[mirror_edk2.git] / NetworkPkg / TlsDxe / TlsImpl.h

/** @file\r
  Header file of Miscellaneous Routines for TlsDxe driver.\r
\r
Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#ifndef __EFI_TLS_IMPL_H__\r
#define __EFI_TLS_IMPL_H__\r
\r
//\r
// Libraries\r
//\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/NetLib.h>\r
#include <Library/BaseCryptLib.h>\r
#include <Library/TlsLib.h>\r
\r
//\r
// Consumed Protocols\r
//\r
#include <Protocol/Tls.h>\r
#include <Protocol/TlsConfig.h>\r
\r
#include <IndustryStandard/Tls1.h>\r
\r
#include "TlsDriver.h"\r
\r
//\r
// Protocol instances\r
//\r
extern EFI_SERVICE_BINDING_PROTOCOL    mTlsServiceBinding;\r
extern EFI_TLS_PROTOCOL                mTlsProtocol;\r
extern EFI_TLS_CONFIGURATION_PROTOCOL  mTlsConfigurationProtocol;\r
\r
/**\r
  Encrypt the message listed in fragment.\r
\r
  @param[in]       TlsInstance    The pointer to the TLS instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment.\r
                                  On input these fragments contain the TLS header and\r
                                  plain text TLS payload;\r
                                  On output these fragments contain the TLS header and\r
                                  cipher text TLS payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_OUT_OF_RESOURCES    Can't allocate memory resources.\r
  @retval EFI_ABORTED             TLS session state is incorrect.\r
  @retval Others                  Other errors as indicated.\r
**/\r
EFI_STATUS\r
TlsEncryptPacket (\r
  IN     TLS_INSTANCE                  *TlsInstance,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount\r
  );\r
\r
/**\r
  Decrypt the message listed in fragment.\r
\r
  @param[in]       TlsInstance    The pointer to the TLS instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment.\r
                                  On input these fragments contain the TLS header and\r
                                  cipher text TLS payload;\r
                                  On output these fragments contain the TLS header and\r
                                  plain text TLS payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_OUT_OF_RESOURCES    Can't allocate memory resources.\r
  @retval EFI_ABORTED             TLS session state is incorrect.\r
  @retval Others                  Other errors as indicated.\r
**/\r
EFI_STATUS\r
TlsDecryptPacket (\r
  IN     TLS_INSTANCE                  *TlsInstance,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount\r
  );\r
\r
/**\r
  Set TLS session data.\r
\r
  The SetSessionData() function set data for a new TLS session. All session data should\r
  be set before BuildResponsePacket() invoked.\r
\r
  @param[in]  This                Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]  DataType            TLS session data type.\r
  @param[in]  Data                Pointer to session data.\r
  @param[in]  DataSize            Total size of session data.\r
\r
  @retval EFI_SUCCESS             The TLS session data is set successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  Data is NULL.\r
                                  DataSize is 0.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_ACCESS_DENIED       If the DataType is one of below:\r
                                  EfiTlsClientRandom\r
                                  EfiTlsServerRandom\r
                                  EfiTlsKeyMaterial\r
  @retval EFI_NOT_READY           Current TLS session state is NOT\r
                                  EfiTlsSessionStateNotStarted.\r
  @retval EFI_OUT_OF_RESOURCES    Required system resources could not be allocated.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsSetSessionData (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     EFI_TLS_SESSION_DATA_TYPE     DataType,\r
  IN     VOID                          *Data,\r
  IN     UINTN                         DataSize\r
  );\r
\r
/**\r
  Get TLS session data.\r
\r
  The GetSessionData() function return the TLS session information.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]       DataType       TLS session data type.\r
  @param[in, out]  Data           Pointer to session data.\r
  @param[in, out]  DataSize       Total size of session data. On input, it means\r
                                  the size of Data buffer. On output, it means the size\r
                                  of copied Data buffer if EFI_SUCCESS, and means the\r
                                  size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
\r
  @retval EFI_SUCCESS             The TLS session data is got successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  DataSize is NULL.\r
                                  Data is NULL if *DataSize is not zero.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_NOT_FOUND           The TLS session data is not found.\r
  @retval EFI_NOT_READY           The DataType is not ready in current session state.\r
  @retval EFI_BUFFER_TOO_SMALL    The buffer is too small to hold the data.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsGetSessionData (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     EFI_TLS_SESSION_DATA_TYPE     DataType,\r
  IN OUT VOID                          *Data,  OPTIONAL\r
  IN OUT UINTN                         *DataSize\r
  );\r
\r
/**\r
  Build response packet according to TLS state machine. This function is only valid for\r
  alert, handshake and change_cipher_spec content type.\r
\r
  The BuildResponsePacket() function builds TLS response packet in response to the TLS\r
  request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and\r
  RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session\r
  will be initiated and the response packet needs to be ClientHello. If RequestBuffer is\r
  NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS\r
  session will be closed and response packet needs to be CloseNotify. If RequestBuffer is\r
  NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS\r
  session has errors and the response packet needs to be Alert message based on error\r
  type.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]       RequestBuffer  Pointer to the most recently received TLS packet. NULL\r
                                  means TLS need initiate the TLS session and response\r
                                  packet need to be ClientHello.\r
  @param[in]       RequestSize    Packet size in bytes for the most recently received TLS\r
                                  packet. 0 is only valid when RequestBuffer is NULL.\r
  @param[out]      Buffer         Pointer to the buffer to hold the built packet.\r
  @param[in, out]  BufferSize     Pointer to the buffer size in bytes. On input, it is\r
                                  the buffer size provided by the caller. On output, it\r
                                  is the buffer size in fact needed to contain the\r
                                  packet.\r
\r
  @retval EFI_SUCCESS             The required TLS packet is built successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  RequestBuffer is NULL but RequestSize is NOT 0.\r
                                  RequestSize is 0 but RequestBuffer is NOT NULL.\r
                                  BufferSize is NULL.\r
                                  Buffer is NULL if *BufferSize is not zero.\r
  @retval EFI_BUFFER_TOO_SMALL    BufferSize is too small to hold the response packet.\r
  @retval EFI_NOT_READY           Current TLS session state is NOT ready to build\r
                                  ResponsePacket.\r
  @retval EFI_ABORTED             Something wrong build response packet.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsBuildResponsePacket (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     UINT8                         *RequestBuffer, OPTIONAL\r
  IN     UINTN                         RequestSize, OPTIONAL\r
     OUT UINT8                         *Buffer, OPTIONAL\r
  IN OUT UINTN                         *BufferSize\r
  );\r
\r
/**\r
  Decrypt or encrypt TLS packet during session. This function is only valid after\r
  session connected and for application_data content type.\r
\r
  The ProcessPacket () function process each inbound or outbound TLS APP packet.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment. The caller will take\r
                                  responsible to handle the original FragmentTable while\r
                                  it may be reallocated in TLS driver. If CryptMode is\r
                                  EfiTlsEncrypt, on input these fragments contain the TLS\r
                                  header and plain text TLS APP payload; on output these\r
                                  fragments contain the TLS header and cipher text TLS\r
                                  APP payload. If CryptMode is EfiTlsDecrypt, on input\r
                                  these fragments contain the TLS header and cipher text\r
                                  TLS APP payload; on output these fragments contain the\r
                                  TLS header and plain text TLS APP payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
  @param[in]       CryptMode      Crypt mode.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  FragmentTable is NULL.\r
                                  FragmentCount is NULL.\r
                                  CryptoMode is invalid.\r
  @retval EFI_NOT_READY           Current TLS session state is NOT\r
                                  EfiTlsSessionDataTransferring.\r
  @retval EFI_ABORTED             Something wrong decryption the message. TLS session\r
                                  status will become EfiTlsSessionError. The caller need\r
                                  call BuildResponsePacket() to generate Error Alert\r
                                  message and send it out.\r
  @retval EFI_OUT_OF_RESOURCES    No enough resource to finish the operation.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsProcessPacket (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount,\r
  IN     EFI_TLS_CRYPT_MODE            CryptMode\r
  );\r
\r
/**\r
  Set TLS configuration data.\r
\r
  The SetData() function sets TLS configuration to non-volatile storage or volatile\r
  storage.\r
\r
  @param[in]  This                Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
  @param[in]  DataType            Configuration data type.\r
  @param[in]  Data                Pointer to configuration data.\r
  @param[in]  DataSize            Total size of configuration data.\r
\r
  @retval EFI_SUCCESS             The TLS configuration data is set successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  Data is NULL.\r
                                  DataSize is 0.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_OUT_OF_RESOURCES    Required system resources could not be allocated.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsConfigurationSetData (\r
  IN     EFI_TLS_CONFIGURATION_PROTOCOL  *This,\r
  IN     EFI_TLS_CONFIG_DATA_TYPE        DataType,\r
  IN     VOID                            *Data,\r
  IN     UINTN                           DataSize\r
  );\r
\r
/**\r
  Get TLS configuration data.\r
\r
  The GetData() function gets TLS configuration.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
  @param[in]       DataType       Configuration data type.\r
  @param[in, out]  Data           Pointer to configuration data.\r
  @param[in, out]  DataSize       Total size of configuration data. On input, it means\r
                                  the size of Data buffer. On output, it means the size\r
                                  of copied Data buffer if EFI_SUCCESS, and means the\r
                                  size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
\r
  @retval EFI_SUCCESS             The TLS configuration data is got successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  DataSize is NULL.\r
                                  Data is NULL if *DataSize is not zero.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_NOT_FOUND           The TLS configuration data is not found.\r
  @retval EFI_BUFFER_TOO_SMALL    The buffer is too small to hold the data.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsConfigurationGetData (\r
  IN     EFI_TLS_CONFIGURATION_PROTOCOL  *This,\r
  IN     EFI_TLS_CONFIG_DATA_TYPE        DataType,\r
  IN OUT VOID                            *Data, OPTIONAL\r
  IN OUT UINTN                           *DataSize\r
  );\r
\r
#endif\r
\r
Commit	Line	Data
7618784b HW	1	/** @file\r
	2	Header file of Miscellaneous Routines for TlsDxe driver.\r
	3	\r
cb3350ec	4	Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
7618784b HW	5	\r
	6	This program and the accompanying materials\r
	7	are licensed and made available under the terms and conditions of the BSD License\r
	8	which accompanies this distribution. The full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	\r
	16	#ifndef __EFI_TLS_IMPL_H__\r
	17	#define __EFI_TLS_IMPL_H__\r
	18	\r
	19	//\r
	20	// Libraries\r
	21	//\r
	22	#include <Library/UefiBootServicesTableLib.h>\r
	23	#include <Library/MemoryAllocationLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/BaseLib.h>\r
	26	#include <Library/UefiLib.h>\r
	27	#include <Library/DebugLib.h>\r
	28	#include <Library/NetLib.h>\r
	29	#include <Library/BaseCryptLib.h>\r
	30	#include <Library/TlsLib.h>\r
	31	\r
	32	//\r
	33	// Consumed Protocols\r
	34	//\r
	35	#include <Protocol/Tls.h>\r
	36	#include <Protocol/TlsConfig.h>\r
	37	\r
	38	#include <IndustryStandard/Tls1.h>\r
	39	\r
	40	#include "TlsDriver.h"\r
	41	\r
	42	//\r
	43	// Protocol instances\r
	44	//\r
	45	extern EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding;\r
	46	extern EFI_TLS_PROTOCOL mTlsProtocol;\r
	47	extern EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol;\r
	48	\r
7618784b HW	49	/**\r
	50	Encrypt the message listed in fragment.\r
	51	\r
	52	@param[in] TlsInstance The pointer to the TLS instance.\r
	53	@param[in, out] FragmentTable Pointer to a list of fragment.\r
	54	On input these fragments contain the TLS header and\r
	55	plain text TLS payload;\r
	56	On output these fragments contain the TLS header and\r
	57	cipher text TLS payload.\r
	58	@param[in] FragmentCount Number of fragment.\r
	59	\r
	60	@retval EFI_SUCCESS The operation completed successfully.\r
	61	@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.\r
	62	@retval EFI_ABORTED TLS session state is incorrect.\r
	63	@retval Others Other errors as indicated.\r
	64	**/\r
	65	EFI_STATUS\r
	66	TlsEncryptPacket (\r
	67	IN TLS_INSTANCE *TlsInstance,\r
	68	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
	69	IN UINT32 *FragmentCount\r
	70	);\r
	71	\r
	72	/**\r
	73	Decrypt the message listed in fragment.\r
	74	\r
	75	@param[in] TlsInstance The pointer to the TLS instance.\r
	76	@param[in, out] FragmentTable Pointer to a list of fragment.\r
	77	On input these fragments contain the TLS header and\r
	78	cipher text TLS payload;\r
	79	On output these fragments contain the TLS header and\r
	80	plain text TLS payload.\r
	81	@param[in] FragmentCount Number of fragment.\r
	82	\r
	83	@retval EFI_SUCCESS The operation completed successfully.\r
	84	@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.\r
	85	@retval EFI_ABORTED TLS session state is incorrect.\r
	86	@retval Others Other errors as indicated.\r
	87	**/\r
	88	EFI_STATUS\r
	89	TlsDecryptPacket (\r
	90	IN TLS_INSTANCE *TlsInstance,\r
	91	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
	92	IN UINT32 *FragmentCount\r
	93	);\r
	94	\r
	95	/**\r
	96	Set TLS session data.\r
	97	\r
	98	The SetSessionData() function set data for a new TLS session. All session data should\r
	99	be set before BuildResponsePacket() invoked.\r
	100	\r
	101	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
	102	@param[in] DataType TLS session data type.\r
	103	@param[in] Data Pointer to session data.\r
	104	@param[in] DataSize Total size of session data.\r
	105	\r
	106	@retval EFI_SUCCESS The TLS session data is set successfully.\r
	107	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
	108	This is NULL.\r
	109	Data is NULL.\r
	110	DataSize is 0.\r
	111	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
	112	@retval EFI_ACCESS_DENIED If the DataType is one of below:\r
113	EfiTlsClientRandom\r
114	EfiTlsServerRandom\r
115	EfiTlsKeyMaterial\r
116	@retval EFI_NOT_READY Current TLS session state is NOT\r
117	EfiTlsSessionStateNotStarted.\r
118	@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.\r
119	**/\r
120	EFI_STATUS\r
121	EFIAPI\r
122	TlsSetSessionData (\r
123	IN EFI_TLS_PROTOCOL *This,\r
124	IN EFI_TLS_SESSION_DATA_TYPE DataType,\r
125	IN VOID *Data,\r
126	IN UINTN DataSize\r
127	);\r
128	\r
129	/**\r
130	Get TLS session data.\r
131	\r
132	The GetSessionData() function return the TLS session information.\r
133	\r
134	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
135	@param[in] DataType TLS session data type.\r
136	@param[in, out] Data Pointer to session data.\r
137	@param[in, out] DataSize Total size of session data. On input, it means\r
138	the size of Data buffer. On output, it means the size\r
139	of copied Data buffer if EFI_SUCCESS, and means the\r
140	size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
141	\r
142	@retval EFI_SUCCESS The TLS session data is got successfully.\r
143	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
144	This is NULL.\r
145	DataSize is NULL.\r
146	Data is NULL if *DataSize is not zero.\r
147	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
148	@retval EFI_NOT_FOUND The TLS session data is not found.\r
149	@retval EFI_NOT_READY The DataType is not ready in current session state.\r
150	@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.\r
151	**/\r
152	EFI_STATUS\r
153	EFIAPI\r
154	TlsGetSessionData (\r
155	IN EFI_TLS_PROTOCOL *This,\r
156	IN EFI_TLS_SESSION_DATA_TYPE DataType,\r
157	IN OUT VOID *Data, OPTIONAL\r
158	IN OUT UINTN *DataSize\r
159	);\r
160	\r
161	/**\r
162	Build response packet according to TLS state machine. This function is only valid for\r
163	alert, handshake and change_cipher_spec content type.\r
164	\r
165	The BuildResponsePacket() function builds TLS response packet in response to the TLS\r
166	request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and\r
167	RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session\r
168	will be initiated and the response packet needs to be ClientHello. If RequestBuffer is\r
169	NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS\r
170	session will be closed and response packet needs to be CloseNotify. If RequestBuffer is\r
171	NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS\r
172	session has errors and the response packet needs to be Alert message based on error\r
173	type.\r
174	\r
175	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
176	@param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL\r
177	means TLS need initiate the TLS session and response\r
178	packet need to be ClientHello.\r
179	@param[in] RequestSize Packet size in bytes for the most recently received TLS\r
180	packet. 0 is only valid when RequestBuffer is NULL.\r
181	@param[out] Buffer Pointer to the buffer to hold the built packet.\r
182	@param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is\r
183	the buffer size provided by the caller. On output, it\r
184	is the buffer size in fact needed to contain the\r
185	packet.\r
186	\r
187	@retval EFI_SUCCESS The required TLS packet is built successfully.\r
188	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
189	This is NULL.\r
190	RequestBuffer is NULL but RequestSize is NOT 0.\r
191	RequestSize is 0 but RequestBuffer is NOT NULL.\r
192	BufferSize is NULL.\r
193	Buffer is NULL if *BufferSize is not zero.\r
194	@retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.\r
195	@retval EFI_NOT_READY Current TLS session state is NOT ready to build\r
196	ResponsePacket.\r
197	@retval EFI_ABORTED Something wrong build response packet.\r
198	**/\r
199	EFI_STATUS\r
200	EFIAPI\r
201	TlsBuildResponsePacket (\r
202	IN EFI_TLS_PROTOCOL *This,\r
203	IN UINT8 *RequestBuffer, OPTIONAL\r
204	IN UINTN RequestSize, OPTIONAL\r
205	OUT UINT8 *Buffer, OPTIONAL\r
206	IN OUT UINTN *BufferSize\r
207	);\r
208	\r
209	/**\r
210	Decrypt or encrypt TLS packet during session. This function is only valid after\r
211	session connected and for application_data content type.\r
212	\r
213	The ProcessPacket () function process each inbound or outbound TLS APP packet.\r
214	\r
215	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
216	@param[in, out] FragmentTable Pointer to a list of fragment. The caller will take\r
217	responsible to handle the original FragmentTable while\r
218	it may be reallocated in TLS driver. If CryptMode is\r
219	EfiTlsEncrypt, on input these fragments contain the TLS\r
220	header and plain text TLS APP payload; on output these\r
221	fragments contain the TLS header and cipher text TLS\r
222	APP payload. If CryptMode is EfiTlsDecrypt, on input\r
223	these fragments contain the TLS header and cipher text\r
224	TLS APP payload; on output these fragments contain the\r
225	TLS header and plain text TLS APP payload.\r
226	@param[in] FragmentCount Number of fragment.\r
227	@param[in] CryptMode Crypt mode.\r
228	\r
229	@retval EFI_SUCCESS The operation completed successfully.\r
230	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
231	This is NULL.\r
232	FragmentTable is NULL.\r
233	FragmentCount is NULL.\r
234	CryptoMode is invalid.\r
235	@retval EFI_NOT_READY Current TLS session state is NOT\r
236	EfiTlsSessionDataTransferring.\r
237	@retval EFI_ABORTED Something wrong decryption the message. TLS session\r
238	status will become EfiTlsSessionError. The caller need\r
239	call BuildResponsePacket() to generate Error Alert\r
240	message and send it out.\r
241	@retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation.\r
242	**/\r
243	EFI_STATUS\r
244	EFIAPI\r
245	TlsProcessPacket (\r
246	IN EFI_TLS_PROTOCOL *This,\r
247	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
248	IN UINT32 *FragmentCount,\r
249	IN EFI_TLS_CRYPT_MODE CryptMode\r
250	);\r
251	\r
252	/**\r
253	Set TLS configuration data.\r
254	\r
255	The SetData() function sets TLS configuration to non-volatile storage or volatile\r
256	storage.\r
257	\r
258	@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
259	@param[in] DataType Configuration data type.\r
260	@param[in] Data Pointer to configuration data.\r
261	@param[in] DataSize Total size of configuration data.\r
262	\r
263	@retval EFI_SUCCESS The TLS configuration data is set successfully.\r
264	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
265	This is NULL.\r
266	Data is NULL.\r
267	DataSize is 0.\r
268	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
269	@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.\r
270	**/\r
271	EFI_STATUS\r
272	EFIAPI\r
273	TlsConfigurationSetData (\r
274	IN EFI_TLS_CONFIGURATION_PROTOCOL *This,\r
275	IN EFI_TLS_CONFIG_DATA_TYPE DataType,\r
276	IN VOID *Data,\r
277	IN UINTN DataSize\r
278	);\r
279	\r
280	/**\r
281	Get TLS configuration data.\r
282	\r
283	The GetData() function gets TLS configuration.\r
284	\r
285	@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
286	@param[in] DataType Configuration data type.\r
287	@param[in, out] Data Pointer to configuration data.\r
288	@param[in, out] DataSize Total size of configuration data. On input, it means\r
289	the size of Data buffer. On output, it means the size\r
290	of copied Data buffer if EFI_SUCCESS, and means the\r
291	size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
292	\r
293	@retval EFI_SUCCESS The TLS configuration data is got successfully.\r
294	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
295	This is NULL.\r
296	DataSize is NULL.\r
297	Data is NULL if *DataSize is not zero.\r
298	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
299	@retval EFI_NOT_FOUND The TLS configuration data is not found.\r
300	@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.\r
301	**/\r
302	EFI_STATUS\r
303	EFIAPI\r
304	TlsConfigurationGetData (\r
305	IN EFI_TLS_CONFIGURATION_PROTOCOL *This,\r
306	IN EFI_TLS_CONFIG_DATA_TYPE DataType,\r
307	IN OUT VOID *Data, OPTIONAL\r
308	IN OUT UINTN *DataSize\r
309	);\r
310	\r
311	#endif\r
312	\r