[mirror_edk2.git] / NetworkPkg / TlsDxe / TlsImpl.h

/** @file\r
  Header file of Miscellaneous Routines for TlsDxe driver.\r
\r
Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#ifndef __EFI_TLS_IMPL_H__\r
#define __EFI_TLS_IMPL_H__\r
\r
//\r
// Libraries\r
//\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/NetLib.h>\r
#include <Library/BaseCryptLib.h>\r
#include <Library/TlsLib.h>\r
\r
//\r
// Consumed Protocols\r
//\r
#include <Protocol/Tls.h>\r
#include <Protocol/TlsConfig.h>\r
\r
#include <IndustryStandard/Tls1.h>\r
\r
#include "TlsDriver.h"\r
\r
//\r
// Protocol instances\r
//\r
extern EFI_SERVICE_BINDING_PROTOCOL    mTlsServiceBinding;\r
extern EFI_TLS_PROTOCOL                mTlsProtocol;\r
extern EFI_TLS_CONFIGURATION_PROTOCOL  mTlsConfigurationProtocol;\r
\r
/**\r
  Encrypt the message listed in fragment.\r
\r
  @param[in]       TlsInstance    The pointer to the TLS instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment.\r
                                  On input these fragments contain the TLS header and\r
                                  plain text TLS payload;\r
                                  On output these fragments contain the TLS header and\r
                                  cipher text TLS payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_OUT_OF_RESOURCES    Can't allocate memory resources.\r
  @retval EFI_ABORTED             TLS session state is incorrect.\r
  @retval Others                  Other errors as indicated.\r
**/\r
EFI_STATUS\r
TlsEncryptPacket (\r
  IN     TLS_INSTANCE                  *TlsInstance,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount\r
  );\r
\r
/**\r
  Decrypt the message listed in fragment.\r
\r
  @param[in]       TlsInstance    The pointer to the TLS instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment.\r
                                  On input these fragments contain the TLS header and\r
                                  cipher text TLS payload;\r
                                  On output these fragments contain the TLS header and\r
                                  plain text TLS payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_OUT_OF_RESOURCES    Can't allocate memory resources.\r
  @retval EFI_ABORTED             TLS session state is incorrect.\r
  @retval Others                  Other errors as indicated.\r
**/\r
EFI_STATUS\r
TlsDecryptPacket (\r
  IN     TLS_INSTANCE                  *TlsInstance,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount\r
  );\r
\r
/**\r
  Set TLS session data.\r
\r
  The SetSessionData() function set data for a new TLS session. All session data should\r
  be set before BuildResponsePacket() invoked.\r
\r
  @param[in]  This                Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]  DataType            TLS session data type.\r
  @param[in]  Data                Pointer to session data.\r
  @param[in]  DataSize            Total size of session data.\r
\r
  @retval EFI_SUCCESS             The TLS session data is set successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  Data is NULL.\r
                                  DataSize is 0.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_ACCESS_DENIED       If the DataType is one of below:\r
                                  EfiTlsClientRandom\r
                                  EfiTlsServerRandom\r
                                  EfiTlsKeyMaterial\r
  @retval EFI_NOT_READY           Current TLS session state is NOT\r
                                  EfiTlsSessionStateNotStarted.\r
  @retval EFI_OUT_OF_RESOURCES    Required system resources could not be allocated.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsSetSessionData (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     EFI_TLS_SESSION_DATA_TYPE     DataType,\r
  IN     VOID                          *Data,\r
  IN     UINTN                         DataSize\r
  );\r
\r
/**\r
  Get TLS session data.\r
\r
  The GetSessionData() function return the TLS session information.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]       DataType       TLS session data type.\r
  @param[in, out]  Data           Pointer to session data.\r
  @param[in, out]  DataSize       Total size of session data. On input, it means\r
                                  the size of Data buffer. On output, it means the size\r
                                  of copied Data buffer if EFI_SUCCESS, and means the\r
                                  size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
\r
  @retval EFI_SUCCESS             The TLS session data is got successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  DataSize is NULL.\r
                                  Data is NULL if *DataSize is not zero.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_NOT_FOUND           The TLS session data is not found.\r
  @retval EFI_NOT_READY           The DataType is not ready in current session state.\r
  @retval EFI_BUFFER_TOO_SMALL    The buffer is too small to hold the data.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsGetSessionData (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     EFI_TLS_SESSION_DATA_TYPE     DataType,\r
  IN OUT VOID                          *Data,  OPTIONAL\r
  IN OUT UINTN                         *DataSize\r
  );\r
\r
/**\r
  Build response packet according to TLS state machine. This function is only valid for\r
  alert, handshake and change_cipher_spec content type.\r
\r
  The BuildResponsePacket() function builds TLS response packet in response to the TLS\r
  request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and\r
  RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session\r
  will be initiated and the response packet needs to be ClientHello. If RequestBuffer is\r
  NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS\r
  session will be closed and response packet needs to be CloseNotify. If RequestBuffer is\r
  NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS\r
  session has errors and the response packet needs to be Alert message based on error\r
  type.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in]       RequestBuffer  Pointer to the most recently received TLS packet. NULL\r
                                  means TLS need initiate the TLS session and response\r
                                  packet need to be ClientHello.\r
  @param[in]       RequestSize    Packet size in bytes for the most recently received TLS\r
                                  packet. 0 is only valid when RequestBuffer is NULL.\r
  @param[out]      Buffer         Pointer to the buffer to hold the built packet.\r
  @param[in, out]  BufferSize     Pointer to the buffer size in bytes. On input, it is\r
                                  the buffer size provided by the caller. On output, it\r
                                  is the buffer size in fact needed to contain the\r
                                  packet.\r
\r
  @retval EFI_SUCCESS             The required TLS packet is built successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  RequestBuffer is NULL but RequestSize is NOT 0.\r
                                  RequestSize is 0 but RequestBuffer is NOT NULL.\r
                                  BufferSize is NULL.\r
                                  Buffer is NULL if *BufferSize is not zero.\r
  @retval EFI_BUFFER_TOO_SMALL    BufferSize is too small to hold the response packet.\r
  @retval EFI_NOT_READY           Current TLS session state is NOT ready to build\r
                                  ResponsePacket.\r
  @retval EFI_ABORTED             Something wrong build response packet.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsBuildResponsePacket (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN     UINT8                         *RequestBuffer, OPTIONAL\r
  IN     UINTN                         RequestSize, OPTIONAL\r
     OUT UINT8                         *Buffer, OPTIONAL\r
  IN OUT UINTN                         *BufferSize\r
  );\r
\r
/**\r
  Decrypt or encrypt TLS packet during session. This function is only valid after\r
  session connected and for application_data content type.\r
\r
  The ProcessPacket () function process each inbound or outbound TLS APP packet.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_PROTOCOL instance.\r
  @param[in, out]  FragmentTable  Pointer to a list of fragment. The caller will take\r
                                  responsible to handle the original FragmentTable while\r
                                  it may be reallocated in TLS driver. If CryptMode is\r
                                  EfiTlsEncrypt, on input these fragments contain the TLS\r
                                  header and plain text TLS APP payload; on output these\r
                                  fragments contain the TLS header and cipher text TLS\r
                                  APP payload. If CryptMode is EfiTlsDecrypt, on input\r
                                  these fragments contain the TLS header and cipher text\r
                                  TLS APP payload; on output these fragments contain the\r
                                  TLS header and plain text TLS APP payload.\r
  @param[in]       FragmentCount  Number of fragment.\r
  @param[in]       CryptMode      Crypt mode.\r
\r
  @retval EFI_SUCCESS             The operation completed successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  FragmentTable is NULL.\r
                                  FragmentCount is NULL.\r
                                  CryptoMode is invalid.\r
  @retval EFI_NOT_READY           Current TLS session state is NOT\r
                                  EfiTlsSessionDataTransferring.\r
  @retval EFI_ABORTED             Something wrong decryption the message. TLS session\r
                                  status will become EfiTlsSessionError. The caller need\r
                                  call BuildResponsePacket() to generate Error Alert\r
                                  message and send it out.\r
  @retval EFI_OUT_OF_RESOURCES    No enough resource to finish the operation.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsProcessPacket (\r
  IN     EFI_TLS_PROTOCOL              *This,\r
  IN OUT EFI_TLS_FRAGMENT_DATA         **FragmentTable,\r
  IN     UINT32                        *FragmentCount,\r
  IN     EFI_TLS_CRYPT_MODE            CryptMode\r
  );\r
\r
/**\r
  Set TLS configuration data.\r
\r
  The SetData() function sets TLS configuration to non-volatile storage or volatile\r
  storage.\r
\r
  @param[in]  This                Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
  @param[in]  DataType            Configuration data type.\r
  @param[in]  Data                Pointer to configuration data.\r
  @param[in]  DataSize            Total size of configuration data.\r
\r
  @retval EFI_SUCCESS             The TLS configuration data is set successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  Data is NULL.\r
                                  DataSize is 0.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_OUT_OF_RESOURCES    Required system resources could not be allocated.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsConfigurationSetData (\r
  IN     EFI_TLS_CONFIGURATION_PROTOCOL  *This,\r
  IN     EFI_TLS_CONFIG_DATA_TYPE        DataType,\r
  IN     VOID                            *Data,\r
  IN     UINTN                           DataSize\r
  );\r
\r
/**\r
  Get TLS configuration data.\r
\r
  The GetData() function gets TLS configuration.\r
\r
  @param[in]       This           Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
  @param[in]       DataType       Configuration data type.\r
  @param[in, out]  Data           Pointer to configuration data.\r
  @param[in, out]  DataSize       Total size of configuration data. On input, it means\r
                                  the size of Data buffer. On output, it means the size\r
                                  of copied Data buffer if EFI_SUCCESS, and means the\r
                                  size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
\r
  @retval EFI_SUCCESS             The TLS configuration data is got successfully.\r
  @retval EFI_INVALID_PARAMETER   One or more of the following conditions is TRUE:\r
                                  This is NULL.\r
                                  DataSize is NULL.\r
                                  Data is NULL if *DataSize is not zero.\r
  @retval EFI_UNSUPPORTED         The DataType is unsupported.\r
  @retval EFI_NOT_FOUND           The TLS configuration data is not found.\r
  @retval EFI_BUFFER_TOO_SMALL    The buffer is too small to hold the data.\r
**/\r
EFI_STATUS\r
EFIAPI\r
TlsConfigurationGetData (\r
  IN     EFI_TLS_CONFIGURATION_PROTOCOL  *This,\r
  IN     EFI_TLS_CONFIG_DATA_TYPE        DataType,\r
  IN OUT VOID                            *Data, OPTIONAL\r
  IN OUT UINTN                           *DataSize\r
  );\r
\r
#endif\r
\r
Commit	Line	Data
7618784b HW	1	/** @file\r
	2	Header file of Miscellaneous Routines for TlsDxe driver.\r
	3	\r
cb3350ec	4	Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
7618784b	5	\r
ecf98fbc	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
7618784b HW	7	\r
	8	**/\r
	9	\r
	10	#ifndef __EFI_TLS_IMPL_H__\r
	11	#define __EFI_TLS_IMPL_H__\r
	12	\r
	13	//\r
	14	// Libraries\r
	15	//\r
	16	#include <Library/UefiBootServicesTableLib.h>\r
	17	#include <Library/MemoryAllocationLib.h>\r
	18	#include <Library/BaseMemoryLib.h>\r
	19	#include <Library/BaseLib.h>\r
	20	#include <Library/UefiLib.h>\r
	21	#include <Library/DebugLib.h>\r
	22	#include <Library/NetLib.h>\r
	23	#include <Library/BaseCryptLib.h>\r
	24	#include <Library/TlsLib.h>\r
	25	\r
	26	//\r
	27	// Consumed Protocols\r
	28	//\r
	29	#include <Protocol/Tls.h>\r
	30	#include <Protocol/TlsConfig.h>\r
	31	\r
	32	#include <IndustryStandard/Tls1.h>\r
	33	\r
	34	#include "TlsDriver.h"\r
	35	\r
	36	//\r
	37	// Protocol instances\r
	38	//\r
	39	extern EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding;\r
	40	extern EFI_TLS_PROTOCOL mTlsProtocol;\r
	41	extern EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol;\r
	42	\r
7618784b HW	43	/**\r
	44	Encrypt the message listed in fragment.\r
	45	\r
	46	@param[in] TlsInstance The pointer to the TLS instance.\r
	47	@param[in, out] FragmentTable Pointer to a list of fragment.\r
	48	On input these fragments contain the TLS header and\r
	49	plain text TLS payload;\r
	50	On output these fragments contain the TLS header and\r
	51	cipher text TLS payload.\r
	52	@param[in] FragmentCount Number of fragment.\r
	53	\r
	54	@retval EFI_SUCCESS The operation completed successfully.\r
	55	@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.\r
	56	@retval EFI_ABORTED TLS session state is incorrect.\r
	57	@retval Others Other errors as indicated.\r
	58	**/\r
	59	EFI_STATUS\r
	60	TlsEncryptPacket (\r
	61	IN TLS_INSTANCE *TlsInstance,\r
	62	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
	63	IN UINT32 *FragmentCount\r
	64	);\r
	65	\r
	66	/**\r
	67	Decrypt the message listed in fragment.\r
	68	\r
	69	@param[in] TlsInstance The pointer to the TLS instance.\r
	70	@param[in, out] FragmentTable Pointer to a list of fragment.\r
	71	On input these fragments contain the TLS header and\r
	72	cipher text TLS payload;\r
	73	On output these fragments contain the TLS header and\r
	74	plain text TLS payload.\r
	75	@param[in] FragmentCount Number of fragment.\r
	76	\r
	77	@retval EFI_SUCCESS The operation completed successfully.\r
	78	@retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.\r
	79	@retval EFI_ABORTED TLS session state is incorrect.\r
	80	@retval Others Other errors as indicated.\r
	81	**/\r
	82	EFI_STATUS\r
	83	TlsDecryptPacket (\r
	84	IN TLS_INSTANCE *TlsInstance,\r
	85	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
	86	IN UINT32 *FragmentCount\r
	87	);\r
	88	\r
	89	/**\r
	90	Set TLS session data.\r
	91	\r
	92	The SetSessionData() function set data for a new TLS session. All session data should\r
	93	be set before BuildResponsePacket() invoked.\r
	94	\r
	95	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
	96	@param[in] DataType TLS session data type.\r
	97	@param[in] Data Pointer to session data.\r
	98	@param[in] DataSize Total size of session data.\r
	99	\r
	100	@retval EFI_SUCCESS The TLS session data is set successfully.\r
	101	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
	102	This is NULL.\r
	103	Data is NULL.\r
	104	DataSize is 0.\r
	105	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
	106	@retval EFI_ACCESS_DENIED If the DataType is one of below:\r
107	EfiTlsClientRandom\r
108	EfiTlsServerRandom\r
109	EfiTlsKeyMaterial\r
110	@retval EFI_NOT_READY Current TLS session state is NOT\r
111	EfiTlsSessionStateNotStarted.\r
112	@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.\r
113	**/\r
114	EFI_STATUS\r
115	EFIAPI\r
116	TlsSetSessionData (\r
117	IN EFI_TLS_PROTOCOL *This,\r
118	IN EFI_TLS_SESSION_DATA_TYPE DataType,\r
119	IN VOID *Data,\r
120	IN UINTN DataSize\r
121	);\r
122	\r
123	/**\r
124	Get TLS session data.\r
125	\r
126	The GetSessionData() function return the TLS session information.\r
127	\r
128	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
129	@param[in] DataType TLS session data type.\r
130	@param[in, out] Data Pointer to session data.\r
131	@param[in, out] DataSize Total size of session data. On input, it means\r
132	the size of Data buffer. On output, it means the size\r
133	of copied Data buffer if EFI_SUCCESS, and means the\r
134	size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
135	\r
136	@retval EFI_SUCCESS The TLS session data is got successfully.\r
137	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
138	This is NULL.\r
139	DataSize is NULL.\r
140	Data is NULL if *DataSize is not zero.\r
141	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
142	@retval EFI_NOT_FOUND The TLS session data is not found.\r
143	@retval EFI_NOT_READY The DataType is not ready in current session state.\r
144	@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.\r
145	**/\r
146	EFI_STATUS\r
147	EFIAPI\r
148	TlsGetSessionData (\r
149	IN EFI_TLS_PROTOCOL *This,\r
150	IN EFI_TLS_SESSION_DATA_TYPE DataType,\r
151	IN OUT VOID *Data, OPTIONAL\r
152	IN OUT UINTN *DataSize\r
153	);\r
154	\r
155	/**\r
156	Build response packet according to TLS state machine. This function is only valid for\r
157	alert, handshake and change_cipher_spec content type.\r
158	\r
159	The BuildResponsePacket() function builds TLS response packet in response to the TLS\r
160	request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and\r
161	RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session\r
162	will be initiated and the response packet needs to be ClientHello. If RequestBuffer is\r
163	NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS\r
164	session will be closed and response packet needs to be CloseNotify. If RequestBuffer is\r
165	NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS\r
166	session has errors and the response packet needs to be Alert message based on error\r
167	type.\r
168	\r
169	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
170	@param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL\r
171	means TLS need initiate the TLS session and response\r
172	packet need to be ClientHello.\r
173	@param[in] RequestSize Packet size in bytes for the most recently received TLS\r
174	packet. 0 is only valid when RequestBuffer is NULL.\r
175	@param[out] Buffer Pointer to the buffer to hold the built packet.\r
176	@param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is\r
177	the buffer size provided by the caller. On output, it\r
178	is the buffer size in fact needed to contain the\r
179	packet.\r
180	\r
181	@retval EFI_SUCCESS The required TLS packet is built successfully.\r
182	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
183	This is NULL.\r
184	RequestBuffer is NULL but RequestSize is NOT 0.\r
185	RequestSize is 0 but RequestBuffer is NOT NULL.\r
186	BufferSize is NULL.\r
187	Buffer is NULL if *BufferSize is not zero.\r
188	@retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.\r
189	@retval EFI_NOT_READY Current TLS session state is NOT ready to build\r
190	ResponsePacket.\r
191	@retval EFI_ABORTED Something wrong build response packet.\r
192	**/\r
193	EFI_STATUS\r
194	EFIAPI\r
195	TlsBuildResponsePacket (\r
196	IN EFI_TLS_PROTOCOL *This,\r
197	IN UINT8 *RequestBuffer, OPTIONAL\r
198	IN UINTN RequestSize, OPTIONAL\r
199	OUT UINT8 *Buffer, OPTIONAL\r
200	IN OUT UINTN *BufferSize\r
201	);\r
202	\r
203	/**\r
204	Decrypt or encrypt TLS packet during session. This function is only valid after\r
205	session connected and for application_data content type.\r
206	\r
207	The ProcessPacket () function process each inbound or outbound TLS APP packet.\r
208	\r
209	@param[in] This Pointer to the EFI_TLS_PROTOCOL instance.\r
210	@param[in, out] FragmentTable Pointer to a list of fragment. The caller will take\r
211	responsible to handle the original FragmentTable while\r
212	it may be reallocated in TLS driver. If CryptMode is\r
213	EfiTlsEncrypt, on input these fragments contain the TLS\r
214	header and plain text TLS APP payload; on output these\r
215	fragments contain the TLS header and cipher text TLS\r
216	APP payload. If CryptMode is EfiTlsDecrypt, on input\r
217	these fragments contain the TLS header and cipher text\r
218	TLS APP payload; on output these fragments contain the\r
219	TLS header and plain text TLS APP payload.\r
220	@param[in] FragmentCount Number of fragment.\r
221	@param[in] CryptMode Crypt mode.\r
222	\r
223	@retval EFI_SUCCESS The operation completed successfully.\r
224	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
225	This is NULL.\r
226	FragmentTable is NULL.\r
227	FragmentCount is NULL.\r
228	CryptoMode is invalid.\r
229	@retval EFI_NOT_READY Current TLS session state is NOT\r
230	EfiTlsSessionDataTransferring.\r
231	@retval EFI_ABORTED Something wrong decryption the message. TLS session\r
232	status will become EfiTlsSessionError. The caller need\r
233	call BuildResponsePacket() to generate Error Alert\r
234	message and send it out.\r
235	@retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation.\r
236	**/\r
237	EFI_STATUS\r
238	EFIAPI\r
239	TlsProcessPacket (\r
240	IN EFI_TLS_PROTOCOL *This,\r
241	IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,\r
242	IN UINT32 *FragmentCount,\r
243	IN EFI_TLS_CRYPT_MODE CryptMode\r
244	);\r
245	\r
246	/**\r
247	Set TLS configuration data.\r
248	\r
249	The SetData() function sets TLS configuration to non-volatile storage or volatile\r
250	storage.\r
251	\r
252	@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
253	@param[in] DataType Configuration data type.\r
254	@param[in] Data Pointer to configuration data.\r
255	@param[in] DataSize Total size of configuration data.\r
256	\r
257	@retval EFI_SUCCESS The TLS configuration data is set successfully.\r
258	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
259	This is NULL.\r
260	Data is NULL.\r
261	DataSize is 0.\r
262	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
263	@retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.\r
264	**/\r
265	EFI_STATUS\r
266	EFIAPI\r
267	TlsConfigurationSetData (\r
268	IN EFI_TLS_CONFIGURATION_PROTOCOL *This,\r
269	IN EFI_TLS_CONFIG_DATA_TYPE DataType,\r
270	IN VOID *Data,\r
271	IN UINTN DataSize\r
272	);\r
273	\r
274	/**\r
275	Get TLS configuration data.\r
276	\r
277	The GetData() function gets TLS configuration.\r
278	\r
279	@param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.\r
280	@param[in] DataType Configuration data type.\r
281	@param[in, out] Data Pointer to configuration data.\r
282	@param[in, out] DataSize Total size of configuration data. On input, it means\r
283	the size of Data buffer. On output, it means the size\r
284	of copied Data buffer if EFI_SUCCESS, and means the\r
285	size of desired Data buffer if EFI_BUFFER_TOO_SMALL.\r
286	\r
287	@retval EFI_SUCCESS The TLS configuration data is got successfully.\r
288	@retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:\r
289	This is NULL.\r
290	DataSize is NULL.\r
291	Data is NULL if *DataSize is not zero.\r
292	@retval EFI_UNSUPPORTED The DataType is unsupported.\r
293	@retval EFI_NOT_FOUND The TLS configuration data is not found.\r
294	@retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.\r
295	**/\r
296	EFI_STATUS\r
297	EFIAPI\r
298	TlsConfigurationGetData (\r
299	IN EFI_TLS_CONFIGURATION_PROTOCOL *This,\r
300	IN EFI_TLS_CONFIG_DATA_TYPE DataType,\r
301	IN OUT VOID *Data, OPTIONAL\r
302	IN OUT UINTN *DataSize\r
303	);\r
304	\r
305	#endif\r
306	\r