[mirror_edk2.git] / NetworkPkg / TlsAuthConfigDxe / TlsAuthConfigImpl.c

/** @file\r
  The Miscellaneous Routines for TlsAuthConfigDxe driver.\r
\r
Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "TlsAuthConfigImpl.h"\r
\r
VOID                *mStartOpCodeHandle = NULL;\r
VOID                *mEndOpCodeHandle   = NULL;\r
EFI_IFR_GUID_LABEL  *mStartLabel        = NULL;\r
EFI_IFR_GUID_LABEL  *mEndLabel          = NULL;\r
\r
CHAR16  mTlsAuthConfigStorageName[] = L"TLS_AUTH_CONFIG_IFR_NVDATA";\r
\r
TLS_AUTH_CONFIG_PRIVATE_DATA  *mTlsAuthPrivateData = NULL;\r
\r
HII_VENDOR_DEVICE_PATH  mTlsAuthConfigHiiVendorDevicePath = {\r
  {\r
    {\r
      HARDWARE_DEVICE_PATH,\r
      HW_VENDOR_DP,\r
      {\r
        (UINT8)(sizeof (VENDOR_DEVICE_PATH)),\r
        (UINT8)((sizeof (VENDOR_DEVICE_PATH)) >> 8)\r
      }\r
    },\r
    TLS_AUTH_CONFIG_GUID\r
  },\r
  {\r
    END_DEVICE_PATH_TYPE,\r
    END_ENTIRE_DEVICE_PATH_SUBTYPE,\r
    {\r
      (UINT8)(END_DEVICE_PATH_LENGTH),\r
      (UINT8)((END_DEVICE_PATH_LENGTH) >> 8)\r
    }\r
  }\r
};\r
\r
//\r
// Possible DER-encoded certificate file suffixes, end with NULL pointer.\r
//\r
CHAR16  *mDerPemEncodedSuffix[] = {\r
  L".cer",\r
  L".der",\r
  L".crt",\r
  L".pem",\r
  NULL\r
};\r
\r
/**\r
  This code checks if the FileSuffix is one of the possible DER/PEM-encoded certificate suffix.\r
\r
  @param[in] FileSuffix            The suffix of the input certificate file\r
\r
  @retval    TRUE           It's a DER/PEM-encoded certificate.\r
  @retval    FALSE          It's NOT a DER/PEM-encoded certificate.\r
\r
**/\r
BOOLEAN\r
IsDerPemEncodeCertificate (\r
  IN CONST CHAR16  *FileSuffix\r
  )\r
{\r
  UINTN  Index;\r
\r
  for (Index = 0; mDerPemEncodedSuffix[Index] != NULL; Index++) {\r
    if (StrCmp (FileSuffix, mDerPemEncodedSuffix[Index]) == 0) {\r
      return TRUE;\r
    }\r
  }\r
\r
  return FALSE;\r
}\r
\r
/**\r
  Worker function that prints an EFI_GUID into specified Buffer.\r
\r
  @param[in]     Guid          Pointer to GUID to print.\r
  @param[in]     Buffer        Buffer to print Guid into.\r
  @param[in]     BufferSize    Size of Buffer.\r
\r
  @retval    Number of characters printed.\r
\r
**/\r
UINTN\r
GuidToString (\r
  IN  EFI_GUID  *Guid,\r
  IN  CHAR16    *Buffer,\r
  IN  UINTN     BufferSize\r
  )\r
{\r
  return UnicodeSPrint (\r
           Buffer,\r
           BufferSize,\r
           L"%g",\r
           Guid\r
           );\r
}\r
\r
/**\r
  List all cert in specified database by GUID in the page\r
  for user to select and delete as needed.\r
\r
  @param[in]    PrivateData         Module's private data.\r
  @param[in]    VariableName        The variable name of the vendor's signature database.\r
  @param[in]    VendorGuid          A unique identifier for the vendor.\r
  @param[in]    LabelNumber         Label number to insert opcodes.\r
  @param[in]    FormId              Form ID of current page.\r
  @param[in]    QuestionIdBase      Base question id of the signature list.\r
\r
  @retval   EFI_SUCCESS             Success to update the signature list page\r
  @retval   EFI_OUT_OF_RESOURCES    Unable to allocate required resources.\r
\r
**/\r
EFI_STATUS\r
UpdateDeletePage (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private,\r
  IN CHAR16                        *VariableName,\r
  IN EFI_GUID                      *VendorGuid,\r
  IN UINT16                        LabelNumber,\r
  IN EFI_FORM_ID                   FormId,\r
  IN EFI_QUESTION_ID               QuestionIdBase\r
  )\r
{\r
  EFI_STATUS          Status;\r
  UINT32              Index;\r
  UINTN               CertCount;\r
  UINTN               GuidIndex;\r
  VOID                *StartOpCodeHandle;\r
  VOID                *EndOpCodeHandle;\r
  EFI_IFR_GUID_LABEL  *StartLabel;\r
  EFI_IFR_GUID_LABEL  *EndLabel;\r
  UINTN               DataSize;\r
  UINT8               *Data;\r
  EFI_SIGNATURE_LIST  *CertList;\r
  EFI_SIGNATURE_DATA  *Cert;\r
  UINT32              ItemDataSize;\r
  CHAR16              *GuidStr;\r
  EFI_STRING_ID       GuidID;\r
  EFI_STRING_ID       Help;\r
\r
  Data              = NULL;\r
  CertList          = NULL;\r
  Cert              = NULL;\r
  GuidStr           = NULL;\r
  StartOpCodeHandle = NULL;\r
  EndOpCodeHandle   = NULL;\r
\r
  //\r
  // Initialize the container for dynamic opcodes.\r
  //\r
  StartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
  if (StartOpCodeHandle == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  EndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
  if (EndOpCodeHandle == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Create Hii Extend Label OpCode.\r
  //\r
  StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (\r
                                       StartOpCodeHandle,\r
                                       &gEfiIfrTianoGuid,\r
                                       NULL,\r
                                       sizeof (EFI_IFR_GUID_LABEL)\r
                                       );\r
  StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
  StartLabel->Number       = LabelNumber;\r
\r
  EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (\r
                                     EndOpCodeHandle,\r
                                     &gEfiIfrTianoGuid,\r
                                     NULL,\r
                                     sizeof (EFI_IFR_GUID_LABEL)\r
                                     );\r
  EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
  EndLabel->Number       = LABEL_END;\r
\r
  //\r
  // Read Variable.\r
  //\r
  DataSize = 0;\r
  Status   = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
  if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {\r
    goto ON_EXIT;\r
  }\r
\r
  Data = (UINT8 *)AllocateZeroPool (DataSize);\r
  if (Data == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  GuidStr = AllocateZeroPool (100);\r
  if (GuidStr == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Enumerate all data.\r
  //\r
  ItemDataSize = (UINT32)DataSize;\r
  CertList     = (EFI_SIGNATURE_LIST *)Data;\r
  GuidIndex    = 0;\r
\r
  while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
    if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
      Help = STRING_TOKEN (STR_CERT_TYPE_PCKS_GUID);\r
    } else {\r
      //\r
      // The signature type is not supported in current implementation.\r
      //\r
      ItemDataSize -= CertList->SignatureListSize;\r
      CertList      = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
      continue;\r
    }\r
\r
    CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
    for (Index = 0; Index < CertCount; Index++) {\r
      Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList\r
                                    + sizeof (EFI_SIGNATURE_LIST)\r
                                    + CertList->SignatureHeaderSize\r
                                    + Index * CertList->SignatureSize);\r
      //\r
      // Display GUID and help\r
      //\r
      GuidToString (&Cert->SignatureOwner, GuidStr, 100);\r
      GuidID = HiiSetString (Private->RegisteredHandle, 0, GuidStr, NULL);\r
      HiiCreateCheckBoxOpCode (\r
        StartOpCodeHandle,\r
        (EFI_QUESTION_ID)(QuestionIdBase + GuidIndex++),\r
        0,\r
        0,\r
        GuidID,\r
        Help,\r
        EFI_IFR_FLAG_CALLBACK,\r
        0,\r
        NULL\r
        );\r
    }\r
\r
    ItemDataSize -= CertList->SignatureListSize;\r
    CertList      = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
  }\r
\r
ON_EXIT:\r
  HiiUpdateForm (\r
    Private->RegisteredHandle,\r
    &gTlsAuthConfigGuid,\r
    FormId,\r
    StartOpCodeHandle,\r
    EndOpCodeHandle\r
    );\r
\r
  if (StartOpCodeHandle != NULL) {\r
    HiiFreeOpCodeHandle (StartOpCodeHandle);\r
  }\r
\r
  if (EndOpCodeHandle != NULL) {\r
    HiiFreeOpCodeHandle (EndOpCodeHandle);\r
  }\r
\r
  if (Data != NULL) {\r
    FreePool (Data);\r
  }\r
\r
  if (GuidStr != NULL) {\r
    FreePool (GuidStr);\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Delete one entry from cert database.\r
\r
  @param[in]    Private             Module's private data.\r
  @param[in]    VariableName        The variable name of the database.\r
  @param[in]    VendorGuid          A unique identifier for the vendor.\r
  @param[in]    LabelNumber         Label number to insert opcodes.\r
  @param[in]    FormId              Form ID of current page.\r
  @param[in]    QuestionIdBase      Base question id of the cert list.\r
  @param[in]    DeleteIndex         Cert index to delete.\r
\r
  @retval   EFI_SUCCESS             Delete signature successfully.\r
  @retval   EFI_NOT_FOUND           Can't find the signature item,\r
  @retval   EFI_OUT_OF_RESOURCES    Could not allocate needed resources.\r
**/\r
EFI_STATUS\r
DeleteCert (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private,\r
  IN CHAR16                        *VariableName,\r
  IN EFI_GUID                      *VendorGuid,\r
  IN UINT16                        LabelNumber,\r
  IN EFI_FORM_ID                   FormId,\r
  IN EFI_QUESTION_ID               QuestionIdBase,\r
  IN UINTN                         DeleteIndex\r
  )\r
{\r
  EFI_STATUS          Status;\r
  UINTN               DataSize;\r
  UINT8               *Data;\r
  UINT8               *OldData;\r
  UINT32              Attr;\r
  UINT32              Index;\r
  EFI_SIGNATURE_LIST  *CertList;\r
  EFI_SIGNATURE_LIST  *NewCertList;\r
  EFI_SIGNATURE_DATA  *Cert;\r
  UINTN               CertCount;\r
  UINT32              Offset;\r
  BOOLEAN             IsItemFound;\r
  UINT32              ItemDataSize;\r
  UINTN               GuidIndex;\r
\r
  Data     = NULL;\r
  OldData  = NULL;\r
  CertList = NULL;\r
  Cert     = NULL;\r
  Attr     = 0;\r
\r
  //\r
  // Get original signature list data.\r
  //\r
  DataSize = 0;\r
  Status   = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);\r
  if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {\r
    goto ON_EXIT;\r
  }\r
\r
  OldData = (UINT8 *)AllocateZeroPool (DataSize);\r
  if (OldData == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Allocate space for new variable.\r
  //\r
  Data = (UINT8 *)AllocateZeroPool (DataSize);\r
  if (Data == NULL) {\r
    Status =  EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Enumerate all data and erasing the target item.\r
  //\r
  IsItemFound  = FALSE;\r
  ItemDataSize = (UINT32)DataSize;\r
  CertList     = (EFI_SIGNATURE_LIST *)OldData;\r
  Offset       = 0;\r
  GuidIndex    = 0;\r
  while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
    if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
      //\r
      // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.\r
      //\r
      CopyMem (Data + Offset, CertList, (sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));\r
      NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);\r
      Offset     += (sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
      Cert        = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
      CertCount   = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
      for (Index = 0; Index < CertCount; Index++) {\r
        if (GuidIndex == DeleteIndex) {\r
          //\r
          // Find it! Skip it!\r
          //\r
          NewCertList->SignatureListSize -= CertList->SignatureSize;\r
          IsItemFound                     = TRUE;\r
        } else {\r
          //\r
          // This item doesn't match. Copy it to the Data buffer.\r
          //\r
          CopyMem (Data + Offset, (UINT8 *)(Cert), CertList->SignatureSize);\r
          Offset += CertList->SignatureSize;\r
        }\r
\r
        GuidIndex++;\r
        Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);\r
      }\r
    } else {\r
      //\r
      // This List doesn't match. Just copy it to the Data buffer.\r
      //\r
      CopyMem (Data + Offset, (UINT8 *)(CertList), CertList->SignatureListSize);\r
      Offset += CertList->SignatureListSize;\r
    }\r
\r
    ItemDataSize -= CertList->SignatureListSize;\r
    CertList      = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
  }\r
\r
  if (!IsItemFound) {\r
    //\r
    // Doesn't find the signature Item!\r
    //\r
    Status = EFI_NOT_FOUND;\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.\r
  //\r
  ItemDataSize = Offset;\r
  CertList     = (EFI_SIGNATURE_LIST *)Data;\r
  Offset       = 0;\r
  ZeroMem (OldData, ItemDataSize);\r
  while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
    CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
    DEBUG ((DEBUG_INFO, "       CertCount = %x\n", CertCount));\r
    if (CertCount != 0) {\r
      CopyMem (OldData + Offset, (UINT8 *)(CertList), CertList->SignatureListSize);\r
      Offset += CertList->SignatureListSize;\r
    }\r
\r
    ItemDataSize -= CertList->SignatureListSize;\r
    CertList      = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);\r
  }\r
\r
  DataSize = Offset;\r
\r
  Status = gRT->SetVariable (\r
                  VariableName,\r
                  VendorGuid,\r
                  Attr,\r
                  DataSize,\r
                  OldData\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));\r
    goto ON_EXIT;\r
  }\r
\r
ON_EXIT:\r
  if (Data != NULL) {\r
    FreePool (Data);\r
  }\r
\r
  if (OldData != NULL) {\r
    FreePool (OldData);\r
  }\r
\r
  return UpdateDeletePage (\r
           Private,\r
           VariableName,\r
           VendorGuid,\r
           LabelNumber,\r
           FormId,\r
           QuestionIdBase\r
           );\r
}\r
\r
/**\r
  Clean the file related resource.\r
\r
  @param[in]    Private             Module's private data.\r
\r
**/\r
VOID\r
CleanFileContext (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private\r
  )\r
{\r
  if (Private->FileContext->FHandle != NULL) {\r
    Private->FileContext->FHandle->Close (Private->FileContext->FHandle);\r
    Private->FileContext->FHandle = NULL;\r
    if (Private->FileContext->FileName != NULL) {\r
      FreePool (Private->FileContext->FileName);\r
      Private->FileContext->FileName = NULL;\r
    }\r
  }\r
}\r
\r
/**\r
  Read file content into BufferPtr, the size of the allocate buffer\r
  is *FileSize plus AddtionAllocateSize.\r
\r
  @param[in]       FileHandle            The file to be read.\r
  @param[in, out]  BufferPtr             Pointers to the pointer of allocated buffer.\r
  @param[out]      FileSize              Size of input file\r
  @param[in]       AddtionAllocateSize   Addtion size the buffer need to be allocated.\r
                                         In case the buffer need to contain others besides the file content.\r
\r
  @retval   EFI_SUCCESS                  The file was read into the buffer.\r
  @retval   EFI_INVALID_PARAMETER        A parameter was invalid.\r
  @retval   EFI_OUT_OF_RESOURCES         A memory allocation failed.\r
  @retval   others                       Unexpected error.\r
\r
**/\r
EFI_STATUS\r
ReadFileContent (\r
  IN      EFI_FILE_HANDLE  FileHandle,\r
  IN OUT  VOID             **BufferPtr,\r
  OUT  UINTN               *FileSize,\r
  IN      UINTN            AddtionAllocateSize\r
  )\r
\r
{\r
  UINTN       BufferSize;\r
  UINT64      SourceFileSize;\r
  VOID        *Buffer;\r
  EFI_STATUS  Status;\r
\r
  if ((FileHandle == NULL) || (FileSize == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  Buffer = NULL;\r
\r
  //\r
  // Get the file size\r
  //\r
  Status = FileHandle->SetPosition (FileHandle, (UINT64)-1);\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  Status = FileHandle->GetPosition (FileHandle, &SourceFileSize);\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  Status = FileHandle->SetPosition (FileHandle, 0);\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  BufferSize = (UINTN)SourceFileSize + AddtionAllocateSize;\r
  Buffer     =  AllocateZeroPool (BufferSize);\r
  if (Buffer == NULL) {\r
    return EFI_OUT_OF_RESOURCES;\r
  }\r
\r
  BufferSize = (UINTN)SourceFileSize;\r
  *FileSize  = BufferSize;\r
\r
  Status = FileHandle->Read (FileHandle, &BufferSize, Buffer);\r
  if (EFI_ERROR (Status) || (BufferSize != *FileSize)) {\r
    FreePool (Buffer);\r
    Buffer = NULL;\r
    Status = EFI_BAD_BUFFER_SIZE;\r
    goto ON_EXIT;\r
  }\r
\r
ON_EXIT:\r
\r
  *BufferPtr = Buffer;\r
  return Status;\r
}\r
\r
/**\r
  This function converts an input device structure to a Unicode string.\r
\r
  @param[in] DevPath                  A pointer to the device path structure.\r
\r
  @return A new allocated Unicode string that represents the device path.\r
\r
**/\r
CHAR16 *\r
EFIAPI\r
DevicePathToStr (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *DevPath\r
  )\r
{\r
  return ConvertDevicePathToText (\r
           DevPath,\r
           FALSE,\r
           TRUE\r
           );\r
}\r
\r
/**\r
  Extract filename from device path. The returned buffer is allocated using AllocateCopyPool.\r
  The caller is responsible for freeing the allocated buffer using FreePool(). If return NULL\r
  means not enough memory resource.\r
\r
  @param DevicePath       Device path.\r
\r
  @retval NULL            Not enough memory resource for AllocateCopyPool.\r
  @retval Other           A new allocated string that represents the file name.\r
\r
**/\r
CHAR16 *\r
ExtractFileNameFromDevicePath (\r
  IN   EFI_DEVICE_PATH_PROTOCOL  *DevicePath\r
  )\r
{\r
  CHAR16  *String;\r
  CHAR16  *MatchString;\r
  CHAR16  *LastMatch;\r
  CHAR16  *FileName;\r
  UINTN   Length;\r
\r
  ASSERT (DevicePath != NULL);\r
\r
  String      = DevicePathToStr (DevicePath);\r
  MatchString = String;\r
  LastMatch   = String;\r
  FileName    = NULL;\r
\r
  while (MatchString != NULL) {\r
    LastMatch   = MatchString + 1;\r
    MatchString = StrStr (LastMatch, L"\\");\r
  }\r
\r
  Length   = StrLen (LastMatch);\r
  FileName = AllocateCopyPool ((Length + 1) * sizeof (CHAR16), LastMatch);\r
  if (FileName != NULL) {\r
    *(FileName + Length) = 0;\r
  }\r
\r
  FreePool (String);\r
\r
  return FileName;\r
}\r
\r
/**\r
  Enroll a new X509 certificate into Variable.\r
\r
  @param[in] PrivateData     The module's private data.\r
  @param[in] VariableName    Variable name of CA database.\r
\r
  @retval   EFI_SUCCESS            New X509 is enrolled successfully.\r
  @retval   EFI_OUT_OF_RESOURCES   Could not allocate needed resources.\r
\r
**/\r
EFI_STATUS\r
EnrollX509toVariable (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private,\r
  IN CHAR16                        *VariableName\r
  )\r
{\r
  EFI_STATUS          Status;\r
  UINTN               X509DataSize;\r
  VOID                *X509Data;\r
  EFI_SIGNATURE_LIST  *CACert;\r
  EFI_SIGNATURE_DATA  *CACertData;\r
  VOID                *Data;\r
  UINTN               DataSize;\r
  UINTN               SigDataSize;\r
  UINT32              Attr;\r
\r
  X509DataSize = 0;\r
  SigDataSize  = 0;\r
  DataSize     = 0;\r
  X509Data     = NULL;\r
  CACert       = NULL;\r
  CACertData   = NULL;\r
  Data         = NULL;\r
  Attr         = 0;\r
\r
  Status = ReadFileContent (\r
             Private->FileContext->FHandle,\r
             &X509Data,\r
             &X509DataSize,\r
             0\r
             );\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
  ASSERT (X509Data != NULL);\r
\r
  SigDataSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
\r
  Data = AllocateZeroPool (SigDataSize);\r
  if (Data == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto ON_EXIT;\r
  }\r
\r
  //\r
  // Fill Certificate Database parameters.\r
  //\r
  CACert                      = (EFI_SIGNATURE_LIST *)Data;\r
  CACert->SignatureListSize   = (UINT32)SigDataSize;\r
  CACert->SignatureHeaderSize = 0;\r
  CACert->SignatureSize       = (UINT32)(sizeof (EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
  CopyGuid (&CACert->SignatureType, &gEfiCertX509Guid);\r
\r
  CACertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CACert + sizeof (EFI_SIGNATURE_LIST));\r
  CopyGuid (&CACertData->SignatureOwner, Private->CertGuid);\r
  CopyMem ((UINT8 *)(CACertData->SignatureData), X509Data, X509DataSize);\r
\r
  //\r
  // Check if the signature database entry already exists. If it does, use the\r
  // EFI_VARIABLE_APPEND_WRITE attribute to append the new signature data to\r
  // the original variable, plus preserve the original variable attributes.\r
  //\r
  Status = gRT->GetVariable (\r
                  VariableName,\r
                  &gEfiTlsCaCertificateGuid,\r
                  &Attr,\r
                  &DataSize,\r
                  NULL\r
                  );\r
  if (Status == EFI_BUFFER_TOO_SMALL) {\r
    Attr |= EFI_VARIABLE_APPEND_WRITE;\r
  } else if (Status == EFI_NOT_FOUND) {\r
    Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;\r
  } else {\r
    goto ON_EXIT;\r
  }\r
\r
  Status = gRT->SetVariable (\r
                  VariableName,\r
                  &gEfiTlsCaCertificateGuid,\r
                  Attr,\r
                  SigDataSize,\r
                  Data\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    goto ON_EXIT;\r
  }\r
\r
ON_EXIT:\r
  CleanFileContext (Private);\r
\r
  if (Private->CertGuid != NULL) {\r
    FreePool (Private->CertGuid);\r
    Private->CertGuid = NULL;\r
  }\r
\r
  if (Data != NULL) {\r
    FreePool (Data);\r
  }\r
\r
  if (X509Data != NULL) {\r
    FreePool (X509Data);\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
  Enroll Cert into TlsCaCertificate. The GUID will be Private->CertGuid.\r
\r
  @param[in] PrivateData     The module's private data.\r
  @param[in] VariableName    Variable name of signature database.\r
\r
  @retval   EFI_SUCCESS            New Cert enrolled successfully.\r
  @retval   EFI_INVALID_PARAMETER  The parameter is invalid.\r
  @retval   EFI_UNSUPPORTED        The Cert file is unsupported type.\r
  @retval   others                 Fail to enroll Cert data.\r
\r
**/\r
EFI_STATUS\r
EnrollCertDatabase (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private,\r
  IN CHAR16                        *VariableName\r
  )\r
{\r
  UINT16  *FilePostFix;\r
  UINTN   NameLength;\r
\r
  if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->CertGuid == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Parse the file's postfix.\r
  //\r
  NameLength = StrLen (Private->FileContext->FileName);\r
  if (NameLength <= 4) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
\r
  if (IsDerPemEncodeCertificate (FilePostFix)) {\r
    //\r
    // Supports DER-encoded X509 certificate.\r
    //\r
    return EnrollX509toVariable (Private, VariableName);\r
  }\r
\r
  return EFI_UNSUPPORTED;\r
}\r
\r
/**\r
  Refresh the global UpdateData structure.\r
\r
**/\r
VOID\r
RefreshUpdateData (\r
  VOID\r
  )\r
{\r
  //\r
  // Free current updated date\r
  //\r
  if (mStartOpCodeHandle != NULL) {\r
    HiiFreeOpCodeHandle (mStartOpCodeHandle);\r
  }\r
\r
  //\r
  // Create new OpCode Handle\r
  //\r
  mStartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
\r
  //\r
  // Create Hii Extend Label OpCode as the start opcode\r
  //\r
  mStartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (\r
                                        mStartOpCodeHandle,\r
                                        &gEfiIfrTianoGuid,\r
                                        NULL,\r
                                        sizeof (EFI_IFR_GUID_LABEL)\r
                                        );\r
  mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
}\r
\r
/**\r
  Clean up the dynamic opcode at label and form specified by both LabelId.\r
\r
  @param[in] LabelId         It is both the Form ID and Label ID for opcode deletion.\r
  @param[in] PrivateData     Module private data.\r
\r
**/\r
VOID\r
CleanUpPage (\r
  IN UINT16                        LabelId,\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *PrivateData\r
  )\r
{\r
  RefreshUpdateData ();\r
\r
  //\r
  // Remove all op-codes from dynamic page\r
  //\r
  mStartLabel->Number = LabelId;\r
  HiiUpdateForm (\r
    PrivateData->RegisteredHandle,\r
    &gTlsAuthConfigGuid,\r
    LabelId,\r
    mStartOpCodeHandle, // Label LabelId\r
    mEndOpCodeHandle    // LABEL_END\r
    );\r
}\r
\r
/**\r
  Update the form base on the selected file.\r
\r
  @param FilePath   Point to the file path.\r
  @param FormId     The form need to display.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
\r
**/\r
BOOLEAN\r
UpdatePage (\r
  IN  EFI_DEVICE_PATH_PROTOCOL  *FilePath,\r
  IN  EFI_FORM_ID               FormId\r
  )\r
{\r
  CHAR16         *FileName;\r
  EFI_STRING_ID  StringToken;\r
\r
  FileName = NULL;\r
\r
  if (FilePath != NULL) {\r
    FileName = ExtractFileNameFromDevicePath (FilePath);\r
  }\r
\r
  if (FileName == NULL) {\r
    //\r
    // FileName = NULL has two case:\r
    // 1. FilePath == NULL, not select file.\r
    // 2. FilePath != NULL, but ExtractFileNameFromDevicePath return NULL not enough memory resource.\r
    // In these two case, no need to update the form, and exit the caller function.\r
    //\r
    return TRUE;\r
  }\r
\r
  StringToken =  HiiSetString (mTlsAuthPrivateData->RegisteredHandle, 0, FileName, NULL);\r
\r
  mTlsAuthPrivateData->FileContext->FileName = FileName;\r
\r
  EfiOpenFileByDevicePath (\r
    &FilePath,\r
    &mTlsAuthPrivateData->FileContext->FHandle,\r
    EFI_FILE_MODE_READ,\r
    0\r
    );\r
  //\r
  // Create Subtitle op-code for the display string of the option.\r
  //\r
  RefreshUpdateData ();\r
  mStartLabel->Number = FormId;\r
\r
  HiiCreateSubTitleOpCode (\r
    mStartOpCodeHandle,\r
    StringToken,\r
    0,\r
    0,\r
    0\r
    );\r
\r
  HiiUpdateForm (\r
    mTlsAuthPrivateData->RegisteredHandle,\r
    &gTlsAuthConfigGuid,\r
    FormId,\r
    mStartOpCodeHandle, /// Label FormId\r
    mEndOpCodeHandle    /// LABEL_END\r
    );\r
\r
  return TRUE;\r
}\r
\r
/**\r
  Update the form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdateCAFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  )\r
{\r
  return UpdatePage (FilePath, TLS_AUTH_CONFIG_FORMID4_FORM);\r
}\r
\r
/**\r
  Unload the configuration form, this includes: delete all the configuration\r
  entries, uninstall the form callback protocol, and free the resources used.\r
\r
  @param[in]  Private             Pointer to the driver private data.\r
\r
  @retval EFI_SUCCESS             The configuration form is unloaded.\r
  @retval Others                  Failed to unload the form.\r
\r
**/\r
EFI_STATUS\r
TlsAuthConfigFormUnload (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private\r
  )\r
{\r
  if (Private->DriverHandle != NULL) {\r
    //\r
    // Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL\r
    //\r
    gBS->UninstallMultipleProtocolInterfaces (\r
           Private->DriverHandle,\r
           &gEfiDevicePathProtocolGuid,\r
           &mTlsAuthConfigHiiVendorDevicePath,\r
           &gEfiHiiConfigAccessProtocolGuid,\r
           &Private->ConfigAccess,\r
           NULL\r
           );\r
    Private->DriverHandle = NULL;\r
  }\r
\r
  if (Private->RegisteredHandle != NULL) {\r
    //\r
    // Remove HII package list\r
    //\r
    HiiRemovePackages (Private->RegisteredHandle);\r
    Private->RegisteredHandle = NULL;\r
  }\r
\r
  if (Private->CertGuid != NULL) {\r
    FreePool (Private->CertGuid);\r
  }\r
\r
  if (Private->FileContext != NULL) {\r
    FreePool (Private->FileContext);\r
  }\r
\r
  FreePool (Private);\r
\r
  if (mStartOpCodeHandle != NULL) {\r
    HiiFreeOpCodeHandle (mStartOpCodeHandle);\r
  }\r
\r
  if (mEndOpCodeHandle != NULL) {\r
    HiiFreeOpCodeHandle (mEndOpCodeHandle);\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Initialize the configuration form.\r
\r
  @param[in]  Private             Pointer to the driver private data.\r
\r
  @retval EFI_SUCCESS             The configuration form is initialized.\r
  @retval EFI_OUT_OF_RESOURCES    Failed to allocate memory.\r
\r
**/\r
EFI_STATUS\r
TlsAuthConfigFormInit (\r
  IN TLS_AUTH_CONFIG_PRIVATE_DATA  *Private\r
  )\r
{\r
  EFI_STATUS  Status;\r
\r
  Private->Signature = TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE;\r
\r
  Private->ConfigAccess.ExtractConfig = TlsAuthConfigAccessExtractConfig;\r
  Private->ConfigAccess.RouteConfig   = TlsAuthConfigAccessRouteConfig;\r
  Private->ConfigAccess.Callback      = TlsAuthConfigAccessCallback;\r
\r
  //\r
  // Install Device Path Protocol and Config Access protocol to driver handle.\r
  //\r
  Status = gBS->InstallMultipleProtocolInterfaces (\r
                  &Private->DriverHandle,\r
                  &gEfiDevicePathProtocolGuid,\r
                  &mTlsAuthConfigHiiVendorDevicePath,\r
                  &gEfiHiiConfigAccessProtocolGuid,\r
                  &Private->ConfigAccess,\r
                  NULL\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  //\r
  // Publish our HII data.\r
  //\r
  Private->RegisteredHandle = HiiAddPackages (\r
                                &gTlsAuthConfigGuid,\r
                                Private->DriverHandle,\r
                                TlsAuthConfigDxeStrings,\r
                                TlsAuthConfigVfrBin,\r
                                NULL\r
                                );\r
  if (Private->RegisteredHandle == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Error;\r
  }\r
\r
  Private->FileContext = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_FILE_CONTEXT));\r
  if (Private->FileContext == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Error;\r
  }\r
\r
  //\r
  // Init OpCode Handle and Allocate space for creation of Buffer\r
  //\r
  mStartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
  if (mStartOpCodeHandle == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Error;\r
  }\r
\r
  mEndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
  if (mEndOpCodeHandle == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Error;\r
  }\r
\r
  //\r
  // Create Hii Extend Label OpCode as the start opcode\r
  //\r
  mStartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (\r
                                        mStartOpCodeHandle,\r
                                        &gEfiIfrTianoGuid,\r
                                        NULL,\r
                                        sizeof (EFI_IFR_GUID_LABEL)\r
                                        );\r
  mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
\r
  //\r
  // Create Hii Extend Label OpCode as the end opcode\r
  //\r
  mEndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (\r
                                      mEndOpCodeHandle,\r
                                      &gEfiIfrTianoGuid,\r
                                      NULL,\r
                                      sizeof (EFI_IFR_GUID_LABEL)\r
                                      );\r
  mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
  mEndLabel->Number       = LABEL_END;\r
\r
  return EFI_SUCCESS;\r
\r
Error:\r
  TlsAuthConfigFormUnload (Private);\r
  return Status;\r
}\r
\r
/**\r
\r
  This function allows the caller to request the current\r
  configuration for one or more named elements. The resulting\r
  string is in <ConfigAltResp> format. Any and all alternative\r
  configuration strings shall also be appended to the end of the\r
  current configuration string. If they are, they must appear\r
  after the current configuration. They must contain the same\r
  routing (GUID, NAME, PATH) as the current configuration string.\r
  They must have an additional description indicating the type of\r
  alternative configuration the string represents,\r
  "ALTCFG=<StringToken>". That <StringToken> (when\r
  converted from Hex UNICODE to binary) is a reference to a\r
  string in the associated string pack.\r
\r
  @param This       Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
\r
  @param Request    A null-terminated Unicode string in\r
                    <ConfigRequest> format. Note that this\r
                    includes the routing information as well as\r
                    the configurable name / value pairs. It is\r
                    invalid for this string to be in\r
                    <MultiConfigRequest> format.\r
                    If a NULL is passed in for the Request field,\r
                    all of the settings being abstracted by this function\r
                    will be returned in the Results field.  In addition,\r
                    if a ConfigHdr is passed in with no request elements,\r
                    all of the settings being abstracted for that particular\r
                    ConfigHdr reference will be returned in the Results Field.\r
\r
  @param Progress   On return, points to a character in the\r
                    Request string. Points to the string's null\r
                    terminator if request was successful. Points\r
                    to the most recent "&" before the first\r
                    failing name / value pair (or the beginning\r
                    of the string if the failure is in the first\r
                    name / value pair) if the request was not\r
                    successful.\r
\r
  @param Results    A null-terminated Unicode string in\r
                    <MultiConfigAltResp> format which has all values\r
                    filled in for the names in the Request string.\r
                    String to be allocated by the called function.\r
\r
  @retval EFI_SUCCESS             The Results string is filled with the\r
                                  values corresponding to all requested\r
                                  names.\r
\r
  @retval EFI_OUT_OF_RESOURCES    Not enough memory to store the\r
                                  parts of the results that must be\r
                                  stored awaiting possible future\r
                                  protocols.\r
\r
  @retval EFI_NOT_FOUND           Routing data doesn't match any\r
                                  known driver. Progress set to the\r
                                  first character in the routing header.\r
                                  Note: There is no requirement that the\r
                                  driver validate the routing data. It\r
                                  must skip the <ConfigHdr> in order to\r
                                  process the names.\r
\r
  @retval EFI_INVALID_PARAMETER   Illegal syntax. Progress set\r
                                  to most recent "&" before the\r
                                  error or the beginning of the\r
                                  string.\r
\r
  @retval EFI_INVALID_PARAMETER   Unknown name. Progress points\r
                                  to the & before the name in\r
                                  question.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsAuthConfigAccessExtractConfig (\r
  IN CONST  EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN CONST  EFI_STRING                      Request,\r
  OUT       EFI_STRING                      *Progress,\r
  OUT       EFI_STRING                      *Results\r
  )\r
{\r
  EFI_STATUS                    Status;\r
  UINTN                         BufferSize;\r
  UINTN                         Size;\r
  EFI_STRING                    ConfigRequest;\r
  EFI_STRING                    ConfigRequestHdr;\r
  TLS_AUTH_CONFIG_PRIVATE_DATA  *Private;\r
  BOOLEAN                       AllocatedRequest;\r
\r
  if ((Progress == NULL) || (Results == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  AllocatedRequest = FALSE;\r
  ConfigRequestHdr = NULL;\r
  ConfigRequest    = NULL;\r
  Size             = 0;\r
\r
  Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
\r
  BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
  ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);\r
\r
  *Progress = Request;\r
\r
  if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  ConfigRequest = Request;\r
  if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {\r
    //\r
    // Request is set to NULL or OFFSET is NULL, construct full request string.\r
    //\r
    // Allocate and fill a buffer large enough to hold the <ConfigHdr> template\r
    // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator\r
    //\r
    ConfigRequestHdr = HiiConstructConfigHdr (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, Private->DriverHandle);\r
    Size             = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);\r
    ConfigRequest    = AllocateZeroPool (Size);\r
    ASSERT (ConfigRequest != NULL);\r
    AllocatedRequest = TRUE;\r
    UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);\r
    FreePool (ConfigRequestHdr);\r
    ConfigRequestHdr = NULL;\r
  }\r
\r
  Status = gHiiConfigRouting->BlockToConfig (\r
                                gHiiConfigRouting,\r
                                ConfigRequest,\r
                                (UINT8 *)&Private->TlsAuthConfigNvData,\r
                                BufferSize,\r
                                Results,\r
                                Progress\r
                                );\r
\r
  //\r
  // Free the allocated config request string.\r
  //\r
  if (AllocatedRequest) {\r
    FreePool (ConfigRequest);\r
  }\r
\r
  //\r
  // Set Progress string to the original request string.\r
  //\r
  if (Request == NULL) {\r
    *Progress = NULL;\r
  } else if (StrStr (Request, L"OFFSET") == NULL) {\r
    *Progress = Request + StrLen (Request);\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
\r
  This function applies changes in a driver's configuration.\r
  Input is a Configuration, which has the routing data for this\r
  driver followed by name / value configuration pairs. The driver\r
  must apply those pairs to its configurable storage. If the\r
  driver's configuration is stored in a linear block of data\r
  and the driver's name / value pairs are in <BlockConfig>\r
  format, it may use the ConfigToBlock helper function (above) to\r
  simplify the job.\r
\r
  @param This           Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
\r
  @param Configuration  A null-terminated Unicode string in\r
                        <ConfigString> format.\r
\r
  @param Progress       A pointer to a string filled in with the\r
                        offset of the most recent '&' before the\r
                        first failing name / value pair (or the\r
                        beginning of the string if the failure\r
                        is in the first name / value pair) or\r
                        the terminating NULL if all was\r
                        successful.\r
\r
  @retval EFI_SUCCESS             The results have been distributed or are\r
                                  awaiting distribution.\r
\r
  @retval EFI_OUT_OF_RESOURCES    Not enough memory to store the\r
                                  parts of the results that must be\r
                                  stored awaiting possible future\r
                                  protocols.\r
\r
  @retval EFI_INVALID_PARAMETERS  Passing in a NULL for the\r
                                  Results parameter would result\r
                                  in this type of error.\r
\r
  @retval EFI_NOT_FOUND           Target for the specified routing data\r
                                  was not found\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsAuthConfigAccessRouteConfig (\r
  IN CONST  EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN CONST  EFI_STRING                      Configuration,\r
  OUT       EFI_STRING                      *Progress\r
  )\r
{\r
  EFI_STATUS                    Status;\r
  UINTN                         BufferSize;\r
  TLS_AUTH_CONFIG_PRIVATE_DATA  *Private;\r
\r
  if (Progress == NULL) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  *Progress = Configuration;\r
\r
  if (Configuration == NULL) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Check routing data in <ConfigHdr>.\r
  // Note: there is no name for Name/Value storage, only GUID will be checked\r
  //\r
  if (!HiiIsConfigHdrMatch (Configuration, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
\r
  BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
  ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);\r
\r
  Status = gHiiConfigRouting->ConfigToBlock (\r
                                gHiiConfigRouting,\r
                                Configuration,\r
                                (UINT8 *)&Private->TlsAuthConfigNvData,\r
                                &BufferSize,\r
                                Progress\r
                                );\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
\r
  This function is called to provide results data to the driver.\r
  This data consists of a unique key that is used to identify\r
  which data is either being passed back or being asked for.\r
\r
  @param  This                   Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
  @param  Action                 Specifies the type of action taken by the browser.\r
  @param  QuestionId             A unique value which is sent to the original\r
                                 exporting driver so that it can identify the type\r
                                 of data to expect. The format of the data tends to\r
                                 vary based on the opcode that generated the callback.\r
  @param  Type                   The type of value for the question.\r
  @param  Value                  A pointer to the data being sent to the original\r
                                 exporting driver.\r
  @param  ActionRequest          On return, points to the action requested by the\r
                                 callback function.\r
\r
  @retval EFI_SUCCESS            The callback successfully handled the action.\r
  @retval EFI_OUT_OF_RESOURCES   Not enough storage is available to hold the\r
                                 variable and its data.\r
  @retval EFI_DEVICE_ERROR       The variable could not be saved.\r
  @retval EFI_UNSUPPORTED        The specified Action is not supported by the\r
                                 callback.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsAuthConfigAccessCallback (\r
  IN     CONST EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN     EFI_BROWSER_ACTION                    Action,\r
  IN     EFI_QUESTION_ID                       QuestionId,\r
  IN     UINT8                                 Type,\r
  IN OUT EFI_IFR_TYPE_VALUE                    *Value,\r
  OUT    EFI_BROWSER_ACTION_REQUEST            *ActionRequest\r
  )\r
{\r
  EFI_STATUS                    Status;\r
  RETURN_STATUS                 RStatus;\r
  TLS_AUTH_CONFIG_PRIVATE_DATA  *Private;\r
  UINTN                         BufferSize;\r
  TLS_AUTH_CONFIG_IFR_NVDATA    *IfrNvData;\r
  UINT16                        LabelId;\r
  EFI_DEVICE_PATH_PROTOCOL      *File;\r
  EFI_HII_POPUP_PROTOCOL        *HiiPopUp;\r
  EFI_HII_POPUP_SELECTION       PopUpSelect;\r
\r
  Status = EFI_SUCCESS;\r
  File   = NULL;\r
\r
  if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
\r
  mTlsAuthPrivateData = Private;\r
  Status              = gBS->LocateProtocol (&gEfiHiiPopupProtocolGuid, NULL, (VOID **)&HiiPopUp);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "Can't find Form PopUp protocol. Exit (%r)\n", Status));\r
    return Status;\r
  }\r
\r
  //\r
  // Retrieve uncommitted data from Browser\r
  //\r
  BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
  IfrNvData  = AllocateZeroPool (BufferSize);\r
  if (IfrNvData == NULL) {\r
    return EFI_OUT_OF_RESOURCES;\r
  }\r
\r
  HiiGetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *)IfrNvData);\r
\r
  if ((Action != EFI_BROWSER_ACTION_CHANGED) &&\r
      (Action != EFI_BROWSER_ACTION_CHANGING) &&\r
      (Action != EFI_BROWSER_ACTION_FORM_CLOSE))\r
  {\r
    Status = EFI_UNSUPPORTED;\r
    goto EXIT;\r
  }\r
\r
  if (Action == EFI_BROWSER_ACTION_CHANGING) {\r
    switch (QuestionId) {\r
      case KEY_TLS_AUTH_CONFIG_CLIENT_CERT:\r
      case KEY_TLS_AUTH_CONFIG_SERVER_CA:\r
        //\r
        // Clear Cert GUID.\r
        //\r
        ZeroMem (IfrNvData->CertGuid, sizeof (IfrNvData->CertGuid));\r
        if (Private->CertGuid == NULL) {\r
          Private->CertGuid = (EFI_GUID *)AllocateZeroPool (sizeof (EFI_GUID));\r
          if (Private->CertGuid == NULL) {\r
            return EFI_OUT_OF_RESOURCES;\r
          }\r
        }\r
\r
        if (QuestionId == KEY_TLS_AUTH_CONFIG_CLIENT_CERT) {\r
          LabelId = TLS_AUTH_CONFIG_FORMID3_FORM;\r
        } else {\r
          LabelId = TLS_AUTH_CONFIG_FORMID4_FORM;\r
        }\r
\r
        //\r
        // Refresh selected file.\r
        //\r
        CleanUpPage (LabelId, Private);\r
        break;\r
      case KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE:\r
        //\r
        // If the file is already opened, clean the file related resource first.\r
        //\r
        CleanFileContext (Private);\r
\r
        ChooseFile (NULL, NULL, UpdateCAFromFile, &File);\r
        break;\r
\r
      case KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT:\r
        Status = EnrollCertDatabase (Private, EFI_TLS_CA_CERTIFICATE_VARIABLE);\r
        if (EFI_ERROR (Status)) {\r
          CleanFileContext (Private);\r
\r
          HiiPopUp->CreatePopup (\r
                      HiiPopUp,\r
                      EfiHiiPopupStyleError,\r
                      EfiHiiPopupTypeOk,\r
                      Private->RegisteredHandle,\r
                      STRING_TOKEN (STR_TLS_AUTH_ENROLL_CERT_FAILURE),\r
                      &PopUpSelect\r
                      );\r
        }\r
\r
        break;\r
\r
      case KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT:\r
        CleanFileContext (Private);\r
\r
        if (Private->CertGuid != NULL) {\r
          FreePool (Private->CertGuid);\r
          Private->CertGuid = NULL;\r
        }\r
\r
        break;\r
\r
      case KEY_TLS_AUTH_CONFIG_DELETE_CERT:\r
        UpdateDeletePage (\r
          Private,\r
          EFI_TLS_CA_CERTIFICATE_VARIABLE,\r
          &gEfiTlsCaCertificateGuid,\r
          LABEL_CA_DELETE,\r
          TLS_AUTH_CONFIG_FORMID5_FORM,\r
          OPTION_DEL_CA_ESTION_ID\r
          );\r
        break;\r
\r
      default:\r
        if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&\r
            (QuestionId < (OPTION_DEL_CA_ESTION_ID + OPTION_CONFIG_RANGE)))\r
        {\r
          DeleteCert (\r
            Private,\r
            EFI_TLS_CA_CERTIFICATE_VARIABLE,\r
            &gEfiTlsCaCertificateGuid,\r
            LABEL_CA_DELETE,\r
            TLS_AUTH_CONFIG_FORMID5_FORM,\r
            OPTION_DEL_CA_ESTION_ID,\r
            QuestionId - OPTION_DEL_CA_ESTION_ID\r
            );\r
        }\r
\r
        break;\r
    }\r
  } else if (Action == EFI_BROWSER_ACTION_CHANGED) {\r
    switch (QuestionId) {\r
      case KEY_TLS_AUTH_CONFIG_CERT_GUID:\r
        ASSERT (Private->CertGuid != NULL);\r
        RStatus = StrToGuid (\r
                    IfrNvData->CertGuid,\r
                    Private->CertGuid\r
                    );\r
        if (RETURN_ERROR (RStatus) || (IfrNvData->CertGuid[GUID_STRING_LENGTH] != L'\0')) {\r
          Status = EFI_INVALID_PARAMETER;\r
          break;\r
        }\r
\r
        *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
        break;\r
      default:\r
        break;\r
    }\r
  } else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {\r
    CleanFileContext (Private);\r
  }\r
\r
EXIT:\r
\r
  if (!EFI_ERROR (Status)) {\r
    BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
    HiiSetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *)IfrNvData, NULL);\r
  }\r
\r
  FreePool (IfrNvData);\r
\r
  if (File != NULL) {\r
    FreePool (File);\r
    File = NULL;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r