MdePkg[all]
1.08
|
EFI_IPSEC_PROCESS_POLICY describes a policy list for traffic processing.
UINT8 _EFI_IPSEC_PROCESS_POLICY::AuthAlgoId |
Cryptographic algorithm type used for authentication.
UINT8 _EFI_IPSEC_PROCESS_POLICY::EncAlgoId |
Cryptographic algorithm type used for encryption. EncAlgo is NULL when IPsec protocol is AH. For ESP protocol, EncAlgo can also be used to describe the algorithm if a combined mode algorithm is used.
BOOLEAN _EFI_IPSEC_PROCESS_POLICY::ExtSeqNum |
Extended Sequence Number. Is this SA using extended sequence numbers. 64 bit counter is used if TRUE.
BOOLEAN _EFI_IPSEC_PROCESS_POLICY::FragCheck |
Is this SA using stateful fragment checking. TRUE represents stateful fragment checking.
EFI_IPSEC_MODE _EFI_IPSEC_PROCESS_POLICY::Mode |
IPsec mode: tunnel or transport.
EFI_IPSEC_PROTOCOL_TYPE _EFI_IPSEC_PROCESS_POLICY::Proto |
IPsec protocol: AH or ESP
EFI_IPSEC_SA_LIFETIME _EFI_IPSEC_PROCESS_POLICY::SaLifetime |
A time interval after which a SA must be replaced with a new SA (and new SPI) or terminated.
BOOLEAN _EFI_IPSEC_PROCESS_POLICY::SeqOverflow |
A flag indicating whether overflow of the sequence number counter should generate an auditable event and prevent transmission of additional packets on the SA, or whether rollover is permitted.
EFI_IPSEC_TUNNEL_OPTION* _EFI_IPSEC_PROCESS_POLICY::TunnelOption |
Tunnel Option. TunnelOption is ignored if Mode is EfiIPsecTransport.