1 /** @file
2 The implementation of match policy entry function in IpSecConfig application.
3
4 Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #include "IpSecConfig.h"
17 #include "Indexer.h"
18 #include "Match.h"
19
20 /**
21 Private function to validate a buffer that should be filled with zero.
22
23 @param[in] Memory The pointer to the buffer.
24 @param[in] Size The size of the buffer.
25
26 @retval TRUE The memory is filled with zero.
27 @retval FALSE The memory isn't filled with zero.
28 **/
29 BOOLEAN
IsMemoryZero(IN VOID * Memory,IN UINTN Size)30 IsMemoryZero (
31 IN VOID *Memory,
32 IN UINTN Size
33 )
34 {
35 UINTN Index;
36
37 for (Index = 0; Index < Size; Index++) {
38 if (*((UINT8 *) Memory + Index) != 0) {
39 return FALSE;
40 }
41 }
42
43 return TRUE;
44 }
45
46 /**
47 Find the matching SPD with Indexer.
48
49 @param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.
50 @param[in] Data The pointer to the EFI_IPSEC_SPD_DATA structure.
51 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure.
52
53 @retval TRUE The matched SPD is found.
54 @retval FALSE The matched SPD is not found.
55 **/
56 BOOLEAN
MatchSpdEntry(IN EFI_IPSEC_SPD_SELECTOR * Selector,IN EFI_IPSEC_SPD_DATA * Data,IN SPD_ENTRY_INDEXER * Indexer)57 MatchSpdEntry (
58 IN EFI_IPSEC_SPD_SELECTOR *Selector,
59 IN EFI_IPSEC_SPD_DATA *Data,
60 IN SPD_ENTRY_INDEXER *Indexer
61 )
62 {
63 BOOLEAN Match;
64
65 Match = FALSE;
66 if (!IsMemoryZero (Indexer->Name, MAX_PEERID_LEN)) {
67 if ((Data->Name != NULL) && (AsciiStrCmp ((CHAR8 *) Indexer->Name, (CHAR8 *) Data->Name) == 0)) {
68 Match = TRUE;
69 }
70 } else {
71 if (Indexer->Index == 0) {
72 Match = TRUE;
73 }
74
75 Indexer->Index--;
76 }
77
78 return Match;
79 }
80
81 /**
82 Find the matching SAD with Indexer.
83
84 @param[in] SaId The pointer to the EFI_IPSEC_SA_ID structure.
85 @param[in] Data The pointer to the EFI_IPSEC_SA_DATA2 structure.
86 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure.
87
88 @retval TRUE The matched SAD is found.
89 @retval FALSE The matched SAD is not found.
90 **/
91 BOOLEAN
MatchSadEntry(IN EFI_IPSEC_SA_ID * SaId,IN EFI_IPSEC_SA_DATA2 * Data,IN SAD_ENTRY_INDEXER * Indexer)92 MatchSadEntry (
93 IN EFI_IPSEC_SA_ID *SaId,
94 IN EFI_IPSEC_SA_DATA2 *Data,
95 IN SAD_ENTRY_INDEXER *Indexer
96 )
97 {
98 BOOLEAN Match;
99
100 Match = FALSE;
101 if (!IsMemoryZero (&Indexer->SaId, sizeof (EFI_IPSEC_SA_ID))) {
102 Match = (BOOLEAN) (CompareMem (&Indexer->SaId, SaId, sizeof (EFI_IPSEC_SA_ID)) == 0);
103 } else {
104 if (Indexer->Index == 0) {
105 Match = TRUE;
106 }
107 Indexer->Index--;
108 }
109
110 return Match;
111 }
112
113 /**
114 Find the matching PAD with Indexer.
115
116 @param[in] PadId The pointer to the EFI_IPSEC_PAD_ID structure.
117 @param[in] Data The pointer to the EFI_IPSEC_PAD_DATA structure.
118 @param[in] Indexer The pointer to the SPD_ENTRY_INDEXER structure.
119
120 @retval TRUE The matched PAD is found.
121 @retval FALSE The matched PAD is not found.
122 **/
123 BOOLEAN
MatchPadEntry(IN EFI_IPSEC_PAD_ID * PadId,IN EFI_IPSEC_PAD_DATA * Data,IN PAD_ENTRY_INDEXER * Indexer)124 MatchPadEntry (
125 IN EFI_IPSEC_PAD_ID *PadId,
126 IN EFI_IPSEC_PAD_DATA *Data,
127 IN PAD_ENTRY_INDEXER *Indexer
128 )
129 {
130 BOOLEAN Match;
131
132 Match = FALSE;
133 if (!IsMemoryZero (&Indexer->PadId, sizeof (EFI_IPSEC_PAD_ID))) {
134 Match = (BOOLEAN) ((Indexer->PadId.PeerIdValid == PadId->PeerIdValid) &&
135 ((PadId->PeerIdValid &&
136 (StrCmp (
137 (CONST CHAR16 *) Indexer->PadId.Id.PeerId,
138 (CONST CHAR16 *) PadId->Id.PeerId
139 ) == 0)) ||
140 ((!PadId->PeerIdValid) &&
141 (Indexer->PadId.Id.IpAddress.PrefixLength == PadId->Id.IpAddress.PrefixLength) &&
142 (CompareMem (
143 &Indexer->PadId.Id.IpAddress.Address,
144 &PadId->Id.IpAddress.Address,
145 sizeof (EFI_IP_ADDRESS)
146 ) == 0))));
147 } else {
148 if (Indexer->Index == 0) {
149 Match = TRUE;
150 }
151
152 Indexer->Index--;
153 }
154
155 return Match;
156 }
157
158 MATCH_POLICY_ENTRY mMatchPolicyEntry[] = {
159 (MATCH_POLICY_ENTRY) MatchSpdEntry,
160 (MATCH_POLICY_ENTRY) MatchSadEntry,
161 (MATCH_POLICY_ENTRY) MatchPadEntry
162 };
163
164