]>
Commit | Line | Data |
---|---|---|
264702a0 HW |
1 | /** @file\r |
2 | Defines TLS Library APIs.\r | |
3 | \r | |
4 | Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r | |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #ifndef __TLS_LIB_H__\r | |
16 | #define __TLS_LIB_H__\r | |
17 | \r | |
18 | /**\r | |
19 | Initializes the OpenSSL library.\r | |
20 | \r | |
21 | This function registers ciphers and digests used directly and indirectly\r | |
22 | by SSL/TLS, and initializes the readable error messages.\r | |
23 | This function must be called before any other action takes places.\r | |
24 | \r | |
25 | **/\r | |
26 | VOID\r | |
27 | EFIAPI\r | |
28 | TlsInitialize (\r | |
29 | VOID\r | |
30 | );\r | |
31 | \r | |
32 | /**\r | |
33 | Free an allocated SSL_CTX object.\r | |
34 | \r | |
35 | @param[in] TlsCtx Pointer to the SSL_CTX object to be released.\r | |
36 | \r | |
37 | **/\r | |
38 | VOID\r | |
39 | EFIAPI\r | |
40 | TlsCtxFree (\r | |
41 | IN VOID *TlsCtx\r | |
42 | );\r | |
43 | \r | |
44 | /**\r | |
45 | Creates a new SSL_CTX object as framework to establish TLS/SSL enabled\r | |
46 | connections.\r | |
47 | \r | |
48 | @param[in] MajorVer Major Version of TLS/SSL Protocol.\r | |
49 | @param[in] MinorVer Minor Version of TLS/SSL Protocol.\r | |
50 | \r | |
51 | @return Pointer to an allocated SSL_CTX object.\r | |
52 | If the creation failed, TlsCtxNew() returns NULL.\r | |
53 | \r | |
54 | **/\r | |
55 | VOID *\r | |
56 | EFIAPI\r | |
57 | TlsCtxNew (\r | |
58 | IN UINT8 MajorVer,\r | |
59 | IN UINT8 MinorVer\r | |
60 | );\r | |
61 | \r | |
62 | /**\r | |
63 | Free an allocated TLS object.\r | |
64 | \r | |
65 | This function removes the TLS object pointed to by Tls and frees up the\r | |
66 | allocated memory. If Tls is NULL, nothing is done.\r | |
67 | \r | |
68 | @param[in] Tls Pointer to the TLS object to be freed.\r | |
69 | \r | |
70 | **/\r | |
71 | VOID\r | |
72 | EFIAPI\r | |
73 | TlsFree (\r | |
74 | IN VOID *Tls\r | |
75 | );\r | |
76 | \r | |
77 | /**\r | |
78 | Create a new TLS object for a connection.\r | |
79 | \r | |
80 | This function creates a new TLS object for a connection. The new object\r | |
81 | inherits the setting of the underlying context TlsCtx: connection method,\r | |
82 | options, verification setting.\r | |
83 | \r | |
84 | @param[in] TlsCtx Pointer to the SSL_CTX object.\r | |
85 | \r | |
86 | @return Pointer to an allocated SSL object.\r | |
87 | If the creation failed, TlsNew() returns NULL.\r | |
88 | \r | |
89 | **/\r | |
90 | VOID *\r | |
91 | EFIAPI\r | |
92 | TlsNew (\r | |
93 | IN VOID *TlsCtx\r | |
94 | );\r | |
95 | \r | |
96 | /**\r | |
97 | Checks if the TLS handshake was done.\r | |
98 | \r | |
99 | This function will check if the specified TLS handshake was done.\r | |
100 | \r | |
101 | @param[in] Tls Pointer to the TLS object for handshake state checking.\r | |
102 | \r | |
103 | @retval TRUE The TLS handshake was done.\r | |
104 | @retval FALSE The TLS handshake was not done.\r | |
105 | \r | |
106 | **/\r | |
107 | BOOLEAN\r | |
108 | EFIAPI\r | |
109 | TlsInHandshake (\r | |
110 | IN VOID *Tls\r | |
111 | );\r | |
112 | \r | |
113 | /**\r | |
114 | Perform a TLS/SSL handshake.\r | |
115 | \r | |
116 | This function will perform a TLS/SSL handshake.\r | |
117 | \r | |
118 | @param[in] Tls Pointer to the TLS object for handshake operation.\r | |
119 | @param[in] BufferIn Pointer to the most recently received TLS Handshake packet.\r | |
120 | @param[in] BufferInSize Packet size in bytes for the most recently received TLS\r | |
121 | Handshake packet.\r | |
122 | @param[out] BufferOut Pointer to the buffer to hold the built packet.\r | |
123 | @param[in, out] BufferOutSize Pointer to the buffer size in bytes. On input, it is\r | |
124 | the buffer size provided by the caller. On output, it\r | |
125 | is the buffer size in fact needed to contain the\r | |
126 | packet.\r | |
127 | \r | |
128 | @retval EFI_SUCCESS The required TLS packet is built successfully.\r | |
129 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r | |
130 | Tls is NULL.\r | |
131 | BufferIn is NULL but BufferInSize is NOT 0.\r | |
132 | BufferInSize is 0 but BufferIn is NOT NULL.\r | |
133 | BufferOutSize is NULL.\r | |
134 | BufferOut is NULL if *BufferOutSize is not zero.\r | |
135 | @retval EFI_BUFFER_TOO_SMALL BufferOutSize is too small to hold the response packet.\r | |
136 | @retval EFI_ABORTED Something wrong during handshake.\r | |
137 | \r | |
138 | **/\r | |
139 | EFI_STATUS\r | |
140 | EFIAPI\r | |
141 | TlsDoHandshake (\r | |
142 | IN VOID *Tls,\r | |
143 | IN UINT8 *BufferIn, OPTIONAL\r | |
144 | IN UINTN BufferInSize, OPTIONAL\r | |
145 | OUT UINT8 *BufferOut, OPTIONAL\r | |
146 | IN OUT UINTN *BufferOutSize\r | |
147 | );\r | |
148 | \r | |
149 | /**\r | |
150 | Handle Alert message recorded in BufferIn. If BufferIn is NULL and BufferInSize is zero,\r | |
151 | TLS session has errors and the response packet needs to be Alert message based on error type.\r | |
152 | \r | |
153 | @param[in] Tls Pointer to the TLS object for state checking.\r | |
154 | @param[in] BufferIn Pointer to the most recently received TLS Alert packet.\r | |
155 | @param[in] BufferInSize Packet size in bytes for the most recently received TLS\r | |
156 | Alert packet.\r | |
157 | @param[out] BufferOut Pointer to the buffer to hold the built packet.\r | |
158 | @param[in, out] BufferOutSize Pointer to the buffer size in bytes. On input, it is\r | |
159 | the buffer size provided by the caller. On output, it\r | |
160 | is the buffer size in fact needed to contain the\r | |
161 | packet.\r | |
162 | \r | |
163 | @retval EFI_SUCCESS The required TLS packet is built successfully.\r | |
164 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r | |
165 | Tls is NULL.\r | |
166 | BufferIn is NULL but BufferInSize is NOT 0.\r | |
167 | BufferInSize is 0 but BufferIn is NOT NULL.\r | |
168 | BufferOutSize is NULL.\r | |
169 | BufferOut is NULL if *BufferOutSize is not zero.\r | |
170 | @retval EFI_ABORTED An error occurred.\r | |
171 | @retval EFI_BUFFER_TOO_SMALL BufferOutSize is too small to hold the response packet.\r | |
172 | \r | |
173 | **/\r | |
174 | EFI_STATUS\r | |
175 | EFIAPI\r | |
176 | TlsHandleAlert (\r | |
177 | IN VOID *Tls,\r | |
178 | IN UINT8 *BufferIn, OPTIONAL\r | |
179 | IN UINTN BufferInSize, OPTIONAL\r | |
180 | OUT UINT8 *BufferOut, OPTIONAL\r | |
181 | IN OUT UINTN *BufferOutSize\r | |
182 | );\r | |
183 | \r | |
184 | /**\r | |
185 | Build the CloseNotify packet.\r | |
186 | \r | |
187 | @param[in] Tls Pointer to the TLS object for state checking.\r | |
188 | @param[in, out] Buffer Pointer to the buffer to hold the built packet.\r | |
189 | @param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is\r | |
190 | the buffer size provided by the caller. On output, it\r | |
191 | is the buffer size in fact needed to contain the\r | |
192 | packet.\r | |
193 | \r | |
194 | @retval EFI_SUCCESS The required TLS packet is built successfully.\r | |
195 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r | |
196 | Tls is NULL.\r | |
197 | BufferSize is NULL.\r | |
198 | Buffer is NULL if *BufferSize is not zero.\r | |
199 | @retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.\r | |
200 | \r | |
201 | **/\r | |
202 | EFI_STATUS\r | |
203 | EFIAPI\r | |
204 | TlsCloseNotify (\r | |
205 | IN VOID *Tls,\r | |
206 | IN OUT UINT8 *Buffer,\r | |
207 | IN OUT UINTN *BufferSize\r | |
208 | );\r | |
209 | \r | |
210 | /**\r | |
211 | Attempts to read bytes from one TLS object and places the data in Buffer.\r | |
212 | \r | |
213 | This function will attempt to read BufferSize bytes from the TLS object\r | |
214 | and places the data in Buffer.\r | |
215 | \r | |
216 | @param[in] Tls Pointer to the TLS object.\r | |
217 | @param[in,out] Buffer Pointer to the buffer to store the data.\r | |
218 | @param[in] BufferSize The size of Buffer in bytes.\r | |
219 | \r | |
220 | @retval >0 The amount of data successfully read from the TLS object.\r | |
221 | @retval <=0 No data was successfully read.\r | |
222 | \r | |
223 | **/\r | |
224 | INTN\r | |
225 | EFIAPI\r | |
226 | TlsCtrlTrafficOut (\r | |
227 | IN VOID *Tls,\r | |
228 | IN OUT VOID *Buffer,\r | |
229 | IN UINTN BufferSize\r | |
230 | );\r | |
231 | \r | |
232 | /**\r | |
233 | Attempts to write data from the buffer to TLS object.\r | |
234 | \r | |
235 | This function will attempt to write BufferSize bytes data from the Buffer\r | |
236 | to the TLS object.\r | |
237 | \r | |
238 | @param[in] Tls Pointer to the TLS object.\r | |
239 | @param[in] Buffer Pointer to the data buffer.\r | |
240 | @param[in] BufferSize The size of Buffer in bytes.\r | |
241 | \r | |
242 | @retval >0 The amount of data successfully written to the TLS object.\r | |
243 | @retval <=0 No data was successfully written.\r | |
244 | \r | |
245 | **/\r | |
246 | INTN\r | |
247 | EFIAPI\r | |
248 | TlsCtrlTrafficIn (\r | |
249 | IN VOID *Tls,\r | |
250 | IN VOID *Buffer,\r | |
251 | IN UINTN BufferSize\r | |
252 | );\r | |
253 | \r | |
254 | /**\r | |
255 | Attempts to read bytes from the specified TLS connection into the buffer.\r | |
256 | \r | |
257 | This function tries to read BufferSize bytes data from the specified TLS\r | |
258 | connection into the Buffer.\r | |
259 | \r | |
260 | @param[in] Tls Pointer to the TLS connection for data reading.\r | |
261 | @param[in,out] Buffer Pointer to the data buffer.\r | |
262 | @param[in] BufferSize The size of Buffer in bytes.\r | |
263 | \r | |
264 | @retval >0 The read operation was successful, and return value is the\r | |
265 | number of bytes actually read from the TLS connection.\r | |
266 | @retval <=0 The read operation was not successful.\r | |
267 | \r | |
268 | **/\r | |
269 | INTN\r | |
270 | EFIAPI\r | |
271 | TlsRead (\r | |
272 | IN VOID *Tls,\r | |
273 | IN OUT VOID *Buffer,\r | |
274 | IN UINTN BufferSize\r | |
275 | );\r | |
276 | \r | |
277 | /**\r | |
278 | Attempts to write data to a TLS connection.\r | |
279 | \r | |
280 | This function tries to write BufferSize bytes data from the Buffer into the\r | |
281 | specified TLS connection.\r | |
282 | \r | |
283 | @param[in] Tls Pointer to the TLS connection for data writing.\r | |
284 | @param[in] Buffer Pointer to the data buffer.\r | |
285 | @param[in] BufferSize The size of Buffer in bytes.\r | |
286 | \r | |
287 | @retval >0 The write operation was successful, and return value is the\r | |
288 | number of bytes actually written to the TLS connection.\r | |
289 | @retval <=0 The write operation was not successful.\r | |
290 | \r | |
291 | **/\r | |
292 | INTN\r | |
293 | EFIAPI\r | |
294 | TlsWrite (\r | |
295 | IN VOID *Tls,\r | |
296 | IN VOID *Buffer,\r | |
297 | IN UINTN BufferSize\r | |
298 | );\r | |
299 | \r | |
300 | /**\r | |
301 | Set a new TLS/SSL method for a particular TLS object.\r | |
302 | \r | |
303 | This function sets a new TLS/SSL method for a particular TLS object.\r | |
304 | \r | |
305 | @param[in] Tls Pointer to a TLS object.\r | |
306 | @param[in] MajorVer Major Version of TLS/SSL Protocol.\r | |
307 | @param[in] MinorVer Minor Version of TLS/SSL Protocol.\r | |
308 | \r | |
309 | @retval EFI_SUCCESS The TLS/SSL method was set successfully.\r | |
310 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
311 | @retval EFI_UNSUPPORTED Unsupported TLS/SSL method.\r | |
312 | \r | |
313 | **/\r | |
314 | EFI_STATUS\r | |
315 | EFIAPI\r | |
316 | TlsSetVersion (\r | |
317 | IN VOID *Tls,\r | |
318 | IN UINT8 MajorVer,\r | |
319 | IN UINT8 MinorVer\r | |
320 | );\r | |
321 | \r | |
322 | /**\r | |
323 | Set TLS object to work in client or server mode.\r | |
324 | \r | |
325 | This function prepares a TLS object to work in client or server mode.\r | |
326 | \r | |
327 | @param[in] Tls Pointer to a TLS object.\r | |
328 | @param[in] IsServer Work in server mode.\r | |
329 | \r | |
330 | @retval EFI_SUCCESS The TLS/SSL work mode was set successfully.\r | |
331 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
332 | @retval EFI_UNSUPPORTED Unsupported TLS/SSL work mode.\r | |
333 | \r | |
334 | **/\r | |
335 | EFI_STATUS\r | |
336 | EFIAPI\r | |
337 | TlsSetConnectionEnd (\r | |
338 | IN VOID *Tls,\r | |
339 | IN BOOLEAN IsServer\r | |
340 | );\r | |
341 | \r | |
342 | /**\r | |
343 | Set the ciphers list to be used by the TLS object.\r | |
344 | \r | |
345 | This function sets the ciphers for use by a specified TLS object.\r | |
346 | \r | |
347 | @param[in] Tls Pointer to a TLS object.\r | |
348 | @param[in] CipherId Pointer to a string that contains one or more\r | |
349 | ciphers separated by a colon.\r | |
350 | @param[in] CipherNum The number of cipher in the list.\r | |
351 | \r | |
352 | @retval EFI_SUCCESS The ciphers list was set successfully.\r | |
353 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
354 | @retval EFI_UNSUPPORTED Unsupported TLS cipher in the list.\r | |
355 | \r | |
356 | **/\r | |
357 | EFI_STATUS\r | |
358 | EFIAPI\r | |
359 | TlsSetCipherList (\r | |
360 | IN VOID *Tls,\r | |
361 | IN UINT16 *CipherId,\r | |
362 | IN UINTN CipherNum\r | |
363 | );\r | |
364 | \r | |
365 | /**\r | |
366 | Set the compression method for TLS/SSL operations.\r | |
367 | \r | |
368 | This function handles TLS/SSL integrated compression methods.\r | |
369 | \r | |
370 | @param[in] CompMethod The compression method ID.\r | |
371 | \r | |
372 | @retval EFI_SUCCESS The compression method for the communication was\r | |
373 | set successfully.\r | |
374 | @retval EFI_UNSUPPORTED Unsupported compression method.\r | |
375 | \r | |
376 | **/\r | |
377 | EFI_STATUS\r | |
378 | EFIAPI\r | |
379 | TlsSetCompressionMethod (\r | |
380 | IN UINT8 CompMethod\r | |
381 | );\r | |
382 | \r | |
383 | /**\r | |
384 | Set peer certificate verification mode for the TLS connection.\r | |
385 | \r | |
386 | This function sets the verification mode flags for the TLS connection.\r | |
387 | \r | |
388 | @param[in] Tls Pointer to the TLS object.\r | |
389 | @param[in] VerifyMode A set of logically or'ed verification mode flags.\r | |
390 | \r | |
391 | **/\r | |
392 | VOID\r | |
393 | EFIAPI\r | |
394 | TlsSetVerify (\r | |
395 | IN VOID *Tls,\r | |
396 | IN UINT32 VerifyMode\r | |
397 | );\r | |
398 | \r | |
399 | /**\r | |
400 | Sets a TLS/SSL session ID to be used during TLS/SSL connect.\r | |
401 | \r | |
402 | This function sets a session ID to be used when the TLS/SSL connection is\r | |
403 | to be established.\r | |
404 | \r | |
405 | @param[in] Tls Pointer to the TLS object.\r | |
406 | @param[in] SessionId Session ID data used for session resumption.\r | |
407 | @param[in] SessionIdLen Length of Session ID in bytes.\r | |
408 | \r | |
409 | @retval EFI_SUCCESS Session ID was set successfully.\r | |
410 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
411 | @retval EFI_UNSUPPORTED No available session for ID setting.\r | |
412 | \r | |
413 | **/\r | |
414 | EFI_STATUS\r | |
415 | EFIAPI\r | |
416 | TlsSetSessionId (\r | |
417 | IN VOID *Tls,\r | |
418 | IN UINT8 *SessionId,\r | |
419 | IN UINT16 SessionIdLen\r | |
420 | );\r | |
421 | \r | |
422 | /**\r | |
423 | Adds the CA to the cert store when requesting Server or Client authentication.\r | |
424 | \r | |
425 | This function adds the CA certificate to the list of CAs when requesting\r | |
426 | Server or Client authentication for the chosen TLS connection.\r | |
427 | \r | |
428 | @param[in] Tls Pointer to the TLS object.\r | |
429 | @param[in] Data Pointer to the data buffer of a DER-encoded binary\r | |
430 | X.509 certificate or PEM-encoded X.509 certificate.\r | |
431 | @param[in] DataSize The size of data buffer in bytes.\r | |
432 | \r | |
433 | @retval EFI_SUCCESS The operation succeeded.\r | |
434 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
435 | @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated.\r | |
436 | @retval EFI_ABORTED Invalid X.509 certificate.\r | |
437 | \r | |
438 | **/\r | |
439 | EFI_STATUS\r | |
440 | EFIAPI\r | |
441 | TlsSetCaCertificate (\r | |
442 | IN VOID *Tls,\r | |
443 | IN VOID *Data,\r | |
444 | IN UINTN DataSize\r | |
445 | );\r | |
446 | \r | |
447 | /**\r | |
448 | Loads the local public certificate into the specified TLS object.\r | |
449 | \r | |
450 | This function loads the X.509 certificate into the specified TLS object\r | |
451 | for TLS negotiation.\r | |
452 | \r | |
453 | @param[in] Tls Pointer to the TLS object.\r | |
454 | @param[in] Data Pointer to the data buffer of a DER-encoded binary\r | |
455 | X.509 certificate or PEM-encoded X.509 certificate.\r | |
456 | @param[in] DataSize The size of data buffer in bytes.\r | |
457 | \r | |
458 | @retval EFI_SUCCESS The operation succeeded.\r | |
459 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
460 | @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated.\r | |
461 | @retval EFI_ABORTED Invalid X.509 certificate.\r | |
462 | \r | |
463 | **/\r | |
464 | EFI_STATUS\r | |
465 | EFIAPI\r | |
466 | TlsSetHostPublicCert (\r | |
467 | IN VOID *Tls,\r | |
468 | IN VOID *Data,\r | |
469 | IN UINTN DataSize\r | |
470 | );\r | |
471 | \r | |
472 | /**\r | |
473 | Adds the local private key to the specified TLS object.\r | |
474 | \r | |
475 | This function adds the local private key (PEM-encoded RSA or PKCS#8 private\r | |
476 | key) into the specified TLS object for TLS negotiation.\r | |
477 | \r | |
478 | @param[in] Tls Pointer to the TLS object.\r | |
479 | @param[in] Data Pointer to the data buffer of a PEM-encoded RSA\r | |
480 | or PKCS#8 private key.\r | |
481 | @param[in] DataSize The size of data buffer in bytes.\r | |
482 | \r | |
483 | @retval EFI_SUCCESS The operation succeeded.\r | |
484 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
485 | @retval EFI_ABORTED Invalid private key data.\r | |
486 | \r | |
487 | **/\r | |
488 | EFI_STATUS\r | |
489 | EFIAPI\r | |
490 | TlsSetHostPrivateKey (\r | |
491 | IN VOID *Tls,\r | |
492 | IN VOID *Data,\r | |
493 | IN UINTN DataSize\r | |
494 | );\r | |
495 | \r | |
496 | /**\r | |
497 | Adds the CA-supplied certificate revocation list for certificate validation.\r | |
498 | \r | |
499 | This function adds the CA-supplied certificate revocation list data for\r | |
500 | certificate validity checking.\r | |
501 | \r | |
502 | @param[in] Data Pointer to the data buffer of a DER-encoded CRL data.\r | |
503 | @param[in] DataSize The size of data buffer in bytes.\r | |
504 | \r | |
505 | @retval EFI_SUCCESS The operation succeeded.\r | |
506 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
507 | @retval EFI_ABORTED Invalid CRL data.\r | |
508 | \r | |
509 | **/\r | |
510 | EFI_STATUS\r | |
511 | EFIAPI\r | |
512 | TlsSetCertRevocationList (\r | |
513 | IN VOID *Data,\r | |
514 | IN UINTN DataSize\r | |
515 | );\r | |
516 | \r | |
517 | /**\r | |
518 | Gets the protocol version used by the specified TLS connection.\r | |
519 | \r | |
520 | This function returns the protocol version used by the specified TLS\r | |
521 | connection.\r | |
522 | \r | |
523 | @param[in] Tls Pointer to the TLS object.\r | |
524 | \r | |
525 | @return The protocol version of the specified TLS connection.\r | |
526 | \r | |
527 | **/\r | |
528 | UINT16\r | |
529 | EFIAPI\r | |
530 | TlsGetVersion (\r | |
531 | IN VOID *Tls\r | |
532 | );\r | |
533 | \r | |
534 | /**\r | |
535 | Gets the connection end of the specified TLS connection.\r | |
536 | \r | |
537 | This function returns the connection end (as client or as server) used by\r | |
538 | the specified TLS connection.\r | |
539 | \r | |
540 | @param[in] Tls Pointer to the TLS object.\r | |
541 | \r | |
542 | @return The connection end used by the specified TLS connection.\r | |
543 | \r | |
544 | **/\r | |
545 | UINT8\r | |
546 | EFIAPI\r | |
547 | TlsGetConnectionEnd (\r | |
548 | IN VOID *Tls\r | |
549 | );\r | |
550 | \r | |
551 | /**\r | |
552 | Gets the cipher suite used by the specified TLS connection.\r | |
553 | \r | |
554 | This function returns current cipher suite used by the specified\r | |
555 | TLS connection.\r | |
556 | \r | |
557 | @param[in] Tls Pointer to the TLS object.\r | |
558 | @param[in,out] CipherId The cipher suite used by the TLS object.\r | |
559 | \r | |
560 | @retval EFI_SUCCESS The cipher suite was returned successfully.\r | |
561 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
562 | @retval EFI_UNSUPPORTED Unsupported cipher suite.\r | |
563 | \r | |
564 | **/\r | |
565 | EFI_STATUS\r | |
566 | EFIAPI\r | |
567 | TlsGetCurrentCipher (\r | |
568 | IN VOID *Tls,\r | |
569 | IN OUT UINT16 *CipherId\r | |
570 | );\r | |
571 | \r | |
572 | /**\r | |
573 | Gets the compression methods used by the specified TLS connection.\r | |
574 | \r | |
575 | This function returns current integrated compression methods used by\r | |
576 | the specified TLS connection.\r | |
577 | \r | |
578 | @param[in] Tls Pointer to the TLS object.\r | |
579 | @param[in,out] CompressionId The current compression method used by\r | |
580 | the TLS object.\r | |
581 | \r | |
582 | @retval EFI_SUCCESS The compression method was returned successfully.\r | |
583 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
584 | @retval EFI_ABORTED Invalid Compression method.\r | |
585 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
586 | \r | |
587 | **/\r | |
588 | EFI_STATUS\r | |
589 | EFIAPI\r | |
590 | TlsGetCurrentCompressionId (\r | |
591 | IN VOID *Tls,\r | |
592 | IN OUT UINT8 *CompressionId\r | |
593 | );\r | |
594 | \r | |
595 | /**\r | |
596 | Gets the verification mode currently set in the TLS connection.\r | |
597 | \r | |
598 | This function returns the peer verification mode currently set in the\r | |
599 | specified TLS connection.\r | |
600 | \r | |
601 | @param[in] Tls Pointer to the TLS object.\r | |
602 | \r | |
603 | @return The verification mode set in the specified TLS connection.\r | |
604 | \r | |
605 | **/\r | |
606 | UINT32\r | |
607 | EFIAPI\r | |
608 | TlsGetVerify (\r | |
609 | IN VOID *Tls\r | |
610 | );\r | |
611 | \r | |
612 | /**\r | |
613 | Gets the session ID used by the specified TLS connection.\r | |
614 | \r | |
615 | This function returns the TLS/SSL session ID currently used by the\r | |
616 | specified TLS connection.\r | |
617 | \r | |
618 | @param[in] Tls Pointer to the TLS object.\r | |
619 | @param[in,out] SessionId Buffer to contain the returned session ID.\r | |
620 | @param[in,out] SessionIdLen The length of Session ID in bytes.\r | |
621 | \r | |
622 | @retval EFI_SUCCESS The Session ID was returned successfully.\r | |
623 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
624 | @retval EFI_UNSUPPORTED Invalid TLS/SSL session.\r | |
625 | \r | |
626 | **/\r | |
627 | EFI_STATUS\r | |
628 | EFIAPI\r | |
629 | TlsGetSessionId (\r | |
630 | IN VOID *Tls,\r | |
631 | IN OUT UINT8 *SessionId,\r | |
632 | IN OUT UINT16 *SessionIdLen\r | |
633 | );\r | |
634 | \r | |
635 | /**\r | |
636 | Gets the client random data used in the specified TLS connection.\r | |
637 | \r | |
638 | This function returns the TLS/SSL client random data currently used in\r | |
639 | the specified TLS connection.\r | |
640 | \r | |
641 | @param[in] Tls Pointer to the TLS object.\r | |
642 | @param[in,out] ClientRandom Buffer to contain the returned client\r | |
643 | random data (32 bytes).\r | |
644 | \r | |
645 | **/\r | |
646 | VOID\r | |
647 | EFIAPI\r | |
648 | TlsGetClientRandom (\r | |
649 | IN VOID *Tls,\r | |
650 | IN OUT UINT8 *ClientRandom\r | |
651 | );\r | |
652 | \r | |
653 | /**\r | |
654 | Gets the server random data used in the specified TLS connection.\r | |
655 | \r | |
656 | This function returns the TLS/SSL server random data currently used in\r | |
657 | the specified TLS connection.\r | |
658 | \r | |
659 | @param[in] Tls Pointer to the TLS object.\r | |
660 | @param[in,out] ServerRandom Buffer to contain the returned server\r | |
661 | random data (32 bytes).\r | |
662 | \r | |
663 | **/\r | |
664 | VOID\r | |
665 | EFIAPI\r | |
666 | TlsGetServerRandom (\r | |
667 | IN VOID *Tls,\r | |
668 | IN OUT UINT8 *ServerRandom\r | |
669 | );\r | |
670 | \r | |
671 | /**\r | |
672 | Gets the master key data used in the specified TLS connection.\r | |
673 | \r | |
674 | This function returns the TLS/SSL master key material currently used in\r | |
675 | the specified TLS connection.\r | |
676 | \r | |
677 | @param[in] Tls Pointer to the TLS object.\r | |
678 | @param[in,out] KeyMaterial Buffer to contain the returned key material.\r | |
679 | \r | |
680 | @retval EFI_SUCCESS Key material was returned successfully.\r | |
681 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
682 | @retval EFI_UNSUPPORTED Invalid TLS/SSL session.\r | |
683 | \r | |
684 | **/\r | |
685 | EFI_STATUS\r | |
686 | EFIAPI\r | |
687 | TlsGetKeyMaterial (\r | |
688 | IN VOID *Tls,\r | |
689 | IN OUT UINT8 *KeyMaterial\r | |
690 | );\r | |
691 | \r | |
692 | /**\r | |
693 | Gets the CA Certificate from the cert store.\r | |
694 | \r | |
695 | This function returns the CA certificate for the chosen\r | |
696 | TLS connection.\r | |
697 | \r | |
698 | @param[in] Tls Pointer to the TLS object.\r | |
699 | @param[out] Data Pointer to the data buffer to receive the CA\r | |
700 | certificate data sent to the client.\r | |
701 | @param[in,out] DataSize The size of data buffer in bytes.\r | |
702 | \r | |
703 | @retval EFI_SUCCESS The operation succeeded.\r | |
704 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
705 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.\r | |
706 | \r | |
707 | **/\r | |
708 | EFI_STATUS\r | |
709 | EFIAPI\r | |
710 | TlsGetCaCertificate (\r | |
711 | IN VOID *Tls,\r | |
712 | OUT VOID *Data,\r | |
713 | IN OUT UINTN *DataSize\r | |
714 | );\r | |
715 | \r | |
716 | /**\r | |
717 | Gets the local public Certificate set in the specified TLS object.\r | |
718 | \r | |
719 | This function returns the local public certificate which was currently set\r | |
720 | in the specified TLS object.\r | |
721 | \r | |
722 | @param[in] Tls Pointer to the TLS object.\r | |
723 | @param[out] Data Pointer to the data buffer to receive the local\r | |
724 | public certificate.\r | |
725 | @param[in,out] DataSize The size of data buffer in bytes.\r | |
726 | \r | |
727 | @retval EFI_SUCCESS The operation succeeded.\r | |
728 | @retval EFI_INVALID_PARAMETER The parameter is invalid.\r | |
729 | @retval EFI_NOT_FOUND The certificate is not found.\r | |
730 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.\r | |
731 | \r | |
732 | **/\r | |
733 | EFI_STATUS\r | |
734 | EFIAPI\r | |
735 | TlsGetHostPublicCert (\r | |
736 | IN VOID *Tls,\r | |
737 | OUT VOID *Data,\r | |
738 | IN OUT UINTN *DataSize\r | |
739 | );\r | |
740 | \r | |
741 | /**\r | |
742 | Gets the local private key set in the specified TLS object.\r | |
743 | \r | |
744 | This function returns the local private key data which was currently set\r | |
745 | in the specified TLS object.\r | |
746 | \r | |
747 | @param[in] Tls Pointer to the TLS object.\r | |
748 | @param[out] Data Pointer to the data buffer to receive the local\r | |
749 | private key data.\r | |
750 | @param[in,out] DataSize The size of data buffer in bytes.\r | |
751 | \r | |
752 | @retval EFI_SUCCESS The operation succeeded.\r | |
753 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
754 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.\r | |
755 | \r | |
756 | **/\r | |
757 | EFI_STATUS\r | |
758 | EFIAPI\r | |
759 | TlsGetHostPrivateKey (\r | |
760 | IN VOID *Tls,\r | |
761 | OUT VOID *Data,\r | |
762 | IN OUT UINTN *DataSize\r | |
763 | );\r | |
764 | \r | |
765 | /**\r | |
766 | Gets the CA-supplied certificate revocation list data set in the specified\r | |
767 | TLS object.\r | |
768 | \r | |
769 | This function returns the CA-supplied certificate revocation list data which\r | |
770 | was currently set in the specified TLS object.\r | |
771 | \r | |
772 | @param[out] Data Pointer to the data buffer to receive the CRL data.\r | |
773 | @param[in,out] DataSize The size of data buffer in bytes.\r | |
774 | \r | |
775 | @retval EFI_SUCCESS The operation succeeded.\r | |
776 | @retval EFI_UNSUPPORTED This function is not supported.\r | |
777 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.\r | |
778 | \r | |
779 | **/\r | |
780 | EFI_STATUS\r | |
781 | EFIAPI\r | |
782 | TlsGetCertRevocationList (\r | |
783 | OUT VOID *Data,\r | |
784 | IN OUT UINTN *DataSize\r | |
785 | );\r | |
786 | \r | |
787 | #endif // __TLS_LIB_H__\r | |
788 | \r |