]>
Commit | Line | Data |
---|---|---|
9396cdfe JW |
1 | /** @file |
2 | Defines TLS Library APIs. | |
3 | ||
4 | Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> | |
5 | This program and the accompanying materials | |
6 | are licensed and made available under the terms and conditions of the BSD License | |
7 | which accompanies this distribution. The full text of the license may be found at | |
8 | http://opensource.org/licenses/bsd-license.php | |
9 | ||
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. | |
12 | ||
13 | **/ | |
14 | ||
15 | #ifndef __TLS_LIB_H__ | |
16 | #define __TLS_LIB_H__ | |
17 | ||
18 | /** | |
19 | Initializes the OpenSSL library. | |
20 | ||
21 | This function registers ciphers and digests used directly and indirectly | |
22 | by SSL/TLS, and initializes the readable error messages. | |
23 | This function must be called before any other action takes places. | |
24 | ||
25 | **/ | |
26 | VOID | |
27 | EFIAPI | |
28 | TlsInitialize ( | |
29 | VOID | |
30 | ); | |
31 | ||
32 | /** | |
33 | Free an allocated SSL_CTX object. | |
34 | ||
35 | @param[in] TlsCtx Pointer to the SSL_CTX object to be released. | |
36 | ||
37 | **/ | |
38 | VOID | |
39 | EFIAPI | |
40 | TlsCtxFree ( | |
41 | IN VOID *TlsCtx | |
42 | ); | |
43 | ||
44 | /** | |
45 | Creates a new SSL_CTX object as framework to establish TLS/SSL enabled | |
46 | connections. | |
47 | ||
48 | @param[in] MajorVer Major Version of TLS/SSL Protocol. | |
49 | @param[in] MinorVer Minor Version of TLS/SSL Protocol. | |
50 | ||
51 | @return Pointer to an allocated SSL_CTX object. | |
52 | If the creation failed, TlsCtxNew() returns NULL. | |
53 | ||
54 | **/ | |
55 | VOID * | |
56 | EFIAPI | |
57 | TlsCtxNew ( | |
58 | IN UINT8 MajorVer, | |
59 | IN UINT8 MinorVer | |
60 | ); | |
61 | ||
62 | /** | |
63 | Free an allocated TLS object. | |
64 | ||
65 | This function removes the TLS object pointed to by Tls and frees up the | |
66 | allocated memory. If Tls is NULL, nothing is done. | |
67 | ||
68 | @param[in] Tls Pointer to the TLS object to be freed. | |
69 | ||
70 | **/ | |
71 | VOID | |
72 | EFIAPI | |
73 | TlsFree ( | |
74 | IN VOID *Tls | |
75 | ); | |
76 | ||
77 | /** | |
78 | Create a new TLS object for a connection. | |
79 | ||
80 | This function creates a new TLS object for a connection. The new object | |
81 | inherits the setting of the underlying context TlsCtx: connection method, | |
82 | options, verification setting. | |
83 | ||
84 | @param[in] TlsCtx Pointer to the SSL_CTX object. | |
85 | ||
86 | @return Pointer to an allocated SSL object. | |
87 | If the creation failed, TlsNew() returns NULL. | |
88 | ||
89 | **/ | |
90 | VOID * | |
91 | EFIAPI | |
92 | TlsNew ( | |
93 | IN VOID *TlsCtx | |
94 | ); | |
95 | ||
96 | /** | |
97 | Checks if the TLS handshake was done. | |
98 | ||
99 | This function will check if the specified TLS handshake was done. | |
100 | ||
101 | @param[in] Tls Pointer to the TLS object for handshake state checking. | |
102 | ||
103 | @retval TRUE The TLS handshake was done. | |
104 | @retval FALSE The TLS handshake was not done. | |
105 | ||
106 | **/ | |
107 | BOOLEAN | |
108 | EFIAPI | |
109 | TlsInHandshake ( | |
110 | IN VOID *Tls | |
111 | ); | |
112 | ||
113 | /** | |
114 | Perform a TLS/SSL handshake. | |
115 | ||
116 | This function will perform a TLS/SSL handshake. | |
117 | ||
118 | @param[in] Tls Pointer to the TLS object for handshake operation. | |
119 | @param[in] BufferIn Pointer to the most recently received TLS Handshake packet. | |
120 | @param[in] BufferInSize Packet size in bytes for the most recently received TLS | |
121 | Handshake packet. | |
122 | @param[out] BufferOut Pointer to the buffer to hold the built packet. | |
123 | @param[in, out] BufferOutSize Pointer to the buffer size in bytes. On input, it is | |
124 | the buffer size provided by the caller. On output, it | |
125 | is the buffer size in fact needed to contain the | |
126 | packet. | |
127 | ||
128 | @retval EFI_SUCCESS The required TLS packet is built successfully. | |
129 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: | |
130 | Tls is NULL. | |
131 | BufferIn is NULL but BufferInSize is NOT 0. | |
132 | BufferInSize is 0 but BufferIn is NOT NULL. | |
133 | BufferOutSize is NULL. | |
134 | BufferOut is NULL if *BufferOutSize is not zero. | |
135 | @retval EFI_BUFFER_TOO_SMALL BufferOutSize is too small to hold the response packet. | |
136 | @retval EFI_ABORTED Something wrong during handshake. | |
137 | ||
138 | **/ | |
139 | EFI_STATUS | |
140 | EFIAPI | |
141 | TlsDoHandshake ( | |
142 | IN VOID *Tls, | |
143 | IN UINT8 *BufferIn, OPTIONAL | |
144 | IN UINTN BufferInSize, OPTIONAL | |
145 | OUT UINT8 *BufferOut, OPTIONAL | |
146 | IN OUT UINTN *BufferOutSize | |
147 | ); | |
148 | ||
149 | /** | |
150 | Handle Alert message recorded in BufferIn. If BufferIn is NULL and BufferInSize is zero, | |
151 | TLS session has errors and the response packet needs to be Alert message based on error type. | |
152 | ||
153 | @param[in] Tls Pointer to the TLS object for state checking. | |
154 | @param[in] BufferIn Pointer to the most recently received TLS Alert packet. | |
155 | @param[in] BufferInSize Packet size in bytes for the most recently received TLS | |
156 | Alert packet. | |
157 | @param[out] BufferOut Pointer to the buffer to hold the built packet. | |
158 | @param[in, out] BufferOutSize Pointer to the buffer size in bytes. On input, it is | |
159 | the buffer size provided by the caller. On output, it | |
160 | is the buffer size in fact needed to contain the | |
161 | packet. | |
162 | ||
163 | @retval EFI_SUCCESS The required TLS packet is built successfully. | |
164 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: | |
165 | Tls is NULL. | |
166 | BufferIn is NULL but BufferInSize is NOT 0. | |
167 | BufferInSize is 0 but BufferIn is NOT NULL. | |
168 | BufferOutSize is NULL. | |
169 | BufferOut is NULL if *BufferOutSize is not zero. | |
170 | @retval EFI_ABORTED An error occurred. | |
171 | @retval EFI_BUFFER_TOO_SMALL BufferOutSize is too small to hold the response packet. | |
172 | ||
173 | **/ | |
174 | EFI_STATUS | |
175 | EFIAPI | |
176 | TlsHandleAlert ( | |
177 | IN VOID *Tls, | |
178 | IN UINT8 *BufferIn, OPTIONAL | |
179 | IN UINTN BufferInSize, OPTIONAL | |
180 | OUT UINT8 *BufferOut, OPTIONAL | |
181 | IN OUT UINTN *BufferOutSize | |
182 | ); | |
183 | ||
184 | /** | |
185 | Build the CloseNotify packet. | |
186 | ||
187 | @param[in] Tls Pointer to the TLS object for state checking. | |
188 | @param[in, out] Buffer Pointer to the buffer to hold the built packet. | |
189 | @param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is | |
190 | the buffer size provided by the caller. On output, it | |
191 | is the buffer size in fact needed to contain the | |
192 | packet. | |
193 | ||
194 | @retval EFI_SUCCESS The required TLS packet is built successfully. | |
195 | @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE: | |
196 | Tls is NULL. | |
197 | BufferSize is NULL. | |
198 | Buffer is NULL if *BufferSize is not zero. | |
199 | @retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet. | |
200 | ||
201 | **/ | |
202 | EFI_STATUS | |
203 | EFIAPI | |
204 | TlsCloseNotify ( | |
205 | IN VOID *Tls, | |
206 | IN OUT UINT8 *Buffer, | |
207 | IN OUT UINTN *BufferSize | |
208 | ); | |
209 | ||
210 | /** | |
211 | Attempts to read bytes from one TLS object and places the data in Buffer. | |
212 | ||
213 | This function will attempt to read BufferSize bytes from the TLS object | |
214 | and places the data in Buffer. | |
215 | ||
216 | @param[in] Tls Pointer to the TLS object. | |
217 | @param[in,out] Buffer Pointer to the buffer to store the data. | |
218 | @param[in] BufferSize The size of Buffer in bytes. | |
219 | ||
220 | @retval >0 The amount of data successfully read from the TLS object. | |
221 | @retval <=0 No data was successfully read. | |
222 | ||
223 | **/ | |
224 | INTN | |
225 | EFIAPI | |
226 | TlsCtrlTrafficOut ( | |
227 | IN VOID *Tls, | |
228 | IN OUT VOID *Buffer, | |
229 | IN UINTN BufferSize | |
230 | ); | |
231 | ||
232 | /** | |
233 | Attempts to write data from the buffer to TLS object. | |
234 | ||
235 | This function will attempt to write BufferSize bytes data from the Buffer | |
236 | to the TLS object. | |
237 | ||
238 | @param[in] Tls Pointer to the TLS object. | |
239 | @param[in] Buffer Pointer to the data buffer. | |
240 | @param[in] BufferSize The size of Buffer in bytes. | |
241 | ||
242 | @retval >0 The amount of data successfully written to the TLS object. | |
243 | @retval <=0 No data was successfully written. | |
244 | ||
245 | **/ | |
246 | INTN | |
247 | EFIAPI | |
248 | TlsCtrlTrafficIn ( | |
249 | IN VOID *Tls, | |
250 | IN VOID *Buffer, | |
251 | IN UINTN BufferSize | |
252 | ); | |
253 | ||
254 | /** | |
255 | Attempts to read bytes from the specified TLS connection into the buffer. | |
256 | ||
257 | This function tries to read BufferSize bytes data from the specified TLS | |
258 | connection into the Buffer. | |
259 | ||
260 | @param[in] Tls Pointer to the TLS connection for data reading. | |
261 | @param[in,out] Buffer Pointer to the data buffer. | |
262 | @param[in] BufferSize The size of Buffer in bytes. | |
263 | ||
264 | @retval >0 The read operation was successful, and return value is the | |
265 | number of bytes actually read from the TLS connection. | |
266 | @retval <=0 The read operation was not successful. | |
267 | ||
268 | **/ | |
269 | INTN | |
270 | EFIAPI | |
271 | TlsRead ( | |
272 | IN VOID *Tls, | |
273 | IN OUT VOID *Buffer, | |
274 | IN UINTN BufferSize | |
275 | ); | |
276 | ||
277 | /** | |
278 | Attempts to write data to a TLS connection. | |
279 | ||
280 | This function tries to write BufferSize bytes data from the Buffer into the | |
281 | specified TLS connection. | |
282 | ||
283 | @param[in] Tls Pointer to the TLS connection for data writing. | |
284 | @param[in] Buffer Pointer to the data buffer. | |
285 | @param[in] BufferSize The size of Buffer in bytes. | |
286 | ||
287 | @retval >0 The write operation was successful, and return value is the | |
288 | number of bytes actually written to the TLS connection. | |
289 | @retval <=0 The write operation was not successful. | |
290 | ||
291 | **/ | |
292 | INTN | |
293 | EFIAPI | |
294 | TlsWrite ( | |
295 | IN VOID *Tls, | |
296 | IN VOID *Buffer, | |
297 | IN UINTN BufferSize | |
298 | ); | |
299 | ||
300 | /** | |
301 | Set a new TLS/SSL method for a particular TLS object. | |
302 | ||
303 | This function sets a new TLS/SSL method for a particular TLS object. | |
304 | ||
305 | @param[in] Tls Pointer to a TLS object. | |
306 | @param[in] MajorVer Major Version of TLS/SSL Protocol. | |
307 | @param[in] MinorVer Minor Version of TLS/SSL Protocol. | |
308 | ||
309 | @retval EFI_SUCCESS The TLS/SSL method was set successfully. | |
310 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
311 | @retval EFI_UNSUPPORTED Unsupported TLS/SSL method. | |
312 | ||
313 | **/ | |
314 | EFI_STATUS | |
315 | EFIAPI | |
316 | TlsSetVersion ( | |
317 | IN VOID *Tls, | |
318 | IN UINT8 MajorVer, | |
319 | IN UINT8 MinorVer | |
320 | ); | |
321 | ||
322 | /** | |
323 | Set TLS object to work in client or server mode. | |
324 | ||
325 | This function prepares a TLS object to work in client or server mode. | |
326 | ||
327 | @param[in] Tls Pointer to a TLS object. | |
328 | @param[in] IsServer Work in server mode. | |
329 | ||
330 | @retval EFI_SUCCESS The TLS/SSL work mode was set successfully. | |
331 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
332 | @retval EFI_UNSUPPORTED Unsupported TLS/SSL work mode. | |
333 | ||
334 | **/ | |
335 | EFI_STATUS | |
336 | EFIAPI | |
337 | TlsSetConnectionEnd ( | |
338 | IN VOID *Tls, | |
339 | IN BOOLEAN IsServer | |
340 | ); | |
341 | ||
342 | /** | |
343 | Set the ciphers list to be used by the TLS object. | |
344 | ||
345 | This function sets the ciphers for use by a specified TLS object. | |
346 | ||
347 | @param[in] Tls Pointer to a TLS object. | |
348 | @param[in] CipherId Pointer to a string that contains one or more | |
349 | ciphers separated by a colon. | |
350 | @param[in] CipherNum The number of cipher in the list. | |
351 | ||
352 | @retval EFI_SUCCESS The ciphers list was set successfully. | |
353 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
354 | @retval EFI_UNSUPPORTED Unsupported TLS cipher in the list. | |
355 | ||
356 | **/ | |
357 | EFI_STATUS | |
358 | EFIAPI | |
359 | TlsSetCipherList ( | |
360 | IN VOID *Tls, | |
361 | IN UINT16 *CipherId, | |
362 | IN UINTN CipherNum | |
363 | ); | |
364 | ||
365 | /** | |
366 | Set the compression method for TLS/SSL operations. | |
367 | ||
368 | This function handles TLS/SSL integrated compression methods. | |
369 | ||
370 | @param[in] CompMethod The compression method ID. | |
371 | ||
372 | @retval EFI_SUCCESS The compression method for the communication was | |
373 | set successfully. | |
374 | @retval EFI_UNSUPPORTED Unsupported compression method. | |
375 | ||
376 | **/ | |
377 | EFI_STATUS | |
378 | EFIAPI | |
379 | TlsSetCompressionMethod ( | |
380 | IN UINT8 CompMethod | |
381 | ); | |
382 | ||
383 | /** | |
384 | Set peer certificate verification mode for the TLS connection. | |
385 | ||
386 | This function sets the verification mode flags for the TLS connection. | |
387 | ||
388 | @param[in] Tls Pointer to the TLS object. | |
389 | @param[in] VerifyMode A set of logically or'ed verification mode flags. | |
390 | ||
391 | **/ | |
392 | VOID | |
393 | EFIAPI | |
394 | TlsSetVerify ( | |
395 | IN VOID *Tls, | |
396 | IN UINT32 VerifyMode | |
397 | ); | |
398 | ||
399 | /** | |
400 | Sets a TLS/SSL session ID to be used during TLS/SSL connect. | |
401 | ||
402 | This function sets a session ID to be used when the TLS/SSL connection is | |
403 | to be established. | |
404 | ||
405 | @param[in] Tls Pointer to the TLS object. | |
406 | @param[in] SessionId Session ID data used for session resumption. | |
407 | @param[in] SessionIdLen Length of Session ID in bytes. | |
408 | ||
409 | @retval EFI_SUCCESS Session ID was set successfully. | |
410 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
411 | @retval EFI_UNSUPPORTED No available session for ID setting. | |
412 | ||
413 | **/ | |
414 | EFI_STATUS | |
415 | EFIAPI | |
416 | TlsSetSessionId ( | |
417 | IN VOID *Tls, | |
418 | IN UINT8 *SessionId, | |
419 | IN UINT16 SessionIdLen | |
420 | ); | |
421 | ||
422 | /** | |
423 | Adds the CA to the cert store when requesting Server or Client authentication. | |
424 | ||
425 | This function adds the CA certificate to the list of CAs when requesting | |
426 | Server or Client authentication for the chosen TLS connection. | |
427 | ||
428 | @param[in] Tls Pointer to the TLS object. | |
429 | @param[in] Data Pointer to the data buffer of a DER-encoded binary | |
430 | X.509 certificate or PEM-encoded X.509 certificate. | |
431 | @param[in] DataSize The size of data buffer in bytes. | |
432 | ||
433 | @retval EFI_SUCCESS The operation succeeded. | |
434 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
435 | @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated. | |
436 | @retval EFI_ABORTED Invalid X.509 certificate. | |
437 | ||
438 | **/ | |
439 | EFI_STATUS | |
440 | EFIAPI | |
441 | TlsSetCaCertificate ( | |
442 | IN VOID *Tls, | |
443 | IN VOID *Data, | |
444 | IN UINTN DataSize | |
445 | ); | |
446 | ||
447 | /** | |
448 | Loads the local public certificate into the specified TLS object. | |
449 | ||
450 | This function loads the X.509 certificate into the specified TLS object | |
451 | for TLS negotiation. | |
452 | ||
453 | @param[in] Tls Pointer to the TLS object. | |
454 | @param[in] Data Pointer to the data buffer of a DER-encoded binary | |
455 | X.509 certificate or PEM-encoded X.509 certificate. | |
456 | @param[in] DataSize The size of data buffer in bytes. | |
457 | ||
458 | @retval EFI_SUCCESS The operation succeeded. | |
459 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
460 | @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated. | |
461 | @retval EFI_ABORTED Invalid X.509 certificate. | |
462 | ||
463 | **/ | |
464 | EFI_STATUS | |
465 | EFIAPI | |
466 | TlsSetHostPublicCert ( | |
467 | IN VOID *Tls, | |
468 | IN VOID *Data, | |
469 | IN UINTN DataSize | |
470 | ); | |
471 | ||
472 | /** | |
473 | Adds the local private key to the specified TLS object. | |
474 | ||
475 | This function adds the local private key (PEM-encoded RSA or PKCS#8 private | |
476 | key) into the specified TLS object for TLS negotiation. | |
477 | ||
478 | @param[in] Tls Pointer to the TLS object. | |
479 | @param[in] Data Pointer to the data buffer of a PEM-encoded RSA | |
480 | or PKCS#8 private key. | |
481 | @param[in] DataSize The size of data buffer in bytes. | |
482 | ||
483 | @retval EFI_SUCCESS The operation succeeded. | |
484 | @retval EFI_UNSUPPORTED This function is not supported. | |
485 | @retval EFI_ABORTED Invalid private key data. | |
486 | ||
487 | **/ | |
488 | EFI_STATUS | |
489 | EFIAPI | |
490 | TlsSetHostPrivateKey ( | |
491 | IN VOID *Tls, | |
492 | IN VOID *Data, | |
493 | IN UINTN DataSize | |
494 | ); | |
495 | ||
496 | /** | |
497 | Adds the CA-supplied certificate revocation list for certificate validation. | |
498 | ||
499 | This function adds the CA-supplied certificate revocation list data for | |
500 | certificate validity checking. | |
501 | ||
502 | @param[in] Data Pointer to the data buffer of a DER-encoded CRL data. | |
503 | @param[in] DataSize The size of data buffer in bytes. | |
504 | ||
505 | @retval EFI_SUCCESS The operation succeeded. | |
506 | @retval EFI_UNSUPPORTED This function is not supported. | |
507 | @retval EFI_ABORTED Invalid CRL data. | |
508 | ||
509 | **/ | |
510 | EFI_STATUS | |
511 | EFIAPI | |
512 | TlsSetCertRevocationList ( | |
513 | IN VOID *Data, | |
514 | IN UINTN DataSize | |
515 | ); | |
516 | ||
517 | /** | |
518 | Gets the protocol version used by the specified TLS connection. | |
519 | ||
520 | This function returns the protocol version used by the specified TLS | |
521 | connection. | |
522 | ||
523 | @param[in] Tls Pointer to the TLS object. | |
524 | ||
525 | @return The protocol version of the specified TLS connection. | |
526 | ||
527 | **/ | |
528 | UINT16 | |
529 | EFIAPI | |
530 | TlsGetVersion ( | |
531 | IN VOID *Tls | |
532 | ); | |
533 | ||
534 | /** | |
535 | Gets the connection end of the specified TLS connection. | |
536 | ||
537 | This function returns the connection end (as client or as server) used by | |
538 | the specified TLS connection. | |
539 | ||
540 | @param[in] Tls Pointer to the TLS object. | |
541 | ||
542 | @return The connection end used by the specified TLS connection. | |
543 | ||
544 | **/ | |
545 | UINT8 | |
546 | EFIAPI | |
547 | TlsGetConnectionEnd ( | |
548 | IN VOID *Tls | |
549 | ); | |
550 | ||
551 | /** | |
552 | Gets the cipher suite used by the specified TLS connection. | |
553 | ||
554 | This function returns current cipher suite used by the specified | |
555 | TLS connection. | |
556 | ||
557 | @param[in] Tls Pointer to the TLS object. | |
558 | @param[in,out] CipherId The cipher suite used by the TLS object. | |
559 | ||
560 | @retval EFI_SUCCESS The cipher suite was returned successfully. | |
561 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
562 | @retval EFI_UNSUPPORTED Unsupported cipher suite. | |
563 | ||
564 | **/ | |
565 | EFI_STATUS | |
566 | EFIAPI | |
567 | TlsGetCurrentCipher ( | |
568 | IN VOID *Tls, | |
569 | IN OUT UINT16 *CipherId | |
570 | ); | |
571 | ||
572 | /** | |
573 | Gets the compression methods used by the specified TLS connection. | |
574 | ||
575 | This function returns current integrated compression methods used by | |
576 | the specified TLS connection. | |
577 | ||
578 | @param[in] Tls Pointer to the TLS object. | |
579 | @param[in,out] CompressionId The current compression method used by | |
580 | the TLS object. | |
581 | ||
582 | @retval EFI_SUCCESS The compression method was returned successfully. | |
583 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
584 | @retval EFI_ABORTED Invalid Compression method. | |
585 | @retval EFI_UNSUPPORTED This function is not supported. | |
586 | ||
587 | **/ | |
588 | EFI_STATUS | |
589 | EFIAPI | |
590 | TlsGetCurrentCompressionId ( | |
591 | IN VOID *Tls, | |
592 | IN OUT UINT8 *CompressionId | |
593 | ); | |
594 | ||
595 | /** | |
596 | Gets the verification mode currently set in the TLS connection. | |
597 | ||
598 | This function returns the peer verification mode currently set in the | |
599 | specified TLS connection. | |
600 | ||
601 | @param[in] Tls Pointer to the TLS object. | |
602 | ||
603 | @return The verification mode set in the specified TLS connection. | |
604 | ||
605 | **/ | |
606 | UINT32 | |
607 | EFIAPI | |
608 | TlsGetVerify ( | |
609 | IN VOID *Tls | |
610 | ); | |
611 | ||
612 | /** | |
613 | Gets the session ID used by the specified TLS connection. | |
614 | ||
615 | This function returns the TLS/SSL session ID currently used by the | |
616 | specified TLS connection. | |
617 | ||
618 | @param[in] Tls Pointer to the TLS object. | |
619 | @param[in,out] SessionId Buffer to contain the returned session ID. | |
620 | @param[in,out] SessionIdLen The length of Session ID in bytes. | |
621 | ||
622 | @retval EFI_SUCCESS The Session ID was returned successfully. | |
623 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
624 | @retval EFI_UNSUPPORTED Invalid TLS/SSL session. | |
625 | ||
626 | **/ | |
627 | EFI_STATUS | |
628 | EFIAPI | |
629 | TlsGetSessionId ( | |
630 | IN VOID *Tls, | |
631 | IN OUT UINT8 *SessionId, | |
632 | IN OUT UINT16 *SessionIdLen | |
633 | ); | |
634 | ||
635 | /** | |
636 | Gets the client random data used in the specified TLS connection. | |
637 | ||
638 | This function returns the TLS/SSL client random data currently used in | |
639 | the specified TLS connection. | |
640 | ||
641 | @param[in] Tls Pointer to the TLS object. | |
642 | @param[in,out] ClientRandom Buffer to contain the returned client | |
643 | random data (32 bytes). | |
644 | ||
645 | **/ | |
646 | VOID | |
647 | EFIAPI | |
648 | TlsGetClientRandom ( | |
649 | IN VOID *Tls, | |
650 | IN OUT UINT8 *ClientRandom | |
651 | ); | |
652 | ||
653 | /** | |
654 | Gets the server random data used in the specified TLS connection. | |
655 | ||
656 | This function returns the TLS/SSL server random data currently used in | |
657 | the specified TLS connection. | |
658 | ||
659 | @param[in] Tls Pointer to the TLS object. | |
660 | @param[in,out] ServerRandom Buffer to contain the returned server | |
661 | random data (32 bytes). | |
662 | ||
663 | **/ | |
664 | VOID | |
665 | EFIAPI | |
666 | TlsGetServerRandom ( | |
667 | IN VOID *Tls, | |
668 | IN OUT UINT8 *ServerRandom | |
669 | ); | |
670 | ||
671 | /** | |
672 | Gets the master key data used in the specified TLS connection. | |
673 | ||
674 | This function returns the TLS/SSL master key material currently used in | |
675 | the specified TLS connection. | |
676 | ||
677 | @param[in] Tls Pointer to the TLS object. | |
678 | @param[in,out] KeyMaterial Buffer to contain the returned key material. | |
679 | ||
680 | @retval EFI_SUCCESS Key material was returned successfully. | |
681 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
682 | @retval EFI_UNSUPPORTED Invalid TLS/SSL session. | |
683 | ||
684 | **/ | |
685 | EFI_STATUS | |
686 | EFIAPI | |
687 | TlsGetKeyMaterial ( | |
688 | IN VOID *Tls, | |
689 | IN OUT UINT8 *KeyMaterial | |
690 | ); | |
691 | ||
692 | /** | |
693 | Gets the CA Certificate from the cert store. | |
694 | ||
695 | This function returns the CA certificate for the chosen | |
696 | TLS connection. | |
697 | ||
698 | @param[in] Tls Pointer to the TLS object. | |
699 | @param[out] Data Pointer to the data buffer to receive the CA | |
700 | certificate data sent to the client. | |
701 | @param[in,out] DataSize The size of data buffer in bytes. | |
702 | ||
703 | @retval EFI_SUCCESS The operation succeeded. | |
704 | @retval EFI_UNSUPPORTED This function is not supported. | |
705 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data. | |
706 | ||
707 | **/ | |
708 | EFI_STATUS | |
709 | EFIAPI | |
710 | TlsGetCaCertificate ( | |
711 | IN VOID *Tls, | |
712 | OUT VOID *Data, | |
713 | IN OUT UINTN *DataSize | |
714 | ); | |
715 | ||
716 | /** | |
717 | Gets the local public Certificate set in the specified TLS object. | |
718 | ||
719 | This function returns the local public certificate which was currently set | |
720 | in the specified TLS object. | |
721 | ||
722 | @param[in] Tls Pointer to the TLS object. | |
723 | @param[out] Data Pointer to the data buffer to receive the local | |
724 | public certificate. | |
725 | @param[in,out] DataSize The size of data buffer in bytes. | |
726 | ||
727 | @retval EFI_SUCCESS The operation succeeded. | |
728 | @retval EFI_INVALID_PARAMETER The parameter is invalid. | |
729 | @retval EFI_NOT_FOUND The certificate is not found. | |
730 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data. | |
731 | ||
732 | **/ | |
733 | EFI_STATUS | |
734 | EFIAPI | |
735 | TlsGetHostPublicCert ( | |
736 | IN VOID *Tls, | |
737 | OUT VOID *Data, | |
738 | IN OUT UINTN *DataSize | |
739 | ); | |
740 | ||
741 | /** | |
742 | Gets the local private key set in the specified TLS object. | |
743 | ||
744 | This function returns the local private key data which was currently set | |
745 | in the specified TLS object. | |
746 | ||
747 | @param[in] Tls Pointer to the TLS object. | |
748 | @param[out] Data Pointer to the data buffer to receive the local | |
749 | private key data. | |
750 | @param[in,out] DataSize The size of data buffer in bytes. | |
751 | ||
752 | @retval EFI_SUCCESS The operation succeeded. | |
753 | @retval EFI_UNSUPPORTED This function is not supported. | |
754 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data. | |
755 | ||
756 | **/ | |
757 | EFI_STATUS | |
758 | EFIAPI | |
759 | TlsGetHostPrivateKey ( | |
760 | IN VOID *Tls, | |
761 | OUT VOID *Data, | |
762 | IN OUT UINTN *DataSize | |
763 | ); | |
764 | ||
765 | /** | |
766 | Gets the CA-supplied certificate revocation list data set in the specified | |
767 | TLS object. | |
768 | ||
769 | This function returns the CA-supplied certificate revocation list data which | |
770 | was currently set in the specified TLS object. | |
771 | ||
772 | @param[out] Data Pointer to the data buffer to receive the CRL data. | |
773 | @param[in,out] DataSize The size of data buffer in bytes. | |
774 | ||
775 | @retval EFI_SUCCESS The operation succeeded. | |
776 | @retval EFI_UNSUPPORTED This function is not supported. | |
777 | @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data. | |
778 | ||
779 | **/ | |
780 | EFI_STATUS | |
781 | EFIAPI | |
782 | TlsGetCertRevocationList ( | |
783 | OUT VOID *Data, | |
784 | IN OUT UINTN *DataSize | |
785 | ); | |
786 | ||
787 | #endif // __TLS_LIB_H__ |