -129,7 +129,7 @@ Ikev2SessionCommonRefresh ( );
/**
- Free specified IKEV2 SA Session.
+ Free specified IKEV2 SA Session.
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION to be freed.
@@ -140,7 +140,7 @@ Ikev2SaSessionFree ( );
/**
- Free specified Seession Common. The session common would belong to a IKE SA or
+ Free specified Seession Common. The session common would belong to a IKE SA or
a Child SA.
@param[in] SessionCommon Pointer to a Session Common.
@@ -164,9 +164,9 @@ Ikev2SaSessionIncreaseMessageId ( /**
Allocate Momery for IKEV2 Child SA Session.
-
+
@param[in] UdpService Pointer to IKE_UDP_SERVICE.
- @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to this Child SA
+ @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to this Child SA
Session.
@retval Pointer of a new created IKEV2 Child SA Session.
@@ -179,8 +179,8 @@ Ikev2ChildSaSessionAlloc ( );
/**
- Register a established IKEv2 Child SA into IkeSaSession->ChildSaEstablishSessionList.
- If the there is IKEV2_CHILD_SA_SESSION with same remote peer IP, remove the old one
+ Register a established IKEv2 Child SA into IkeSaSession->ChildSaEstablishSessionList.
+ If the there is IKEV2_CHILD_SA_SESSION with same remote peer IP, remove the old one
then register the new one.
@param[in] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION to be registered.
@@ -198,7 +198,7 @@ Ikev2ChildSaSessionReg ( This functin find a ChildSA session by searching the ChildSaSessionlist of
the input IKEV2_SA_SESSION by specified MessageID.
-
+
@param[in] SaSessionList Pointer to List to be searched.
@param[in] Spi Specified SPI.
@@ -241,20 +241,20 @@ Ikev2ChildSaSessionInsert ( /**
Remove the IKEV2_CHILD_SA_SESSION from IkeSaSessionList.
-
+
@param[in] SaSessionList The SA Session List to be iterated.
@param[in] Spi Spi used to identify the IKEV2_CHILD_SA_SESSION.
- @param[in] ListType The type of the List to indicate whether it is a
- Established.
+ @param[in] ListType The type of the List to indicate whether it is a
+ Established.
@return The point to IKEV2_CHILD_SA_SESSION.
-
+
**/
IKEV2_CHILD_SA_SESSION *
Ikev2ChildSaSessionRemove (
IN LIST_ENTRY *SaSessionList,
- IN UINT32 Spi,
- IN UINT8 ListType
+ IN UINT32 Spi,
+ IN UINT8 ListType
);
/**
@@ -271,7 +271,7 @@ Ikev2ChildSaSessionOnDeleting ( );
/**
- Free the memory located for the specified IKEV2_CHILD_SA_SESSION.
+ Free the memory located for the specified IKEV2_CHILD_SA_SESSION.
@param[in] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION.
@@ -285,7 +285,7 @@ Ikev2ChildSaSessionFree ( Free the specified DhBuffer.
@param[in] DhBuffer Pointer to IKEV2_DH_BUFFER to be freed.
-
+
**/
VOID
Ikev2DhBufferFree (
@@ -315,7 +315,7 @@ Ikev2ChildSaSilentDelete ( /**
This function is to parse a request IKE packet and return its request type.
- The request type is one of IKE CHILD SA creation, IKE SA rekeying and
+ The request type is one of IKE CHILD SA creation, IKE SA rekeying and
IKE CHILD SA rekeying.
@param[in] IkePacket IKE packet to be prased.
@@ -330,7 +330,7 @@ Ikev2ChildExchangeRequestType( /**
This function finds the SPI from Create Child Sa Exchange Packet.
-
+
@param[in] IkePacket Pointer to IKE_PACKET to be searched.
@retval SPI number.
@@ -345,10 +345,10 @@ Ikev2ChildExchangeRekeySpi( /**
Associate a SPD selector to the Child SA Session.
- This function is called when the Child SA is not the first child SA of its
+ This function is called when the Child SA is not the first child SA of its
IKE SA. It associate a SPD to this Child SA.
- @param[in, out] ChildSaSession Pointer to the Child SA Session to be associated to
+ @param[in, out] ChildSaSession Pointer to the Child SA Session to be associated to
a SPD selector.
@retval EFI_SUCCESS Associate one SPD selector to this Child SA Session successfully.
@@ -441,13 +441,13 @@ Ikev2ChildSaAfterEncodePayload ( Generate Ikev2 SA payload according to SessionSaData
@param[in] SessionSaData The data used in SA payload.
- @param[in] NextPayload The payload type presented in NextPayload field of
+ @param[in] NextPayload The payload type presented in NextPayload field of
SA Payload header.
@param[in] Type The SA type. It MUST be neither (1) for IKE_SA or
(2) for CHILD_SA or (3) for INFO.
@retval a Pointer to SA IKE payload.
-
+
**/
IKE_PAYLOAD *
Ikev2GenerateSaPayload (
@@ -460,7 +460,7 @@ Ikev2GenerateSaPayload ( Generate a ID payload.
@param[in] CommonSession Pointer to IKEV2_SESSION_COMMON related to ID payload.
- @param[in] NextPayload The payload type presented in the NextPayload field
+ @param[in] NextPayload The payload type presented in the NextPayload field
of ID Payload header.
@retval Pointer to ID IKE payload.
@@ -476,7 +476,7 @@ Ikev2GenerateIdPayload ( Generate a ID payload.
@param[in] CommonSession Pointer to IKEV2_SESSION_COMMON related to ID payload.
- @param[in] NextPayload The payload type presented in the NextPayload field
+ @param[in] NextPayload The payload type presented in the NextPayload field
of ID Payload header.
@param[in] InCert Pointer to the Certificate which distinguished name
will be added into the Id payload.
@@ -488,7 +488,7 @@ Ikev2GenerateIdPayload ( IKE_PAYLOAD *
Ikev2GenerateCertIdPayload (
IN IKEV2_SESSION_COMMON *CommonSession,
- IN UINT8 NextPayload,
+ IN UINT8 NextPayload,
IN UINT8 *InCert,
IN UINTN CertSize
);
@@ -496,10 +496,10 @@ Ikev2GenerateCertIdPayload ( /**
Generate a Nonce payload contenting the input parameter NonceBuf.
- @param[in] NonceBuf The nonce buffer content the whole Nonce payload block
+ @param[in] NonceBuf The nonce buffer content the whole Nonce payload block
except the payload header.
@param[in] NonceSize The buffer size of the NonceBuf
- @param[in] NextPayload The payload type presented in the NextPayload field
+ @param[in] NextPayload The payload type presented in the NextPayload field
of Nonce Payload header.
@retval Pointer to Nonce IKE paload.
@@ -516,23 +516,23 @@ Ikev2GenerateNoncePayload ( Generate the Notify payload.
Since the structure of Notify payload which defined in RFC 4306 is simple, so
- there is no internal data structure for Notify payload. This function generate
- Notify payload defined in RFC 4306, but all the fields in this payload are still
- in host order and need call Ikev2EncodePayload() to convert those fields from
+ there is no internal data structure for Notify payload. This function generate
+ Notify payload defined in RFC 4306, but all the fields in this payload are still
+ in host order and need call Ikev2EncodePayload() to convert those fields from
the host order to network order beforing sending it.
@param[in] ProtocolId The protocol type ID. For IKE_SA it MUST be one (1).
For IPsec SAs it MUST be neither (2) for AH or (3)
for ESP.
- @param[in] NextPayload The next paylaod type in NextPayload field of
+ @param[in] NextPayload The next paylaod type in NextPayload field of
the Notify payload.
@param[in] SpiSize Size of the SPI in SPI size field of the Notify Payload.
- @param[in] MessageType The message type in NotifyMessageType field of the
+ @param[in] MessageType The message type in NotifyMessageType field of the
Notify Payload.
@param[in] SpiBuf Pointer to buffer contains the SPI value.
@param[in] NotifyData Pointer to buffer contains the notification data.
@param[in] NotifyDataSize The size of NotifyData in bytes.
-
+
@retval Pointer to IKE Notify Payload.
@@ -551,14 +551,14 @@ Ikev2GenerateNotifyPayload ( /**
Generate the Delete payload.
- Since the structure of Delete payload which defined in RFC 4306 is simple,
- there is no internal data structure for Delete payload. This function generate
- Delete payload defined in RFC 4306, but all the fields in this payload are still
- in host order and need call Ikev2EncodePayload() to convert those fields from
+ Since the structure of Delete payload which defined in RFC 4306 is simple,
+ there is no internal data structure for Delete payload. This function generate
+ Delete payload defined in RFC 4306, but all the fields in this payload are still
+ in host order and need call Ikev2EncodePayload() to convert those fields from
the host order to network order beforing sending it.
@param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload generation.
- @param[in] NextPayload The next paylaod type in NextPayload field of
+ @param[in] NextPayload The next paylaod type in NextPayload field of
the Delete payload.
@param[in] SpiSize Size of the SPI in SPI size field of the Delete Payload.
@param[in] SpiNum Number of SPI in NumofSPIs field of the Delete Payload.
@@ -573,19 +573,19 @@ Ikev2GenerateDeletePayload ( IN UINT8 NextPayload,
IN UINT8 SpiSize,
IN UINT16 SpiNum,
- IN UINT8 *SpiBuf
+ IN UINT8 *SpiBuf
);
/**
Generate the Configuration payload.
- This function generates a configuration payload defined in RFC 4306, but all the
- fields in this payload are still in host order and need call Ikev2EncodePayload()
+ This function generates a configuration payload defined in RFC 4306, but all the
+ fields in this payload are still in host order and need call Ikev2EncodePayload()
to convert those fields from the host order to network order beforing sending it.
@param[in] IkeSaSession Pointer to IKE SA Session to be used for Delete payload
generation.
- @param[in] NextPayload The next paylaod type in NextPayload field of
+ @param[in] NextPayload The next paylaod type in NextPayload field of
the Delete payload.
@param[in] CfgType The attribute type in the Configuration attribute.
@@ -602,15 +602,15 @@ Ikev2GenerateCpPayload ( /**
Generate a Authentication Payload.
- This function is used for both Authentication generation and verification. When the
- IsVerify is TRUE, it create a Auth Data for verification. This function choose the
+ This function is used for both Authentication generation and verification. When the
+ IsVerify is TRUE, it create a Auth Data for verification. This function choose the
related IKE_SA_INIT Message for Auth data creation according to the IKE Session's type
and the value of IsVerify parameter.
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to.
- @param[in] IdPayload Pointer to the ID payload to be used for Authentication
+ @param[in] IdPayload Pointer to the ID payload to be used for Authentication
payload generation.
- @param[in] NextPayload The type filled into the Authentication Payload next
+ @param[in] NextPayload The type filled into the Authentication Payload next
payload field.
@param[in] IsVerify If it is TURE, the Authentication payload is used for
verification.
@@ -627,26 +627,26 @@ Ikev2PskGenerateAuthPayload ( );
/**
- Generate a Authentication Payload for Certificate Auth method.
+ Generate a Authentication Payload for Certificate Auth method.
- This function has two functions. One is creating a local Authentication
- Payload for sending and other is creating the remote Authentication data
+ This function has two functions. One is creating a local Authentication
+ Payload for sending and other is creating the remote Authentication data
for verification when the IsVerify is TURE.
@param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to.
- @param[in] IdPayload Pointer to the ID payload to be used for Authentication
+ @param[in] IdPayload Pointer to the ID payload to be used for Authentication
payload generation.
- @param[in] NextPayload The type filled into the Authentication Payload
+ @param[in] NextPayload The type filled into the Authentication Payload
next payload field.
- @param[in] IsVerify If it is TURE, the Authentication payload is used
+ @param[in] IsVerify If it is TURE, the Authentication payload is used
for verification.
- @param[in] UefiPrivateKey Pointer to the UEFI private key. Ignore it when
+ @param[in] UefiPrivateKey Pointer to the UEFI private key. Ignore it when
verify the authenticate payload.
- @param[in] UefiPrivateKeyLen The size of UefiPrivateKey in bytes. Ignore it
+ @param[in] UefiPrivateKeyLen The size of UefiPrivateKey in bytes. Ignore it
when verify the authenticate payload.
- @param[in] UefiKeyPwd Pointer to the password of UEFI private key.
+ @param[in] UefiKeyPwd Pointer to the password of UEFI private key.
Ignore it when verify the authenticate payload.
- @param[in] UefiKeyPwdLen The size of UefiKeyPwd in bytes.Ignore it when
+ @param[in] UefiKeyPwdLen The size of UefiKeyPwd in bytes.Ignore it when
verify the authenticate payload.
@return pointer to IKE Authentication payload for certification method.
@@ -670,9 +670,9 @@ Ikev2CertGenerateAuthPayload ( This function generates TSi or TSr payload according to type of next payload.
If the next payload is Responder TS, gereate TSi Payload. Otherwise, generate
TSr payload
-
+
@param[in] ChildSa Pointer to IKEV2_CHILD_SA_SESSION related to this TS payload.
- @param[in] NextPayload The payload type presented in the NextPayload field
+ @param[in] NextPayload The payload type presented in the NextPayload field
of ID Payload header.
@param[in] IsTunnel It indicates that if the Ts Payload is after the CP payload.
If yes, it means the Tsi and Tsr payload should be with
@@ -696,7 +696,7 @@ Ikev2GenerateTsPayload ( IPSEC_PROTO_ISAKMP or if the SpiSize is not zero or if the MessageType is not
the COOKIE, return EFI_INVALID_PARAMETER.
- @param[in] IkeNCookie Pointer to the IKE_PAYLOAD which contians the
+ @param[in] IkeNCookie Pointer to the IKE_PAYLOAD which contians the
Notify Cookie payload.
the Notify payload.
@param[in, out] IkeSaSession Pointer to the relevant IKE SA Session.
@@ -715,16 +715,16 @@ Ikev2ParserNotifyCookiePayload ( /**
Generate the Certificate payload or Certificate Request Payload.
- Since the Certificate Payload structure is same with Certificate Request Payload,
+ Since the Certificate Payload structure is same with Certificate Request Payload,
the only difference is that one contains the Certificate Data, other contains
- the acceptable certificateion CA. This function generate Certificate payload
- or Certificate Request Payload defined in RFC 4306, but all the fields
- in the payload are still in host order and need call Ikev2EncodePayload()
+ the acceptable certificateion CA. This function generate Certificate payload
+ or Certificate Request Payload defined in RFC 4306, but all the fields
+ in the payload are still in host order and need call Ikev2EncodePayload()
to convert those fields from the host order to network order beforing sending it.
- @param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload
+ @param[in] IkeSaSession Pointer to IKE SA Session to be used of Delete payload
generation.
- @param[in] NextPayload The next paylaod type in NextPayload field of
+ @param[in] NextPayload The next paylaod type in NextPayload field of
the Delete payload.
@param[in] Certificate Pointer of buffer contains the certification data.
@param[in] CertificateLen The length of Certificate in byte.
@@ -747,15 +747,15 @@ Ikev2GenerateCertificatePayload ( IN UINT8 EncodeType,
IN BOOLEAN IsRequest
);
-
+
/**
General interface of payload encoding.
- This function encode the internal data structure into payload which
- is defined in RFC 4306. The IkePayload->PayloadBuf used to store both the input
- payload and converted payload. Only the SA payload use the interal structure
- to store the attribute. Other payload use structure which is same with the RFC
- defined, for this kind payloads just do host order to network order change of
+ This function encode the internal data structure into payload which
+ is defined in RFC 4306. The IkePayload->PayloadBuf used to store both the input
+ payload and converted payload. Only the SA payload use the interal structure
+ to store the attribute. Other payload use structure which is same with the RFC
+ defined, for this kind payloads just do host order to network order change of
some fields.
@param[in] SessionCommon Pointer to IKE Session Common used to encode the payload.
@@ -779,7 +779,7 @@ Ikev2EncodePayload ( @param[in] SessionCommon Pointer to IKE Session Common to use for decoding.
@param[in, out] IkePayload Pointer to IKE payload to be decode as input, and
- store the decoded result as output.
+ store the decoded result as output.
@retval EFI_INVALID_PARAMETER Meet error when decode the SA payload.
@retval EFI_SUCCESS Decode successfully.
@@ -796,18 +796,18 @@ Ikev2DecodePayload ( This function decrpt the Encrypted IKE packet and put the result into IkePacket->PayloadBuf.
- @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing
+ @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing
some parameter used during decrypting.
- @param[in, out] IkePacket Point to IKE_PACKET to be decrypted as input,
+ @param[in, out] IkePacket Point to IKE_PACKET to be decrypted as input,
and the decrypted reslult as output.
@param[in, out] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and
IKE_CHILD_TYPE are supportted.
- @retval EFI_INVALID_PARAMETER If the IKE packet length is zero or the
+ @retval EFI_INVALID_PARAMETER If the IKE packet length is zero or the
IKE packet length is not Algorithm Block Size
alignment.
@retval EFI_SUCCESS Decrypt IKE packet successfully.
-
+
**/
EFI_STATUS
Ikev2DecryptPacket (
@@ -821,7 +821,7 @@ Ikev2DecryptPacket ( This function encrypt IKE packet before sending it. The Encrypted IKE packet
is put in to IKEV2 Encrypted Payload.
-
+
@param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON related to the IKE packet.
@param[in, out] IkePacket Pointer to IKE packet to be encrypted.
@@ -840,9 +840,9 @@ Ikev2EncryptPacket ( This function put all Payloads into one payload then encrypt it if needed.
- @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing
+ @param[in] SessionCommon Pointer to IKEV2_SESSION_COMMON containing
some parameter used during IKE packet encoding.
- @param[in, out] IkePacket Pointer to IKE_PACKET to be encoded as input,
+ @param[in, out] IkePacket Pointer to IKE_PACKET to be encoded as input,
and the encoded reslult as output.
@param[in] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and
IKE_CHILD_TYPE are supportted.
@@ -861,12 +861,12 @@ Ikev2EncodePacket ( /**
Decode the IKE packet.
- This function first decrypts the IKE packet if needed , then separats the whole
+ This function first decrypts the IKE packet if needed , then separats the whole
IKE packet from the IkePacket->PayloadBuf into IkePacket payload list.
-
- @param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON containing
+
+ @param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON containing
some parameter used by IKE packet decoding.
- @param[in, out] IkePacket The IKE Packet to be decoded on input, and
+ @param[in, out] IkePacket The IKE Packet to be decoded on input, and
the decoded result on return.
@param[in] IkeType The type of IKE. IKE_SA_TYPE, IKE_INFO_TYPE and
IKE_CHILD_TYPE are supportted.
@@ -904,8 +904,8 @@ Ikev2OnPacketAccepted ( @param[in] IkeUdpService Pointer to IKE_UDP_SERVICE used to send the IKE packet.
@param[in] SessionCommon Pointer to IKEV1_SESSION_COMMON related to the IKE packet.
@param[in] IkePacket Pointer to IKE_PACKET to be sent out.
- @param[in] IkeType The type of IKE to point what's kind of the IKE
- packet is to be sent out. IKE_SA_TYPE, IKE_INFO_TYPE
+ @param[in] IkeType The type of IKE to point what's kind of the IKE
+ packet is to be sent out. IKE_SA_TYPE, IKE_INFO_TYPE
and IKE_CHILD_TYPE are supportted.
@retval EFI_SUCCESS The operation complete successfully.
@@ -923,12 +923,12 @@ Ikev2SendIkePacket ( /**
Callback function for the IKE life time is over.
- This function will mark the related IKE SA Session as deleting and trigger a
+ This function will mark the related IKE SA Session as deleting and trigger a
Information negotiation.
@param[in] Event The time out event.
@param[in] Context Pointer to data passed by caller.
-
+
**/
VOID
EFIAPI
@@ -952,11 +952,11 @@ Ikev2ResendNotify ( );
/**
- Generate a Key Exchange payload according to the DH group type and save the
+ Generate a Key Exchange payload according to the DH group type and save the
public Key into IkeSaSession IkeKey field.
@param[in, out] IkeSaSession Pointer of the IKE_SA_SESSION.
- @param[in] NextPayload The payload type presented in the NextPayload field of Key
+ @param[in] NextPayload The payload type presented in the NextPayload field of Key
Exchange Payload header.
@retval Pointer to Key IKE payload.
@@ -964,28 +964,28 @@ Ikev2ResendNotify ( **/
IKE_PAYLOAD *
Ikev2GenerateKePayload (
- IN OUT IKEV2_SA_SESSION *IkeSaSession,
- IN UINT8 NextPayload
+ IN OUT IKEV2_SA_SESSION *IkeSaSession,
+ IN UINT8 NextPayload
);
/**
Check if the SPD is related to the input Child SA Session.
This function is the subfunction of Ikev1AssociateSpdEntry(). It is the call
- back function of IpSecVisitConfigData().
-
+ back function of IpSecVisitConfigData().
+
@param[in] Type Type of the input Config Selector.
- @param[in] Selector Pointer to the Configure Selector to be checked.
- @param[in] Data Pointer to the Configure Selector's Data passed
+ @param[in] Selector Pointer to the Configure Selector to be checked.
+ @param[in] Data Pointer to the Configure Selector's Data passed
from the caller.
@param[in] SelectorSize The buffer size of Selector.
@param[in] DataSize The buffer size of the Data.
@param[in] Context The data passed from the caller. It is a Child
SA Session in this context.
- @retval EFI_SUCCESS The SPD Selector is not related to the Child SA Session.
- @retval EFI_ABORTED The SPD Selector is related to the Child SA session and
+ @retval EFI_SUCCESS The SPD Selector is not related to the Child SA Session.
+ @retval EFI_ABORTED The SPD Selector is related to the Child SA session and
set the ChildSaSession->Spd to point to this SPD Selector.
**/
@@ -1033,14 +1033,14 @@ Ikev2ChildSaSessionCreate ( /**
Parse the received Initial Exchange Packet.
-
- This function parse the SA Payload and Key Payload to find out the cryptographic
- suite for the further IKE negotiation and fill it into the IKE SA Session's
+
+ This function parse the SA Payload and Key Payload to find out the cryptographic
+ suite for the further IKE negotiation and fill it into the IKE SA Session's
CommonSession->SaParams.
@param[in, out] IkeSaSession Pointer to related IKEV2_SA_SESSION.
@param[in] SaPayload The received packet.
- @param[in] Type The received packet IKE header flag.
+ @param[in] Type The received packet IKE header flag.
@retval TRUE If the SA proposal in Packet is acceptable.
@retval FALSE If the SA proposal in Packet is not acceptable.
@@ -1055,15 +1055,15 @@ Ikev2SaParseSaPayload ( /**
Parse the received Authentication Exchange Packet.
-
+
This function parse the SA Payload and Key Payload to find out the cryptographic
suite for the ESP and fill it into the Child SA Session's CommonSession->SaParams.
-
- @param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to
+
+ @param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to
this Authentication Exchange.
@param[in] SaPayload The received packet.
- @param[in] Type The IKE header's flag of received packet .
-
+ @param[in] Type The IKE header's flag of received packet .
+
@retval TRUE If the SA proposal in Packet is acceptable.
@retval FALSE If the SA proposal in Packet is not acceptable.
@@ -1078,17 +1078,17 @@ Ikev2ChildSaParseSaPayload ( /**
Generate Key buffer from fragments.
- If the digest length of specified HashAlgId is larger than or equal with the
- required output key length, derive the key directly. Otherwise, Key Material
- needs to be PRF-based concatenation according to 2.13 of RFC 4306:
+ If the digest length of specified HashAlgId is larger than or equal with the
+ required output key length, derive the key directly. Otherwise, Key Material
+ needs to be PRF-based concatenation according to 2.13 of RFC 4306:
prf+ (K,S) = T1 | T2 | T3 | T4 | ..., T1 = prf (K, S | 0x01),
T2 = prf (K, T1 | S | 0x02), T3 = prf (K, T2 | S | 0x03),T4 = prf (K, T3 | S | 0x04)
then derive the key from this key material.
-
+
@param[in] HashAlgId The Hash Algorithm ID used to generate key.
@param[in] HashKey Pointer to a key buffer which contains hash key.
@param[in] HashKeyLength The length of HashKey in bytes.
- @param[in, out] OutputKey Pointer to buffer which is used to receive the
+ @param[in, out] OutputKey Pointer to buffer which is used to receive the
output key.
@param[in] OutputKeyLength The length of OutPutKey buffer.
@param[in] Fragments Pointer to the data to be used to generate key.
@@ -1115,14 +1115,14 @@ Ikev2SaGenerateKey ( Copy ChildSaSession->Spd->Selector to ChildSaSession->SpdSelector.
ChildSaSession->SpdSelector stores the real Spdselector for its SA. Sometime,
- the SpdSelector in ChildSaSession is more accurated or the scope is smaller
+ the SpdSelector in ChildSaSession is more accurated or the scope is smaller
than the one in ChildSaSession->Spd, especially for the tunnel mode.
-
+
@param[in, out] ChildSaSession Pointer to IKEV2_CHILD_SA_SESSION related to.
@retval EFI_SUCCESS The operation complete successfully.
@retval EFI_OUT_OF_RESOURCES If the required resource can't be allocated.
-
+
**/
EFI_STATUS
Ikev2ChildSaSessionSpdSelectorCreate (
|