tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-27 07:34:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

NetworkPkg: Convert files to CRLF line ending

Browse Source 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
This commit is contained in:
Hao Wu 2017-04-06 10:10:39 +08:00
parent 973f8862f2
commit 7618784b85
22 changed files with 6773 additions and 6757 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3439
NetworkPkg/HttpDxe/HttpsSupport.c
View File

File diff suppressed because it is too large Load Diff

521
NetworkPkg/HttpDxe/HttpsSupport.h
View File

@ -1,260 +1,261 @@
/** @file /** @file
The header files of miscellaneous routines specific to Https for HttpDxe driver. The header files of miscellaneous routines specific to Https for HttpDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __EFI_HTTPS_SUPPORT_H__ #ifndef __EFI_HTTPS_SUPPORT_H__
#define __EFI_HTTPS_SUPPORT_H__ #define __EFI_HTTPS_SUPPORT_H__
#define HTTPS_DEFAULT_PORT 443 #define HTTPS_DEFAULT_PORT 443
#define HTTPS_FLAG "https://" #define HTTPS_FLAG "https://"
/** /**
Check whether the Url is from Https. Check whether the Url is from Https.
@param[in] Url The pointer to a HTTP or HTTPS URL string. @param[in] Url The pointer to a HTTP or HTTPS URL string.
@retval TRUE The Url is from HTTPS. @retval TRUE The Url is from HTTPS.
@retval FALSE The Url is from HTTP. @retval FALSE The Url is from HTTP.
**/ **/
BOOLEAN BOOLEAN
IsHttpsUrl ( IsHttpsUrl (
IN CHAR8 *Url IN CHAR8 *Url
); );
/** /**
Creates a Tls child handle, open EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL. Creates a Tls child handle, open EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL.
@param[in] ImageHandle The firmware allocated handle for the UEFI image. @param[in] ImageHandle The firmware allocated handle for the UEFI image.
@param[out] TlsProto Pointer to the EFI_TLS_PROTOCOL instance. @param[out] TlsProto Pointer to the EFI_TLS_PROTOCOL instance.
@param[out] TlsConfiguration Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[out] TlsConfiguration Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@return The child handle with opened EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL. @return The child handle with opened EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL.
**/ **/
EFI_HANDLE EFI_HANDLE
EFIAPI EFIAPI
TlsCreateChild ( TlsCreateChild (
IN EFI_HANDLE ImageHandle, IN EFI_HANDLE ImageHandle,
OUT EFI_TLS_PROTOCOL **TlsProto, OUT EFI_TLS_PROTOCOL **TlsProto,
OUT EFI_TLS_CONFIGURATION_PROTOCOL **TlsConfiguration OUT EFI_TLS_CONFIGURATION_PROTOCOL **TlsConfiguration
); );
/** /**
Create event for the TLS receive and transmit tokens which are used to receive and Create event for the TLS receive and transmit tokens which are used to receive and
transmit TLS related messages. transmit TLS related messages.
@param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
@retval EFI_SUCCESS The events are created successfully. @retval EFI_SUCCESS The events are created successfully.
@retval others Other error as indicated. @retval others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsCreateTxRxEvent ( TlsCreateTxRxEvent (
IN OUT HTTP_PROTOCOL *HttpInstance IN OUT HTTP_PROTOCOL *HttpInstance
); );
/** /**
Close events in the TlsTxToken and TlsRxToken. Close events in the TlsTxToken and TlsRxToken.
@param[in] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
**/ **/
VOID VOID
EFIAPI EFIAPI
TlsCloseTxRxEvent ( TlsCloseTxRxEvent (
IN HTTP_PROTOCOL *HttpInstance IN HTTP_PROTOCOL *HttpInstance
); );
/** /**
Read the TlsCaCertificate variable and configure it. Read the TlsCaCertificate variable and configure it.
@param[in, out] HttpInstance The HTTP instance private data. @param[in, out] HttpInstance The HTTP instance private data.
@retval EFI_SUCCESS TlsCaCertificate is configured. @retval EFI_SUCCESS TlsCaCertificate is configured.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_NOT_FOUND Fail to get "TlsCaCertificate" variable. @retval EFI_NOT_FOUND Fail to get "TlsCaCertificate" variable.
@retval Others Other error as indicated. @retval Others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
TlsConfigCertificate ( TlsConfigCertificate (
IN OUT HTTP_PROTOCOL *HttpInstance IN OUT HTTP_PROTOCOL *HttpInstance
); );
/** /**
Configure TLS session data. Configure TLS session data.
@param[in, out] HttpInstance The HTTP instance private data. @param[in, out] HttpInstance The HTTP instance private data.
@retval EFI_SUCCESS TLS session data is configured. @retval EFI_SUCCESS TLS session data is configured.
@retval Others Other error as indicated. @retval Others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConfigureSession ( TlsConfigureSession (
IN OUT HTTP_PROTOCOL *HttpInstance IN OUT HTTP_PROTOCOL *HttpInstance
); );
/** /**
Transmit the Packet by processing the associated HTTPS token. Transmit the Packet by processing the associated HTTPS token.
@param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
@param[in] Packet The packet to transmit. @param[in] Packet The packet to transmit.
@retval EFI_SUCCESS The packet is transmitted. @retval EFI_SUCCESS The packet is transmitted.
@retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL. @retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_DEVICE_ERROR An unexpected system or network error occurred. @retval EFI_DEVICE_ERROR An unexpected system or network error occurred.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsCommonTransmit ( TlsCommonTransmit (
IN OUT HTTP_PROTOCOL *HttpInstance, IN OUT HTTP_PROTOCOL *HttpInstance,
IN NET_BUF *Packet IN NET_BUF *Packet
); );
/** /**
Receive the Packet by processing the associated HTTPS token. Receive the Packet by processing the associated HTTPS token.
@param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
@param[in] Packet The packet to transmit. @param[in] Packet The packet to transmit.
@param[in] Timeout The time to wait for connection done. @param[in] Timeout The time to wait for connection done.
@retval EFI_SUCCESS The Packet is received. @retval EFI_SUCCESS The Packet is received.
@retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL. @retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_TIMEOUT The operation is time out. @retval EFI_TIMEOUT The operation is time out.
@retval Others Other error as indicated. @retval Others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsCommonReceive ( TlsCommonReceive (
IN OUT HTTP_PROTOCOL *HttpInstance, IN OUT HTTP_PROTOCOL *HttpInstance,
IN NET_BUF *Packet, IN NET_BUF *Packet,
IN EFI_EVENT Timeout IN EFI_EVENT Timeout
); );
/** /**
Receive one TLS PDU. An TLS PDU contains an TLS record header and it's Receive one TLS PDU. An TLS PDU contains an TLS record header and it's
corresponding record data. These two parts will be put into two blocks of buffers in the corresponding record data. These two parts will be put into two blocks of buffers in the
net buffer. net buffer.
@param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
@param[out] Pdu The received TLS PDU. @param[out] Pdu The received TLS PDU.
@param[in] Timeout The time to wait for connection done. @param[in] Timeout The time to wait for connection done.
@retval EFI_SUCCESS An TLS PDU is received. @retval EFI_SUCCESS An TLS PDU is received.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_PROTOCOL_ERROR An unexpected TLS packet was received. @retval EFI_PROTOCOL_ERROR An unexpected TLS packet was received.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsReceiveOnePdu ( TlsReceiveOnePdu (
IN OUT HTTP_PROTOCOL *HttpInstance, IN OUT HTTP_PROTOCOL *HttpInstance,
OUT NET_BUF **Pdu, OUT NET_BUF **Pdu,
IN EFI_EVENT Timeout IN EFI_EVENT Timeout
); );
/** /**
Connect one TLS session by finishing the TLS handshake process. Connect one TLS session by finishing the TLS handshake process.
@param[in] HttpInstance The HTTP instance private data. @param[in] HttpInstance The HTTP instance private data.
@param[in] Timeout The time to wait for connection done. @param[in] Timeout The time to wait for connection done.
@retval EFI_SUCCESS The TLS session is established. @retval EFI_SUCCESS The TLS session is established.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED TLS session state is incorrect. @retval EFI_ABORTED TLS session state is incorrect.
@retval Others Other error as indicated. @retval Others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConnectSession ( TlsConnectSession (
IN HTTP_PROTOCOL *HttpInstance, IN HTTP_PROTOCOL *HttpInstance,
IN EFI_EVENT Timeout IN EFI_EVENT Timeout
); );
/** /**
Close the TLS session and send out the close notification message. Close the TLS session and send out the close notification message.
@param[in] HttpInstance The HTTP instance private data. @param[in] HttpInstance The HTTP instance private data.
@retval EFI_SUCCESS The TLS session is closed. @retval EFI_SUCCESS The TLS session is closed.
@retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL. @retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval Others Other error as indicated. @retval Others Other error as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsCloseSession ( TlsCloseSession (
IN HTTP_PROTOCOL *HttpInstance IN HTTP_PROTOCOL *HttpInstance
); );
/** /**
Process one message according to the CryptMode. Process one message according to the CryptMode.
@param[in] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
@param[in] Message Pointer to the message buffer needed to processed. @param[in] Message Pointer to the message buffer needed to processed.
@param[in] MessageSize Pointer to the message buffer size. @param[in] MessageSize Pointer to the message buffer size.
@param[in] ProcessMode Process mode. @param[in] ProcessMode Process mode.
@param[in, out] Fragment Only one Fragment returned after the Message is @param[in, out] Fragment Only one Fragment returned after the Message is
processed successfully. processed successfully.
@retval EFI_SUCCESS Message is processed successfully. @retval EFI_SUCCESS Message is processed successfully.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsProcessMessage ( TlsProcessMessage (
IN HTTP_PROTOCOL *HttpInstance, IN HTTP_PROTOCOL *HttpInstance,
IN UINT8 *Message, IN UINT8 *Message,
IN UINTN MessageSize, IN UINTN MessageSize,
IN EFI_TLS_CRYPT_MODE ProcessMode, IN EFI_TLS_CRYPT_MODE ProcessMode,
IN OUT NET_FRAGMENT *Fragment IN OUT NET_FRAGMENT *Fragment
); );
/** /**
Receive one fragment decrypted from one TLS record. Receive one fragment decrypted from one TLS record.
@param[in] HttpInstance Pointer to HTTP_PROTOCOL structure. @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
@param[in, out] Fragment The received Fragment. @param[in, out] Fragment The received Fragment.
@param[in] Timeout The time to wait for connection done. @param[in] Timeout The time to wait for connection done.
@retval EFI_SUCCESS One fragment is received. @retval EFI_SUCCESS One fragment is received.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED Something wrong decryption the message. @retval EFI_ABORTED Something wrong decryption the message.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
HttpsReceive ( HttpsReceive (
IN HTTP_PROTOCOL *HttpInstance, IN HTTP_PROTOCOL *HttpInstance,
IN OUT NET_FRAGMENT *Fragment, IN OUT NET_FRAGMENT *Fragment,
IN EFI_EVENT Timeout IN EFI_EVENT Timeout
); );
#endif #endif

51
NetworkPkg/Include/Guid/TlsAuthConfigHii.h
View File

@ -1,25 +1,26 @@
/** @file /** @file
GUIDs used as HII FormSet and HII Package list GUID in TlsAuthConfigDxe driver. GUIDs used as HII FormSet and HII Package list GUID in TlsAuthConfigDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution. the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __TLS_AUTH_CONFIG_HII_GUID_H__ #ifndef __TLS_AUTH_CONFIG_HII_GUID_H__
#define __TLS_AUTH_CONFIG_HII_GUID_H__ #define __TLS_AUTH_CONFIG_HII_GUID_H__
#define TLS_AUTH_CONFIG_GUID \ #define TLS_AUTH_CONFIG_GUID \
{ \ { \
0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48, 0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf } \ 0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48, 0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf } \
} }
extern EFI_GUID gTlsAuthConfigGuid; extern EFI_GUID gTlsAuthConfigGuid;
#endif #endif

59
NetworkPkg/Include/Guid/TlsAuthentication.h
View File

@ -1,29 +1,30 @@
/** @file /** @file
This file defines TlsCaCertificate variable. This file defines TlsCaCertificate variable.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution. the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __TLS_AUTHENTICATION_H__ #ifndef __TLS_AUTHENTICATION_H__
#define __TLS_AUTHENTICATION_H__ #define __TLS_AUTHENTICATION_H__
// Private variable for CA Certificate configuration // Private variable for CA Certificate configuration
// //
#define EFI_TLS_CA_CERTIFICATE_GUID \ #define EFI_TLS_CA_CERTIFICATE_GUID \
{ \ { \
0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \ 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae } \
} }
#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate" #define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate"
extern EFI_GUID gEfiTlsCaCertificateGuid; extern EFI_GUID gEfiTlsCaCertificateGuid;
#endif #endif

270
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c
View File

@ -1,135 +1,135 @@
/** @file /** @file
The DriverEntryPoint for TlsAuthConfigDxe driver. The DriverEntryPoint for TlsAuthConfigDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#include "TlsAuthConfigImpl.h" #include "TlsAuthConfigImpl.h"
/** /**
Unloads an image. Unloads an image.
@param ImageHandle Handle that identifies the image to be unloaded. @param ImageHandle Handle that identifies the image to be unloaded.
@retval EFI_SUCCESS The image has been unloaded. @retval EFI_SUCCESS The image has been unloaded.
@retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsAuthConfigDxeUnload ( TlsAuthConfigDxeUnload (
IN EFI_HANDLE ImageHandle IN EFI_HANDLE ImageHandle
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData; TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData;
Status = gBS->HandleProtocol ( Status = gBS->HandleProtocol (
ImageHandle, ImageHandle,
&gEfiCallerIdGuid, &gEfiCallerIdGuid,
(VOID **) &PrivateData (VOID **) &PrivateData
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
ASSERT (PrivateData->Signature == TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE); ASSERT (PrivateData->Signature == TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE);
gBS->UninstallMultipleProtocolInterfaces ( gBS->UninstallMultipleProtocolInterfaces (
&ImageHandle, &ImageHandle,
&gEfiCallerIdGuid, &gEfiCallerIdGuid,
PrivateData, PrivateData,
NULL NULL
); );
TlsAuthConfigFormUnload (PrivateData); TlsAuthConfigFormUnload (PrivateData);
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/** /**
This is the declaration of an EFI image entry point. This entry point is This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
both device drivers and bus drivers. both device drivers and bus drivers.
@param ImageHandle The firmware allocated handle for the UEFI image. @param ImageHandle The firmware allocated handle for the UEFI image.
@param SystemTable A pointer to the EFI System Table. @param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval Others An unexpected error occurred. @retval Others An unexpected error occurred.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsAuthConfigDxeDriverEntryPoint ( TlsAuthConfigDxeDriverEntryPoint (
IN EFI_HANDLE ImageHandle, IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable IN EFI_SYSTEM_TABLE *SystemTable
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData; TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData;
PrivateData = NULL; PrivateData = NULL;
// //
// If already started, return. // If already started, return.
// //
Status = gBS->OpenProtocol ( Status = gBS->OpenProtocol (
ImageHandle, ImageHandle,
&gEfiCallerIdGuid, &gEfiCallerIdGuid,
NULL, NULL,
ImageHandle, ImageHandle,
ImageHandle, ImageHandle,
EFI_OPEN_PROTOCOL_TEST_PROTOCOL EFI_OPEN_PROTOCOL_TEST_PROTOCOL
); );
if (!EFI_ERROR (Status)) { if (!EFI_ERROR (Status)) {
return EFI_ALREADY_STARTED; return EFI_ALREADY_STARTED;
} }
// //
// Initialize the private data structure. // Initialize the private data structure.
// //
PrivateData = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_PRIVATE_DATA)); PrivateData = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_PRIVATE_DATA));
if (PrivateData == NULL) { if (PrivateData == NULL) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
// //
// Initialize the HII configuration form. // Initialize the HII configuration form.
// //
Status = TlsAuthConfigFormInit (PrivateData); Status = TlsAuthConfigFormInit (PrivateData);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
goto ON_ERROR; goto ON_ERROR;
} }
// //
// Install private GUID. // Install private GUID.
// //
Status = gBS->InstallMultipleProtocolInterfaces ( Status = gBS->InstallMultipleProtocolInterfaces (
&ImageHandle, &ImageHandle,
&gEfiCallerIdGuid, &gEfiCallerIdGuid,
PrivateData, PrivateData,
NULL NULL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
goto ON_ERROR; goto ON_ERROR;
} }
return EFI_SUCCESS; return EFI_SUCCESS;
ON_ERROR: ON_ERROR:
TlsAuthConfigFormUnload (PrivateData); TlsAuthConfigFormUnload (PrivateData);
FreePool (PrivateData); FreePool (PrivateData);
return Status; return Status;
} }

147
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
View File

@ -1,73 +1,74 @@
## @file ## @file
# Provides the capability to configure Tls Authentication in a setup browser # Provides the capability to configure Tls Authentication in a setup browser
# By this module, user may change the content of TlsCaCertificate. # By this module, user may change the content of TlsCaCertificate.
# #
# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php # http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
# #
## ##
[Defines] [Defines]
INF_VERSION = 0x00010005 INF_VERSION = 0x00010005
BASE_NAME = TlsAuthConfigDxe BASE_NAME = TlsAuthConfigDxe
MODULE_UNI_FILE = TlsAuthConfigDxe.uni MODULE_UNI_FILE = TlsAuthConfigDxe.uni
FILE_GUID = 7ca1024f-eb17-11e5-9dba-28d2447c4829 FILE_GUID = 7ca1024f-eb17-11e5-9dba-28d2447c4829
MODULE_TYPE = DXE_DRIVER MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0 VERSION_STRING = 1.0
ENTRY_POINT = TlsAuthConfigDxeDriverEntryPoint ENTRY_POINT = TlsAuthConfigDxeDriverEntryPoint
UNLOAD_IMAGE = TlsAuthConfigDxeUnload UNLOAD_IMAGE = TlsAuthConfigDxeUnload
# #
# VALID_ARCHITECTURES = IA32 X64 # VALID_ARCHITECTURES = IA32 X64
# #
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec MdeModulePkg/MdeModulePkg.dec
NetworkPkg/NetworkPkg.dec NetworkPkg/NetworkPkg.dec
[Sources] [Sources]
TlsAuthConfigImpl.c TlsAuthConfigImpl.c
TlsAuthConfigImpl.h TlsAuthConfigImpl.h
TlsAuthConfigNvData.h TlsAuthConfigNvData.h
TlsAuthConfigDxe.c TlsAuthConfigDxe.c
TlsAuthConfigDxeStrings.uni TlsAuthConfigDxeStrings.uni
TlsAuthConfigVfr.vfr TlsAuthConfigVfr.vfr
[LibraryClasses] [LibraryClasses]
BaseLib BaseLib
BaseMemoryLib BaseMemoryLib
MemoryAllocationLib MemoryAllocationLib
UefiLib UefiLib
UefiBootServicesTableLib UefiBootServicesTableLib
UefiRuntimeServicesTableLib UefiRuntimeServicesTableLib
UefiDriverEntryPoint UefiDriverEntryPoint
DebugLib DebugLib
HiiLib HiiLib
DevicePathLib DevicePathLib
UefiHiiServicesLib UefiHiiServicesLib
FileExplorerLib FileExplorerLib
PrintLib PrintLib
[Protocols] [Protocols]
gEfiDevicePathProtocolGuid ## PRODUCES gEfiDevicePathProtocolGuid ## PRODUCES
gEfiHiiConfigAccessProtocolGuid ## PRODUCES gEfiHiiConfigAccessProtocolGuid ## PRODUCES
gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
[Guids] [Guids]
gTlsAuthConfigGuid ## PRODUCES ## GUID gTlsAuthConfigGuid ## PRODUCES ## GUID
gEfiCertX509Guid ## CONSUMES ## GUID # Indicate the cert type gEfiCertX509Guid ## CONSUMES ## GUID # Indicate the cert type
gEfiIfrTianoGuid ## CONSUMES ## HII gEfiIfrTianoGuid ## CONSUMES ## HII
gEfiTlsCaCertificateGuid ## PRODUCES ## GUID gEfiTlsCaCertificateGuid ## PRODUCES ## GUID
[Depex] [Depex]
gEfiHiiConfigRoutingProtocolGuid AND gEfiHiiConfigRoutingProtocolGuid AND
gEfiHiiDatabaseProtocolGuid gEfiHiiDatabaseProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"] [UserExtensions.TianoCore."ExtraFiles"]
TlsAuthConfigDxeExtra.uni TlsAuthConfigDxeExtra.uni

42
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.uni
View File

@ -1,21 +1,21 @@
// /** @file // /** @file
// Provides the capability to configure Tls Authentication in a setup browser // Provides the capability to configure Tls Authentication in a setup browser
// //
// By this module, user may change the content of TlsCaCertificate. // By this module, user may change the content of TlsCaCertificate.
// //
// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> // Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
// //
// This program and the accompanying materials // This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License // are licensed and made available under the terms and conditions of the BSD License
// which accompanies this distribution. The full text of the license may be found at // which accompanies this distribution. The full text of the license may be found at
// http://opensource.org/licenses/bsd-license.php // http://opensource.org/licenses/bsd-license.php
// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, // THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// //
// **/ // **/
#string STR_MODULE_ABSTRACT #language en-US "Provides the capability to configure Tls Authentication in a setup browser" #string STR_MODULE_ABSTRACT #language en-US "Provides the capability to configure Tls Authentication in a setup browser"
#string STR_MODULE_DESCRIPTION #language en-US "By this module, user may change the content of TlsCaCertificate." #string STR_MODULE_DESCRIPTION #language en-US "By this module, user may change the content of TlsCaCertificate."

38
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeExtra.uni
View File

@ -1,19 +1,19 @@
// /** @file // /** @file
// TlsAuthConfigDxe Localized Strings and Content // TlsAuthConfigDxe Localized Strings and Content
// //
// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> // Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
// //
// This program and the accompanying materials // This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License // are licensed and made available under the terms and conditions of the BSD License
// which accompanies this distribution. The full text of the license may be found at // which accompanies this distribution. The full text of the license may be found at
// http://opensource.org/licenses/bsd-license.php // http://opensource.org/licenses/bsd-license.php
// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, // THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// //
// **/ // **/
#string STR_PROPERTIES_MODULE_NAME #string STR_PROPERTIES_MODULE_NAME
#language en-US #language en-US
"TLS Auth Config DXE" "TLS Auth Config DXE"

78
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxeStrings.uni
View File

@ -1,39 +1,39 @@
/** @file /** @file
String definitions for Tls Authentication Configuration form. String definitions for Tls Authentication Configuration form.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#langdef en-US "English" #langdef en-US "English"
#string STR_TLS_AUTH_CONFIG_TITLE #language en-US "Tls Auth Configuration" #string STR_TLS_AUTH_CONFIG_TITLE #language en-US "Tls Auth Configuration"
#string STR_TLS_AUTH_CONFIG_HELP #language en-US "Press <Enter> to select Tls Auth Configuration." #string STR_TLS_AUTH_CONFIG_HELP #language en-US "Press <Enter> to select Tls Auth Configuration."
#string STR_TLS_AUTH_CONFIG_SERVER_CA #language en-US "Server CA Configuration" #string STR_TLS_AUTH_CONFIG_SERVER_CA #language en-US "Server CA Configuration"
#string STR_TLS_AUTH_CONFIG_SERVER_CA_HELP #language en-US "Press <Enter> to configure Server CA." #string STR_TLS_AUTH_CONFIG_SERVER_CA_HELP #language en-US "Press <Enter> to configure Server CA."
#string STR_TLS_AUTH_CONFIG_CLIENT_CERT #language en-US "Client Cert Configuration" #string STR_TLS_AUTH_CONFIG_CLIENT_CERT #language en-US "Client Cert Configuration"
#string STR_TLS_AUTH_CONFIG_CLIENT_CERT_HELP #language en-US "Client cert configuration is unsupported currently." #string STR_TLS_AUTH_CONFIG_CLIENT_CERT_HELP #language en-US "Client cert configuration is unsupported currently."
#string STR_TLS_AUTH_CONFIG_ENROLL_CERT #language en-US "Enroll Cert" #string STR_TLS_AUTH_CONFIG_ENROLL_CERT #language en-US "Enroll Cert"
#string STR_TLS_AUTH_CONFIG_ENROLL_CERT_HELP #language en-US "Press <Enter> to enroll cert." #string STR_TLS_AUTH_CONFIG_ENROLL_CERT_HELP #language en-US "Press <Enter> to enroll cert."
#string STR_TLS_AUTH_CONFIG_DELETE_CERT #language en-US "Delete Cert" #string STR_TLS_AUTH_CONFIG_DELETE_CERT #language en-US "Delete Cert"
#string STR_TLS_AUTH_CONFIG_DELETE_CERT_HELP #language en-US "Press <Enter> to delete cert." #string STR_TLS_AUTH_CONFIG_DELETE_CERT_HELP #language en-US "Press <Enter> to delete cert."
#string STR_TLS_AUTH_CONFIG_ADD_CERT_FILE #language en-US "Enroll Cert Using File" #string STR_TLS_AUTH_CONFIG_ADD_CERT_FILE #language en-US "Enroll Cert Using File"
#string STR_TLS_AUTH_CONFIG_CERT_GUID #language en-US "Cert GUID" #string STR_TLS_AUTH_CONFIG_CERT_GUID #language en-US "Cert GUID"
#string STR_TLS_AUTH_CONFIG_CERT_GUID_HELP #language en-US "Input digit character in 11111111-2222-3333-4444-1234567890ab format." #string STR_TLS_AUTH_CONFIG_CERT_GUID_HELP #language en-US "Input digit character in 11111111-2222-3333-4444-1234567890ab format."
#string STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT #language en-US "Commit Changes and Exit" #string STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT #language en-US "Commit Changes and Exit"
#string STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT #language en-US "Discard Changes and Exit" #string STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT #language en-US "Discard Changes and Exit"
#string STR_CERT_TYPE_PCKS_GUID #language en-US "GUID for CERT" #string STR_CERT_TYPE_PCKS_GUID #language en-US "GUID for CERT"
#string STR_NULL #language en-US "" #string STR_NULL #language en-US ""

3377
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
View File

File diff suppressed because it is too large Load Diff

564
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h
View File

@ -1,282 +1,282 @@
/** @file /** @file
Header file of Miscellaneous Routines for TlsAuthConfigDxe driver. Header file of Miscellaneous Routines for TlsAuthConfigDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __TLS_AUTH_CONFIG_IMPL_H__ #ifndef __TLS_AUTH_CONFIG_IMPL_H__
#define __TLS_AUTH_CONFIG_IMPL_H__ #define __TLS_AUTH_CONFIG_IMPL_H__
#include <Uefi.h> #include <Uefi.h>
#include <Protocol/HiiConfigAccess.h> #include <Protocol/HiiConfigAccess.h>
#include <Protocol/SimpleFileSystem.h> #include <Protocol/SimpleFileSystem.h>
// //
// Libraries // Libraries
// //
#include <Library/UefiBootServicesTableLib.h> #include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeServicesTableLib.h> #include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Library/BaseMemoryLib.h> #include <Library/BaseMemoryLib.h>
#include <Library/BaseLib.h> #include <Library/BaseLib.h>
#include <Library/UefiLib.h> #include <Library/UefiLib.h>
#include <Library/DebugLib.h> #include <Library/DebugLib.h>
#include <Library/DevicePathLib.h> #include <Library/DevicePathLib.h>
#include <Library/HiiLib.h> #include <Library/HiiLib.h>
#include <Library/UefiHiiServicesLib.h> #include <Library/UefiHiiServicesLib.h>
#include <Library/FileExplorerLib.h> #include <Library/FileExplorerLib.h>
#include <Library/PrintLib.h> #include <Library/PrintLib.h>
#include <Guid/MdeModuleHii.h> #include <Guid/MdeModuleHii.h>
#include <Guid/ImageAuthentication.h> #include <Guid/ImageAuthentication.h>
#include <Guid/TlsAuthentication.h> #include <Guid/TlsAuthentication.h>
// //
// Include files with function prototypes // Include files with function prototypes
// //
#include "TlsAuthConfigNvData.h" #include "TlsAuthConfigNvData.h"
extern UINT8 TlsAuthConfigDxeStrings[]; extern UINT8 TlsAuthConfigDxeStrings[];
extern UINT8 TlsAuthConfigVfrBin[]; extern UINT8 TlsAuthConfigVfrBin[];
#define TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('T', 'A', 'C', 'D') #define TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('T', 'A', 'C', 'D')
#define TLS_AUTH_CONFIG_PRIVATE_FROM_THIS(a) CR (a, TLS_AUTH_CONFIG_PRIVATE_DATA, ConfigAccess, TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE) #define TLS_AUTH_CONFIG_PRIVATE_FROM_THIS(a) CR (a, TLS_AUTH_CONFIG_PRIVATE_DATA, ConfigAccess, TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE)
#define TLS_AUTH_CONFIG_VAR_BASE_ATTR (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS) #define TLS_AUTH_CONFIG_VAR_BASE_ATTR (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS)
typedef struct _TLS_AUTH_CONFIG_PRIVATE_DATA TLS_AUTH_CONFIG_PRIVATE_DATA; typedef struct _TLS_AUTH_CONFIG_PRIVATE_DATA TLS_AUTH_CONFIG_PRIVATE_DATA;
typedef struct _TLS_AUTH_CONFIG_FILE_CONTEXT TLS_AUTH_CONFIG_FILE_CONTEXT; typedef struct _TLS_AUTH_CONFIG_FILE_CONTEXT TLS_AUTH_CONFIG_FILE_CONTEXT;
/// ///
/// HII specific Vendor Device Path definition. /// HII specific Vendor Device Path definition.
/// ///
typedef struct { typedef struct {
VENDOR_DEVICE_PATH VendorDevicePath; VENDOR_DEVICE_PATH VendorDevicePath;
EFI_DEVICE_PATH_PROTOCOL End; EFI_DEVICE_PATH_PROTOCOL End;
} HII_VENDOR_DEVICE_PATH; } HII_VENDOR_DEVICE_PATH;
struct _TLS_AUTH_CONFIG_FILE_CONTEXT { struct _TLS_AUTH_CONFIG_FILE_CONTEXT {
EFI_FILE_HANDLE FHandle; EFI_FILE_HANDLE FHandle;
UINT16 *FileName; UINT16 *FileName;
}; };
struct _TLS_AUTH_CONFIG_PRIVATE_DATA { struct _TLS_AUTH_CONFIG_PRIVATE_DATA {
UINTN Signature; UINTN Signature;
EFI_HANDLE DriverHandle; EFI_HANDLE DriverHandle;
EFI_HII_HANDLE RegisteredHandle; EFI_HII_HANDLE RegisteredHandle;
EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess; EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
TLS_AUTH_CONFIG_IFR_NVDATA TlsAuthConfigNvData; TLS_AUTH_CONFIG_IFR_NVDATA TlsAuthConfigNvData;
TLS_AUTH_CONFIG_FILE_CONTEXT *FileContext; TLS_AUTH_CONFIG_FILE_CONTEXT *FileContext;
EFI_GUID *CertGuid; EFI_GUID *CertGuid;
}; };
/** /**
Unload the configuration form, this includes: delete all the configuration Unload the configuration form, this includes: delete all the configuration
entries, uninstall the form callback protocol, and free the resources used. entries, uninstall the form callback protocol, and free the resources used.
The form will only be unload completely when both IP4 and IP6 stack are stopped. The form will only be unload completely when both IP4 and IP6 stack are stopped.
@param[in] Private Pointer to the driver private data. @param[in] Private Pointer to the driver private data.
@retval EFI_SUCCESS The configuration form is unloaded. @retval EFI_SUCCESS The configuration form is unloaded.
@retval Others Failed to unload the form. @retval Others Failed to unload the form.
**/ **/
EFI_STATUS EFI_STATUS
TlsAuthConfigFormUnload ( TlsAuthConfigFormUnload (
IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
); );
/** /**
Initialize the configuration form. Initialize the configuration form.
@param[in] Private Pointer to the driver private data. @param[in] Private Pointer to the driver private data.
@retval EFI_SUCCESS The configuration form is initialized. @retval EFI_SUCCESS The configuration form is initialized.
@retval EFI_OUT_OF_RESOURCES Failed to allocate memory. @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
**/ **/
EFI_STATUS EFI_STATUS
TlsAuthConfigFormInit ( TlsAuthConfigFormInit (
IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
); );
/** /**
This function allows the caller to request the current This function allows the caller to request the current
configuration for one or more named elements. The resulting configuration for one or more named elements. The resulting
string is in <ConfigAltResp> format. Any and all alternative string is in <ConfigAltResp> format. Any and all alternative
configuration strings shall also be appended to the end of the configuration strings shall also be appended to the end of the
current configuration string. If they are, they must appear current configuration string. If they are, they must appear
after the current configuration. They must contain the same after the current configuration. They must contain the same
routing (GUID, NAME, PATH) as the current configuration string. routing (GUID, NAME, PATH) as the current configuration string.
They must have an additional description indicating the type of They must have an additional description indicating the type of
alternative configuration the string represents, alternative configuration the string represents,
"ALTCFG=<StringToken>". That <StringToken> (when "ALTCFG=<StringToken>". That <StringToken> (when
converted from Hex UNICODE to binary) is a reference to a converted from Hex UNICODE to binary) is a reference to a
string in the associated string pack. string in the associated string pack.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Request A null-terminated Unicode string in @param Request A null-terminated Unicode string in
<ConfigRequest> format. Note that this <ConfigRequest> format. Note that this
includes the routing information as well as includes the routing information as well as
the configurable name / value pairs. It is the configurable name / value pairs. It is
invalid for this string to be in invalid for this string to be in
<MultiConfigRequest> format. <MultiConfigRequest> format.
If a NULL is passed in for the Request field, If a NULL is passed in for the Request field,
all of the settings being abstracted by this function all of the settings being abstracted by this function
will be returned in the Results field. In addition, will be returned in the Results field. In addition,
if a ConfigHdr is passed in with no request elements, if a ConfigHdr is passed in with no request elements,
all of the settings being abstracted for that particular all of the settings being abstracted for that particular
ConfigHdr reference will be returned in the Results Field. ConfigHdr reference will be returned in the Results Field.
@param Progress On return, points to a character in the @param Progress On return, points to a character in the
Request string. Points to the string's null Request string. Points to the string's null
terminator if request was successful. Points terminator if request was successful. Points
to the most recent "&" before the first to the most recent "&" before the first
failing name / value pair (or the beginning failing name / value pair (or the beginning
of the string if the failure is in the first of the string if the failure is in the first
name / value pair) if the request was not name / value pair) if the request was not
successful. successful.
@param Results A null-terminated Unicode string in @param Results A null-terminated Unicode string in
<MultiConfigAltResp> format which has all values <MultiConfigAltResp> format which has all values
filled in for the names in the Request string. filled in for the names in the Request string.
String to be allocated by the called function. String to be allocated by the called function.
@retval EFI_SUCCESS The Results string is filled with the @retval EFI_SUCCESS The Results string is filled with the
values corresponding to all requested values corresponding to all requested
names. names.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
parts of the results that must be parts of the results that must be
stored awaiting possible future stored awaiting possible future
protocols. protocols.
@retval EFI_NOT_FOUND Routing data doesn't match any @retval EFI_NOT_FOUND Routing data doesn't match any
known driver. Progress set to the known driver. Progress set to the
first character in the routing header. first character in the routing header.
Note: There is no requirement that the Note: There is no requirement that the
driver validate the routing data. It driver validate the routing data. It
must skip the <ConfigHdr> in order to must skip the <ConfigHdr> in order to
process the names. process the names.
@retval EFI_INVALID_PARAMETER Illegal syntax. Progress set @retval EFI_INVALID_PARAMETER Illegal syntax. Progress set
to most recent "&" before the to most recent "&" before the
error or the beginning of the error or the beginning of the
string. string.
@retval EFI_INVALID_PARAMETER Unknown name. Progress points @retval EFI_INVALID_PARAMETER Unknown name. Progress points
to the & before the name in to the & before the name in
question. question.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsAuthConfigAccessExtractConfig ( TlsAuthConfigAccessExtractConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Request, IN CONST EFI_STRING Request,
OUT EFI_STRING *Progress, OUT EFI_STRING *Progress,
OUT EFI_STRING *Results OUT EFI_STRING *Results
); );
/** /**
This function applies changes in a driver's configuration. This function applies changes in a driver's configuration.
Input is a Configuration, which has the routing data for this Input is a Configuration, which has the routing data for this
driver followed by name / value configuration pairs. The driver driver followed by name / value configuration pairs. The driver
must apply those pairs to its configurable storage. If the must apply those pairs to its configurable storage. If the
driver's configuration is stored in a linear block of data driver's configuration is stored in a linear block of data
and the driver's name / value pairs are in <BlockConfig> and the driver's name / value pairs are in <BlockConfig>
format, it may use the ConfigToBlock helper function (above) to format, it may use the ConfigToBlock helper function (above) to
simplify the job. simplify the job.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Configuration A null-terminated Unicode string in @param Configuration A null-terminated Unicode string in
<ConfigString> format. <ConfigString> format.
@param Progress A pointer to a string filled in with the @param Progress A pointer to a string filled in with the
offset of the most recent '&' before the offset of the most recent '&' before the
first failing name / value pair (or the first failing name / value pair (or the
beginn ing of the string if the failure beginn ing of the string if the failure
is in the first name / value pair) or is in the first name / value pair) or
the terminating NULL if all was the terminating NULL if all was
successful. successful.
@retval EFI_SUCCESS The results have been distributed or are @retval EFI_SUCCESS The results have been distributed or are
awaiting distribution. awaiting distribution.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
parts of the results that must be parts of the results that must be
stored awaiting possible future stored awaiting possible future
protocols. protocols.
@retval EFI_INVALID_PARAMETERS Passing in a NULL for the @retval EFI_INVALID_PARAMETERS Passing in a NULL for the
Results parameter would result Results parameter would result
in this type of error. in this type of error.
@retval EFI_NOT_FOUND Target for the specified routing data @retval EFI_NOT_FOUND Target for the specified routing data
was not found was not found
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsAuthConfigAccessRouteConfig ( TlsAuthConfigAccessRouteConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Configuration, IN CONST EFI_STRING Configuration,
OUT EFI_STRING *Progress OUT EFI_STRING *Progress
); );
/** /**
This function is called to provide results data to the driver. This function is called to provide results data to the driver.
This data consists of a unique key that is used to identify This data consists of a unique key that is used to identify
which data is either being passed back or being asked for. which data is either being passed back or being asked for.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Action Specifies the type of action taken by the browser. @param Action Specifies the type of action taken by the browser.
@param QuestionId A unique value which is sent to the original @param QuestionId A unique value which is sent to the original
exporting driver so that it can identify the type exporting driver so that it can identify the type
of data to expect. The format of the data tends to of data to expect. The format of the data tends to
vary based on the opcode that generated the callback. vary based on the opcode that generated the callback.
@param Type The type of value for the question. @param Type The type of value for the question.
@param Value A pointer to the data being sent to the original @param Value A pointer to the data being sent to the original
exporting driver. exporting driver.
@param ActionRequest On return, points to the action requested by the @param ActionRequest On return, points to the action requested by the
callback function. callback function.
@retval EFI_SUCCESS The callback successfully handled the action. @retval EFI_SUCCESS The callback successfully handled the action.
@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
variable and its data. variable and its data.
@retval EFI_DEVICE_ERROR The variable could not be saved. @retval EFI_DEVICE_ERROR The variable could not be saved.
@retval EFI_UNSUPPORTED The specified Action is not supported by the @retval EFI_UNSUPPORTED The specified Action is not supported by the
callback. callback.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsAuthConfigAccessCallback ( TlsAuthConfigAccessCallback (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN EFI_BROWSER_ACTION Action, IN EFI_BROWSER_ACTION Action,
IN EFI_QUESTION_ID QuestionId, IN EFI_QUESTION_ID QuestionId,
IN UINT8 Type, IN UINT8 Type,
IN OUT EFI_IFR_TYPE_VALUE *Value, IN OUT EFI_IFR_TYPE_VALUE *Value,
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
); );
#endif #endif

99
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h
View File

@ -1,49 +1,50 @@
/** @file /** @file
Header file for NV data structure definition. Header file for NV data structure definition.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __TLS_AUTH_CONFIG_NV_DATA_H__ #ifndef __TLS_AUTH_CONFIG_NV_DATA_H__
#define __TLS_AUTH_CONFIG_NV_DATA_H__ #define __TLS_AUTH_CONFIG_NV_DATA_H__
#include <Guid/TlsAuthConfigHii.h> #include <Guid/TlsAuthConfigHii.h>
#define TLS_AUTH_CONFIG_GUID_SIZE 36 #define TLS_AUTH_CONFIG_GUID_SIZE 36
#define TLS_AUTH_CONFIG_GUID_STORAGE_SIZE 37 #define TLS_AUTH_CONFIG_GUID_STORAGE_SIZE 37
#define TLS_AUTH_CONFIG_FORMID1_FORM 1 #define TLS_AUTH_CONFIG_FORMID1_FORM 1
#define TLS_AUTH_CONFIG_FORMID2_FORM 2 #define TLS_AUTH_CONFIG_FORMID2_FORM 2
#define TLS_AUTH_CONFIG_FORMID3_FORM 3 #define TLS_AUTH_CONFIG_FORMID3_FORM 3
#define TLS_AUTH_CONFIG_FORMID4_FORM 4 #define TLS_AUTH_CONFIG_FORMID4_FORM 4
#define TLS_AUTH_CONFIG_FORMID5_FORM 5 #define TLS_AUTH_CONFIG_FORMID5_FORM 5
#define KEY_TLS_AUTH_CONFIG_SERVER_CA 0x1000 #define KEY_TLS_AUTH_CONFIG_SERVER_CA 0x1000
#define KEY_TLS_AUTH_CONFIG_CLIENT_CERT 0x1001 #define KEY_TLS_AUTH_CONFIG_CLIENT_CERT 0x1001
#define KEY_TLS_AUTH_CONFIG_ENROLL_CERT 0x1002 #define KEY_TLS_AUTH_CONFIG_ENROLL_CERT 0x1002
#define KEY_TLS_AUTH_CONFIG_DELETE_CERT 0x1003 #define KEY_TLS_AUTH_CONFIG_DELETE_CERT 0x1003
#define KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE 0x1004 #define KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE 0x1004
#define KEY_TLS_AUTH_CONFIG_CERT_GUID 0x1005 #define KEY_TLS_AUTH_CONFIG_CERT_GUID 0x1005
#define KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT 0x1006 #define KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT 0x1006
#define KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT 0x1007 #define KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT 0x1007
#define OPTION_DEL_CA_ESTION_ID 0x2000 #define OPTION_DEL_CA_ESTION_ID 0x2000
#define OPTION_CONFIG_RANGE 0x1000 #define OPTION_CONFIG_RANGE 0x1000
#define LABEL_CA_DELETE 0x1101 #define LABEL_CA_DELETE 0x1101
#define LABEL_END 0xffff #define LABEL_END 0xffff
typedef struct { typedef struct {
CHAR16 CertGuid[TLS_AUTH_CONFIG_GUID_STORAGE_SIZE]; CHAR16 CertGuid[TLS_AUTH_CONFIG_GUID_STORAGE_SIZE];
} TLS_AUTH_CONFIG_IFR_NVDATA; } TLS_AUTH_CONFIG_IFR_NVDATA;
#endif #endif

305
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigVfr.vfr
View File

@ -1,152 +1,153 @@
/** @file /** @file
VFR file used by TlsAuthConfigDxe driver. VFR file used by TlsAuthConfigDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#include "TlsAuthConfigNvData.h" #include "TlsAuthConfigNvData.h"
formset formset
guid = TLS_AUTH_CONFIG_GUID, guid = TLS_AUTH_CONFIG_GUID,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE), title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_HELP),
varstore TLS_AUTH_CONFIG_IFR_NVDATA, varstore TLS_AUTH_CONFIG_IFR_NVDATA,
name = TLS_AUTH_CONFIG_IFR_NVDATA, name = TLS_AUTH_CONFIG_IFR_NVDATA,
guid = TLS_AUTH_CONFIG_GUID; guid = TLS_AUTH_CONFIG_GUID;
// //
// ##1 Form1: Main form for Tls Auth configration // ##1 Form1: Main form for Tls Auth configration
// //
form formid = TLS_AUTH_CONFIG_FORMID1_FORM, form formid = TLS_AUTH_CONFIG_FORMID1_FORM,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE); title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_TITLE);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
// //
// Display Server CA configration // Display Server CA configration
// //
goto TLS_AUTH_CONFIG_FORMID2_FORM, goto TLS_AUTH_CONFIG_FORMID2_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA_HELP),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_SERVER_CA; key = KEY_TLS_AUTH_CONFIG_SERVER_CA;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
// //
// Display Client cert configration // Display Client cert configration
// //
grayoutif TRUE; /// Current unsupported. grayoutif TRUE; /// Current unsupported.
goto TLS_AUTH_CONFIG_FORMID3_FORM, goto TLS_AUTH_CONFIG_FORMID3_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT_HELP),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_CLIENT_CERT; key = KEY_TLS_AUTH_CONFIG_CLIENT_CERT;
endif; endif;
endform; endform;
// //
// ##2 Form2: CA configuration // ##2 Form2: CA configuration
// //
form formid = TLS_AUTH_CONFIG_FORMID2_FORM, form formid = TLS_AUTH_CONFIG_FORMID2_FORM,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA); title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SERVER_CA);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
goto TLS_AUTH_CONFIG_FORMID4_FORM, goto TLS_AUTH_CONFIG_FORMID4_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT_HELP),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT; key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
goto TLS_AUTH_CONFIG_FORMID5_FORM, goto TLS_AUTH_CONFIG_FORMID5_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT_HELP),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_DELETE_CERT; key = KEY_TLS_AUTH_CONFIG_DELETE_CERT;
endform; endform;
// //
// ##3 Form3 : Client cert configuration // ##3 Form3 : Client cert configuration
// //
form formid = TLS_AUTH_CONFIG_FORMID3_FORM, form formid = TLS_AUTH_CONFIG_FORMID3_FORM,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT); title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CLIENT_CERT);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
// //
// TODO... // TODO...
// //
endform; endform;
// //
// ##4 Form4: Enroll cert for CA // ##4 Form4: Enroll cert for CA
// //
form formid = TLS_AUTH_CONFIG_FORMID4_FORM, form formid = TLS_AUTH_CONFIG_FORMID4_FORM,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT); title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ENROLL_CERT);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
goto TLS_AUTH_CONFIG_FORMID4_FORM, goto TLS_AUTH_CONFIG_FORMID4_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_ADD_CERT_FILE),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE; key = KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
label TLS_AUTH_CONFIG_FORMID4_FORM; label TLS_AUTH_CONFIG_FORMID4_FORM;
label LABEL_END; label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
string varid = TLS_AUTH_CONFIG_IFR_NVDATA.CertGuid, string varid = TLS_AUTH_CONFIG_IFR_NVDATA.CertGuid,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID_HELP), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_CERT_GUID_HELP),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_CERT_GUID, key = KEY_TLS_AUTH_CONFIG_CERT_GUID,
minsize = TLS_AUTH_CONFIG_GUID_SIZE, minsize = TLS_AUTH_CONFIG_GUID_SIZE,
maxsize = TLS_AUTH_CONFIG_GUID_SIZE, maxsize = TLS_AUTH_CONFIG_GUID_SIZE,
endstring; endstring;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
goto TLS_AUTH_CONFIG_FORMID1_FORM, goto TLS_AUTH_CONFIG_FORMID1_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_SAVE_AND_EXIT),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT; key = KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT;
goto TLS_AUTH_CONFIG_FORMID1_FORM, goto TLS_AUTH_CONFIG_FORMID1_FORM,
prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT), prompt = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT),
help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT), help = STRING_TOKEN(STR_TLS_AUTH_CONFIG_NO_SAVE_AND_EXIT),
flags = INTERACTIVE, flags = INTERACTIVE,
key = KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT; key = KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT;
endform; endform;
// //
// ##5 Form5: Delete cert for CA // ##5 Form5: Delete cert for CA
// //
form formid = TLS_AUTH_CONFIG_FORMID5_FORM, form formid = TLS_AUTH_CONFIG_FORMID5_FORM,
title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT); title = STRING_TOKEN(STR_TLS_AUTH_CONFIG_DELETE_CERT);
label LABEL_CA_DELETE; label LABEL_CA_DELETE;
label LABEL_END; label LABEL_END;
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
endform; endform;
endformset; endformset;

305
NetworkPkg/TlsDxe/TlsConfigProtocol.c
View File

@ -1,152 +1,153 @@
/** @file /** @file
Implementation of EFI TLS Configuration Protocol Interfaces. Implementation of EFI TLS Configuration Protocol Interfaces.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#include "TlsImpl.h" #include "TlsImpl.h"
EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol = { EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol = {
TlsConfigurationSetData, TlsConfigurationSetData,
TlsConfigurationGetData TlsConfigurationGetData
}; };
/** /**
Set TLS configuration data. Set TLS configuration data.
The SetData() function sets TLS configuration to non-volatile storage or volatile The SetData() function sets TLS configuration to non-volatile storage or volatile
storage. storage.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in] Data Pointer to configuration data. @param[in] Data Pointer to configuration data.
@param[in] DataSize Total size of configuration data. @param[in] DataSize Total size of configuration data.
@retval EFI_SUCCESS The TLS configuration data is set successfully. @retval EFI_SUCCESS The TLS configuration data is set successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
Data is NULL. Data is NULL.
DataSize is 0. DataSize is 0.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated. @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConfigurationSetData ( TlsConfigurationSetData (
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN VOID *Data, IN VOID *Data,
IN UINTN DataSize IN UINTN DataSize
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TLS_INSTANCE *Instance; TLS_INSTANCE *Instance;
EFI_TPL OldTpl; EFI_TPL OldTpl;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
if (This == NULL || Data == NULL || DataSize == 0) { if (This == NULL || Data == NULL || DataSize == 0) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
OldTpl = gBS->RaiseTPL (TPL_CALLBACK); OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
Instance = TLS_INSTANCE_FROM_CONFIGURATION (This); Instance = TLS_INSTANCE_FROM_CONFIGURATION (This);
switch (DataType) { switch (DataType) {
case EfiTlsConfigDataTypeCACertificate: case EfiTlsConfigDataTypeCACertificate:
Status = TlsSetCaCertificate (Instance->TlsConn, Data, DataSize); Status = TlsSetCaCertificate (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeHostPublicCert: case EfiTlsConfigDataTypeHostPublicCert:
Status = TlsSetHostPublicCert (Instance->TlsConn, Data, DataSize); Status = TlsSetHostPublicCert (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeHostPrivateKey: case EfiTlsConfigDataTypeHostPrivateKey:
Status = TlsSetHostPrivateKey (Instance->TlsConn, Data, DataSize); Status = TlsSetHostPrivateKey (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeCertRevocationList: case EfiTlsConfigDataTypeCertRevocationList:
Status = TlsSetCertRevocationList (Data, DataSize); Status = TlsSetCertRevocationList (Data, DataSize);
break; break;
default: default:
Status = EFI_UNSUPPORTED; Status = EFI_UNSUPPORTED;
} }
gBS->RestoreTPL (OldTpl); gBS->RestoreTPL (OldTpl);
return Status; return Status;
} }
/** /**
Get TLS configuration data. Get TLS configuration data.
The GetData() function gets TLS configuration. The GetData() function gets TLS configuration.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in, out] Data Pointer to configuration data. @param[in, out] Data Pointer to configuration data.
@param[in, out] DataSize Total size of configuration data. On input, it means @param[in, out] DataSize Total size of configuration data. On input, it means
the size of Data buffer. On output, it means the size the size of Data buffer. On output, it means the size
of copied Data buffer if EFI_SUCCESS, and means the of copied Data buffer if EFI_SUCCESS, and means the
size of desired Data buffer if EFI_BUFFER_TOO_SMALL. size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
@retval EFI_SUCCESS The TLS configuration data is got successfully. @retval EFI_SUCCESS The TLS configuration data is got successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
DataSize is NULL. DataSize is NULL.
Data is NULL if *DataSize is not zero. Data is NULL if *DataSize is not zero.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_NOT_FOUND The TLS configuration data is not found. @retval EFI_NOT_FOUND The TLS configuration data is not found.
@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data. @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConfigurationGetData ( TlsConfigurationGetData (
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN OUT VOID *Data, OPTIONAL IN OUT VOID *Data, OPTIONAL
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TLS_INSTANCE *Instance; TLS_INSTANCE *Instance;
EFI_TPL OldTpl; EFI_TPL OldTpl;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
if (This == NULL || DataSize == NULL || (Data == NULL && *DataSize != 0)) { if (This == NULL || DataSize == NULL || (Data == NULL && *DataSize != 0)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
OldTpl = gBS->RaiseTPL (TPL_CALLBACK); OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
Instance = TLS_INSTANCE_FROM_CONFIGURATION (This); Instance = TLS_INSTANCE_FROM_CONFIGURATION (This);
switch (DataType) { switch (DataType) {
case EfiTlsConfigDataTypeCACertificate: case EfiTlsConfigDataTypeCACertificate:
Status = TlsGetCaCertificate (Instance->TlsConn, Data, DataSize); Status = TlsGetCaCertificate (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeHostPublicCert: case EfiTlsConfigDataTypeHostPublicCert:
Status = TlsGetHostPublicCert (Instance->TlsConn, Data, DataSize); Status = TlsGetHostPublicCert (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeHostPrivateKey: case EfiTlsConfigDataTypeHostPrivateKey:
Status = TlsGetHostPrivateKey (Instance->TlsConn, Data, DataSize); Status = TlsGetHostPrivateKey (Instance->TlsConn, Data, DataSize);
break; break;
case EfiTlsConfigDataTypeCertRevocationList: case EfiTlsConfigDataTypeCertRevocationList:
Status = TlsGetCertRevocationList (Data, DataSize); Status = TlsGetCertRevocationList (Data, DataSize);
break; break;
default: default:
Status = EFI_UNSUPPORTED; Status = EFI_UNSUPPORTED;
} }
gBS->RestoreTPL (OldTpl); gBS->RestoreTPL (OldTpl);
return Status; return Status;
} }

993
NetworkPkg/TlsDxe/TlsDriver.c
View File

@ -1,496 +1,497 @@
/** @file /** @file
The Driver Binding and Service Binding Protocol for TlsDxe driver. The Driver Binding and Service Binding Protocol for TlsDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#include "TlsImpl.h" #include "TlsImpl.h"
EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding = { EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding = {
TlsServiceBindingCreateChild, TlsServiceBindingCreateChild,
TlsServiceBindingDestroyChild TlsServiceBindingDestroyChild
}; };
/** /**
Release all the resources used by the TLS instance. Release all the resources used by the TLS instance.
@param[in] Instance The TLS instance data. @param[in] Instance The TLS instance data.
**/ **/
VOID VOID
TlsCleanInstance ( TlsCleanInstance (
IN TLS_INSTANCE *Instance IN TLS_INSTANCE *Instance
) )
{ {
if (Instance != NULL) { if (Instance != NULL) {
if (Instance->TlsConn != NULL) { if (Instance->TlsConn != NULL) {
TlsFree (Instance->TlsConn); TlsFree (Instance->TlsConn);
} }
FreePool (Instance); FreePool (Instance);
} }
} }
/** /**
Create the TLS instance and initialize it. Create the TLS instance and initialize it.
@param[in] Service The pointer to the TLS service. @param[in] Service The pointer to the TLS service.
@param[out] Instance The pointer to the TLS instance. @param[out] Instance The pointer to the TLS instance.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
@retval EFI_SUCCESS The TLS instance is created. @retval EFI_SUCCESS The TLS instance is created.
**/ **/
EFI_STATUS EFI_STATUS
TlsCreateInstance ( TlsCreateInstance (
IN TLS_SERVICE *Service, IN TLS_SERVICE *Service,
OUT TLS_INSTANCE **Instance OUT TLS_INSTANCE **Instance
) )
{ {
TLS_INSTANCE *TlsInstance; TLS_INSTANCE *TlsInstance;
*Instance = NULL; *Instance = NULL;
TlsInstance = AllocateZeroPool (sizeof (TLS_INSTANCE)); TlsInstance = AllocateZeroPool (sizeof (TLS_INSTANCE));
if (TlsInstance == NULL) { if (TlsInstance == NULL) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
TlsInstance->Signature = TLS_INSTANCE_SIGNATURE; TlsInstance->Signature = TLS_INSTANCE_SIGNATURE;
InitializeListHead (&TlsInstance->Link); InitializeListHead (&TlsInstance->Link);
TlsInstance->InDestroy = FALSE; TlsInstance->InDestroy = FALSE;
TlsInstance->Service = Service; TlsInstance->Service = Service;
CopyMem (&TlsInstance->Tls, &mTlsProtocol, sizeof (TlsInstance->Tls)); CopyMem (&TlsInstance->Tls, &mTlsProtocol, sizeof (TlsInstance->Tls));
CopyMem (&TlsInstance->TlsConfig, &mTlsConfigurationProtocol, sizeof (TlsInstance->TlsConfig)); CopyMem (&TlsInstance->TlsConfig, &mTlsConfigurationProtocol, sizeof (TlsInstance->TlsConfig));
TlsInstance->TlsSessionState = EfiTlsSessionNotStarted; TlsInstance->TlsSessionState = EfiTlsSessionNotStarted;
*Instance = TlsInstance; *Instance = TlsInstance;
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/** /**
Release all the resources used by the TLS service binding instance. Release all the resources used by the TLS service binding instance.
@param[in] Service The TLS service data. @param[in] Service The TLS service data.
**/ **/
VOID VOID
TlsCleanService ( TlsCleanService (
IN TLS_SERVICE *Service IN TLS_SERVICE *Service
) )
{ {
if (Service != NULL) { if (Service != NULL) {
if (Service->TlsCtx != NULL) { if (Service->TlsCtx != NULL) {
TlsCtxFree (Service->TlsCtx); TlsCtxFree (Service->TlsCtx);
} }
FreePool (Service); FreePool (Service);
} }
} }
/** /**
Create then initialize a TLS service. Create then initialize a TLS service.
@param[in] Image ImageHandle of the TLS driver @param[in] Image ImageHandle of the TLS driver
@param[out] Service The service for TLS driver @param[out] Service The service for TLS driver
@retval EFI_OUT_OF_RESOURCES Failed to allocate resource to create the service. @retval EFI_OUT_OF_RESOURCES Failed to allocate resource to create the service.
@retval EFI_SUCCESS The service is created for the driver. @retval EFI_SUCCESS The service is created for the driver.
**/ **/
EFI_STATUS EFI_STATUS
TlsCreateService ( TlsCreateService (
IN EFI_HANDLE Image, IN EFI_HANDLE Image,
OUT TLS_SERVICE **Service OUT TLS_SERVICE **Service
) )
{ {
TLS_SERVICE *TlsService; TLS_SERVICE *TlsService;
ASSERT (Service != NULL); ASSERT (Service != NULL);
*Service = NULL; *Service = NULL;
// //
// Allocate a TLS Service Data // Allocate a TLS Service Data
// //
TlsService = AllocateZeroPool (sizeof (TLS_SERVICE)); TlsService = AllocateZeroPool (sizeof (TLS_SERVICE));
if (TlsService == NULL) { if (TlsService == NULL) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
// //
// Initialize TLS Service Data // Initialize TLS Service Data
// //
TlsService->Signature = TLS_SERVICE_SIGNATURE; TlsService->Signature = TLS_SERVICE_SIGNATURE;
CopyMem (&TlsService->ServiceBinding, &mTlsServiceBinding, sizeof (TlsService->ServiceBinding)); CopyMem (&TlsService->ServiceBinding, &mTlsServiceBinding, sizeof (TlsService->ServiceBinding));
TlsService->TlsChildrenNum = 0; TlsService->TlsChildrenNum = 0;
InitializeListHead (&TlsService->TlsChildrenList); InitializeListHead (&TlsService->TlsChildrenList);
TlsService->ImageHandle = Image; TlsService->ImageHandle = Image;
*Service = TlsService; *Service = TlsService;
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/** /**
Unloads an image. Unloads an image.
@param[in] ImageHandle Handle that identifies the image to be unloaded. @param[in] ImageHandle Handle that identifies the image to be unloaded.
@retval EFI_SUCCESS The image has been unloaded. @retval EFI_SUCCESS The image has been unloaded.
@retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsUnload ( TlsUnload (
IN EFI_HANDLE ImageHandle IN EFI_HANDLE ImageHandle
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
UINTN HandleNum; UINTN HandleNum;
EFI_HANDLE *HandleBuffer; EFI_HANDLE *HandleBuffer;
UINT32 Index; UINT32 Index;
EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding; EFI_SERVICE_BINDING_PROTOCOL *ServiceBinding;
TLS_SERVICE *TlsService; TLS_SERVICE *TlsService;
HandleBuffer = NULL; HandleBuffer = NULL;
ServiceBinding = NULL; ServiceBinding = NULL;
TlsService = NULL; TlsService = NULL;
// //
// Locate all the handles with Tls service binding protocol. // Locate all the handles with Tls service binding protocol.
// //
Status = gBS->LocateHandleBuffer ( Status = gBS->LocateHandleBuffer (
ByProtocol, ByProtocol,
&gEfiTlsServiceBindingProtocolGuid, &gEfiTlsServiceBindingProtocolGuid,
NULL, NULL,
&HandleNum, &HandleNum,
&HandleBuffer &HandleBuffer
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
for (Index = 0; Index < HandleNum; Index++) { for (Index = 0; Index < HandleNum; Index++) {
// //
// Firstly, find ServiceBinding interface // Firstly, find ServiceBinding interface
// //
Status = gBS->OpenProtocol ( Status = gBS->OpenProtocol (
HandleBuffer[Index], HandleBuffer[Index],
&gEfiTlsServiceBindingProtocolGuid, &gEfiTlsServiceBindingProtocolGuid,
(VOID **) &ServiceBinding, (VOID **) &ServiceBinding,
ImageHandle, ImageHandle,
NULL, NULL,
EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
TlsService = TLS_SERVICE_FROM_THIS (ServiceBinding); TlsService = TLS_SERVICE_FROM_THIS (ServiceBinding);
// //
// Then, uninstall ServiceBinding interface // Then, uninstall ServiceBinding interface
// //
Status = gBS->UninstallMultipleProtocolInterfaces ( Status = gBS->UninstallMultipleProtocolInterfaces (
HandleBuffer[Index], HandleBuffer[Index],
&gEfiTlsServiceBindingProtocolGuid, ServiceBinding, &gEfiTlsServiceBindingProtocolGuid, ServiceBinding,
NULL NULL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
TlsCleanService (TlsService); TlsCleanService (TlsService);
} }
if (HandleBuffer != NULL) { if (HandleBuffer != NULL) {
FreePool (HandleBuffer); FreePool (HandleBuffer);
} }
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/** /**
This is the declaration of an EFI image entry point. This entry point is This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
both device drivers and bus drivers. both device drivers and bus drivers.
@param ImageHandle The firmware allocated handle for the UEFI image. @param ImageHandle The firmware allocated handle for the UEFI image.
@param SystemTable A pointer to the EFI System Table. @param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval Others An unexpected error occurred. @retval Others An unexpected error occurred.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsDriverEntryPoint ( TlsDriverEntryPoint (
IN EFI_HANDLE ImageHandle, IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable IN EFI_SYSTEM_TABLE *SystemTable
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TLS_SERVICE *TlsService; TLS_SERVICE *TlsService;
// //
// Create TLS Service // Create TLS Service
// //
Status = TlsCreateService (ImageHandle, &TlsService); Status = TlsCreateService (ImageHandle, &TlsService);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
ASSERT (TlsService != NULL); ASSERT (TlsService != NULL);
// //
// Initializes the OpenSSL library. // Initializes the OpenSSL library.
// //
TlsInitialize (); TlsInitialize ();
// //
// Create a new SSL_CTX object as framework to establish TLS/SSL enabled // Create a new SSL_CTX object as framework to establish TLS/SSL enabled
// connections. TLS 1.0 is used as the default version. // connections. TLS 1.0 is used as the default version.
// //
TlsService->TlsCtx = TlsCtxNew (TLS10_PROTOCOL_VERSION_MAJOR, TLS10_PROTOCOL_VERSION_MINOR); TlsService->TlsCtx = TlsCtxNew (TLS10_PROTOCOL_VERSION_MAJOR, TLS10_PROTOCOL_VERSION_MINOR);
if (TlsService->TlsCtx == NULL) { if (TlsService->TlsCtx == NULL) {
FreePool (TlsService); FreePool (TlsService);
return EFI_ABORTED; return EFI_ABORTED;
} }
// //
// Install the TlsServiceBinding Protocol onto Handle // Install the TlsServiceBinding Protocol onto Handle
// //
Status = gBS->InstallMultipleProtocolInterfaces ( Status = gBS->InstallMultipleProtocolInterfaces (
&TlsService->Handle, &TlsService->Handle,
&gEfiTlsServiceBindingProtocolGuid, &gEfiTlsServiceBindingProtocolGuid,
&TlsService->ServiceBinding, &TlsService->ServiceBinding,
NULL NULL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
goto ON_CLEAN_SERVICE; goto ON_CLEAN_SERVICE;
} }
return Status; return Status;
ON_CLEAN_SERVICE: ON_CLEAN_SERVICE:
TlsCleanService (TlsService); TlsCleanService (TlsService);
return Status; return Status;
} }
/** /**
Creates a child handle and installs a protocol. Creates a child handle and installs a protocol.
The CreateChild() function installs a protocol on ChildHandle. The CreateChild() function installs a protocol on ChildHandle.
If ChildHandle is a pointer to NULL, then a new handle is created and returned in ChildHandle. If ChildHandle is a pointer to NULL, then a new handle is created and returned in ChildHandle.
If ChildHandle is not a pointer to NULL, then the protocol installs on the existing ChildHandle. If ChildHandle is not a pointer to NULL, then the protocol installs on the existing ChildHandle.
@param[in] This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance. @param[in] This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance.
@param[in] ChildHandle Pointer to the handle of the child to create. If it is NULL, @param[in] ChildHandle Pointer to the handle of the child to create. If it is NULL,
then a new handle is created. If it is a pointer to an existing UEFI handle, then a new handle is created. If it is a pointer to an existing UEFI handle,
then the protocol is added to the existing UEFI handle. then the protocol is added to the existing UEFI handle.
@retval EFI_SUCCES The protocol was added to ChildHandle. @retval EFI_SUCCES The protocol was added to ChildHandle.
@retval EFI_INVALID_PARAMETER ChildHandle is NULL. @retval EFI_INVALID_PARAMETER ChildHandle is NULL.
@retval EFI_OUT_OF_RESOURCES There are not enough resources available to create @retval EFI_OUT_OF_RESOURCES There are not enough resources available to create
the child. the child.
@retval other The child handle was not created. @retval other The child handle was not created.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsServiceBindingCreateChild ( TlsServiceBindingCreateChild (
IN EFI_SERVICE_BINDING_PROTOCOL *This, IN EFI_SERVICE_BINDING_PROTOCOL *This,
IN EFI_HANDLE *ChildHandle IN EFI_HANDLE *ChildHandle
) )
{ {
TLS_SERVICE *TlsService; TLS_SERVICE *TlsService;
TLS_INSTANCE *TlsInstance; TLS_INSTANCE *TlsInstance;
EFI_STATUS Status; EFI_STATUS Status;
EFI_TPL OldTpl; EFI_TPL OldTpl;
if ((This == NULL) || (ChildHandle == NULL)) { if ((This == NULL) || (ChildHandle == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
TlsService = TLS_SERVICE_FROM_THIS (This); TlsService = TLS_SERVICE_FROM_THIS (This);
Status = TlsCreateInstance (TlsService, &TlsInstance); Status = TlsCreateInstance (TlsService, &TlsInstance);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
ASSERT (TlsInstance != NULL); ASSERT (TlsInstance != NULL);
// //
// Create a new TLS connection object. // Create a new TLS connection object.
// //
TlsInstance->TlsConn = TlsNew (TlsService->TlsCtx); TlsInstance->TlsConn = TlsNew (TlsService->TlsCtx);
if (TlsInstance->TlsConn == NULL) { if (TlsInstance->TlsConn == NULL) {
Status = EFI_ABORTED; Status = EFI_ABORTED;
goto ON_ERROR; goto ON_ERROR;
} }
// //
// Set default ConnectionEnd to EfiTlsClient // Set default ConnectionEnd to EfiTlsClient
// //
Status = TlsSetConnectionEnd (TlsInstance->TlsConn, EfiTlsClient); Status = TlsSetConnectionEnd (TlsInstance->TlsConn, EfiTlsClient);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
goto ON_ERROR; goto ON_ERROR;
} }
// //
// Install TLS protocol and configuration protocol onto ChildHandle // Install TLS protocol and configuration protocol onto ChildHandle
// //
Status = gBS->InstallMultipleProtocolInterfaces ( Status = gBS->InstallMultipleProtocolInterfaces (
ChildHandle, ChildHandle,
&gEfiTlsProtocolGuid, &gEfiTlsProtocolGuid,
&TlsInstance->Tls, &TlsInstance->Tls,
&gEfiTlsConfigurationProtocolGuid, &gEfiTlsConfigurationProtocolGuid,
&TlsInstance->TlsConfig, &TlsInstance->TlsConfig,
NULL NULL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
goto ON_ERROR; goto ON_ERROR;
} }
TlsInstance->ChildHandle = *ChildHandle; TlsInstance->ChildHandle = *ChildHandle;
// //
// Add it to the TLS service's child list. // Add it to the TLS service's child list.
// //
OldTpl = gBS->RaiseTPL (TPL_CALLBACK); OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
InsertTailList (&TlsService->TlsChildrenList, &TlsInstance->Link); InsertTailList (&TlsService->TlsChildrenList, &TlsInstance->Link);
TlsService->TlsChildrenNum++; TlsService->TlsChildrenNum++;
gBS->RestoreTPL (OldTpl); gBS->RestoreTPL (OldTpl);
return EFI_SUCCESS; return EFI_SUCCESS;
ON_ERROR: ON_ERROR:
TlsCleanInstance (TlsInstance); TlsCleanInstance (TlsInstance);
return Status; return Status;
} }
/** /**
Destroys a child handle with a protocol installed on it. Destroys a child handle with a protocol installed on it.
The DestroyChild() function does the opposite of CreateChild(). It removes a protocol The DestroyChild() function does the opposite of CreateChild(). It removes a protocol
that was installed by CreateChild() from ChildHandle. If the removed protocol is the that was installed by CreateChild() from ChildHandle. If the removed protocol is the
last protocol on ChildHandle, then ChildHandle is destroyed. last protocol on ChildHandle, then ChildHandle is destroyed.
@param This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance. @param This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance.
@param ChildHandle Handle of the child to destroy. @param ChildHandle Handle of the child to destroy.
@retval EFI_SUCCES The protocol was removed from ChildHandle. @retval EFI_SUCCES The protocol was removed from ChildHandle.
@retval EFI_UNSUPPORTED ChildHandle does not support the protocol that is being removed. @retval EFI_UNSUPPORTED ChildHandle does not support the protocol that is being removed.
@retval EFI_INVALID_PARAMETER Child handle is NULL. @retval EFI_INVALID_PARAMETER Child handle is NULL.
@retval EFI_ACCESS_DENIED The protocol could not be removed from the ChildHandle @retval EFI_ACCESS_DENIED The protocol could not be removed from the ChildHandle
because its services are being used. because its services are being used.
@retval other The child handle was not destroyed. @retval other The child handle was not destroyed.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsServiceBindingDestroyChild ( TlsServiceBindingDestroyChild (
IN EFI_SERVICE_BINDING_PROTOCOL *This, IN EFI_SERVICE_BINDING_PROTOCOL *This,
IN EFI_HANDLE ChildHandle IN EFI_HANDLE ChildHandle
) )
{ {
TLS_SERVICE *TlsService; TLS_SERVICE *TlsService;
TLS_INSTANCE *TlsInstance; TLS_INSTANCE *TlsInstance;
EFI_TLS_PROTOCOL *Tls; EFI_TLS_PROTOCOL *Tls;
EFI_TLS_CONFIGURATION_PROTOCOL *TlsConfig; EFI_TLS_CONFIGURATION_PROTOCOL *TlsConfig;
EFI_STATUS Status; EFI_STATUS Status;
EFI_TPL OldTpl; EFI_TPL OldTpl;
if ((This == NULL) || (ChildHandle == NULL)) { if ((This == NULL) || (ChildHandle == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
TlsService = TLS_SERVICE_FROM_THIS (This); TlsService = TLS_SERVICE_FROM_THIS (This);
// //
// Find TLS protocol interface installed in ChildHandle // Find TLS protocol interface installed in ChildHandle
// //
Status = gBS->OpenProtocol ( Status = gBS->OpenProtocol (
ChildHandle, ChildHandle,
&gEfiTlsProtocolGuid, &gEfiTlsProtocolGuid,
(VOID **) &Tls, (VOID **) &Tls,
TlsService->ImageHandle, TlsService->ImageHandle,
NULL, NULL,
EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
// //
// Find TLS configuration protocol interface installed in ChildHandle // Find TLS configuration protocol interface installed in ChildHandle
// //
Status = gBS->OpenProtocol ( Status = gBS->OpenProtocol (
ChildHandle, ChildHandle,
&gEfiTlsConfigurationProtocolGuid, &gEfiTlsConfigurationProtocolGuid,
(VOID **) &TlsConfig, (VOID **) &TlsConfig,
TlsService->ImageHandle, TlsService->ImageHandle,
NULL, NULL,
EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
TlsInstance = TLS_INSTANCE_FROM_PROTOCOL (Tls); TlsInstance = TLS_INSTANCE_FROM_PROTOCOL (Tls);
if (TlsInstance->Service != TlsService) { if (TlsInstance->Service != TlsService) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
if (TlsInstance->InDestroy) { if (TlsInstance->InDestroy) {
return EFI_SUCCESS; return EFI_SUCCESS;
} }
OldTpl = gBS->RaiseTPL (TPL_CALLBACK); OldTpl = gBS->RaiseTPL (TPL_CALLBACK);
TlsInstance->InDestroy = TRUE; TlsInstance->InDestroy = TRUE;
// //
// Uninstall the TLS protocol and TLS Configuration Protocol interface installed in ChildHandle. // Uninstall the TLS protocol and TLS Configuration Protocol interface installed in ChildHandle.
// //
Status = gBS->UninstallMultipleProtocolInterfaces ( Status = gBS->UninstallMultipleProtocolInterfaces (
ChildHandle, ChildHandle,
&gEfiTlsProtocolGuid, &gEfiTlsProtocolGuid,
Tls, Tls,
&gEfiTlsConfigurationProtocolGuid, &gEfiTlsConfigurationProtocolGuid,
TlsConfig, TlsConfig,
NULL NULL
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
RemoveEntryList (&TlsInstance->Link); RemoveEntryList (&TlsInstance->Link);
TlsService->TlsChildrenNum--; TlsService->TlsChildrenNum--;
gBS->RestoreTPL (OldTpl); gBS->RestoreTPL (OldTpl);
TlsCleanInstance (TlsInstance); TlsCleanInstance (TlsInstance);
return EFI_SUCCESS; return EFI_SUCCESS;
} }

475
NetworkPkg/TlsDxe/TlsDriver.h
View File

@ -1,237 +1,238 @@
/** @file /** @file
Header file of the Driver Binding and Service Binding Protocol for TlsDxe driver. Header file of the Driver Binding and Service Binding Protocol for TlsDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php. http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __EFI_TLS_DRIVER_H__ #ifndef __EFI_TLS_DRIVER_H__
#define __EFI_TLS_DRIVER_H__ #define __EFI_TLS_DRIVER_H__
#include <Uefi.h> #include <Uefi.h>
// //
// Driver Protocols // Driver Protocols
// //
#include <Protocol/ServiceBinding.h> #include <Protocol/ServiceBinding.h>
// //
// Driver Version // Driver Version
// //
#define TLS_VERSION 0x00000000 #define TLS_VERSION 0x00000000
#define TLS_SERVICE_SIGNATURE SIGNATURE_32 ('T', 'L', 'S', 'S') #define TLS_SERVICE_SIGNATURE SIGNATURE_32 ('T', 'L', 'S', 'S')
#define TLS_INSTANCE_SIGNATURE SIGNATURE_32 ('T', 'L', 'S', 'I') #define TLS_INSTANCE_SIGNATURE SIGNATURE_32 ('T', 'L', 'S', 'I')
/// ///
/// TLS Service Data /// TLS Service Data
/// ///
typedef struct _TLS_SERVICE TLS_SERVICE; typedef struct _TLS_SERVICE TLS_SERVICE;
/// ///
/// TLS Instance Data /// TLS Instance Data
/// ///
typedef struct _TLS_INSTANCE TLS_INSTANCE; typedef struct _TLS_INSTANCE TLS_INSTANCE;
struct _TLS_SERVICE { struct _TLS_SERVICE {
UINT32 Signature; UINT32 Signature;
EFI_SERVICE_BINDING_PROTOCOL ServiceBinding; EFI_SERVICE_BINDING_PROTOCOL ServiceBinding;
UINT16 TlsChildrenNum; UINT16 TlsChildrenNum;
LIST_ENTRY TlsChildrenList; LIST_ENTRY TlsChildrenList;
// //
// Handle to install TlsServiceBinding protocol. // Handle to install TlsServiceBinding protocol.
// //
EFI_HANDLE Handle; EFI_HANDLE Handle;
EFI_HANDLE ImageHandle; EFI_HANDLE ImageHandle;
// //
// Main SSL Context object which is created by a server or client once per program // Main SSL Context object which is created by a server or client once per program
// life-time and which holds mainly default values for the SSL object which are later // life-time and which holds mainly default values for the SSL object which are later
// created for the connections. // created for the connections.
// //
VOID *TlsCtx; VOID *TlsCtx;
}; };
struct _TLS_INSTANCE { struct _TLS_INSTANCE {
UINT32 Signature; UINT32 Signature;
LIST_ENTRY Link; LIST_ENTRY Link;
BOOLEAN InDestroy; BOOLEAN InDestroy;
TLS_SERVICE *Service; TLS_SERVICE *Service;
EFI_HANDLE ChildHandle; EFI_HANDLE ChildHandle;
EFI_TLS_PROTOCOL Tls; EFI_TLS_PROTOCOL Tls;
EFI_TLS_CONFIGURATION_PROTOCOL TlsConfig; EFI_TLS_CONFIGURATION_PROTOCOL TlsConfig;
EFI_TLS_SESSION_STATE TlsSessionState; EFI_TLS_SESSION_STATE TlsSessionState;
// //
// Main SSL Connection which is created by a server or a client // Main SSL Connection which is created by a server or a client
// per established connection. // per established connection.
// //
VOID *TlsConn; VOID *TlsConn;
}; };
#define TLS_SERVICE_FROM_THIS(a) \ #define TLS_SERVICE_FROM_THIS(a) \
CR (a, TLS_SERVICE, ServiceBinding, TLS_SERVICE_SIGNATURE) CR (a, TLS_SERVICE, ServiceBinding, TLS_SERVICE_SIGNATURE)
#define TLS_INSTANCE_FROM_PROTOCOL(a) \ #define TLS_INSTANCE_FROM_PROTOCOL(a) \
CR (a, TLS_INSTANCE, Tls, TLS_INSTANCE_SIGNATURE) CR (a, TLS_INSTANCE, Tls, TLS_INSTANCE_SIGNATURE)
#define TLS_INSTANCE_FROM_CONFIGURATION(a) \ #define TLS_INSTANCE_FROM_CONFIGURATION(a) \
CR (a, TLS_INSTANCE, TlsConfig, TLS_INSTANCE_SIGNATURE) CR (a, TLS_INSTANCE, TlsConfig, TLS_INSTANCE_SIGNATURE)
/** /**
Release all the resources used by the TLS instance. Release all the resources used by the TLS instance.
@param[in] Instance The TLS instance data. @param[in] Instance The TLS instance data.
**/ **/
VOID VOID
TlsCleanInstance ( TlsCleanInstance (
IN TLS_INSTANCE *Instance IN TLS_INSTANCE *Instance
); );
/** /**
Create the TLS instance and initialize it. Create the TLS instance and initialize it.
@param[in] Service The pointer to the TLS service. @param[in] Service The pointer to the TLS service.
@param[out] Instance The pointer to the TLS instance. @param[out] Instance The pointer to the TLS instance.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
@retval EFI_SUCCESS The TLS instance is created. @retval EFI_SUCCESS The TLS instance is created.
**/ **/
EFI_STATUS EFI_STATUS
TlsCreateInstance ( TlsCreateInstance (
IN TLS_SERVICE *Service, IN TLS_SERVICE *Service,
OUT TLS_INSTANCE **Instance OUT TLS_INSTANCE **Instance
); );
/** /**
Release all the resources used by the TLS service binding instance. Release all the resources used by the TLS service binding instance.
@param[in] Service The TLS service data. @param[in] Service The TLS service data.
**/ **/
VOID VOID
TlsCleanService ( TlsCleanService (
IN TLS_SERVICE *Service IN TLS_SERVICE *Service
); );
/** /**
Create then initialize a TLS service. Create then initialize a TLS service.
@param[in] Image ImageHandle of the TLS driver @param[in] Image ImageHandle of the TLS driver
@param[out] Service The service for TLS driver @param[out] Service The service for TLS driver
@retval EFI_OUT_OF_RESOURCES Failed to allocate resource to create the service. @retval EFI_OUT_OF_RESOURCES Failed to allocate resource to create the service.
@retval EFI_SUCCESS The service is created for the driver. @retval EFI_SUCCESS The service is created for the driver.
**/ **/
EFI_STATUS EFI_STATUS
TlsCreateService ( TlsCreateService (
IN EFI_HANDLE Image, IN EFI_HANDLE Image,
OUT TLS_SERVICE **Service OUT TLS_SERVICE **Service
); );
/** /**
Unloads an image. Unloads an image.
@param[in] ImageHandle Handle that identifies the image to be unloaded. @param[in] ImageHandle Handle that identifies the image to be unloaded.
@retval EFI_SUCCESS The image has been unloaded. @retval EFI_SUCCESS The image has been unloaded.
@retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsUnload ( TlsUnload (
IN EFI_HANDLE ImageHandle IN EFI_HANDLE ImageHandle
); );
/** /**
This is the declaration of an EFI image entry point. This entry point is This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
both device drivers and bus drivers. both device drivers and bus drivers.
@param ImageHandle The firmware allocated handle for the UEFI image. @param ImageHandle The firmware allocated handle for the UEFI image.
@param SystemTable A pointer to the EFI System Table. @param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval Others An unexpected error occurred. @retval Others An unexpected error occurred.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsDriverEntryPoint ( TlsDriverEntryPoint (
IN EFI_HANDLE ImageHandle, IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable IN EFI_SYSTEM_TABLE *SystemTable
); );
/** /**
Creates a child handle and installs a protocol. Creates a child handle and installs a protocol.
The CreateChild() function installs a protocol on ChildHandle. The CreateChild() function installs a protocol on ChildHandle.
If ChildHandle is a pointer to NULL, then a new handle is created and returned in ChildHandle. If ChildHandle is a pointer to NULL, then a new handle is created and returned in ChildHandle.
If ChildHandle is not a pointer to NULL, then the protocol installs on the existing ChildHandle. If ChildHandle is not a pointer to NULL, then the protocol installs on the existing ChildHandle.
@param[in] This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance. @param[in] This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance.
@param[in] ChildHandle Pointer to the handle of the child to create. If it is NULL, @param[in] ChildHandle Pointer to the handle of the child to create. If it is NULL,
then a new handle is created. If it is a pointer to an existing UEFI handle, then a new handle is created. If it is a pointer to an existing UEFI handle,
then the protocol is added to the existing UEFI handle. then the protocol is added to the existing UEFI handle.
@retval EFI_SUCCES The protocol was added to ChildHandle. @retval EFI_SUCCES The protocol was added to ChildHandle.
@retval EFI_INVALID_PARAMETER ChildHandle is NULL. @retval EFI_INVALID_PARAMETER ChildHandle is NULL.
@retval EFI_OUT_OF_RESOURCES There are not enough resources available to create @retval EFI_OUT_OF_RESOURCES There are not enough resources available to create
the child. the child.
@retval other The child handle was not created. @retval other The child handle was not created.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsServiceBindingCreateChild ( TlsServiceBindingCreateChild (
IN EFI_SERVICE_BINDING_PROTOCOL *This, IN EFI_SERVICE_BINDING_PROTOCOL *This,
IN EFI_HANDLE *ChildHandle IN EFI_HANDLE *ChildHandle
); );
/** /**
Destroys a child handle with a protocol installed on it. Destroys a child handle with a protocol installed on it.
The DestroyChild() function does the opposite of CreateChild(). It removes a protocol The DestroyChild() function does the opposite of CreateChild(). It removes a protocol
that was installed by CreateChild() from ChildHandle. If the removed protocol is the that was installed by CreateChild() from ChildHandle. If the removed protocol is the
last protocol on ChildHandle, then ChildHandle is destroyed. last protocol on ChildHandle, then ChildHandle is destroyed.
@param This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance. @param This Pointer to the EFI_SERVICE_BINDING_PROTOCOL instance.
@param ChildHandle Handle of the child to destroy. @param ChildHandle Handle of the child to destroy.
@retval EFI_SUCCES The protocol was removed from ChildHandle. @retval EFI_SUCCES The protocol was removed from ChildHandle.
@retval EFI_UNSUPPORTED ChildHandle does not support the protocol that is being removed. @retval EFI_UNSUPPORTED ChildHandle does not support the protocol that is being removed.
@retval EFI_INVALID_PARAMETER Child handle is NULL. @retval EFI_INVALID_PARAMETER Child handle is NULL.
@retval EFI_ACCESS_DENIED The protocol could not be removed from the ChildHandle @retval EFI_ACCESS_DENIED The protocol could not be removed from the ChildHandle
because its services are being used. because its services are being used.
@retval other The child handle was not destroyed. @retval other The child handle was not destroyed.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsServiceBindingDestroyChild ( TlsServiceBindingDestroyChild (
IN EFI_SERVICE_BINDING_PROTOCOL *This, IN EFI_SERVICE_BINDING_PROTOCOL *This,
IN EFI_HANDLE ChildHandle IN EFI_HANDLE ChildHandle
); );
#endif #endif

131
NetworkPkg/TlsDxe/TlsDxe.inf
View File

@ -1,65 +1,66 @@
## @file ## @file
# This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and # This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and
# EFI TLS Configuration Protocol. # EFI TLS Configuration Protocol.
# #
# This module produces EFI TLS (Transport Layer Security) Protocol and EFI TLS # This module produces EFI TLS (Transport Layer Security) Protocol and EFI TLS
# Service Binding Protocol, to provide TLS services. # Service Binding Protocol, to provide TLS services.
# #
# Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php. # http://opensource.org/licenses/bsd-license.php.
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
# #
# #
## ##
[Defines] [Defines]
INF_VERSION = 0x00010005 INF_VERSION = 0x00010005
BASE_NAME = TlsDxe BASE_NAME = TlsDxe
FILE_GUID = 3aceb0c0-3c72-11e4-9a56-74d435052646 FILE_GUID = 3aceb0c0-3c72-11e4-9a56-74d435052646
MODULE_TYPE = UEFI_DRIVER MODULE_TYPE = UEFI_DRIVER
VERSION_STRING = 1.0 VERSION_STRING = 1.0
ENTRY_POINT = TlsDriverEntryPoint ENTRY_POINT = TlsDriverEntryPoint
UNLOAD_IMAGE = TlsUnload UNLOAD_IMAGE = TlsUnload
MODULE_UNI_FILE = TlsDxe.uni MODULE_UNI_FILE = TlsDxe.uni
# #
# VALID_ARCHITECTURES = IA32 X64 # VALID_ARCHITECTURES = IA32 X64
# #
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec MdeModulePkg/MdeModulePkg.dec
CryptoPkg/CryptoPkg.dec CryptoPkg/CryptoPkg.dec
[Sources] [Sources]
TlsDriver.h TlsDriver.h
TlsDriver.c TlsDriver.c
TlsProtocol.c TlsProtocol.c
TlsConfigProtocol.c TlsConfigProtocol.c
TlsImpl.h TlsImpl.h
TlsImpl.c TlsImpl.c
[LibraryClasses] [LibraryClasses]
UefiDriverEntryPoint UefiDriverEntryPoint
UefiBootServicesTableLib UefiBootServicesTableLib
MemoryAllocationLib MemoryAllocationLib
BaseMemoryLib BaseMemoryLib
BaseLib BaseLib
UefiLib UefiLib
DebugLib DebugLib
NetLib NetLib
BaseCryptLib BaseCryptLib
TlsLib TlsLib
[Protocols] [Protocols]
gEfiTlsServiceBindingProtocolGuid ## PRODUCES gEfiTlsServiceBindingProtocolGuid ## PRODUCES
gEfiTlsProtocolGuid ## PRODUCES gEfiTlsProtocolGuid ## PRODUCES
gEfiTlsConfigurationProtocolGuid ## PRODUCES gEfiTlsConfigurationProtocolGuid ## PRODUCES
[UserExtensions.TianoCore."ExtraFiles"] [UserExtensions.TianoCore."ExtraFiles"]
TlsDxeExtra.uni TlsDxeExtra.uni

50
NetworkPkg/TlsDxe/TlsDxe.uni
View File

@ -1,25 +1,25 @@
// /** @file // /** @file
// This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and // This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and
// EFI TLS Configuration Protocol. // EFI TLS Configuration Protocol.
// //
// This module produces EFI TLS (Transport Layer Security) Protocol, EFI TLS // This module produces EFI TLS (Transport Layer Security) Protocol, EFI TLS
// Service Binding Protocol, and EFI TLS Configuration Protocol to provide TLS // Service Binding Protocol, and EFI TLS Configuration Protocol to provide TLS
// services. // services.
// //
// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> // Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
// //
// This program and the accompanying materials // This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License // are licensed and made available under the terms and conditions of the BSD License
// which accompanies this distribution. The full text of the license may be found at // which accompanies this distribution. The full text of the license may be found at
// http://opensource.org/licenses/bsd-license.php // http://opensource.org/licenses/bsd-license.php
// //
// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, // THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// //
// **/ // **/
#string STR_MODULE_ABSTRACT #language en-US "UEFI TLS service" #string STR_MODULE_ABSTRACT #language en-US "UEFI TLS service"
#string STR_MODULE_DESCRIPTION #language en-US "This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and EFI TLS Configuration Protocol to provide EFI TLS services." #string STR_MODULE_DESCRIPTION #language en-US "This module produces EFI TLS Protocol, EFI TLS Service Binding Protocol and EFI TLS Configuration Protocol to provide EFI TLS services."

37
NetworkPkg/TlsDxe/TlsDxeExtra.uni
View File

@ -1,18 +1,19 @@
// /** @file // /** @file
// TlsDxe Localized Strings and Content // TlsDxe Localized Strings and Content
// //
// Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> // Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
// //
// This program and the accompanying materials // This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License // are licensed and made available under the terms and conditions of the BSD License
// which accompanies this distribution. The full text of the license may be found at // which accompanies this distribution. The full text of the license may be found at
// http://opensource.org/licenses/bsd-license.php. // http://opensource.org/licenses/bsd-license.php.
// //
// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, // THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. // WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// //
// **/ // **/
#string STR_PROPERTIES_MODULE_NAME #string STR_PROPERTIES_MODULE_NAME
#language en-US #language en-US
"EFI TLS DXE Driver" "EFI TLS DXE Driver"

653
NetworkPkg/TlsDxe/TlsImpl.c
View File

@ -1,326 +1,327 @@
/** @file /** @file
The Miscellaneous Routines for TlsDxe driver. The Miscellaneous Routines for TlsDxe driver.
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#include "TlsImpl.h" #include "TlsImpl.h"
/** /**
Encrypt the message listed in fragment. Encrypt the message listed in fragment.
@param[in] TlsInstance The pointer to the TLS instance. @param[in] TlsInstance The pointer to the TLS instance.
@param[in, out] FragmentTable Pointer to a list of fragment. @param[in, out] FragmentTable Pointer to a list of fragment.
On input these fragments contain the TLS header and On input these fragments contain the TLS header and
plain text TLS payload; plain text TLS payload;
On output these fragments contain the TLS header and On output these fragments contain the TLS header and
cipher text TLS payload. cipher text TLS payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED TLS session state is incorrect. @retval EFI_ABORTED TLS session state is incorrect.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
TlsEncryptPacket ( TlsEncryptPacket (
IN TLS_INSTANCE *TlsInstance, IN TLS_INSTANCE *TlsInstance,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount IN UINT32 *FragmentCount
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
UINTN Index; UINTN Index;
UINT32 BytesCopied; UINT32 BytesCopied;
UINT32 BufferInSize; UINT32 BufferInSize;
UINT8 *BufferIn; UINT8 *BufferIn;
UINT8 *BufferInPtr; UINT8 *BufferInPtr;
TLS_RECORD_HEADER *RecordHeaderIn; TLS_RECORD_HEADER *RecordHeaderIn;
UINT16 ThisPlainMessageSize; UINT16 ThisPlainMessageSize;
TLS_RECORD_HEADER *TempRecordHeader; TLS_RECORD_HEADER *TempRecordHeader;
UINT16 ThisMessageSize; UINT16 ThisMessageSize;
UINT32 BufferOutSize; UINT32 BufferOutSize;
UINT8 *BufferOut; UINT8 *BufferOut;
INTN Ret; INTN Ret;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
BytesCopied = 0; BytesCopied = 0;
BufferInSize = 0; BufferInSize = 0;
BufferIn = NULL; BufferIn = NULL;
BufferInPtr = NULL; BufferInPtr = NULL;
RecordHeaderIn = NULL; RecordHeaderIn = NULL;
TempRecordHeader = NULL; TempRecordHeader = NULL;
BufferOutSize = 0; BufferOutSize = 0;
BufferOut = NULL; BufferOut = NULL;
Ret = 0; Ret = 0;
// //
// Calculate the size according to the fragment table. // Calculate the size according to the fragment table.
// //
for (Index = 0; Index < *FragmentCount; Index++) { for (Index = 0; Index < *FragmentCount; Index++) {
BufferInSize += (*FragmentTable)[Index].FragmentLength; BufferInSize += (*FragmentTable)[Index].FragmentLength;
} }
// //
// Allocate buffer for processing data. // Allocate buffer for processing data.
// //
BufferIn = AllocateZeroPool (BufferInSize); BufferIn = AllocateZeroPool (BufferInSize);
if (BufferIn == NULL) { if (BufferIn == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
// //
// Copy all TLS plain record header and payload into BufferIn. // Copy all TLS plain record header and payload into BufferIn.
// //
for (Index = 0; Index < *FragmentCount; Index++) { for (Index = 0; Index < *FragmentCount; Index++) {
CopyMem ( CopyMem (
(BufferIn + BytesCopied), (BufferIn + BytesCopied),
(*FragmentTable)[Index].FragmentBuffer, (*FragmentTable)[Index].FragmentBuffer,
(*FragmentTable)[Index].FragmentLength (*FragmentTable)[Index].FragmentLength
); );
BytesCopied += (*FragmentTable)[Index].FragmentLength; BytesCopied += (*FragmentTable)[Index].FragmentLength;
} }
BufferOut = AllocateZeroPool (MAX_BUFFER_SIZE); BufferOut = AllocateZeroPool (MAX_BUFFER_SIZE);
if (BufferOut == NULL) { if (BufferOut == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
// //
// Parsing buffer. // Parsing buffer.
// //
BufferInPtr = BufferIn; BufferInPtr = BufferIn;
TempRecordHeader = (TLS_RECORD_HEADER *) BufferOut; TempRecordHeader = (TLS_RECORD_HEADER *) BufferOut;
while ((UINTN) BufferInPtr < (UINTN) BufferIn + BufferInSize) { while ((UINTN) BufferInPtr < (UINTN) BufferIn + BufferInSize) {
RecordHeaderIn = (TLS_RECORD_HEADER *) BufferInPtr; RecordHeaderIn = (TLS_RECORD_HEADER *) BufferInPtr;
if (RecordHeaderIn->ContentType != TlsContentTypeApplicationData) { if (RecordHeaderIn->ContentType != TlsContentTypeApplicationData) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto ERROR; goto ERROR;
} }
ThisPlainMessageSize = RecordHeaderIn->Length; ThisPlainMessageSize = RecordHeaderIn->Length;
TlsWrite (TlsInstance->TlsConn, (UINT8 *) (RecordHeaderIn + 1), ThisPlainMessageSize); TlsWrite (TlsInstance->TlsConn, (UINT8 *) (RecordHeaderIn + 1), ThisPlainMessageSize);
Ret = TlsCtrlTrafficOut (TlsInstance->TlsConn, (UINT8 *)(TempRecordHeader), MAX_BUFFER_SIZE - BufferOutSize); Ret = TlsCtrlTrafficOut (TlsInstance->TlsConn, (UINT8 *)(TempRecordHeader), MAX_BUFFER_SIZE - BufferOutSize);
if (Ret > 0) { if (Ret > 0) {
ThisMessageSize = (UINT16) Ret; ThisMessageSize = (UINT16) Ret;
} else { } else {
// //
// No data was successfully encrypted, continue to encrypt other messages. // No data was successfully encrypted, continue to encrypt other messages.
// //
DEBUG ((EFI_D_WARN, "TlsEncryptPacket: No data read from TLS object.\n")); DEBUG ((EFI_D_WARN, "TlsEncryptPacket: No data read from TLS object.\n"));
ThisMessageSize = 0; ThisMessageSize = 0;
} }
BufferOutSize += ThisMessageSize; BufferOutSize += ThisMessageSize;
BufferInPtr += RECORD_HEADER_LEN + ThisPlainMessageSize; BufferInPtr += RECORD_HEADER_LEN + ThisPlainMessageSize;
TempRecordHeader += ThisMessageSize; TempRecordHeader += ThisMessageSize;
} }
FreePool (BufferIn); FreePool (BufferIn);
BufferIn = NULL; BufferIn = NULL;
// //
// The caller will be responsible to handle the original fragment table. // The caller will be responsible to handle the original fragment table.
// //
*FragmentTable = AllocateZeroPool (sizeof (EFI_TLS_FRAGMENT_DATA)); *FragmentTable = AllocateZeroPool (sizeof (EFI_TLS_FRAGMENT_DATA));
if (*FragmentTable == NULL) { if (*FragmentTable == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
(*FragmentTable)[0].FragmentBuffer = BufferOut; (*FragmentTable)[0].FragmentBuffer = BufferOut;
(*FragmentTable)[0].FragmentLength = BufferOutSize; (*FragmentTable)[0].FragmentLength = BufferOutSize;
*FragmentCount = 1; *FragmentCount = 1;
return Status; return Status;
ERROR: ERROR:
if (BufferIn != NULL) { if (BufferIn != NULL) {
FreePool (BufferIn); FreePool (BufferIn);
BufferIn = NULL; BufferIn = NULL;
} }
if (BufferOut != NULL) { if (BufferOut != NULL) {
FreePool (BufferOut); FreePool (BufferOut);
BufferOut = NULL; BufferOut = NULL;
} }
return Status; return Status;
} }
/** /**
Decrypt the message listed in fragment. Decrypt the message listed in fragment.
@param[in] TlsInstance The pointer to the TLS instance. @param[in] TlsInstance The pointer to the TLS instance.
@param[in, out] FragmentTable Pointer to a list of fragment. @param[in, out] FragmentTable Pointer to a list of fragment.
On input these fragments contain the TLS header and On input these fragments contain the TLS header and
cipher text TLS payload; cipher text TLS payload;
On output these fragments contain the TLS header and On output these fragments contain the TLS header and
plain text TLS payload. plain text TLS payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED TLS session state is incorrect. @retval EFI_ABORTED TLS session state is incorrect.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
TlsDecryptPacket ( TlsDecryptPacket (
IN TLS_INSTANCE *TlsInstance, IN TLS_INSTANCE *TlsInstance,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount IN UINT32 *FragmentCount
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
UINTN Index; UINTN Index;
UINT32 BytesCopied; UINT32 BytesCopied;
UINT8 *BufferIn; UINT8 *BufferIn;
UINT32 BufferInSize; UINT32 BufferInSize;
UINT8 *BufferInPtr; UINT8 *BufferInPtr;
TLS_RECORD_HEADER *RecordHeaderIn; TLS_RECORD_HEADER *RecordHeaderIn;
UINT16 ThisCipherMessageSize; UINT16 ThisCipherMessageSize;
TLS_RECORD_HEADER *TempRecordHeader; TLS_RECORD_HEADER *TempRecordHeader;
UINT16 ThisPlainMessageSize; UINT16 ThisPlainMessageSize;
UINT8 *BufferOut; UINT8 *BufferOut;
UINT32 BufferOutSize; UINT32 BufferOutSize;
INTN Ret; INTN Ret;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
BytesCopied = 0; BytesCopied = 0;
BufferIn = NULL; BufferIn = NULL;
BufferInSize = 0; BufferInSize = 0;
BufferInPtr = NULL; BufferInPtr = NULL;
RecordHeaderIn = NULL; RecordHeaderIn = NULL;
TempRecordHeader = NULL; TempRecordHeader = NULL;
BufferOut = NULL; BufferOut = NULL;
BufferOutSize = 0; BufferOutSize = 0;
Ret = 0; Ret = 0;
// //
// Calculate the size according to the fragment table. // Calculate the size according to the fragment table.
// //
for (Index = 0; Index < *FragmentCount; Index++) { for (Index = 0; Index < *FragmentCount; Index++) {
BufferInSize += (*FragmentTable)[Index].FragmentLength; BufferInSize += (*FragmentTable)[Index].FragmentLength;
} }
// //
// Allocate buffer for processing data // Allocate buffer for processing data
// //
BufferIn = AllocateZeroPool (BufferInSize); BufferIn = AllocateZeroPool (BufferInSize);
if (BufferIn == NULL) { if (BufferIn == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
// //
// Copy all TLS plain record header and payload to BufferIn // Copy all TLS plain record header and payload to BufferIn
// //
for (Index = 0; Index < *FragmentCount; Index++) { for (Index = 0; Index < *FragmentCount; Index++) {
CopyMem ( CopyMem (
(BufferIn + BytesCopied), (BufferIn + BytesCopied),
(*FragmentTable)[Index].FragmentBuffer, (*FragmentTable)[Index].FragmentBuffer,
(*FragmentTable)[Index].FragmentLength (*FragmentTable)[Index].FragmentLength
); );
BytesCopied += (*FragmentTable)[Index].FragmentLength; BytesCopied += (*FragmentTable)[Index].FragmentLength;
} }
BufferOut = AllocateZeroPool (MAX_BUFFER_SIZE); BufferOut = AllocateZeroPool (MAX_BUFFER_SIZE);
if (BufferOut == NULL) { if (BufferOut == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
// //
// Parsing buffer. Received packet may have multiple TLS record messages. // Parsing buffer. Received packet may have multiple TLS record messages.
// //
BufferInPtr = BufferIn; BufferInPtr = BufferIn;
TempRecordHeader = (TLS_RECORD_HEADER *) BufferOut; TempRecordHeader = (TLS_RECORD_HEADER *) BufferOut;
while ((UINTN) BufferInPtr < (UINTN) BufferIn + BufferInSize) { while ((UINTN) BufferInPtr < (UINTN) BufferIn + BufferInSize) {
RecordHeaderIn = (TLS_RECORD_HEADER *) BufferInPtr; RecordHeaderIn = (TLS_RECORD_HEADER *) BufferInPtr;
if (RecordHeaderIn->ContentType != TlsContentTypeApplicationData) { if (RecordHeaderIn->ContentType != TlsContentTypeApplicationData) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto ERROR; goto ERROR;
} }
ThisCipherMessageSize = NTOHS (RecordHeaderIn->Length); ThisCipherMessageSize = NTOHS (RecordHeaderIn->Length);
Ret = TlsCtrlTrafficIn (TlsInstance->TlsConn, (UINT8 *) (RecordHeaderIn), RECORD_HEADER_LEN + ThisCipherMessageSize); Ret = TlsCtrlTrafficIn (TlsInstance->TlsConn, (UINT8 *) (RecordHeaderIn), RECORD_HEADER_LEN + ThisCipherMessageSize);
if (Ret != RECORD_HEADER_LEN + ThisCipherMessageSize) { if (Ret != RECORD_HEADER_LEN + ThisCipherMessageSize) {
TlsInstance->TlsSessionState = EfiTlsSessionError; TlsInstance->TlsSessionState = EfiTlsSessionError;
Status = EFI_ABORTED; Status = EFI_ABORTED;
goto ERROR; goto ERROR;
} }
Ret = 0; Ret = 0;
Ret = TlsRead (TlsInstance->TlsConn, (UINT8 *) (TempRecordHeader + 1), MAX_BUFFER_SIZE - BufferOutSize); Ret = TlsRead (TlsInstance->TlsConn, (UINT8 *) (TempRecordHeader + 1), MAX_BUFFER_SIZE - BufferOutSize);
if (Ret > 0) { if (Ret > 0) {
ThisPlainMessageSize = (UINT16) Ret; ThisPlainMessageSize = (UINT16) Ret;
} else { } else {
// //
// No data was successfully decrypted, continue to decrypt other messages. // No data was successfully decrypted, continue to decrypt other messages.
// //
DEBUG ((EFI_D_WARN, "TlsDecryptPacket: No data read from TLS object.\n")); DEBUG ((EFI_D_WARN, "TlsDecryptPacket: No data read from TLS object.\n"));
ThisPlainMessageSize = 0; ThisPlainMessageSize = 0;
} }
CopyMem (TempRecordHeader, RecordHeaderIn, RECORD_HEADER_LEN); CopyMem (TempRecordHeader, RecordHeaderIn, RECORD_HEADER_LEN);
TempRecordHeader->Length = ThisPlainMessageSize; TempRecordHeader->Length = ThisPlainMessageSize;
BufferOutSize += RECORD_HEADER_LEN + ThisPlainMessageSize; BufferOutSize += RECORD_HEADER_LEN + ThisPlainMessageSize;
BufferInPtr += RECORD_HEADER_LEN + ThisCipherMessageSize; BufferInPtr += RECORD_HEADER_LEN + ThisCipherMessageSize;
TempRecordHeader += RECORD_HEADER_LEN + ThisPlainMessageSize; TempRecordHeader += RECORD_HEADER_LEN + ThisPlainMessageSize;
} }
FreePool (BufferIn); FreePool (BufferIn);
BufferIn = NULL; BufferIn = NULL;
// //
// The caller will be responsible to handle the original fragment table // The caller will be responsible to handle the original fragment table
// //
*FragmentTable = AllocateZeroPool (sizeof (EFI_TLS_FRAGMENT_DATA)); *FragmentTable = AllocateZeroPool (sizeof (EFI_TLS_FRAGMENT_DATA));
if (*FragmentTable == NULL) { if (*FragmentTable == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto ERROR; goto ERROR;
} }
(*FragmentTable)[0].FragmentBuffer = BufferOut; (*FragmentTable)[0].FragmentBuffer = BufferOut;
(*FragmentTable)[0].FragmentLength = BufferOutSize; (*FragmentTable)[0].FragmentLength = BufferOutSize;
*FragmentCount = 1; *FragmentCount = 1;
return Status; return Status;
ERROR: ERROR:
if (BufferIn != NULL) { if (BufferIn != NULL) {
FreePool (BufferIn); FreePool (BufferIn);
BufferIn = NULL; BufferIn = NULL;
} }
if (BufferOut != NULL) { if (BufferOut != NULL) {
FreePool (BufferOut); FreePool (BufferOut);
BufferOut = NULL; BufferOut = NULL;
} }
return Status; return Status;
} }

631
NetworkPkg/TlsDxe/TlsImpl.h
View File

@ -1,315 +1,316 @@
/** @file /** @file
Header file of Miscellaneous Routines for TlsDxe driver. Header file of Miscellaneous Routines for TlsDxe driver.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __EFI_TLS_IMPL_H__ #ifndef __EFI_TLS_IMPL_H__
#define __EFI_TLS_IMPL_H__ #define __EFI_TLS_IMPL_H__
// //
// Libraries // Libraries
// //
#include <Library/UefiBootServicesTableLib.h> #include <Library/UefiBootServicesTableLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Library/BaseMemoryLib.h> #include <Library/BaseMemoryLib.h>
#include <Library/BaseLib.h> #include <Library/BaseLib.h>
#include <Library/UefiLib.h> #include <Library/UefiLib.h>
#include <Library/DebugLib.h> #include <Library/DebugLib.h>
#include <Library/NetLib.h> #include <Library/NetLib.h>
#include <Library/BaseCryptLib.h> #include <Library/BaseCryptLib.h>
#include <Library/TlsLib.h> #include <Library/TlsLib.h>
// //
// Consumed Protocols // Consumed Protocols
// //
#include <Protocol/Tls.h> #include <Protocol/Tls.h>
#include <Protocol/TlsConfig.h> #include <Protocol/TlsConfig.h>
#include <IndustryStandard/Tls1.h> #include <IndustryStandard/Tls1.h>
#include "TlsDriver.h" #include "TlsDriver.h"
// //
// Protocol instances // Protocol instances
// //
extern EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding; extern EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding;
extern EFI_TLS_PROTOCOL mTlsProtocol; extern EFI_TLS_PROTOCOL mTlsProtocol;
extern EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol; extern EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol;
#define RECORD_HEADER_LEN 5 /// ContentType(1) + Version(2) + Length(2) #define RECORD_HEADER_LEN 5 /// ContentType(1) + Version(2) + Length(2)
#define MAX_BUFFER_SIZE 32768 #define MAX_BUFFER_SIZE 32768
/** /**
Encrypt the message listed in fragment. Encrypt the message listed in fragment.
@param[in] TlsInstance The pointer to the TLS instance. @param[in] TlsInstance The pointer to the TLS instance.
@param[in, out] FragmentTable Pointer to a list of fragment. @param[in, out] FragmentTable Pointer to a list of fragment.
On input these fragments contain the TLS header and On input these fragments contain the TLS header and
plain text TLS payload; plain text TLS payload;
On output these fragments contain the TLS header and On output these fragments contain the TLS header and
cipher text TLS payload. cipher text TLS payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED TLS session state is incorrect. @retval EFI_ABORTED TLS session state is incorrect.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
TlsEncryptPacket ( TlsEncryptPacket (
IN TLS_INSTANCE *TlsInstance, IN TLS_INSTANCE *TlsInstance,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount IN UINT32 *FragmentCount
); );
/** /**
Decrypt the message listed in fragment. Decrypt the message listed in fragment.
@param[in] TlsInstance The pointer to the TLS instance. @param[in] TlsInstance The pointer to the TLS instance.
@param[in, out] FragmentTable Pointer to a list of fragment. @param[in, out] FragmentTable Pointer to a list of fragment.
On input these fragments contain the TLS header and On input these fragments contain the TLS header and
cipher text TLS payload; cipher text TLS payload;
On output these fragments contain the TLS header and On output these fragments contain the TLS header and
plain text TLS payload. plain text TLS payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources. @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
@retval EFI_ABORTED TLS session state is incorrect. @retval EFI_ABORTED TLS session state is incorrect.
@retval Others Other errors as indicated. @retval Others Other errors as indicated.
**/ **/
EFI_STATUS EFI_STATUS
TlsDecryptPacket ( TlsDecryptPacket (
IN TLS_INSTANCE *TlsInstance, IN TLS_INSTANCE *TlsInstance,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount IN UINT32 *FragmentCount
); );
/** /**
Set TLS session data. Set TLS session data.
The SetSessionData() function set data for a new TLS session. All session data should The SetSessionData() function set data for a new TLS session. All session data should
be set before BuildResponsePacket() invoked. be set before BuildResponsePacket() invoked.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] DataType TLS session data type. @param[in] DataType TLS session data type.
@param[in] Data Pointer to session data. @param[in] Data Pointer to session data.
@param[in] DataSize Total size of session data. @param[in] DataSize Total size of session data.
@retval EFI_SUCCESS The TLS session data is set successfully. @retval EFI_SUCCESS The TLS session data is set successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
Data is NULL. Data is NULL.
DataSize is 0. DataSize is 0.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_ACCESS_DENIED If the DataType is one of below: @retval EFI_ACCESS_DENIED If the DataType is one of below:
EfiTlsClientRandom EfiTlsClientRandom
EfiTlsServerRandom EfiTlsServerRandom
EfiTlsKeyMaterial EfiTlsKeyMaterial
@retval EFI_NOT_READY Current TLS session state is NOT @retval EFI_NOT_READY Current TLS session state is NOT
EfiTlsSessionStateNotStarted. EfiTlsSessionStateNotStarted.
@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated. @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsSetSessionData ( TlsSetSessionData (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN EFI_TLS_SESSION_DATA_TYPE DataType, IN EFI_TLS_SESSION_DATA_TYPE DataType,
IN VOID *Data, IN VOID *Data,
IN UINTN DataSize IN UINTN DataSize
); );
/** /**
Get TLS session data. Get TLS session data.
The GetSessionData() function return the TLS session information. The GetSessionData() function return the TLS session information.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] DataType TLS session data type. @param[in] DataType TLS session data type.
@param[in, out] Data Pointer to session data. @param[in, out] Data Pointer to session data.
@param[in, out] DataSize Total size of session data. On input, it means @param[in, out] DataSize Total size of session data. On input, it means
the size of Data buffer. On output, it means the size the size of Data buffer. On output, it means the size
of copied Data buffer if EFI_SUCCESS, and means the of copied Data buffer if EFI_SUCCESS, and means the
size of desired Data buffer if EFI_BUFFER_TOO_SMALL. size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
@retval EFI_SUCCESS The TLS session data is got successfully. @retval EFI_SUCCESS The TLS session data is got successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
DataSize is NULL. DataSize is NULL.
Data is NULL if *DataSize is not zero. Data is NULL if *DataSize is not zero.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_NOT_FOUND The TLS session data is not found. @retval EFI_NOT_FOUND The TLS session data is not found.
@retval EFI_NOT_READY The DataType is not ready in current session state. @retval EFI_NOT_READY The DataType is not ready in current session state.
@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data. @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsGetSessionData ( TlsGetSessionData (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN EFI_TLS_SESSION_DATA_TYPE DataType, IN EFI_TLS_SESSION_DATA_TYPE DataType,
IN OUT VOID *Data, OPTIONAL IN OUT VOID *Data, OPTIONAL
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
); );
/** /**
Build response packet according to TLS state machine. This function is only valid for Build response packet according to TLS state machine. This function is only valid for
alert, handshake and change_cipher_spec content type. alert, handshake and change_cipher_spec content type.
The BuildResponsePacket() function builds TLS response packet in response to the TLS The BuildResponsePacket() function builds TLS response packet in response to the TLS
request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and
RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session
will be initiated and the response packet needs to be ClientHello. If RequestBuffer is will be initiated and the response packet needs to be ClientHello. If RequestBuffer is
NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS
session will be closed and response packet needs to be CloseNotify. If RequestBuffer is session will be closed and response packet needs to be CloseNotify. If RequestBuffer is
NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS
session has errors and the response packet needs to be Alert message based on error session has errors and the response packet needs to be Alert message based on error
type. type.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL @param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL
means TLS need initiate the TLS session and response means TLS need initiate the TLS session and response
packet need to be ClientHello. packet need to be ClientHello.
@param[in] RequestSize Packet size in bytes for the most recently received TLS @param[in] RequestSize Packet size in bytes for the most recently received TLS
packet. 0 is only valid when RequestBuffer is NULL. packet. 0 is only valid when RequestBuffer is NULL.
@param[out] Buffer Pointer to the buffer to hold the built packet. @param[out] Buffer Pointer to the buffer to hold the built packet.
@param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is @param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is
the buffer size provided by the caller. On output, it the buffer size provided by the caller. On output, it
is the buffer size in fact needed to contain the is the buffer size in fact needed to contain the
packet. packet.
@retval EFI_SUCCESS The required TLS packet is built successfully. @retval EFI_SUCCESS The required TLS packet is built successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
RequestBuffer is NULL but RequestSize is NOT 0. RequestBuffer is NULL but RequestSize is NOT 0.
RequestSize is 0 but RequestBuffer is NOT NULL. RequestSize is 0 but RequestBuffer is NOT NULL.
BufferSize is NULL. BufferSize is NULL.
Buffer is NULL if *BufferSize is not zero. Buffer is NULL if *BufferSize is not zero.
@retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet. @retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.
@retval EFI_NOT_READY Current TLS session state is NOT ready to build @retval EFI_NOT_READY Current TLS session state is NOT ready to build
ResponsePacket. ResponsePacket.
@retval EFI_ABORTED Something wrong build response packet. @retval EFI_ABORTED Something wrong build response packet.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsBuildResponsePacket ( TlsBuildResponsePacket (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN UINT8 *RequestBuffer, OPTIONAL IN UINT8 *RequestBuffer, OPTIONAL
IN UINTN RequestSize, OPTIONAL IN UINTN RequestSize, OPTIONAL
OUT UINT8 *Buffer, OPTIONAL OUT UINT8 *Buffer, OPTIONAL
IN OUT UINTN *BufferSize IN OUT UINTN *BufferSize
); );
/** /**
Decrypt or encrypt TLS packet during session. This function is only valid after Decrypt or encrypt TLS packet during session. This function is only valid after
session connected and for application_data content type. session connected and for application_data content type.
The ProcessPacket () function process each inbound or outbound TLS APP packet. The ProcessPacket () function process each inbound or outbound TLS APP packet.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in, out] FragmentTable Pointer to a list of fragment. The caller will take @param[in, out] FragmentTable Pointer to a list of fragment. The caller will take
responsible to handle the original FragmentTable while responsible to handle the original FragmentTable while
it may be reallocated in TLS driver. If CryptMode is it may be reallocated in TLS driver. If CryptMode is
EfiTlsEncrypt, on input these fragments contain the TLS EfiTlsEncrypt, on input these fragments contain the TLS
header and plain text TLS APP payload; on output these header and plain text TLS APP payload; on output these
fragments contain the TLS header and cipher text TLS fragments contain the TLS header and cipher text TLS
APP payload. If CryptMode is EfiTlsDecrypt, on input APP payload. If CryptMode is EfiTlsDecrypt, on input
these fragments contain the TLS header and cipher text these fragments contain the TLS header and cipher text
TLS APP payload; on output these fragments contain the TLS APP payload; on output these fragments contain the
TLS header and plain text TLS APP payload. TLS header and plain text TLS APP payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@param[in] CryptMode Crypt mode. @param[in] CryptMode Crypt mode.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
FragmentTable is NULL. FragmentTable is NULL.
FragmentCount is NULL. FragmentCount is NULL.
CryptoMode is invalid. CryptoMode is invalid.
@retval EFI_NOT_READY Current TLS session state is NOT @retval EFI_NOT_READY Current TLS session state is NOT
EfiTlsSessionDataTransferring. EfiTlsSessionDataTransferring.
@retval EFI_ABORTED Something wrong decryption the message. TLS session @retval EFI_ABORTED Something wrong decryption the message. TLS session
status will become EfiTlsSessionError. The caller need status will become EfiTlsSessionError. The caller need
call BuildResponsePacket() to generate Error Alert call BuildResponsePacket() to generate Error Alert
message and send it out. message and send it out.
@retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation. @retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsProcessPacket ( TlsProcessPacket (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount, IN UINT32 *FragmentCount,
IN EFI_TLS_CRYPT_MODE CryptMode IN EFI_TLS_CRYPT_MODE CryptMode
); );
/** /**
Set TLS configuration data. Set TLS configuration data.
The SetData() function sets TLS configuration to non-volatile storage or volatile The SetData() function sets TLS configuration to non-volatile storage or volatile
storage. storage.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in] Data Pointer to configuration data. @param[in] Data Pointer to configuration data.
@param[in] DataSize Total size of configuration data. @param[in] DataSize Total size of configuration data.
@retval EFI_SUCCESS The TLS configuration data is set successfully. @retval EFI_SUCCESS The TLS configuration data is set successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
Data is NULL. Data is NULL.
DataSize is 0. DataSize is 0.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated. @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConfigurationSetData ( TlsConfigurationSetData (
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN VOID *Data, IN VOID *Data,
IN UINTN DataSize IN UINTN DataSize
); );
/** /**
Get TLS configuration data. Get TLS configuration data.
The GetData() function gets TLS configuration. The GetData() function gets TLS configuration.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in, out] Data Pointer to configuration data. @param[in, out] Data Pointer to configuration data.
@param[in, out] DataSize Total size of configuration data. On input, it means @param[in, out] DataSize Total size of configuration data. On input, it means
the size of Data buffer. On output, it means the size the size of Data buffer. On output, it means the size
of copied Data buffer if EFI_SUCCESS, and means the of copied Data buffer if EFI_SUCCESS, and means the
size of desired Data buffer if EFI_BUFFER_TOO_SMALL. size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
@retval EFI_SUCCESS The TLS configuration data is got successfully. @retval EFI_SUCCESS The TLS configuration data is got successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
DataSize is NULL. DataSize is NULL.
Data is NULL if *DataSize is not zero. Data is NULL if *DataSize is not zero.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_NOT_FOUND The TLS configuration data is not found. @retval EFI_NOT_FOUND The TLS configuration data is not found.
@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data. @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
**/ **/
EFI_STATUS EFI_STATUS
EFIAPI EFIAPI
TlsConfigurationGetData ( TlsConfigurationGetData (
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN OUT VOID *Data, OPTIONAL IN OUT VOID *Data, OPTIONAL
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
); );
#endif #endif

1265
NetworkPkg/TlsDxe/TlsProtocol.c
View File

File diff suppressed because it is too large Load Diff