tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdePkg: Convert files to CRLF line ending 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This commit is contained in:
Hao Wu 2017-04-06 10:05:54 +08:00
parent 4e6eb67087
commit 973f8862f2
4 changed files with 707 additions and 704 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
MdePkg/Include/IndustryStandard/Tls1.h
View File

@ -1,93 +1,93 @@
/** @file /** @file
Transport Layer Security -- TLS 1.0/1.1/1.2 Standard definitions, from RFC 2246/4346/5246 Transport Layer Security -- TLS 1.0/1.1/1.2 Standard definitions, from RFC 2246/4346/5246
This file contains common TLS 1.0/1.1/1.2 definitions from RFC 2246/4346/5246 This file contains common TLS 1.0/1.1/1.2 definitions from RFC 2246/4346/5246
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/ **/
#ifndef __TLS_1_H__ #ifndef __TLS_1_H__
#define __TLS_1_H__ #define __TLS_1_H__
#pragma pack(1) #pragma pack(1)
/// ///
/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246. /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
/// ///
#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01} #define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01}
#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02} #define TLS_RSA_WITH_NULL_SHA {0x00, 0x02}
#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04} #define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04}
#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05} #define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05}
#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07} #define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07}
#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09} #define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09}
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A} #define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A}
#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C} #define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C}
#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D} #define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D}
#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F} #define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F}
#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10} #define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10}
#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12} #define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12}
#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13} #define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13}
#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15} #define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15}
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16} #define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16}
#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F} #define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F}
#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30} #define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30}
#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31} #define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31}
#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32} #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32}
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33}
#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35} #define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35}
#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36} #define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36}
#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37} #define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37}
#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38} #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38}
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39}
#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B} #define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B}
#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C} #define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C}
#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D} #define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D}
#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E} #define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E}
#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F} #define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F}
#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40} #define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40}
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} #define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67}
#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68} #define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68}
#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69} #define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69}
#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A} #define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A}
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B} #define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B}
/// ///
/// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246. /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
/// ///
#define TLS10_PROTOCOL_VERSION_MAJOR 0x03 #define TLS10_PROTOCOL_VERSION_MAJOR 0x03
#define TLS10_PROTOCOL_VERSION_MINOR 0x01 #define TLS10_PROTOCOL_VERSION_MINOR 0x01
#define TLS11_PROTOCOL_VERSION_MAJOR 0x03 #define TLS11_PROTOCOL_VERSION_MAJOR 0x03
#define TLS11_PROTOCOL_VERSION_MINOR 0x02 #define TLS11_PROTOCOL_VERSION_MINOR 0x02
#define TLS12_PROTOCOL_VERSION_MAJOR 0x03 #define TLS12_PROTOCOL_VERSION_MAJOR 0x03
#define TLS12_PROTOCOL_VERSION_MINOR 0x03 #define TLS12_PROTOCOL_VERSION_MINOR 0x03
/// ///
/// TLS Content Type, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246. /// TLS Content Type, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
/// ///
typedef enum { typedef enum {
TlsContentTypeChangeCipherSpec = 20, TlsContentTypeChangeCipherSpec = 20,
TlsContentTypeAlert = 21, TlsContentTypeAlert = 21,
TlsContentTypeHandshake = 22, TlsContentTypeHandshake = 22,
TlsContentTypeApplicationData = 23, TlsContentTypeApplicationData = 23,
} TLS_CONTENT_TYPE; } TLS_CONTENT_TYPE;
/// ///
/// TLS Record Header, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246. /// TLS Record Header, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
/// ///
typedef struct { typedef struct {
UINT8 ContentType; UINT8 ContentType;
EFI_TLS_VERSION Version; EFI_TLS_VERSION Version;
UINT16 Length; UINT16 Length;
} TLS_RECORD_HEADER; } TLS_RECORD_HEADER;
#pragma pack() #pragma pack()
#endif #endif

921
MdePkg/Include/Protocol/Tls.h
View File

@ -1,460 +1,461 @@
/** @file /** @file
EFI TLS Protocols as defined in UEFI 2.5. EFI TLS Protocols as defined in UEFI 2.5.
The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers
to create and destroy child of the driver to communicate with other host using to create and destroy child of the driver to communicate with other host using
TLS protocol. TLS protocol.
The EFI TLS Protocol provides the ability to manage TLS session. The EFI TLS Protocol provides the ability to manage TLS session.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
@par Revision Reference: @par Revision Reference:
This Protocol is introduced in UEFI Specification 2.5 This Protocol is introduced in UEFI Specification 2.5
**/ **/
#ifndef __EFI_TLS_PROTOCOL_H__ #ifndef __EFI_TLS_PROTOCOL_H__
#define __EFI_TLS_PROTOCOL_H__ #define __EFI_TLS_PROTOCOL_H__
/// ///
/// The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers to /// The EFI TLS Service Binding Protocol is used to locate EFI TLS Protocol drivers to
/// create and destroy child of the driver to communicate with other host using TLS /// create and destroy child of the driver to communicate with other host using TLS
/// protocol. /// protocol.
/// ///
#define EFI_TLS_SERVICE_BINDING_PROTOCOL_GUID \ #define EFI_TLS_SERVICE_BINDING_PROTOCOL_GUID \
{ \ { \
0x952cb795, 0xff36, 0x48cf, {0xa2, 0x49, 0x4d, 0xf4, 0x86, 0xd6, 0xab, 0x8d } \ 0x952cb795, 0xff36, 0x48cf, {0xa2, 0x49, 0x4d, 0xf4, 0x86, 0xd6, 0xab, 0x8d } \
} }
/// ///
/// The EFI TLS protocol provides the ability to manage TLS session. /// The EFI TLS protocol provides the ability to manage TLS session.
/// ///
#define EFI_TLS_PROTOCOL_GUID \ #define EFI_TLS_PROTOCOL_GUID \
{ \ { \
0xca959f, 0x6cfa, 0x4db1, {0x95, 0xbc, 0xe4, 0x6c, 0x47, 0x51, 0x43, 0x90 } \ 0xca959f, 0x6cfa, 0x4db1, {0x95, 0xbc, 0xe4, 0x6c, 0x47, 0x51, 0x43, 0x90 } \
} }
typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL; typedef struct _EFI_TLS_PROTOCOL EFI_TLS_PROTOCOL;
/// ///
/// EFI_TLS_SESSION_DATA_TYPE /// EFI_TLS_SESSION_DATA_TYPE
/// ///
typedef enum { typedef enum {
/// ///
/// Session Configuration /// Session Configuration
/// ///
/// ///
/// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION. /// TLS session Version. The corresponding Data is of type EFI_TLS_VERSION.
/// ///
EfiTlsVersion, EfiTlsVersion,
/// ///
/// TLS session as client or as server. The corresponding Data is of /// TLS session as client or as server. The corresponding Data is of
/// EFI_TLS_CONNECTION_END. /// EFI_TLS_CONNECTION_END.
/// ///
EfiTlsConnectionEnd, EfiTlsConnectionEnd,
/// ///
/// A priority list of preferred algorithms for the TLS session. /// A priority list of preferred algorithms for the TLS session.
/// The corresponding Data is a list of EFI_TLS_CIPHER. /// The corresponding Data is a list of EFI_TLS_CIPHER.
/// ///
EfiTlsCipherList, EfiTlsCipherList,
/// ///
/// TLS session compression method. /// TLS session compression method.
/// The corresponding Data is of type EFI_TLS_COMPRESSION. /// The corresponding Data is of type EFI_TLS_COMPRESSION.
/// ///
EfiTlsCompressionMethod, EfiTlsCompressionMethod,
/// ///
/// TLS session extension data. /// TLS session extension data.
/// The corresponding Data is a list of type EFI_TLS_EXTENSION . /// The corresponding Data is a list of type EFI_TLS_EXTENSION .
/// ///
EfiTlsExtensionData, EfiTlsExtensionData,
/// ///
/// TLS session verify method. /// TLS session verify method.
/// The corresponding Data is of type EFI_TLS_VERIFY. /// The corresponding Data is of type EFI_TLS_VERIFY.
/// ///
EfiTlsVerifyMethod, EfiTlsVerifyMethod,
/// ///
/// TLS session data session ID. /// TLS session data session ID.
/// For SetSessionData(), it is TLS session ID used for session resumption. /// For SetSessionData(), it is TLS session ID used for session resumption.
/// For GetSessionData(), it is the TLS session ID used for current session. /// For GetSessionData(), it is the TLS session ID used for current session.
/// The corresponding Data is of type EFI_TLS_SESSION_ID. /// The corresponding Data is of type EFI_TLS_SESSION_ID.
/// ///
EfiTlsSessionID, EfiTlsSessionID,
/// ///
/// TLS session data session state. /// TLS session data session state.
/// The corresponding Data is of type EFI_TLS_SESSION_STATE. /// The corresponding Data is of type EFI_TLS_SESSION_STATE.
/// ///
EfiTlsSessionState, EfiTlsSessionState,
/// ///
/// Session information /// Session information
/// ///
/// ///
/// TLS session data client random. /// TLS session data client random.
/// The corresponding Data is of type EFI_TLS_RANDOM. /// The corresponding Data is of type EFI_TLS_RANDOM.
/// ///
EfiTlsClientRandom, EfiTlsClientRandom,
/// ///
/// TLS session data server random. /// TLS session data server random.
/// The corresponding Data is of type EFI_TLS_RANDOM. /// The corresponding Data is of type EFI_TLS_RANDOM.
/// ///
EfiTlsServerRandom, EfiTlsServerRandom,
/// ///
/// TLS session data key material. /// TLS session data key material.
/// The corresponding Data is of type EFI_TLS_MASTER_SECRET. /// The corresponding Data is of type EFI_TLS_MASTER_SECRET.
/// ///
EfiTlsKeyMaterial, EfiTlsKeyMaterial,
EfiTlsSessionDataTypeMaximum EfiTlsSessionDataTypeMaximum
} EFI_TLS_SESSION_DATA_TYPE; } EFI_TLS_SESSION_DATA_TYPE;
/// ///
/// EFI_TLS_VERSION /// EFI_TLS_VERSION
/// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 1.2). /// Note: The TLS version definition is from SSL3.0 to the latest TLS (e.g. 1.2).
/// SSL2.0 is obsolete and should not be used. /// SSL2.0 is obsolete and should not be used.
/// ///
typedef struct { typedef struct {
UINT8 Major; UINT8 Major;
UINT8 Minor; UINT8 Minor;
} EFI_TLS_VERSION; } EFI_TLS_VERSION;
/// ///
/// EFI_TLS_CONNECTION_END to define TLS session as client or server. /// EFI_TLS_CONNECTION_END to define TLS session as client or server.
/// ///
typedef enum { typedef enum {
EfiTlsClient, EfiTlsClient,
EfiTlsServer, EfiTlsServer,
} EFI_TLS_CONNECTION_END; } EFI_TLS_CONNECTION_END;
/// ///
/// EFI_TLS_CIPHER /// EFI_TLS_CIPHER
/// Note: The definition of EFI_TLS_CIPHER definition is from "RFC 5246, A.4.1. /// Note: The definition of EFI_TLS_CIPHER definition is from "RFC 5246, A.4.1.
/// Hello Messages". The value of EFI_TLS_CIPHER is from TLS Cipher /// Hello Messages". The value of EFI_TLS_CIPHER is from TLS Cipher
/// Suite Registry of IANA. /// Suite Registry of IANA.
/// ///
typedef struct { typedef struct {
UINT8 Data1; UINT8 Data1;
UINT8 Data2; UINT8 Data2;
} EFI_TLS_CIPHER; } EFI_TLS_CIPHER;
/// ///
/// EFI_TLS_COMPRESSION /// EFI_TLS_COMPRESSION
/// Note: The value of EFI_TLS_COMPRESSION definition is from "RFC 3749". /// Note: The value of EFI_TLS_COMPRESSION definition is from "RFC 3749".
/// ///
typedef UINT8 EFI_TLS_COMPRESSION; typedef UINT8 EFI_TLS_COMPRESSION;
/// ///
/// EFI_TLS_EXTENSION /// EFI_TLS_EXTENSION
/// Note: The definition of EFI_TLS_EXTENSION if from "RFC 5246 A.4.1. /// Note: The definition of EFI_TLS_EXTENSION if from "RFC 5246 A.4.1.
/// Hello Messages". /// Hello Messages".
/// ///
typedef struct { typedef struct {
UINT16 ExtensionType; UINT16 ExtensionType;
UINT16 Length; UINT16 Length;
UINT8 Data[1]; UINT8 Data[1];
} EFI_TLS_EXTENSION; } EFI_TLS_EXTENSION;
/// ///
/// EFI_TLS_VERIFY /// EFI_TLS_VERIFY
/// Use either EFI_TLS_VERIFY_NONE or EFI_TLS_VERIFY_PEER, the last two options /// Use either EFI_TLS_VERIFY_NONE or EFI_TLS_VERIFY_PEER, the last two options
/// are 'ORed' with EFI_TLS_VERIFY_PEER if they are desired. /// are 'ORed' with EFI_TLS_VERIFY_PEER if they are desired.
/// ///
typedef UINT32 EFI_TLS_VERIFY; typedef UINT32 EFI_TLS_VERIFY;
/// ///
/// No certificates will be sent or the TLS/SSL handshake will be continued regardless /// No certificates will be sent or the TLS/SSL handshake will be continued regardless
/// of the certificate verification result. /// of the certificate verification result.
/// ///
#define EFI_TLS_VERIFY_NONE 0x0 #define EFI_TLS_VERIFY_NONE 0x0
/// ///
/// The TLS/SSL handshake is immediately terminated with an alert message containing /// The TLS/SSL handshake is immediately terminated with an alert message containing
/// the reason for the certificate verification failure. /// the reason for the certificate verification failure.
/// ///
#define EFI_TLS_VERIFY_PEER 0x1 #define EFI_TLS_VERIFY_PEER 0x1
/// ///
/// TLS session will fail peer certificate is absent. /// TLS session will fail peer certificate is absent.
/// ///
#define EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT 0x2 #define EFI_TLS_VERIFY_FAIL_IF_NO_PEER_CERT 0x2
/// ///
/// TLS session only verify client once, and doesn't request certificate during /// TLS session only verify client once, and doesn't request certificate during
/// re-negotiation. /// re-negotiation.
/// ///
#define EFI_TLS_VERIFY_CLIENT_ONCE 0x4 #define EFI_TLS_VERIFY_CLIENT_ONCE 0x4
/// ///
/// EFI_TLS_RANDOM /// EFI_TLS_RANDOM
/// Note: The definition of EFI_TLS_RANDOM is from "RFC 5246 A.4.1. /// Note: The definition of EFI_TLS_RANDOM is from "RFC 5246 A.4.1.
/// Hello Messages". /// Hello Messages".
/// ///
typedef struct { typedef struct {
UINT32 GmtUnixTime; UINT32 GmtUnixTime;
UINT8 RandomBytes[28]; UINT8 RandomBytes[28];
} EFI_TLS_RANDOM; } EFI_TLS_RANDOM;
/// ///
/// EFI_TLS_MASTER_SECRET /// EFI_TLS_MASTER_SECRET
/// Note: The definition of EFI_TLS_MASTER_SECRET is from "RFC 5246 8.1. /// Note: The definition of EFI_TLS_MASTER_SECRET is from "RFC 5246 8.1.
/// Computing the Master Secret". /// Computing the Master Secret".
/// ///
typedef struct { typedef struct {
UINT8 Data[48]; UINT8 Data[48];
} EFI_TLS_MASTER_SECRET; } EFI_TLS_MASTER_SECRET;
/// ///
/// EFI_TLS_SESSION_ID /// EFI_TLS_SESSION_ID
/// Note: The definition of EFI_TLS_SESSION_ID is from "RFC 5246 A.4.1. Hello Messages". /// Note: The definition of EFI_TLS_SESSION_ID is from "RFC 5246 A.4.1. Hello Messages".
/// ///
#define MAX_TLS_SESSION_ID_LENGTH 32 #define MAX_TLS_SESSION_ID_LENGTH 32
typedef struct { typedef struct {
UINT16 Length; UINT16 Length;
UINT8 Data[MAX_TLS_SESSION_ID_LENGTH]; UINT8 Data[MAX_TLS_SESSION_ID_LENGTH];
} EFI_TLS_SESSION_ID; } EFI_TLS_SESSION_ID;
/// ///
/// EFI_TLS_SESSION_STATE /// EFI_TLS_SESSION_STATE
/// ///
typedef enum { typedef enum {
/// ///
/// When a new child of TLS protocol is created, the initial state of TLS session /// When a new child of TLS protocol is created, the initial state of TLS session
/// is EfiTlsSessionNotStarted. /// is EfiTlsSessionNotStarted.
/// ///
EfiTlsSessionNotStarted, EfiTlsSessionNotStarted,
/// ///
/// The consumer can call BuildResponsePacket() with NULL to get ClientHello to /// The consumer can call BuildResponsePacket() with NULL to get ClientHello to
/// start the TLS session. Then the status is EfiTlsSessionHandShaking. /// start the TLS session. Then the status is EfiTlsSessionHandShaking.
/// ///
EfiTlsSessionHandShaking, EfiTlsSessionHandShaking,
/// ///
/// During handshake, the consumer need call BuildResponsePacket() with input /// During handshake, the consumer need call BuildResponsePacket() with input
/// data from peer, then get response packet and send to peer. After handshake /// data from peer, then get response packet and send to peer. After handshake
/// finish, the TLS session status becomes EfiTlsSessionDataTransferring, and /// finish, the TLS session status becomes EfiTlsSessionDataTransferring, and
/// consumer can use ProcessPacket() for data transferring. /// consumer can use ProcessPacket() for data transferring.
/// ///
EfiTlsSessionDataTransferring, EfiTlsSessionDataTransferring,
/// ///
/// Finally, if consumer wants to active close TLS session, consumer need /// Finally, if consumer wants to active close TLS session, consumer need
/// call SetSessionData to set TLS session state to EfiTlsSessionClosing, and /// call SetSessionData to set TLS session state to EfiTlsSessionClosing, and
/// call BuildResponsePacket() with NULL to get CloseNotify alert message, /// call BuildResponsePacket() with NULL to get CloseNotify alert message,
/// and sent it out. /// and sent it out.
/// ///
EfiTlsSessionClosing, EfiTlsSessionClosing,
/// ///
/// If any error happen during parsing ApplicationData content type, EFI_ABORT /// If any error happen during parsing ApplicationData content type, EFI_ABORT
/// will be returned by ProcessPacket(), and TLS session state will become /// will be returned by ProcessPacket(), and TLS session state will become
/// EfiTlsSessionError. Then consumer need call BuildResponsePacket() with /// EfiTlsSessionError. Then consumer need call BuildResponsePacket() with
/// NULL to get alert message and sent it out. /// NULL to get alert message and sent it out.
/// ///
EfiTlsSessionError, EfiTlsSessionError,
EfiTlsSessionStateMaximum EfiTlsSessionStateMaximum
} EFI_TLS_SESSION_STATE; } EFI_TLS_SESSION_STATE;
/// ///
/// EFI_TLS_FRAGMENT_DATA /// EFI_TLS_FRAGMENT_DATA
/// ///
typedef struct { typedef struct {
/// ///
/// Length of data buffer in the fragment. /// Length of data buffer in the fragment.
/// ///
UINT32 FragmentLength; UINT32 FragmentLength;
/// ///
/// Pointer to the data buffer in the fragment. /// Pointer to the data buffer in the fragment.
/// ///
VOID *FragmentBuffer; VOID *FragmentBuffer;
} EFI_TLS_FRAGMENT_DATA; } EFI_TLS_FRAGMENT_DATA;
/// ///
/// EFI_TLS_CRYPT_MODE /// EFI_TLS_CRYPT_MODE
/// ///
typedef enum { typedef enum {
/// ///
/// Encrypt data provided in the fragment buffers. /// Encrypt data provided in the fragment buffers.
/// ///
EfiTlsEncrypt, EfiTlsEncrypt,
/// ///
/// Decrypt data provided in the fragment buffers. /// Decrypt data provided in the fragment buffers.
/// ///
EfiTlsDecrypt, EfiTlsDecrypt,
} EFI_TLS_CRYPT_MODE; } EFI_TLS_CRYPT_MODE;
/** /**
Set TLS session data. Set TLS session data.
The SetSessionData() function set data for a new TLS session. All session data should The SetSessionData() function set data for a new TLS session. All session data should
be set before BuildResponsePacket() invoked. be set before BuildResponsePacket() invoked.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] DataType TLS session data type. @param[in] DataType TLS session data type.
@param[in] Data Pointer to session data. @param[in] Data Pointer to session data.
@param[in] DataSize Total size of session data. @param[in] DataSize Total size of session data.
@retval EFI_SUCCESS The TLS session data is set successfully. @retval EFI_SUCCESS The TLS session data is set successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
Data is NULL. Data is NULL.
DataSize is 0. DataSize is 0.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_ACCESS_DENIED If the DataType is one of below: @retval EFI_ACCESS_DENIED If the DataType is one of below:
EfiTlsClientRandom EfiTlsClientRandom
EfiTlsServerRandom EfiTlsServerRandom
EfiTlsKeyMaterial EfiTlsKeyMaterial
@retval EFI_NOT_READY Current TLS session state is NOT @retval EFI_NOT_READY Current TLS session state is NOT
EfiTlsSessionStateNotStarted. EfiTlsSessionStateNotStarted.
@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated. @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_SET_SESSION_DATA) ( (EFIAPI *EFI_TLS_SET_SESSION_DATA) (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN EFI_TLS_SESSION_DATA_TYPE DataType, IN EFI_TLS_SESSION_DATA_TYPE DataType,
IN VOID *Data, IN VOID *Data,
IN UINTN DataSize IN UINTN DataSize
); );
/** /**
Get TLS session data. Get TLS session data.
The GetSessionData() function return the TLS session information. The GetSessionData() function return the TLS session information.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] DataType TLS session data type. @param[in] DataType TLS session data type.
@param[in, out] Data Pointer to session data. @param[in, out] Data Pointer to session data.
@param[in, out] DataSize Total size of session data. On input, it means @param[in, out] DataSize Total size of session data. On input, it means
the size of Data buffer. On output, it means the size the size of Data buffer. On output, it means the size
of copied Data buffer if EFI_SUCCESS, and means the of copied Data buffer if EFI_SUCCESS, and means the
size of desired Data buffer if EFI_BUFFER_TOO_SMALL. size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
@retval EFI_SUCCESS The TLS session data is got successfully. @retval EFI_SUCCESS The TLS session data is got successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
DataSize is NULL. DataSize is NULL.
Data is NULL if *DataSize is not zero. Data is NULL if *DataSize is not zero.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_NOT_FOUND The TLS session data is not found. @retval EFI_NOT_FOUND The TLS session data is not found.
@retval EFI_NOT_READY The DataType is not ready in current session state. @retval EFI_NOT_READY The DataType is not ready in current session state.
@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data. @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_GET_SESSION_DATA) ( (EFIAPI *EFI_TLS_GET_SESSION_DATA) (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN EFI_TLS_SESSION_DATA_TYPE DataType, IN EFI_TLS_SESSION_DATA_TYPE DataType,
IN OUT VOID *Data, OPTIONAL IN OUT VOID *Data, OPTIONAL
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
); );
/** /**
Build response packet according to TLS state machine. This function is only valid for Build response packet according to TLS state machine. This function is only valid for
alert, handshake and change_cipher_spec content type. alert, handshake and change_cipher_spec content type.
The BuildResponsePacket() function builds TLS response packet in response to the TLS The BuildResponsePacket() function builds TLS response packet in response to the TLS
request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and
RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session
will be initiated and the response packet needs to be ClientHello. If RequestBuffer is will be initiated and the response packet needs to be ClientHello. If RequestBuffer is
NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS
session will be closed and response packet needs to be CloseNotify. If RequestBuffer is session will be closed and response packet needs to be CloseNotify. If RequestBuffer is
NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS
session has errors and the response packet needs to be Alert message based on error session has errors and the response packet needs to be Alert message based on error
type. type.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL @param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL
means TLS need initiate the TLS session and response means TLS need initiate the TLS session and response
packet need to be ClientHello. packet need to be ClientHello.
@param[in] RequestSize Packet size in bytes for the most recently received TLS @param[in] RequestSize Packet size in bytes for the most recently received TLS
packet. 0 is only valid when RequestBuffer is NULL. packet. 0 is only valid when RequestBuffer is NULL.
@param[out] Buffer Pointer to the buffer to hold the built packet. @param[out] Buffer Pointer to the buffer to hold the built packet.
@param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is @param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is
the buffer size provided by the caller. On output, it the buffer size provided by the caller. On output, it
is the buffer size in fact needed to contain the is the buffer size in fact needed to contain the
packet. packet.
@retval EFI_SUCCESS The required TLS packet is built successfully. @retval EFI_SUCCESS The required TLS packet is built successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
RequestBuffer is NULL but RequestSize is NOT 0. RequestBuffer is NULL but RequestSize is NOT 0.
RequestSize is 0 but RequestBuffer is NOT NULL. RequestSize is 0 but RequestBuffer is NOT NULL.
BufferSize is NULL. BufferSize is NULL.
Buffer is NULL if *BufferSize is not zero. Buffer is NULL if *BufferSize is not zero.
@retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet. @retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.
@retval EFI_NOT_READY Current TLS session state is NOT ready to build @retval EFI_NOT_READY Current TLS session state is NOT ready to build
ResponsePacket. ResponsePacket.
@retval EFI_ABORTED Something wrong build response packet. @retval EFI_ABORTED Something wrong build response packet.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_BUILD_RESPONSE_PACKET) ( (EFIAPI *EFI_TLS_BUILD_RESPONSE_PACKET) (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN UINT8 *RequestBuffer, OPTIONAL IN UINT8 *RequestBuffer, OPTIONAL
IN UINTN RequestSize, OPTIONAL IN UINTN RequestSize, OPTIONAL
OUT UINT8 *Buffer, OPTIONAL OUT UINT8 *Buffer, OPTIONAL
IN OUT UINTN *BufferSize IN OUT UINTN *BufferSize
); );
/** /**
Decrypt or encrypt TLS packet during session. This function is only valid after Decrypt or encrypt TLS packet during session. This function is only valid after
session connected and for application_data content type. session connected and for application_data content type.
The ProcessPacket () function process each inbound or outbound TLS APP packet. The ProcessPacket () function process each inbound or outbound TLS APP packet.
@param[in] This Pointer to the EFI_TLS_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
@param[in, out] FragmentTable Pointer to a list of fragment. The caller will take @param[in, out] FragmentTable Pointer to a list of fragment. The caller will take
responsible to handle the original FragmentTable while responsible to handle the original FragmentTable while
it may be reallocated in TLS driver. If CryptMode is it may be reallocated in TLS driver. If CryptMode is
EfiTlsEncrypt, on input these fragments contain the TLS EfiTlsEncrypt, on input these fragments contain the TLS
header and plain text TLS APP payload; on output these header and plain text TLS APP payload; on output these
fragments contain the TLS header and cipher text TLS fragments contain the TLS header and cipher text TLS
APP payload. If CryptMode is EfiTlsDecrypt, on input APP payload. If CryptMode is EfiTlsDecrypt, on input
these fragments contain the TLS header and cipher text these fragments contain the TLS header and cipher text
TLS APP payload; on output these fragments contain the TLS APP payload; on output these fragments contain the
TLS header and plain text TLS APP payload. TLS header and plain text TLS APP payload.
@param[in] FragmentCount Number of fragment. @param[in] FragmentCount Number of fragment.
@param[in] CryptMode Crypt mode. @param[in] CryptMode Crypt mode.
@retval EFI_SUCCESS The operation completed successfully. @retval EFI_SUCCESS The operation completed successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
FragmentTable is NULL. FragmentTable is NULL.
FragmentCount is NULL. FragmentCount is NULL.
CryptoMode is invalid. CryptoMode is invalid.
@retval EFI_NOT_READY Current TLS session state is NOT @retval EFI_NOT_READY Current TLS session state is NOT
EfiTlsSessionDataTransferring. EfiTlsSessionDataTransferring.
@retval EFI_ABORTED Something wrong decryption the message. TLS session @retval EFI_ABORTED Something wrong decryption the message. TLS session
status will become EfiTlsSessionError. The caller need status will become EfiTlsSessionError. The caller need
call BuildResponsePacket() to generate Error Alert call BuildResponsePacket() to generate Error Alert
message and send it out. message and send it out.
@retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation. @retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_PROCESS_PACKET) ( (EFIAPI *EFI_TLS_PROCESS_PACKET) (
IN EFI_TLS_PROTOCOL *This, IN EFI_TLS_PROTOCOL *This,
IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable, IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
IN UINT32 *FragmentCount, IN UINT32 *FragmentCount,
IN EFI_TLS_CRYPT_MODE CryptMode IN EFI_TLS_CRYPT_MODE CryptMode
); );
/// ///
/// The EFI_TLS_PROTOCOL is used to create, destroy and manage TLS session. /// The EFI_TLS_PROTOCOL is used to create, destroy and manage TLS session.
/// For detail of TLS, please refer to TLS related RFC. /// For detail of TLS, please refer to TLS related RFC.
/// ///
struct _EFI_TLS_PROTOCOL { struct _EFI_TLS_PROTOCOL {
EFI_TLS_SET_SESSION_DATA SetSessionData; EFI_TLS_SET_SESSION_DATA SetSessionData;
EFI_TLS_GET_SESSION_DATA GetSessionData; EFI_TLS_GET_SESSION_DATA GetSessionData;
EFI_TLS_BUILD_RESPONSE_PACKET BuildResponsePacket; EFI_TLS_BUILD_RESPONSE_PACKET BuildResponsePacket;
EFI_TLS_PROCESS_PACKET ProcessPacket; EFI_TLS_PROCESS_PACKET ProcessPacket;
}; };
extern EFI_GUID gEfiTlsServiceBindingProtocolGuid; extern EFI_GUID gEfiTlsServiceBindingProtocolGuid;
extern EFI_GUID gEfiTlsProtocolGuid; extern EFI_GUID gEfiTlsProtocolGuid;
#endif // __EFI_TLS_PROTOCOL_H__ #endif // __EFI_TLS_PROTOCOL_H__

265
MdePkg/Include/Protocol/TlsConfig.h
View File

@ -1,132 +1,133 @@
/** @file /** @file
EFI TLS Configuration Protocol as defined in UEFI 2.5. EFI TLS Configuration Protocol as defined in UEFI 2.5.
The EFI TLS Configuration Protocol provides a way to set and get TLS configuration. The EFI TLS Configuration Protocol provides a way to set and get TLS configuration.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
@par Revision Reference: @par Revision Reference:
This Protocol is introduced in UEFI Specification 2.5 This Protocol is introduced in UEFI Specification 2.5
**/ **/
#ifndef __EFI_TLS_CONFIGURATION_PROTOCOL_H__ #ifndef __EFI_TLS_CONFIGURATION_PROTOCOL_H__
#define __EFI_TLS_CONFIGURATION_PROTOCOL_H__ #define __EFI_TLS_CONFIGURATION_PROTOCOL_H__
/// ///
/// The EFI Configuration protocol provides a way to set and get TLS configuration. /// The EFI Configuration protocol provides a way to set and get TLS configuration.
/// ///
#define EFI_TLS_CONFIGURATION_PROTOCOL_GUID \ #define EFI_TLS_CONFIGURATION_PROTOCOL_GUID \
{ \ { \
0x1682fe44, 0xbd7a, 0x4407, { 0xb7, 0xc7, 0xdc, 0xa3, 0x7c, 0xa3, 0x92, 0x2d } \ 0x1682fe44, 0xbd7a, 0x4407, { 0xb7, 0xc7, 0xdc, 0xa3, 0x7c, 0xa3, 0x92, 0x2d } \
} }
typedef struct _EFI_TLS_CONFIGURATION_PROTOCOL EFI_TLS_CONFIGURATION_PROTOCOL; typedef struct _EFI_TLS_CONFIGURATION_PROTOCOL EFI_TLS_CONFIGURATION_PROTOCOL;
/// ///
/// EFI_TLS_CONFIG_DATA_TYPE /// EFI_TLS_CONFIG_DATA_TYPE
/// ///
typedef enum { typedef enum {
/// ///
/// Local host configuration data: public certificate data. /// Local host configuration data: public certificate data.
/// This data should be DER-encoded binary X.509 certificate /// This data should be DER-encoded binary X.509 certificate
/// or PEM-encoded X.509 certificate. /// or PEM-encoded X.509 certificate.
/// ///
EfiTlsConfigDataTypeHostPublicCert, EfiTlsConfigDataTypeHostPublicCert,
/// ///
/// Local host configuration data: private key data. /// Local host configuration data: private key data.
/// ///
EfiTlsConfigDataTypeHostPrivateKey, EfiTlsConfigDataTypeHostPrivateKey,
/// ///
/// CA certificate to verify peer. This data should be PEM-encoded /// CA certificate to verify peer. This data should be PEM-encoded
/// RSA or PKCS#8 private key. /// RSA or PKCS#8 private key.
/// ///
EfiTlsConfigDataTypeCACertificate, EfiTlsConfigDataTypeCACertificate,
/// ///
/// CA-supplied Certificate Revocation List data. This data should /// CA-supplied Certificate Revocation List data. This data should
/// be DER-encoded CRL data. /// be DER-encoded CRL data.
/// ///
EfiTlsConfigDataTypeCertRevocationList, EfiTlsConfigDataTypeCertRevocationList,
EfiTlsConfigDataTypeMaximum EfiTlsConfigDataTypeMaximum
} EFI_TLS_CONFIG_DATA_TYPE; } EFI_TLS_CONFIG_DATA_TYPE;
/** /**
Set TLS configuration data. Set TLS configuration data.
The SetData() function sets TLS configuration to non-volatile storage or volatile The SetData() function sets TLS configuration to non-volatile storage or volatile
storage. storage.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in] Data Pointer to configuration data. @param[in] Data Pointer to configuration data.
@param[in] DataSize Total size of configuration data. @param[in] DataSize Total size of configuration data.
@retval EFI_SUCCESS The TLS configuration data is set successfully. @retval EFI_SUCCESS The TLS configuration data is set successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
Data is NULL. Data is NULL.
DataSize is 0. DataSize is 0.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated. @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_CONFIGURATION_SET_DATA)( (EFIAPI *EFI_TLS_CONFIGURATION_SET_DATA)(
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN VOID *Data, IN VOID *Data,
IN UINTN DataSize IN UINTN DataSize
); );
/** /**
Get TLS configuration data. Get TLS configuration data.
The GetData() function gets TLS configuration. The GetData() function gets TLS configuration.
@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance. @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
@param[in] DataType Configuration data type. @param[in] DataType Configuration data type.
@param[in, out] Data Pointer to configuration data. @param[in, out] Data Pointer to configuration data.
@param[in, out] DataSize Total size of configuration data. On input, it means @param[in, out] DataSize Total size of configuration data. On input, it means
the size of Data buffer. On output, it means the size the size of Data buffer. On output, it means the size
of copied Data buffer if EFI_SUCCESS, and means the of copied Data buffer if EFI_SUCCESS, and means the
size of desired Data buffer if EFI_BUFFER_TOO_SMALL. size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
@retval EFI_SUCCESS The TLS configuration data is got successfully. @retval EFI_SUCCESS The TLS configuration data is got successfully.
@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
This is NULL. This is NULL.
DataSize is NULL. DataSize is NULL.
Data is NULL if *DataSize is not zero. Data is NULL if *DataSize is not zero.
@retval EFI_UNSUPPORTED The DataType is unsupported. @retval EFI_UNSUPPORTED The DataType is unsupported.
@retval EFI_NOT_FOUND The TLS configuration data is not found. @retval EFI_NOT_FOUND The TLS configuration data is not found.
@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data. @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
**/ **/
typedef typedef
EFI_STATUS EFI_STATUS
(EFIAPI *EFI_TLS_CONFIGURATION_GET_DATA)( (EFIAPI *EFI_TLS_CONFIGURATION_GET_DATA)(
IN EFI_TLS_CONFIGURATION_PROTOCOL *This, IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
IN EFI_TLS_CONFIG_DATA_TYPE DataType, IN EFI_TLS_CONFIG_DATA_TYPE DataType,
IN OUT VOID *Data, OPTIONAL IN OUT VOID *Data, OPTIONAL
IN OUT UINTN *DataSize IN OUT UINTN *DataSize
); );
/// ///
/// The EFI_TLS_CONFIGURATION_PROTOCOL is designed to provide a way to set and get /// The EFI_TLS_CONFIGURATION_PROTOCOL is designed to provide a way to set and get
/// TLS configuration, such as Certificate, private key data. /// TLS configuration, such as Certificate, private key data.
/// ///
struct _EFI_TLS_CONFIGURATION_PROTOCOL { struct _EFI_TLS_CONFIGURATION_PROTOCOL {
EFI_TLS_CONFIGURATION_SET_DATA SetData; EFI_TLS_CONFIGURATION_SET_DATA SetData;
EFI_TLS_CONFIGURATION_GET_DATA GetData; EFI_TLS_CONFIGURATION_GET_DATA GetData;
}; };
extern EFI_GUID gEfiTlsConfigurationProtocolGuid; extern EFI_GUID gEfiTlsConfigurationProtocolGuid;
#endif //__EFI_TLS_CONFIGURATION_PROTOCOL_H__ #endif //__EFI_TLS_CONFIGURATION_PROTOCOL_H__

39
MdePkg/Library/BaseLib/SafeString.c
View File

@ -217,7 +217,7 @@ StrnSizeS (
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero, If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumUnicodeStringLength. PcdMaximumUnicodeStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -231,7 +231,7 @@ StrCpyS (
) )
{ {
UINTN SourceLen; UINTN SourceLen;
ASSERT (((UINTN) Destination & BIT0) == 0); ASSERT (((UINTN) Destination & BIT0) == 0);
ASSERT (((UINTN) Source & BIT0) == 0); ASSERT (((UINTN) Source & BIT0) == 0);
@ -296,12 +296,12 @@ StrCpyS (
@param Length The maximum number of Unicode characters to copy. @param Length The maximum number of Unicode characters to copy.
@retval RETURN_SUCCESS String is copied. @retval RETURN_SUCCESS String is copied.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than
MIN(StrLen(Source), Length). MIN(StrLen(Source), Length).
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero, If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumUnicodeStringLength. PcdMaximumUnicodeStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -388,14 +388,14 @@ StrnCpyS (
@param Source A pointer to a Null-terminated Unicode string. @param Source A pointer to a Null-terminated Unicode string.
@retval RETURN_SUCCESS String is appended. @retval RETURN_SUCCESS String is appended.
@retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
StrLen(Destination). StrLen(Destination).
@retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
greater than StrLen(Source). greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero, If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumUnicodeStringLength. PcdMaximumUnicodeStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -411,7 +411,7 @@ StrCatS (
UINTN DestLen; UINTN DestLen;
UINTN CopyLen; UINTN CopyLen;
UINTN SourceLen; UINTN SourceLen;
ASSERT (((UINTN) Destination & BIT0) == 0); ASSERT (((UINTN) Destination & BIT0) == 0);
ASSERT (((UINTN) Source & BIT0) == 0); ASSERT (((UINTN) Source & BIT0) == 0);
@ -497,7 +497,7 @@ StrCatS (
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero, If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumUnicodeStringLength. PcdMaximumUnicodeStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -514,7 +514,7 @@ StrnCatS (
UINTN DestLen; UINTN DestLen;
UINTN CopyLen; UINTN CopyLen;
UINTN SourceLen; UINTN SourceLen;
ASSERT (((UINTN) Destination & BIT0) == 0); ASSERT (((UINTN) Destination & BIT0) == 0);
ASSERT (((UINTN) Source & BIT0) == 0); ASSERT (((UINTN) Source & BIT0) == 0);
@ -1799,7 +1799,7 @@ AsciiStrnSizeS (
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumAsciiStringLength is not zero, If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumAsciiStringLength. PcdMaximumAsciiStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -1813,7 +1813,7 @@ AsciiStrCpyS (
) )
{ {
UINTN SourceLen; UINTN SourceLen;
// //
// 1. Neither Destination nor Source shall be a null pointer. // 1. Neither Destination nor Source shall be a null pointer.
// //
@ -1873,12 +1873,12 @@ AsciiStrCpyS (
@param Length The maximum number of Ascii characters to copy. @param Length The maximum number of Ascii characters to copy.
@retval RETURN_SUCCESS String is copied. @retval RETURN_SUCCESS String is copied.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than
MIN(StrLen(Source), Length). MIN(StrLen(Source), Length).
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumAsciiStringLength is not zero, If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumAsciiStringLength. PcdMaximumAsciiStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -1960,14 +1960,14 @@ AsciiStrnCpyS (
@param Source A pointer to a Null-terminated Ascii string. @param Source A pointer to a Null-terminated Ascii string.
@retval RETURN_SUCCESS String is appended. @retval RETURN_SUCCESS String is appended.
@retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
StrLen(Destination). StrLen(Destination).
@retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
greater than StrLen(Source). greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumAsciiStringLength is not zero, If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumAsciiStringLength. PcdMaximumAsciiStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -1983,7 +1983,7 @@ AsciiStrCatS (
UINTN DestLen; UINTN DestLen;
UINTN CopyLen; UINTN CopyLen;
UINTN SourceLen; UINTN SourceLen;
// //
// Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrCatS. // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrCatS.
// //
@ -2064,7 +2064,7 @@ AsciiStrCatS (
@retval RETURN_INVALID_PARAMETER If Destination is NULL. @retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL. If Source is NULL.
If PcdMaximumAsciiStringLength is not zero, If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than and DestMax is greater than
PcdMaximumAsciiStringLength. PcdMaximumAsciiStringLength.
If DestMax is 0. If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap. @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
@ -2081,7 +2081,7 @@ AsciiStrnCatS (
UINTN DestLen; UINTN DestLen;
UINTN CopyLen; UINTN CopyLen;
UINTN SourceLen; UINTN SourceLen;
// //
// Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrnCatS. // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrnCatS.
// //
@ -3265,7 +3265,8 @@ AsciiStrToIpv6Address (
&Address->Addr[CompressStart + ARRAY_SIZE (Address->Addr) - AddressIndex], &Address->Addr[CompressStart + ARRAY_SIZE (Address->Addr) - AddressIndex],
&LocalAddress.Addr[CompressStart], &LocalAddress.Addr[CompressStart],
AddressIndex - CompressStart AddressIndex - CompressStart
); );
} }
if (PrefixLength != NULL) { if (PrefixLength != NULL) {