Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / IpSecDxe / README.md
@Ajax Dong Ajax Dong 2 days ago 1 KB Init
Raw Blame History

IpSecDxe, Index 0138, 1277316 bytes, DXE Phase

Full-featured IPsec (RFC 4301) and IKEv2 (RFC 7296) protocol DXE driver for the AMI UEFI network stack. This is the largest driver in the network stack at ~1.3 MB with 2724 functions. Implements IPsec Security Policy Database (SPD) and Security Association Database (SAD) management, IKEv2 key exchange over UDP (ports 500/4500), AES-CBC encryption, HMAC-SHA1 authentication, and DPC-based async dispatch. Supports both IPv4 and IPv6.

Key Functions

  • IpSecV4DriverBindingSupported/Start/Stop -- IPv4 IPsec driver binding
  • IpSecV6DriverBindingSupported/Start/Stop -- IPv6 IPsec driver binding
  • IpSecConfigSetData/IpSecConfigGetData -- SPD/SAD configuration via NV variables
  • IkeSaEstablish/IkeSaDelete -- IKEv2 SA lifecycle management
  • IpSecProcessPackets -- Main IPsec packet processing (inbound/outbound)
  • IpSecCryptAesCbc/HmacSha1 -- Cryptographic operations

Protocols/Dependencies

  • EFI_IPSEC_PROTOCOL, EFI_IPSEC_CONFIG_PROTOCOL
  • EFI_UDP4_PROTOCOL, EFI_UDP6_PROTOCOL (IKE transport)
  • EFI_DPC_PROTOCOL (deferred dispatch)
  • AMI Debug Library Protocol

Platform

HR650X, x86-64, AmiNetworkPkg/UefiNetworkStack/Common/IpSecDxe/, VS2015 DEBUG