1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
|
/** @file
Definition related to the Security operation.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _EFI_IPSEC_CRYPTIO_H_
#define _EFI_IPSEC_CRYPTIO_H_
#include <Protocol/IpSecConfig.h>
#include <Library/DebugLib.h>
#define IPSEC_ENCRYPT_ALGORITHM_LIST_SIZE 2
#define IPSEC_AUTH_ALGORITHM_LIST_SIZE 3
/**
Prototype of Hash GetContextSize.
Retrieves the size, in bytes, of the context buffer required.
@return The size, in bytes, of the context buffer required.
**/
typedef
UINTN
(EFIAPI *CPL_HASH_GETCONTEXTSIZE) (
VOID
);
/**
Prototype of Hash Operation Initiating.
Initialization with a new context.
@param[in,out] Context Input Context.
@retval TRUE Initialization Successfully.
**/
typedef
EFI_STATUS
(EFIAPI *CPL_HASH_INIT) (
IN OUT VOID *Context
);
/**
Prototype of HASH update.
Hash update operation. Continue an Hash message digest operation, processing
another message block, and updating the Hash context.
If Context is NULL, then ASSERT().
If Data is NULL, then ASSERT().
@param[in,out] Context The Specified Context.
@param[in,out] Data The Input Data to hash.
@param[in] DataLength The length, in bytes, of Data.
@retval TRUE Update data successfully.
@retval FALSE The Context has been finalized.
**/
typedef
BOOLEAN
(EFIAPI *CPL_HASH_UPDATE) (
IN OUT VOID *Context,
IN CONST VOID *Data,
IN UINTN DataLength
);
/**
Prototype of Hash finallization.
Terminate a Hash message digest operation and output the message digest.
If Context is NULL, then ASSERT().
If HashValue is NULL, then ASSERT().
@param[in,out] Context The specified Context.
@param[out] HashValue Pointer to a 16-byte message digest output buffer.
@retval TRUE Finalized successfully.
**/
typedef
BOOLEAN
(EFIAPI *CPL_HASH_FINAL) (
IN OUT VOID *Context,
OUT UINT8 *HashValue
);
/**
Prototype of Cipher GetContextSize.
Retrieves the size, in bytes, of the context buffer required.
@return The size, in bytes, of the context buffer required.
**/
typedef
UINTN
(EFIAPI *CPL_CIPHER_GETCONTEXTSIZE) (
VOID
);
/**
Prototype of Cipher initiation.
Intializes the user-supplied key as the specifed context (key materials) for both
encryption and decryption operations.
If Context is NULL, then ASSERT().
If Key is NULL, then generate random key for usage.
@param[in,out] Context The specified Context.
@param[in] Key User-supplied TDES key (64/128/192 bits).
@param[in] KeyBits Key length in bits.
@retval TRUE TDES Initialization was successful.
**/
typedef
BOOLEAN
(EFIAPI *CPL_CIPHER_INIT) (
IN OUT VOID *Context,
IN CONST UINT8 *Key,
IN CONST UINTN KeyBits
);
/**
Prototype of Cipher encryption.
Encrypts plaintext message with the specified cipher.
If Context is NULL, then ASSERT().
if InData is NULL, then ASSERT().
If Size of input data is not multiple of Cipher algorithm related block size,
then ASSERT().
@param[in] Context The specified Context.
@param[in] InData The input plaintext data to be encrypted.
@param[out] OutData The resultant encrypted ciphertext.
@param[in] DataLength Length of input data in bytes.
@retval TRUE Encryption successful.
**/
typedef
BOOLEAN
(EFIAPI *CPL_CIPHER_ENCRYPT) (
IN VOID *Context,
IN CONST UINT8 *InData,
OUT UINT8 *OutData,
IN CONST UINTN DataLength
);
/**
Prototype of Cipher decryption.
Decrypts cipher message with specified cipher.
If Context is NULL, then ASSERT().
if InData is NULL, then ASSERT().
If Size of input data is not a multiple of a certaion block size , then ASSERT().
@param[in] Context The specified Context.
@param[in] InData The input ciphertext data to be decrypted.
@param[out] OutData The resultant decrypted plaintext.
@param[in] DataLength Length of input data in bytes.
@retval TRUE Decryption successful.
**/
typedef
BOOLEAN
(EFIAPI *CPL_CIPHER_DECRYPT) (
IN CONST VOID *Context,
IN CONST UINT8 *InData,
OUT UINT8 *OutData,
IN CONST UINTN DataLength
);
//
// The struct used to store the informatino and operation of Cipher algorithm.
//
typedef struct _ENCRYPT_ALGORITHM {
//
// The ID of the Algorithm
//
UINT8 AlgorithmId;
//
// The Key length of the Algorithm
//
UINTN KeyLength;
//
// Iv Size of the Algorithm
//
UINTN IvLength;
//
// The Block Size of the Algorithm
//
UINTN BlockSize;
//
// The Function pointer of GetContextSize.
//
CPL_CIPHER_GETCONTEXTSIZE CipherGetContextSize;
//
// The Function pointer of Cipher intitiaion.
//
CPL_CIPHER_INIT CipherInitiate;
//
// The Function pointer of Cipher Encryption.
//
CPL_CIPHER_ENCRYPT CipherEncrypt;
//
// The Function pointer of Cipher Decrption.
//
CPL_CIPHER_DECRYPT CipherDecrypt;
} ENCRYPT_ALGORITHM;
//
// The struct used to store the informatino and operation of Autahentication algorithm.
//
typedef struct _AUTH_ALGORITHM {
//
// ID of the Algorithm
//
UINT8 AlgorithmId;
//
// The Key length of the Algorithm
//
UINTN KeyLength;
//
// The ICV length of the Algorithm
//
UINTN IcvLength;
//
// The block size of the Algorithm
//
UINTN BlockSize;
//
// The function pointer of GetContextSize.
//
CPL_HASH_GETCONTEXTSIZE HashGetContextSize;
//
// The function pointer of Initiatoion
//
CPL_HASH_INIT HashInitiate;
//
// The function pointer of Hash Update.
//
CPL_HASH_UPDATE HashUpdate;
//
// The fucntion pointer of Hash Final
//
CPL_HASH_FINAL HashFinal;
} AUTH_ALGORITHM;
/**
Get the IV size of encrypt alogrithm. IV size is different from different algorithm.
@param[in] AlgorithmId The encrypt algorithm ID.
@return The value of IV size.
**/
UINTN
IpSecGetEncryptIvLength (
IN UINT8 AlgorithmId
);
/**
Get the block size of encrypt alogrithm. Block size is different from different algorithm.
@param[in] AlgorithmId The encrypt algorithm ID.
@return The value of block size.
**/
UINTN
IpSecGetEncryptBlockSize (
IN UINT8 AlgorithmId
);
/**
Get the ICV size of Authenticaion alogrithm. ICV size is different from different algorithm.
@param[in] AuthAlgorithmId The Authentication algorithm ID.
@return The value of ICV size.
**/
UINTN
IpSecGetIcvLength (
IN UINT8 AuthAlgorithmId
);
/**
Generate a random data for IV. If the IvSize is zero, not needed to create
IV and return EFI_SUCCESS.
@param[in] IvBuffer The pointer of the IV buffer.
@param[in] IvSize The IV size.
@retval EFI_SUCCESS Create random data for IV.
**/
EFI_STATUS
IpSecGenerateIv (
IN UINT8 *IvBuffer,
IN UINTN IvSize
);
#endif
|
