• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /** @file
2   The Interfaces of IPsec debug information printing.
3 
4   Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
5 
6   This program and the accompanying materials
7   are licensed and made available under the terms and conditions of the BSD License
8   which accompanies this distribution.  The full text of the license may be found at
9   http://opensource.org/licenses/bsd-license.php.
10 
11   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 
14 **/
15 
16 #include "IpSecImpl.h"
17 #include "IpSecDebug.h"
18 
19 //
20 // The print title for IKEv1 variety phase.
21 //
22 CHAR8 *mIkev1StateStr[IKE_STATE_NUM] = {
23   "IKEv1_MAIN_1",
24   "IKEv1_MAIN_2",
25   "IKEv1_MAIN_3",
26   "IKEv1_MAIN_ESTABLISHED",
27   "IKEv1_QUICK_1",
28   "IKEv1_QUICK_2",
29   "IKEv1_QUICK_ESTABLISHED"
30 };
31 
32 //
33 // The print title for IKEv2 variety phase.
34 //
35 CHAR8 *mIkev2StateStr[IKE_STATE_NUM] = {
36   "IKEv2_STATE_INIT",
37   "IKEv2_STATE_AUTH",
38   "IKEv2_STATE_SA_ESTABLISH",
39   "IKEv2_STATE_CREATE_CHILD",
40   "IKEv2_STATE_SA_REKEYING",
41   "IKEv2_STATE_CHILD_SA_ESTABLISHED",
42   "IKEv2_STATE_SA_DELETING"
43 };
44 
45 //
46 // The print title for IKEv1 variety Exchagne.
47 //
48 CHAR8 *mExchangeStr[] = {
49   "IKEv1 Main Exchange",
50   "IKEv1 Info Exchange",
51   "IKEv1 Quick Exchange",
52   "IKEv2 Initial Exchange",
53   "IKEv2 Auth Exchange",
54   "IKEv2 Create Child Exchange",
55   "IKEv2 Info Exchange",
56   "IKE   Unknow Exchange"
57 };
58 
59 //
60 // The print title for IKEv1 variety Payload.
61 //
62 CHAR8 *mIkev1PayloadStr[] = {
63   "IKEv1 None Payload",
64   "IKEv1 SA Payload",
65   "IKEv1 Proposal Payload",
66   "IKEv1 Transform Payload",
67   "IKEv1 KE Payload",
68   "IKEv1 ID Payload",
69   "IKEv1 Certificate Payload",
70   "IKEv1 Certificate Request Payload",
71   "IKEv1 Hash Payload",
72   "IKEv1 Signature Payload",
73   "IKEv1 Nonce Payload",
74   "IKEv1 Notify Payload",
75   "IKEv1 Delete Payload",
76   "IKEv1 Vendor Payload"
77 };
78 
79 //
80 // The print title for IKEv2 variety Payload.
81 //
82 CHAR8* mIkev2PayloadStr[] = {
83   "IKEv2 SA Payload",
84   "IKEv2 Key Payload",
85   "IKEv2 Identity Initial Payload",
86   "IKEv2 Identity Respond Payload",
87   "IKEv2 Certificate Payload",
88   "IKEv2 Certificate Request Payload",
89   "IKEv2 Auth Payload",
90   "IKEv2 Nonce Payload",
91   "IKEv2 Notify Payload",
92   "IKEv2 Delet Payload",
93   "IKEv2 Vendor Payload",
94   "IKEv2 Traffic Selector Initiator Payload",
95   "IKEv2 Traffic Selector Respond Payload",
96   "IKEv2 Encrypt Payload",
97   "IKEv2 Configuration Payload",
98   "IKEv2 Extensible Authentication Payload"
99 };
100 
101 /**
102   Print the IP address.
103 
104   @param[in]  Level     Debug print error level. Pass to DEBUG().
105   @param[in]  Ip        Point to a specified IP address.
106   @param[in]  IpVersion The IP Version.
107 
108 **/
109 VOID
IpSecDumpAddress(IN UINTN Level,IN EFI_IP_ADDRESS * Ip,IN UINT8 IpVersion)110 IpSecDumpAddress (
111   IN UINTN               Level,
112   IN EFI_IP_ADDRESS      *Ip,
113   IN UINT8               IpVersion
114   )
115 {
116   if (IpVersion == IP_VERSION_6) {
117     DEBUG (
118       (Level,
119       "%x%x:%x%x:%x%x:%x%x",
120       Ip->v6.Addr[0],
121       Ip->v6.Addr[1],
122       Ip->v6.Addr[2],
123       Ip->v6.Addr[3],
124       Ip->v6.Addr[4],
125       Ip->v6.Addr[5],
126       Ip->v6.Addr[6],
127       Ip->v6.Addr[7])
128       );
129     DEBUG (
130       (Level,
131       ":%x%x:%x%x:%x%x:%x%x\n",
132       Ip->v6.Addr[8],
133       Ip->v6.Addr[9],
134       Ip->v6.Addr[10],
135       Ip->v6.Addr[11],
136       Ip->v6.Addr[12],
137       Ip->v6.Addr[13],
138       Ip->v6.Addr[14],
139       Ip->v6.Addr[15])
140       );
141   } else {
142     DEBUG (
143       (Level,
144       "%d.%d.%d.%d\n",
145       Ip->v4.Addr[0],
146       Ip->v4.Addr[1],
147       Ip->v4.Addr[2],
148       Ip->v4.Addr[3])
149       );
150   }
151 
152 }
153 
154 /**
155   Print IKE Current states.
156 
157   @param[in]  Previous    The Previous state of IKE.
158   @param[in]  Current     The current state of IKE.
159   @param[in]  IkeVersion  The version of IKE.
160 
161 **/
162 VOID
IkeDumpState(IN UINT32 Previous,IN UINT32 Current,IN UINT8 IkeVersion)163 IkeDumpState (
164   IN UINT32              Previous,
165   IN UINT32              Current,
166   IN UINT8               IkeVersion
167   )
168 {
169   if (Previous >= IKE_STATE_NUM || Current >= IKE_STATE_NUM) {
170     return;
171   }
172 
173   if (Previous == Current) {
174     if (IkeVersion == 1) {
175       DEBUG ((DEBUG_INFO, "\n****Current state is %a\n", mIkev1StateStr[Previous]));
176     } else if (IkeVersion == 2) {
177       DEBUG ((DEBUG_INFO, "\n****Current state is %a\n", mIkev2StateStr[Previous]));
178     }
179   } else {
180     if (IkeVersion == 1) {
181       DEBUG ((DEBUG_INFO, "\n****Change state from %a to %a\n", mIkev1StateStr[Previous], mIkev1StateStr[Current]));
182     } else {
183       DEBUG ((DEBUG_INFO, "\n****Change state from %a to %a\n", mIkev2StateStr[Previous], mIkev2StateStr[Current]));
184     }
185   }
186 }
187 
188 /**
189   Print the IKE Packet.
190 
191   @param[in]  Packet      Point to IKE packet to be printed.
192   @param[in]  Direction   Point to the IKE packet is inbound or outbound.
193   @param[in]  IpVersion   Specified IP Version.
194 
195 **/
196 VOID
IpSecDumpPacket(IN IKE_PACKET * Packet,IN EFI_IPSEC_TRAFFIC_DIR Direction,IN UINT8 IpVersion)197 IpSecDumpPacket (
198   IN IKE_PACKET            *Packet,
199   IN EFI_IPSEC_TRAFFIC_DIR Direction,
200   IN UINT8                 IpVersion
201   )
202 {
203   CHAR8                     *TypeStr;
204   UINTN                     PacketSize;
205   UINT64                    InitCookie;
206   UINT64                    RespCookie;
207 
208   ASSERT (Packet != NULL);
209 
210   PacketSize = Packet->PayloadTotalSize + sizeof (IKE_HEADER);
211   InitCookie = (Direction == EfiIPsecOutBound) ? HTONLL (Packet->Header->InitiatorCookie) : Packet->Header->InitiatorCookie;
212   RespCookie = (Direction == EfiIPsecOutBound) ? HTONLL (Packet->Header->ResponderCookie) : Packet->Header->ResponderCookie;
213 
214   switch (Packet->Header->ExchangeType) {
215   case IKE_XCG_TYPE_IDENTITY_PROTECT:
216     TypeStr = mExchangeStr[0];
217     break;
218 
219   case IKE_XCG_TYPE_INFO:
220     TypeStr = mExchangeStr[1];
221     break;
222 
223   case IKE_XCG_TYPE_QM:
224     TypeStr = mExchangeStr[2];
225     break;
226 
227   case IKE_XCG_TYPE_SA_INIT:
228     TypeStr = mExchangeStr[3];
229     break;
230 
231   case IKE_XCG_TYPE_AUTH:
232     TypeStr = mExchangeStr[4];
233     break;
234 
235   case IKE_XCG_TYPE_CREATE_CHILD_SA:
236     TypeStr = mExchangeStr[5];
237     break;
238 
239   case IKE_XCG_TYPE_INFO2:
240     TypeStr = mExchangeStr[6];
241     break;
242 
243   default:
244     TypeStr = mExchangeStr[7];
245     break;
246   }
247 
248   if (Direction == EfiIPsecOutBound) {
249     DEBUG ((DEBUG_INFO, "\n>>>Sending %d bytes %a to ", PacketSize, TypeStr));
250   } else {
251     DEBUG ((DEBUG_INFO, "\n>>>Receiving %d bytes %a from ", PacketSize, TypeStr));
252   }
253 
254   IpSecDumpAddress (DEBUG_INFO, &Packet->RemotePeerIp, IpVersion);
255 
256   DEBUG ((DEBUG_INFO, "   InitiatorCookie:0x%lx ResponderCookie:0x%lx\n", InitCookie, RespCookie));
257   DEBUG (
258     (DEBUG_INFO,
259     "   Version: 0x%x Flags:0x%x ExchangeType:0x%x\n",
260     Packet->Header->Version,
261     Packet->Header->Flags,
262     Packet->Header->ExchangeType)
263     );
264   DEBUG (
265     (DEBUG_INFO,
266     "   MessageId:0x%x NextPayload:0x%x\n",
267     Packet->Header->MessageId,
268     Packet->Header->NextPayload)
269     );
270 
271 }
272 
273 /**
274   Print the IKE Paylolad.
275 
276   @param[in]  IkePayload  Point to payload to be printed.
277   @param[in]  IkeVersion  The specified version of IKE.
278 
279 **/
280 VOID
IpSecDumpPayload(IN IKE_PAYLOAD * IkePayload,IN UINT8 IkeVersion)281 IpSecDumpPayload (
282   IN IKE_PAYLOAD           *IkePayload,
283   IN UINT8                 IkeVersion
284   )
285 {
286   if (IkeVersion == 1) {
287     DEBUG ((DEBUG_INFO, "+%a\n", mIkev1PayloadStr[IkePayload->PayloadType]));
288   }  else {
289     //
290     // For IKEV2 the first Payload type is started from 33.
291     //
292     DEBUG ((DEBUG_INFO, "+%a\n", mIkev2PayloadStr[IkePayload->PayloadType - 33]));
293   }
294   IpSecDumpBuf ("Payload data", IkePayload->PayloadBuf, IkePayload->PayloadSize);
295 }
296 
297 /**
298   Print the buffer in form of Hex.
299 
300   @param[in]  Title       The strings to be printed before the data of the buffer.
301   @param[in]  Data        Points to buffer to be printed.
302   @param[in]  DataSize    The size of the buffer to be printed.
303 
304 **/
305 VOID
IpSecDumpBuf(IN CHAR8 * Title,IN UINT8 * Data,IN UINTN DataSize)306 IpSecDumpBuf (
307   IN CHAR8                 *Title,
308   IN UINT8                 *Data,
309   IN UINTN                 DataSize
310   )
311 {
312   UINTN Index;
313   UINTN DataIndex;
314   UINTN BytesRemaining;
315   UINTN BytesToPrint;
316 
317   DataIndex       = 0;
318   BytesRemaining  = DataSize;
319 
320   DEBUG ((DEBUG_INFO, "==%a %d bytes==\n", Title, DataSize));
321 
322   while (BytesRemaining > 0) {
323 
324     BytesToPrint = (BytesRemaining > IPSEC_DEBUG_BYTE_PER_LINE) ? IPSEC_DEBUG_BYTE_PER_LINE : BytesRemaining;
325 
326     for (Index = 0; Index < BytesToPrint; Index++) {
327       DEBUG ((DEBUG_INFO, " 0x%02x,", Data[DataIndex++]));
328     }
329 
330     DEBUG ((DEBUG_INFO, "\n"));
331     BytesRemaining -= BytesToPrint;
332   }
333 
334 }
335