From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C248F1A1DEF for ; Mon, 5 Sep 2016 20:55:30 -0700 (PDT) Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga104.fm.intel.com with ESMTP; 05 Sep 2016 20:55:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.30,290,1470726000"; d="scan'208";a="5062120" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga005.jf.intel.com with ESMTP; 05 Sep 2016 20:55:30 -0700 Received: from fmsmsx112.amr.corp.intel.com (10.18.116.6) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 5 Sep 2016 20:55:29 -0700 Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by FMSMSX112.amr.corp.intel.com (10.18.116.6) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 5 Sep 2016 20:55:29 -0700 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.109]) by SHSMSX103.ccr.corp.intel.com ([169.254.4.102]) with mapi id 14.03.0248.002; Tue, 6 Sep 2016 11:55:27 +0800 From: "Fu, Siyuan" To: "Wu, Jiaxin" , "edk2-devel@lists.01.org" CC: "Ye, Ting" Thread-Topic: [Patch] NetworkPkg/IpSecDxe: Generate SPI randomly and correct IKE_SPI_BASE value Thread-Index: AQHSB/A5WRavBeUMJEKiUdQJqbHJy6Br1RrQ Date: Tue, 6 Sep 2016 03:55:27 +0000 Message-ID: References: <1473133142-41256-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: <1473133142-41256-1-git-send-email-jiaxin.wu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYWZiNGEwYzMtZmU0Yi00YjUwLWI2YjQtZjk3ZmM5NGU0OTk3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IjI5S29lcE1iV0ZiV2ZjNlluMThtQUxUcmNlakszUE51b2FRNmJ6ejdsQVk9In0= x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] NetworkPkg/IpSecDxe: Generate SPI randomly and correct IKE_SPI_BASE value X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Sep 2016 03:55:31 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Fu Siyuan > -----Original Message----- > From: Wu, Jiaxin > Sent: Tuesday, September 6, 2016 11:39 AM > To: edk2-devel@lists.01.org > Cc: Ye, Ting ; Fu, Siyuan > Subject: [Patch] NetworkPkg/IpSecDxe: Generate SPI randomly and correct > IKE_SPI_BASE value >=20 > This path made the following update: > * Generate SPI randomly. > * Correct IKE_SPI_BASE value according RFC 4302/4303. >=20 > Cc: Ye Ting > Cc: Fu Siyuan > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiaxin Wu > --- > NetworkPkg/IpSecDxe/IkeCommon.c | 102 > +++++++++++++++++++++++++++++++----- > NetworkPkg/IpSecDxe/IkeCommon.h | 20 ++++--- > NetworkPkg/IpSecDxe/Ikev2/Utility.c | 11 +++- > 3 files changed, 112 insertions(+), 21 deletions(-) >=20 > diff --git a/NetworkPkg/IpSecDxe/IkeCommon.c > b/NetworkPkg/IpSecDxe/IkeCommon.c > index 6fc7c06..b1e4321 100644 > --- a/NetworkPkg/IpSecDxe/IkeCommon.c > +++ b/NetworkPkg/IpSecDxe/IkeCommon.c > @@ -1,9 +1,9 @@ > /** @file > Common operation of the IKE >=20 > - Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
>=20 > This program and the accompanying materials > are licensed and made available under the terms and conditions of the > BSD License > which accompanies this distribution. The full text of the license may > be found at > http://opensource.org/licenses/bsd-license.php. > @@ -16,14 +16,56 @@ > #include "Ike.h" > #include "IkeCommon.h" > #include "IpSecConfigImpl.h" > #include "IpSecDebug.h" >=20 > -// > -// Initial the SPI > -// > -UINT32 mNextSpi =3D IKE_SPI_BASE; > +/** > + Check whether the new generated Spi has existed. > + > + @param[in] IkeSaSession Pointer to the Child SA Session. > + @param[in] SpiValue SPI Value. > + > + @retval TRUE This SpiValue has existed in the Child SA Session > + @retval FALSE This SpiValue doesn't exist in the Child SA Session. > + > +**/ > +BOOLEAN > +IkeSpiValueExisted ( > + IN IKEV2_SA_SESSION *IkeSaSession, > + IN UINT32 SpiValue > + ) > +{ > + LIST_ENTRY *Entry; > + LIST_ENTRY *Next; > + IKEV2_CHILD_SA_SESSION *SaSession; > + > + Entry =3D NULL; > + Next =3D NULL; > + SaSession =3D NULL; > + > + // > + // Check whether the SPI value has existed in > ChildSaEstablishSessionList. > + // > + NET_LIST_FOR_EACH_SAFE (Entry, Next, &IkeSaSession- > >ChildSaEstablishSessionList) { > + SaSession=3D IKEV2_CHILD_SA_SESSION_BY_IKE_SA (Entry); > + if (SaSession->LocalPeerSpi =3D=3D SpiValue) { > + return TRUE; > + } > + } > + > + // > + // Check whether the SPI value has existed in ChildSaSessionList. > + // > + NET_LIST_FOR_EACH_SAFE (Entry, Next, &IkeSaSession->ChildSaSessionList= ) > { > + SaSession=3D IKEV2_CHILD_SA_SESSION_BY_IKE_SA (Entry); > + if (SaSession->LocalPeerSpi =3D=3D SpiValue) { > + return TRUE; > + } > + } > + > + return FALSE; > +} >=20 > /** > Call Crypto Lib to generate a random value with eight-octet length. >=20 > @return the 64 byte vaule. > @@ -156,23 +198,57 @@ IkePayloadFree ( > FreePool (IkePayload); > } >=20 > /** > Generate an new SPI. > - > - @return a SPI in 4 bytes. > + > + @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to > this Child SA > + Session. > + @param[in out] SpiValue Pointer to the new generated SPI value. > + > + @retval EFI_SUCCESS The operation performs successfully. > + @retval Otherwise The operation is failed. >=20 > **/ > -UINT32 > +EFI_STATUS > IkeGenerateSpi ( > - VOID > + IN IKEV2_SA_SESSION *IkeSaSession, > + OUT UINT32 *SpiValue > ) > { > - // > - // TODO: should generate SPI randomly to avoid security issue > - // > - return mNextSpi++; > + EFI_STATUS Status; > + > + Status =3D EFI_SUCCESS; > + > + while (TRUE) { > + // > + // Generate SPI randomly > + // > + Status =3D IpSecCryptoIoGenerateRandomBytes ((UINT8 *)SpiValue, size= of > (UINT32)); > + if (EFI_ERROR (Status)) { > + break; > + } > + > + // > + // The set of SPI values in the range 1 through 255 are reserved by > the > + // Internet Assigned Numbers Authority (IANA) for future use; a > reserved > + // SPI value will not normally be assigned by IANA unless the use of > the > + // assigned SPI value is specified in an RFC. > + // > + if (*SpiValue < IKE_SPI_BASE) { > + *SpiValue +=3D IKE_SPI_BASE; > + } > + > + // > + // Check whether the new generated SPI has existed. > + // > + if (!IkeSpiValueExisted (IkeSaSession, *SpiValue)) { > + break; > + } > + } > + > + return Status; > } >=20 > /** > Generate a random data for IV >=20 > diff --git a/NetworkPkg/IpSecDxe/IkeCommon.h > b/NetworkPkg/IpSecDxe/IkeCommon.h > index 714ecaa..7f7fd4d 100644 > --- a/NetworkPkg/IpSecDxe/IkeCommon.h > +++ b/NetworkPkg/IpSecDxe/IkeCommon.h > @@ -1,9 +1,9 @@ > /** @file > Common operation of the IKE. >=20 > - Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
> + Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.
>=20 > This program and the accompanying materials > are licensed and made available under the terms and conditions of the > BSD License > which accompanies this distribution. The full text of the license may > be found at > http://opensource.org/licenses/bsd-license.php. > @@ -37,11 +37,11 @@ >=20 > #define IKE_DEFAULT_PORT 500 > #define IKE_DEFAULT_TIMEOUT_INTERVAL 10000 // 10s > #define IKE_NONCE_SIZE 16 > #define IKE_MAX_RETRY 4 > -#define IKE_SPI_BASE 0x10000 > +#define IKE_SPI_BASE 0x100 > #define IKE_PAYLOAD_SIGNATURE SIGNATURE_32('I','K','E','P') > #define IKE_PAYLOAD_BY_PACKET(a) > CR(a,IKE_PAYLOAD,ByPacket,IKE_PAYLOAD_SIGNATURE) >=20 >=20 > #define IKE_PACKET_APPEND_PAYLOAD(IkePacket,IkePayload) = \ > @@ -128,18 +128,24 @@ VOID > IkePayloadFree ( > IN IKE_PAYLOAD *IkePayload > ); >=20 > /** > - Generate an unused SPI > - > - @return a SPI in 4 bytes. > + Generate an new SPI. > + > + @param[in] IkeSaSession Pointer to IKEV2_SA_SESSION related to > this Child SA > + Session. > + @param[in out] SpiValue Pointer to the new generated SPI value. > + > + @retval EFI_SUCCESS The operation performs successfully. > + @retval Otherwise The operation is failed. >=20 > **/ > -UINT32 > +EFI_STATUS > IkeGenerateSpi ( > - VOID > + IN IKEV2_SA_SESSION *IkeSaSession, > + OUT UINT32 *SpiValue > ); >=20 > /** > Generate a random data for IV >=20 > diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c > b/NetworkPkg/IpSecDxe/Ikev2/Utility.c > index 5b26ba1..c365532 100644 > --- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c > +++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c > @@ -523,11 +523,20 @@ Ikev2ChildSaSessionAlloc ( > // Initialize the fields of ChildSaSession and its SessionCommon. > // > ChildSaSession->Signature =3D IKEV2_CHILD_SA_SESSION_SIGNATUR= E; > ChildSaSession->IkeSaSession =3D IkeSaSession; > ChildSaSession->MessageId =3D IkeSaSession->MessageId; > - ChildSaSession->LocalPeerSpi =3D IkeGenerateSpi (); > + > + // > + // Generate an new SPI. > + // > + Status =3D IkeGenerateSpi (IkeSaSession, &(ChildSaSession->LocalPeerSp= i)); > + if (EFI_ERROR (Status)) { > + FreePool (ChildSaSession); > + return NULL; > + } > + > ChildSaCommon =3D &ChildSaSession->SessionCommon; > ChildSaCommon->UdpService =3D UdpService; > ChildSaCommon->Private =3D IkeSaSession- > >SessionCommon.Private; > ChildSaCommon->IkeSessionType =3D IkeSessionTypeChildSa; > ChildSaCommon->IkeVer =3D 2; > -- > 1.9.5.msysgit.1